December 09, 2018 09.25PM / By SEC Chairman Jay
Clayton, SEC Chief Accountant Wes Bricker, PCAOB Chairman William D. Duhnke III
Statement On The Vital Role Of Audit Quality And Regulatory Access To Audit And Other Information Internationally — Discussion Of Current Information Access Challenges With Respect To U.S.-Listed Companies With Significant Operations In China, SEC Chairman Jay Clayton, SEC Chief Accountant Wes Bricker, PCAOB Chairman William D. Duhnke III
As we are nearing the end of the fiscal year for many reporting companies, it is important to remember that complete, accurate financial statements and credible audits are things we—investors, issuers, and regulators worldwide—all care about.
The world’s capital markets are global, as are the world’s largest companies. Over the past decades, capital investment has increasingly flowed internationally, including to and from the United States. Moreover, both U.S.-based and non-U.S.-based companies rely on the U.S. markets to raise capital and establish a reliable and consistent trading presence for their securities. While often taken for granted, it is difficult to overstate the value of this daily, multi-industry price transparency and liquidity to the economy—regionally, nationally, and globally.
The bedrock of this capital market system is high quality, reliable financial statements. This is indisputable. Without high quality and reliable financial information, capital markets do not function well.
In turn, confidence in the quality and reliability of financial statements is driven by a combination of quality audit services and regulatory oversight. Effective audits and regulatory oversight require timely access to comprehensive information. For U.S.-listed companies with international operations, this access must be multi-jurisdictional, and due to the size of our capital markets, U.S. regulators have a particularly significant responsibility to access audit-related information relating to U.S.-listed companies on a global basis. As context, we note that U.S.-listed companies accounted for approximately 40% of the market capitalization of global public companies in 2017. We also recognize that for investors—both U.S. and non-U.S. investors—a U.S. listing carries with it the assumption that U.S. rules and regulatory oversight apply.
This level of international interconnectedness creates regulatory challenges, including that information reasonably necessary for regulatory oversight with respect to U.S.-listed companies does not always flow to U.S. capital markets regulators from foreign jurisdictions to the extent it should. Barriers to information may come in various forms, including data protection, privacy, confidentiality, bank secrecy, state secrecy, or national security laws. These laws, many of which have rational objectives unrelated to our capital markets, can restrict access to oversight information, even though the subject companies agree to provide the information and avail themselves of the U.S. capital markets.
Over the past decade, there has been substantial cooperation among international regulators to address these barriers and facilitate the timely flow of information reasonably necessary for capital markets regulators to carry out their oversight responsibilities. For context, consider the following:
Although substantial progress has been made, issues relating to information access remain, and our experience leads us to expect that new access issues are likely to arise. One of the most significant current issues relates to the ability of the PCAOB to inspect the audit work and practices of PCAOB-registered auditing firms in China (including Hong Kong-based audit firms, to the extent their audit clients have operations in mainland China) with respect to their audit work of U.S.-listed companies with operations in China. The PCAOB has faced similar issues in the past with respect to other jurisdictions.
While the analysis of the quality of financial reporting is principally an issuer-specific exercise, on a collective basis, the size and scope of the current issue is meaningful. For example, consider the following data points:
The efforts of the SEC and PCAOB to obtain access to this information have been significant and are ongoing. Below, we discuss in more detail the roles of audit firms, the SEC, and the PCAOB in connection with the financial reporting and auditing of U.S.-listed companies and the need for international cooperation. The following discussion also provides more detail on the current China-related information access issues.
External Audits of Multinational Companies Require Global Coordination
A multinational company must comply with financial reporting obligations in many of the countries in which it has operations and activities, and it must prepare consolidated financial statements that include its financial transactions and events worldwide. Critical to a company’s compliance with these financial reporting obligations is the work of the company’s external auditor. Accordingly, an external audit firm must be able to conduct or coordinate the delivery of its audit services on a worldwide basis.
The largest of these audits are conducted or coordinated through global networks and other affiliations of individual firms. The individual firms are subject to jurisdiction-based ownership, licensing, registration, and other regulatory requirements, even as they draw on, for example, globally common technologies, tools, methodologies, training, and quality assurance monitoring.
The auditor’s report for a company’s consolidated financial statements is typically signed by only one firm in the audit firm’s global network. For U.S.-listed companies, publicly available disclosure forms filed with the PCAOB enable investors and others to identify whether other firms, including firms affiliated through a global network, participated in the audit and, when certain thresholds are met, the extent of their participation.
Regulatory Oversight of International Financial Reporting and Auditing Requires Significant Cross-Border Regulatory Cooperation
The reality of today’s global business and audit environment drives regulatory cooperation, in much the same way as it has driven jurisdiction-based audit firms to form networks and other affiliations. In short, for oversight to be effective, regulators around the globe must work together. This makes sense as the world’s securities and audit regulators share a common mission to protect investors and foster market integrity. In the case of multinational companies, fulfilling this all-important function is not possible if the work of the principal regulators—typically the country or countries with the primary listings—is limited by national borders.
A regulator, confined to only a view from within its own national borders, can only see a portion, and oftentimes a small portion, of the activities and risks of a company or the work of its auditor. To put the point starkly, consider a company with all or substantially all of its operations in country A that, through a listing and offering in country B, raises a substantial portion of its capital in country B. It would not be satisfactory for the financial regulators in country B to limit their review of the company’s financial reporting solely to activities in country B. Access to information in country A is essential to effective oversight. Moreover, investors in country B’s markets would expect country B’s regulators to have such access. Said more generally, review of a consolidated audit of a multinational company cannot be performed effectively in country-specific silos.
The Approach of the Principal U.S. Capital Markets Regulators to International Financial Reporting and Auditing is Multifaceted
Role and Approach of the SEC
The SEC’s three-part mission is to protect investors, maintain fair, orderly, and efficient markets, and facilitate capital formation. The SEC advances its mission by, among other responsibilities, administering and enforcing requirements for public companies, funds, and broker-dealers to provide audited financial statements to investors. As the primary regulator of the world’s largest securities markets, administering and enforcing the requirements for reliable financial reporting requires the SEC to be engaged in many topics that extend beyond the U.S. borders. Indeed, the flow of international capital investment presents challenges, not just for U.S.-listed companies and economic interests, but also for the SEC’s efforts to protect transparency and accountability in financial reporting globally. Protecting transparency and accountability in financial reporting is vital.
One way the SEC seeks to address these challenges is to engage in frequent communication with market regulators and law enforcement authorities in other jurisdictions, directly and through our participation in international organizations—such as IOSCO, the Monitoring Group, which provides monitoring of international audit and ethics standards, and the Monitoring Board, which provides monitoring of international accounting standards. The SEC also works bilaterally and multi-laterally with foreign authorities, both on policy issues with a cross-border dimension, and on supervisory and enforcement issues.
As noted above, the SEC makes extensive use of the IOSCO Multilateral Memorandum of Understanding, and also is party to cooperative arrangements with foreign regulators and law enforcement agencies. These arrangements further facilitate the sharing of critical enforcement and supervisory information. Even with these cooperation agreements in place, the SEC’s ability to obtain access to some types of mission-critical information remains limited in both timing and scope of access.
Role and Approach of the PCAOB
The SEC oversees the PCAOB, which, in turn, is the principal U.S. regulator that oversees the audits of public companies and SEC-registered brokers and dealers. The PCAOB is required by U.S. law to conduct regular inspections of all registered public accounting firms, both domestic and foreign, that issue such audit reports or play a substantial role in the preparation of them. These inspections seek to protect investors in the U.S. public capital markets by ensuring that audit firms adhere to, among other things, PCAOB standards.
The PCAOB conducts inspections of PCAOB-registered firms across the globe and has inspected PCAOB-registered firms in 50 different non-U.S. jurisdictions. With respect to foreign-registered public accounting firms, the PCAOB cooperates closely with audit regulators outside the United States, and the scope of that cooperation is extensive.
An example of this cross-border collaboration and cooperation is the PCAOB’s active membership in the International Forum of Independent Audit Regulators (IFIAR), which consists of 53 independent audit regulators from around the world. Created in 2006, IFIAR’s stated purpose is to enable independent audit regulators to share among each other their knowledge and experiences, with a focus on inspections of auditors and audit firms.
The PCAOB also has cooperative agreements with 23 foreign regulators as a result of which the PCAOB either conducts joint inspections or shares inspection findings with regulators in those jurisdictions. Under these cooperative agreements, the PCAOB has conducted international inspections, in many cases jointly, with the local regulator. In joint inspections, each regulator not only learns from the other, but these inspections also have the potential to improve regulatory oversight globally.
Addressing Country-Specific Restrictions on Access to Information and Auditor Inspections is a Complex Task that Requires Extensive Cooperation and Ongoing Attention
An important issue affecting the oversight responsibilities of U.S. capital markets regulators involves foreign privacy and other data protection laws, which significantly impact cross-border information sharing. Various countries’ laws, including blocking statutes and data protection, privacy, confidentiality, bank secrecy, state secrecy, and national security laws, are designed to achieve national objectives. But they also frequently create obstacles to cross-border flows of information between regulators and foreign-domiciled registrants, thus complicating, and in some instances impeding, the ability to carry out regulatory responsibilities.
Some of these laws, for example, act to prohibit foreign-domiciled registrants in certain jurisdictions from responding directly to SEC requests for information and documents or doing so, in whole or in part, only after protracted delays in obtaining authorization. Other laws can prevent the SEC from being able to conduct any type of examination, either onsite or by correspondence. Accordingly, securities regulators around the world seek agreements with one another for access to business books and records or auditor documentation as part of regulatory efforts to enforce laws that protect investors. This is particularly important in countries where records are required by domestic law to be maintained in the home country.
Positions taken by some foreign authorities currently prevent or significantly impair the PCAOB’s ability to inspect non-U.S. audit firms in certain countries, even though these firms are registered with the PCAOB. To facilitate the PCAOB’s ability to inspect registered non-U.S. audit firms, the PCAOB often enters into formal cooperative arrangements with foreign audit regulators. In many cases, these cooperative arrangements permit the PCAOB to carry out inspections jointly with the home-country regulators.
It is incumbent that we and our international counterparts continue to work through these issues, including as new issues arise such as those that may be posed by the recent, increased focus on data privacy. We must do this while recognizing that we do not operate in a one-size-fits-all world and that there are, for good reason, significant differences across various markets, as well as regulatory regimes. That said, in the case of public companies that have substantial operations in jurisdictions other than the listing jurisdiction, for many important reasons, including legal requirements, investor expectations and the inefficiencies and ineffectiveness of a country-specific, silo approach, deference is not appropriate. Primary financial regulators must be able to supervise the entities and persons registered with them to the extent reasonably necessary to ensure compliance with the financial disclosure and other key securities laws in their jurisdiction.
We also expect audit firms to work with the SEC and the PCAOB in addressing the issues that affect them. Any audit firm that registers with the PCAOB is legally obligated to cooperate and provide documents and testimony, if requested, in connection with inspections and investigations regardless of their locations. We note that a refusal to cooperate, either in an inspection or an investigation, could subject the firm to SEC or PCAOB sanctions and remedial measures.
Restrictions on Access to Books and Records Maintained in China
While international cooperation and coordination have increased significantly in many parts of the world in recent years, the SEC and PCAOB still face challenges from laws and practices that can impede strong regulation, supervision, and enforcement. For example, both the SEC and the PCAOB currently face significant challenges in overseeing the financial reporting for U.S.-listed companies whose operations are based in China—a market where U.S. investors’ interest has increased and is significant. The business books and records related to transactions and events occurring within China are required by Chinese law to be kept and maintained there. China also restricts the auditor’s documentation of work performed in the country from being transferred out of China.
China’s state security laws are invoked at times to limit U.S. regulators’ ability to oversee the financial reporting of U.S.-listed, China-based companies. In particular, Chinese laws governing the protection of state secrets and national security have been invoked to limit foreign access to China-based business books and records and audit work papers. As a result, for certain China-based companies listed on U.S. stock exchanges, the SEC and PCAOB have not had access to the books and records and audit work papers to an extent consistent with other jurisdictions both in scope and timing.
Restrictions on PCAOB Audit Inspections
Another significant challenge is with regard to PCAOB audit inspections and the related regulatory uses of the information. The PCAOB is currently restricted from inspecting audit work and practices of PCAOB-registered firms in China (including Hong Kong, to the extent their audit clients have operations in China). The PCAOB has worked to increase its access to China’s audit work papers, but progress has been slow and satisfactory resolution remains uncertain. Where the PCAOB is not able to conduct inspections of audits of foreign-based companies listed in the U.S., investors in these companies do not receive the tangible, quality-enhancing benefits that can result from PCAOB inspections.
To better inform investors about the PCAOB’s inability to conduct inspections in certain jurisdictions, the PCAOB publishes on its website a list of companies whose auditors are located in jurisdictions where there are obstacles to PCAOB inspections. The current list includes 224 unique issuers, and they represent a significant portion of the capital markets, with a combined market capitalization exceeding $1.8 trillion. Out of these 224 issuers, 213 have auditors based in mainland China or Hong Kong, while the remaining 11 issuers have auditors based in Belgium.
In addition to the list, the PCAOB also makes publicly available information in Form AP, Auditor Reporting of Certain Audit Participants, regarding how much of an audit was performed by audit firms in other jurisdictions, including jurisdictions in which the PCAOB cannot currently conduct inspections. The information helps investors assess the level of audit risk stemming from a multi-jurisdiction engagement. For Form APs filed with the PCAOB between June 30, 2017 and June 29, 2018, 207 are from auditors in China (and Hong Kong) or Belgium that participated in the audit (with a range of participation of 5% of audit hours or greater) but were not the company’s principal auditor.
Efforts with Chinese Regulators to Improve Information Access and Audit Inspections are Ongoing but We Have Not Yet Made Satisfactory Progress
While information barriers certainly continue to exist in multiple jurisdictions, we believe the resolution of these issues discussed above with China is of the most significance to investors. The SEC and the PCAOB have sought constructive dialogues with Chinese officials and regulators over recent years, emphasizing the importance of investor protection and the quality of financial reporting and audit services. Despite these efforts, we have not yet made satisfactory progress. Our principal goal is to achieve a level of cooperation with the Chinese authorities that both (1) respects Chinese and U.S. sovereignty, and (2) enables the SEC and PCAOB to have timely access to the information necessary to conduct investigations or inspections.
The inability to date to achieve this level of regulatory cooperation with Chinese authorities raises a number of investor protection and general oversight issues.
The U.S. stock markets have long been attractive to foreign companies because of their efficiency and liquidity as well as the potential benefits offered in the form of brand-name enhancement and increased visibility. Many China-based companies, and companies that have significant operations in China, have sought these benefits. The factors driving these benefits include the application of U.S. disclosure requirements as well as regulatory oversight and enforcement.
However, the barriers to information access discussed above may adversely affect investors in the U.S. markets and the interests they own in companies that are China-based or have significant operations in China, including because they reduce the certainty provided by U.S. law and oversight. We note that this risk is present for a company and its investors even if the company’s financial statements are complete and accurate and the audit was appropriately conducted. For example, when faced with increased uncertainty about the reliability of financial reports, investors may “price protect” that risk by increasing the companies’ cost of capital.
While a reduction in oversight, and a related increase in uncertainty, may have broad market confidence-related effects, constraints on oversight also raise company-specific risk. For example, information barriers that inhibit oversight may allow bad actors to more effectively hide fraud. In addition, as we know all too well from our experiences with Enron, WorldCom, Adelphia and others, fraud in one company, or just a few companies, can undermine confidence more broadly.
We believe it also is important to recognize that PCAOB inspections and SEC regulatory activities not only help to improve audit quality for the inspected foreign auditors’ U.S. listed clients, but also provide benefits that may spread to these auditors’ non-U.S.-listed foreign public clients. Said another way, the PCAOB inspection process that focuses on audits of U.S.-listed companies may drive the subject audit firm to improve its work in respect of companies that are not U.S.-listed.
Finally, we note that, depending on various facts and circumstances, including company-specific considerations, if significant information barriers persist, remedial actions involving U.S.-listed companies may be necessary or appropriate. In the past, remedial measures have included, as examples, requiring affected companies to make additional disclosures and placing additional restrictions on new securities issuances.
This statement reflects our view that it is appropriate to bring the general issue of SEC and PCAOB access to information held outside the United States, and the current specific concerns discussed above, to the attention of investors in the U.S. capital markets.