PCAOB delays QC 1000, KPMG auditors still need documentation discipline

The PCAOB’s one-year delay on QC 1000 should not feel like breathing room inside a KPMG audit pod. The clock moved, but the habits inspectors will test did not: the file still has to show the basis for the conclusion, the support for the representation, and the managerial review that ties the work together.

Why the delay matters, but not in the way some teams may hope

On August 28, 2025, the PCAOB postponed QC 1000, its new firm-level system of quality control standard, and related new and amended standards, rules and forms by one year to December 15, 2026. The Board said the move was driven by implementation challenges that some firms may not be able to overcome within the earlier timetable, but it also said it did not change the text of the standard. In plain terms, the rules did not soften; only the start date did.

That distinction matters for auditors because the work needed to comply does not begin on the effective date. If files are still thin, review notes still vague, or conclusions still sitting apart from the evidence that supports them, the firm will feel those weaknesses in planning, in remediation and eventually in inspection results. For a Big Four practice like KPMG LLP, the delay is best read as a warning to harden the process now, while there is still time to correct course.

What AS 1215 demands from the engagement file

AS 1215, the PCAOB’s audit documentation standard, says auditors should prepare and retain documentation for PCAOB engagements, including audits of financial statements, audits of internal control over financial reporting and reviews of interim financial information. It defines audit documentation as the written record of the basis for the auditor’s conclusions and the support for the auditor’s representations. That is a higher operational standard than simply keeping workpapers on file.

For KPMG teams, that means evidence needs to be organized so another reviewer can trace the logic without reverse engineering the engagement. The practical burden lands in the places that already strain busy season: deciding what belongs in the file, linking testing to conclusions, and making sure the file reflects what the team actually did, not what it intended to do. If the support is scattered across emails, drafts and side conversations, the audit trail becomes harder to defend when inspections arrive.

The standard’s effective date is December 15, 2026, which puts documentation discipline on the same horizon as QC 1000. That alignment is important because the quality-control framework and the engagement file now move together. A strong policy memo will not save a weak file, and a polished file will not hide a review process that misses gaps in judgment.

Where the burden lands first

The first pressure point is planning. Audit teams will need to be clearer about what evidence they expect to gather, when they expect to gather it and who owns each step of the file. The next pressure point is review depth, because manager and partner oversight will need to do more than sign off on a completed package at the end of the job.

• Engagement planning will need tighter mapping between risks, procedures and the exact evidence expected to support conclusions.

• Review notes will need to be more specific, because vague sign-offs are harder to defend when inspectors test the logic chain.

• File organization will matter more, especially when multiple team members, specialists and technology tools contribute to the final audit trail.

• Training will need to be more practical, focusing on the habits that make documentation inspectable rather than merely complete.

That is where the work starts to feel less like administration and more like audit quality in real time. Teams that rely on last-minute cleanup will find the standard harder to satisfy, because the file has to tell a coherent story as the work happens, not after the fact.

How QC 1000 changes the firm-level expectation

QC 1000 is the PCAOB’s firm system of quality control standard, and the Board said it approved the standard and the related amendments before postponing the effective date. The PCAOB also said firms may elect early compliance before December 15, 2026, except for reporting to the Board on evaluation of the quality control system. That creates a strange but important middle period: the standards are in place, but some of the reporting timing is not.

The standards page also makes clear that the PCAOB uses different effective-date buckets for different firms and reporting periods. That is a reminder that implementation is not one-size-fits-all, especially for a large practice with multiple engagement types and regional teams. KPMG leaders will need to track not just the deadline, but which pieces of the standard bite first, and where the evidence for readiness will come from.

For an audit practice, the firm-level message is straightforward. QC 1000 will not stay confined to policy language in a compliance deck. It will affect how work is supervised, how exceptions are escalated, how remediation is documented and how technology is used to reduce fragmentation in the audit trail.

Why KPMG cannot wait for the inspection cycle to force the issue

KPMG says it is subject to PCAOB inspection annually, and its U.S. regulatory-and-peer-reviews page says the PCAOB released KPMG’s 2024 inspection report on March 31, 2025. In its January 2025 FY24 Audit Quality Report, the firm said it expected that 2024 report, covering 2023 audits, to show a Part I.A deficiency rate of 20%, which it described as its lowest since 2009. The same report said KPMG was making multi-year investments in its audit approach, system of quality control, people and technology.

That context makes the new timetable more urgent, not less. PCAOB inspections are designed to review selected audit work and elements of a firm’s quality-control system, and to drive improvement by focusing on prevention, detection and deterrence of deficiencies. In other words, inspectors are not just looking for isolated mistakes. They are looking for patterns in how teams plan, document and supervise the work.

For KPMG auditors, the message is to treat documentation as part of the control environment, not as a final administrative step. A cleaner file, tighter review notes and more disciplined evidence gathering will do more than reduce inspection risk. They will also make it easier for managers and partners to coach teams, spot recurring weaknesses and show that quality is built into the engagement rather than bolted on at the end.

The delay to December 15, 2026 is real, but it is not a cushion. It is the last clear window for audit teams to raise the standard of the work product before the next round of inspection scrutiny makes those habits impossible to ignore.