Charles Hall is a practicing CPA and Certified Fraud Examiner. For the last thirty years, he has primarily audited governments, nonprofits, and small businesses.
He is the author of The Little Book of Local Government Fraud Prevention and Preparation of Financial Statements & Compilation Engagements. He frequently speaks at continuing education events.
Charles is the quality control partner for McNair, McLemore, Middlebrooks & Co. where he provides daily audit and accounting assistance to over 65 CPAs. In addition, he consults with other CPA firms, assisting them with auditing and accounting issues.
Unpaid fees can impair your independence in attest engagements. This article explains changes in the Unpaid Fees interpretation in the AICPA Code of Conduct.
Peer review checklists ask if fees have been paid prior to issuance of attest reports. Why? A loan to an attest client can impair independence. The thought here is that the CPA may have a self-interest in the client; namely, the collection of unpaid fees. And this self-interest could potentially lead the CPA to assist the client by issuing inappropriate attest reports.
So, has there been a change in the unpaid fees section of the Code of Conduct? Yes.
The old rule of just looking back one year is no longer the sole consideration in determining your independence in regard to unpaid fees; current year fees, if significant, can also affect independence.
The bolded fonts and underlines below are added by the blogger.
Unpaid Fees Interpretation
The independence interpretation (1.230.010) in the Code of Conduct says:
Threats to the covered member’s compliance with the “Independence Rule” [1.200.001] are at an acceptable level if, when the current-year attest report is issued, unpaid fees are both clearly insignificant to the covered member and relate to professional services provided less than one year prior to the date of the current-year attest report.
Alternatively, threats would not be at an acceptable level if, when the current-year attest report is issued, unpaid fees are both significant to the covered member and relate to professional services provided more than one year prior to the issue date of the current-year attest report.
That guidance provides factors to consider in evaluating your independence.
Unpaid Fees Factors to Consider
Factors to consider (ET 1.230.010.02) when evaluating whether threats are at an acceptable level include the following:
a. The significance of the unpaid fees to the covered member
b. The length of time the fees have been due from the attest client
c. The attest client’s agreement to pay the unpaid fees
d. The covered member’s assessment of factors affecting the ability of the attest client to pay the fees
So, what should you do if a significant threat is present? Consider safeguards.
Unpaid Fees Safeguards
You may use safeguards (ET 1.230.010.04) to mitigate the independence threat:
a. Have an appropriate reviewer who has not provided attest or nonattest services to the attest client review the attest work performed before the current-year attest report is issued.
b. Obtain partial payment of the unpaid fees balance before the current year attest report is issued such that the remaining unpaid balance is insignificant to the covered member.
c. Obtain an agreement from the attest client to a payment schedule before the current-year attest report is issued.
d. Suspend further work on current attest engagements and not accept new engagements with this attest client.
ET 1.230.010.05 goes on to say:
Communication with those charged with governance regarding evaluation of the unpaid fees and safeguards applied is not a sufficient safeguard when applied alone; however, it may be considered a safeguard when supplemented by other safeguard(s).
If the safeguards are not sufficient, you are not independent.
So, how do we define unpaid fees?
Unpaid Fees Defined
Unpaid fees include billed and unbilled services.
If you provide a service whereby you expect payment, it’s a fee–whether you billed it or not. The issue is whether the client owes you for the service.
Not Applicable for Attest Clients in Bankruptcy
ET 1.230.010.06 says that this interpretation does not apply to attest clients in bankruptcy.
Collection Incentive
Oddly, the potential impairment of independence may assist you (the CPA) in collecting past-due accounts. If the client needs the current year attest report, and the CPA can’t provide it without payment, then the client may find a way to come up with the money for past fees.
Still Not Sure
If after doing the above, you’re still not sure whether your independence is impaired, consider contacting the AICPA to get their thoughts. You can email them at ethics@aicpa.org.
Are you aware of the option in the SSARS titled Preparation of Financial Statements (AR-C 70)? Many CPAs still believe the lowest level of service in the SSARS is a compilation, but this is not true. CPAs can and do issue financial statements without a compilation report. Today I provide an in-depth look at AR-70, Preparation of Financial Statements.
Preparation of Financial Statements
Guidance
AR-C 70, Preparation of Financial Statements, is the guidance for the preparation of financial statements.
Applicability - AR-C Section 70
AR-C section 70, Preparation of Financial Statements, is applicable when a public accountant is engaged to prepare financial statements or prospective financial information.
This section can also be applied to the preparation of other historical financial information (e.g., schedule of rents).
AR-C 70 does not apply when the accountant prepares financial statements or prospective financial information:
And is engaged to perform an audit, review, or compilation of financial statements
Solely for submission to taxing authorities
For inclusion in written personal financial plans
In conjunction with litigation services that involve pending or potential legal or regulatory proceedings, or
In conjunction with business valuation services
Are there other times when AR-C 70 is not applicable? Yes. The preparation guidance does not apply when the accountant is merely assisting in the preparation of financial statements; such services are considered bookkeeping.
Examples of bookkeeping services include:
Preparing or proposing certain adjustments, such as those applicable to deferred income taxes or depreciation
Drafting financial statement notes
Entering general ledger transactions or processing payments in the client’s accounting software
When AR-C 70 is applicable, certain compliance actions—such as the creation of a signed engagement letter—are required. If the accountant is merely assisting with bookkeeping services, AR-C 70 is not triggered, and compliance with the standard is not necessary.
If the accountant is only entering transactions into a general ledger and making journal entries, he is merely assisting with bookkeeping. Such assistance is often provided in an online bookkeeping software such as QuickBooks. If this is the only service provided, AR-C 70 is not applicable.
If the accountant is engaged to prepare financial statements and performs any of the following, then AR-C 70 applies.
The accountant prepares financial statements that are provided to another accountant (another firm) for audit purposes
The accountant prepares financial statements separately from a tax return (e.g., the accountant might prepare a tax return that includes financial statements and then—at the client’s request—creates financial statements separately from the return)
The accountant uses the client’s general ledger information to prepare financial statements outside of the accounting software (e.g., the accountant places information from a Quickbooks general ledger into Excel and creates financial statements)
As you can see, the preparation standard makes a distinction between:
Preparing financial statements (which triggers AR-C 70) and
Merely assisting (which does not trigger AR-C 70)
Are there any other situations where AR-C 70 does not apply? Yes. The AICPA’s Center for Plain English Accounting addressed this question in the following question and answer:
Q: If financial statements are prepared by the accountant as a by-productof another engagement (for example, an engagement to prepare a tax return), is the accountant required to follow section 70 of SSARS No. 21 and include any special disclaimer or “no assurance” statement on those financial statements?
A: No. The accountant is only required to perform the preparation engagement in accordance with section 70 of SSARS No. 21 when engaged to prepare financial statements. Therefore, because the accountant was not engaged to prepare the financial statements, there is no requirement to include a statement on each page of the financial statements indicating that no assurance is provided on the financial statements.
The author requested that the AICPA define the word engaged. They responded that a client’s request for the preparation of financial statements service is the trigger for being “engaged.” In other words, a client’s request for the preparation of financial statements means we are “engaged,” provided we accept the work. Once the client makes the request, the accountant will create an engagement letter in compliance with AR-C 70.
If the client does not request the preparation of financial statements and the accountant creates the statements as a byproduct of another service (e.g., tax return), he is not subject to the requirements of AR-C 70.
So when is AR-C 70 applicable? When a public accountant is engagedtoprepare financial statements.
AR-C 70 Objective
The objective of the accountant is to prepare financial statements in accordance with the chosen reporting framework.
AR-C 70 Reports
A compilation report from the accountant is not required (and should not be provided) when preparing financial statements under AR-C 70.
Financial Statements
The accountant can prepare financial statements as directed by management or those charged with governance. The financials should be prepared using an acceptable reporting framework such as the following:
Cash basis
Tax basis
Regulatory basis
Contractual basis
Other basis (as long as the basis uses reasonable, logical criteria that are applied to all material items)
Generally accepted accounting principles (GAAP)
When preparing financial statements in accordance with a special purpose framework (e.g., tax basis), the accountant is required to include a description of the financial reporting framework either on the face of the financial statements or in a note. Here’s a sample disclosure in a financial statement title: Statement of Assets, Liabilities, and Equity—Tax Basis.
Management determines the financial statements to be prepared. Financial statements normally include the following:
Balance sheet
Income statement
Cash flow statement
The accountant can, if so directed by management, create and issue just one financial statement (e.g., income statement).
The financial statements can be for an annual period or for a shorter or longer period. So, financial statements can be for a fiscal year, quarterly, or monthly, for example.
The accountant should also obtain an understanding of the significant accounting policies to be used in the preparation of the financial statements.
In preparing the financial statement, the accountant may need to assist management with judgements regarding amounts or disclosures. The accountant should discuss these judgments with management. Why? So management can understand and accept responsibility for the financial statements.
Documentation Requirements - AR-C 70
The accountant should prepare and retain the following documentation:
Engagement letter (or contract)
The financial statements
Documentation related to significant consultations or professional judgments are to be included in the engagement file. Also, if the accountant departs from a relevant presumptively mandatory requirement, he should document the justification for the departure and how the alternative procedures performed were sufficient to achieve the intent of the requirement. (The SSARSs use the word should to indicate a presumptively mandatory requirement.)
AR-C 70 Engagement Letter
Is an engagement letter required for a preparation service? Yes. Moreover, the letter should be signed by the accountant or the firm and management or those charged with governance. A verbal understanding is not sufficient. Though AR-C 70 does not specify how often the engagement letter should be updated, it is best to do so annually.
The engagement letter should specify:
The objectives of the engagement
The responsibilities of management
The responsibilities of the accountant
The limitations of the preparation engagement
Identification of the applicable financial reporting framework
The agreement of management that:
Each page of the financial statements will include a statement that no assurance is provided, or
The accountant will issue a disclaimer stating that no assurance is provided
Whether the financial statements will:
Contain known departures from the applicable reporting framework, and
Whether substantially all disclosures will be omitted
As noted above, no compilation report will be issued for a preparation service. The preparation service is considered a nonattest, nonassurance service, and no compilation, review, or audit procedures are required.
The accountant will do one of the following:
On each financial statement page (including the related notes), indicate, at a minimum, that “no assurance is provided,” or
Provide a disclaimer (see example below)
If the accountant uses the first option, wording such as the following should be included on each page of the financial statements (including the related notes):
No assurance is provided on these financial statements
These financial statements have not been subjected to an audit or review or compilation engagement, and no assurance is provided on them, or
ABC CPAs prepared these financial statements in accordance with professional standards of the AICPA, and no assurance is provided
Other statements can be used to communicate that no assurance is provided, but the minimum wording must include “No assurance is provided.” The “no assurance” wording is made at management’s discretion, and the accountant’s firm name is notrequired to be included. The wording is normally placed at the bottom of each page. If the client does not allow the accountant to include such a statement on each page of the financial statements, the accountant should:
Issue a disclaimer (see below)
Perform a compilation in accordance with AR-C 80, or
Withdraw from the engagement
Preparation of Financial Statements Disclaimer
If the disclaimer option is used, AR-C 70 provides the following language:
The accompanying financial statements of XYZ Company as of and for the year ended December 31, 20XX, were not subjected to an audit, review, or compilation engagement by me (us) and I (we) do not express an opinion, a conclusion, nor provide any assurance on them.
[Signature of accounting firm or accountant, as appropriate]
[Accountant’s city and state]
[Date]
Though not required, the disclaimer can be placed on firm letterhead. Notice that the disclaimer language above has no disclaimer title. While the standard is silent about providing a title, the accountant may add one. For example, Accountant’s Disclaimer. A salutation is not required, but may be added.
Some accountants prefer to provide a disclaimer on letterhead. Why? Any third party reader can see that the accounting firm is involved in the preparation of the statements and that no assurance is provided.
A third party may not know that an external accountant was involved in preparing the statements if the “no assurance is provided” legend is used and the firm’s name is not included. Remember, however, it is the client’s decision as to whether the “no assurance” legend is added or a disclaimer is provided.
Independence
Preparation of financial statements is a nonattest, nonassurance service. When an accountant performs only a preparation engagement, consideration of independence is not necessary.
If an accountant signs client checks and performs bookkeeping services, independence is not required. Moreover, if the accountant prepares financial statements for the same client, independence is not required. Signing checks, bookkeeping, and the preparation of financial statements are all nonattest services.
But what happens if the accountant prepares financial statements and issues a compilation report?
Suppose an accountant issues monthly financial statements for January through November with no compilation report (using the preparation option), but in December issues financial statements with a compilation report. Providing the monthly preparation services and the December compilation service triggers a requirement to consider independence.
Just remember this for now: Independence is not required for preparation engagements, and there are no requirements to disclose a lack of independence in a preparation engagement.
Omission of Substantially All Disclosures
Can the accountant omit all disclosures (notes to the financial statements) in a preparation engagement? Yes. Alternatively, the accountant can provide selected disclosures or if needed, full disclosure. In short, the accountant can do any of the following:
Omit all disclosures
Provide selected disclosures
Provide full disclosure
Regardless, the engagement letter should describe the level of disclosure to be provided in the financial statements. Also, the omission of substantially all disclosures should be communicated either on the face of the financial statements or in a selected note. There is no provision in the preparation standard to report the omission of disclosures in the accountant’s disclaimer that precedes the financial statements.
The accountant can communicate the omission of disclosures by including wording such as the following at the bottom of each financial statement page or in a note:
Substantially all disclosures required by accounting principles generally accepted in the United States are not included.
Substantially all disclosures ordinarily included in financial statements prepared in accordance with the tax-basis of accounting are not included.
The accountant can also communicate the omission of disclosures in the title of the financial statements. For example:
ABC Company
Statement of Income
Substantially All Disclosures Omitted
December 31, 2020
Information Provided is Incomplete or Inaccurate
Deficiencies in the information provided to the accountant should be communicated to management, and the inaccuracy or incompleteness of such information should be corrected. Deficiencies in the information include insufficient records, documents, explanations, and judgments.
Reporting Known Departures from the Applicable Financial Reporting Framework
How should a departure from the applicable financial reporting framework be reported? Discuss the departure with management to see if it can be corrected. If it is not corrected, disclose the departure. How?
A departure from the applicable financial reporting framework should be disclosed either on the face of the financial statements or in a note. If it takes more than a few words to describe the departure, note disclosure may be the better option—you’ll have more room there. There is no provision in the preparation standard to disclose departures in the accountant’s disclaimer that precedes the financial statements.
AR-C 70 Other Historical or Financial Information
In addition to historical financial statements, AR-C 70 may be applied to the following:
Specified elements, accounts, or items of a financial statement, including schedules of:
Rents
Royalties
Profit participation, or
Income tax provisions
Supplementary information
Required supplementary information
Pro forma financial information
AR-C 70 Prospective Financial Information
AR-C 70 can be applied to prospective information.
Prospective financial information is defined as any financial information about the future.
Prospective financial information can be presented as:
A complete set of financial statements, or
One or more elements, items, or accounts
If you prepare prospective financial information, the summary of significant assumptions must be included Why? It is considered essential to the user’s understanding of such information.
If you prepare a financial projection, you should not exclude:
The identification of hypothetical assumptions, or
The description of the limitations on the usefulness of the presentation
AR-C 70 references the AICPA Guide Prospective Financial Information as suitable criteria for the preparation and presentation of prospective financial information.
AR-C 70 Prescribed Forms
Is it permissible to perform a preparation of financial statement engagement with regard to prescribed forms?
Yes. There is nothing in AR-C 70 that prohibits the accountant from performing a preparation engagement with regard to prescribed forms (e.g., bank personal financial statement). However, the accountant is required to follow all of the preparation guidance. Clients may not want to add wording to the prescribed forms such as “no assurance is provided” or “substantially all disclosures are omitted.” As an alternative to adding such wording, the accountant can provide a disclaimer before the prescribed form.
Selected notes can follow the form if needed. If this option is used, the order of the deliverable is as follows:
Disclaimer
Prescribed form
Selected notes
When a bank, credit union, regulatory or governmental agency, or other similar entity designs a prescribed form to meet its needs, there is a presumption that the required information is sufficient. What should be done if the prescribed form conflicts with the applicable basis of accounting? For example, what if the prescribed form requires all numbers to be in compliance with GAAP with the exception of receivables? Follow the form. In effect, the prescribed form is the reporting framework. Report departures from the prescribed form and its related instructions on the face of the financial statements (the form) or in a note.
Draft Financial Statements
The client may request a draft copy of the financial statements prior to final issuance. To avoid confusion, mark statements with words like:
Draft Financial Statements
Working Draft
Draft - Subject to Change
Preparation of Financial Statements - A Simple Summary
AR-C 70 is applicable when the accountant is engaged to prepare financial statements and is not applicable when the accountant is engaged to perform a compilation or if the accountant is merely assisting with bookkeeping
The objective of the accountant is to prepare financial statements in accordance with the chosen reporting framework
The financial statements can be prepared in accordance with GAAP or a special purpose reporting framework
The financial statements can be distributed to third parties (and not just management)
The accountant must either:
State on each financial statement page that “no assurance is provided,” or
Provide a disclaimer
Documentation requirements include:
The engagement letter, and
The financial statements
An engagement letter must be signed by:
The accountant or the accountant’s firm, and
Management or those charged with governance
No report (e.g., compilation report) is attached to the financial statements
Consideration of independence is not required
Substantially all disclosures can be omitted
The omission of substantially all disclosures should be:
Disclosed on the face of the financial statements, or
In a note
Selected disclosures can be provided
Departures from the applicable financial reporting framework should be:
Disclosed on the face of the financial statements, or
In a note
A preparation engagement can be applied to historical financial statements and historical information (e.g., specified items of a financial statement).
A preparation engagement can be applied to prospective financial information. The summary of significant assumptions must be included.
A preparation engagement can be performed in relation to prescribed forms (e.g., bank personal financial statements)
Mark draft financial statements with appropriate wording (e.g., Draft Financial Statements)
Auditors often fail to capture and communicate internal control weaknesses, even though such communications are required by the audit standards.
But making our clients aware of control weaknesses can help them. How? It allows them to improve their accounting system. The result: prevention of future fraud and errors.
In this article, I’ll show you how to capture and communicate internal control deficiencies. By doing so, you’ll add value to your audit servicesand you’ll help your client protect their business.
At the end of the post, you’ll also see a video that summarizes this information.
A Common End-of-Audit Problem
You are concluding another audit, and it’s time to consider whether you will issue a letter communicating internal control deficiencies. A month ago you noticed some control issues in accounts payable, but presently you’re not sure how to describe them. You hesitate to call the client to rehash the now-cold walkthrough. After all, the client thinks you’re done. But you know that boiler-plate language will not clearly communicate the weakness or tell the client how to fix the problem. Now you’re kicking yourself for not taking more time to document the control weakness (back when you initially saw it).
Here’s a post to help you capture and document internal control issues as you audit.
Capture and Communicate Internal Control Deficiencies
Today, we’ll take a look at the following control weakness objectives:
How to discover them
How to capture them
How to communicate them
As we begin, let’s define three types of weaknesses:
Material weaknesses – A deficiency, or a combination of deficiencies, in internal control, such that there is a reasonable possibility that a material misstatement of the entity’s financial statements will not be prevented, or detected and corrected, on a timely basis.
Significant deficiencies – A deficiency, or a combination of deficiencies, in internal control that is less severe than a material weakness yet important enough to merit attention by those charged with governance.
Other deficiencies – For purposes of this blog post, we’ll define other deficiencies as those less than material weaknesses or significant deficiencies.
Now let’s take a look at discovering, capturing, and communicating control weaknesses.
1. Discover Control Weaknesses
Capture control weaknesses as you perform the audit. You might identify control weaknesses in the following audit stages:
Planning – Risk assessment and walkthroughs
Fieldwork – Transaction-level work
Conclusion – Wrapping up
A. Planning Stage
You will discover deficiencies as you perform walkthroughs which are carried out in the early stages of the engagement. Correctly performed walkthroughs allow you to see process shortcomings and where duties are overly concentrated (what auditors refer to as a lack of segregation of duties).
Notice the first letters of these words spell CRAB (I know it’s cheesy, but it helps me remember).
Auditors often make statements such as, “Segregation of duties is not possible due to the limited number of employees.”
I fear such statements are made only to protect the auditor (should fraud occur in the future). It is better that we be specific about the control weakness and what the potential impact might be. For example:
The accounts payable clerk can add new vendors to the vendor file. Since checks are signed electronically as they are printed, there is a possibility that fictitious vendors could be added and funds stolen. Such amounts could be material.
Such a statement tells the client what the problem is, where it is, and the potential damage.
Fraud: A Cause of Misstatements
While I just described how a lack of segregation of duties can open the door to theft, the same idea applies to financial statement fraud (or cooking the books). When one person controls the reporting process, there is a higher risk of financial statement fraud.Appropriate segregation lessens the chance that someone will manipulate the numbers.
Within each transaction cycle, accounting duties need to be performed by different people. Doing so lessens the possibility of theft. If one person performs multiple duties, ask yourself, “Is there any way this person could steal funds?” If yes, then the client should add a control in the form of a second-person review.
If possible, the client should have a second person examine reports or other supporting documentation. How often should the review be performed? Daily, if possible. If not daily, as often as possible. Regardless, a company should not allow someone with the ability to steal to work alone without review. The fear of detection lessens fraud.
If a transaction cycle lacks segregation of duties, then consider the potential impact from the control weakness. Three possible impacts exist:
Theft that is material (material weakness)
Theft that is not material but which deserves the attention of management and the board anyway (significant deficiency)
Theft of insignificant amounts (other deficiency)
My experience has been that if any potential theft area exists, the board wants to know about it. But this is a decision you will make as the auditor.
Errors: Another Cause of Misstatements
While auditors should consider control weaknesses that allow fraud, we should also consider whether errors can lead to potential misstatements. So, ask questions such as:
Do the monthly financial statements ever contain errors?
Are invoices mistakenly omitted from the payable system?
Do employees forget to obtain purchase order numbers prior to buying goods?
Do bookkeepers fail to reconcile the bank statements on a timely basis?
B. Fieldwork Stage
While it is more likely you will discover process control weaknesses in the planning stage of an audit, the results of control deficiencies sometimes surface during fieldwork. How? Audit journal entries. What are audit entries but corrections? And corrections imply a weakness in the accounting system.
When an auditor makes a material journal entry, it’s difficult to argue that a material weakness does not exist. We know the error is “reasonably possible” (it happened). We also know that prevention did not occur on a timely basis.
C. Conclusion Stage
When concluding the audit, review all of the audit entries to see if any are indicators of control weaknesses. Also, review your internal control deficiency work papers (more on this in a moment). If you have not already done so, discuss the noted control weaknesses with management.
Your firm may desire to have a policy that only managers or partners make these communications. Why? Management can see the auditor’s comments as a criticism of their own work. After all, they designed the accounting system (or at least they oversee it). So, these discussions can be a little challenging.
Now let’s discuss how to capture control weaknesses.
2. Capture Internal Control Weaknesses
So, how do you capture the control deficiencies?
First, and most importantly, document internal control deficiencies as you see them.
Why should you document control weaknesses when you initially see them?
You may not be on the engagement when it concludes (because you are working elsewhere) or
You may not remember the issue (weeks later).
Second, create a standard form (if you don’t already have one) to capture control weaknesses.
Internal Control Capture Form
What should be in the internal control form? At a minimum include the following:
Check-mark boxes for:
Significant deficiency
Material weakness
Other control deficiency
Other issues (e.g., violations of laws or regulations)
Whether the probability of occurrence is at least reasonably possible and whether the magnitude of the potential misstatement is material
Description of the deficiency and the verbal or written communications to the client; also the client’s response
The cause of the condition
The potential effect of the condition
Recommendation to correct the issue
Person identifying the issue and the date of discovery
Whether the issue is a repeat from the prior year
An area for the partner to sign off that he or she agrees with the description of the deficiency and the category assigned to it (e.g., material weakness)
Reference to related documentation in the audit file
After capturing the weaknesses, it’s time to communicate them.
3. Communicate Control Weaknesses
Material weaknesses and significant deficiencies must be communicated in writing to management and those charged with governance. Other deficiencies can be given verbally to management, but you must document those discussions in your work papers.
Provide a draft of any written communications to management before issuing your final letter. That way if something is incorrect (your client will let you know), you can make it right–before it’s too late. Additionally, discuss the control weakness with relevant personnel when you initially discover it. You don’t want to surprise the client with adverse communications in the written internal control letter.
Internal Control Video Summary
Here’s a video that summarizes the information above.
Summary
The main points in capturing and communicating internal control deficiencies are:
Capture control weaknesses as soon as you see them
Develop a form to document the control weaknesses
Communicate significant deficiencies and material weaknesses in writing
These communications can be somewhat challenging since you’re telling management they need to make improvements. So make sure all information is correct and let your senior personnel do the communicating.
How Do You Capture and Report Control Deficiencies?
Whew! We’ve covered a lot of ground today. How do you capture and report control deficiencies? I’m always looking for new ideas: Please share.
This video provides an overview of the four opinions:
Unmodified Opinion
If there are no material misstatements, then you will issue an unmodified opinion. The unmodified opinion says the financial statements are presented fairly.
Example SAS 134 Unmodified Opinion
A sample unmodified audit opinion follows:
[Date]
INDEPENDENT AUDITOR’S REPORT
[Appropriate Addressee]
[Entity Name]
Opinion
We have audited the financial statements of [Entity Name], which comprise the balance sheets as of December 31, 2020 and 2019, and the related statements of income, changes in stockholders’ equity, and cash flows for the years then ended, and the related notes to the financial statements.
In our opinion, the accompanying financial statements present fairly, in all material respects, the financial position of [Entity Name] as of December 31, 2020 and 2019, and the results of its operations and its cash flows for the year then ended in accordance with accounting principles generally accepted in the United States of America.
Basis for Opinion
We conducted our audits in accordance with auditing standards generally accepted in the United States of America (GAAS). Our responsibilities under those standards are further described in the Auditor’s Responsibilities for the Audit of the Financial Statements section of our report. We are required to be independent of [Entity Name] and to meet our other ethical responsibilities, in accordance with the relevant ethical requirements relating to our audit. We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our audit opinion.
Responsibilities of Management for the Financial Statements
Management is responsible for the preparation and fair presentation of the financial statements in accordance with accounting principles generally accepted in the United States of America, and for the design, implementation, and maintenance of internal control relevant to the preparation and fair presentation of financial statements that are free from material misstatement, whether due to fraud or error.
In preparing the financial statements, management is required to evaluate whether there are conditions or events, considered in the aggregate, that raise substantial doubt about [Entity Name]’s ability to continue as a going concern for one year after the date that the financial statements are available to be issued.
Auditor’s Responsibilities for the Audit of the Financial Statements
Our objectives are to obtain reasonable assurance about whether the financial statements as a whole are free from material misstatement, whether due to fraud or error, and to issue an auditor’s report that includes our opinion. Reasonable assurance is a high level of assurance but is not absolute assurance and therefore is not a guarantee that an audit conducted in accordance with GAAS will always detect a material misstatement when it exists. The risk of not detecting a material misstatement resulting from fraud is higher than for one resulting from error, as fraud may involve collusion, forgery, intentional omissions, misrepresentations, or the override of internal control. Misstatements are considered material if there is a substantial likelihood that, individually or in the aggregate, they would influence the judgment made by a reasonable user based on the financial statements.
In performing an audit in accordance with GAAS, we:
Exercise professional judgment and maintain professional skepticism throughout the audit.
Identify and assess the risks of material misstatement of the financial statements, whether due to fraud or error, and design and perform audit procedures responsive to those risks. Such procedures include examining, on a test basis, evidence regarding the amounts and disclosures in the financial statements.
Obtain an understanding of internal control relevant to the audit in order to design audit procedures that are appropriate in the circumstances, but not for the purpose of expressing an opinion on the effectiveness of [Entity Name]’s internal control. Accordingly, no such opinion is expressed.
Evaluate the appropriateness of accounting policies used and the reasonableness of significant accounting estimates made by management, as well as evaluate the overall presentation of the financial statements.
Conclude whether, in our judgment, there are conditions or events, considered in the aggregate, that raise substantial doubt about [Entity Name]’s ability to continue as a going concern for a reasonable period of time.
We are required to communicate with those charged with governance regarding, among other matters, the planned scope and timing of the audit, significant audit findings, and certain internal control-related matters that we identified during the audit.
Firm Signature
Modified Opinions
If material misstatements are present, then a modified audit opinion is necessary. Modifications can also occur when you are unable to obtain sufficient appropriate audit evidence; for instance, when a scope limitation is present.
Definitions
AU-C 705 defines a modified opinion as a (1) qualified opinion, (2) an adverse opinion, or (3) a disclaimer of opinion.
Another key definition in AU-C 705 is that of pervasiveness. This term is used in the context of misstatements; so if a material misstatements are present, you’ll want to know if they are pervasive. Two factors–material misstatements and pervasiveness–affect the type of opinion to be issued. Additionally, the ability or inability to obtain sufficient appropriate audit evidence affects the type of opinion to be issued. A misstatement (or possible misstatement) is pervasive if:
It’s not confined to specific accounts or items of the financial statement, or
If confined, the amount represents a substantial portion of the financial statements, or
If in relation to disclosures, the information is fundamental to the users’ understanding of the financial statements
For example, if material misstatements are present for inventory, receivables, and debt, they are pervasive. Or if, in another example, inventory makes up 60% of total assets and a material misstatement is present in that area, then it’s pervasive. Lastly, if key disclosures are not appropriately communicated or if they are omitted, then that is pervasive.
Now, let’s look at the three modified opinions.
1. Qualified Opinion
Suppose your audit reveals inventories are materially misstated, the client does not record your proposed audit adjustment, and there are no other material misstatements. If this is your situation (a material misstatement exists that is not pervasive), then audit standards allow for the issuance of a qualified opinion.
Here is sample qualified opinion language (this is not the full opinion):
Qualified Opinion
We have audited the financial statements of ABC Company, which comprise the balance sheets as of December 31, 20X1 and 20X0, and the related statements of income, changes in stockholders’ equity, and cash flows for the years then ended, and the related notes to the financial statements.
In our opinion, except for the effects of the matter described in the Basis for Qualified Opinion section of our report, the accompanying financial statements present fairly, in all material respects, the financial position of ABC Company as of December 31, 20X1 and 20X0, and the results of its operations and its cash flows for the years then ended in accordance with accounting principles generally accepted in the United States of America.
Basis for Qualified Opinion
The Company has property with impaired value. The impairment occurred in 20X9. Accounting principles generally accepted in the United States of America require that impaired assets be written down to their fair market value. The Company continues to reflect the property at cost. If the property was stated at fair value upon impairment, total assets and stockholder’s equity would have been reduced by $X,XXX,XXX as of December 31, 20X1 and 20X0, respectively.
2. Adverse Opinion
Now let’s suppose that you are auditing a consolidated entity, and your client is not willingto include a material subsidiary and which, if included, would have a pervasive impact on the statements.
Here is sample adverse opinion language (this is not the full opinion):
Adverse Opinion
We have audited the consolidated financial statements of ABC Company and its subsidiaries, which comprise the consolidated balance sheet as of December 31, 20X1, and the related consolidated statements of income, changes in stockholders’ equity, and cash flows for the year then ended, and the related notes to the financial statements.
In our opinion, because of the significance of the matter discussed in the Basis for Adverse Opinion section of our report, the accompanying consolidated financial statements do not present fairly the financial position of ABC Company and its subsidiaries as of December 31, 20X1, or the results of their operations or their cash flows for the year then ended in accordance with accounting principles generally accepted in the United States of America.
Basis for Adverse Opinion
As described in Note X, The Golfing Company has not consolidated the financial statements of its subsidiary Easy-Go Company that it acquired during 20X1. This investment is accounted for on a cost basis by The Golfing Company. Under accounting principles generally accepted in the United States of America, the subsidiary should have been consolidated. Had Easy-Go Company been consolidated, many elements in the accompanying consolidated financial statements would have been materially affected. The effects on the consolidated financial statements of the failure to consolidate have not been determined.
3. Disclaimer of Opinion
Finally, let’s suppose you are performing an audit in which insufficient audit information is provided with regard to receivables and inventories (both of which are material) and that the misstatements have a pervasive impact on the financial statements as a whole.
Here is sample disclaimer of opinion language (this is not the full opinion):
Disclaimer of Opinion
We were engaged to audit the financial statements of ABC Company, which comprise the balance sheet as of December 31, 20X1, and the related statements of income, changes in stockholders’ equity, and cash flows for the year then ended, and the related notes to the financial statements.
We do not express an opinionon the accompanying financial statements of ABC Company. Because of the significance of the matters described in the Basis for Disclaimer of Opinion section of our report, we have not been able to obtain sufficient appropriate audit evidence to provide a basis for an audit opinion on these financial statements.
Basis for Disclaimer of Opinion
The Company’s accounting system was hacked during the year by an unknown party, resulting in a series of changes in accounting entries. Additionally, the Company was unable to restore the accounting system. As a result of these matters, we were unable to determine the adjustments that were necessary to correct the balance sheet, statement of income, changes in stockholder’s equity, and cash flow statement as of and for the year ended December 31, 20X1.
Effective Date of SAS 134
The new SAS 134 opinions are required for periods ending on or after December 15, 2021.
Resolving Conflict with Clients
If, as described above, you have a client that is unwilling to post a material audit adjustment, consider creating a draft of the opinion and providing it to them. This is not a threat, just a way to clearly communicate the effect of not posting the adjustment.
Before doing anything, allow the client to fully explain their position. A modified opinion may not be necessary once you understand the facts. But if after the discussion, the you are still convinced there is a material misstatement, a modified opinion may be necessary.
In some cases, you may want to consider withdrawing from the engagement. Consult with your legal counsel before doing so.
Audit Opinion Research
Deciding on the opinion is often the most important decision you will make in an audit. So, do your research, and, if needed, consult with others to gain assurance about your decisions. AU-C 705: Modifications to the Opinion in the Independent Auditor’s Report provides several sample opinions; so refer to those as you create any modified opinions including qualified, adverse, or disclaimer. See AU-C 700: Forming an Opinion and Reporting on Financial Statements for information about unmodified opinions.
Seven deadly audit sins can destroy you. These audit mistakes kill your profits and effectiveness.
You just completed an audit project, and you have another significant write-down. Last year’s audit hours came in well over budget, and—at the time—you thought, This will not happen again. But here it is, and it’s driving you insane.
Insanity: doing the same thing year after year but expecting different results.
Are you ready for better results?
Audit Mistakes
Here are seven deadly (audit) sins that cause our engagements to fail.
1. We don’t plan
Rolling over the prior year file does not qualify as planning. Using canned audit programs is not planning.
What do I mean? We don’t know what has changed. Why? Because we have not performed real risk assessment such as current year walkthroughs. We have not (really) thought about current year risks of material misstatement.
Each year, audits have new wrinkles.
Are there any fraud rumors? Has the CFO left without explanation? Have cash balances decreased while profits increased? Does the client have a new accounting program or new staff? Can you still obtain the reports you need? Are there any new audit or accounting standards?
Anticipate issues and be ready for them with a real audit plan.
2. SALY lives
Elvis may not be in the house, but SALY is.
Performing the same audit steps is wasteful. Just because we needed the procedure ten years ago does not mean we need it today. Kill SALY. (No, I don’t mean your staff member; SALY stands for Same As Last Year).
I find that audit files are like closets. We allow old thoughts (clothes) to accumulate without purging. It’s high time for a Goodwill visit. After all, this audit mistake has been with you too long. So ask yourself Are all of the prior audit procedures relevant to this year’s engagement?
Will better planning require us to think more in the early phases of the engagement? Yes. Is this hard work? Yes. Will it result in less overall effort? Yes.
Sometimes the Saly issue occurs because of weak staff.
3. We use weak staff
Staffing your engagement is the primary key to project success. Excellent staff makes a challenging engagement pan out well. Poor staff causes your engagement time to balloon–lots of motion, but few results. Maybe you have smart people, but they need training. Consider AuditSense.
Another audit mistake is weak partner involvement.
4. We don’t monitor
Partners must keep an eye on the project. And I don’t mean just asking, “How’s it going?” Look in the audit file. See what is going on. In-charges will usually tell you what you want to hear. They hope to save the job on the final play, but a Hail Mary often results in a lost game.
As Ronald Reagan once said: Trust but verify.
Engagement partners need to lead and monitor. They also need to provide the right technology tools.
5. We use outdated technology
Are you paperless? Using portable scanners and monitors? Are your auditors well versed in Adobe Acrobat? Are you electronically linking your trial balances to Excel documents? Do you use project management software (e.g., Basecamp)? How about conferencing software (e.g., Zoom)? Do you have secure remote access to audit files? Do you store files securely in the cloud (e.g., Box)? Are you using data mining software such as Idea? Do you send electronic confirmations?
Do your staff members fear you so much that they don’t give you the bad news?
6. Staff (intentionally) hide problems
Remind your staff that bad news communicated early is always welcome.
Early communication of bad news should be encouraged and rewarded (yes, rewarded, assuming the employee did not cause the problem).
Sometimes leaders unwittingly cause their staff to hide problems. In the past, we may have gone ballistic on them–now they fear the same.
And here’s one last audit mistake: no post-engagement review.
7. No post-engagement review
Once our audit is complete, we should honestly assess the project. Then make a list of inefficiencies or failures for future reference.
If you are a partner, consider a fifteen-minute meeting with staff to go over the list.
