Yellow Book Independence and Preparing Financial Statements – Sufficient SKE

Does your client have sufficient skill, knowledge and experience?

Are you a CPA that prepares city or county financial statements for an audit client? If yes, are you independent under the Yellow Book independence standards?

Yellow Book Independence

Picture from AdobeStock.com

Yellow Book Independence

The 2011 Yellow Book (effective for periods ending after December 15, 2012; http://www.gao.gov/yellowbook) requires that the external auditor document the CPA firm’s independence when the firm also provides nonaudit services (such as preparation of financial statements).  Many small governments have their external auditors prepare their financial statements.

This independence determination will largely hinge on one factor: whether the city or county has a person with sufficient skill, knowledge or experience (SKE) to qualify as a reviewer.

If the government has no one with sufficient SKE, then the external auditor is not independent and can’t ethically perform the audit.

Examples of SKE

Consider the following potential reviewer scenarios:

1. A 15 year mayor who is a businessman, no accounting education, no formal training in reading governmental financial statements, he understands the fund level statements but can’t grasp the reconciliation between the government-wide financial statements and the fund level financial statements.

2. Second year finance director with no prior accounting experience, graduated from a two year college with a degree in general business.

3. Finance director with 25 years experience and is a CPA, member of GFOA, trains others in governmental accounting.

4. Finance director with a high school education but has extensive governmental accounting training from the Carl Vinson Institute, could if he liked, create the financial statements from scratch.

As you can see, the independence assessment will sometimes be black and white, but sometimes there will be shades of gray.

An Alternative

If the auditor can’t get comfortable with the SKE of the government’s financial statement reviewer, there is one alternative: the local government can hire someone outside the government with sufficient SKE to be the reviewer (for example a CPA not affiliated with the external audit firm).

At the end of the day, the local government must have a designated person (either internally or externally) with sufficient SKE for the audit firm to be independent.

Yellow Book: Preparation of Financial Statements – Threat to Independence?

It was over two years ago that I posted the following information. I’m doing so again, just as a reminder and to provide some clarification.

There has been a great deal of discussion about maintaining independence when an external audit firm prepares the financial statements subject to the Yellow Book.

gao-yellow-book-199x300

Does the preparation of financial statements – considered a nonattest service – impair the external auditor’s independence?

In some cases, the answer is “yes”.

Let’s see how you can avoid this potential problem.

AICPA Practice Aid 

If you identify a significant threat to independence, then safeguards should be implemented to mitigate the threat; both the threat and the safeguards must be documented. (See examples below.)

The AICPA offers an editable 2011 Yellow Book Independence Documentation Practice Aid for $28 (for AICPA members);  the aid, which I recommend, can be purchased at: www.cpa2biz.com.

Yellow-Book-Practice-Aidt-300x198

The following examples were taken from that practice aid (I have bolded certain words):

Preparation of Financial Statement – Threats to Independence

Example 1 (Client has sufficient skill, knowledge or experience (SKE), no significant threat)

The auditor has been requested to prepare the financial statements for an audited entity for which the requirements for performing nonaudit services have been met under paragraphs 3.37 and 3.39 (client assumes responsibility) of the 2011 Yellow Book.  The auditor considered the following in evaluating whether a significant threat to independence existed:

The audited entity’s books and records are substantially complete and accurate.  Few, if any, correcting entries are expected to be proposed.

The individual designated by the audited entity who oversees the preparation of the financial statements possesses SKE sufficient to reperform the service, not just oversee the service.  The designated individual, in order to make better use of his or her time, has asked the auditor to prepare the financial statements. The designated individual will also review the draft financial statements using a comprehensive disclosure checklist.

This is the only nonaudit service that the auditor has been requested to perform.

Conclusion:  Based on the foregoing; the auditor reached the conclusion that preparation of the financial statements would not result in a significant threat to independence; therefore, it is not necessary to apply safeguards.

Example 2 (Client has sufficient SKE, but cannot reperform the preparation of the financial statements, significant threat)

The auditor has been requested to prepare the financial statements for an audited entity for which the requirements for performing nonaudit services have been met under paragraphs 3.37 and 3.39 (client assumes responsibility)  of the 2011 Yellow Book.  The auditor considered the following in evaluating whether a significant threat to independence existed:

The audited entity’s books and records are substantially complete and accurate.  Few, if any, correcting entries are expected to be proposed.

The individual designated by the audited entity who oversees the preparation of the financial statements possesses SKE sufficient to oversee the service but is not capable of reperformance.

This is the only nonaudit service that the auditor has been requested to perform.

Conclusion:  Based on the foregoing; the auditor reached the conclusion that preparation of the financial statements would result in a significant threat to independence; therefore, it would be necessary to apply safeguards.

aid-example

 Safeguards

When there is a significant threat, the audit firm must apply safeguards; here are some examples of such safeguards:

  1. Have someone not involved in planning or supervising the audit engagement review the financial statements before releasing the statements.
  2. Educate management on the nonaudit services performed by reviewing and explaining the basis for preparing the financial statements, so that management is in a position to determine or approve all assumptions and judgments and take responsibility for the financial statements.
  3. Request that the audited entity complete a disclosure checklist as part of the overall review of the financial statements.
  4. Include the audit engagement as a required Engagement Quality Control Review under the audit firm’s system of quality control.

Not all of these safeguards need be applied, just the ones necessary to reduce the risk to an acceptable level.

Required Minimums

The audited entity must always accept responsibility for the financial statements and must approve them or else the general requirements under Interpretation No. 101-3 and paragraph 3.37 of the 2011 Yellow Book will not be met.

In all cases, management (or its designee) must possess sufficient skill, knowledge or experience; the designee may be a second CPA firm or professional but cannot be the audit firm.

 

COFAR Uniform Guidance Implementation Webcast – October 2, 2014

The AICPA Governmental Audit Quality Center announced the following:

The Council on Financial Assistance Reform (COFAR) has just announced it will be presenting a Web event titled, Uniform Guidance Implementation:  A Conversation Presented by the Council on Financial Assistance Reform, this Thursday, October 2, 2014, from 1:00 PM – 3:00 PM (Eastern Time).  The event will include moderated sessions with relevant stakeholders covering various aspects of 2 C.F.R 200, Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Uniform Guidance for Federal Awards), including internal control; blended funding; procurement; pass-through entities and indirect cost rates; and Indian tribe exceptions.

You do not need to register in advance for this event.  Instead, use the following link on the day and time of the event to access it.

I just received word that the access link for tomorrow’s COFAR Web event has been changed to the following:

http://connectlive.com/events/uniformguidance/.

The following is from me (Charles Hall):

Think of the Uniform Guidance as a consolidation of key federal guidelines (e.g., A-87, A-122, A-133); the old circulars are being replaced by the new guidance.

Keep in mind that the effective date for the Uniform Guidance is December 2014–we are almost there. Entities receiving new federal funds–and thus subject to the cost principles, etc. in the new guidance–should be planning for implementation now. Auditors will, for the most part, be impacted by the changes in their calendar-year 2015 audits–the Uniform Guidance will replace A-133.

10 Ways to Stay Connected to Clients

When I can’t physically visit clients, I use other ways to connect. Here are a few ways to stay close:

  1. Office 365 (sharing Excel and Word documents)
  2. Basecamp (sharing project management lists)
  3. Join.me (desktop sharing)
  4. Email (Outlook)
  5. Cell phone (iPhone 5s)
  6. LinkedIn (I am in the AICPA and the Governmental and Nonprofit groups)
  7. Blogging (obviously)
  8. Twitter (sometimes using direct messages)
  9. Sharefile (to transmit sensitive information)
  10. Landline phone (but it seems less so over time)

My cell phone has become the chief way I connect, including FaceTime, Messages, and regular phone calls. (The iOS 8.0 now allows you to send audio messages.)

How about you? How do you stay connected?

I hope you will join us in Atlanta, Georgia on December 12,2014 for the Georgia Society of CPAs’ annual governmental conference.

I will be speaking about the new COSO framework and how to apply it to local governments. In addition, we will take a look at how the new framework impacts your fraud prevention controls.

See you there.

Date:December 12, 2014
Appearance:Georgia Society of CPAs Governmental Conference
Outlet:Georgia Society of CPAs
Location:Atlanta, Georgia
Format:Other

Using Office 365 to Collaborate

I have just started to collaborate with clients using Office 365.

image

If you are like me, you have–for years–passed Excel documents back and forth with clients. Why? There was no central accessible location.

Office 365 to the rescue.

When you work with others on the same network, as you do in your own office, sharing an Excel spreadsheet is easy, but when you are miles away from those you desire to collaborate with, sharing becomes more challenging.

365 is a cloud-based product allowing you to share Excel, Word, or PowerPoint documents. Where you (or your client) are located becomes irrelevant. You and those you work with can be anywhere on the planet. Yes, anywhere! Sharing is easy. Here’s a sample sharing screenshot.

image

You can check out pricing information here. The subscription ensures you have the most recent version of the Microsoft products.

A Whack on the Side of the Head (Creative Think)

Linear thinkers, like CPAs, sometimes struggle with creativity.

When I need a kick in the seat of the pants, I reach for my dog-eared copy of A Whack on the Side of the Head. The book is zany and funny. Mr. Von Oech gives you practical ways to jolt your thinking, providing you with a different perspective.

So if you need help in creating a speech, solving a problem, or dislodging a long-standing improper process (what he calls a sacred cow), I recommend this book. I promise you will see life differently and you will be laughing all the way.

It Was Lost But Now is Found

It was lost but now is found.

What?

My cell phone. This cell phone.

image

Last evening I arrived home and realized my phone was missing. Oh no, surely I left it at the office. So I hopped in my truck and drove downtown to see. But, alas, it was nowhere to be found. Returning home, I used my wife’s phone to call my cell several times. No response. Frustrating.

I thought back over the day. Where did I lose it? I began to realize I had probably dropped it as I got out of my vehicle yesterday morning.

Then it occurred to me, “I can log into my iPad and use Find My iPhone.” In less than five minutes I could see that my phone was on and where it was (on a street map). I was able to send a message to the guy who had it. I told him what building he was in (a local library), my first name, and my wife’s cell number. In less than a minute, he called. Yes, he said he found it in our office parking lot. Fifteen minutes later I had my phone.

Awesome.

Now if my phone could just shout at me, “Hey dummy, you dropped me–again!”

By the way, I keep my phone locked. Yesterday, I was glad it was not accessible. Though locked, I was still able to send the message and the fellow who had the cell could read it. Interesting. Good job Apple.

 

Goodbye Worthless Work Papers

In reviewing audit files, I’m often surprised by the things I see. Do your audit files contain worthless work papers?

Courtesy of iStockphoto.com

Courtesy of iStockphoto.com

For instance, why would anyone retain review notes? Review notes are helpful in correcting deficiencies, but once corrections are made, the comments should be removed.

Another example? Copies of bank statements. If bank balances are confirmed, what is the purpose of retaining bank statements? The auditor may need bank reconciliations, but bank statements?

Or how about general ledgers? They are handy during the audit, but if a fraud is detected subsequent to audit issuance, we have created unnecessary legal exposure. Somewhere, buried in all those debits and credits, evidence of fraud exists. I can see the opposing attorney now, waving the general ledger pages and saying, “here in my hand are pages from the audit file and these pages reflect fraud.” Translation: the auditor had the evidence in hand and did not detect the theft. Oops.

Another? Copies of invoices. And what is the purpose? Keep one or two key invoices. Yes. That makes sense. But copies of 50 different invoices?

When I inquire about why unneeded work papers are retained, I hear the following excuses:

1. It was there last year (or we’ve always done it that way).

Does that make it relevant this year?

2. The client gave it to me.

Is it relevant? (Yes, I am repeating myself.)

3. I may need it next year.

Then put it in next year’s file.

4. It’s an earlier edition of a final work paper.

Delete it. (If I think I might need the earlier edition, I put it in a separate file which is deleted at the end of the audit.)

5. It’s relevant to my tax work.

Put it in the tax file.

6. I may need it this year.

Put it in a “to be filed” folder so it’s not in the way.

7. This fraud occurred twelve years ago, so we always perform this test.

Repetition without thinking is not auditing (even if the fraud previously occurred). Doing the same procedures over and over again is like a hamster running on a treadmill. There is plenty of motion, but no progress.

Off Season Work

Review last years’ audit files. See what can be thrown out this year. What is extraneous?

Do this review of the prior year files during your downtime (before busy season starts). Then your audit team won’t create those same items this year. You’ll cut your engagement time and the size of your audit file.

Goodbye worthless work papers. Hello profit.