Today I listened to the rebroadcast of 2015 Peer Review Update. Check out the class if you have the chance.
Heard several few things that distressed me.
In particular, we CPAs collectively need to improve the quality of the work we are doing in the audit arena.
Consider a few points. This is what I heard from the presentation. I haven’t gone back to source documents to verify the numbers or explanations. This is what I heard and jotted down in my notes while listening to the session.
** The Department of Labor found 21% of CPAs submitting audited financial statements to accompany Form 5500s were not accurately reporting their work within the peer-review system. That means that firms were either not listing all their EBP engagements, said they weren’t doing any EBP engagements, or said they weren’t doing any audits at all and thus not even enrolled in the peer review system.
If you wonder whether DOL might be upset with CPAs in general, ponder that info again.
** The AICPA brought in some experienced peer reviewers and had them perform an additional review of engagements that had already gone through peer review. This is called oversight.
They found deficiencies in about 40% of engagements.
What is the definition of a deficiency in that context? An engagement that was identified as acceptable to the initial reviewer but after oversight review was determined to not having been performed or reported on in conformity with professional standards. In other words there is a serious problem in the engagement which was not identified by the initial reviewer. Keep in mind that oversight was performed by experienced reviewers. Our CPA colleagues.
Even if you want to argue oversight by extremely experienced reviewers is going to identify more issues than were identified by the initial reviewers, and even if that is true, that is an embarrassing error rate. I could understand misses of 5% or 10% based on a second extremely careful review by a highly skilled reviewer. But 40%? Ouch.
** The presenter said, if I understood correctly, that is roughly the error rate identified by the Department of Labor and the slightly below the error rate identified several years ago by the President’s Committee (Commission?) on Integrity and Efficiency (PCIE), which looked at quality of single audits. Ouch again.
The presenter in the session said the results from DOL are an embarrassment. That poor level of compliance is a threat to our self-regulation.
With the electronic preparation of Memorandum for Further Considerations, the AICPA has been able to aggregate the issues documented. MFCs are the basic findings that either are resolved at that level, or get elevated to a FFC, or generate a Pass With Deficiency report, or lead to a failure report. The AICPA has accumulated a list of common findings.
** One common finding is ongoing issues with firms not fully implementing SSARS 19. That went into effect for financial statements with years ending after December 15, 2010. That means it’s been effective for calendar year 2010, 2011, 2012, 2013, and 2014. That would be five sets of financial statements for most clients. Yet errors from poor implementation of SSARS 19 are frequent enough to get mentioned in a list of most common findings in peer review.
The presenter call that “pretty disappointing.” I’m sad to say I would have to agree.
**I’m not going to open for discussion the PCAOB deficiency rates. The Going Concern web site has that topic covered.
Issues with identifying deficient engagements in peer review, deficiencies in telling reviewers about EBP engagements, deficiencies in EBP audits, deficiencies in complying with SSARS 19, and deficiency rates in PCAOB inspections …
Ladies and gentlemen of the profession, we all need to put a little more effort into the quality of our attestation work.