New Peer Review Report Language for Peer Reviews Commencing after December 31, 2016

The AICPA Peer Review Board approved changes to the peer review standards in its November 14, 2016 Open Session. The changes are effective for peer reviews commencing on or after January 1, 2017. The key changes are as follows:

  • New peer review report language
  • New representation letter language (this is the representation letter you sign at the conclusion of your peer review)

The new peer review reports looks more like our present audit opinions. Here’s an example.

Peer Review Report with a Peer Review Rating of Pass in a System Review

Report on the Firm’s System of Quality Control

October 31, 2017

To the Partners of Smith & Jones, LLP and the Peer Review Committee of the North Carolina Association of CPAs.

We have reviewed the system of quality control for the accounting and auditing practice of Smith & Jones, LLP (the firm) in effect for the year ended June 30, 2017. Our peer review was conducted in accordance with the Standards for Performing and Reporting on Peer Reviews established by the Peer Review Board of the American Institute of Certified Public Accountants (Standards).

A summary of the nature, objectives, scope, limitations of, and the procedures performed in a System Review as described in the Standards may be found at aicpa.org/prsummary. The summary also includes an explanation of how engagements identified as not performed or reported in conformity with applicable professional standards, if any, are evaluated by a peer reviewer to determine a peer review rating.

Firm’s Responsibility

The firm is responsible for designing a system of quality control and complying with it to provide the firm with reasonable assurance of performing and reporting in conformity with applicable professional standards in all material respects. The firm is also responsible for evaluating actions to promptly remediate engagements deemed as not performed or reported in conformity with professional standards, when appropriate, and for remediating weaknesses in its system of quality control, if any.

Peer Reviewer’s Responsibility

Our responsibility is to express an opinion on the design of the system of quality control and the firm’s compliance therewith based on our review.

Required Selections and Considerations

Engagements selected for review included an engagement performed under Government Auditing Standards, including a compliance audit under the Single Audit Act, and an audit of an employee benefit plan.

As a part of our peer review, we considered reviews by regulatory entities as communicated by the firm, if applicable, in determining the nature and extent of our procedures.

Opinion

In our opinion, the system of quality control for the accounting and auditing practice of Smith & Jones, LLP in effect for the year ended June 30, 2017, has been suitably designed and complied with to provide the firm with reasonable assurance of performing and reporting in conformity with applicable professional standards in all material respects. Firms can receive a rating of pass, pass with deficiency(ies) or fail. XYZ & Co. has received a peer review rating of pass.

Bobbye Kelly & Associates

Key Highlights from the 2016 Fraud Survey: Association of Certified Fraud Examiners

The Association of Certified Fraud Examiners conducts a biennial fraud survey titled Report to the Nations on Occupational Fraud and Abuse.

Fraud Survey

Picture from AdobeStock.com

Key Fraud Survey Statistics

Here are some statistics from the 2016 report:

  • The most common detection method is tips — 39% of fraud was detected by tips
  • The median loss per fraud case is $150,000
  • 41% of fraud cases are not referred to law enforcement (mainly due to fear of bad publicity)
  • The typical organization loses 5% of its revenue to fraud
  • Large organizations are more apt to use antifraud programs than small ones
  • Banking, governments and manufacturing suffer the largest losses (and in that order)
  • The average fraud exists 18 months before detection
  • Fraud schemes lasting more than 5 years caused a median loss of $850,000
  • 82% of the entities in the survey underwent audits
  • 95% of the time the fraudster took efforts to conceal the theft
  • Fraud losses increase with the number of people involved in the theft
  • Most fraudsters are first-time offenders (with only 5% having been previously convicted of theft)
  • The typical fraudster is:
    • Male (69%),
    • Middle-aged (30 to 50 years of age),
    • Educated (60% had college degrees), and
    • Works with the organization for a number of years
  • 19% of the frauds involved owners or executives resulting in median losses of $703,000
  • Only 8% of the frauds were committed by an employee with less than one year of employment
  • Billing schemes such as fictitious vendors continue to cause significant losses
  • 23% of the fraud cases were for more than $1 million dollars

See the complete ACFE survey here.

See my fraud prevention book on Amazon here.

Eight Ways to Increase Your Efficiency and Productivity as a CPA

Responses to my poll shows that CPAs are more interested in efficiency than making more money

How can you increase your efficiency as a CPA?

Suppose you have a magic wand that allows you to change one thing in your CPA firm. What will it be? The poll response is “Get work done more efficiently.” This response is almost twice as high as “Make more money.”

So how can you be more efficient?

 

Ways to Increase Your Efficiency as a CPA

Here are eight ways to be more efficient:

  1. Hire great employees
  2. Stay on one job and finish it
  3. Work on one project at a time
  4. Take breaks
  5. Close your door
  6. Take CPE before you need it
  7. Maintain a robust research library
  8. Buy top-quality computers, monitors, and scanners

1. Hire Great Employees

Have you noticed that great employees overcome problems, even the thorniest ones? They don’t make excuses. They simply get work done. And these gems get work done in less time. Hiring the right people is your most significant action.

2. Stay on One Job

Starting and stopping. Starting and Stopping. Starting and Stopping. A sure recipe for inefficiency. Plan your employees’ work so that they can stay on one job until complete. Momentum is everything. Reward employees when they meet deadlines (and tell them ahead of time that the “thank you” is coming).

3. Work on One Project at a Time

Too often we try to multitask, but the research shows that we can only perform one action at a time. Clear everything from your desk but the immediate task. Then focus on that one thing. Turn off social media and the phone. Answer emails in batches at predetermined times during the day, but no more than four times a day.

4. Take Breaks

Taking breaks increases your efficiency. This is counterintuitive but true.

Picture from AdobeStock.com

Picture from AdobeStock.com

The human brain is not designed to work endlessly without diversion. Use the Pomodoro technique or some other method, but take periodic short breaks–at least one an hour. If you are a partner, tell your team members that you desire for them to take breaks. Your employees will follow your example.

5. Close Your Door

What does an open door communicate? “Come on in.” What does a cracked door communicate? “You may come in but knock.” What does a closed door communicate? “Please do not come in.” An open door is an invitation to interruptions. 

If you are someone that employees need to visit often, then establish an open door policy for specific times of the day.

6. Take CPE Before You Need It

When you know you will need certain knowledge in the future, take a CPE class so you have the answers before they are needed. You’ve got to take CPE anyway, so why not take classes that provide timely information.

7. Maintain a Robust Research Library

Finding answers quickly is a key to efficiency–and we all have questions. Spend the money to have online access to research material in the areas that you practice. I know this is more difficult for small firms, but without sound answers, we are walking in the dark.

Also, archive your research in the cloud. Doing so will, over time, enable you to build a powerful library of questions and answers. For four years, I have stored my research in Evernote. So when I encounter issues, I often remember that I previously researched the issue. And I know the answer is in my Evernote library.

Joining the Center for Plain English Accounting (CPEA) has been helpful to my firm. The CPEA provides timely summaries of new standards, enabling me to digest the constant flood of new standards.

8. Buy Top-Quality Computers, Monitors, and Scanners

How much time do you spend waiting on your computer to respond to your most recent request? Those seconds–and sometimes minutes–are wasted time. Buy computers with as much speed as you can afford. This is not a place to be penny foolish.

Multiple monitors will make you more efficient. (I use four.) Larger monitors will make you even more efficient.

Keep a scanner next to your desk. I use my Scansnap scanner several times a day. Scanning enables me to keep my desk and office more orderly. Also, scanning into a PDF can make the documents searchable if you use optical character recognition (OCR). Once searchable, then just type control f for find and then type in the words you are looking for.

Other Ideas

What about you? What do you do to increase efficiency?

Check out my previous efficiency post.

SSARS 23: Parts are Effective Immediately

SSARS 23 affects compilation and review reports

SSARS 23, Omnibus Statement on Standards for Accounting and Review Services–2016, was issued in late October 2016, but parts of the standard are applicable immediately.

SSARS 23 Changes Effective Now

The two key changes effective immediately are:

  1. An update of compilation and review report language regarding supplementary information
  2. You must now report departures from the applicable financial reporting framework in the compilation report
SSARS 23

Picture from AdobeStock.com

1. Update of Compilation and Review Report Language for Supplementary Information

The compilation and review report language regarding supplementary information changed with the issuance of SSARS 23.

Compilation Report Supplementary Information Language

The compilation report language regarding supplementary language is as follows:

Compilation Report Language for Supplementary Information Subject to Compilation Procedures

The accompanying [identify the supplementary information] is presented for purposes of additional analysis and is not a required part of the basic financial statements. Such information is the responsibility of management. The supplementary information was subject to our compilation engagement. We have not audited or reviewed the supplementary information and do not express an opinion, a conclusion, nor provide any assurance on such information.

Compilation Report Language for Supplementary Information Not Subject to Compilation Procedures

The accompanying [identify the supplementary information] is presented for purposes of additional analysis and is not a required part of the basic financial statements. Such information is the responsibility of management. The supplementary information was not subject to our compilation engagement. We do not express an opinion, a conclusion, nor provide any assurance on such information.

Review Report Supplementary Information Language

The review report language regarding supplementary language is as follows:

Review Report Language for Supplementary Information Subject to Review Procedures

Other Matter

The accompanying [identify the supplementary information] is presented for purposes of additional analysis and is not a required part of the basic financial statements. Such information is the responsibility of management and was derived from, and relates directly to, the underlying accounting and other records used to prepare the financial statements. The supplementary information has been subjected to the review procedures applied in our review of the basic financial statements. We are not aware of any material modifications that should be made to the supplementary information. We have not audited the supplementary information and do not express an opinion on such information.

Review Report Language for Supplementary Information Not Subject to Review Procedures

Other Matter

The accompanying [identify the supplementary information] is presented for purposes of additional analysis and is not a required part of the basic financial statements. Such information is the responsibility of management. We have not audited or reviewed such information and we do not express an opinion, a conclusion, nor provide any assurance on it.

2. Disclose Departures in the Compilation Report

SSARS 21 allowed CPAs to report departures from the applicable financial reporting framework either in the notes or in the compilation report. SSARS 23 requires that such departures be reported “in a separate paragraph” in the compilation report. In other words, you can no longer just disclose the departure in the notes to the financial statements.

Impact on Peer Reviews

So, what happens if a firm fails to make the revisions to the supplementary information paragraphs as discussed in 1. above?

The February 2017 AICPA Reviewer Alert (the newsletter that peer reviewers receive) says the following:

If a firm failed to update the language in the additional paragraph for review and compilation reports, it would generally not result in a deficiency or significant deficiency. The changes made by SSARS No. 23 in relation to supplementary information are considered further clarifications to existing requirements. Therefore, the following guidance is applicable; PRP Section 6200 Appendix E Areas of Common Noncompliance With Applicable Professional Standards;

List of Matters and Findings That Generally Would Not Result in a Deficiency
Reports
• Omission of phrases or use of phrases not in conformity with the appropriate standards for the report issued

Failing to make the revisions will not result in a deficiency or a significant deficiency in a peer review.

SSARS 21 Book

To see my SSARS 21 book on Amazon, click here.

 

Are You Looking for an Easy-to-Understand Fraud Prevention Book?

Do you lie awake at night wondering if theft is occurring in your organization?

Do you lie awake at night wondering if theft is occurring in your organization? Are you looking for an easy-to-understand guide to fraud prevention?

Find simple but insightful guidance in The Little Book of Local Government Fraud Prevention.

Written by a Certified Public Accountant and a Certified Fraud Examiner with over thirty years experience, you’ll find loads of great ideas to stop fraud dead in its tracks.

Fraud Prevention Book

How This Fraud Prevention Book Empowers You

While the book focuses on local government fraud, you’ll find fraud prevention techniques for nonprofits and small businesses as well.

The books enables you to:

  • Understand what fraud is (and what it is not)
  • Implement powerful fraud prevention techniques
  • Recognize the red flags of theft
  • Understand how frauds occur at the transaction level (e.g., accounts payable fraud)

You don’t have to be a CPA to understand this book–or to use the guidance. The book is useful to laypeople and fraud prevention experts alike.

You will also find transaction-level checklists for implementing internal controls (for example, questions prompting you to evaluate your payroll process).

Be empowered to guard your organization from fraud. See the book on Amazon by clicking here.

Praise for the Book

Here are a few comments from Amazon Reviews:

Bought it this morning and read it all in one sitting. It was clear, concise and kept my attention with practical examples. I often find that some of the books I read on fraud topics are abstract and confusing. This one was just the opposite. Thanks for authoring this book Charles.

Christopher Arsenault

Charles captures key controls required not only in government entities, but all entities and illustrates what can happen in absence of those controls. If you are an auditor, accountant, manager, or board member you will find this information useful.

Donald Vieira

The book highlights several real world case studies of fraud and abuse. This book describes various levels of controls, separation of duties and the value of a Certified Fraud Examiner. Great book!

Paul

It’s Time to Apply FASB’s New Going Concern Standard

It’s time to apply FASB’s new Going Concern standard. In August 2014, the Financial Accounting Standards Board (FASB) issued Presentation of Financial Statements–Going Concern. The standard is effective for annual periods ending after December 15, 2016.

For the calendar year 2016, management needs to evaluate whether there are conditions or events, considered in the aggregate, that raise substantial doubt about the reporting entity’s ability to continue as a going concern.

Going Concern

Applicable to What Entities?

What entities is the standard applicable to? All entities.

Key Points of the Going Concern Standard

In connection with preparing financial statements for each annual and interim reporting period, an entity’s management should evaluate whether there are conditions or events, considered in the aggregate, that raise substantial doubt about the entity’s ability to continue as a going concern within one year after the date that the financial statements are available to be issued (or within one year after the date that the financial statements are issued when applicable).

Management’s evaluation should be based on relevant conditions and events that are known and reasonably knowable at the date that the financial statements are available to be issued (or at the date that the financial statements are issued when applicable).

What is Substantial Doubt?

Substantial doubt about an entity’s ability to continue as a going concern exists when relevant conditions and events, considered in the aggregate, indicate that it is probable that the entity will be unable to meet its obligations as they become due within one year after the date that the financial statements are available to be issued (or issued when applicable).

What if Management’s Plans Alleviate the Going Concern Issue?

If conditions or events raise substantial doubt about an entity’s ability to continue as a going concern, but the substantial doubt is alleviated as a result of consideration of management’s plans, the entity should disclose information that enables users of the financial statements to understand all of the following (or refer to similar information disclosed elsewhere in the footnotes):

  1. Principal conditions or events that raised substantial doubt about the entity’s ability to continue as a going concern (before consideration of management’s plans)
  2. Management’s evaluation of the significance of those conditions or events in relation to the entity’s ability to meet its obligations
  3. Management’s plans that alleviated substantial doubt about the entity’s ability to continue as a going concern

What if Management’s Plans Do Not Alleviate the Going Concern Issue?

If conditions or events raise substantial doubt about an entity’s ability to continue as a going concern, and substantial doubt is not alleviated after consideration of management’s plans, an entity should include a statement in the notes indicating that there is substantial doubt about the entity’s ability to continue as a going concern within one year after the date that the financial statements are available to be issued (or issued when applicable). Additionally, the entity should disclose information that enables users of the financial statements to understand all of the following:

  1. Principal conditions or events that raise substantial doubt about the entity’s ability to continue as a going concern
  2. Management’s evaluation of the significance of those conditions or events in relation to the entity’s ability to meet its obligations
  3. Management’s plans that are intended to mitigate the conditions or events that raise substantial doubt about the entity’s ability to continue as a going concern

Effective Date

The amendments in this standard are effective for the annual period ending after December 15, 2016, and for annual periods and interim periods thereafter. Early application is permitted.

Audit Standard

For audits, the guidance in AU-C section 570, The Auditor’s Consideration of an Entity’s Ability to Continue as a Going Concern, is applicable. This standard requires that auditors evaluate whether there is substantial doubt about the ability of a reporting entity to continue as a going concern for a reasonable period of time and assess uncertainties about the ability of a reporting entity to continue as a going concern.

Should Auditors Assess the Risk of Material Misstatement at the Assertion Level?

Assessing your risk of material misstatements at the transaction level may not be best

Should auditors assess the risk of material misstatement at the assertion level? Or is it better assess risk at the transaction level (for all assertions at once)? Those who assess at the transaction level think they are saving time. But is it more efficient to assess the risk of material misstatement at the transaction level—or might it be more economical to do so at the assertion level?

Assess the Risk of Material Misstatement at the Assertion Level

Picture from AdobeStock.com

Why Assess the Risk of Material Misstatement at the Assertion Level?

If the goal of assessing risk is to quickly create a risk assessment document (and nothing else), then assessing risk at the transaction level makes sense. But we know the purpose of the risk assessment document is to design responsive audit procedures. Consequently, assessing risk at the assertion level is wiser. 

Why? Let’s answer that question with an accounts payable example. 

Accounts Payable Risk Assessment Example

Suppose the auditor assesses risk at the transaction level, assessing all accounts payable assertions as high risk. What does this mean? It means the auditor should perform rigorous substantive procedures to respond to the high-risk assessments for each assertion. Why? His risk assessment for valuation, existence, rights and obligations, completeness, and all other assertions are high. Logically, his substantive procedures must now address all of those (high) risks.

Alternatively, what if the accounts payable completeness assertion is assessed at high and all other assertions are at low to moderate? How does this impact the audit plan? Now the auditor will create substantive procedures that respond to the risk that payables are not complete such as conducting a search for unrecorded liabilities. Additionally, he may not perform existence-related procedures such as sending vendor confirmations. 

Do you see the advantage? Rather than using a scattered approach—let’s audit everything—the auditor pinpoints his audit procedures.

Planners or Doers

Some auditors are planners. Some are doers

The planners like to perform risk assessment procedures—such as reviewing internal controls.

But those focused on doing say, “Let’s get on with it.” Many such auditors focus on a balance sheet audit approach

If I, on the first day of the audit, immediately perform basic procedures such as reviewing year-end bank reconciliations or sending receivable confirmations, then I am a doer. The audit standards do not smile upon me. Those standards call for the following:

  1. Perform risk assessment procedures
  2. Assess risks of material misstatement
  3. Create an audit plan
  4. Perform the audit plan
  5. Consider whether the initial risk assessment and audit plan is appropriate (if not amend them)

Many auditors start with step 4. Why? Because we think we already know what the risks are. Or worse yet, we are just doing the same as last year without considering risks.

Linkage with Further Audit Procedures

So why do auditors assess risk at the transaction level and not the assertion level? Sometimes, it’s because we plan to do the same as last year without considering risks. Such thinking is dangerous and not in the spirit of the audit standards—and it costs you money!

Risk Assessment

Picture from AdobeStock.com

 

As I perform peer reviews, firms say to me, “I know I over-audit, but I’m not sure how to lessen what I do.” And then they say, “How can I reduce my time and still perform a quality audit?” 

Here’s my answer: “Perform real risk assessments and document the risk of material misstatement at the assertion level. Then tailor—yes, change the audit program—to address the risks. Perform substantive procedures related to the identified risk areas—and slap yourself every time you even think about same as last year. Trust your judgment.”

And what are the benefits of assessing risk at the assertion level?

  • Think more and work less
  • Make higher profits
  • Audit in conformity with standards
  • Peer reviewers will like it

Your Files

Look at two or three of your audit files and review your risk assessments. Are you assessing risk at the transaction level or at the assertion level? Plan to spend more time in performing risk assessment procedures and documenting your risks at the assertion level–and less time performing your back-of-file (substantive) work.

I am looking forward to speaking the the Georgia Association of School Business Officials in Augusta, Georgia on November 8th. We’ll review a few school fraud cases and then look at how to prevent thefts in local school systems.

Date:November 8, 2016
Time:9:00 a.m. - 4:00 p.m.
Event:Charles Hall providing fraud prevention class at the Georgia Association of School Business Officials Conference
Topic:Prevention of Fraud in Local Schools
Public:Private

Getting More Done with My Favorite Accountant’s Device

One tool gives more bang for the buck

Accountants use all types of electronic devices and software: Caseware, Excel, scanners, Powerpoint, Adobe Acrobat, monitors, QuickBooks, iPhones—just to name a few. For me, my iPad tops them all.

Accountant's iPad

I purchased my first iPad about five years ago for about $500.  Then, three years ago I bought my second one. Now, having spent hundreds of hours on iPads, I am smitten. 

You may be thinking, “Charles, you’re a CPA. How do you and why do you spend that much time on an iPad? Don’t you primarily use a work computer?” Yes, my work computer is my primary tool. But in terms of enjoyment, my iPad wins hands down. It is in the evenings that I spend most of my time on my iPad.

Ways I Use My iPad

“How do you use it?” you say. Here are few ways:

  • Create presentations using Keynote
  • Store and retrieve files using Evernote and Dropbox
  • Read the Wall Street Journal
  • Read the Bible 
  • Read my Amazon Kindle books
  • Listen to books with my Audible app
  • Listen to music on Pandora
  • Write blog posts using Scrivener
  • Perform research using Checkpoint 
  • Compute numbers using Digits
  • Store and retrieve passwords using 1Password
  • Check the weather using The Weather Channel app
  • Check my email using Outlook
  • Maintain my to-do list using Todoist
  • Check my Facebook account (including my CPA Scribo Facebook group—you can join)
  • Send and receive text messages using Messages
  • Send and receive sensitive information using Sharefile
  • Maintain a personal journal using Day One
  • Doodle using Paper
  • Watch college football using Sling
  • Create mind maps using iThoughts
  • Create outlines using OmniOutliner
  • Control my home thermostat using Nest
  • Check my bank account
  • Learn new skills using Learning from Linkedin
  • Scan information using Scanbot
  • See where my wife is using Find Friends
  • See how many new blog subscribers I have using GetResponse
  • Check my calendar using Fantastical
  • Watch Netflix movies (I use an Apple TV device when my wife watches with me)

Convenience and Portability

Mostly, I use my iPad at home, while seated on my couch. I get a great deal done while reclining upon my sofa (as I am now). The portability of the device is its primary benefit. It’s large enough to easily read from and small enough that it’s not too heavy.  

Your Favorite Device

So what’s your favorite tool and how do you use it?