Do PCAOB standards apply to private companies?

The SEC has approved the PCAOB's updated standards for public company audits involving multiple firms, clearing the way for the new rules to take effect for financial statement audits for fiscal years ending on or after Dec. 15, 2024.

The PCAOB released the new standards in June.

SEC Chair Gary Gensler issued a statement while announcing the approval of AS 1206, Dividing Responsibility for the Audit With Another Accounting Firm. With 68% of Fortune 500 issuer audits and 26% of all public company audits in 2021 using multiple auditing firms for their financial statements, Gensler said he was pleased to see stronger requirements established for lead auditors.

"Over the years, the growing complexity and international operations of public companies has led auditors increasingly to rely on other auditors — working across different firms, countries, and even languages — in completing an audit," Gensler said in the statement. "Given the challenges that such multi-firm audits present, it is important that there be robust standards for how lead auditors supervise, communicate with, and coordinate with other auditors on the audit engagement."

Gensler said the added standards will improve audit quality and investor protection by specifying procedures for those supervising multi-firm audits, including requirements that instruct lead auditors to prioritize their activities around high-risk areas.

— To comment on this article or to suggest an idea for another article, contact Bryan Strickland at .

What’s New?

Audit reports for private companies will include some significant changes to the form and content of the report for 2021.  The changes stem from the Statement on Auditing Standards (SAS) No. 134, issued by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA), going into effect for audits of financial statements for periods ending on or after December 15, 2021. 

SAS 134 Overview

SAS 134 was issued by the ASB to align and create consistency between generally accepted auditing standards (GAAS) and the auditor reporting models promulgated by the International Auditing and Assurance Standards Board (IAASB) and the Public Company Accounting Oversight Board (PCAOB).  The purpose of the new reporting model is to enhance the communicative value and relevance of the auditor’s report.  The key changes to the auditor’s report are as follows:

• • • • The layout of the report will change, with the most notable change being the Opinion section is now required to be presented first, followed by the Basis for Opinion section.
      • The Basis for Opinion section, which will follow the Opinion section, will include a statement that the auditor is required to be independent of the entity and to meet the auditor’s other ethical responsibilities.
      • Expanded description of the auditor’s responsibilities, including the auditor’s responsibilities relating to professional judgment and professional skepticism, and the auditor’s communications with those charged with governance.
      • Enhanced descriptions regarding the responsibilities of management and the auditor related to the going concern assessment. Every audit report, even reports for companies whereby there was no substantial doubt or substantial doubt was alleviated, will now reference “going concern” at least twice.  If substantial doubt exists and is not alleviated, the auditor is required to include a separate section in the report titled “Substantial Doubt About the Entity’s Ability to Continue as a Going Concern.”

Example of New Auditor’s Report

An example of the new auditor’s report is as follows:

INDEPENDENT AUDITOR’S REPORT

To the Board of Directors and Stockholders of   [Name of Company]  

Opinion

We have audited the accompanying financial statements of   [Name of Company]  (a    [Statement of Incorporation]   corporation), which comprise the balance sheets as of    [Date]   and    [Year]  , and the related statements of income, retained earnings, and cash flows for the years then ended, and the related notes to the financial statements.

In our opinion, the financial statements referred to above present fairly, in all material respects, the financial position of    [Name of Company]    as of    [Date]   and    [Year]  , and the results of its operations and its cash flows for the years then ended in accordance with accounting principles generally accepted in the United States of America.

Basis for Opinion

We conducted our audits in accordance with auditing standards generally accepted in the United States of America. Our responsibilities under those standards are further described in the Auditor’s Responsibilities for the Audit of Financial Statements section of our report. We are required to be independent of    [Name of Company]   and to meet our other ethical responsibilities in accordance with the relevant ethical requirements relating to our audits. We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our audit opinion.

Responsibilities of Management for the Financial Statements

Management is responsible for the preparation and fair presentation of the financial statements in accordance with accounting principles generally accepted in the United States of America, and for the design, implementation, and maintenance of internal control relevant to the preparation and fair presentation of financial statements that are free from material misstatement, whether due to fraud or error.

In preparing the financial statements, management is required to evaluate whether there are conditions or events, considered in the aggregate, that raise substantial doubt about    [Name of Company]  ‘s ability to continue as a going concern within one year after the date that the financial statements are available to be issued.

Auditor’s Responsibilities for the Audit of the Financial Statements

Our objectives are to obtain reasonable assurance about whether the financial statements as a whole are free from material misstatement, whether due to fraud or error, and to issue an auditor’s report that includes our opinion. Reasonable assurance is a high level of assurance but is not absolute assurance and therefore is not a guarantee that an audit conducted in accordance with generally accepted auditing standards will always detect a material misstatement when it exists. The risk of not detecting a material misstatement resulting from fraud is higher than for one resulting from error, as fraud may involve collusion, forgery, intentional omissions, misrepresentations, or the override of internal control. Misstatements are considered material if there is a substantial likelihood that, individually or in the aggregate, they would influence the judgment made by a reasonable user based on the financial statements.

In performing an audit in accordance with generally accepted auditing standards, we:

• • • • Exercise professional judgment and maintain professional skepticism throughout the audit.
      • Identify and assess the risks of material misstatement of the financial statements, whether due to fraud or error, and design and perform audit procedures responsive to those risks. Such procedures include examining, on a test basis, evidence regarding the amounts and disclosures in the financial statements.
      • Obtain and understanding of internal control relevant to the audit in order to design audit procedures that are appropriate in the circumstances, but not for the purpose of expressing an opinion on the effectiveness of   [Name of Company]  ‘s internal control. Accordingly, no such opinion is expressed.
      • Evaluate the appropriateness of accounting policies used and the reasonableness of significant accounting estimates made by management, as well as evaluate the overall presentation of financial statements.
      • Conclude whether, in our judgment, there are conditions or events, considered in the aggregate, that raise substantial doubt about   [Name of Company]  ‘s ability to continue as a going concern for a reasonable period of time.

We are required to communicate with those charged with governance regarding, among other matters, the planned scope and timing of the audit, significant audit findings, and certain internal control related matters that we identified during the audit.

  [Firm’s Signature]  

  [Location of Firm (City, State Where the Auditor’s Report Is Issued)]  

  [Report Date] 

Key Audit Matters

SAS 134 also introduces the optional disclosure of Key Audit Matters (KAMs) within the auditor’s report.  The concept of KAMs is very similar to the PCAOB’s Critical Audit Matters (CAMs) and the IAASB’s Key Audit Matters.  The standard does not require auditors to communicate KAMs within the auditor’s report unless engaged to do so by those charged with governance of the entity.  KAMs are defined as matters that, in the auditor’s professional judgment, were of most significance in the audit of the financial statements and are selected from matters communicated to those charged with governance.  Example KAMs may include the accounting and auditing for complex revenue recognition, business combinations, impairments, going concern assessments, and other significant audit risk areas that required significant judgment and estimates and/or significant events or transactions.  If engaged to report on KAMs, the auditor’s report will describe the following for each KAM under a section titled Key Audit Matters: 

• • • • Primary reason for designation as a KAM;
      • How the KAM was addressed in the audit; and
      • Reference to the financial statement accounts and/or disclosures related to the KAM

Below is an example KAM section of the auditor’s report.  The KAM section would follow the Basis for Opinion section in the audit report. 

Key Audit Matters

The key audit matters communicated below are those matters that were communicated with those charged with governance and, in our professional judgment, were of most significance in our audit of the financial statements of the current period. The key audit matters were addressed in the context of our audit of the financial statements as a whole and in forming our opinion on the financial statements, and we do not provide a separate opinion on those matters.

[Using an appropriate subheading for each key audit matter, describe each matter noting why the auditor designated the matter as a key audit matter, how the matter was addressed in the audit, and referring to disclosures, if any, related to the matter in the financial statements.]

Communications with Governance

In further converging GAAS with PCAOB standards, SAS 134 now requires the auditor to communicate with those charged with governance an overview of the planned scope and timing of the audit, which includes communication of the significant risks identified by the auditor.  These communications will occur during audit planning and the auditor will update governance as to any changes during and at the conclusion of the audit. 

Summary and Next Steps

SAS 134 brings about some significant changes to the form and content of the auditor’s report.  You should consider discussing these changes with your shareholders, lenders, regulatory bodies, and any other users of your financial statements.  You should also consider whether the reporting of KAMs would be beneficial and of interest to the users of the financial statements. 

To better understand how the new auditor reporting model impacts your financial statements, please contact a member of your Boulay client service team or contact us at 952.893.9320 or for more information.           

Is PCAOB for private companies?

Is PCAOB only for public companies?

What auditing standards apply to private companies?

Who is required to follow PCAOB?