Last week, Schulte Roth & Zabel held another webinar in their Advanced Conflict Minerals Rule Compliance Series, titled The Conflict Minerals Report Audit — From Planning Through Completion. The presentation, which should soon be available for replay, covered a number of topics on the Independent Private Sector Audit (IPSA) of Conflict Minerals Reports (CMRs) from the perspective of two of the four CY2013 IPSA filers and auditors.
Among the more insightful points mentioned:
- Engage with your auditor early. The general consensus of the speakers was that six months was optimum for last year. Based on the IPSAs Elm is currently planning, this is about right, but could be compressed if needed in our view.
- Carefully consider those pre-audit preparations. Bryan Fiereck of Intel stated that they did not feel the need to conduct an external mock or simulated audit as a preparatory step. Fiereck said that issuers can adequately prepare by simply reading the relevant CMR language using an engineering (or auditor’s) perspective, continually asking “How can I demonstrate what is written?” We agree wholeheartedly. On more than one occasion, we have convinced issuers not to waste resources on a pre-IPSA audit and recommend doing as Intel did, or use internal auditors.
- You control your own destiny – or at least the scope of, and effort needed for, the IPSA. When writing the CMR, it is valuable to keep the IPSA in mind. This is a drum we have beaten repeatedly for some time.
- The importance of the audit plan. Fiereck emphasized this, saying that the audit plan was “infinitely valuable” in understanding the process and setting internal expectations. Non-CPAs may not fully appreciate the plan document elements within the Performance Audit standard. We have a template IPSA audit plan that was modified from a client-specific conflict minerals IPSA audit plan, which saves time and cost while conforming to the audit plan standards for GAO Performance Audits.
- Not everyone is an IPSA auditor. Both of the applicable GAO audit standards contain certain qualifications and expertise requirements. Not all auditors are able to meet these standards – especially non-CPAs to whom the Performance Audit standards are new. David Bouffard of Signet mentioned that they expended significant effort in training their IPSA auditor. Bouffard admitted that Signet’s early start gave them the luxury of time for this, but others likely will not have time or patience for training their auditor. Issuers are strongly encouraged to thoroughly screen IPSA auditors and engage a firm with demonstrated familiarity with conflict minerals and the IPSA – and there are a precious few of those.
- Don’t cross the double yellow line. The speakers touched on independence matters briefly due to time limitations of the webinar. A fine line exists between what is appropriate for the auditor to do as pre-audit planning, and what crosses the line into providing consulting on the report the auditor will themselves be auditing. While it is ultimately the auditor’s responsibility to monitor for threats to independence, issuers should be sensitive to this and not go too far in requesting advice from their auditors on the CMR language. Companies have asked us to be their consultant and their IPSA auditor, which of course we don’t do. We ask clients to choose the one they most want us to do for them. In some cases, they selected us for consulting; others preferred to wait and engage us as their auditor.
We are happy to talk with you about any questions you may have about the IPSA. But don’t wait too long.