Current technical literature precludes CPAs from performing review engagements when independence is impaired and requires modifying reports to disclose lack of independence in compilation engagements.
The AICPA Reliability Task Force asserts that the conceptual foundation regarding the services CPAs provide to clients should be modified to refocus on reliable financial statements as the end game.
The task force concluded that CPAs can maintain their objectivity and provide review services even when performing control-related activities for clients.
The task force recommends that the Accounting and Review Services Committee develop a new reliability framework that would allow review engagements where independence from ICFR services would not be required.
F. Todd DeZoort, Ph.D., is professor of accounting and accounting advisory board fellow in the Culverhouse School of Accountancy at The University of Alabama. His e-mail address is email@example.com. David K. Morgan, CPA, is the co-managing partner of Lattimore Black Morgan & Cain PC in Nashville, Tenn. His e-mail address is firstname.lastname@example.org. Thomas A. Ratcliffe, CPA, Ph.D., is director of accounting and auditing at Wilson Price in Montgomery, Ala. His e-mail address is email@example.com. Mark H. Taylor, CPA, Ph.D., is professor of accounting and John P. Begley endowed chair in accounting in the College of Business Administration at Creighton University in Omaha, Neb. His e-mail address is firstname.lastname@example.org.
For more than three decades, the AICPA Accounting and Review Services Committee (ARSC) has developed technical guidance for review and compilation engagements with the overarching objectives of serving the public interest and providing practitioners with the guidance needed to perform and report effectively. ARSC has developed the authoritative literature within the Statements on Standards for Accounting and Review Services (SSARS) on a foundation of tenets associated with the need to be independent to perform assurance engagements, such as reviews, along with the need to modify reports in circumstances where independence has been impaired when performing nonassurance engagements, such as compilations.
However, issues that have emerged among financial statement users, preparers, assurers, regulators and other stakeholder groups suggest that client-based independence rules are, in some cases, an obstacle to helping clients provide reliable financial reports. This article, written by members of the AICPA’s Reliability Task Force, describes the work of the task force, the evolving refocus on reliability, and prospective changes in compilation and review standards.
The task force has concluded that barring accountants from expressing some level of assurance if they play a role in the client’s internal control is impractical for many smaller entities. Some entities cannot prepare reliable financial statements without their CPA playing a role in certain control activities. Therefore, the task force believes that the public interest would be served by allowing CPAs to perform select nonattest services, such as certain internal control activities, while also performing a review of those financial statements.
THE RELIABILITY FRAMEWORK
In 2003, Accounting Horizons published a paper titled “A Proposed Framework Emphasizing Auditor Reliability over Auditor Independence,” co-authored by Mark H. Taylor, F. Todd DeZoort, Edward Munn and Martha Wetterhall Thomas. The paper provided a framework (see Exhibit 1) emphasizing reliability as the professional “end game” for CPAs providing assurance services. The framework defines CPA reliability as a condition in which stakeholders consistently find the CPA’s work credible and dependable, even after acknowledging the engagement’s inherent limitations. In this context, a CPA’s performance of control- related activities promotes the financial reporting reliability, which is emphasized as a critical qualitative characteristic of financial information.
This framework highlights integrity, independence and expertise as key ethical constructs underlying the pursuit of objectivity, which in turn enables professional reliability. Specifically, the authors suggest that CPAs cannot be completely independent for a number of reasons, including the fact that the client pays the CPA’s engagement fee. Thus, CPAs always face some degree of independence impairment, even if they are not impaired under professional standards.
The framework suggests that the CPA’s integrity and competence may be appropriate safeguards that provide for the possibility of CPA and financial reporting reliability in situations where the CPA lacks technical independence under professional standards based on scope of service issues.
THE AICPA's INTEREST IN THE RELIABILITY FRAMEWORK
The AICPA’s Audit and Attest Standards Team held several meetings to discuss the published framework and its implications for policymaking and practice. Ultimately, the AICPA formed a task force of practitioners, preparers, researchers and third-party users to study the issue and consider making recommendations to ARSC. The Reliability Task Force first considered the assurance continuum in Exhibit 2 to better understand ARSC’s responsibilities and scope of authority.
Current SSARS allow CPAs to perform compilations when independence has been impaired. However, CPAs lacking independence when performing compilations should disclose that lack of independence in their report, although they are precluded from disclosing the reasons independence is impaired. Alternatively, current standards do not allow a review if independence is impaired. Specifically, CPAs cannot provide limited assurance by means of a review when they are not independent with respect to the reporting entity.
Exhibit 3 depicts the current “independence-based” model for the performance of attestation engagements. In this model, the client’s financial data are first processed through its internal control over financial reporting (ICFR). The financial data may then be subjected to the CPA’s audit, review or compilation procedures. Third parties can then use the resulting report and financial statements in making decisions such as whether to make a loan or extend surety bonding.
However, this model is difficult to achieve in the real world, particularly for smaller clients that need CPAs to do more than simply compile or review their financial statements. To achieve reliable financial reporting, these clients often require their CPAs to perform certain nonattest services related to bookkeeping, payroll and accounting controls. Specifically, to help ensure reliable financial reporting, Exhibit 4 depicts a scenario in which CPA services intersect with internal control functions that have been reserved for the client in the traditional model.
However, in many cases, this intersection impairs the CPA’s independence under independence standards such that a review engagement cannot be performed, and there would be a need to disclose impaired independence in reports resulting from compilation engagements.
Consistent with the reliability framework, when considering current independence rules and the goal of reliable financial statements, the task force distinguished independence impairments associated with two areas—financial or relationship interests and performance of certain nonattest services.
CPAs in small and medium firms often perform certain ICFR activities for their clients to improve the reliability of financial reporting. Many users believe that these types of services are extremely valuable in enhancing financial statement reliability for businesses that otherwise would be unable to prepare accurate accounting records and financial statements, and that such services do not impair the CPA’s objectivity. However, while these services have the potential to improve the reliability of financial reporting, they technically impair independence and disqualify the CPA from issuing a review report under current standards.
For example, a CPA who performs bookkeeping for a client—assigning general ledger codes to receipts and disbursements and posting them to the general ledger because the client lacks relevant competence—increases the likelihood that receipts and disbursements will be accurately accounted for. These services, in turn, increase the likelihood that the client’s subsequent financial statements will be reliable. However, this activity would likely violate current independence standards because the decision on coding and posting would most likely be considered a management decision.
The task force believes that maintaining a stance that accountants cannot express some level of assurance if they do not comply with the existing independence model, where they can play no role in the client’s internal control, is not practicable for many smaller entities and not in the public interest. Although the task force reaffirmed the importance of “financial-interest” independence (for example, no direct investments in the client) and “relationship-based” independence (for example, ensuring that an immediate family member of the CPA is not in a key management position at the client), it emphasized the importance of flexibility and latitude when considering independence requirements for compilation and review engagements as those requirements relate to nonattest services performed.
For example, if independence is impaired because CPAs perform certain nonattest services to improve the reliability of client financial reporting, the task force believes CPAs should be permitted to express limited assurance on the client’s financial statements provided they maintain their financial-interest and relationship- based independence, integrity and expertise needed to pursue objectivity. The end result should be more reliable financial reporting.
The task force recommended that ARSC proceed with developing a standard that would allow review engagements in cases where the CPA performed client ICFR services (see Exhibit 5). ARSC has begun deliberating over whether to incorporate the reliability framework into the SSARS literature.
Given the relatively high level of assurance provided by audits, the task force concluded that it would not be appropriate to make a similar recommendation to the Auditing Standards Board. However, task force members recognize that the importance of the reliability framework’s tenets suggests the need for future consideration by the AICPA’s Professional Ethics Executive Committee of the implications.
Task force members believe the potential changes to the ARSC foundation are driven by a systematic consideration of market factors. These factors include demand for high-quality services, users who expect CPAs to fulfill needs that currently compromise independence rules, and thought literature that suggests equal emphasis on independence, competence and integrity, paving the way to pursue CPA objectivity that yields reliable financial information. Essentially, the task force concluded that reliability should be the end game.
Recommendations from the Reliability Task Force, accompanied by anecdotal evidence from all stakeholder groups with an interest in compiled and reviewed financial statements of nonpublic companies, make clear the need for ARSC to consider modifications to the foundation underlying the compilation and review engagement technical literature. By embedding in that foundation a framework focused on financial statement reliability as the end game, ARSC could develop technical literature that accomplishes the overall objectives of serving the public interest and providing CPAs the guidance needed to perform compilation and review engagements.
“Navigating the Crossroads of Control and Independence,” Dec. 07, page 42
The March 2008 report Recommendations of the Reliability Task Force: Consideration of an Alternative Framework for Compilation and Review Engagements is available at www.aicpa.org/download/ auditstd/Recommendations_of_the_ Reliability_Task_Force_-_FINAL.doc.
Compilation and Review 2007/08—Risk Alert (#022308)
Compilation and Review Engagement Essentials, a CPE self-study course (#733678)
For more information or to place an order, visit www.cpa2biz.com or call the Institute at 888-777-7077.