backOn September 25, 2024, the PCAOB released a “Spotlight” report summarizing observations from the target team’s review of public companies audits that included risks related to three areas: (1) crypto assets; (2) multiple jurisdictions audits, given ongoing geopolitical turmoil; and (3) significant or unusual events or transactions. This report includes a summary of the inspection results, observations and good practices.
The review of audits of companies with crypto assets identified deficiencies with auditors’ responses to the risks of material misstatements; integrated audits of internal controls and financial statements; audit evidence; adequacy of disclosures of non-US audit participants; and auditor independence. The Staff also identified a number of other areas that did not rise to the level of deficiencies, but could have without other controls in place, including risk assessments and use of third party custodians. Good practices identified by the Staff included the use of specialists and staffing experienced personnel on the audit teams.
With respect to multi-location audits, the Staff identified certain deficiencies in Form AP disclosures, and listed observations regarding the involvement of component auditors in planning and risk assessment procedures; the modification of audit strategy due to changes in risks of material misstatements; site visits; and use of U.S. secondees on rotation to perform first level review of work papers. Good practices identified by the Staff included, among others, additional engagement quality review procedures, voluntary consultations.
For significant or unusual events acquisitions, the Staff reviewed the auditor’s efforts regarding the identification and testing of such events or transactions and identified no control deficiencies or misstatements. Good practices noted again included voluntary consultations and use of specialists.
A copy of the report is available here.