| EXECUTIVE
SUMMARY |
 SSARS NO. 12, Omnibus
Statement on Standards for Accounting and
Review Services—2005, amended
SSARS no. 1, making specific changes
regarding the practitioner’s
consideration of fraud and illegal acts
in compilation and review engagements. ALTHOUGH COMPILATION AND
REVIEW performance standards
don’t require CPAs to assess the
risk of fraud, they still must inform the
client of incorrect, incomplete or
otherwise unsatisfactory information
discovered during an engagement.
ACCOUNTANTS NEED NOT REPORT illegal
acts that are clearly inconsequential and
may reach agreement in advance with the
entity regarding the nature of such items
to be communicated.
MISSTATEMENTS IN FINANCIAL
STATEMENTS may be intentional,
thus constituting fraud, or
unintentional, the result of error.
Therefore, in a review, CPAs must make
specific inquiries and obtain specific
written representations from management
about fraud.
IN ADDITION TO THE REVISIONS to
SSARS no. 1 related to fraud, SSARS no.
12 contains amendments to guidance on
updating management representation
letters, restricted-use reports and
restatement adjustments.
|
| J. RUSSELL MADRAY, CPA, is
president of the Madray Group Inc., an
accounting and auditing technical
consulting practice, and a senior
lecturer at Clemson University’s
School of Accountancy and Legal Studies
in Clemson, S.C. His e-mail address is russ@madray.com. |
new statement on standards for accounting and
review services (SSARS) makes specific changes
regarding an accountant’s consideration of
fraud and illegal acts in compilation and review
engagements. The AICPA Accounting and Review
Services Committee (ARSC) amended SSARS no. 1, Compilation
and Review of Financial Statements by
issuing SSARS no. 12, Omnibus Statement on
Standards for Accounting and Review
Services—2005. This article covers
SSARS no. 12’s changes, which are generally
effective for compilations and reviews of
financial statements for periods ending after
December 15, 2005.
SSARS no. 12 does not change
the objectives in such engagements. You need not
report illegal acts that are clearly
inconsequential and may reach agreement in
advance with the entity regarding the nature of
such items to be communicated. The statement
doesn’t require you as the CPA to assess the
risk of fraud or to plan a compilation or review
engagement specifically to discover fraud.
However, this doesn’t relieve you of
responsibility for informing the client if
incorrect, incomplete or otherwise unsatisfactory
information comes to your attention during the
engagement.
In 2004 ARSC issued SSARS no.
10, which required that the accountant in a
review engagement make specific inquiries and
obtain written representations from management
regarding fraud (see “An
Update on Review Engagements,” JofA, Aug.04, page 69).
At the same time ARSC issued an interpretation to
explain what steps should be taken to communicate
about fraud or illegal acts when, during the
performance of a compilation or a review
engagement, the accountant suspects that fraud or
an illegal act may have occurred.
Trouble
by the Numbers
Compilation
Engagements: Causes of Malpractice
Claims, 1994–2000
| Errors
on financial statements |
33% |
| Failure
to detect defalcation |
25 |
| Engagement
scope dispute |
18 |
| Inadequate
disclosures |
9 |
| Conflict
of interest |
7 |
| Fraud |
6 |
| Release
of records |
2 |
| Total |
100% |
Source:
AICPA, Compilation and Review Alert
2004/05, page 14.
|
FIRST THINGS FIRST: THE
UNDERSTANDING
SSARS no. 1 (as
amended—in this and all other references in
this article) says CPAs should establish an
understanding with the client, preferably in
writing, regarding the compilation or review
services to be performed. This should include a
description of the nature and limitations of the
services to be performed and of any report to be
issued. It also should provide that
 The engagement cannot be
relied upon to disclose errors, fraud or illegal
acts.
The CPA will inform the
appropriate level of management of any material
errors and any evidence or information that comes
to his or her attention during the performance of
compilation or review procedures that fraud or
illegal acts may have occurred. In performing
such an engagement you need not report any
matters regarding illegal acts that are clearly
inconsequential and may reach agreement with the
entity in advance about which matters will be
communicated.
More
SSARSs
The AICPA Accounting and
Review Services Committee (ARSC) also
recently issued SSARS nos. 13 and 14 (see
Official Releases, JofA, Nov.05, pages
109–121). SSARS no. 13, Compilation
of Specified Elements, Accounts, or Items
of a Financial Statement, expands
the applicability of the SSARSs to
situations in which an accountant is
engaged to compile, or issues a
compilation report on, specified
elements, accounts or items of a
financial statement. SSARS no. 14, Compilation
of Pro Forma Financial Information, expands
the applicability of SSARSs to situations
in which an accountant is engaged to
compile, or issues a compilation report
on, pro forma financial information. |
COMPILATIONS
The objective of a
compilation is to present information—in the
form of financial statements—that is the
representation of management, without undertaking
to express any assurance on the statements. You
are not required to perform any additional
procedures or search for fraud or illegal acts.
However, during the performance of
compilation or review procedures, such as
inquiries or analytical procedures in a review or
reading the financial statements in a
compilation, if any evidence or information comes
to your attention regarding fraud or an illegal
act, you should request that management consider
the effect of the matter on the financial
statements and you should consider its effect on
the compilation report. If you believe the
financial statements are materially misstated,
you should obtain additional or revised
information.
REVIEWS
A review
engagement provides limited assurance that the
financial statements require no material
modifications in order to conform to generally
accepted accounting principles (GAAP) or an other
comprehensive basis of accounting (OCBOA).
Misstatements can be intentional, thus
constituting fraud, or unintentional, the result
of error. SSARS no. 1, issued in 1978,
established that the objective of a review
engagement is to provide a CPA with a reasonable
basis for expressing such limited assurance.
The SSARS requires the
accountant to obtain from management specific
written representations for all financial
statements and periods covered by the
accountant’s review report. The contents
will depend on the circumstances of the
engagement and the nature and basis of the
presentation of the financial statements, but
management must specifically acknowledge
Its responsibility to
prevent and detect fraud.
Any
awareness—including communications received
from employees, former employees or
others—of any fraud or suspected fraud
affecting the entity that could have a material
effect on financial statements.
 COMMUNICATION
IS THE KEY
When fraud or an
illegal act involves senior management, you
should report it to an individual or group at a
higher level, such as the manager, owner or board
of directors. The communication may be oral or
written; if it’s oral, you should document
it. When an owner of the business is involved,
you should consider resigning from the
engagement.
You also should consider
consulting with your counsel and insurance
provider whenever any information comes to your
attention that fraud or an illegal act may have
occurred, unless it’s clearly
inconsequential.
It’s not ordinarily part
of the CPA’s job to disclose any evidence or
information—about fraud or illegal acts that
may have occurred—to parties other than the
client’s senior management or board of
directors. In fact, doing so would be precluded
by your ethical or legal obligations of
confidentiality unless it’s
To comply with certain
legal and regulatory requirements.
To respond to a successor
accountant who is communicating with you in
accordance with SSARS no. 4, Communications
Between Predecessor and Successor Accountants
(AICPA, Professional Standards, volume
2, AR section 400), as amended, regarding
acceptance of an engagement to compile or review
the financial statements of a nonpublic entity.
In response to a subpoena.
It’s a good idea to
consult with legal counsel before discussing
matters with outside parties.
Litigation Risk in
Compilation Engagements
You’ve
likely heard about the growing trend of
lawsuits filed against CPAs who perform
compilations and bookkeeping services
that fail to detect employee
embezzlement. As CPAs, you should be
aware that the risk of a costly lawsuit
is present in all engagements—even
compilation engagements. Here are some
steps to take. Perform all compilation
engagements in accordance with statements
on standards for accounting and review
services (SSARSs). Many clients do not
understand or appreciate the fact that a
compilation or bookkeeping service does
not include the examination of cancelled
checks or bank images. Some clients
presume that when you ask for their bank
statement or reconciliation, you are
examining the cancelled checks for
fraudulent payees and/or
endorsements—though clearly,
compilation standards do not require
that. It’s important to have a
meaningful discussion with each client
about the compilation procedures you will
perform and to tailor the engagement
letter to reflect what will and
won’t be done.
Reassess your
firm’s client acceptance and
continuance procedures. Practice Alert
2003-03, Acceptance and Continuance
of Clients and Engagements, provides
guidance with respect to such procedures
(www.aicpa.org/download/secps/pralert_03_03.pdf).
Talk to your
clients who own businesses about the risk
of fraud and their responsibilities.
Since it is not your responsibility to
examine cancelled checks when performing
a compilation engagement, stress that
it’s important for the business
owner (or someone else unrelated to the
cash function) to perform this procedure
as part of internal control over
financial reporting.
Avoid clients that
operate in industries outside your
firm’s expertise. SSARSs do not
prevent your accepting such engagements,
but they do require that you obtain the
necessary level of knowledge to properly
serve those clients.
Use clearly worded
engagement letters that outline both your
responsibilities and the client’s.
(For examples, go to www.aicpa.org/members/div/auditstd/technic_arsc.asp.)
Stress that a compilation does not
involve obtaining an understanding of
internal control or assessing control
risk; testing accounting records by
obtaining corroborating evidential matter
through inspection, observation or
confirmation (for example, by examining
cancelled checks); or performing
inquiries, analyses or certain other
procedures ordinarily performed in audits
or reviews.
When performing
bookkeeping services, especially as part
of an engagement to perform management
services, take special care to have a
detailed engagement letter that spells
out the procedures you will perform
relative to any cash account. When
performing a bank reconciliation, specify
what procedures will be performed,
especially with respect to the payee and
the endorsement of cancelled checks.
Be aware of three
key facts about your risk in compilation
engagements:
The potential for
fraud exists on all engagements.
Although SSARSs
clearly state that a compilation
cannot be relied upon to disclose
fraud and that it is not your
responsibility, the public’s
perception often is different.
There’s a
growing trend of litigation against
accounting firms.
A few minutes of care and explanation
can protect your firm from litigation and
damage to its reputation.
|
FRAUD OR ILLEGAL ACT?
Fraud is a broad
legal concept, and accountants do not make legal
determinations of whether an act is, in fact,
fraudulent. Rather, the accountant’s
interest specifically relates to acts that result
in a material misstatement of the financial
statements. The primary factor that distinguishes
fraud from error is whether the underlying action
is intentional. If it is, it’s fraud.
Intent often is difficult to
determine, particularly in matters involving
accounting estimates and the application of
accounting principles. Two types of misstatements
are relevant to consideration of fraud—those
arising from fraudulent financial reporting and
those from misappropriation of assets.
Misstatements
arising from fraudulent financial reporting
are intentional misstatements or omissions of
amounts or disclosures in financial statements
designed to deceive financial statement users
where the effect causes the financial statements
not to be presented, in all material respects, in
conformity with GAAP or OCBOA.
Misstatements
arising from misappropriation of assets (sometimes
referred to as theft or defalcation) involve the
theft of an entity’s assets that causes the
financial statements not to be presented in all
material respects in conformity with GAAP or
OCBOA.
The term illegal acts refers to
violations of laws or governmental regulations
other than fraud. Illegal acts by clients,
management or employees acting on behalf of an
entity are attributable to the entity. Such acts
cover a broad range of issues, including
occupational safety and health, employment
practices, environmental protection and antitrust
laws but not personal misconduct by the
entity’s personnel unrelated to their
business activities. Illegal acts may not always
be intentional and may not always have an effect
on financial statements.
Determining whether an act is
fraudulent or illegal is normally beyond
accountants’ professional competence. It
would generally be based on the advice of an
informed expert qualified to practice law or
final determination by a court of law. However,
an accountant’s training, experience and
understanding of the client and its industry may
provide a basis for recognizing that some client
acts may be fraudulent or illegal.
PUT
IT IN WRITING
Although there are
no specific documentation requirements in a
compilation engagement, any information about
suspected fraud that you communicate to
management or others should be documented in the
engagement workpapers.
In a review engagement, any
communications, whether oral or written, to
management or others regarding fraud or illegal
acts that come to your attention must be
documented in the workpapers.
UPDATE,
RESTRICT, RESTATE
In addition to the
revisions to SSARS no. 1 related to fraud, SSARS
no. 12 contains amendments to guidance on
updating management representation letters,
restricted-use reports and restatement
adjustments.
The new guidance discusses the
circumstances in which you should consider
obtaining an updating representation letter from
management. Examples include situations in which
You do not issue your
review report for a significant period of time
after obtaining a management representation
letter upon completion of inquiry and analytical
review procedures.
A material event occurs
after the completion of inquiry and analytical
review procedures, including obtaining the
original management representation letter, but
before issuance of the report on the reviewed
financial statements.
In cases where a former client
asks a predecessor accountant to reissue his or
her report on the financial statements of a prior
period—and those statements are to be
presented on a comparative basis with reviewed
financial statements of a subsequent
period—the predecessor accountant should
obtain an updating representation letter from the
management of the former client.
| AICPA
RESOURCES |
Publications
SSARS No. 12, Omnibus
Statement on Standards for Accounting and
Review Services—2005
(paperback, # 060650JA). SSARS no. 13, Compilation
of Specified Elements, Accounts, or Items
of a Financial Statement (paperback,
# 060651JA).
SSARS no. 14, Compilation
of Pro Forma Financial Information
(paperback, # 060652JA).
Compilation and
Review Alert—2005/06
(paperback, # 022306JA).
Compilation and
Review Engagements—Essential
Questions and Answers (paperback, #
006622JA).
Review
Engagements: New and Expanded Guidance on
Analytical Procedures, Inquiries and
Other Procedures (paperback,
#006618JA).
CPE
Advanced Update for Compilation and
Review Engagements (text, #
731505JA). Also available as a public
seminar or on-site training (www.aicpalearning.org/public_seminars.asp).
Conferences
National Advanced Accounting and Auditing
Technical Symposium
Chicago
July 19–21, 2006
For more information about these
resources, to place an order or to
register, go to www.cpa2biz.com
or call 888-777-7077.
|
SSARS no. 12
also revises SSARS no. 1 to provide guidance on
restricting the use of reports issued pursuant to
SSARSs. The term general use applies to
compilation and review reports that are not
restricted to specified parties, while restricted
use applies to reports that are intended
only for specified third parties. Restrictions on
the use of a report may arise, for example, from
the purpose of the report and the potential for
it to be misunderstood when taken out of context.
Restrict the use of a report when its subject
matter, or the presentation being reported on, is
based on measurement or disclosure criteria
contained in contractual agreements or regulatory
provisions not in conformity with GAAP or OCBOA.
Also consider informing your client that
restricted-use reports are not intended for
distribution to nonspecified parties, even when
they are included in a document containing a
separate general-use report. In establishing the
terms of the engagement, the new guidance does
not preclude your reaching an understanding with
the client that the client and the specified
parties will distribute it only to parties
identified in the report. You are not responsible
for controlling a client’s distribution of a
restricted-use report, though the report should
be worded to alert readers to the restriction on
its use.
SSARS no. 12 revises SSARS no.
2, Reporting on Comparative Financial
Statements (AICPA, Professional
Standards, volume 2, AR section
200.25–.26), to allow a successor accountant
to report on the restatement adjustment of
prior-period financial statements while
indicating that a predecessor accountant reported
on the financial statements of the prior period
before restatement. The previous guidance
precluded the successor accountant’s
reporting on the restatement adjustment only.
Requirements
for Consideration of Fraud and Illegal
Acts
| Requirement |
Compilation |
Review |
Audit |
| Establish
required understanding with the
entity. |
The engagement
cannot be relied upon to disclose
errors, fraud or illegal acts,
but you must inform the
appropriate level of management
of any material
errors, or any evidence or
information that comes to your
attention during the performance
of compilation procedures that
fraud or an illegal
act may have occurred. You
need not report any matters
regarding clearly inconsequential
illegal acts that may have
occurred and may reach agreement
in advance with the entity on the
nature of any such matters to be
communicated.
|
The engagement
cannot be relied upon to disclose
errors, fraud or illegal acts,
but you must inform the
appropriate level of management
of any material
errors, or any evidence or
information that comes to your
attention during the performance
of review procedures that fraud
or an illegal act may have
occurred. You need not report
any matters regarding clearly
inconsequential illegal acts that
may have occurred and may reach
agreement in advance with the
entity on the nature of any such
matters to be communicated.
|
GAAS requires
that you obtain reasonable,
rather than absolute, assurance
about whether the financial
statements are free of material
misstatement, whether caused by
error or by fraud. Accordingly, a
material misstatement may remain
undetected. Also an audit is
not designed to detect error or
fraud that is immaterial to the
financial statements.
|
| Conduct
brainstorming session among
engagement personnel regarding
the risks of material
misstatement due to fraud. |
No |
No |
Yes |
| Gather
information necessary to identify
risks of material misstatement
due to fraud. |
No |
No |
Yes |
| Identify
risks that may result in a
material misstatement due to
fraud. |
No |
No |
Yes |
| Evaluate
the entity's programs and
controls that address the
identified risks of material
misstatement due to fraud, and
assess the risks, taking into
account this evaluation. |
No |
No |
Yes |
| Respond
to the results of the assessment. |
No |
No |
Yes |
| Evaluate
evidence. |
No |
No |
Yes |
| Communicate
information about fraud to
management. |
Only evidence
or information that fraud or an
illegal act may have occurred
that comes to your attention
during the performance of
compilation procedures need be
communicated. |
Only evidence
or information that fraud or an
illegal act may have occurred
that comes to your attention
during the performance of review
procedures need be communicated. |
Yes |
| Document
any communications, whether oral
or written, to management or
others regarding fraud or illegal
acts. |
Recommended |
Required |
Required |
| Document
the consideration of fraud. |
No |
No |
Yes |
|
|
| HOME | ARCHIVE | CONTACT | ADVERTISE | SUBSCRIBE | AICPA