-
601.1 The auditor's broad
responsibilities under professional standards regarding client
acceptance and continuance decisions are as follows:
- • Establishing Policies and Procedures. SQCS No. 7 (QC 10)
- requires CPA firms to establish policies and procedures for the
- acceptance and continuance of client relationships and specific
- engagements. 1
- The requirement to establish such policies and procedures is not
- intended to suggest that a firm must guarantee the integrity or
- reliability of a client. Instead, according to paragraph 27 of SQCS No.
- 7, the policies and procedures should be “designed to provide the firm
- with reasonable assurance that it will undertake or continue
- relationships and engagements only where the firm:td dl { margin-top: 0px; margin-bottom: 0px; }a. Has considered the integrity of the client,
- including the identity and business reputation of the client's
- principal owners, key management, related parties and those charged with
- governance, and the risks associated with providing professional
- services in the particular circumstances;b. Is competent to perform the engagement and has the capabilities and resources to do so; andc. Can comply with legal and ethical requirements.”• Timing of Procedures. SAS No. 108 (AU 311)
- indicates that auditors should perform client acceptance and
- continuance procedures, including evaluating compliance with ethical
- requirements, prior to performing significant audit activities for the
- current engagement. Before accepting an engagement, auditors should also
- determine whether circumstances will allow an adequate audit and an
- unqualified opinion. If it appears that a qualified or disclaimer of
- opinion may be necessary, that should be discussed with the client.• Communicating with Previous Auditors. SAS No. 84 (AU 315)
- and SAS No. 108 require a successor auditor to make certain inquiries
- of the predecessor auditor before accepting an engagement.
-
601.2 Client acceptance/continuance policies and procedures should provide reasonable assurance that:
• Engagements that are accepted can reasonably be expected to be completed with professional competence.• The risks associated with providing professional services in the particular circumstances are appropriately considered.
-
601.4 When deciding whether to accept or continue a client, the auditor considers the risks related to the engagement.
- This is a very high-level
- consideration of whether the risk level related to the engagement and
- the overall financial statements is greater than normal. For situations
- that pose greater than normal risk, firm policies determine when a new
- engagement should be declined and when the relationship with a
- continuing client should be terminated. If a client with greater than
- normal risk is accepted or continued, there has to be an appropriate
- audit response to the risk level in the audit plan. A client with
- greater than normal risk poses a greater risk to the auditor from a
- business risk perspective (the auditor's own business risk) and also
- involves a greater risk of material misstatement of the financial
- statements. Both SAS No. 99 (AU 316.34) and SAS No. 109 (AU 314.13)
- explicitly note that the auditor should consider whether procedures
- relating to the acceptance and continuance of clients and engagements
- may be relevant in the identification of risks of material misstatement.
-
601.5 For a new CIRA audit
engagement, the auditor obtains a general understanding of management's
reputation and integrity and of the CIRA industry, and the CIRA's
operations and financial condition through
- discussions with management and the
- CIRA's board of directors, predecessor auditors, and other
- knowledgeable parties. For a continuing engagement, the auditor
- considers the same factors, but also considers whether there have been
- changes that affect the auditor's continuance decision.
-
601.6 The engagement acceptance or
continuance decision will normally focus on factors that increase
overall financial statement risk.
- What is the intended use of the
- financial statements? For example, does the CIRA need audited financial
- statements to comply with the requirements of the CIRA's governing
- documents, state statutes, regulatory agencies, or bank loan agreements?
- Will the CIRA's financial statements be distributed to the CIRA's
- members, developers, or financial institutions? Do discussions with the
- predecessor auditor, bankers, insurance carriers, attorneys, or others
- raise any concerns about management integrity? Are there increased risks
- due to indications of pressures, opportunities, or incentives for
- fraudulent financial reporting on the part of management? Consideration
- of this information might cause the auditor to decline to accept the
- engagement or to terminate the client relationship, or might cause the
- auditor to plan and perform the audit in a different manner
-
Ability to Accept the Engagement601.9
An auditor should not propose for, or accept, an audit unless he or
she will be able to meet the responsibilities and requirements related
to the engagement. Factors the auditor should consider include the
following:
• Auditor independence.• Expertise in the CIRA area or ability to obtain sufficient knowledge to meet professional standards.
-
601.10 Independence
The AICPA, state boards, the Securities and Exchange Commission, and
the PCAOB each have their own independence rules (the SEC and PCAOB
rules generally would not affect CIRAs).
- Some of the AICPA independence
- rules apply a team approach, which narrows the pool of those members of a
- firm who are subject to certain independence requirements by focusing
- on covered members. Covered members are those who are members of
- an attest engagement team or able to influence the engagement or attest
- engagement team. Under the AICPA rules, auditors may be able to
- structure the engagement team so that independence is not impaired. 2 PPC's Guide to GAAS provides a detailed discussion of those and other independence rules. The discussion at section 103 addresses those aspects of independence most frequently of concern in CIRA engagements.
-
601.12 Competency in the CIRA Industry Rule 201 of the AICPA Code of Professional Conduct
indicates that a firm should only undertake an engagement that can
reasonably be expected to be completed with professional competence
- SQCS No. 7 (QC 10), A Firm's System of Quality Control,
- requires firms to adopt quality control policies and procedures that
- provide reasonable assurance that the engagement partner (or other
- individual responsible for supervising the engagement and signing or
- authorizing someone else to sign the auditor's report) has the necessary
- competencies for the engagement. The required competencies may vary
- depending on the client, industry, or type of service being provided.
- Although the CIRA industry is not specifically mentioned in the
- standard, specific competencies may be necessary when supervising the
- audit of a CIRA
-
601.13 The auditor contemplating a
CIRA engagement should consider whether he or she has the necessary
experience in the area or can obtain sufficient knowledge and
understanding to perform the services requested through
- continuing education courses;
- attendance at relevant conferences; discussions with knowledgeable
- persons; etc. The AICPA and most state licensing authorities have
- continuing education requirements for CPAs. In fulfilling these
- requirements, particular attention can be given to accounting, auditing,
- and tax matters relevant to CIRAs
-
601.14 According to SQCS No. 7, a
CPA firm's quality control policies and procedures should also require
that the engagement partner have the appropriate capabilities
- authority, and time to perform the
- role. Policies and procedures may include systems to monitor the
- workload and availability of engagement partners so as to allow these
- individuals to have sufficient time to adequately perform their
- responsibilities.
-
Management Integrity601.15 An auditor should consider the reputation and integrity of a prospective or continuing client and its management
- The auditor should evaluate any
- adverse information about management and consider whether the CPA firm
- would not want to be associated with the CIRA's financial statements.
- The auditor's concern is with the client's general honesty, good faith,
- and forthrightness in its operations, administration, and financial
- reporting and in providing information, responses, and representations
- for the audit. If the CIRA engages the services of a managing agent,
- auditors will need to consider the reputation and integrity of the
- management of the managing agent as part of the engagement acceptance
- and continuance process.
-
601.16 Quality control standards require CPA firms to establish policies and procedures to
- minimize the likelihood of
- accepting or continuing association with a client whose management lacks
- integrity. There are no specific quality control standards or GAAS
- requirements, however, concerning the depth of an investigation of a
- prospective client, except the requirement in SAS No. 84 (AU 315), Communications Between Predecessor and Successor Auditors,
- as amended, to communicate with a predecessor auditor. SAS No. 84, as
- amended, requires that a successor auditor communicate with any former
- auditors who have provided services to the prospective client. The SAS
- requires written or oral communication with the predecessor auditor when
- determining whether to accept an engagement. 3 The communication should include the following matters:td dl { margin-top: 0px; margin-bottom: 0px; }a. Information that might bear on management's integrity.b. Disagreements with management on accounting principles, auditing procedures, or similarly significant matters.c.
- Communications to those charged with governance, such as the audit
- committee (or others with equivalent authority and responsibility such
- as the board of directors or trustees) regarding fraud or other illegal
- acts performed by the client or its employees, and internal control
- related matters.d. The predecessor's understanding of reasons for the change in auditors
-
In addition, successor auditors may also consider it helpful to obtain
information about areas that required a significant amount of audit time
or audit problems that arose from the condition of the accounting
system or records
- Successor auditors typically review or request copies of the prior-year
- accountants' report on the financial statements, management letter (if
- one was issued), tax returns, trial balance, and journal entries.
- Depending on the circumstances, the successor may consider it necessary
- to review other workpapers or tax information. Some predecessor auditors
- prefer to provide detail information on what workpapers will be
- available to the successor. (See the discussion beginning at paragraph 611.14)
-
601.17 In addition to communication with the predecessor auditor, the AICPA's Audit and Accounting Practice Aid, Establishing and Maintaining a System of Quality Control for a CPA Firm's Accounting and Auditing Practice, suggests obtaining and evaluating information such as the following (as they might apply to a CIRA):
- a. Available financial
- information about the prospective client, such as the CIRA's most recent
- interim or annual financial statements, income tax returns, and reports
- to regulatory agencies.b. Responses to inquiries of management about the nature and purpose of services to be provided.c. Responses to inquiries of the prospective client's lawyer, banker, and others having business relationships with the entity.
-
601.18 Other sources of information may include:
• Discussions with other CPAs in the community and other professionals—lawyers, bankers, etc.• Inquiry of commercial credit agencies and business groups or associations, such as the Better Business Bureau.
-
601.19 CIRA engagements tend to
have frequent changes of auditors, in part because of fees and changes
in board composition. In addition, CIRA officers may be uninterested in
financial and accounting matters. Furthermore,
- the investigation of the
- prospective client may indicate frequent changes in bankers or lawyers
- or reveal questionable responses to the auditor's inquiries. In those
- cases, the CPA firm may consider a background check performed by an
- investigative firm. In addition to the CIRA itself, subjects of
- background checks might include officers, board members, managing
- agents, developers, and other related entities or affiliated parties.
- Caution is advisable to help ensure a solid, long-lasting relationship
-
601.20 Unless the client gives authorization, the predecessor cannot
- ethically respond to the successor's inquiries because of the requirement for confidentiality in Rule 301 of the AICPA Code of Professional Conduct.
- If the potential client refuses to give authorization, the auditor
- should determine why. He should also consider whether such refusal is
- sufficient reason to decline the engagement because it may signal a lack
- of future cooperation and may deprive the auditor of useful information
- only the predecessor can provide
|
|