Financial Statements with a GAAP Departure (How to Issue)

By Charles Hall | Accounting and Auditing

Can CPAs intentionally issue financial statements with a GAAP departure? Yes. And sometimes it might be preferable. 

I received a phone call last week from a CPA asking if he could issue a balance sheet with a GAAP departure? His client's bank requested a GAAP balance sheet with an intentional departure (the bank wanted one number to be shown at fair value and GAAP calls for cost). 

I advised the CPA how to issue financial statements with an intentional GAAP departure. Watch the video to see how..

One caution in issuing financial statements with a GAAP departure: The AICPA Code of Conduct does not allow a CPA to issue financial statements that are intentionally misleading. So, always communicate the departure. Departures from reporting frameworks should never be hidden.

The video refers to selected disclosures. You can see information about selected disclosures here.

The video also discusses AR-C 70, Preparation of Financial Statements. You can see information about AR-C 70 here.

Going Concern: How to Understand the Accounting and Auditing Standards

By Charles Hall | Accounting , Auditing

Are you preparing financial statements and wondering whether you need to include going concern disclosures? Or maybe you’re the auditor, and you’re wondering if a going concern paragraph should be added to the audit opinion. You’ve heard there are new requirements for both management and auditors, but you’re not sure what they are.

This article summarizes (in one place) the new going concern accounting and auditing standards.

Going Concern Standards

For many years the going concern standards were housed in the audit standards–thus, the need for FASB to issue accounting guidance (ASU 2014-15). It makes sense that FASB created going concern disclosure guidance. After all, disclosures are an accounting issue. 

Accounting Standard

ASU 2014-15, Disclosure of Uncertainties about an Entity’s Ability to Continue as a Going Concern, provides guidance in preparing financial statements. This standard was effective for years ending after December 15, 2016.

GASB Statement 56, Codification of Accounting and Financial Reporting Guidance Contained in the AICPA Statements on Auditing Standards, is the relevant going concern standard for governments. GASB 56 was issued in March 2009. (GASB 56 requires financial statement preparers to evaluate whether there is substantial doubt about a governmental entity’s ability to continue as a going concern for 12 months beyond the date of the financial statements. As you will see below, this timeframe is different from the one called for under ASU 2014-15. This post focuses on ASU 2014-15 and SAS 132.)

Meanwhile, the Auditing Standards Board issued their own going concern standard in February 2017: SAS 132.

Auditing Standard

Auditors will use SAS 132, The Auditor’s Consideration of an Entity’s Ability to Continue as a Going Concern, to make going concern decisions. This SAS is effective for audits of financial statements for periods ending on or after December 15, 2017. SAS 132 amends SAS 126, The Auditor’s Consideration of an Entity’s Ability to Continue as a Going Concern.

So, let’s take a look at how to apply ASU 2014-15 and SAS 132.

Two Stages of Going Concern Decisions

In the past, the going concern decisions were made by auditors in a single step. Now, it is helpful to think of going concern decisions in two stages:

1. Management decisions concerning the preparation of financial statements 
2. Auditor decisions concerning the audit of the financial statements

First, we’ll consider management’s decisions.

Stage 1. Management Decisions

ASU 2014-15 provides guidance concerning management’s determination of whether there is substantial doubt regarding the entity’s ability to continue as a going concern.

What is Substantial Doubt?

So, how does FASB define substantial doubt? 

Substantial doubt about the entity’s ability to continue as a going concern is considered to exist when aggregate conditions and events indicate that it is probable that the entity will be unable to meet obligations when due within one year of the date that the financial statements are issued or are available to be issued.

What is Probable?

So, how does management determine if “it is probable that the entity will be unable to meet obligations when due within one year”?

Probable means likely to occur. 

If for example, a company expects to miss a debt service payment in the coming year, then substantial doubt exists. This initial assessment is made without regard to management’s plans to alleviate going concern conditions. 

ASC 205-40-50-4 says:

The evaluation initially shall not take into consideration the potential mitigating effect of management’s plans that have not been fully implemented as of the date that the financial statements are issued (for example, plans to raise capital, borrow money, restructure debt, or dispose of an asset that have been approved but that have not been fully implemented as of the date that the financial statements are issued).

But what factors should management consider?

Factors to Consider

Management should consider the following factors when assessing going concern:

• The reporting entity’s current financial condition, including the availability of liquid funds and access to credit
• Obligations of the reporting entity due or new obligations anticipated within one year (regardless of whether they have been recognized in the financial statements)
• The funds necessary to maintain operations considering the reporting entity’s current financial condition, obligations, and other expected cash flows
• Other conditions or events that may affect the entity’s ability to meet its obligations

Moreover, management is to consider these factors for one year. But from what date?

Timeframe

The financial statement preparer (i.e., management or a party contracted by management) should assess going concern in light of one year from the date “the financial statements are issued or are available to be issued.”

So, if December 31, 2017, financial statements (for a nonpublic company) are available to be issued on March 15, 2017, the preparer looks forward one year from March 15, 2017. Then, the preparer asks, “Is it probable that the company will be unable to meet its obligations through March 15, 2018?” If yes, substantial doubt is present and disclosures are necessary. If no, then substantial doubt does not exist. As you would expect, the answer to this question determines whether going concern disclosures are to be made and what should be included.

Substantial Doubt Answer Determines Disclosures

If substantial doubt does not exist, then going concern disclosures are not necessary.

If substantial doubt exists, then the company needs to decide if management’s plans alleviate the going concern issue. This decision determines the disclosures to be made. The required disclosures are based upon whether:

1. Management’s plans alleviate the going concern issue
2. Management’s plans do not alleviate the going concern issue

1. What if Management’s Plans Alleviate the Going Concern Issue?

If conditions or events raise substantial doubt about an entity’s ability to continue as a going concern, but the substantial doubt is alleviated as a result of consideration of management’s plans, the entity should disclose information that enables users of the financial statements to understand all of the following (or refer to similar information disclosed elsewhere in the footnotes):

1. Principal conditions or events that raised substantial doubt about the entity’s ability to continue as a going concern (before consideration of management’s plans)
2. Management’s evaluation of the significance of those conditions or events in relation to the entity’s ability to meet its obligations
3. Management’s plans that alleviated substantial doubt about the entity’s ability to continue as a going concern

Management’s plans should be considered only if is it probable that they will be effectively implemented. Also, it must be probable that management’s plans will be effective in alleviating substantial doubt.

So, if management’s plans are expected to work, does the company have to explicitly state that management’s plans will alleviate substantial doubt? No. 

When management’s plans alleviate substantial doubt, companies need not use the words going concern or substantial doubt in the disclosures. And as Sears discovered, it may not be wise to do so (their shares dropped 16% after using the term substantial doubt even though management had plans to alleviate the risk). Rather than using the term substantial doubt, consider describing conditions (e.g., cash flows are not sufficient to meet obligations) and management plans to alleviate substantial doubt.

Sample Note – Substantial Doubt Alleviated

An example note follows:

Note 2 – Company Conditions

The Company had losses of $4,525,123 in the year ending March 31, 2017. As of March 31, 2017, its accumulated deficit is $11,325,354. 

Management believes the Company’s present cash flows will not enable it to meet its obligations for twelve months from the date these financial statements are available to be issued. However, management is working to obtain new long-term financing. It is probable that management will obtain new sources of financing that will enable the Company to meet its obligations for the twelve-month period from the date the financial statements are available to be issued.

Notice this example does not use the words substantial doubt.

2. What if Management’s Plans Do Not Alleviate the Going Concern Issue?

If conditions or events raise substantial doubt about an entity’s ability to continue as a going concern, and substantial doubt is not alleviated after consideration of management’s plans, an entity should include a statement in the notes indicating that there is substantial doubt about the entity’s ability to continue as a going concern within one year after the date that the financial statements are available to be issued (or issued when applicable). Additionally, the entity should disclose information that enables users of the financial statements to understand all of the following:

1. Principal conditions or events that raise substantial doubt about the entity’s ability to continue as a going concern
2. Management’s evaluation of the significance of those conditions or events in relation to the entity’s ability to meet its obligations
3. Management’s plans that are intended to mitigate the conditions or events that raise substantial doubt about the entity’s ability to continue as a going concern

Sample Disclosure – Substantial Doubt Not Alleviated

An example disclosure follows:

ASU 2014-15 Summary

Stage 2. Auditor Decisions

SAS 132 provides guidance concerning the auditor’s consideration of an entity’s ability to continue as a going concern.

Objectives of the Auditor

SAS 132, paragraph 10, states the objectives of the auditor are as follows:

An example of a going concern paragraph is as follows:

The accompanying financial statements have been prepared assuming that the Company will continue as a going concern. As discussed in Note 2 to the financial statements, the Company has suffered recurring losses from operations, has a net capital deficiency, and has stated that substantial doubt exists about the company’s ability to continue as a going concern. Management’s evaluation of the events and conditions and management’s plans regarding these matters are also described in Note 2. The financial statements do not include any adjustments that might result from the outcome of this uncertainty. Our opinion is not modified with respect to this matter.

The auditor should not use conditional language regarding the existence of substantial doubt about the entity’s ability to continue as a going concern. 

Opinion – Inadequate Going Concern Disclosures

Paragraph 26. of SAS 132 states that an auditor should issue a qualified opinion or an adverse opinion, as appropriate, when going concern disclosures are not adequate.

SAS 132 Summary 

Now, let’s circle back to where we started and review the objectives of SAS 132.

The objectives are as follows:

• Conclude about whether the going concern basis of accounting is appropriate
• Determine whether substantial doubt is present
• Determine whether the going concern disclosures are adequate
• Issue an appropriate opinion 

Conclusion

As you can see ASU 2014-15 and SAS 132 are complex. So, make sure you are using the most recent updates to your disclosure checklists and audit forms and programs.

Finally, keep in mind that going concern is also relevant to compilation and review engagements.

CPAHallTalk.com is Now Live

By Charles Hall | Accounting and Auditing

CPAHallTalk.com is now live!

My blog’s name was formerly CPAScribo.com. Now it’s CPAHallTalk.com. Why the change? To make it more recognizable and memorable. 

I started CPAScribo.com six years ago. At the time, I had no readers, and honestly, the blog was not very good. Still, it was my way of serving CPAs. Limited, yes, but over time, more effective and useful to you–my reader. 

And that’s what CPAHallTalk.com is all about–you. I want—in my own small way—to make you better. Someone in the know. Someone efficient. Someone effective.

Over time, the information in CPAScribo.com (now CPAHallTalk.com) has increased—numbering in the hundreds of articles. Also, the readership has grown. For 2018, I anticipate over 180,000 unique visitors. Additionally, over 1,500 subscribers receive my free periodic newsletters by email.

What’s my focus? To provide information to CPAs (mainly in the United States) concerning auditing, accounting, fraud, and technology. 

What’s my style? I try to write in a manner that feels like a chat, some Hall Talk if you will. My desire is to make the difficult easy (or at least easier).

What’s to come? I will provide more information to assist you in staying current. In what areas? Accounting and auditing standards, fraud prevention and detection, and the use of technology in your CPA firm. We are in a period of unprecedented change. Artificial intelligence. Data analytics. Blockchain. New accounting and auditing standards. New audit software. So, I want to help you keep up.

Your suggestions? If you have suggestions for future posts, please email me or include them in the comment box below.

Here at CPAHallTalk.com I look forward to serving you and building an even stronger relationship. Cheers.

10 Steps to Make Work Papers Sparkle

By Charles Hall | Accounting and Auditing , SSARS

In this post, I provide ten steps to make work papers sparkle.

Have you ever been insulted by a work paper review note?

Your tickmarks look like something created by my child.

Rather than providing guidance, the comment feels like an assault.

Or maybe you are the reviewer–you stare at a work paper for several minutes–and you’re thinking, “what the heck is this?” Your stomach tightens and you say out loud, “I don’t have time for this.”

There are ways to create greater clarity in your work papers.

Make Work Papers Sparkle

Here are ten steps to make your work papers sparkle.

1. Timely review work papers. The longer the in-charge waits to review work papers, the harder it is for the staff person to remember what they did and, if needed, to make corrections. Also, consider that the staff person may be reassigned to another job. Therefore, he may not be available to clear the review notes.
2. Communicate the work paper’s purpose.

a.  An unclear work paper is like a stone wall. It blocks communication.

b.  State the purpose of the work paper; for example:

Purpose of Work Paper – To search for unrecorded liabilities as of December 31, 2018. Payments greater than $30,000 made from January 1, 2019, through March 5, 2019, were examined for potential inclusion in accounts payable.

Or:

Purpose of Work Paper – To provide a detail of accounts receivable that agrees with the trial balance; all amounts greater than $20,000 agreed to subsequent receipt.

If the person creating the work paper can’t state the purpose, then maybe there is none. It’s possible that the staff person is trying to copy a work paper from the prior year that (also) had no purpose.

Click Purpose Notation Explanation for brief audio comment.

c.  All work papers should satisfy a part of the audit program (plan). No corresponding audit program step? Then the audit program should be updated to include the step—or maybe the work paper isn’t needed at all.

3.  The preparer should sign off on each work paper  (so it’s clear who created it).

4. Audit program steps should be signed off as the work is performed (not at the end of the audit–just before review). The audit program should drive the audit process—not the prior year work papers.

5.  Define tickmarks.

6.  Reference work papers. (If you are paperless, use electronic links.)

7.  Communicate the reason for each journal entry.

The following explanation would not be appropriate:

To adjust to actual.

A better explanation:

To reverse client-prepared journal entry 63 that was made to accrue the September 10, 2018, Carter Hardware invoice for $10,233.

8.   When in doubt, leave it out.

Far too many documents are placed in the audit file simply because the client provided them. Moreover, once the work paper makes its way into the file, auditors get “remove-a-phobia“–that dreaded sense that if the auditor removes the work paper, he may need it later.

If you place those unneeded documents in your audit file and do nothing with them, they may create potential legal issues. I can hear the attorney saying, “Mr. Hall, here is an invoice from your audit file that reflects fraud.”

Again, does the work paper have a purpose?

My suggestion for those in-limbo work papers: Place them in a “file 13” stack until you are completely done. Then–once done–destroy them. I place these work papers in a recycle bin at the bottom of my work paper tree. 

9.  Complete forms. Blanks should not appear in completed forms (use N/A where necessary).

10. Always be respectful in providing feedback to staff. It’s too easy to get frustrated and say or write things we shouldn’t. For instance, your audit team is more receptive to:

Consider providing additional detail for your tickmark: For instance–Agreed invoice to cleared check payee and dollar amount.

This goes over better than:

You failed to define your tickmark–again?

Last Remarks

What other ways do you make your work papers sparkle? Comment below.

You may also be interested in a related post: 7 Steps to Effectively Review Financial Statements. Also, see If It’s Not Documented, It’s Not Done.

CPAHallTalk.com is My New Blog Name (June 1)

By Charles Hall | Accounting and Auditing

CPA-Scribo.com is about to become CPAHallTalk.com.

Last week I decided to change the name of my blog. So, I reached out to my regular subscribers and asked for their assistance. I offered a $200 Amazon gift card to the winner. I couldn’t believe the response.

How many suggestions did I receive? Over 200! I was blown away.

And who is the winner? Sara Laidlaw (Www.asbinc.net) from Savannah, Georgia.

Thanks, Sara, for the new name.

If you key in CPA-Scribo.com after the change on June 1, you’ll automatically redirect to the new URL: CPAHallTalk.com.

Thanks much to everyone that participated! My subscribers are the best. At present, the blog has over 1,500 subscribers. So, come on and join the party. You can subscribe below.

The blog is on track to have over 180,000 visitors this year. 

Corporate Account Takeover (the Importance of Using Bank Security Procedures)

By Charles Hall | Accounting and Auditing , Fraud , Local Governments

Some thieves gain control of company bank accounts using a corporate account takeover scheme. And with that control, they steal money. Below you’ll see how this type of theft occurs.

On March 17, 2010, cyber thieves hacked into the computers of Choice Escrow and stole the login ID and password to their online banking account. With that information, the thieves were able to submit a $440,000 wire transfer from Choice Escrow’s bank account to an account in Cyprus.

Courtesy of istockphoto.com

When Choice Escrow and the bank were unable to resolve their differences, Choice Escrow filed suit. The back-and-forth legal battle lasted until March 18, 2013, when a court ruled the loss was the responsibility of Choice Escrow. A major determining factor in the decision was Choice Escrow’s refusal of the dual control security mechanism offered by Bancorpsouth Bank. According to Article 4A of the Uniform Commercial Code, if an institution offers a reasonable security procedure to a commercial customer and that customer turns down that security procedure, then the customer is liable in the event of a loss.

Bancorpsouth Bank offered dual control to Choice Escrow twice. Not only did the bank offer this security feature to Choice Escrow, but Bancorpsouth also documented the customer’s refusal to use the security feature. The documentation of the customer’s refusal of the security features was a determining factor in this case. From a bank’s perspective, this case underscores the importance of a written agreement with commercial online banking customers and, more importantly, the importance of documenting the security procedures offered to those customers. From a user’s perspective, the case highlights the need to use the security procedures offered.

Corporate Account Takeover

Corporate account takeover is a term which has become more prevalent over recent years. Generally speaking, corporate account takeover occurs when an unauthorized person or entity gains access or control over another entity’s finances or bank accounts. This usually results in the theft of money in the form of fraudulent wire transfers or ACH transactions.

These fraud schemes first began to be noticed in 2005 but have since become much more widespread and frequent. Recent statistics have revealed that the fraudsters carrying out these schemes are actually becoming less successful in getting money out of a bank account. This reduction is due to both increased efforts on the part of the financial institutions, as well as better education of the customer to help them avoid becoming a target.

Usually, the financial institutions themselves are not the targets of the attack but rather the corporate customers of the institution. Using malware, social engineering, and various other methods, the fraudster obtains information about the customer’s online banking credentials. Once the online banking credentials have been obtained, a request for wire or ACH transfers is placed by the thief. Any business may be targeted for these types of attacks, but those at risk mostly are small businesses, governments, and nonprofits who have limited resources to protect against such threats.

Audit Planning Analytics: What You Need to Know

By Charles Hall | Auditing

You can identify risks of material misstatement with audit planning analytics. 

Audit Planning Analytics

The auditing standards provide four risk assessment procedures: 

1. Inquiry
2. Observation
3. Inspection
4. Analytical procedures

I previously provided you with information about the first three risk assessment procedures. Today, I provide you with the fourth, analytical procedures.

While analytical procedures should occur at the beginning and the end of an audit, this post focuses on planning analytics.

Below I provide the quickest and best way to develop audit planning analytics. 

What are Analytics?

If you're not an auditor, you may be wondering, "what are analytics?" Think of analytics as the use of numbers to determine reasonableness. For example, if a company's cash balance at December 31, 2017, was $100 million, is it reasonable for the account to be $5 million at December 31, 2018? Comparisons such as this one assist auditors in their search for errors and fraud.

Overview of this Post

We'll cover the following:

• The purpose of planning analytics
• When to create planning analytics (at what stage of the audit)
• Developing expectations 
• The best types of planning analytics
• How to document planning analytics
• Developing conclusions 
• Linkage to the audit plan

Purpose of Planning Analytics

The purpose of planning analytics is to identify risks of material misstatement. Your goal as an auditor is to render an opinion regarding the fairness of the financial statements. So, like a good sleuth, you are surveying the accounting landscape to see if material misstatements exist.

A detective investigates a crime scene using various tools: fingerprints, forensic tests, interviews, timelines. Auditors have their own tools: inquiry, observation, inspection, analytical procedures. Sherlock Holmes looks for the culprit. The auditor (and I know this isn't as sexy) looks for material misstatements. 

The detective and the auditor are both looking for the same thing: evidence. And the deft use of tools can lead to success. A key instrument (procedure) available to auditors is planning analytics. 

When to Create Planning Analytics

Create your preliminary analytics after gaining an understanding of the entity. Why? Context determines reasonableness of numbers. And without context (your understanding of the entity), changes in numbers from one year to the next may not look like a red flag--though maybe they should.

Therefore, learn about the entity first. Are there competitive pressures?  What are the company's objectives? Are there cash flow issues? What is the normal profit margin percentage? Does the organization have debt? Context creates meaning.

Additionally, create your comparisons of numbers prior to creating your risk assessments. After all, the purpose of the analytical comparisons is to identify risk.

But before creating your planning analytics, you first need to know what to expect.

Developing Expectations 

Knowing what to expect provides a basis for understanding the changes in numbers from year to year. 

Expectations can include:

• Increases in numbers
• Decrease in numbers
• Stable numbers (no significant change)

In other words, you can have reasons to believe payroll (for example) will increase or decrease. Or you might anticipate that salaries will remain similar to last year.

Examples of Expectations Not Met

Do you expect sales to decrease 5% based on decreases in the last two years? If yes, then an increase of 15% is a flashing light.

Or maybe you expect sales to remain about the same as last year? Then a 19% increase might be an indication of financial statement fraud.

But where does an auditor obtain expectations?

Sources of Expectations

Expectations of changes can come from (for example):

• Past changes in numbers 
• Discussions with management about current year operations
• Reading the company minutes
• Staffing reductions
• Non-financial statistics (e.g., decrease the number of widgets sold)
• A major construction project

While you'll seldom know about all potential changes (and that's not the goal), information--such as that above--will help you intuit whether change (or a lack of change) in an account balance is a risk indicator.

Now, let's discuss the best types of planning analytics. 

The Best Types of Planning Analytics

Auditing standards don't specify what types of planning analytics to use. But some, in my opinion, are better than others. Here's my suggested approach (for most engagements). 

First, create your planning analytics at the financial statement reporting level. Why? Well, that's what the financial statement reader sees. So, why not use this level (if you can)? (There is one exception in regard to revenues. See Analytics for Fraudulent Revenue Recognition below.)

The purpose of planning analytics is to ferret out unexpected change. Using more granular information (e.g., trial balance) muddies the water. Why? There's too much information. You might have three hundred accounts in the trial balance and only fifty at the financial statement level. Chasing down trial-balance-level changes can be a waste of time. At least, that's the way I look at it.

Second, add any key industry ratios tracked by management and those charged with governance. Often, you include these numbers in your exit conference with the board (maybe in a slide presentation). If those ratios are important at the end of an audit, then they're probably important in the beginning.

Examples of key industry ratios include:

• Inventory turnover
• Return on equity
• Days cash on hand
• Gross profit 
• Debt/Equity 

Okay, so we know what analytics to create, but how should we document them?

Analytics for Fraudulent Revenue Recognition

AU-C 240.22 says, "the auditor should evaluate whether unusual or unexpected relationships that have been identified indicate risks of material misstatement due to fraud. To the extent not already included, the analytical procedures, and evaluation thereof, should include procedures relating to revenue accounts." 

The auditing standards suggest a more detailed form of analytics for revenues. AU-C 240.A25 offers the following:

• ​a comparison of sales volume, as determined from recorded revenue amounts, with production capacity. An excess of sales volume over production capacity may be indicative of recording fictitious sales.
• ​a trend analysis of revenues by month and sales returns by month, during and shortly after the reporting period. This may indicate the existence of undisclosed side agreements with customers involving the return of goods, which, if known, would preclude revenue recognition.
• ​a trend analysis of sales by month compared with units shipped. This may identify a material misstatement of recorded revenues.

In light of these suggested procedures, it may be prudent to create revenue analytics at a more granular level than that shown in the financial statements.

How to Document Planning Analytics

Here are my suggestions for documenting your planning analytics.

1. Document overall expectations.
2. Include comparisons of prior-year/current-year numbers at the financial statement level. (You might also include multiple prior year comparisons if you have that information.)
3. Document key industry ratio comparisons.
4. Summarize your conclusions. Are there indicators of increased risks of material misstatement? Is yes, say so. If no, say so.

Once you create your conclusions, place any identified risks on your summary risk assessment work paper (where you assess risk at the transaction level--e.g., inventory).

Use Filtered Analytical Reports with Caution (if at all)

Some auditors use filtered trial balance reports for their analytics. For instance, all accounts with changes of greater than $30,000. There is a danger in using such thresholds. 

What if  you expect a change in sales of 20% (approximately $200,000) but your filters include:

•  all accounts with changes greater than $50,000, and 
• all accounts with changes of more than 15%

If sales remain constant, then this risk of material misstatement (you expected change of 20%, but it did not happen) fails to appear in the filtered report. The filters remove the sales account because the change was minimal. Now, the risk may go undetected.

Developing Conclusions

I am a believer in documenting conclusions on key work papers. So, how do I develop those conclusions? And what does a conclusion look like on a planning analytics work paper?

First, develop your conclusions. How? Scan the comparisons of prior year/current year numbers and ratios. We use our expectations to make judgments concerning the appropriateness of changes and of numbers that remain stable. Remember this is a judgment, so, there's no formula for this. 

No Risk Identified

Now, you'll document your conclusions. But what if there are no unexpected changes? You expected the numbers to move in the manner they did. Then no identified risk is present. Your conclusion will read, (for example):

Conclusion: I reviewed the changes in the accounts and noted no unexpected changes. Based on the planning analytics, no risks of material misstatement were noted.

Risk Identified

Alternatively, you might see unexpected changes. You thought certain numbers would remain constant, but they moved significantly. Or you expected material changes to occur, but they did not. Again, document your conclusion. For example:

Conclusion: I expected payroll to remain constant since the company's workforce stayed at approximately 425 people. Payroll expenses increased, however, by 15% (almost $3.8 million). I am placing this risk of material misstatement on the summary risk assessment work paper at 0360 and will create audit steps to address the risk.

Now, it's time to place the identified risks (if there are any) on your summary risk assessment form.

Linkage to the Audit Plan

I summarize all risks of material misstatements on my summary risk assessment form. These risks might come from walkthroughs, planning analytics or other risk assessment procedures. Regardless, I want all of the identified risks--those discovered in the risk assessment process--in one place.

The final step in the audit risk assessment process is to link your identified risks to your audit program. 

Overview of Risk Assessment and Linkage

Now, I tailor my audit program to address the risks. Tailoring the audit program to respond to identified risks is known as linkage.

Audit standards call for the following risk assessment process:

• Risk assessment procedures (e.g., planning analytics)
• Identification of the risks of material misstatement
• Creation of audit steps to respond to the identified risks (linkage)

Summary of Planning Analytics Considerations

So, now you know how to use planning analytics to search for risks of material misstatement--and how this powerful tool impacts your audit plan.

Let's summarize what we've covered:

1. Planning analytics are created for the purpose of identifying risks of material misstatement
2. Develop your expectations before creating your planning analytics (learn about the entity's operations and objectives; review past changes in numbers for context--assuming you've performed the audit in prior years)
3. Create analytics at the financial statement level, if possible
4. Use key industry ratios 
5. Conclude about whether risks of material misstatement are present
6. Link your identified risks of material misstatement to your audit program

If you have thoughts or questions about this post, please let me know below in the comments box. Thanks for reading.

First-Year Businesses and Planning Analytics

You may be wondering, "but what if I my client is new?" New entities don't have prior numbers. So, how can you create planning analytics? 

First Option

One option is to compute expected numbers using non-financial information. Then compare the calculated numbers to the general ledger to search for unexpected variances.

Second Option

A second option is to calculate ratios common to the entity’s industry and compare the results to industry benchmarks.

While industry analytics can be computed, I’m not sure how useful they are for a new company. An infant company often does not generate numbers comparable to more mature entities. But we’ll keep this choice in our quiver--just in case.

Third Option

A more useful option is the third: comparing intraperiod numbers. 

Discuss the expected monthly or quarterly revenue trends with the client before you examine the accounting records. The warehouse foreman might say, “We shipped almost nothing the first six months. Then things caught fire. My head was spinning the last half of the year.” Does the general ledger reflect this story? Did revenues and costs of goods sold significantly increase in the latter half of the year?

Fourth Option

The last option we’ve listed is a review of the budgetary comparisons. Some entities, such as governments, lend themselves to this alternative. Others, not so–those that don’t adopt budgets.

Summary

So, yes, it is possible to create useful risk assessment analytics–even for a first-year company.

Forty Audit and Work Paper Mistakes

By Charles Hall | Auditing

Today, I offer you a list of forty audit and work paper mistakes.

The list is based on my observations from over over thirty years of audit reviews (and not on any type of formal study).

You will, however, shake your head in agreement as you read these. I know you’ve seen them as well. The list is not comprehensive. So, you can add others in the comments section of this post.

Here’s the list.

1. No preparer sign-off on a work paper
2. No evidence of work paper reviews
3. Placing documents in the file with no purpose (the work paper provides no evidential matter for the audit)
4. Signing off on unperformed audit program steps
5. No references to supporting documentation in the audit program
6. Using canned audit programs that aren’t based on risk assessments for the particular entity
7. Not documenting expectations for planning analytics
8. Inadequate explanations for variances in planning analytics (“revenue went up because sales increased”)
9. Planning analytics with obvious risk of material misstatement indicators, but no change in the audit plan to address the risk (sometimes referred to as linking)
10. Not documenting who inquiries were made of
11. Not documenting when inquiries were made
12. Significant deficiencies or material weaknesses that are not communicated in written form
13. Verbally communicating control deficiencies (those not significant deficiencies or material weaknesses) without documenting the conversation
14. Performing needed substantive tests with no related audit program steps (i.e., the audit program was not amended to include the necessary procedures)
15. Assessing control risk below high without testing controls
16. Assessing the risk of material misstatement at low without a basis (reason) for doing so
17. Documenting significant risks (e.g., allowance for uncollectible receivable estimates in healthcare entities) but no high inherent risks (when inherent risk are separately documented)
18. Not documenting the predecessor auditor communication in a first-year engagement
19. Not documenting the qualifications and objectivity of a specialist
20. Not documenting all nonattest services provided
21. Not documenting independence
22. Not documenting the continuance decision before an audit is started
23. Performing walkthroughs at the end of an engagement rather than the beginning
24. Not performing walkthroughs or any other risk assessment procedures
25. Not performing risk assessment procedures for all significant transaction areas (e.g., risk assessment procedures performed for billing and collections but not for payroll which was significant)
26. Not retaining the support for opinion wording in the file (especially for modifications)
27. Specific items tested are not identified (e.g., “tested 25 disbursements, comparing amounts in the check register to cleared checks” — we don’t know which particular payments were tested)
28. Making general statements that can’t be re-performed based on the information provided (e.g., “inquired of three employees about potential fraud” — we don’t know who was interviewed or what was asked or their responses)
29. Retrospective reviews of estimates are not performed (as a risk assessment procedure)
30. Going concern indicators are present but no documentation regarding substantial doubt
31. IT controls are not documented
32. The representation letter is dated prior to final file reviews by the engagement partner or a quality control partner
33. Consultations with external or internal experts are not documented
34. No purpose or conclusion statement on key work papers
35. Tickmarks are not defined (at all)
36. Inadequately defining tickmarks (e.g., ## Tested) — we don’t know what was done
37. No group audit documentation though a subsidiary is included in the consolidated financial statements
38. No elements of unpredictability were performed
39. Not inquiring of those charged with governance about fraud
40. Not locking the file down after 60 days 

That’s my list. What would you add?

Supplementary Information, Other Information and Required Supplementary Information

By Charles Hall | Auditing

• Accounting information and
• Nonaccounting information

• Determine whether the information is fairly stated, in all material respects, in relation to the financial statements as a whole

Sample Opinion Language

For examples of presenting the supplementary language (1) in the standard opinion or (2) separately, click here.

Notice that an opinion is rendered on supplementary information. No opinion is given in regard to other information.

• Reading the other information in order to identify any material inconsistencies with audited financial statements

• Management discussion and analysis (MD&A) for governments
• Estimates of current or future costs of future major repairs and replacements for common interest realty associations

• Inquiry of management about methods used to create information
• Comparing the information for consistency with management responses and the financial statements
• Obtaining written representations from management

Supplementary Information in Compilations and Review Engagements

You can see information about supplementary information wording for compilation or review reports here. Also, see my post about presenting supplementary information in compilation and preparation engagements.

How to Create Energy that Sustains You

By Charles Hall | Accounting and Auditing

So you are in the middle of your busy season and you are wondering how you will get it all done. Right?

One thing is for sure: Without energy, nothing happens. As Jim Loehr and Tony Swartz say in The Power of Full Engagement: Energy, not time, is the fundamental currency of high performance.

I started my career in 1984. It was a time when CPA firm partners would demand that you put your head down and never look up (and if you did, you might get whacked). The thought was that young staff were inexhaustible. After all, we had our youth.

But after being in public accounting for over thirty years, I have found that such an outlook is not only unwise, it is counterproductive. Sometimes squeezing out “just one more job” causes us to implode.

So should we work hard? Absolutely. But we should also recover if we are to perform at our highest levels.

When Do You Need Recovery?

Here are a few signs that you worked too long, and you need recovery:

• You stare at a financial statement page for several minutes before you realize you are in a daze (not reading, just staring)
• You can’t stay focused (your mind keeps wondering)
• You are working with a sense of dread rather than joy
• You are too stressed to sleep at night
• You find yourself increasingly rude to your spouse, friends, coworkers
• You reach for too much caffeine, or worse, alcohol, to get you through the day
• You feel like a robot
• You are often short of breath
• You have a sense of drowning

The body needs balance, and when it doesn’t get it, strange things start to happen. And when this work style–working without recovery–becomes habitual, we lose our vitality and health. Our production begins to decline rather than increase.

How Do You Recover?

Picture is courtesy of DollarPhoto.com

Here are disciplines that will enable you to excel during your busy season.

1. Take breaks – Working ten to twelve hours a day (and eating at your desk)–without breaks–is a sure way to deplete yourself. You need to work and recover, work and recover, work and recover — not work, work, work. The recovery can be as simple as taking five minutes to stand and stretch, but you need to move periodically away from your desk. If possible, go outside and walk for five to ten minutes (a couple of times a day). Recovery can be a simple phone call to a family member to tell her (or him) that you love them. Some professionals use the Pomodoro technique to move in and out of their work. There’s even an app for that. It may seem counterproductive to take breaks, but it’s not — as long as we don’t abuse the break time. Remember the purpose of the short break is to recover. For those of you that are runners, you know that Jeff Galloway teaches the same art in running: run and mix in walks (recovery). And many who use Jeff’s technique have found they can run farther and faster.
2. Exercising – Run, walk, or do some exercise on a consistent basis. I was a smoker in college and–as a way to help me kick the habit–I started running. That was thirty-seven years ago. Today I am fifty-seven, and I still either run or walk at least three times a week. I find that running helps me the most. When I consistently run, I think more clearly and don’t drag late in the day. When I don’t run, I notice my thinking becomes cloudy, and I become moody. When I’m on my routine (run three times a week, at least, two miles a run), I even notice that I have bursts of energy in the middle of the afternoon, something that never happens when I am not exercising.
3. Drink water – Staying hydrated throughout the day will keep you humming late in the day. I have put a water dispenser in my office, so I don’t have to worry about going to the store to buy bottled water. The cost of the water container (and water that they bring to my office) is about $25 per month — worth every penny.
4. Sleep – I have read a great deal about how much sleep I need each night. And it seems the consensus is a minimum of 7.5 to 8.0 hours per night. I know this: when I get consistent sleep, I perform better. I have a routine each evening of winding things down about 9:30 and being in bed about 10:00 p.m. so I can rise at 6:00 a.m. (so I can write blog posts like this one). Going back to exercising for a moment, if you work your body hard, you will sleep better. I have noticed the farther I run, the harder I sleep. Also, if I am in bed for more than fifteen to twenty minutes without going to sleep, I get up and take melatonin — this helps me fall asleep.
5. Eating well – Another method of recovery is eating. Not too much, but enough to provide energy. I eat a healthy breakfast each morning, a light lunch, and dinner. Then about mid-morning and mid-afternoon, I snack (usually nuts or fruit). If you’ve ever watched Tiger Woods play golf, you’ve seen him munching on a banana or energy bar during the middle of a round — he’s feeding his body to maintain energy. Eating too much at one time will throw your body’s metabolism out of balance, so a steady intake (balance) is what we need.
6. Coffee – Coffee in moderation can stimulate your thinking and mood, at least, it does for me. I drink a cup first thing in the morning. Then I have another cup just after lunch. Too much coffee will drain you of energy. Rather than reaching for another cup, take a short walk, drink more water.
7. Music – If possible listen to good music while you work. I find that I am more productive with music playing quietly in the background.

Call to Action

Try one or all of these and stay at it. Habit is the key. You may find in the initial days of change that you’ll desire to revert to your old habits, but as you continue, your new ways will become normal. Then you’ll find new energy for the tasks at hand.

Have a great day!