SQCS No. 7 requires that a firm establish and document policies and procedures for, among other things, the acceptance and continuance of clients and engagements. It reads in paragraph 1.10:
“The objective of the quality control element that addresses acceptance and continuance of client relationships and specific engagements is to establish criteria for deciding whether to accept or continue a client relationship and whether to perform a specific engagement for a client. A firm’s client acceptance and continuance policies represent a key element in mitigating litigation and business risk. Accordingly, it is important that a firm be aware that the integrity and reputation of a client’s management could reflect the reliability of the client’s accounting records and financial representations and, therefore, affect the firm’s reputation or involvement in litigation. A firm’s policies and procedures related to the acceptance and continuance of client relationships and specific engagements should provide the firm with reasonable assurance that it will undertake or continue relationships and engagements only where it:
- Has considered the integrity of the client, including the identity and business reputation of the client’s principal owners, key management, related parties, and those charged with its governance, and the risks associated with providing professional services in the particular circumstances.
- Is competent to perform the engagement and has the capabilities and resources to do so.
- Can comply with legal and ethical requirements.
- Has reached an understanding with the client regarding the services to be performed.”
As we can plainly see, client acceptance and continuance procedures are the foundation of the risk assessment process. As discussed in SAS No. 107, management’s integrity is one of the elements of risk at the financial statement level. Plainly speaking, high risk at the financial statement level requires more evidence to mitigate the risk. Low risk requires less evidence.
Making the Client Investigation
To comply with these professional standards, the in-charge or engagement leader must make an investigation of new clients and their management. While making this investigation, we should determine that:
- We are independent in fact and in appearance.
- We are qualified to undertake the engagement.
- Management is honest and not involved in illegal acts.
- The client’s financial reporting system can provide, and management intends to provide, financial statements that are fairly presented.
Our investigative procedures may include:
- Obtaining credit information on the company and its officers.
- Discussion of the prospective client with the company’s bankers and attorneys.
- Asking the potential client why the company is changing CPAs.
- Obtaining the company’s permission to communicate with its former auditors.
- Making inquiries of former auditors about disagreements, management’s
- integrity, uncollected fees or other reasons why we should not accept the audit.
- Reviewing reports of former auditors.
- Asking management if any officers and directors have been convicted of a crime.
Client Acceptance and Continuance Forms should be designed to facilitate new and continuing client investigations. These forms should be reviewed and updated to annually evaluate continued association with a client and an engagement.
The investigation of potential new clients, and the on-going evaluation of existing clients, provides information that enables a CPA firm to determine that a client meets it quality standards. Once a decision is made to accept or continue a client relationship, the quality of client personnel generally should be evaluated as high, high in competence and high in integrity. These attributes form the foundation for collecting evidence on audit engagements.
A substantial portion of audit evidence, particularly on small audits, is obtained from inquiries and observations. If the auditor has determined that client personnel have high integrity, then the auditor can rely upon client responses and observations of their activities as tests of controls. Substantive evidence from tests of controls and other risk assessment procedures, even on small audits, will reduce the total amount of substantive evidence from other procedures that are necessary to reach conclusions about engagement objectives. This is HUGE!
I’ll say it one more time. If we have evaluated the integrity of a client’s personnel as high, we should be able to trust what they tell us! When we can trust what they tell us in response to our inquiries, we have obtained inexpensive substantive evidence that can replace some of the other more expensive auditing procedures. An audit of a reporting entity whose management has high integrity can result in substantial audit profits!
For more information on how to increase engagement profits by evaluating risk at the financial statement level, my Small Audit Series of live webcasts and self-study materials is available by clicking the applicable box on the left side of my home page, www.cpafirmsupport.com .