Senior Technical Manager AICPA
Columnist
Share this content

How to Overcome Auditing Challenges Among COVID-19

Thanks to the COVID-19 pandemic, auditors are facing some real challenges in how they perform their work, including an increased risk in fraud and a greater chance of breakdowns in internal controls. Kristy Illuzzi, CPA and CGMA Staff Liaison to the PCPS Technical Issues Committee, discusses the AICPA's recommendations in-depth and offers resources auditors can use to make their jobs easier.

Dec 14th 2020
Senior Technical Manager AICPA
Columnist
Share this content
auditing standards
iStock_Ridofranz_auditor

This year has posed significant challenges for many, including auditors and the clients they serve. The widespread shutdowns, travel restrictions, economic instability, CARES Act and other relief funding, and accounting complexities associated with the pandemic have presented challenges for many auditors. Throughout the pandemic, the AICPA has issued resources to assist auditors that we wanted to highlight in preparation for the 2020 audit season.

Unique Audit Risks in a Pandemic

In addition to scope limitations, audits in 2020 face some unique risks that perhaps were not present before the pandemic. Those heightened risks include:

  • Breakdowns in internal control
  • Heightened fraud risk
  • Noncompliance with laws and regulations due to increased legislation from the CARES Act and other government funding sources
  • Auditing accounting estimates

Internal Control Risks

With many companies shifting to a work-from-home model due to states’ stay-at-home orders, companies made some change to their internal control systems. If this occurred, there is a risk of a breakdown in internal controls during the year. This may cause auditors to need to test internal controls before and after the pandemic to obtain an understanding of them and also test the design and effectiveness of the organization’s controls per AU-C section 315 of the auditing standards. In cases where there have been breakdowns in internal control, the auditor may not be able to rely on those controls and needs to perform more substantive procedures to reduce audit risk to an acceptable level.

Heightened Fraud Risk

Auditors are also on heightened alert for fraud risk this year. The pandemic has increased the likelihood that an entity could be in violation or close to violating debt and other covenants, and large PPP loans, coupled with decreased revenues, may have put management in a situation where they may have violated the required financial ratios required for compliance. As a reminder, AU-C section 250 covers the auditor’s responsibility to consider laws and regulations in a financial statement audit.

The breakdowns in internal control mentioned earlier may have also increased the opportunity for fraudulent financial reporting or misappropriation of assets, and management may also try to rationalize this behavior to keep the company afloat during these challenging times.

It is recommended that any fraud interviews be conducted on video when they cannot be conducted in person so that the auditor can see body language during discussions with management.

Examples of risks of fraudulent financial reporting misstatements that may be heightened in the current environment include:

  • Fictitious revenue
  • Fraudulent management estimates
  • Improper timing of revenue
  • Fraudulent federal relief program applications

A recent Journal of Accountancy article covers these issues more in depth and reminds us of the auditor’s responsibilities with regard to fraud in a financial statement audit.

Noncompliance With Laws and Regulations

For entities receiving government assistance during the pandemic, noncompliance with rules and regulations is also a concern. Entities receiving more than $750,000 are subject to the Single Audit Requirements that require the auditor to test controls over major programs as well as test any program-specific requirements. These audits have a significant public interest component, as federal agencies rely on them as part of their administrative responsibilities for determining compliance with the requirements of federal awards. The rules and compliance requirements regarding some of these federal funds (including those issued by the Department of Health and Human Services) continue to be in flux, which is causing even more anxiety for auditors as they try to prepare for these audits.

To assist CPAs, government and not-for-profit staff, auditors, controllers and financial directors in managing these single audit challenges, the AICPA’s Governmental Audit Quality Center has developed a library of resources and, most recently, hosted a Single Audit Update at the AICPA Governmental and Not-for-Profit Online Training Program.

Auditing Accounting Estimates

Auditing estimates are also an area of heightened risk for 2020 audits. Companies are required to make estimates in many areas, including those associated with revenue recognition, inventory valuation, allowance for doubtful accounts, and impairment of long-lived assets, goodwill and other intangibles. In some cases, auditors may need to engage a specialist to assist with these estimates. If a company is struggling financially and not able to engage a specialist to perform these valuations, it may turn to its auditor for assistance. Auditors are reminded of the independence requirements under the AICPA’s Code of Professional Conduct when a client asks for assistance with more complex estimates and/or valuations.

The Auditing Standards Board (ASB) recently proposed a standard that would provide practitioners with more guidance on auditing management’s estimates of the fair value of financial instruments, including guidance on the use of pricing services. The Proposed Statement on Auditing Standards (SAS), Amendments to AU-C Sections 501, 540, and 620 Related to the Use of Specialists and the Use of Pricing Information Obtained From External Information Sources, was issued on November 4, and comments are due by February 4, 2021.

Auditing PPP Loans

Many auditors are asking what, if any, additional audit procedures they should perform on client loans received under the Payroll Protection Program (PPP).

CPA firms should review their quality control policies to determine if PPP funding needs to be specifically addressed. For some firms, these loans could trigger a full Engagement Quality Control Review (EQCR) or perhaps a second or pre-issuance review.

The auditor would also be required to perform a risk assessment to determine whether these loans have an increased risk of material misstatement, and then test accordingly.

Determination of risk might also be somewhat dependent on the accounting model elected to report the loan. In June 2020, the AICPA issued a Technical Question and Answers that addresses borrower accounting for PPP loans received by nongovernmental entities whereby three options are provided. Of these three options, the debt model might be the least “risky,” whereby the entity records the debt and would not release that obligation until it has been legally forgiven by the Small Business Administration (SBA). However, entities that treat these loans as grants and apply FASB ASC 958 and record revenue as conditions are substantially met might have increased audit risk, especially in cases where all or a portion of the loan is unlikely to be forgiven.

Potential Scope Limitations

Some auditors may encounter scope limitations that will result in either a delay in the issuance of an audit report, a qualified report or even an adverse or disclaimer report, depending on the circumstances. Some of the more common actions that could result in a potential scope limitation include:

  • Inability to perform physical inventory observations
  • Lack of access to client records
  • Understanding and testing of internal controls
  • Inability to confirm accounts
  • Forecasting related to going concern
  • Performing subsequent event procedures
  • Obtaining management representations

The Center for Plain English Accounting (CPEA) is the AICPA’s national resource center, and, in an April report, it provided more detail on each of these potential scope limitations and alternative procedures that auditors may want to consider. For example, in cases where scope limitations could result in a delay of the audit and the client needs to manage bank covenants that require audited financial statements within a specified time period, auditors can advise the client on how to receive necessary extensions.

Additional Resources

The AICPA has issued guidance, resources and tools for many situations that have arisen during the pandemic, many. The Coronavirus Resource Page has a wealth of resources, including guidance specific to audit and assurance issues related to COVID.

The AICPA’s technical hotline also stands ready to assist members with questions. Members can submit questions via an online inquiry form, and an AICPA staff member will get back to you.

Replies (0)

Please login or register to join the discussion.

There are currently no replies, be the first to post a reply.