Audits

Time to start paying attention to Ernst and the collapse of Lehman

The New York AG has sued Ernst & Young over its role in the collapse of Lehman Brothers.  Probably a good time for those of us CPAs who are far removed from the Big 4 world to start paying attention.  The article in the Wall Street Journal here is a good place to start.  The articles I’ve read at the WSJ and elsewhere are starting to have those “where were the auditors” type of questions.  I know you don’t have enough things to do, but might be worth reading a few articles on point.

A creative way to communicate fraud prevention to your clients

As CPAs, we look for creative ways to persuade our clients to implement good internal controls.  I fear that our comments as CPAs usually fade along with all the other you-gotta’-do-this-now messages in our regulatory heavy culture.  Another approach is to explain the devastation that arises from fraud.  I have a new post at my other blog that takes this approach:  The tragedy of fraud.  …

Welcome to my new blog!

Greetings, and welcome to my new blog.  I am still blogging at Nonprofit Update, found at www.ulvog.wordpress.com.  Why the new site?  I am talking to two very different audiences: the nonprofit community and CPAs working in the attestation area.  Thus, I will split my writing between two different blogs. 

Many of the previous posts of interest to CPAs have been brought into this blog.  Some of these posts are deleted from the other blog and some are left there.  In the future, posts related to the NPO world will be at www.ulvog.wordpress.com, comments specific to the CPA community will be here, and comments of interest to both will be cross-posted.

I hope this will be of help as you keep up to date with the torrent of changes in the attestation world.  Enjoy!

Three implications of the seven-year document retention for CPAs

What are some of the implications of California CPA’s having to retain their workpapers for seven years after the report date (section 5097)?  Accessibility, lockdown, and offsite backup seem to be three issues that make it more difficult that just keeping the files on your server for a long time. …

Financial statements should not refer to FASB documents

Just a reminder that financial statements should not be referring to FASB documents or other accounting literature, such as FIN 48, FAS 157, FAS 13, FSP 117-1 or any of those other things we know by heart.  FASB Statement #168 established the Accounting Standards Codification to replace all the accounting literature then in effect. …

Will SAS #115 increase or decrease Significant Deficiency comments?

Here is a question for thought:  Do you think the change from a bright line definition of significant deficiency in SAS 112 (greater than remote chance of more than inconsequential error, etc.) to a very loose definition in SAS 115 (something the auditor believes should be brought to the attention of those charged with governance) will increase or decrease the number of significant deficiency comments? 

To frame up the discussion, I am thinking about the smaller entities, perhaps from $1 to $15 million of revenue in the non-profit community.

My thought process is that by calling something a “significant deficiency” and putting it in the same letter as the comments on material weaknesses we are clearly saying this is a ‘biggie’.  Don’t have any technical words now to describe that categorization like we did before, but we are obviously calling a lot of attention to the issue.  We still have the letter of recommendation as a tool to communicate suggestions, ideas, opportunities to improve internal control, or scold management for those pesky technical things we always comment on (you know, document every credit card purchase, list the who and why for all meal purchases, please get the fixed asset detail to tie to the general ledger). From my perspective, I think there are probably more items that will drop from the SD list to the LOR than move up from the LOR to the SD letter.  Possibly will be some SD comments that don’t need to be mentioned.  There are a lot of comments we auditors give to our clients that really should be fixed, but don’t seem to be serious enough to frame them up as a ‘biggie’.

One of the major CPA firms working in the non-profit community thinks the volume of comments will go up.  Another person in that school of thought was the presenter at a class I attended a while back.  His perspective, coming from running a very large volume of yellow book audits in his firm, is the volume of SD comments will increase.  If I recall correctly, his line of reasoning is if there is something that the auditor firmly believes in and is worth putting in writing, and then the issue probably should be brought to the attention of the board and thus is an SD. 

Had a fun visit with a colleague at another firm recently.  His thoughts are that the volume will increase.  I will rephrase his comments to reflect my expanded perspective of the issue.  So, this is partly my description, not completely his.  Since we as auditors are now freed of the bright line definition, we can reposition the comments as helpful ideas instead of problems at the mid-level of severity.  Instead of being a ‘problem’ to be fixed, the SD comments can now be phrased as something that we (the auditors) really thing you (the board or those charged with governance) should think about and work on.  How does this work for a characterization:  the SD letter become more of a structured ‘lets talk’ framework instead of ‘fix this problem’ notification.

One more idea – – since the definition is much more subjective, do you think there will be serious push-back from management during single audits?  Seems to me there will be massive push-back to prevent something that is only an opinion (without support of a bright line) from going to the federal agencies in writing.

So, those are my thoughts.  Perhaps this blog is too young for a conversation to begin. However, if you wish to comment, I would welcome the conversation.  Remember this is an evolving idea. Since it will take a few years to develop a wide consensus for the impact of the new definition, all opinions expressed here (including mine!) are subject to change and revision when we feel like it!

Type I and Type II are no more

Type I and Type II subsequent events don’t exist anymore.  The two types of subsequent events are now called ‘recognized’ and ‘non-recognized’ by FASB statement 165, now located at ASC 855-10-50-1.  The terms we grew up with have disappeared.  I’m still trying to work that into my audit memorandums.  May take me a while for that to become second nature.

Here is the original FAS 165, but remember it has been superseded. Go to the codification web site to read the authoritative ASC. (If you haven’t been there before, you have to register to use the site.)