Objections to FRF for SMEs

I’ve been reading comments on the AICPA LinkedIn group about FRF for SMEs. Those comments include statements that FRF for SMEs will “increase fraudulent reporting” or that it will be “unenforceable.”

Here are my thoughts about those objections.

CPAs will continue to use the same audit standards and the same compilation and review standards. We have opined upon and reported upon OCBOA statements for decades, and I have never heard CPAs object – nor NASBA, nor the FAF.

And why have CPAs historically issued OCBOA statements? Simplicity and flexibility.

Why did the AICPA issue FRF for SMEs? Simplicity and flexibility.

Have we not had the modified-cash basis for a very long time? This basis of accounting has never been subject to public scrutiny (as FRF for SMEs was); it simply evolved by commonly accepted practice. And hasn’t the modified cash basis offered variations in presentation (again for decades)? It seems to me that this OCBOA has been “enforceable”; modified-cash basis statements have been subject to peer reviews since the genesis of the peer review idea.

Will it be more difficult to enforce? Yes. There is more to know. But aren’t FASB statements more difficult to enforce as new pronouncements are issued each year? Yes, but we handle this well.

How long will it take for the Private Company Council to make exceptions for private business GAAP? I’m not sure, but in the meantime, I will be using FRF for SMEs. I am already reading and learning about the new framework, and I must say, I like what I see.

Providing Fraud Prevention Services to Compilation Clients

How many small businesses do you compile financial statements for? For most small- to medium-sized CPA firms, the answer is plenty. Now let me ask one more question (please).

What is the greater risk for such small businesses?

  • Financial statements are misstated or
  • The bookkeeper (or someone else) can steal substantial sums of money from the business
iStock_000025203171XSmall

Courtesy of iStockphoto.com

You say, “I’m not engaged to look for potential theft.” In most cases, you probably aren’t. But notice my question is about your client (and your potential opportunity to provide a valuable service).

I find that most compiled small business financial statements are basically correct – often because of the CPA’s involvement. The risk of material misstatement is driven down, and obviously, this is a good thing, but what about the potential for theft?

It seems to me that CPAs seldom talk with their clients about the potential for theft, even though we know, for instance, that the client’s accounting staff consists solely of one bookkeeper.

Theft may occur prior to the CPA’s compilation work, but when theft occurs, bookkeeping clients will sometimes say things like, “surely my CPA is in some way responsible” – even though compilations are not designed to prevent (or detect) fraud.

Defining Your Compilation Service

Let me ask two questions at this juncture:

  1. Do you get compilation engagement letters signed?
  2. Do you verbally explain the limits of your engagement (that you are not providing fraud prevention or detection services)?

These two actions will mitigate your risk when you only provide compilation services.

Providing Fraud Prevention Services

Now let’s consider another service that you can add: fraud prevention.

Do you ever suggest to your client that he or she have you (or someone else trained in fraud prevention) review the accounting system and make fraud prevention suggestions? Here is where, I believe you can add value in addition to the compilation service. I also believe it is largely an untapped source of revenue for small- to medium-sized CPA firms.

If you provide fraud prevention services, you need to create an engagement letter that addresses the boundaries of your work. It is wise to say what you are providing and, more importantly, what you are not providing.

I normally will state that I am providing the additional fraud prevention service to mitigate fraud risk and that the additional work will not provide absolute assurance that fraud will not occur. I go on to say that once the work is complete, “fraud may still occur.” (Check with your insurance carrier for appropriate language.)

In other words, your engagement is to mitigate fraud risk, not eliminate it – a reasonable proposition. (The risk of fraud can seldom, if ever, be fully eliminated.)

Additional Risks for the CPA

But doesn’t providing fraud prevention services create additional risks for the CPA?

Yes.

Providing any additional service creates additional risks for the CPA. So this is ultimately a business decision for you and your firm.

Independence

Will providing fraud prevention services impair your independence? Under existing AICPA independence standards, the answer is often “yes” (because you are assisting with the design of the internal control system). You can offer such a service to a compilation client, but you will need to state your lack of independence in the compilation report.

Agree or Disagree?

What do you think about offering fraud prevention services to compilation clients?

Stealing While Dying

In one of the stranger frauds I’ve seen, the bookkeeper was stealing money while dying. Going to meet your Maker with the fresh scent of theft on your hands is not a good way to go.

manager in office

Courtesy of iStockphoto.com

I had provided external audit services to this health department for years and knew the bookkeeper (we’ll call her Katie) quite well. She sent me thank you cards – yes, thank you cards – for my audit work. Katie was polite, well spoken, and great at her job. If ever I thought there was someone who would not (and could not) steal, it was (you guessed it) Katie.

But external circumstances can make even the best of people do the impossible. During the course of one audit year, Katie developed cancer. The medical treatments resulted in numerous medical bills, many of which were received while she still worked off and on. Sadly she eventually died.

Knowing that Katie had passed away, I knew the audit would be challenging, especially since the health department board had not hired anyone to replace her.

Upon my arrival I requested the bank statements, but the remaining employees could not locate them (not a good sign). I thought maybe she had taken the bank statements home and had not returned with them due to her illness. After the employees had searched for some time with no result, the client requisitioned the bank statements and cleared checks from the bank (this was some twenty years ago, before electronic access).

In reviewing the cleared checks, I quickly noticed round-dollar vendor checks written to Katie. The first one was for $7,000. My first thought was, “not Katie, I’ve known her too long. No way. Surely there’s a reason for this.” But then there was another and another…

Reporting the theft to the health department board was difficult. Here was an honest person who had stolen money because she felt she had to.

This is one case where I wanted to just let it go, to walk away and pretend it didn’t happen. But I knew that was not an option. Can you imagine being the board member that called Katie’s husband – just months after her death – and informed him of the theft?

Fraud is an ugly thing.

If you ever need a reason to communicate control weaknesses in an open manner, here’s one – for the employee’s own safety (not to mention your own).  Sometimes money is too tempting, even for the best of people.

Fraud Triangle 

So what led to the theft?

  • Pressure (need for cash)
  • Opportunity (almost no segregation of duties), and
  • Rationalization (Katie’s unselfish desire to leave her family with no medical bills).

Katie was authorized to sign checks. Though the checks required two signatures, the bank cleared these checks with just Katie’s signature. Since Katie keyed all transactions into the computer and reconciled the bank statements, she had the keys to the castle. (I was thankful that our firm had – in the prior audits – communicated the lack of segregation of duties.)

The guy or gal you’re auditing is too honest to steal? Maybe. But you never know what is going on in their lives – or what will come.

Lessons Learned

  • When records go missing – pay attention
  • When you see round-dollar vendor checks – dig deeper
  • When your client lacks segregation of duties – raise your antenna

Your Fraud Story

What strange occurrences of fraud have you observed?

FRF for SMEs – The New AICPA Accounting Framework

The AICPA just released the much anticipated Financial Reporting Framework for Small- and Medium-Sized Entities (FRF for SMEs). Its size is less than 200 pages (compared to several thousand pages for U.S. GAAP).

iStock_000003405900XSmall

Courtesy of iStockphoto.com

A Short History

I still recall sitting in a University of Georgia graduate class in 1983 (back in the days of David Bowie, Prince, and Phil Collins) as we discussed the big-GAAP-little-GAAP issue. Even then there was a cry that GAAP had become too burdensome. It took thirty years, but we finally have relief – even though FRF for SMEs is not considered GAAP.

About five years ago the International Accounting Standards Board issued IFRS for SMEs, and I really liked it (and still do). It, like FRF-SMEs, is small in size (about 230 pages), but it never took root here in America. I’m not sure why. Canada also issued its own set of small business accounting standards.

About three years ago, the Blue Ribbon Panel – made up of representatives of the AICPA, the Financial Accounting Foundation (FAF), and the National Association of State Boards of Accountancy (NASBA) – recommended the establishment of “a separate private company standards board” under the FAF’s oversight.

The FAF (the parent of FASB) declined to follow the recommendation, and, in its place, created the Private Company Council (PCC) to work with the Financial Accounting Standards Board to create exceptions to U.S. GAAP for small businesses.

The AICPA, soon after the FAF’s PCC announcement, decided it would create the FRF for SMEs.

You might say the FAF and the AICPA diverged, but they have politely (and publicly) referred to the two approaches as complementary.

Interestingly, the day the AICPA issued FRF for SMEs, FASB voted to issue three PCC initiatives for public exposure.

Applauding the AICPA

I applaud the AICPA for creating and issuing FRF for SMEs. I believe it will provide CPAs (and their clients) with a long sought-after solution to the standards overload issue. Small for-profit businesses have enough problems without being burdened with overly complex accounting standards and the cost of creating compliant financial statements.

Will We (American CPAs) Use FRF for SMEs?

I’m now waiting to see the CPA community’s response to FRF for SMEs. Will we move forward with these standards, or will we ignore them, as was done with IFRS for SMEs?

Personally I believe CPAs around the U.S. will embrace FRF for SMEs. In scanning these new standards, I see the following interesting aspects (to name a few):

  • No other comprehensive income presentation
  • Lease accounting remaining much like our present GAAP rules
  • Consolidations not required
  • VIE standards not in play
  • Goodwill can be amortized
  • Simplified disclosures
  • More historical accounting; less fair value accounting

When GAAP is Required

Keep in mind that if your small business client needs GAAP-based financial statements (e.g., debt covenant requirement), they will still need to follow FASB guidance, but if there is no need for GAAP-based financial statements, the client will have the option to use the FRF for SMEs. (You may want to check with your clients to see if they have any debt agreements requiring GAAP financial statements.)

OCBOA – Still an Option

Of course clients still have the option to issue cash-basis, modified-cash or tax-basis statements.

How About You?

Will you and your clients use FRF for SMEs?

Data Collection Form Due Date Extended Until September 30, 2013

Note – Click here for updated information (as of October 14, 2013); the post below was created on June 5, 2013.

Data Collection Form to Change

OMB issued a Federal Register Notice on May 9, 2013, which proposed changes to the Data Collection Form (DCF); see www.whitehouse.gov/omb/financial_default.

Capture

Notice – DCF Not Ready in Time for 2013 Audits

The Federal Audit Clearinghouse has posted the following notice (click here for Clearinghouse webpage):

Audit Year 2013 Submissions:

The 2013 Form SF-SAC will not be available until the final approval is received. The Federal Register Notice for the 2013 Form SF-SAC was published on May 9, 2013. We estimate that the form will be available in the summer of 2013.

If a single audit for a fiscal period ending in 2013 is due before the 2013 Form is available, auditees will not be able to meet the thirty day deadline for submission prescribed by OMB Circular A-133. Therefore, OMB has granted an extension until September 30, 2013 for reporting packages due to the Clearinghouse before that date. The extension is automatic and there is no approval required. The extension applies only to single audits for the fiscal periods ending in 2013.

Summary of Notice

  • The new DCF will be ready this summer
  • An automatic extension to file the DCF is provided until September 30, 2013
  • No approval is required for the extension

What’s in Your Golf Bag (or on your Desktop)?

I’m a hacker that is always curious about what the other guy has in his golf bag. 60 degree wedge? Belly putter? Persimmon head driver (from the old days)? You can tell a lot about a golfer by what he carries.

Same with, “what’s on your desktop?

I thought I would share what’s on my desktop. So here’s an old CPA hacker’s bag. (You will see I’m a pure audit and accounting guy.)

1. Checkpoint Tools for PPC.

With one click I can see all of the practice aids I’ve subscribed to, things like:

  • Engagement letters
  • Audit programs
  • Risk assessment forms
  • Letters to those charged with governance

I also have access to PPC’s Interactive Disclosure Libraries; I use this to find sample note disclosures.

2. The peer review general audit engagement checklist.

With one click, I can see what the peer review checklist has to say about the workpapers I’m looking at. (Obviously there are many more peer review checklists, but this one provides a generic quick look.)

3. The most recent PPC disclosure checklist.

The checklist provides me with quick answers to disclosure questions.

4. TValue Link.

Need a loan amortization; it’s one click away.

5. Scansnap Organizer Link.

I keep a scanner on the corner of my desk; when paper arrives I scan it and file it.

6. Link to Excel (in Windows toolbar).

One click to spreadsheets.

7. Link to Word (in Windows toolbar).

One click to documents.

8. Link to Snipping Tool (in Windows toolbar).

One click to access Windows 7 snipping tool; I can quickly capture anything on my screens.

9. Link to Adobe Acrobat (in Windows toolbar).

How can one live without Adobe Acrobat; scan and annotate documents.

10. Link to Judy’s Tenkey (in Windows toolbar).

One click to electronic adding machine.

11. Link to Evernote (in Windows toolbar).

One click to cloud storage for personal and business information.

12. Link to Firefox (in Windows toolbar).

Yes I’m a Firefox fan (like it better than Explorer).

13. ShareFile icon (on desktop).

One click to secure file sharing.

14. Mindjet MindManager icon (on desktop).

One click to mindmapping and brainstorming software.

Finally let me recommend Fences (by Stardock) for Windows-based systems; it will allow you to group your desktop icons into one area of your screen (e.g., Research).

That’s my bag. What about yours?