001翻译

Audit committee quality,auditor
independence,and internal
control weaknesses
Yan Zhang a ,Jian Zhou
a,b,*,Nan Zhou a a
School of Management,State University of New York at Binghamton,Binghamton,NY 13902-6000,United States b Lubin School of Accounting,Whitman School of Management,Syracuse University,
NY 13244-2450,United States
Abstract
In this paper we investigate the relation between audit committee quality,auditor independence,and the disclosure of internal control weaknesses after the enactment of the Sarbanes-Oxley Act.We begin with a sample of firms with internal control weak-nesses and,based on industry,size,and performance,match these firms to a sample of control firms without internal control weaknesses.Our conditional logit analyses indi-cate that a relation exists between audit committee quality,auditor independence,and internal control weaknesses.Firms are more likely to be identified with an internal control weakness,if their audit committees have less financial expertise or,more specif-ically,have less accounting financial expertise and non-accounting financial expertise.They are also more likely to be identified with an internal control weakness,if their auditors are more independent.In addition,firms with recent auditor changes are more likely to have internal control weaknesses.
Ó2007Elsevier Inc.All rights reserved.
0278-4254/$-see front matter Ó2007Elsevier Inc.All rights reserved.doi:10.1016/j.jaccpubpol.2007.03.001*
Corresponding author.Tel.:+16077776067;fax:+16077774422.
E-mail addresses:yzhang@ (Y.Zhang),jzhou@ (J.Zhou),nzhou@ (N.
Zhou).
Journal of Accounting and Public Policy 26(2007)
300–327
Y.Zhang et al./Journal of Accounting and Public Policy26(2007)300–327301 Keywords:Internal control weakness;Audit committeefinancial expertise;Auditor independence; Sarbanes-Oxley Act
1.Introduction
The Sarbanes-Oxley Act(hereafter SOX)of2002went into effect on July 30,2002to address the increasing concern of investors about the integrity of firms’financial reporting,due to scandals involving once well-respected com-panies,such as Enron and WorldCom and auditors,such as Arthur Ander-sen.One important aspect of SOX is that it has two sections specifically focusing on internal control issues related tofinancial reporting.Under Sec-tion302,management is required to disclose all material weaknesses in inter-nal control,when they certify the periodic,annual and quarterly,statutory financial reports.Under Section404,afirm is required to assess the effective-ness of its internal control structure and procedures forfinancial reporting and disclose such information in its annual reports.Furthermore,thefirm’s auditor is required to provide an opinion on the assessment made by the management in the same report.Because such mandatory disclosure under SOX provides us with more information on internal controls,we are inter-ested in investigating the determinants of internal control weaknesses in the post-SOX era.
We begin with a sample offirms with internal control weaknesses,and, based on industry,size,and performance,match thesefirms to a sample of con-trolfirms without internal control weaknesses.Our conditional logit analyses indicate that a relation exists between audit committee quality,auditor inde-pendence,and internal control weaknesses.Firms are more likely to be identi-fied with an internal control weakness,if their audit committees have less financial expertise or,more specifically,have less accountingfinancial expertise and non-accountingfinancial expertise.They are also more likely to be identi-fied with an internal control weakness,if their auditors are more independent. In addition,firms with recent auditor changes are more likely to have internal control weaknesses.
Our paper is related to several recent papers on the determinants of inter-nal control weaknesses.Krishnan(2005)examines the period prior to the enactment of SOX,when internal control problems are only disclosed in 8-Ksfiled byfirms when changing auditors.With information collected from 8-Kfilings,shefinds that independent audit committees and audit committees with morefinancial expertise are significantly less likely to be associated with the incidence of internal control problems.Ge and McVay(2005)and Doyle et al.(forthcoming)find that material weaknesses in internal control are more
302Y.Zhang et al./Journal of Accounting and Public Policy26(2007)300–327
likely forfirms that are smaller,less profitable,more complex,growing rap-idly,or undergoing restructuring.Ashbaugh-Skaife et al.(forthcoming)find thatfirms with more complex operations,recent changes in organization structure,auditor resignation in the previous year,more accounting risk exposure,and less investment in internal control systems are more likely to disclose internal control deficiencies.
We document thatfinancial expertise in audit committees continues to be an important determinant of internal control weaknesses after the enactment of SOX.Ourfindings thus complement those in Krishnan(2005),who studies the pre-SOX period.Focusing on the post-SOX period enables us to take advantage of the wealth of information on internal control unleashed by SOX and to construct a sample offirms with internal control problems from both mandated disclosures in thefirms’10-Q and10-Kfilings under SOX and information disclosed in8-Kfilings whenfirms change auditors.Consist-ing of only thosefirms that change auditors in the pre-SOX period,the sample firms in Krishnan(2005)tend to be smaller in size and are traded on smaller stock exchanges.We avoid this sample selection bias by focusing on the post-SOX period,given that allfirms are required to disclose material internal control weaknesses under SOX.In addition,we document that auditor inde-pendence is an important determinant of internal control weaknesses.This adds to the literature that supports the hypothesis that auditor independence matters,such as Frankel et al.(2002)and Krishnamurthy et al.(2006).Differ-ent from other researchers who also focus on the post-SOX period,such as Ge and McVay(2005),Doyle et al.(forthcoming)and Ashbaugh-Skaife et al. (forthcoming),we show that audit committee quality,characterized as having morefinancial expertise or,more specifically,having more accountingfinancial expertise and non-accountingfinancial expertise,is an important determinant of internal control weaknesses.In addition,wefind that auditor independence, calculated as the ratio of audit fee to total fee,is also a determinant of internal control weaknesses.
The rest of the paper is organized as follows.Section2introduces the back-ground and proposes our hypotheses.Section3describes the sample selection procedures.Section4discusses the empiricalfindings,and Section5presents our conclusions.
2.Background and hypotheses
2.1.Background
SOX emphasizes internal control,which is defined as‘‘a process,effected by an entity’s board of directors,management and other personnel,designed to provide reasonable assurance regarding the achievement of objectives’’,
Y.Zhang et al./Journal of Accounting and Public Policy26(2007)300–327303 according to the COSO framework.1SOX Section302(hereafter SOX302), which went into effect on August29,2002,requires management to disclose significant internal control deficiencies,when they certify annual or quarterly financial statements.Specifically,the signing officers,being responsible for internal controls,have evaluated the internal controls within the previous ninety days and reported in theirfindings:(1)a list of all deficiencies in the internal controls and information on any fraud that involves employees who are involved with internal control activities;(2)any significant changes in inter-nal controls or related factors that could have a negative impact on the internal controls.
Section404took this reporting a step further.It not only requires manage-ment to provide an assessment of internal controls,but also requires auditors to provide an opinion on management’s assessment.Under Securities Exchange Commission(SEC)Release No.33-8238(June5,2003),Section 404(a)requires issuers to disclose information concerning the scope and ade-quacy of the internal control structure and procedures forfinancial reporting in their annual reports.This statement shall also assess the effectiveness of such internal controls and procedures.Section404(b)requires the registered audit-ingfirm,in the same report,to attest to and report on the effectiveness of the internal control structure and procedures forfinancial reporting.2According to SEC Release No.33-8392(February24,2004),a company that is an‘‘acceler-atedfiler’’must comply with SOX Section404(hereafter SOX404)for itsfirst fiscal year ending on or after November15,2004.3Appendix A provides a 1COSO stands for the Committee of Sponsoring Organizations of the Treadway Commission, who undertook an extensive study of internal control to establish a common definition that would serve the needs of companies,independent public accountants,legislators,and regulatory agencies and to provide a broad framework of criteria,against which companies could evaluate the effectiveness of their internal control systems.COSO published its Internal Control–Integrated Framework in1992.
2The SOX compliance information is from ,and the SOX summaries are from .
3In SEC Release No.33-8238(June5,2003),an‘‘acceleratedfiler’’,defined in the original Exchange Act Rule12b-2,referred to a US company that has equity market capitalization over$75 million and hasfiled an annual report with the SEC.According to SEC Release No.33-8618 (September22,2005),prior to December1,2005,‘‘acceleratedfiler’’status did not directly affect a foreign private issuerfiling its annual reports on Form20-F or40-F,even though the definition of ‘‘acceleratedfiler’’did not expressly exclude foreign private issuers by its terms.After December1, 2005,a foreign private issuer meeting the acceleratedfiler definition,andfiling its annual report on Form20-F or Form40-F,became subject to the internal control reporting requirements under SOX404with compliance dates given in Appendix A.SEC Release No.33-8644(December21, 2005)amended the Exchange Act Rule12b-2definition of an‘‘acceleratedfiler’’to create a new category of acceleratedfiler,the‘‘large acceleratedfiler,’’for issuers with equity market value of $700million or more,and re-define the term‘‘acceleratedfiler’’to include an issuer with equity market value of$75million or more,but less than$700million.
304Y.Zhang et al./Journal of Accounting and Public Policy26(2007)300–327 comprehensive schedule of Section404compliance dates,including those for non-acceleratedfilers and foreign private issuers.
According to Compliance Week,most of the internal control weakness dis-closures under SOX302and SOX404are related tofinancial systems and pro-cedures.This group typically involvesfinancial closing processes,account reconciliation,or inventory processes.For example,United Stationers dis-closed problems with‘‘the design and effectiveness of internal controls relating to receivables from suppliers’’.Personnel issues rank as the second largest cat-egory of weakness disclosures.This category is related to the poor segregation of duties,inadequate staffing,or other related training or supervision prob-lems.For example,Sanmina-SCI cited a‘‘lack of sufficient personnel with appropriate qualifications and training in certain key accounting roles.’’Other common types of weaknesses include revenue recognition,documentation,and IT system and controls(e.g.,security and access controls,backup and recovery issues).In addition,issues related to international operations and mergers and acquisitions are sources of weakness disclosure,although they represent a rel-atively small percentage of all disclosures.For example,Masco cited internal control problems attributable to‘‘historical growth through acquisition and decentralized organizational structure,’’and GulfMark Offshore identified internal control deficiencies related to the complexity of their multi-national operations.
Based on their severity,these internal control problems are classified into three types:material weakness,significant deficiency,and control deficiency. Auditing Standard(hereafter AS)No.2defines a material weakness as‘‘a sig-nificant deficiency,or combination of significant deficiencies,that results in more than a remote likelihood that a material misstatement of the annual or interimfinancial statements will not be prevented or detected.’’Under AS No.2,a significant deficiency is‘‘a control deficiency,or a combination of con-trol deficiencies,that adversely affects the company’s ability to initiate,autho-rize,record,process,or report externalfinancial data reliably in accordance with generally accepted accounting principles such that there is more than a remote likelihood that a misstatement of the company’s annual or interim financial statements that is more than inconsequential will not be prevented or detected.’’A control deficiency occurs‘‘when the design or operation of a control does not allow management or employees,in the normal course of per-forming their assigned functions,to prevent or detect misstatement on a timely basis.’’Since only material weaknesses are required to be publicly disclosed under SOX302and SOX404,we follow Doyle et al.,2006,forthcoming, and focus onfirms that disclosed material weaknesses in our study.4For the 4This is also driven by the fact that Compliance Week lists onlyfirms with material weaknesses starting March2005.
Y.Zhang et al./Journal of Accounting and Public Policy26(2007)300–327305 sake of brevity,we will refer to material internal control weaknesses as internal control weaknesses hereafter.
2.2.Audit committee quality and internal control
Since an entity’s internal control is under the purview of its audit committee (Krishnan,2005),we investigate the relation between audit committee quality and internal control weaknesses.The audit committee not only plays an impor-tant monitoring role to assure the quality offinancial reporting and corporate accountability(Carcello and Neal,2000),but also serves as an important gov-ernance mechanism,because the potential litigation risk and reputation impair-ment faced by audit committee members ensure that these audit committee members discharge their responsibilities effectively.We thus expect thatfirms with high-quality audit committees are less likely to have internal control weaknesses thanfirms with low-quality audit committees.
On measuring audit committee quality,we focus on thefinancial expertise in these committees.The Blue Ribbon Committee on Improving the Effectiveness of Corporate Audit Committees(BRC)’s(1999)recommendation that each audit committee should have at least onefinancial expert highlights the impor-tance of thefinancial literacy and expertise of audit committee members.5Sec-tion407of the SOX incorporates the above suggestion and requiresfirms to disclose in periodic reports,whether afinancial expert serves on afirm’s audit committee and,if not,why not.Suchfinancial expertise of audit committee members has been shown to be important for dealing with the complexities offinancial reporting(Kalbers and Fogarty,1993)and for reducing the occur-rence offinancial restatements(Abbott et al.,2004).In addition,DeZoort and Salterio(2001)find that audit committee members withfinancial reporting and auditing knowledge are more likely to understand auditor judgments and sup-port the auditor in auditor-management disputes than members without such knowledge.Moreover,financially knowledgeable members are more likely to address and detect material misstatements.Audit committee members with financial expertise can also perform their oversight roles in thefinancial report-ing process more effectively,such as detecting material misstatements(Scarb-rough et al.,1998;Raghunandan et al.,2001).Indeed,Abbott et al.(2004)find a significantly negative association between an audit committee having 5The Report of the BRC’s recommendation related to Audit Committee Competence states that ‘‘the audit committee should consist of at least three members,each of whom is‘‘independent’’(defined in the Report as having‘‘no relationship to the corporation that may interfere with the exercise of their independence from management and the corporation’’)and‘‘financially literate’’(defined as‘‘the ability to read and understand fundamentalfinancial statements’’).At least one member of the audit committee should have accounting orfinancial management expertise(defined as past employment or professional certification in accounting orfinance,or comparable experience including service as a corporate officer withfinancial oversight responsibility)’’.
306Y.Zhang et al./Journal of Accounting and Public Policy26(2007)300–327
at least one member withfinancial expertise and the incidence offinancial restatement.Krishnan(2005)presents evidence that audit committees with financial expertise are less likely to be associated with the incidence of internal control problems.Therefore,we have the following directional prediction. Hypothesis1.Firms with greater audit committeefinancial expertise are less likely to have internal control weaknesses.
DeFond et al.(2005)document significantly positive cumulative abnormal returns around the appointment of accountingfinancial experts to the audit committee,suggesting that audit committees with accountingfinancial exper-tise improve corporate governance.Therefore,we further separate audit committeefinancial expertise into accountingfinancial expertise and non-accountingfinancial expertise and test the relation between these two variables and internal control weaknesses.
In measuring thefinancial expertise of an audit committee member,we fol-low the definition adopted in SOX Section407,and,more specifically,modify the definition used in DeFond et al.(2005).An audit committee member is a financial expert if he or she can be classified into the following two categories: (a)an accountingfinancial expert who has experience as a public accountant, auditor,principal or chieffinancial officer,controller,or principal or chief accounting officer;or(b)a non-accountingfinancial expert who has experience as the chief executive officer,president,or chairman of the board in a for-profit corporation,or who has experience as the managing director,partner or prin-cipal in venturefinancing,investment banking,or money management.With this definition,we measure audit committeefinancial expertise(ACFE)as the percentage of audit committee members who arefinancial experts.We fur-ther separate audit committeefinancial expertise into accountingfinancial expertise(ACCT_ACFE),measured as the percentage of audit committee members who are accountingfinancial experts,and non-accountingfinancial expertise(NONACCT_ACFE),the percentage of audit committee members who are non-accountingfinancial experts.
2.3.Auditor independence and internal control
Auditor independence can be related to the disclosure of afirm’s internal control problems.When there is a strong economic bond between an auditor and a clientfirm,the auditor has an incentive to ignore potential problems and issue a clean opinion on the clientfirm’s internal controls.While some studies(DeFond et al.,2002;Asbaugh et al.,2003;Chung and Kallapur, 2003;Reynolds et al.,2004;Francis and Ke,2003)find no relation between non-audit fees and auditor independence and argue that an auditor’s concern with maintaining its reputation for providing high-quality audits could restrain
Y.Zhang et al./Journal of Accounting and Public Policy26(2007)300–327307 it from undertaking activities that jeopardize independence,since the revenue from each client will be a small percentage of the auditor’s total revenue,other studies suggest that the provision of non-audit services compromises auditor independence.For example,Frankel et al.(2002)find that non-audit services are associated with increased discretionary accruals and the achievement of certain earnings benchmarks and Krishnamurthy et al.(2006)document that the abnormal returns for Andersen’s clients around Andersen’s indictment are significantly more negative,when the market perceived the auditor’s inde-pendence to be compromised.Given these mixed empiricalfindings,we mea-sure auditor independence(RATIO)as the ratio of the audit fee to the total fee,and propose the non-directional null hypothesis,as follows. Hypothesis2.Auditor independence is not associated with the disclosure of internal control weaknesses.
2.4.Control variables
2.4.1.Audit committee
In addition to audit committeefinancial expertise,other attributes of an audit committee have been found to be important factors in effective monitor-ing.Specifically,we control for audit committee independence,since Krishnan (2005)finds that there is a positive relation between audit committee indepen-dence and the quality of internal control prior to the enactment of SOX.6While SOX requires that audit committees be composed of all independent directors forfirms traded on an organized stock exchange(e.g.,NYSE,AMEX)or a rec-ognized dealer quotation system(e.g.,NASDAQ),exemptions may be given by the SEC,if it determines that it is appropriate under certain circumstances.We thus still control for audit committee independence(ACIND),defined as the percentage of independent directors on the audit committee.Under SOX,an audit committee member is independent,if he or she is not affiliated with the firm and does not accept any consulting fees.
We next control for the natural logarithm of audit committee size(ACSZ), measured as the number of audit committee members,because research sug-gests that a large audit committee tends to enhance the audit committee’s sta-tus and power within an organization(Kalbers and Fogarty,1993),to receive more resources(Pincus et al.,1989),and to lower the cost of debtfinancing (Anderson et al.,2004).We thus expect that a large audit committee is more likely than a small one to improve the quality of internal controls,because
6Previous research has also found an association between audit committee independence and the quality of accounting information(e.g.,Klein,2002b;Abbott et al.,2004).
308Y.Zhang et al./Journal of Accounting and Public Policy26(2007)300–327 increased resources and enhanced status will make the audit committee more effective in fulfilling its monitoring role.
We also control for the natural logarithm of audit committee meetings (ACMEET),measured as the number of audit committee meetings held each year,because research shows that effective audit committees meet regularly (Menon and Williams,1994;Xie et al.,2003).7Consistent with this hypothesis, McMullen and Raghunandan(1996)find that the audit committees offirms with SEC enforcement actions or earnings restatements are less likely to have frequent meetings than those without and Lennox(2002)finds that there is a significant increase in the number of audit committee meetings during an audi-tor dismissal year.However,it is also possible that an audit committee meets more frequently to discuss internal control issues,when there are significant problems associated with afirm’s internal controls.Therefore,we make no pre-diction on the relation between the number of audit committee meetings and the quality of internal controls.
2.4.2.Board of directors
The quality of an entity’s internal controls is a function of the quality of its control environment that includes the board of directors and the audit commit-tee(Krishnan,2005).First,we focus on board independence(BDIND),mea-sured as the percentage of outside directors on the board,8because research suggests that board independence is negatively related to the likelihood of financial fraud and SEC enforcement actions(Beasley,1996;Dechow et al., 1996).We also control for the natural logarithm of board size(BDSZ),mea-sured as the number of directors on the board.While some researchersfind that a large board has more expertise than a small one(Dalton et al.,1999), that it tends to be more effective in monitoring accruals(Xie et al.,2003), and that it leads to a lower cost of debt(Anderson et al.,2004),others suggest that a small board is more effective in mitigating the agency costs associated with a large board(Yermack,1996;Eisenberg et al.,1998;Hermalin and Weis-bach,1998,2003).Given the mixed empirical evidence on board size,we expect that the relation between board size and the likelihood of internal control weaknesses is indeterminate.Finally,we control for the natural logarithm of board meetings(BDMEET),as measured by the number of board meetings held each year.While Conger et al.(1998)suggest that board meeting fre-quency is important to improve board effectiveness,Vafeas(1999)finds that 7Hymowitz and Lublin(2003)report that‘‘many audit committees are spending far more time than they used to reviewingfinancial statements and overseeing auditors,meeting10or11times a year,up from three or four times.’’
8Outside directors are those who are not affiliated with thefirm,other than serving on its board. Wefirst exclude those directors who are thefirm’s officers and major shareholders,and then further exclude those who have consulting relationships or other related-party transactions with thefirm.
Y.Zhang et al./Journal of Accounting and Public Policy26(2007)300–327309
it is inversely related tofirm value,because of the increased board activities fol-lowing share price declines.Since board independence,size,and meeting fre-quency all influence a board’s effectiveness,they,in turn,are related to the quality of internal controls.
2.4.
3.Auditor types
We use a dummy variable(BIG4)to measure auditor type,9because afirm’s decision to hire a Big4auditor is likely to be associated with internal controls for several reasons.Doyle et al.(forthcoming)find that smaller and less prof-itablefirms are more likely to have internal control problems than larger or more profitable ones.On the one hand,suchfirms with internal control prob-lems are less likely to hire a Big4auditor,because they are constrained by financial resources and cannot afford it.On the other hand,they might also be avoided by the Big4auditors,because they are perceived as being risky and may expose the Big4to potential litigation.Given that afirm shunned by a Big4auditor may signal that it has potential internal control problems, we introduce the dummy variable BIG4to control for auditor quality.
2.4.4.Auditor changes
Ashbaugh-Skaife et al.(forthcoming)find thatfirms with recent auditor changes are likely to have internal control problems.On the one hand,auditors may drop risky clients as part of their risk management strategies,sincefirms with material internal control weaknesses may represent high audit failure risk. On the other hand,firms may dismiss auditors for lack of performance,when thefirms discover material internal control weaknesses.Therefore,we use a control variable AUDCHG,which is equal to one,if there is an auditor change in2003or2004,and zero otherwise.
2.4.5.Other variables
We also control forfirm characteristics that may be associated with internal control problems.Since Doyle et al.(forthcoming)show that small and high growthfirms are likely to have internal control weaknesses,in our model,we control for size,measured as the natural logarithm of total assets(TA),and growth,measured as industry-median-adjusted sales growth(ADJSALEGR). It may take some time for afirm that recently engaged in mergers and acqui-sition to integrate different internal control systems;consequently,such afirm is more likely to have internal control problems.We thus introduce a dummy variable(ACQUISITION),which takes the value of one,if afirm engages in acquisitions during2003,2004and from January to July of2005,and zero otherwise.Since afirm experiencing restructuring is also likely to have internal control problems,because of the loss of experienced and valuable employees 9The dummy variable(BIG4)takes a value of one,if afirm is a Big4client and zero otherwise.。