Auditing Standards
advertisement
Auditing Standards (Changes Abound) Joel Black, Partner Mauldin & Jenkins, LLC NACUBO Higher Education Accounting Forum Savannah, GA - May 21, 2013 1 What we will cover • Clarified Auditing Standards • Yellow Book • 2013 Form SF-SAC • OMB proposed revisions to A-133 2 CLARIFIED AUDITING STANDARDS 3 Clarified Standards • Background – The ASB issued the following SASs; includes a total of 40 finalized clarified SASs in the following statements: • SAS No. 122, Statements on Auditing Standards: Clarification and Recodification • SAS No. 123, Omnibus Statement on Auditing Standards–2011 • SAS No. 124, Financial Statements Prepared in Accordance With a Financial Reporting Framework Generally Accepted in Another Country • SAS No. 125, Alert That Restricts the Use of the Auditor’s Written Communication – Effective for audits of periods ending on or after December 15, 2012; no early implementation 4 Clarified Standards • Terms of Engagement (AU210) – Preconditions for an audit • Determine the financial reporting framework is acceptable • Obtain management’s acknowledgement of its responsibility for – Preparing financial statements – Designing and implementing internal control – Providing the auditor access to information and persons 5 Clarified Standards • Audit Documentation (AU 230) – Pretty much the same as the current standard – One potential change in practice new paragraph • For audit procedures related to the inspection of significant contracts or agreements, the auditor should include abstracts or copies of those contracts or agreements in the audit documentation 6 Clarified Standards • Initial Audit Engagements (AU 510) – Testing • Whether prior period closing balances brought forward correctly • Whether opening balances reflect appropriate application of accounting principles • Evaluating evidence about opening balances from current period audit procedures and one or both: – Review predecessor auditor’s work – Perform specific procedures about opening balances 7 Clarified Standards • Group Audit Standards – When is an audit a group audit? • Group Audit – Is an audit of a group financial statement • Group – Always consists of two or more components • Component – An entity or business activity for which group or component management prepares financial information that should be included in the group financial statements. A group audit does not have to involve 2 firms or even 2 offices. 8 Clarified Standards Identifying Significant Components Factors to Consider • • • • • • • • • Governance structure Management structure How centralized is financial reporting Centralized operations Physical locations Control environment Nature of activity Uniqueness to entity Equity method investment = component Other Indicators • Physical location of assets • Financial information prepared by others • Existence of multiple general ledgers or records • Whether information is booked in summary form • If risk assessments vary • Legal or regulatory requirements/oversight Judgment is Required 9 Clarified Standards Scenario ABC Public University System has multiple campuses throughout the State. Each campus has its own chancellor which is responsible for the management and financial performance of the campus. Additionally, each campus has different admissions criteria and degree programs. Although the University operates on a decentralized basis, some accounting functions are performed on a centralized basis through a shared service center. Financial information is prepared for each campus. At the end of each reporting period, the financial information for each campus is included in the University’s financial statements. Assuming you are the auditor of the University, do you have a group audit? 10 Audit of Group Financial Statements (AU 600) Acceptance and continuance - group auditor; identify components; preconditions Understanding - group; components; component auditors; make reference? Materiality decisions and responding to risks of material misstatement Other procedures - consolidation process; subsequent events; evaluating evidence Communications - with component auditors; with group governance and management 11 Clarified Standards • Overall Group Audit Strategy is Developed Using the Top-down Risk Based Approach – Group engagement team must obtain sufficient understanding of the group, its components, and their environment to: • Identify and assess risks of material misstatements at the group level • Identify significant accounts and disclosures and related assertions at the group level • Confirm identification of significant components • Determine the timing and type of work to be performed at significant and non-significant components • Determine which work will be performed by the group and component auditor • Determine the nature, timing, and extent of work to be performed at the group level • Documentation! 12 Clarified Standards • • Component Auditor - An auditor who performs work on the financial information of a component that will be used as audit evidence for the group audit. A component auditor may be part of the group engagement partner's firm, a network firm of the group engagement partner's firm, or another firm. Understanding Component Auditor – – – – – – Whether a component auditor understands and will comply with ethical requirements Component auditor’s professional competence Extent to which group engagement team will be able to be involved in the work of the component auditor Whether group engagement team will be able to obtain information affecting the consolidation process from the component auditor Whether component auditor operates in a regulatory environment that has an activity overseen by auditors When a component auditor does not meet independence requirements or group has serious concerns about above considerations, should not make reference to other auditors. Should not use or rely on the other auditor’s work. 13 Clarified Standards • Determining Whether to Make Reference to Component Auditor – Component’s financial statements are prepared using same financial framework • note a GASB entity can encompass a FASB entity as GASB allows this and thus is part of same framework – Component auditor performed audit of component in accordance with GAAS and has issued report that is not restricted to use – Reading component’s financial statements and component auditor's report to identify significant finding and issues, and when necessary, communicating with component auditor in this regard – Focus of this session is when reference is made to component auditor • Other additional procedures required when not making reference 14 Clarified Standards • Materiality – Group Auditor should determine: – Materiality, including performance materiality, for group financial statements – Whether specific circumstances exist for which something less than materiality would influence users; if so, apply a different materiality to those transactions, balances, or disclosures – Component materiality for components that will be audited – component materiality s/b lower than group materiality and component performance materiality s/b lower than group performance materiality – Aggregation risk is key driver of this standard 15 Materiality and Tolerable Misstatement Audit procedures Planning and evaluation $ or % Materiality Tolerable misstatement Component materiality Component performance materiality 16 Clarified Standards • Evaluating Sufficiency and Appropriateness of Audit Evidence Obtained – Evaluate component auditor's communication including: • Significant findings and issues • Component management • Group management – Evaluate sufficiency of audit evidence obtained from audit procedures performed by both the group and component auditors on the financial information of the components – Evaluate effect of any uncorrected misstatements (either identified by group engagement team or communicated by component auditors) and instances where there has been an inability to obtain sufficient appropriate audit evidence Other (additional) procedures required when not making reference 17 Clarified Standards • Consolidation/Combination Process – Obtain understanding of group-wide controls and the consolidation/ combination process – Consider need to test operating effectiveness of group-wide controls • Performed by group and/or component auditors – Additional audit procedures to respond to assessed risks of material misstatement of group financial statement arising from consolidation/ combination process – Evaluate appropriateness, completeness, and accuracy of consolidation adjustments and reclassifications – If component financial information prepared under different accounting policies applied to the group, evaluate whether information has been appropriately adjusted – Determine whether information communicated by component is properly reflected in group financial statements – If reporting period of component is different than group, determine whether appropriate adjustments or disclosures have been made 18 Clarified Standards • Subsequent Events Procedures (even when making reference) – Group Auditor responsibility is to ensure subsequent events considered for the whole group (including components) up to the group audit report date. Procedures could include: • Obtaining understanding of group management’s procedures for identify subsequent events • Requesting component auditor to update subsequent events procedures to the date of the auditor’s report on the group financial statements (could take care of all requirements on this slide) • Requesting written representation from component management regarding subsequent events • Reading available interim financial information of the component and making inquiries of group management • Reading minutes of meetings of the governing board, or any other administrative board with management oversight, held since the financial statement date • Reading subsequent year’s capital and operating budgets • Inquiring of group management 19 Clarified Standards • Communication with the Component Auditor – Request component auditor confirm that they understand we will use their work and they will cooperate with group engagement team – Ethical requirements, including independence rules – A list of related parties prepared by group management and other parties group engagement team is aware of • Request component auditor to identify other related parties not on list they are aware of – Identified significant risks of material misstatement that are relevant to the component auditor 20 Clarified Standards • Communication with the Component Auditor (cont.) – Request component auditor to communicate matters relevant to group engagement team’s conclusion, with regard to the group including: • Whether the component auditor has complied with ethical requirements relevant to the audit, including independence • Identification of the financial information of the component on which component auditor is reporting • The component auditors overall findings, conclusions, or opinion – Other communication requirements when not making reference: • Work to be performed and content and form of reporting • Component materiality, audit misstatements thresholds 21 Clarified Standards • Communicate with Those Charged with Governance – Group engagement team communicates to those charged with governance (in addition to those required by AU 380): • Type of work to be performed on the financial information of the components • Nature of group engagement team's planned involvement in work to be performed by component auditors on financial information of significant components • Instances where group engagement team's evaluation of work of a component auditor gave rise to a concern about quality of that auditor's work • Any limitations on the group audit, for example, where the group engagement team's access to information may have been restricted • Fraud or suspected fraud involving group management, component management, employees who have significant roles in group-wide controls or others where fraud resulted in a material misstatement of group financial statements 22 Forming an Opinion and Reporting (AU700) Headings and Subheadings - Management’s Responsibility - Auditor’s Responsibility Opinion Other auditor reporting responsibilities (Yellow Book Report reference) 23 Reporting (AU700) Emphasis of Matter • Going concern • Contractual or regulatory reporting frameworks • Consistency Other Matter • Audit reports of prior periods presented • Materially inconsistent “other information” • “In relation to” opinion • RSI • General use regulatory F/S • “In connection with” compliance reporting 24 Emphasis of Matter and Other Matter Paragraphs (AU 706) Emphasis of Matter • Matters appropriately presented or disclosed Other Matter • To understand audit matters (Combining statements, SI, RSI, SEFA) 25 Reporting (AU700) • Reporting – SAS No. 125 - Government Auditing Standards reports (including A-133 reports) will contain purpose alert instead of restriction alert 26 NEW YELLOW BOOK 27 Yellow Book • 2011 Yellow Book – Will supersede the 2007 revision of Government Auditing Standards – Effective for financial audits and attestation engagements for periods ending after December 15, 2012 – The most significant area of change relates to auditor independence – Early implementation is not permitted; However, new independence rules need to be considered as of 1/1/12 when auditor performing a nonaudit service – Access at: http://www.gao.gov/yellowbook – View a summary of changes at http://www.gao.gov/govaud/somc1211.pdf 28 Yellow Book • Main Areas of Change – Updated independence requirements – Focused on converging where practical • Incorporated clarified SASs • Fewer differences between AICPA and Yellow Book – Previous “add-on” restatement guidance removed – CPE requirements for “specialists” clarified – Added documentation requirements, particularly as relates to performance of nonaudit services – Made minor changes for performance audits 29 Yellow Book • Auditor Independence Rules a Key Emphasis Area – Chapter 3 titled, General Standards, critical to understand for auditors • Defines independence of mind and in appearance • Emphasizes the importance of considering individual threats to independence both individually and in aggregate – GAO will be retiring current, Government Auditing Standards: Questions and Answers to Independence Standard Questions guidance 30 Yellow Book • Documentation Requirements – Threats to independence that require the application of safeguards, along with the safeguards applied – Assessment of audited entity management’s ability to effectively oversee nonaudit services, including whether management possesses suitable skills, knowledge, or experience (SKE); – The understanding established with the audited entity regarding the nonaudit services to be performed. – Preparing financial statements is a non-audit service 31 2013 FORM SF-SAC 32 Federal Audit Clearinghouse • 2013 Form SF-SAC – Federal Register notice asking for comment on a draft of the 2013 form was released May 9, 2013 – More significant changes this time around • Auditor’s EIN on the Form • Standardized Audit Finding Reference Numbers: YYYY-###, (ex. 2013-001) • Identify Loan/Loan Guarantee • “Number of Findings” for each Federal award • Federal Award Findings Summary (new “Page 4”) – Final form not expected until late summer 33 Form SF-SAC (2013 Version) • • Identifies the compliance requirements that correspond to each finding Gives detail of how each finding affected each Federal award Federal Audit Clearinghouse • New Submission Process – New user profiles – For 2014 audits (and 2013 audits with cognizant agency) all reporting package uploads must be text searchable, unlocked, and unencrypted PDF files (FAC provides instructions when filing reports this year) • FAC working towards making all reporting packages transparent to the public – Financial statements, SEFA – Auditor reporting – Schedule of Findings and Questioned Costs 35 PDF Requirement Update ISSUE: Over 40% of the audits uploaded in 2010 were not text searchable GOAL: 100% of FY 2014 audits are unencrypted to allow copying and printing and 85% of the audit’s pages are textsearchable • Phase 1: Began testing audit uploads in August 2012 • Phase 2: All FY 2013 audits with cognizance (@1,800) must be text searchable • Phase 3: All FY 2014 audits must be text searchable OMB PROPOSED REVISIONS TO CIRCULAR A-133 37 Background • 2012 OMB Advance Notice - Reforms to Circular A-133 – Read the AICPA’s comment letter on OMB Advance Notice of Proposed Reforms to A-133, dated April 30, 2012. • New Federal Register notice of proposed changes – OMB Circular A-133 – Cost principles and administrative requirements – Affects over $600 billion in annual federal grants provided • Overarching purposes and impact – Increase efficiency and effectiveness of federal programs – Eliminate unnecessary and duplicative audit and administrative requirements – Focus audit efforts on areas that emphasize achieving better outcomes at a lower cost 38 Summary of Proposal • Audit provisions, include the following – A streamlined single audit for all above $750,000 – Other “tinkering” with major program determination process and other areas – No proposed effective date included in the proposal – It states that changes to underlying Single Audit Act legislation needed to shorten due date (from 9 months to 6 months) • Overall, AICPA will likely be supportive of many of the proposed changes – Many detailed comments are likely to be provided due to size/breadth of proposal 39 Summary of Proposal • Streamlining of Related Circulars and Guidance – – – – – A-21, Cost Principles for Educational Institutions A-50, Audit Follow-Up, related to Single Audit A-87, Cost Principles for State, Local, and Indian Tribal Governments A-89, Federal Domestic Assistance Program Information A-102, Awards and Cooperative Agreements with State and Local Governments – A-110, Uniform Administrative Requirements for Awards and Other Agreements with Institutions of Higher Education, Hospitals, and Other Nonprofit Organizations – A-122, Cost Principles for Non-Profit Organizations – A-133, Audits of States, Local Governments and Non-Profit Organizations 40 Audit Revisions • Single Audit Threshold Increase from $500K to $750K – Less than $750,000 in federal awards = no audit requirement – Entities that fall below the $750,000 threshold must make records available for review or audit by appropriate officials of the Federal agency, pass-through entity, and the Government Accountability Office • Initial AICPA Thoughts – Federal government as user of the audits is in the best position to determine appropriate threshold – Will likely remind them of positions taken in letter on the Advance Notice regarding considerations if they decide to go higher after this round of due process 41 Impact of Threshold 2010 FAC Total # of Audits 2010 FAC Total Dollars 6,115 14% 0.3% <$750k >$750k 38,704 86% 42 <$750k >$750k 99.7% Audit Revisions • Changes to the Major Program Determination Process – Type A/B threshold revised from $300,000 to $500,000 – High-risk Type A program criteria changed • Among other criteria, in the most recent period, failed to receive an unqualified opinion; had a material weakness in internal control; or had questioned costs exceeding five percent of the program's expenditures – Simplified process for identifying high-risk Type B programs that must be tested • Initial AICPA Thoughts 43 – Some changes consistent with previous AICPA suggestions – Still evaluating whether the result of changes will reduce burden (probably will depend on facts and circumstances) – Will likely ask for more clarity in certain areas Audit Revisions • Other Audit Requirement Changes: – Reduction in Types of Compliance Requirements to be tested – Percentage of Coverage reduced from the current 50% (normal) and 25% (low-risk auditees) to 40% (normal) and 20% (low-risk auditees). – Criteria for Low-Risk Auditee status revised – More detail will be required to be reported in auditor findings – Questioned cost threshold for reporting will be increased from $10,000 to $25,000 44 Audit Revisions • Initial AICPA Thoughts on Other Audit Requirements Changes – Many changes consistent with previous AICPA suggestions – Compliance requirement reduction dependent on agencies not moving requirements into Special Tests and Provisions – Still evaluating whether the Percentage of Coverage change will result in changes that will significantly reduce burden – Likely to have comments on findings; for example, • Evidence that statistical sampling appropriate; Results projected? • Accompanied by sufficient supporting documentation? – Effective Date – They need to give enough time for new Compliance Supplement and for auditor’s to be trained – Other comments from our Advance Notice letter not addressed 45 Other Revisions • Will consolidate the cost principles into a single document (A87, A-21, and A122) • Major themes in proposal – Time and Effort reporting (proposal primarily follows concepts in A-21 which is based on concept that a system for establishing estimates produces a reasonable approximation of the activity) – Indirect costs • Initial AICPA Thoughts – The “Other Revisions” will not be the main focus of AICPA comments but we will provide some feedback – Hard to follow what is applicable to each type of entity in certain areas – May be some audit issues with revised time and effort reporting 46 Other Revisions • Consolidates administrative requirements in A102 and A-110 – Basis appears to be A-110 except for procurement which aligns with A-102 • Clarifies federal expectations for pass-through entities and subrecipient monitoring • Emphasis area for federal agencies – Single Audit Accountable Official (separate from coordinator) 47 How to Comment on OMB Proposal • New comment deadline is June 2, 2013. • Comment instructions, including how to provide comments electronically or by mail can be found in the Federal Register notice • You can submit comments on the entire proposal or just specific sections • All comments are being made publically available • Please share your comments with the AICPA by sending a copy to gaqc@aicpa.org 48 How to Find the Proposal and Other Useful Documents • Proposed OMB Uniform Guidance: Cost Principles, Audit, and Administrative Requirements for Federal Awards Proposed Guidance • Other documents available on OMB Web site that should be helpful to you as follows: – Crosswalk from existing to proposed guidance – Crosswalk from proposed guidance to predominant source in existing guidance – Administrative Requirements Text Comparison – Cost Principles Text Comparison – Audit Requirements Text Comparison – Definitions Text Comparison 49 Questions ????
