The PCAOB is causing a change in the auditing profession, and for those in the auditing profession who aren’t changing, they really must change or eventually they will be out of a job. The change, however, will only continue as long as the PCAOB continues to seriously evaluate auditing firm practices and diligence, and publish its findings or opinions. In a very specific area, auditing firm practices and diligence in specific audits, the PCAOB has been very hard-hitting by traditional standards. While you might agree or disagree with some of the PCAOB’s findings or opinions in certain audits, it must be, or should be embarrassing for the auditing firms and the auditors involved and also career and business impacting.

After many years of being involved in lawsuits and issues relating to liability, litigation, duties and responsibilities, I have concluded that in most circumstances people simply don’t change their practices or the way in which they do things unless they are in some manner forced to change. For example, they might be forced to change because of the serious and actual possibility of punishment (jail time or high dollar liability), a new specific law, statute, regulation or rule change, a professional organization that sets a new specific leading standard, serious impact upon business getting, or strong public or community expectations (which also might cause a serious impact on business getting or personal reputation). Take risk management, for example, only relatively recently there are now requirements that boards, or audit committees, or other committees and people perform risk management, and there are starting to be public or community expectations in that regard. Yes, those are changes that have effect. On the other hand, the changes aren’t “specific,” and we haven’t seen the serious and actual possibility of punishment for failure to perform – the liability exposure is still for an accident that occurs, not for the specific failure to perform or try to perform reasonably prudent, business judgment rule, risk management.

Let me get back to the specific situation at hand, the recent SEC action against Grant Thornton and two of its partners for their audits of ALC and Broadwind. And to settle the matter the SEC obtained an admission of fault from Grant Thornton. That admission of fault is a big deal.

The SEC has not traditionally required an admission of fault. Typically the order or finding says something like “without admitting liability or fault . . . . “ I contend that the SEC really only should bring cases where they have sufficient evidence of significant wrongdoing and they really believe that they can obtain in settlement or at trial an admission or a finding of fault. This business of bringing and settling cases where the SEC extracts a settlement without fault, simply for payment of money or probation, is unimpressive and is a waste of governmental time and resources, as is also a finding that there was a violation of accounting or internal controls as that violation can be found or argued in every case that the SEC brings. It’s like the SEC is simply perpetuating its own existence, and isn’t really helping stockholders – instead, it’s just the SEC going through the paces. I would argue that the SEC much better overall serves stockholders by actively prosecuting serious cases, fully, on serious charges and evidence.

So, let me get back to the specific situation at hand. The PCAOB has set a new standard and tone with the manner in which it investigates and then publicly reports its findings and opinions. That new standard and tone will only continue, however, as long as the PCAOB continues with this approach. The SEC might now be setting a new standard if it concentrates its resources on bring cases where they have sufficient evidence of significant wrongdoing and they really believe that they can obtain in settlement or at trial an admission or finding of fault. That would force a game change. In addition to the actions of the PCAOB, the SEC would cause, or force, the auditors to up their game, significantly. The result will impact audit quality and reliability to the benefit of the investing public. Those actions also will or should cause boards and audit committees to up their games. Notice that I did not say that it will “force” boards and audit committees to up their games, and I also did not say that those actions will or should cause boards and audit committees to up their games “significantly.”

The obvious truth is that in the underlying facts in these cases there are many players who are, or who could be, or perhaps should be involved, including, for example, internal audit and the chief internal auditor, the board, the audit committee, the risk committee if there is one, in-house general counsel, the chief risk officer and the risk management function, the CFO, possibly the CEO, possibly the COO, the external auditor, possibility the regulators, possibly external legal counsel, et seq. And this is also why the SEC really should concentrate its resources on serious cases that will cause or force everyone to up their games. There will be an effect throughout, not simply for the direct entities involved.

Some people won’t like what I am suggesting, i.e., that the SEC should expand the players that it looks at, but in fact I’m also advocating for the SEC to stop with the patsy or less serious cases, and instead concentrate on the serious ones and then really look at the involvement of lack thereof of everyone. That also doesn’t mean that everyone is at fault or liable, or that an admission can be or should be obtained by everyone. That would be a ridiculous position – of course not everyone is at fault. But, there should be a discussion about more of the players and what they did or did not do. Ok, Grant Thornton admits that it did not properly perform the two audits in question – Grant Thornton is a good auditing firm, and you can bet that they will up their game – but Grant Thornton is only the external auditor, it had no involvement in the actual wrongdoing – so the SEC should also be looking at the extended list of players that I have listed above, and by doing so the SEC, and the PCAOB, will cause or force everyone to up their game. No one in those positions wants to be embarrassed or liable for wrongdoing. You can bet that if I’m on a board, or on an audit committee, if something unexpected occurs, and, yes, things that are unexpected do occur even without fault, I don’t, however, want to be embarrassed in hindsight if it looks like I did not perform or try to perform prudent oversight, or prudent business judgment, processes and practices.