Yellow Book: Preparation of Financial Statements – Threat to Independence?

An auditor's creation of a client's financial statements can impair independence

An auditor’s preparation of financial statements can create an independence impairment. The self-review threat has to be overcome.

It was over two years ago that I posted the following information. I’m doing so again, just as a reminder and to provide some clarification.

There has been a great deal of discussion about maintaining independence when an external audit firm prepares the financial statements subject to the Yellow Book.

gao-yellow-book-199x300

Does the preparation of financial statements – considered a nonattest service – impair the external auditor’s independence?

In some cases, the answer is “yes”.

Let’s see how you can avoid this potential problem.

AICPA Practice Aid 

If you identify a significant threat to independence, then safeguards should be implemented to mitigate the threat; both the threat and the safeguards must be documented. (See examples below.)

The AICPA offers an editable 2011 Yellow Book Independence Documentation Practice Aid for $28 (for AICPA members);  the aid, which I recommend, can be purchased at: www.cpa2biz.com.

Yellow-Book-Practice-Aidt-300x198

The following examples were taken from that practice aid (I have bolded certain words):

Preparation of Financial Statement – Threats to Independence

Example 1 (Client has sufficient skill, knowledge or experience (SKE), no significant threat)

The auditor has been requested to prepare the financial statements for an audited entity for which the requirements for performing nonaudit services have been met under paragraphs 3.37 and 3.39 (client assumes responsibility) of the 2011 Yellow Book.  The auditor considered the following in evaluating whether a significant threat to independence existed:

The audited entity’s books and records are substantially complete and accurate.  Few, if any, correcting entries are expected to be proposed.

The individual designated by the audited entity who oversees the preparation of the financial statements possesses SKE sufficient to reperform the service, not just oversee the service.  The designated individual, in order to make better use of his or her time, has asked the auditor to prepare the financial statements. The designated individual will also review the draft financial statements using a comprehensive disclosure checklist.

This is the only nonaudit service that the auditor has been requested to perform.

Conclusion:  Based on the foregoing; the auditor reached the conclusion that preparation of the financial statements would not result in a significant threat to independence; therefore, it is not necessary to apply safeguards.

Example 2 (Client has sufficient SKE, but cannot reperform the preparation of the financial statements, significant threat)

The auditor has been requested to prepare the financial statements for an audited entity for which the requirements for performing nonaudit services have been met under paragraphs 3.37 and 3.39 (client assumes responsibility)  of the 2011 Yellow Book.  The auditor considered the following in evaluating whether a significant threat to independence existed:

The audited entity’s books and records are substantially complete and accurate.  Few, if any, correcting entries are expected to be proposed.

The individual designated by the audited entity who oversees the preparation of the financial statements possesses SKE sufficient to oversee the service but is not capable of reperformance.

This is the only nonaudit service that the auditor has been requested to perform.

Conclusion:  Based on the foregoing; the auditor reached the conclusion that preparation of the financial statements would result in a significant threat to independence; therefore, it would be necessary to apply safeguards.

aid-example

 Safeguards

When there is a significant threat, the audit firm must apply safeguards; here are some examples of such safeguards:

  1. Have someone not involved in planning or supervising the audit engagement review the financial statements before releasing the statements.
  2. Educate management on the nonaudit services performed by reviewing and explaining the basis for preparing the financial statements, so that management is in a position to determine or approve all assumptions and judgments and take responsibility for the financial statements.
  3. Request that the audited entity complete a disclosure checklist as part of the overall review of the financial statements.
  4. Include the audit engagement as a required Engagement Quality Control Review under the audit firm’s system of quality control.

Not all of these safeguards need be applied, just the ones necessary to reduce the risk to an acceptable level.

Required Minimums

The audited entity must always accept responsibility for the financial statements and must approve them or else the general requirements under Interpretation No. 101-3 and paragraph 3.37 of the 2011 Yellow Book will not be met.

In all cases, management (or its designee) must possess sufficient skill, knowledge or experience; the designee may be a second CPA firm or professional but cannot be the audit firm.

Note as of November 19, 2017: The GAO is working on a revision of the Yellow Book. So, once the new Yellow Book is issued, you’ll need to follow that guidance. 

Learn from the CPA Scribo newsletter!

Get my free weekly accounting and auditing digest with the latest content.

Powered by ConvertKit

Please note: I reserve the right to delete comments that are offensive or off-topic.

Leave a Reply

Your email address will not be published. Required fields are marked *