Changes To Auditing Standards

Following is the text of a memo I sent to my clients regarding changes in auditing standards affecting financial statement audits.

Introduction

Auditing standards have changed gradually over the years. As a profession, CPAs have not always done a good job of explaining these changes to our clients. One reason is that auditing standards aren’t particularly interesting to you or relevant to your day-to-day responsibilities.

Most changes in the past few years have been as an indirect effect of high profile business failures such as Enron and WorldCom. The Sarbanes-Oxley Act (“SOX”) was the first response, but this only applies to publicly-held companies. The auditing profession is now experiencing the “trickle down” effect of SOX. This means that the auditing standard setting bodies are looking at trends with respect to audits of public companies, and incorporating some of those into requirements that apply to non-public companies, governmental entities and non-profit organizations.

Reporting of Internal Control Matters

One significant change that recently became effective was Statement on Auditing Standards (“SAS”) No. 112. This standard requires us to specifically identify, in writing, certain internal control matters we find. The requirement to put these findings in writing is new. For some internal control matters we note, we are required to label them as “significant deficiencies” or “material weaknesses”. In many cases, use of these terms seems harsh; however, these are the phrases SAS 112 says we must specifically use. SAS 112 has a lower threshold as to what internal control matters must be reported to management and those charged with governance. The implementation of this standard is subject to a wide variety of opinions among CPAs and has often been stressful for auditors to implement.

The New “Risk Assessment” Auditing Standards

Some of the most significant changes in audit procedures in a number of years will soon be effective (for years ended December 31, 2007 and after). Rather than provide you with all the numerous details of the new standards, I wanted to point out some of the changes that may affect you or be apparent to you. Some of these changes include the following:

> Auditors will now be required to spend much more time in the planning phase of audits. This time will be spent (1) obtaining a more in-depth understanding of your organization and its environment, (2) a more rigorous assessment of the risks, specifically noting where and how the financial statements could be materiality misstated and (3) improved linkage between our assessed risks and the nature, timing and extent of audit procedures performed in response to those risks.

These new risk assessment standards will result in new and expanded audit procedures. Our audit planning will include performing an in-depth risk analysis, evaluating internal controls, having discussions with management, and performing other preliminary audit procedures. Some have estimated that up to 30% of the audit time will be expended prior to beginning the year-end auditing procedures. The risk analysis that is performed will be tied directly to the auditing procedures we develop. At Strothman & Company, we have generally always used a risk-based auditing methodology. However, now the linkage between the risk assessment and the audit steps will be more formal.

> We will now be required to talk with a wider range of people within the organization, and will be required to make a wider range of inquiries. In addition to an organization’s financial professionals and chief executive officer, we will now be encouraged to speak with key people in areas such as operations, information technology, human resources, and risk management. In addition, we will need to speak with “those charged with governance” (such as representatives of the audit committee or finance committee).

> There is a developing expectation that organizations will design, implement, document and test their own internal controls. As part of the risk assessment process, we will be looking at your efforts along these lines, and will be making comments for improvement as appropriate.

> Auditors will be required to look at an increased level of underlying documentation. Client explanations of transactions will need to be supplemented by review of documents and accounting records.

> When I entered the profession, “materiality” was unofficially defined as 5% of a particular amount or account balance. This percentage, of course, was never found in the professional literature. It was just a “rule of thumb” that arose over time. As auditing standards have evolved, the concept of materiality has been expanded. Auditors must now not only consider percentage relationships, but also have to evaluate a number of “qualitative” factors. Generally speaking, going forward, a better set of financial statements and a smoother audit will be the result if all known financial statement misstatements are recorded before the auditor shows up.

I hope the above explanation is helpful to you and will help you understand why your auditors may be acting a little differently than in the past. If you have any questions, please let me know or contact any member of our Strothman & Company team. We look forward to serving you.

Required Disclosure Regarding Advice

Any advice given on this blog may or may not be suitable for your individual situation. Any plan of action you may consider should first be checked out with your personal tax adviser and/or attorney.

Also, any advice given on this blog is not intended or written to be used, and cannot be used by any recipient for the purpose of avoiding penalties that may be imposed under the Internal Revenue Code and is not intended to be used or referred to in any marketing or promotional materials. This disclaimer is made to comply with Circular 230, which governs practice before the Internal Revenue Service.

Determining If New Workers Are Legal

I’ve had clients inquire about their responsibility for determining if a new employee is legally authorized to work in the U.S. The first step in this process is completing Form I-9, Employment Eligibility Verification. The employer is responsible for making sure this form is completed. The employee must provide documents supporting his/her legal work status within three days of starting work. If they cannot, they can present a “receipt for the application of the documents” within three days and supply the actual documents within 90 days.

Employers are not required to independently verify documents presented. In fact, the instructions to the Form I-9 say “An employer cannot request that an employee present more or different than are required or refuse to honor documents which on their face reasonably appear to be genuine…”. The instructions also include several pages warning employers that they cannot discriminate based on apparent national origin, among other factors, and outlines how employees may file complaints against the employer with the U.S. government. Clearly, an employer could easily be intimidated with the consequences of questioning the validity of documents presented.

Another key step in adding new employees is obtaining a Social Security number. This is done by asking the employee to complete Form W-4, Employee’s Withholding Allowance Certificate. The employer is not required to verify the Social Security number provided, although the IRS does provide several ways to do this. If an employer receives an IRS notice that indicates an employee’s Social Security number may not be correct, they are required to make a “annual solicitation” to the employee for a corrected number. If the employer receives another IRS notice, they are required to make a “second annual solicitation”. The employer simply needs to document that they made the required solicitations. They do not need to force the employee to respond. Also, the IRS guidance states that “Employers should not use receipt of an IRS notice as grounds for employee termination.” As such, the employer is covered as long as they make the two inquiries and documents their attempts to do so.

A few observations. First, employers are generally not trained in the art of determining whether documents are valid or false. In fact, as noted above, the government puts forth a disincentive for asking employees too many questions in this regard. Secondly, the employer has very little responsibility with respect to verifying Social Security numbers. If the two annual “solicitations” are made and documented, they are off the hook (apparently even if they never get a correct number from the employee). Employers certainly do not need any more requirements heaped upon them. However, in my opinion, the current government system makes it relatively easy for illegal aliens to work in this country, and even perhaps continue working indefinitely.

Coach To The Goal

My good friend Michael Duke provides services to companies looking to recruit, motivate, coach and retain great employees. He has helped our firm over the years and has made a positive impact on our recruiting and employee development process. I recently attended one of his seminars, Coach To The Goal, and recommend it. The dates and times of this and other upcoming Michael Duke seminars may be found here. He also recently published a new book by the same name, which may be found here. Please contact me if you have any questions about Michael's services or qualifications. I'm a big fan!

French Lick and West Baden Hotels

My wife and I just returned from two nights at the French Lick Springs Hotel (1901) in French Lick, Indiana. It is about an hour and a half from Louisville. In years past, we had stayed at the hotel several times and had toured the West Baden Springs Hotel (1902) while it was in the early stages of being remodeled (this is a picture of the lobby, which they say was the largest dome in the U.S. until the Louisiana Superdome was built).

They added a casino in 2006 and extensively remodeled both hotels. The results are amazing, especially the West Baden Springs Hotel. It was wonderful to see how these two great hotels have been restored. They are certainly both up to the standard of any four or five star hotel in which we have stayed. The room rates reflect this; however, we found that they fell substantially after the weekend. I would encourage you to check it out.