Are you wondering if you need an audit, review, or compilation?
Either a third party is asking for one of these services or your leadership may feel that a CPA firm is required to examine records.
Don’t automatically assume you need a full audit. A review or compilation may serve your needs, while saving you some money.
Compiled financial statements are prepared based on the financial information provided by the organization to the CPA firm.
The CPA firm will produce financial statements, which can include footnotes, with a report that states no assurance is given regarding the completeness or accuracy of the information presented.
This is often a letter drafted by the CPA firm that accompanies the financial statements explaining there has been no testing of the accuracy of the information. There is no preparation needed on the part of the organization for a compilation report.
Compiled financial statements can be required when a business owner applies for a personal loan or other banking matters. More often, a reviewed or audited financial statement is required.
Audited financial statements may be required when raising equity, planning to sell, receiving funding from federal or state governments, or looking for extended credit or significant financing.
The auditor must obtain evidence to confirm that your financial statements are free from material error and/or fraud.
Reviewed financial statements provide limited assurance that there are no material modifications needed for the financial statements to conform with an applicable reporting framework.
The process includes the following:
Reviewed financial statements can be performed to satisfy lenders, investors, and buyers or when you are looking for a smaller loan or line of credit.
Your CPA will need access to your trial balance, bank reconciliations and accrual schedule, deferred revenue, and more.
Procedures performed include analytical methods and inquiry and do not include an assessment of internal controls or the risk of fraud.
Discuss with your lender if a financial statement review is appropriate or if a full audit is required.
To decide which type of financial statement service is the best option for you, discuss your goals with a qualified CPA firm and select the service that best fits your needs. Understanding what level of assurance you need can save you time and money.
Audited financial statements are needed for lenders, owners, shareholders, the board of directors, investors, or other organization stakeholders. These audits assure that the reported financial information has the highest level of credibility.
The audit process provides leadership with the assurance that their financial reports are materially correct and compliant. Also, leadership derives value from the reported observations of their internal controls, systems, and operations gleaned from the audit process.
The best way to determine which audit you need is to contact a firm with audit experience. Once you discuss your needs, they can recommend the best audit for you.
An agreed-upon procedure is just what it sounds like. The parties involved will agree on what type of audit is required and what kind of report will be developed based on the findings.
The benefit of this type of engagement is it can be tailored to fit the business’s needs. The CPA will not provide an opinion or conclusion but rather a report listing the findings of the areas that engagement detailed.
A compliance audit evaluates the organization's adherence to regulatory guidelines. It assesses if the applicable laws, regulations, and rules are being adhered to. It is an outward-facing audit ensuring compliance with the requirements of the industry or geographic region.
The government uses these audits to enforce rules at the federal and local levels. A third party conducts a compliance audit to ensure it is unbiased and accurate.
Excluding specific exceptions, federal law requires employee benefit plans with 100 or more participants (ERISA defined) to include audited financial statements with the Form 5500 filing.
Smaller plans may also require an audit if they do not meet certain conditions exempting them from the audit requirement.
Single audits are specialized and tailored compliance audits for organizations that receive certain levels of federal and/or state grant awards.
These audits ensure that government funds are used for their intended purposes and vary in complexity depending on the level of grant funding the organization receives and the programs funded.
Financial statement audits offer the highest level of assurance to outside sources and third parties on financial statements and financial statement elements.
These audits include an in-depth examination and confirmation of account balances, inventories, and a sample of transactions.
Financial statement examinations provide a similar assurance level; however, this assurance is on the reasonableness of management assertions. An examination is a set of procedures narrower in scope than an audit.
Financial statement reviews offer limited assurance to outside sources and third parties on the organization's financial statements and financial statement elements.
These reviews involve a tailored combination of management inquiries and analytical studies of financial information to identify any items requiring further investigation.
Financial statement compilations and preparation engagements offer no assurance but provide management with a formal set of financial statements for the organization and are used when bookkeeping assistance is required.
Compilations include a standard accountant's report and are often used for external reporting, while preparation engagements typically exclude a formal report and are usually intended for internal use.
The internal control audit is a process to review operational effectiveness, efficiency, and reliable financial reporting, as well as compliance with regulations and policies.
The audit confirms the information is accurate, timely, and reliable. Internal controls are designed to prevent errors and irregularities, while safeguarding assets.
The internal control audit review is an important step to ensure that your controls are working properly.
A SOC report is designed to assure third-party service organizations are expected to have appropriate internal controls and safeguards in place regarding hosting, processing, or accounting for their customers' data and assets.
Organizations requiring a SOC report are becoming more common as internal control compliance issues are at risk when critical services are outsourced to a third party.
SOC 1 audits focus on financial controls and SOC 2 reports focus on security, process integrity, privacy, and confidentiality.
Businesses that may require a SOC audit include:
Reviewing an auditor's qualifications is a critical step in selecting your auditor.
This will require the consideration of licensing and independence rules, as well as the auditor's experience including specific audit experience in your industry and continuing professional education.
A firm equipped to provide a high-quality audit of your organization should be able to demonstrate its qualifications in response to your request for a proposal.
Evaluate whether the firm has experienced, qualified staff. Not only is overall experience necessary, but also experience relevant to your organization (i.e., retail, banking, construction, manufacturing, nonprofit, etc.) is a component of the firm's qualifications.
In some instances, a less-experienced auditor may be assigned to perform routine audit procedures to reduce audit costs. When this happens, you should confirm that an experienced auditor will review his/her work and perform the more complicated audit procedures.
The size of a firm doesn't dictate the level of audit quality — it's their commitment to quality that differentiates them.
The AICPA (American Institute of Certified Public Accountants) established the profession's Peer Review Program to enhance the quality of accounting, auditing, and attestation services its members perform in public practice.
The results of a firm's peer review provide a look at quality control systems and adherence to the profession's standards. If a firm doesn't provide the results of its latest peer review with its proposal, ask for it.
You'll also find information on accessing a firm's peer review information in the Additional Resources section of the AICPA report Hiring a Quality Auditor: Your Guide to the Selection Process.
A commitment to quality can also be shown by a firm's additional membership in AICPA resource centers, including:
Includes resources relating to financial statement audits of both governments and nonprofits and single audits
Offers tools and resources to promote the quality of employee benefit plan audits
Provides resources for auditors of public companies
Includes resources relating to quality control
Provides technical assistance to CPA firms
Firms that are members of the GAQC and EBPAQC must establish higher standards of audit quality in their policies and procedures specific to the practice area. These quality centers also offer additional resources to help firms provide quality services to their clients.
If these practice areas are relevant to your organization, as you consider firm proposals, ask representatives of the firms if they are members of these centers.
When engaging an auditor, you should obtain references and discuss the auditor's work for other clients. You may want to obtain the continuing professional education records of the proposed audit team and determine that team members have recent training that addresses unique issues related to your industry.
CPA professional standards require that the auditor be independent for purposes of auditing financial information and issuing an auditor's report on the financial statements.
The auditor's independence is essential for a successful audit because it enables him/her to approach the audit with the necessary professional skepticism.
Independent auditors must adhere to rules of auditor independence established by the AICPA (and the SEC and the Public Company Accounting Oversight Board, if applicable).
CPA firms are required to meet the licensing requirements of the state(s) in which they practice.
You may wish to verify with the appropriate state regulatory authority that the audit firm holds a valid, up-to-date license or certificate to perform auditing services (most states make this information available online).
It is imperative to understand the rules for auditor independence. If you discover potential issues now, there's still plenty of time to take corrective action before next year's audit begins.
Independence is one of the most essential requirements for audit firms. It's why investors and lenders trust CPAs to provide unbiased opinions about the presentation of a company's financial results.
The AICPA and the Securities and Exchange Commission (SEC) have rules regarding auditor independence. Even the U.S. Department of Labor has issued independence guidance for auditors of employee benefit plans.
The AICPA specifically goes to great lengths to explain how audit firms can maintain their independence from the companies they audit. In short, auditors can't provide any services for an audit client that would typically fall to the company's management to complete.
Auditors also can't engage in any relationships with their clients that would:
Independence is a matter of professional judgment, but it's something that accountants take seriously. A firm that violates the independence rules calls into question the accuracy and integrity of its client's financial statements.
Under Rule 2-01 of Regulation S-X, the SEC explicitly prohibits auditors from providing the following non-audit services to a publicly traded audit client or its affiliates:
This list isn't exhaustive. Audit committees should consider whether any service provided by the audit firm may impair the firm's independence in fact or appearance.
SEC independence rules also prohibit audit firms and auditors from engaging in financial relationships with their public audit clients, such as contingent fees, banking, insurance, debtor-creditor arrangements, broker-dealer relationships, and futures commission merchant accounts.
Independence is a critical issue for public and private companies alike. Contact your auditor to discuss any questions you may have regarding auditor independence.
Audits can be very stressful, especially for nonprofits. Mistakes in the books and a poor audit can lead to decreased donations down the road, undermining the entire mission of a nonprofit.
Nonprofit organizations must obtain audits to comply with local laws and regulations. They must show those who have donated to their cause that they are good stewards of that money.
While audits are undoubtedly intimidating, you can take steps to decrease that stress. With the proper mindset and good planning, audits do not have to be cause for alarm.
Most auditors will give you a list of items that they intend to review. They also often provide unique deadlines for each item.
Reviewing the list before the audit can help you properly prepare and meet necessary deadlines.
If your auditor does not provide this type of list ahead of time, you might want to ask for it. Alternatively, you can take the information you needed from prior audits and start a working checklist so you can internally prepare for the audit.
As you review the checklist, be sure to get clarification wherever you have questions before the actual audit begins. Addressing these uncertainties at the outset can significantly reduce the stress around the audit.
Of course, you cannot prepare for everything in an audit, as each audit requires some unpredictability. However, having most of your documents ready to review can take some of the uncertainty out of even the unpredictable parts of the audit.
You should, for example, have expense reports, journal entry support, and program reports ready to go in preparation for the audit. These documents will help you address questions that come up as well.
The auditor should provide some specific goals and expectations as part of their engagement letter. Having this information upfront can not only help you prepare, but it can also ensure that your third-party auditor will accomplish the goals you need in an audit.
Keep in mind there should be a clear line between accounting services and audit functions. Any auditor will only evaluate what you have; they will not help you do the accounting or reporting work. They will likely provide suggestions for improvements, but those will only come about after they complete the audit.
Once you receive a comprehensive list of necessary improvements after the audit, you should work either internally or with another third party to do any accounting "cleanup." If your internal team lacks the necessary expertise to address a specific item, look to a third-party CPA firm.
In preparation for the audit, you should take a hard look at internal processes to address areas where there is room for improvement.
Although taking the time to go through this exercise can be cumbersome, it will be well worth it. Just be sure that you do this evaluation well before the audit, so you have time to implement changes as necessary.
You should also ensure that documented processes are being followed. You can make adjustments to the documents or to the processes, whichever makes sense, in preparation for the audit.
Updating policies and procedures periodically is not only suitable for any audit, but it also helps your team do their jobs more efficiently as well. It also helps with compliance issues before they start to cause problems.
Explaining why you do things a certain way before the audit can be beneficial.
For example, imagine that you have more than one person doing payroll and handling cash receipts. As this deficiency can lead to errors and confusion, you should be able to explain why you are functioning in this way.
It is imperative to provide information about safeguards you are using to ensure these internal control issues are addressed.
The same basic policy can be said any time you have more than one person handling accounting or finance functions.
Contract authorization, expense approvals, and actual purchasing functions are all areas where having one person, rather than a group, increases internal controls and accountability.
You should also be able to explain checks and balances functions that are currently in place or start thinking of ways they can be implemented after the audit. The auditor might have suggestions on how to address this issue as well.
Having year-round communication with your auditor can be a great way to maintain controls and best practices. It also helps you keep up with deadlines and ensure that the annual audit is done promptly.
Proactively ensuring compliance with new guidelines and rules can make the entire audit process run much more smoothly.
Your CPA offers a comprehensive menu of services. One flexible offering, known as an "agreed-upon procedures" engagement, provides limited assurance on a specific aspect of an organization's financial or nonfinancial information.
Agreed-upon procedures can cover various items. For example, a CPA could provide a statement about the reliability of a company's accounts receivable, the validity of the sales team's credit card payments, the effectiveness of the controls for the security of a system, and even greenhouse gas emissions.
Lenders may request these types of engagements before they approve a new loan application or an extension of credit for an existing customer — or they might want one if a borrower defaults on their loan covenants or payments.
These engagements can also be helpful in M&A due diligence by franchisors or when a business owner suspects an employee of misrepresenting financial results. Stakeholders don't necessarily like waiting until year-end to see how an organization is faring in today's uncertain markets. Agreed-upon procedures can be done at any time, providing much-needed peace of mind throughout the year.
These engagements are based on procedures similar to an audit, but on a limited scale. When performing agreed-upon procedures, CPAs issue no formal opinions; they simply act as fact finders. The report lists:
Agreed-upon procedures can be relied on by third parties. But it's the user's responsibility to draw conclusions based on the findings.
Agreed-upon procedures are usually a one-time engagement, so you might not know much about them — or how the rules that apply to them changed a few years ago.
A revised standard was published in 2019, bringing several fundamental changes. Most notably, an accountant can now report on a subject matter without obtaining a written assertion from the responsible party that the responsible party complies with an underlying criterion, such as laws or regulations.
This gives CPAs more flexibility when examining or reviewing certain documents if the engaging party can't appropriately measure or evaluate them.
|The Revised Standard Also:|
The new guidance went into effect for reports dated on or after July 15, 2021, although early implementation was permitted.
An audit is an evaluation of a company's financial statements forming an independent opinion.
A company prepares financial statements according to U.S. Generally Accepted Accounting Principles (GAAP). The fair presentation of those financial statements is evaluated by independent auditors using a framework of Generally Accepted Auditing Standards (GAAS), which set out requirements and guidance on how to conduct an audit.
Simply put, an audit validates the accuracy of financial statements.
Owners take comfort from an independent assurance that the financial statements fairly present the company's financial position and performance.
Current and Potential Investors
The confidence offered means investors are less likely to challenge business decisions or bring a lawsuit over a disagreement. Having audited financial statements may help you attract new investors as they are more likely to invest in a business when they are sure it is financially sound and following good business practices.
Banks and Financial Institutions
Having audited financial statements can reduce finance costs. A study by the University of Chicago's Booth School of Business indicated that firms with audited financial statements secured interest rates that were more than half a percentage point lower than firms without audited financial statements.
Internal Control Deficiencies
An auditor can help detect deficiencies in your company's internal controls that could lead to fraudulent activity. Additionally, areas for process improvement efficiencies are often discovered and communicated to management.
There could be tax reduction strategies determined during the audit process. Using an outside third party may uncover tax strategies not currently being taken advantage of.
Sale of Business
When it comes time to sell your business, audited financial statements are more attractive to a potential buyer and may bring a higher sales price.
Every audit is unique, however the audit process typically includes the following five steps.
Once your company has selected an audit firm, you must sign an engagement letter. Then your auditor will assemble your audit team, develop a timeline, and explain the scope of the audit inquiries and onsite "fieldwork."
The primary goal of an audit is to determine whether a company's financial statements are free from "material misstatement."
Management and third-party stakeholders who rely on your financial statements count on them to be accurate and conform to U.S. Generally Accepted Accounting Principles (GAAP) or another accepted standard.
Auditing rules require auditors to assess general business risks, as well as industry- and company-specific risks. The assessment helps auditors determine the accounts to focus on and develop audit procedures to minimize potential risks.
Based on the risk assessment, the audit firm develops a detailed audit plan to test the internal control environment and investigate the accuracy of specific line items within the financial statements. The audit partner then assigns audit team members to work on each plan element.
During fieldwork, auditors test and analyze internal controls.
For example, they may trace individual transactions to original source documents such as sales contracts, bank statements, or purchase orders. Or they may test a random sample of items reported on the financial statements such as the prices or number of units listed for a randomly selected sample of inventory items.
Auditors may also contact third parties — such as your company's suppliers or customers — to confirm specific transactions or account balances.
At the end of the audit process, your auditor develops an "opinion" regarding the accuracy and integrity of your company's financial statements.
In order to do so, they rely on quantitative data, such as the results of their testing, as well as qualitative data, including statements provided by the company's employees and executives.
The audit firm then issues a report on whether the financial statements present a fair and accurate representation of the company's financial performance and comply with applicable financial reporting standards.
Do you understand how auditors verify account balances and transactions? This knowledge can minimize disruptions when the audit team visits your facilities and maximize the effectiveness of your audit.
Auditors send letters to third parties, such as customers or vendors, asking them to verify amounts recorded in the company's books.
There are two types of confirmations:
Auditors can verify an account balance or record by vouching (or comparing) it to third-party documentation. For example, an auditor might confirm the existence of a vehicle on your fixed asset list by reviewing the invoice from the seller.
Vouching enables an auditor to evaluate the accuracy of the amount claimed by the company and whether it recorded the transaction correctly in its accounting system.
Seeing is believing, so auditors sometimes verify the existence of assets through physical observations and inspections.
For example, inventory audit procedures typically include observing or conducting a physical inventory count, inspecting the process to record incoming and outgoing inventory, and analyzing the inventory obsolescence process.
For assets actively traded on the open market, auditors may confirm the amounts claimed on the company's financial statements by researching pricing data.
For example, if the company invests in marketable securities that it plans to sell within one year, an auditor could analyze the prevailing market price to confirm the book value.
Likewise, a random sample of parts inventory could be compared to online pricing sheets to confirm that items are reported at lower cost or market value.
Auditors may verify in-house schedules and records by recreating them. If the auditor's work matches the client's work, it confirms that the underlying accounts appear reasonable.
Auditors often rely on this procedure for such items as bank reconciliations and schedules of payroll-related expenses (i.e., overtime, benefits, and tax payments).
Prepare the items on your auditor's preparation checklist before the audit starts.
This sample checklist features the most frequently needed documents for a typical audit. Be sure to get a final list from your auditor.
The information should be submitted to the auditor based on their directions, often electronically and in Excel format.
Bank reconciliations and related statements from financial institutions for all cash, certificates of deposit, and investment accounts as of December 31st. These reconciliations should have a listing of all outstanding checks and deposits, held checks, deposits in transit, or any unusual reconciling items.
Reconciliation of cash held for others at the end of the fiscal year.
Summary of bank transfers for the month ending the fiscal year.
Access to January bank statements and reconciliations.
Detailed aged listing of all accounts receivable balances by invoice as of the end of the year (reconciled to the G/L).
Your auditor will likely ask you to prepare an analysis of the collectability of aged accounts receivable balances.
Monthly revenue and expense analysis and gross profit trend analysis.
Variance analysis spreadsheet for general and administrative expenses.
Schedule of rent expense reconciled to the terms of the lease agreements and schedule of future minimum lease payments over the next five years.
Access to all manual journal entries made during the year.
Details of repairs and maintenance account.
Detail of legal fees paid, with all attorneys' names and addresses throughout the year.
Detailed inventory reports as of the end of the year (reconciled to the general ledger), including overhead calculation, if applicable.
Your auditors will typically observe your year-end inventory count to verify the existence of inventory at year-end and for any obsolescence issues.
Fixed asset roll-forward schedule showing beginning balance in each asset class plus additions, less disposals equals ending balance reconciled to the general ledger.
Detail of fixed asset additions and disposals during the year.
Book depreciation schedule by asset, including useful lives, depreciation method, etc.
Accounts payable aged trial balance as of the end of the fiscal year.
Check registers for the period between year-end and the date of fieldwork.
Debt roll-forward schedule showing beginning balance in each note plus borrowings, less repayments equals ending note balance reconciled to the general ledger.
Schedule of future maturities of long-term debt for the next five years reconciled to the terms of debt agreements.
Compliance schedules for covenants.
General ledger (also called a working trial balance) covering the entire fiscal year.
Internal financial statements.
Articles of Incorporation and Bylaws (or other organization documentation).
Accounting Policies and Procedures manual.
Bank notes, security agreements, and lease agreements.
Organization charts and systems documentation (memos detailing flow of transactions within the company).
Minutes of meetings of the board of directors and any other oversight committees.
Fiscal year budget.
Your auditors will need access to all paid bills and checks received during the year.
Reconciliation and schedules supporting all asset, liability, and equity accounts.
Nonprofits have specific audit requirements. While the previous checklist is a general audit checklist, this one is formulated for nonprofit audit requirements.
Copy of the trial balance by account as of December 31st. Provide this information in electronic format (Excel) so that it can be directly downloaded into your auditor’s system.
Bank reconciliations and related statements from financial institutions for all cash, certificates of deposit, and investment accounts as of December 31st. These reconciliations should have attached a listing of all outstanding checks and deposits, held checks (if any), deposits in transit, and any unusual reconciling items.
Summary of bank transfers for the month ended December 31st.
Access to January bank statements and reconciliations.
Reconciliation of cash held for others (if any) as of December 31st.
Certificates of deposit reconciliations and related statements from financial institutions as of December 31st.
Reconciliation of beginning and ending balances, investment income, unrealized gains/losses, purchases, and distributions for assets held, including access to annual summary statements, for the year ended December 31st.
List of unconditional promises to give as of December 31st. Balances will be confirmed as of year-end with a sample selection of donors. Once those contributors are identified, you should receive a confirmation letter template to complete for each donor.
Calculation of the discount to net present value as of December 31st.
Calculation of the allowance for uncollectible promises to give as of December 31st.
Aging by account for receivable balances outstanding as of December 31st.
Summary schedule of fixed assets. Include beginning balances of fixed asset accounts, additions and disposals during the fiscal year, and ending balances of those accounts. Also include beginning balances of accumulated depreciation accounts, depreciation expense, reductions in accumulated depreciation as a result of asset disposals, and ending balances of accumulated depreciation accounts.
Detailed fixed asset listing showing asset descriptions, estimated useful lives and depreciation methods used, calculation of depreciation expense for the fiscal year, etc. It will be helpful if the listing was subtotaled by account such that the totals agree with the summary schedule previously requested.
Access to supporting documentation for fixed asset additions and disposals during the year.
Detailed accounts payable aging as of December 31st. If applicable, denote any payables to related parties.
List of checks written from January 1st through the date of audit fieldwork and access to the underlying related invoices.
Provide access to copies of all unprocessed vendor invoices as of the date of fieldwork.
Support for balances of grants payable (if any) as of December 31st and the underlying agreements.
Detail for all accrued expense balances. Include calculations or supporting documentation for these balances where appropriate.
Worksheet showing the calculation of prepaid expenses, if any.
Support for income received and expenses incurred in connection with the organization's special events. Include a reconciliation of special event income including a breakout of income received from contribution revenue for the year by event, date, amount received, tickets sold, sponsorships received, etc. Also include a breakdown of expenses by the following categories: cash prizes, non-cash prizes, rent/facility costs, food and beverage, entertainment, and other direct expenses. Verify that this schedule ties to the amounts to be reported on the organization's tax return.
Summary schedule of in-kind contributions received including the amounts received by category (i.e., investment, other) and support for valuation of each contribution.
Support for contributions received from donors equal to $5,000 and greater during the year including each donor's name and address. Provide access to underlying support for these contributions (i.e., thank you letters, etc.).
Summary schedule of net assets including detailing the changes in unrestricted as well as temporarily and permanently restricted net assets including contributions received and released from restrictions. Also provide underlying support received from donors for the balances of temporarily and permanently restricted net assets.
Summary schedule of board-designated net assets including beginning and ending balances and activity throughout the year.
Reconciliation of the organization's endowment balances including a breakout between unrestricted (both donor-restricted and board-designated endowment funds) and temporarily and permanently restricted net assets.
Access to all legal, accounting, and consulting invoices.
Access to the 401(k) pension plan agreements and support for the annual contributions.
Copies of the property insurance binder pages or certificates from the insurance binder which specify premiums, coverage limits and dates, name and address of insured, mortgagee and/or loss payee, etc. for property/casual and liability insurance. Also provide support for fidelity bond/employee dishonesty insurance that is in place.
Detailed schedule of grants awarded to governments and other organizations for the year ended December 31st.
Schedule to support payroll costs for the year and allocations of the expenses to program, management and general, and fundraising. Confirm if payroll is prepared in-house or if an outside vendor is used. Also provide access to the Forms 940 and 941.
Copies of meeting minutes from meetings of the board of directors from January 1st through the date of audit fieldwork.
Support for the methodology used to allocate each entity's expenses as program, management and general, and fundraising.
Access to lease agreements (i.e., office space, office equipment, etc.) entered into as of January 1st or later. Access to year-to-date general ledgers as of December 31st.
List of general journal entries for the year ended December 31st.
List of the individuals who served as members of the board of directors at any time during the year including each individual's position, name, and compensation paid, if any.
The pandemic has presented numerous challenges for businesses, but it also taught us how to be resilient, cost-conscious, and adaptable.
Over the last few years, we've learned that remote working arrangements offer many benefits including reducing the time and cost of performing many tasks.
Traditionally, audit fieldwork has involved a team of auditors camping out for weeks (or even months) in one of the conference rooms at the headquarters of the company being audited.
Now, thanks to technological advances — including cloud storage, smart devices, and secure data-sharing platforms — many audit firms conduct specific auditing procedures remotely rather than sending auditors onsite.
For example, drones and video-conferencing technology can observe physical inventory counts, eliminating the expense of sending auditors to facilities that store inventory. For companies with multiple sites, performing this task in-person was costly and difficult to schedule, especially around the holidays.
In addition to saving time and audit fees, allowing auditors to work remotely improves the work-life balance for auditors and in-house accounting personnel. Your employees won't need to stay glued to their desks for the audit because they can respond to the auditor's inquiries and document requests remotely.
The transition to remote audits requires flexibility, including a willingness to embrace the technology needed to exchange, review, and analyze relevant documents. You can assist the transition process by:
Answer all remote requests from your auditors in a timely manner.
If a key employee will be on vacation or out of the office for an extended period, give the audit team the contact information for the key person's backup. Auditors who are out of sight shouldn't be out of mind.
Sharing documents with remote auditors may require installing specific software on employees' computers. But your company's policies may prohibit employees from downloading software without approval from the IT department.
Before remote auditors start their work, ask for a list of software and platforms that will be used to interact with in-house personnel. Give the appropriate employees access and authorization to share audit-related data from your company's systems. Work with your IT specialists to address any security concerns they may have with sharing data with the remote auditors.
Ask the engagement partner to explain how they'll track the performance of their remote auditors, and how they plan to communicate the team's progress to in-house accounting personnel.
With less face-to-face time with your auditors, you'll have fewer opportunities to receive updates on the team's progress.
Remote audits have become popular, but not every audit firm or business is ready to fully embrace remote auditing. Contact us to discuss ways to make your company's next audit more efficient and cost-effective.
Auditing standards require financial statement auditors to identify and assess the risks of material misstatement due to fraud — and to determine overall and specific responses to those risks.
Fraud-related questions are a critical part of the audit process.
The AICPA requires auditors to identify and assess the risks of material misstatement due to fraud and to determine overall and specific responses to those risks under Clarified Statement on Auditing Standards (AU-C) Section 240, Consideration of Fraud in a Financial Statement Audit.
Specific Areas of Inquiry Under AU-C Section 240 Include:
Interviews must be conducted for every audit — auditors can't just assume that fraud risks are the same as those that existed in the previous accounting period.
Although many audit procedures have been done remotely during the pandemic, auditors are now resuming face-to-face meetings with managers and others to discuss fraud risks. Why?
Psychologists estimate that 7% of communication happens through spoken word, 38% through tone of voice, and 55% through body language. So, a face-to-face interview is critical when evaluating fraud risks during an audit to help pick up on nonverbal clues.
Nuances such as an interviewee's tone and inflection, the speed at which he/she responds, and body language provide essential context to the words being spoken.
The auditor will also watch for signs of stress on the interviewee's part in responding to questions including long pauses before answering, starting answers over, profuse sweating, or tapping feet.
In addition, in-person interviews provide opportunities for immediate follow-up questions. When it isn't possible to have a face-to-face interview, a videoconference or phone call is the next best option because it provides the auditor many of the same advantages as meeting in person.
External audits don't provide an absolute guarantee that dishonest behaviors will be detected, but they can be an effective antifraud control.
According to Occupational Fraud 2022: A Report to the Nations, companies that were audited lost one-third less from fraud than those that weren't audited — and audited companies could detect fraud 33% faster than those without audited financial statements.
You can facilitate the efforts to assess your company's fraud risks by anticipating the types of questions you'll be asked and the source documents you'll need to provide. Forthcoming, prompt responses help ensure your audit stays on schedule and minimizes any unnecessary delays.
Many companies have an internal audit department that tests whether the organization is accurately reporting financial results and complying with U.S. Generally Accepted Accounting Principles (GAAP).
But internal auditors need to think beyond compliance. Internal auditors who understand the big picture can expand their department's influence by helping their organizations mitigate risk, improve financial and operational processes, and evaluate business strategies.
The skill sets of internal auditors make the department ideally suited to participate in managing a broad range of risks including:
To maximize its value, the internal audit team should take a forward-looking approach.
Individual auditors are well equipped to help identify and assess risks — and even help businesses anticipate and avoid obstacles before an adverse event occurs.
Your company should tap into the auditors' expertise to evaluate and improve controls and ensure compliance before problems arise, instead of waiting for internal auditors to report possible control or compliance deficiencies.
The department can also highlight ways for other functional areas — such as production, sales, HR, finance, and procurement — to improve processes and eliminate waste and inefficiency.
Technological advances make it possible to greatly enhance the value of the internal audit function.
For instance, continuous auditing is an automated approach that allows auditors to gather critical information and identify problems in real time. This is a dramatic improvement over the traditional approach in which internal auditors test a limited number of samples and then report their findings after the fact.
Likewise, data analytics and predictive modeling enable internal auditors to spot anomalies quickly and focus the team's resources on high-risk areas.
Businesses should conduct regular quality assessment reviews (QARs) of their internal audit departments. The Institute of Internal Auditors' Code of Ethics requires Certified Internal Auditors to undergo a QAR at least once every five years.
This oversight helps assess the department's performance, competence, and objectivity, allowing the company to identify and remedy any issues quickly.
Do your internal auditors have the skills and training necessary to meet the demands of today's volatile, complex business world?
Effective internal audit teams include people from a broad range of backgrounds including those with IT, management consulting, and engineering expertise.
Suppose these skills are lacking in your internal audit team. In that case, your organization might need to hire some new auditors to infuse fresh ideas into the department — or you might consider "co-sourcing" with an external firm to help fill any internal skill gaps.
The first page of audited financial statements is the auditor's report.
This is an integral part of the financials that shouldn't be overlooked. It contains the audit opinion which indicates whether the financial statements are fairly presented in all material respects, compliant with U.S. Generally Accepted Accounting Principles (GAAP), and free from material misstatement.
A clean "unqualified" opinion is the most common (and desirable). Here, the auditor states that the company's financial condition, position, and operations are fairly presented in the financial statements.
The auditor expresses a qualified opinion if the financial statements appear to contain a small deviation from GAAP but are otherwise fairly presented. To illustrate, an auditor will "qualify" his/her opinion if a borrower incorrectly estimates the reserve for a contingency, but the exception doesn't affect the rest of the financial statements.
Qualified opinions are also given if the company's management limits the scope of audit procedures. For example, a qualified opinion may have resulted if you denied the auditor access to year-end inventory counts due to safety concerns during the pandemic.
When an auditor issues an adverse opinion, there are material exceptions to GAAP that affect the financial statements as a whole. Typically, an adverse opinion letter outlines these exceptions. Here, the auditor indicates that the financial statements aren't presented fairly.
Even more alarming to lenders and investors is a disclaimer opinion. Disclaimers occur when an auditor gives up in the middle of an audit. Reasons for disclaimers may include significant scope limitations, material doubt about the company's going-concern status, and uncertainties within the subject company itself. A disclaimer opinion letter briefly outlines the auditor's reasons for throwing in the towel.
Auditors' reports for public companies also must include a discussion of so-called "critical audit matters" (CAMs). Essentially, these are the most complicated issues that arose during the audit.
CAMs are specific to the engagement and the year of the audit. As a result, they're expected to change from year to year. This requirement represents a significant change to the pass-fail audit opinions that have been in place for decades.
It's intended to give stakeholders greater insight into the company's disclosures and the auditor's work when issuing an unqualified opinion. Contact us for more information on audit opinions.
Maintaining the status quo in today's volatile marketplace can be risky.
To succeed, businesses need to "level up" by being proactive and adaptable. But some managers may be unsure where to start or they're simply out of new ideas.
Fortunately, when audited financial statements are delivered, they're accompanied by a management letter that suggests ways to maximize your company's efficiency and minimize its risk.
These letters may contain fresh, external perspectives and creative solutions to manage supply chain shortages, inflationary pressures, and other current developments.
Under Generally Accepted Auditing Standards, auditors must communicate in writing about material weaknesses or significant deficiencies in internal controls that are discovered during audit fieldwork.
A material weakness is defined as "a deficiency, or combination of deficiencies, in internal control, such that there is a reasonable possibility that a material misstatement of the entity's financial statements will not be prevented or detected and corrected on a timely basis."
Significant deficiencies are generally considered less severe than material weaknesses. A significant deficiency is "a deficiency, or a combination of deficiencies, in internal control that is important enough to merit attention by those charged with governance."
Auditors may unearth less severe weaknesses and operating inefficiencies during the course of an audit. The write-up for each deficiency includes an observation (including a cause, if observed), financial and qualitative impacts, and a recommended course of action.
Although reporting these items is optional, they're often included in the management letter.
Audits should be more than just an exercise in compliance.
Management letters summarize lessons learned during audit fieldwork on improving various aspects of the company's operations. For example, a management letter might report a significant increase in the average accounts receivable collection period from the prior year.
Then the letter might provide cost-effective suggestions on expediting collections, such as implementing early-bird discounts and using electronic payment systems to enable real-time invoices and online payments.
Finally, the letter might explain how improved collections could boost operating cash flow and decrease write-offs for bad debts.
When you review the management letter, remember that your auditor isn't grading your performance. The letter is designed to provide advice based on best practices the audit team has learned over the years from working with other clients.
Observant auditors may comment on a wide range of issues they encounter during the course of an audit. Examples — beyond internal controls — include cash management, operating workflow, control of production schedules, capacity issues, defects and waste, employee benefits, safety, website management, technology improvements, and energy consumption.
Always take the time to review the management letter that's delivered with your audited financial statements — don't just file it away for a later date. Too often, the same talking points are repeated year after year.
Proactive managers recognize the valuable insights these letters contain, and they contact us to discuss how to implement changes as soon as possible.
SVA has the expertise and resources you need to tackle all your audit needs. Our team is experienced in all facets of the audit process, with industry expertise to give you the best view of your business.
We will provide a customized approach specific to your needs.