Audit Ing Authority

The financial services sector operates under a multi-layered regulatory framework enforced by agencies including the Securities and Exchange Commission (SEC), the Financial Industry Regulatory Authority (FINRA), the Federal Deposit Insurance Corporation (FDIC), and the Consumer Financial Protection Bureau (CFPB). This directory exists as a structured reference resource mapping the audit-related topics, regulatory obligations, and compliance functions that apply to firms operating within that framework. Each listing points to substantive explanatory content rather than offering advisory services. Understanding what the directory covers — and what falls outside its scope — is foundational to using it effectively.

How the directory is maintained

Directory listings are organized by entity type, regulatory regime, and audit function. The classification structure follows the major regulatory categories that govern financial services auditing in the United States, including standards issued by the Public Company Accounting Oversight Board (PCAOB), the American Institute of Certified Public Accountants (AICPA) under Generally Accepted Auditing Standards (GAAS), and statutory requirements embedded in legislation such as the Sarbanes-Oxley Act of 2002 and the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010.

Listings are added or updated based on three criteria:

  1. Regulatory relevance — the topic must correspond to an enforceable obligation, a published standard, or a formally defined audit function under US law or a recognized standards body.
  2. Entity scope clarity — each listing specifies which entity types are subject to the obligation (e.g., broker-dealers, investment advisers, insured depository institutions, credit unions).
  3. Source traceability — every substantive claim within a linked page must be attributable to a named public document, agency guidance, or codified statute.

Listings are grouped into 4 primary classification tracks: (a) audit type and methodology, (b) entity-specific obligations, (c) regulatory and standards frameworks, and (d) audit process and execution. These tracks are not mutually exclusive; a single topic such as anti-money laundering audit requirements may appear under both entity-specific obligations and regulatory frameworks because the Bank Secrecy Act (31 U.S.C. § 5318) imposes obligations that cross both dimensions.

The directory does not self-update based on regulatory changes. Content is reviewed against published agency releases, PCAOB rulemaking notices, and AICPA standards updates. Users consulting time-sensitive compliance questions should verify current regulatory text directly against primary sources such as the Electronic Code of Federal Regulations (eCFR) at ecfr.gov.

What the directory does not cover

The directory is bounded by three explicit exclusion categories.

Tax compliance and tax audit functions fall outside scope. The Internal Revenue Service (IRS) examination process, transfer pricing audits, and tax provision reviews under ASC 740 are distinct from the financial statement audit and assurance functions covered here. While Sarbanes-Oxley Section 404 audit requirements touch on internal controls that may intersect with tax reporting, the tax function itself is not catalogued.

International audit frameworks are excluded except where a named US regulatory body has incorporated them by reference. International Standards on Auditing (ISA), issued by the International Auditing and Assurance Standards Board (IAASB), are not listed unless a US regulator — such as the PCAOB or SEC — has formally adopted or cross-referenced a specific standard for US-registered entities.

Litigation support and forensic accounting are excluded from the directory structure. Fraud risk assessment is addressed as part of the audit planning process (see fraud risk assessment in financial audits), but post-litigation expert witness functions, damages calculations, and forensic investigation engagements that operate outside the financial statement audit context are not catalogued.

The directory also does not catalogue individual firms, licensed practitioners, or CPA firms. Firm selection considerations are addressed editorially in CPA firm selection for financial services audit, but that page is a reference framework — it is not a vendor registry or referral mechanism.

Relationship to other network resources

The directory functions as a navigational layer sitting above topic-level explanatory pages. The distinction matters: a directory listing names a topic, defines its regulatory scope, and links to detailed content. The detailed content — organized under financial services listings — covers mechanisms, standards, process steps, and decision boundaries at depth.

Horizontal resources on this site address methodological topics that apply across entity types. For example, risk-based auditing in financial services and audit materiality in financial services are methodology pages that inform practice regardless of whether the audited entity is a hedge fund, a credit union, or a mortgage company. Vertical resources address entity-specific obligations: hedge fund audit requirements (US), credit union audit requirements, and mortgage company audit obligations are scoped to entity type and the specific regulatory bodies that govern each.

The financial services audit standards (US) section provides the standards-layer context that anchors both the horizontal and vertical content. That section maps relationships among PCAOB standards, GAAS, and entity-specific regulatory examination frameworks such as those applied by the FDIC under the Federal Deposit Insurance Act.

How to interpret listings

Each directory listing carries 4 identifiable structural elements:

  1. Topic name and classification track — indicating whether the entry is an audit type, an entity-specific obligation, a standards reference, or a process topic.
  2. Primary regulatory authority — the agency, statutory citation, or standards body that creates the underlying obligation or defines the framework. For instance, FINRA audit obligations for broker-dealers references FINRA Rule 4370 and SEC Rule 17a-5 as the governing authorities.
  3. Entity applicability — the class of financial services firm to which the topic applies. Not every listing applies to every entity type; FDIC audit requirements for banks applies to insured depository institutions and not to investment advisers registered exclusively under the Investment Advisers Act of 1940.
  4. Linked explanatory content — a direct pointer to the full reference page where the mechanism, process steps, and relevant comparisons are documented in detail.

Listings are not legal opinions or compliance guidance. A listing that references auditor independence in financial services describes independence requirements as codified in PCAOB Rule 3526 and SEC independence rules under 17 CFR Part 210 — it documents what those rules require without interpreting their application to any specific engagement. The distinction between compliance audit vs. financial audit is addressed as a classification question, not a strategic recommendation.

When a topic appears in the directory without a linked page, it indicates that a full explanatory entry is structurally defined but not yet published. The classification and regulatory scope noted in the listing reflect the same sourcing standards applied to completed entries.

Explore This Site

Regulations & Safety Regulatory References
Topics (61)
Tools & Calculators Compound Interest Calculator

References