Tag Archives for " Independence "

Unpaid Fees and Attest Independence

By Charles Hall | Auditing

Unpaid fees can impair your independence in attest engagements. This article explains changes in the Unpaid Fees interpretation in the AICPA Code of Conduct. 

Peer review checklists ask if fees have been paid prior to issuance of attest reports. Why? A loan to an attest client can impair independence. The thought here is that the CPA may have a self-interest in the client; namely, the collection of unpaid fees. And this self-interest could potentially lead the CPA to assist the client by issuing inappropriate attest reports. 

So, has there been a change in the unpaid fees section of the Code of Conduct? Yes. 

The old rule of just looking back one year is no longer the sole consideration in determining your independence in regard to unpaid fees; current year fees, if significant, can also affect independence.

The bolded fonts and underlines below are added by the blogger. 

Unpaid Fees Interpretation

The independence interpretation (1.230.010) in the Code of Conduct says:

Threats to the covered member’s compliance with the “Independence Rule” [1.200.001] are at an acceptable level if, when the current-year attest report is issued, unpaid fees are both clearly insignificant to the covered member and relate to professional services provided less than one year prior to the date of the current-year attest report.

Alternatively, threats would not be at an acceptable level if, when the current-year attest report is issued, unpaid fees are both significant to the covered member and relate to professional services provided more than one year prior to the issue date of the current-year attest report.

That guidance provides factors to consider in evaluating your independence.

Unpaid Fees Factors to Consider

Factors to consider (ET 1.230.010.02) when evaluating whether threats are at an acceptable level include the following:

a. The significance of the unpaid fees to the covered member

b. The length of time the fees have been due from the attest client

c. The attest client’s agreement to pay the unpaid fees

d. The covered member’s assessment of factors affecting the ability of the attest client to pay the fees

So, what should you do if a significant threat is present? Consider safeguards. 

Unpaid Fees Safeguards

You may use safeguards (ET 1.230.010.04) to mitigate the independence threat:

a. Have an appropriate reviewer who has not provided attest or nonattest services to the attest client review the attest work performed before the current-year attest report is issued.

b. Obtain partial payment of the unpaid fees balance before the current year attest report is issued such that the remaining unpaid balance is insignificant to the covered member.

c. Obtain an agreement from the attest client to a payment schedule before the current-year attest report is issued.

d. Suspend further work on current attest engagements and not accept new engagements with this attest client.

ET 1.230.010.05 goes on to say:

Communication with those charged with governance regarding evaluation of the unpaid fees and safeguards applied is not a sufficient safeguard when applied alone; however, it may be considered a safeguard when supplemented by other safeguard(s).

If the safeguards are not sufficient, you are not independent.

So, how do we define unpaid fees?

Unpaid Fees Defined

Unpaid fees include billed and unbilled services. 

If you provide a service whereby you expect payment, it’s a fee–whether you billed it or not. The issue is whether the client owes you for the service.

Not Applicable for Attest Clients in Bankruptcy

ET 1.230.010.06 says that this interpretation does not apply to attest clients in bankruptcy.

Collection Incentive

Oddly, the potential impairment of independence may assist you (the CPA) in collecting past-due accounts. If the client needs the current year attest report, and the CPA can’t provide it without payment, then the client may find a way to come up with the money for past fees.

Still Not Sure

If after doing the above, you’re still not sure whether your independence is impaired, consider contacting the AICPA to get their thoughts. You can email them at ethics@aicpa.org. 

Lacking Independence in a Compilation

By Charles Hall | Preparation, Compilation & Review

Do you lack independence in a compilation engagement? If yes, then here’s how to disclose the impairment in the compilation report.

An accountant can issue a compilation report even though independence is lacking. When independence is impaired, the Statement on Standards for Accounting and Review Services requires that the CPA modify the compilation report. The cause of the impairment (e.g., you own a portion of the business) can be disclosed in the compilation report but is not required. You can, if you prefer, simply say you are not independent; this is what most CPAs do.

Lacking Independence in a Compilation – Current Year

The accountant’s compilation report can disclose a lack of independence as follows:

We are not independent with respect to ABC Company.

Just add this sentence separately at the bottom of the compilation report.

Lacking Independence in a Compilation –  Prior Year

If you were not independent in 2020 but you are independent in 2021 (and comparative statements are presented), the accountant’s report can read:

As of and for the year ended December 31, 2020, we were not independent with respect to ABC Company.

Alternatively, the report can read:

As of and for the year ended December 31, 2020, we were not independent with respect to ABC Company. We are currently independent with respect to ABC Company.

Independence in Review Engagements and Audits

CPAs must be independent to perform review engagements or audits. There are no exceptions. See the AICPA Code of Professional Conduct for guidance on independence issues. Independence rules are found in section 1.200.

Independence in Preparation of Financial Statement Engagements

CPAs can perform a Preparation of Financial Statement engagement without being independent. No independence disclosure is required since this service is a nonattest service. 

Online CPA Resources: A List

By Charles Hall | Accounting and Auditing

Are you looking for online CPA resources? You’ve come to the right place. 

There’s plenty of free online information such as the audit standards, compilation and review standards, illustrative reports, and fraud prevention information. There are also paid resources such as those provided by the AICPA’s audit quality centers.

Below I provide a list of free resources with links.

Then you’ll see information regarding the audit quality centers. 

Free Online CPA Resources

Here’s a list of online CPA resources that I commonly use:

• AICPA Technical Hotline
• AICPA Plain English Guide to Independence
• AICPA Developing a System of Quality Control
• AICPA Code of Conduct
• AICPA Illustrative Compilation Reports
• AICPA Illustrative Accountant’s Review Reports
• AICPA Journal of Accountancy
• AICPA SASs (audit standards)
• AICPA SSARS (compilation and review standards)
• Accounting Tools (accounting blog) 
• LinkedIn Governmental Not-For-Profit Group
• LinkedIn Sole Practitioners and CPA Small Firms Group
• Best Accounting Software (List of accounting new sites, associations, organizations)
• Nonprofit Update Blog
• FASB Codification
• GASB Pronouncements
• 2020 Report to the Nations (Fraud Resource)
• COSO Internal Control (Executive Summary)
• 2021 OMB Compliance Supplement
• OMB Uniform Guidance
• 2018 Version of Yellow Book

Paid Online CPA Resources

AICPA Audit Quality Centers

While the following are not free, consider joining audit quality centers if you have a concentration in areas such as governments and benefit plans. I have found our membership in the AICPA Governmental Audit Quality Center (GAQC) particularly helpful. They provide timely information alerts to keep you abreast of evolving changes such as those related to Yellow Book and Single Audits. The Employee Benefit Audit Quality Center is also useful. These audit quality centers provide practice aids and CPE classes relevant to governments and benefit plans. 

Another great resource (though not free) is the Center for Plain English Accounting (CPEA). The CPEA provides written responses to your technical questions; the AICPA Technical Hotline listed above is free but they don’t provide written responses, only verbal. The CPEA also provides timely articles about accounting and auditing changes, some of the best I have seen. Their quarterly accounting and auditing CPE update is also quite useful. 

Your Online Resources

What other online resources do you use as a CPA? Leave a comment.

Independence in Attest Engagements

By Charles Hall | Auditing , Preparation, Compilation & Review

Independence in attest engagements in critical. 

Peer reviewers continue to focus on independence documentation. Today I’ll provide you with examples of what peer reviewers are looking for and guidance to keep you out of hot water.

Documentation of Nonattest Services

Peer reviews focus upon nonattest services provided to attest clients. How do we know? Well, see the peer review checklist question below (for an attest engagement).

The big “no-no” is to assume management responsibilities and then perform an attest service. Why? Performing management responsibilities impairs your independence. 

Preparing Financial Statements

Below is another question from the peer review checklists. Notice the first item below: Accepting responsibility for the preparation and fair presentation of the client’s financial statements. The client (not the auditor) must assume responsibility for the financial statements. 

If the client can’t–or is unwilling to–assume responsibility for the financial statements, then we are not independent, and we cannot perform an audit or a review. This assumption of responsibility does not mean the client has the ability to create financial statements, but it does mean that:

• that the client will oversee the nonattest service,
• the client will evaluate the adequacy and results of the nonattest service, and
• the client will accept responsibility for the nonattest service

If we prepare financial statements and perform an audit, review, or compilation, we have performed a nonattest service and an attest service. Why is this important? Because if we perform a nonattest service and an attest service for the same client, we must assess our independence. And if we are not independent, then we can’t perform an audit or review engagement. (It is permissible to perform the compilation engagement when independence is impaired, but the accountant must say–in the compilation report–that he is not independent.)

Other Peer Review Questions

The peer review checklists also ask for:

• The name and title of the client personnel overseeing the nonattest service and
• A description of the accountant’s “assessment and factors leading to your satisfaction that the client personnel overseeing the service had sufficient skills, knowledge and experience.”

Separate Form to Document Independence

So do we need a separate form in our file to document independence?

It certainly would not hurt, and I suggest that you do. PPC and CCH offer such forms (and I am sure other work paper providers do the same). These forms provide a place to document all nonattest services and to assess and document our client’s ability to assume responsibility for the nonattest services.

The PPC and CCH forms also address the cumulative effect of performing multiple nonattest services. The AICPA has stated that the performance of multiple nonattest services can impair independence. So you should document your consideration of whether the cumulative nonattest services create a problem. Peer review checklists ask if we documented this consideration.

Additionally, if significant threats are present, the accountant should document the safeguard(s) used to mitigate the risk. This documentation is particularly crucial in Yellow Book engagements. The PPC and CCH independence forms will assist you with this documentation. Below are peer review checklist questions:

Alignment in Independence Documentation

We should–in the engagement letter–specify the nonattest services and the responsibilities of management. If you are performing an audit or a review engagement, add additional language to the representation letter regarding the nonattest services performed and the client’s responsibility for those services.

So I am suggesting you document the nonattest services in three places:

• Engagement letter,
• Independence form, and
• Representation letter (when relevant)

And when you do, please make sure the nonattest services listed in each document are the same. 

Nonattest Services and Independence

Here’s a video that explains nonattest services and how to document your independence in regard to them.

Threats to Yellow Book Independence

By Charles Hall | Auditing , Local Governments

Yellow Book independence is a big deal. And if you prepare financial statements in a Yellow Book audit, you need to be aware of the independence rules. Below I tell you how to maintain your independence—and stay out of hot water,

Yellow Book Independence Impairment in Peer Review

Suppose that--during your peer review--it is determined your firm lacks independence in regard to a Yellow Book engagement.

What could happen? Well, I can't say for sure, but I think it would be nasty. At a minimum, you would probably receive a finding for further consideration. The engagement is definitely nonconforming (not conforming to professional standards).

Then, you'd need to provide a response--explaining what you intend to do about the lack of independence. And this could get very interesting. Not where you want to be.

Preparation of Financial Statements is a Significant Threat

If you prepare financial statements (a nonattest service) for your audit client, you have a significant threat. Why? You are auditing something (the financial statements) that you created. There is a self-review threat. 

When there is a significant threat, you must use a safeguard (to lessen the threat). Such as? A second partner review. So, for example, you might have a second audit partner (someone not involved in the audit) review the financial statements. Since the second partner did not create the financial statement, the self-review threat is mitigated.

Notice the safeguard (the second partner review) is something the audit firm does--and not an action of the audit client. Therefore, it qualifies as a safeguard.

2018 Yellow Book

The 2018 Yellow Book states the following in paragraph 3.88:

Auditors should conclude that preparing financial statements in their entirety from a client-provided trial balance or underlying accounting records creates significant threats to auditors' independence, and should document the threats and safeguards applied to eliminate and reduce threats to an acceptable level...or decline to provide the services. 

But My Client has Sufficient SKE

You've heard your audit client must have sufficient skill, knowledge and experience (SKE) and that they must oversee and assume responsibility for nonattest services. This is true and is always required when nonattest services are provided to an audit client. 

Even so, the client's SKE does not address the self-review threat. 

Think of the SKE issue as a minimum requirement. Do not pass "go" if the client does not assign someone (with SKE) to oversee the nonattest service. You are not independent. End of discussion. (If the client does not have sufficient SKE, see section below titled Inadequate Skill, Knowledge, and Experience.)

SKE is not a safeguard

The January AICPA Reviewer Alert distinguishes the SKE requirement from safeguards saying, "Client SKE should not be viewed as a safeguard, but rather a mandatory condition before performing any nonaudit services."

Once the client SKE issue is dealt with, consider if auditor safeguards are necessary. Why? A self-review threat may be present. 

The AICPA (in its AICPA Yellow Book Practice aid) provides examples of safeguards (again, these are actions of the audit firm) including:

• Obtaining secondary reviews of the nonaudit services by professional personnel who were not involved in planning or supervising the audit engagement.
• Obtaining secondary reviews of the nonaudit services by professional personnel who were not members of the audit engagement team.

See Appendix E of the AICPA Yellow Book Practice Aid for additional examples of safeguards and how to apply them.

Independence Documentation is Required

The Yellow Book requires that your independence be documented. If it is not, a violation of professional standards exists. 

So, document the SKE of the client and the safeguards used to address significant threats. Also, document which nonattest services are signficiant threats. Peer reviewers focus on Independence documentation.

Document Significant Threats

The January 2019 Reviewer Alert (an AICPA newsletter provided to peer reviewers) provides a scenario where an audit firm performs a Yellow Book audit and prepares financial statements. Then the firm has an engagement quality control review (EQCR) performed, but it does not identify the preparation of financial statements as a significant threat. The newsletter states "the engagement would ordinarily be deemed nonconforming for failure to document identification of a significant threat." So, even if a safeguard (e.g., a second partner review) is in use, the lack of documentation makes the engagement nonconforming.

Judging Client's SKE

Here are examples of client personnel that might be available to oversee the financial statements preparation service:

1. A 15 year mayor who is a businessman, no accounting education, no formal training in reading governmental financial statements. He understands the fund level statements but can't grasp the reconciliation between the government-wide financial statements and the fund level financial statements.
2. Second year finance director with no prior accounting experience, graduated from a two year college with a degree in general business.
3. Finance director with 25 years experience and is a CPA and a member of GFOA. She trains others in governmental accounting.
4. Finance director with a high school education but has extensive governmental accounting training from the Carl Vinson Institute. He has the ability to create the financial statements from scratch.

As you can see, the Yellow Book independence assessment will sometimes be black and white, but other times, not so. Regardless, the audit client has to have someone with sufficient skill, knowledge and experience to oversee the financial statements preparation. Why? The auditor can't assume responsibility for the statements. This is a management responsibility.

Management Responsibilities

The 2018 Yellow Book (paragraph 3.75) says the following about management responsibilities:

In cases where the audited entity is unable or unwilling to assume these responsibilities (for example, the audited entity does not have an individual with suitable skill, knowledge, or experience to oversee the nonaudit services provided, or is unwilling to perform such functions because of lack of time or desire), auditors should concluded that the provisions of these services is an impairment to independence.

Additionally, paragraph 3.73 of the Yellow Book states:

Auditors should determine that the audited entity has designated an individual who possesses suitable skill, knowledge, or experience and that the individual understands the services to be provided sufficiently to oversee them.

If the government has no one with sufficient SKE, then the external auditor is not independent and can't perform the audit.

So, is there another option when the client does not have sufficient SKE?

Inadequate Skill, Knowledge, and Experience

If the auditor can't get comfortable with the client's SKE (e.g., the client's ability to review the financial statements and assume responsibility), what can be done? The audited entity can hire someone with sufficient SKE. For example, the entity could contract with a CPA not affiliated with the external audit firm to review the financial statements on their behalf.

Many smaller governments need to contract with an outside person in order to have sufficient SKE. The problem, however, is they may not have the funds to do so. If you as the auditor make this suggestion, be prepared for this question: "Isn't this why I hired you?" Regardless, the client has to have sufficient SKE before the auditor can issue an opinion. 

In Summary

Here's the lowdown to protect your firm:

1. Document the nonattest services you are to perform
2. Document the client person that will oversee and assume responsibility for the nonattest service
3. Document the SKE of the designated person
4. Consider whether any nonattest services are significant threats 
5. Document which, if any, nonattest services are significant threats
6. Use (and document) a safeguard to address each significant threat (examples of safeguards include an EQCR or a second-partner review)

Looking for a tool to document Yellow Book independence? Consider the AICPA's practice aid. Here is the free PDF version. You can also purchase the fillable version here. (Cost is $39 for AICPA members.) This is the 2011 Yellow Book aid. I am thinking the AICPA will create a 2018 Yellow Book version as well.