The Trusted Foreign Auditing Act of 2025 amends section 104(i) of the Sarbanes‑Oxley Act to create a statutory definition of “compromised auditor” and to identify what counts as a “covered country.” It then extends the PCAOB’s existing trading prohibition to any issuer headquartered in a country of concern that uses a compromised auditor, and it narrows when PCAOB hearings are public.
The bill directly links the covered-country determination to the Director of National Intelligence’s Annual Threat Assessment and to an existing DoD statutory definition, creating a security‑driven trigger for audit-market restrictions. For multinational audit firms and U.S.-listed issuers with foreign affiliates, the measure forces structural choices about which offices can serve U.S. clients and raises new compliance, disclosure, and market‑access risks.
At a Glance
What It Does
The bill adds a four-part statutory definition of “compromised auditor” (control, influence, managers/owners subject to foreign influence, or arrangements with foreign governments/parties) and defines “covered country” by reference to the DNI Annual Threat Assessment and a DoD statutory list. It applies the PCAOB’s trading prohibition to any covered issuer headquartered in a country of concern that uses such a compromised auditor and makes PCAOB hearings presumptively non‑public unless a compromised auditor is a party or the Board orders otherwise with consent.
Who It Affects
U.S.-listed companies headquartered in countries identified as threats, global accounting networks with offices or subsidiaries operating under those jurisdictions, the PCAOB and U.S. securities markets, and investors in affected issuers. Audit committees, compliance teams, and trading platforms will see the most immediate operational impact.
Why It Matters
The bill codifies national‑security inputs into audit‑market rules and creates an enforcement mechanism that can remove market access when audit independence looks compromised. That shifts more of the audit‑eligibility decision into a security frame and forces firms to reconfigure international audit networks or risk trading suspensions for clients.
More articles like this one.
A weekly email with all the latest developments on this topic.
What This Bill Actually Does
At its core the bill forces the PCAOB and market participants to decide whether a non‑U.S. audit office is effectively independent or under undue foreign influence. It does that by inserting a new statutory label — “compromised auditor” — with four disjunctive tests: the office is subject to a covered country’s laws, is controlled or materially influenced by that country, has managers or owners under direct influence, or has arrangements with the government or ruling party that could impair objectivity.
That label is not merely descriptive; it triggers regulatory consequences.
The bill also pins the list of “covered countries” to two external sources: the Director of National Intelligence’s most recent Annual Threat Assessment and a DoD statutory definition used elsewhere in federal law. Using those sources lets the bill import national‑security judgments without creating a new interagency process inside the PCAOB, but it also means the set of affected countries can change when intelligence or defense guidance changes.Operationally, the most consequential change is to the PCAOB’s inspection and trading rules.
If a U.S.-listed issuer headquartered in a covered country retains a compromised auditor to prepare an audit covered by existing inspection provisions, the PCAOB’s existing trading prohibition applies — in plain terms, the issuer can be blocked from trading under the statute. Simultaneously, the bill narrows public access to PCAOB hearings by making them non‑public unless a compromised auditor is a party or the Board orders a public hearing for good cause with the parties’ consent.For audit firms and issuers, the mechanics matter: global networks will need to decide whether to isolate work on U.S. audits from offices in covered jurisdictions, restructure ownership or management ties, or accept restrictions on clients’ market access.
For regulators and exchanges, the bill offers a clearer statutory path to restrict trading for issuers tied to compromised audit providers, but it leaves open how the PCAOB will identify compromised auditors in practice, communicate findings, or provide remediation pathways.
The Five Things You Need to Know
The bill creates the term “compromised auditor” and sets four separate grounds for that label: subject to covered‑country law; controlled/directed/materially influenced by a covered country; has managers/owners under direct influence; or has arrangements with that country’s government or political party that could compromise audit independence.
“Covered country” is defined by reference to (1) the Director of National Intelligence’s most recent Annual Threat Assessment and (2) the statutory DoD definition at 10 U.S.C. 4872(d)(2), making vulnerability designations tied to existing intelligence and defense lists rather than a PCAOB rulemaking.
The bill amends the inspection provision so that if a covered issuer headquartered in a country of concern retains a compromised auditor to prepare an inspected audit, the statute’s existing trading prohibition (previously tied to inability to inspect) applies to that issuer.
Section 105(c) is rewritten to make PCAOB hearings non‑public by default; hearings become public only when a compromised auditor is a party or when the Board orders it for good cause and the parties consent.
The statute introduces no explicit notice, appeal, remediation, or timing procedures for designating a compromised auditor or for lifting the trading prohibition, leaving those implementation details to the PCAOB or future rulemaking.
Section-by-Section Breakdown
Every bill we cover gets an analysis of its key sections.
Short title
States the act’s name: Trusted Foreign Auditing Act of 2025. This is a standard technical provision and carries no operational effect other than providing the bill’s public label.
New statutory definitions for inspection law
Adds two linked definitions into §104(i)(1): “compromised auditor” (four criteria describing offices or subsidiaries subject to foreign control, influence, or compromising arrangements) and “covered country” (defined by reference to the DNI Annual Threat Assessment and 10 U.S.C. 4872(d)(2)). Embedding these definitions in the inspection statute turns a factual determination about audit access into a statutory trigger tied to external national‑security products.
Housekeeping changes to cross‑references
Redesignates existing subparagraphs and updates cross‑references inside §104(i) so the new definitions slot into the statute without restructuring the PCAOB’s inspection framework. One operative edit inserts language specifying that if an auditor “is a compromised auditor that the Board is unable…” then the Board’s inability to inspect can flow from the compromised‑auditor status, clarifying how the definition interacts with existing inspection inability language.
Extends trading prohibition to issuers using compromised auditors
Adds paragraph (5) to §104(i) so the statutory trading prohibition applies when a covered issuer headquartered in a country of concern uses a compromised auditor for a report described in paragraph (2)(A). Practically, this ties market access directly to the audit‑provider’s status even if inspection failures result from foreign legal constraints rather than the PCAOB’s own access efforts.
Limits public access to PCAOB hearings
Replaces the current public‑hearing language with a presumption of non‑public hearings. Hearings become public only if a compromised auditor retained by a covered issuer is a party to the hearing, or the Board orders public disclosure for good cause and the parties consent. That reduces routine transparency in PCAOB proceedings unless the compromised‑auditor label is directly implicated.
This bill is one of many.
Codify tracks hundreds of bills on Finance across all five countries.
Explore Finance in Codify Search →Who Benefits and Who Bears the Cost
Every bill creates winners and losers. Here's who stands to gain and who bears the cost.
Who Benefits
- U.S. investors concerned about audit reliability in high‑risk jurisdictions — the bill creates a statutory mechanism to restrict market access when audit independence appears compromised, aiming to prevent trading in issuers whose audits are performed by offices influenced by hostile or high‑risk governments.
- PCAOB and federal regulators — the law imports national‑security determinations to the PCAOB’s statutory toolkit, giving the Board clearer authority to link inspection limitations to market consequences without creating new classification burdens inside the Board.
- Audit firms and offices that can demonstrate clear separation from covered jurisdictions — firms that structurally isolate U.S. audit work or maintain arms‑length governance from covered‑country affiliates gain a competitive advantage for serving U.S. clients.
Who Bears the Cost
- Global audit networks with subsidiaries or branches in covered countries — they must restructure ownership, reporting lines, or work allocations to avoid the compromised‑auditor label, increasing legal and operational costs and potentially shrinking the pool of eligible U.S. auditors.
- Covered issuers headquartered in listed covered countries — these companies face the risk of trading prohibitions if they retain auditors labeled as compromised, which could reduce liquidity, capital access, and share value irrespective of the firm’s underlying business performance.
- U.S. exchanges, brokers, and custody networks — they bear compliance burdens implementing trading suspensions or delisting actions tied to PCAOB determinations, and may face short‑term disruptions to markets for affected securities.
- PCAOB budget and resources — the Board may need additional investigative, legal, and interagency coordination capacity to identify compromised auditors, apply the DNI/DoD lists, and manage enforcement and confidentiality decisions.
Key Issues
The Core Tension
The central dilemma is between two legitimate aims that pull in opposite directions: protecting U.S. investors and markets from audit providers subject to foreign influence versus preserving transparent, predictable market access and fair process for issuers and auditors. The bill strengthens the regulator’s ability to freeze market access on security grounds but does so with broad, discretionary labels and limited procedural safeguards — a trade‑off that forces regulators to choose between rapid protective action and the legal and market costs of less transparent authority.
The bill trades a broad national‑security framing for procedural detail: it tells regulators what to do when foreign influence exists, but it leaves crucial implementation mechanics unspecified. The four‑part definition of “compromised auditor” uses inherently factual and context‑dependent language (for example, “materially influenced” or “could compromise the objectivity”); the PCAOB will need rules or procedures to translate those phrases into consistent, reviewable decisions.
Without explicit notice, appeal, or remediation processes in the statute, affected firms and issuers face legal uncertainty about how long a designation lasts and how to contest it.
Linking “covered country” to the DNI Annual Threat Assessment and DoD’s statutory definitions avoids creating a new national‑security panel inside the PCAOB but imports lists that are dynamic and sometimes classified in part. That raises two problems: first, the set of countries and the basis for inclusion can change with intelligence assessments, creating regulatory whiplash; second, some evidence underpinning a designation may be sensitive or secret, complicating the PCAOB’s ability to provide transparent reasons or to meet basic administrative‑law fairness for implicated parties.
Finally, the move to make hearings non‑public by default reduces transparency at the same time the statute increases the PCAOB’s power to cut off market access, heightening concerns about due process and investor‑facing disclosure of enforcement rationales.
Try it yourself.
Ask a question in plain English, or pick a topic below. Results in seconds.