Morrison & Foerster : Legal Updates & News : Legal Updates : SEC Adopts Final Rules Regarding Auditor Independence

Any of the attorneys in our Corporate Department are available to answer your questions concerning the SEC's new rules regarding auditor independence.

Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situituations.

Print page

Email page

			Related Practices: Corporate Litigation Public Companies & Corporate Governance Securities Litigation, Enforcement and White-Collar Defense

SEC Adopts Final Rules Regarding Auditor Independence

March 2003

On January 22, 2003, the Securities and Exchange Commission (the "SEC"), as required under Section 208(a) of the Sarbanes-Oxley Act of 2002 (the "Act"), adopted new rules[fn1] to enhance the existing requirements regarding auditor independence. The new rules also expand the disclosures contained in annual meeting proxy statements and annual reports filed with the SEC. The requirements of the new rules affect public companies ("issuers"), including foreign private issuers, and their auditors and audit committees.

New Requirements for Auditor Independence

One Year "Cooling Off" Period for Former Employees of Auditor

Section 206 of the Act prohibits an accounting firm from auditing an issuer's financial statements if the chief executive officer, chief financial officer, controller, or chief accounting officer, or any other person serving in an equivalent position at the issuer, had been employed by the accounting firm and had participated in any capacity in an audit of the issuer during the preceding one-year period. The new rules require that when a lead partner, the concurring partner, or any member of the audit engagement team who has provided more than ten hours of audit, review or attest services for an issuer accepts a position with the issuer in a "financial reporting oversight role," the auditor will not be deemed to be independent until after one entire auditing cycle has been completed. An auditing cycle begins the day after an issuer's annual report is filed with the SEC and ends on the day the next annual report is filed.[fn2] Any individual who has direct responsibility for oversight over those who prepare the issuer's financial statements and related information (including the Management's Discussion and Analysis of Financial Condition and Results of Operations ("MD&A")) that is included in SEC filings will be deemed to be in a "financial reporting oversight role."[fn3] The new rules provide for an exception for conflicts that are created through a merger or an acquisition. If a person who was previously employed by an issuer's auditor is employed by the issuer, having complied with the rule, and after that, the issuer merges with or is acquired by another entity resulting in such person being in a financial reporting oversight role of the ultimate entity, and such entity is audited by such person's previous employer, the cooling-off period would not apply.

The one year cooling-off period will apply to any employment relationships that commence after May 6, 2003.

Prohibited Non-Audit Services

The new rules, consistent with Section 201(a) of the Act, prohibit an auditor that performs an audit of an issuer's financial statements from providing to that issuer, contemporaneously with the audit, any of the following eight non-audit services:[fn4]

Bookkeeping Services

The old rules prohibited an auditor from providing bookkeeping services to an audit client, except in limited circumstances, such as in an emergency or where the services were provided in a foreign jurisdiction and specific conditions were met. The new rules preserve this prohibition but eliminate the exceptions.

The new rules do provide a catchall exemption from this prohibition as well as from the prohibitions against financial information systems design and implementation, appraisal or valuation services, actuarial services, and internal audit outsourcing (see below) if "it is reasonable to conclude that these non-audit services will not be subject to audit procedures during an audit."

Financial Information Systems Design and Implementation

Consistent with the old rules, the new rules prohibit an auditor from providing any service related to an audit client's information systems. Designing, implementing or operating systems affecting the financial statements are prohibited. For example, an auditor may not design or install a computer system that generates the audit client's financial records because if that system generates incorrect data, the auditor will have to report on its own work. However, this prohibition does not preclude an auditor from evaluating a computer system as it is being designed, implemented or operated by a third party, either as part of an audit or attest service, and making recommendations to management. This prohibition also does not preclude the auditor from working on hardware or software systems unrelated to the audit client's financial statements or accounting records provided such services are pre-approved by the audit committee.

Appraisal or Valuation Services

The old rules prohibited an auditor from providing appraisal or valuations services, fairness opinions, or contribution-in-kind reports[fn5] for audit clients, except in limited circumstances. The new rules retain these prohibitions and eliminate the exceptions. The new rules do not prohibit an auditor from providing these services for non-financial reporting (e.g., transfer pricing studies, cost segregation studies, and other tax-only valuations). In addition, the new rules do not prohibit an auditor from utilizing its own or a third party valuation specialist to review the work performed by the audit client as long as the technical expertise used in determining the required amounts recorded in the financial statements comes from the audit client or the client's specialist.

Actuarial Services

The new rules, like the old rules, bar an auditor from providing any actuarial-oriented advisory service involving the determination of amounts recorded in the financial statements and related accounts for the audit client. The new rules do not prohibit an auditor from assisting an audit client in understanding the methods, models, assumptions and inputs used in computing an amount. The new rules also do not prohibit an auditor from utilizing its own actuaries to assist in conducting an audit of an audit client as long as the auditor's actuaries are not providing actuarial services to the management of the audit client.

Internal Audit Outsourcing

The old rules allowed an issuer to outsource its internal audit to the issuer's independent auditors so long as certain criteria were met. The new rules prohibit such outsourcing and eliminate the exceptions contained in the old rules, including those for certain small businesses. However, the new rules allow outsourcing of certain nonrecurring evaluations of discrete items or programs that are not, in substance, the outsourcing of the internal audit function and would allow the outsourcing of operational internal audits unrelated to internal accounting controls, financial systems or financial statements.

Management and Human Resources Functions

Consistent with the old rules, the new rules prohibit an accountant of the auditor from acting, temporarily or permanently, as a director, officer or employee of an audit client, or performing any decision-making, supervisory or ongoing monitoring function for the audit client. An auditor's independence will continue to be impaired if it designs or implements internal accounting and risk management controls; however, an auditor may continue to assess the effectiveness of an audit client's internal controls and to recommend improvements in the design and implementation of internal controls and risk management controls.

The new rules, like the old rules, prohibit an auditor from searching for or seeking out prospective candidates for managerial, executive or director positions, negotiating employment benefits or other conditions of employment, or undertaking reference checks of prospective candidates on behalf of an audit client.

Broker-Dealer, Investment Adviser or Investment Banking Services

The old rules prohibited an auditor from performing brokerage, investment advising or investment banking services to an audit client. The new rules retain these prohibitions and also adds a prohibition on an auditor serving as an unregistered broker-dealer for an audit client.

Legal Services and Expert Services

The new rules expand the coverage of the old rules by prohibiting an auditor from providing any service to an issuer that, under circumstances in which the service is provided, could be provided only by someone licensed, admitted, or otherwise qualified to practice law in the jurisdiction in which the service is provided. The old rules do not prohibit an auditor from providing expert services to an audit client. The new rules state that an auditor will not be independent if the auditor provides expert opinions for an issuer in connection with legal, administrative, or regulatory proceedings or acts as an advocate for an issuer in such proceedings. This prohibition would include providing consultation and other services to legal counsel in connection with litigation (for example, forensic accounting services in connection with SEC enforcement investigations). However, the new rules do not prohibit an auditor from assisting the audit committee in conducting its own inquiries into accounting misdeeds at the issuer.

Timeframe for Compliance

To the extent these prohibited non-audit services were not covered under existing Rule 2-01, the new rules permit issuers until May 6, 2004 to complete or terminate existing contracts for prohibited services as long as these contracts for services are entered into no later than May 6, 2003.

Tax Services

The old rules do not prohibit an auditor from providing tax services to an audit client. Under the new rules, in general, an auditor is allowed to provide tax services, including tax planning, tax compliance and tax advice, to issuers as long as those services have been pre-approved by the audit committee. However, the issuer must be wary of tax services that fall within the category of prohibited legal or expert services, or which result in the impairment of independence under the three general principles governing auditor independence under existing Rule 2-01.[fn6] For example, representation before a tax court would be prohibited, since, in that case, the auditor would be serving as an advocate. In addition, the SEC cautions that audit committees should scrutinize carefully the retention of an auditor to provide tax services with respect to a tax shelter transaction initially recommended by the auditor.

Audit Committee Pre-Approval of Audit and Non-Audit Services

The new rules require that the audit committee pre-approve all audit, review or attest engagements. Furthermore, with respect to all permissible non-audit services, either (a) the audit committee must expressly pre-approve any such service before the audit firm is engaged or (b) the engagement must be entered into pursuant to detailed pre-approval policies and procedures established by the audit committee and the audit committee must be informed after such an engagement on a timely basis with respect to each service so pre-approved. The Act allows the audit committee to delegate pre-approvals to a single audit committee member. Decisions made by the designated audit committee member must be reported to the full audit committee at its next scheduled meeting.

The new rules provide that the pre-approval requirement is waived for non-audit services in certain de minimis situations if (a) the non-audit services do not constitute, in the aggregate, more than 5% of the total revenues paid by the issuer to the auditor during any fiscal year; (b) at the time of the engagement, such services were not recognized by the issuer as non-audit services; and (c) when the issuer recognizes them as non-audit services, they are promptly brought to the attention of, and approved by, the audit committee.

Audit Partner Rotation

Section 203 of the Act provides that an auditor must rotate the lead audit partner off an engagement every five years. This is a change from the old requirements under the AICPA's SEC Practice Section, which required the lead partner to rotate off the engagement after seven years and remain off the engagement for two years thereafter.

The new rules implement the Act's "five-year on/five year 'cooling off' " rotation requirement for the lead and concurring audit partners and a "seven-year on/two year 'cooling off' " period for all "audit partners."Audit partners" are defined as the lead and concurring partners, and includes "all partners on the audit engagement team who have responsibility for decision-making on significant auditing, accounting, and reporting matters that affect the financial statements or who maintain regular contact with management and the audit committee." The definition of "audit partners" includes the lead partner (and not any other partner) on subsidiaries of the issuer whose assets or revenues constitute 20% or more of the consolidated assets or revenues of the issuer. National-office partners and other specialty partners, such as tax partners, are not considered "audit partners" for purposes of the rotation requirements. The new rules provide that an audit firm may stagger the rotation of partners to ensure that the engagement team has appropriate expertise to conduct a satisfactory audit.

The old rules contain an exemption for audit firms with fewer than five audit clients and fewer than ten partners. The new rules retain this exemption with the condition that the Public Company Accounting Oversight Board must conduct a review of all of the firm's engagements subject to the rule at least once every three years.

The rotation requirements for lead audit partners will take effect for the first fiscal year ending after May 6, 2003. Therefore, for a lead partner of a calendar year audit client, if 2003 was that partner's fifth, sixth or seventh year as lead partner for that audit client, he or she would be able to complete the client's audit for 2003 but he or she must rotate off for the 2004 engagement. For the concurring partners, other audit partners and audit partners with foreign accounting firms who are subject to the rotation requirements, there are longer transition periods for compliance.

Prohibited Compensation for Audit Partners

The new rules provide that an auditor will not be considered independent if, at any point during the audit and professional engagement period, any audit partner, other than specialty partners, earns or receives compensation based on selling engagements to that audit client to provide services, other than audit, review or attest services. Compensation would include any form of monetary benefit distributed to the partner, principal or shareholder, including allocation of partnership "units" to a partner. The new rules do not prohibit an audit partner from sharing in the profits of the audit practice and those of the overall firm. Accounting firms with fewer than five audit clients and fewer than ten partners are exempt from these restrictions. Accounting firms must first comply with these restrictions for their first fiscal year beginning after May 6, 2003.

Auditor Communication with Audit Committees

Section 204 of the Act directed the SEC to issue rules regarding the timely reporting of specific information by auditors to the audit committee. The new rules are intended to cover recognition, measurement, and disclosure considerations related to the accounting of specific transactions; the initial selection of and changes in significant accounting policies; and the impact of management's judgments and accounting estimates. The new rules require that, prior to the filing of any audit report with the SEC after May 6, 2003, the auditor shall report to the audit committee, either orally or in writing:

all critical accounting policies and practices used by the issuer[fn7];
all alternative accounting treatments under generally accepted accounting principles for policies and practices related to material items that have been discussed with management, including the ramifications of using alternative disclosures and treatments and the auditor's preferred treatment; and
other material written communications between the auditor and management, such as a management representation letter, schedule of material adjustments and a listing of unrecorded adjustments and reclassifications.

Expanded Disclosure

The new rules expand the disclosure required in proxy statements and annual reports concerning audit and non-audit services provided by an issuer's auditor and the pre-approval policies and procedures relating to non-audit services provided by its auditor. An issuer may include this information in the annual meeting proxy statement and incorporate it by reference into the issuer's annual report. For issuers that do not file proxy statements, such disclosures are required in their annual report on Form 10-K, 20-F or 40-F, as the case may be. These disclosures will first be required in an issuer's annual meeting proxy statement and annual report for fiscal years ending on or after December 15, 2003.

The new rules require disclosure of four categories of fees for each of the last two completed fiscal years:

Audit fees;
Audit-related fees (new category); audit-related fees include assurance and related services that traditionally are performed by the auditor. Specific examples include: employee benefit plan audits, due diligence related to mergers and acquisitions, accounting consultations and audits in connection with acquisitions, internal control reviews, attest services that are not required by statute or regulation and consultation concerning financial accounting and reporting standards;
Tax fees (new category); tax fees include fees for tax compliance, tax planning and tax advice; and
All other fees.

In addition, an issuer must disclose the percentage of total fees paid in each of the above categories for services provided by the auditor where pre-approval was not received due to reliance on the de minimis exception. An issuer must also describe, in qualitative terms, the types of services provided under audit-related fees, tax fees and all other fees.

Issuers must disclose any policies and procedures developed by the audit committee concerning pre-approval of the auditors to perform both audit and permissible non-audit services. The required disclosure must set out in detail the audit committee's policies and procedures for engaging the auditors performance of non-audit services, either by description or by attaching a copy of the policies and procedures to the proxy statement and annual report.

Application to Foreign Private Issuers and Foreign Audit Firms

Generally, the Act and the new rules would apply to foreign private issuers and to foreign audit firms. With respect to certain areas in which the new rules could cause conflicts with requirements of other countries, the SEC has stated the following:

Regarding the ban on auditors providing legal services for their clients, which is problematic in certain foreign jurisdictions where auditors, directly or through affiliates, commonly provide legal services, including tax services (which are considered legal services in certain foreign jurisdictions) to audit clients, the SEC stated that those services may be performed under the new rules if those services could otherwise be performed in the U.S.
Recognizing that in some foreign jurisdictions it may be very difficult for an issuer to avoid violating the prohibition against employing certain former audit partners of the issuer's auditor in a financial reporting oversight role, the SEC created an additional exemption for emergency or unusual circumstances. In order for an issuer to avail itself of this exemption, its audit committee must determine that doing so is in the best interests of its investors.
The rotation requirement has been relaxed from 5 years to 7 years for audit partners, other than the lead and concurring partners, from what was proposed, which should help accommodate foreign private issuers in jurisdictions where there are fewer numbers of qualified auditors.
The SEC will continue its past approach of addressing conflicts between U.S. and foreign requirements regarding non-audit services on an ad hoc basis by continuing to consider requests for exemptive relief from foreign auditors.

Footnotes

1: See SEC Release 34-46934 at http://www.sec.gov/rules/final/33-8183.htm.

2: Therefore, if an individual was the lead partner of an audit engagement team at any time during the 2002 auditing cycle for a calendar year-end issuer and he or she begins employment as the chief financial officer of that issuer prior to filing of the 2003 Form 10-K in 2004, the individual's former accounting firm would not be independent with respect to that issuer.

3: For example, directors who have significant interaction with the audit engagement team are considered to be in a financial reporting oversight role.

4: Section 201(a) of the Act also provides the Public Company Accounting Oversight Board the power to prohibit any additional non-audit services.

5: Contribution-in-kind reports are opinions and reports in which the auditor provides its opinion on whether the consideration in a transaction is adequate.

6: The three basic principles of auditor independence under Rule 2-01 of Regulation S-X are: (1) an auditor cannot function in the role of management, (2) an auditor cannot audit his or her own work, and (3) an auditor cannot serve in an advocacy role for his or her client.

7: The SEC has proposed rules requiring a separately captioned section in the MD&A section of an issuer's quarterly and annual reports. This proposal is still pending. Until the critical accounting policies rule proposal is adopted, the new rules direct issuers and accountants to the SEC's December 2001 Cautionary Guidance to determine the types of matters that should be communicated to the audit committee under this rule.