Here are some fun or interesting or useful tidbits from the October 2018 A&A and the June 2019 Not-for-profit conferences presented by California Society of CPAs.
Previous post had comments on accounting and auditing.
Peer review
One speaker said there are several common issues for weaknesses in risk assessment:
- Limited assessment
- No linkage (relating the assessment of risks to further audit procedures)
- Poor use of third-party practice tools
- No assessment of IT risks
Not doing any risk assessment is now a major problem for you in a peer review if you missed the boat on the risk suite of standards.
For Yellow Book audit, the workpapers must document SKE (skills, knowledge, experience) of staff overseeing non-attest services. Although the professional standards do not exactly require documentation of SKE for non-attest service on a non-yellow book audit, the speaker said (if I heard correctly) that the California Peer Review Committee has a considered opinion that such documentation is required.
So, if you have non-attest services on a non-yellow book audit, say maybe drafting the financials or preparing a tax return, you had better document the SKEs.
The ol’ “fix it next year” way of disposing of problems in the audit workpapers during a peer review doesn’t fly anymore. Remediation plans (meaning what you are currently in the process of doing to fix the issue) need to be discussed in the report and letter of response.
Speaker also said there are fewer CPAs providing audit services and fewer CPAs providing peer reviews.
My little bity pea brain says that shrinking pool of auditors means audit fees ought to be going up. The shrinking pool of reviewers means peer review fees ought to be going up a lot, especially for the more rapidly shrinking pool of reviewers willing to look at yellow book audits.
A different speaker gave some stats on peer reviews. I did not write down the year of the data.
- 214,000 – number of CPA firms in US
- 25,000 – number of firms getting peer review (Not sure if this is annual or every 3 years. I think there are around 3,000 firms in California getting a peer review over a three-year cycle, so the 25K might be total firms, not the annual count.)
- 10,000 – number of firms getting system reviews, i.e. providing audits.
Failure rate of audits that go through review for ERISA engagements is distressing. He mentioned stats, which I think are from an AICPA review, which found roughly the same rate of issues as a DoL review:
- 39% – failure rate of ERISA audits overall
- 79% – failure rate for firms that perform under 10 ERISA audits.
In terms of workpaper documentation, his observation from the reviews he performs is that many auditors have a lot of information in their head that isn’t on paper.
That brings to mind a question for you to ponder during your next audit: What valuable information about this client do I know that isn’t written down anywhere in the workpapers?
I will repeat a comment he made, since it was in public: His minimum fee for a system review is $6,000 with more fees if there are issues that take more time.
Oh, another thought for you to ponder. If you get two consecutive peer review reports with grade less than passing, the AICPA will consider whether to drop you from the peer review program. That has serious ripple effects. For example, you can’t provide attestation services in California if you are not enrolled in the peer review program. It is quite important to get a “pass” report at least every other review.
Next posts:
Good article Jim. I think you’re spot on about audit fees and peer review fees. Think of all of the factors that would indicate audit fees should go up – its’ hard to find staff, documentation requirements increasing, peer review fees (and time involved) increasing, new revenue recognition and lease standards. But it’s like lightning with no thunder, where’s the fee increase? You can bet tax fees increased with the new tax law.
Unfortunately, many audits are priced by competitive bid, and many of us CPAs are timid by nature, and not willing to go for fee increases, worried we’ll lose the bid.
Look at the attorney bills for your small clients – are they timid about billing? We need to be more assertive on fees.
Ironically, clients becoming more inclined to auditor rotation may help boost fees. As auditors, if we know we may only have three years before being rotated out, we will more likely not be inclined to eat the extra time in the first year of an engagement.
Hi Jim:
Other factors include additional accounting rules you didn’t mention, a major overhaul of the auditor’s report and a laundry list of minor changes in audit rules next year (seemingly minor until something you missed triggers an FFC or deficiency on peer review), increasing grumpiness by federal agencies. Don’t forget staff have quite reasonable expectations of raises far higher than inflation as their experience and productivity rises each year.
Over last few years I’ve added modest fee increases across the board and have received little pushback.
While looking at the legal invoices during audit testing, check out the billing rates. Wow.
Thanks for reading the blog and thanks especially for taking the time to write a long comment.
Jim
P.S. Another factor is firms that don’t quite have their audit work and documentation nailed down tight will find out is that the time to resolve substantive issues during a peer review is rising. The list of items that create substantive issues in a peer review is expanding. Here in California, the state board has been grumpy about audit quality for a while. That’s ‘grumpy’ as in bringing disciplinary actions. Oh yeah, it is possible for a bust on a comp or review to draw disciplinary action.
Thanks for blogging Jim, we need more practitioners giving their practical advice.
It’s important that we use peer review horror stories to motivate us to improve quality, not become paralyzed with anxiety. Once the bad news gets us focused, try to get calm and clear your head, and just focus on doing good work!
Hi Jim:
Funny thing about blogging…it is like teaching. To write or teach on a topic, you need to understand the issue. You can’t just browse a news article once and then write. One needs to read it a couple times for understanding, check some related articles or facts, grasp the idea well enough to explain it, and then start writing. So by blogging I learn more.
You are quite correct on how to respond to the bad news about peer review results or the California board’s disciplinary actions I discuss often on this blog. Learn from those stories there is a down side to bad attestation work. Then go to the classes and pay attention, read and *use* those third party tools, and sit down to read major pronouncements, like SSARS 21, SAS 134, or ASU 2016-14. Do that and your name won’t appear in the California board’s three-times-a-year newsletter.
And if you get dinged in a peer review on some tidbit you didn’t know, then learn from it and move on.
It is easy to say yet harder to do, but the solution is simple. You already said it: Do good work.
Thanks for taking the time to comment!
Jim