This chapter covers the auditing profession and the role of regulators and standard setting such as AICPA, PCAOB, SEC, International Standards on Auditing (ISAs).
Nature and Structure of CPA firms
PCAOB Role in Auditing
SEC Role in Auditing
AICPA Role in Auditing
International Standards on Auditing ISA
The Clarity Project
Quality Controls in CPA firms
The four major services that CPAs provide are:
- Audit and assurance services. Assurance services are independent professional services that improve the quality of information for decision-makers. Assurance services include attestation services, which are any services in which the CPA firm issues a report that expresses a conclusion about the reliability of an assertion that is the responsibility of another party. The four categories of attestation services are audits of historical financial statements, attestation on the effectiveness of internal control over financial reporting, reviews of historical financial statements, and other attestation services.
- Accounting and bookkeeping services. Accounting services involve preparing the client’s financial statements from the client’s records. Bookkeeping services include the preparation of the client’s journals and ledgers as well as financial statements.
- Tax services. Tax services include preparation of corporate, individual, and estate returns as well as tax-planning assistance.
- Management consulting and risk advisory services. These services range from suggestions to improve the client’s accounting system to advice on risk management or on computer installations.
The six organizational structures available to CPA firms are: proprietorship, general partnership, general corporation, professional corporation (PC), limited liability company (LLC), and limited liability partnership (LLP). CPA firms are typically not organized as a general partnership because a general partnership offers less protection from legal liability relative to other structures such as a limited liability partnership.
The Public Company Accounting Oversight Board (PCAOB) provides oversight for auditors of public companies, including establishing auditing and quality control standards for public company audits, and performing inspections of the quality controls at audit firms performing those audits.
The AICPA is the organization that sets professional requirements. The AICPA also conducts research and publishes materials on many different subjects related to accounting, auditing, management consulting and advisory services, and taxes. The organization also prepares and grades the CPA examinations, provides continuing education to its members, and develops specialty designations to help market and assure the quality of services in specialized practice areas.
International Standards on Auditing (ISAs) are issued by the International Auditing and Assurance Standards Board (IAASB) of the International Federation of Accountants (IFAC) and are designed to improve the uniformity of auditing practices and related services throughout the world. AICPA Statements on Auditing Standards (SASs) are established by the Auditing Standards Board of the AICPA, and are applicable to private entities within the United States. As a result of efforts by the Auditing Standards Board of the AICPA to converge U.S. standards with international standards, AICPA auditing standards and International Standards on Auditing are similar in most respects. PCAOB Auditing Standards apply only to U.S. publicly traded companies and other SEC registrants, including broker-dealers. However, given that the PCAOB initially adopted existing standards established by the Auditing Standards Board as interim auditing standards, standards for audits of U.S. public and private companies.
The Public Company Accounting Oversight Board (PCAOB) was established by the Sarbanes-Oxley Act of 2002 in the wake of multiple accounting scandals and alleged audit failures, including those of Enron and WorldCom. The PCAOB provides oversight for auditors of public companies, including establishing auditing and quality control standards for public company audits, and performing inspections of the quality controls at audit firms performing those audits.
The purpose of the Securities and Exchange Commission is to assist in providing investors with reliable information upon which to make investment decisions. Since most reasonably large CPA firms have clients that must file reports with the SEC each year (all companies filing registration statements under the securities acts of 1933 and 1934 must file audited financial statements and other reports with the SEC at least once each year), the profession is highly involved with the SEC requirements.The SEC has considerable influence in setting generally accepted accounting principles and disclosure requirements for financial statements because of its authority for specifying reporting requirements considered necessary for fair disclosure to investors. In addition, the SEC has power to establish rules for any CPA associated with audited financial statements submitted to the Commission.
Statements on Standards for Attestation Engagements provide a framework for attest engagements, including detailed standards for specific types of attestation engagements.
The PCAOB has responsibility for establishing auditing standards for U.S. public companies, while the Auditing Standards Board (ASB) of the AICPA establishes auditing standards for U.S. private companies. Prior to the creation of the PCAOB, the ASB had responsibility for establishing auditing standards for both public and private companies. Because existing auditing standards were adopted by the PCAOB as interim auditing standards for public company audits, there is considerable overlap in the two sets of auditing standards.
International Standards on Auditing (ISAs) are issued by the International Auditing and Assurance Standards Board (IAASB) of the International Federation of Accountants (IFAC) and are designed to improve the uniformity of auditing practices and related services throughout the world. The IAASB issues pronouncements on a variety of audit and attest functions and promotes their acceptance worldwide. As a result of efforts by the Auditing Standards Board to converge U.S. GAAS with international standards, AICPA auditing standards and International Standards on Auditing are similar in most respects.
Auditing standards represent the combination of the four principles and all the Statements on Auditing Standards (SASs) that are codified in the AU-C sections. The principles outlined in Figure 2-2 provide a framework for the auditing standards. Examples of auditing standards include any of the SASs (e.g., SAS No. 125), covering topics such as audit planning or assessing the risk of material misstatement.
Generally accepted accounting principles are specific rules for accounting for transactions occurring in a business enterprise. Examples may be any of the opinions of the FASB, such as accounting for leases, pensions, or fair value assets.
Auditors develop their competency and capabilities for performing an audit through formal education in auditing and accounting, adequate practical experience, and continuing professional education. Auditors can demonstrate their proficiency by becoming licensed to practice as CPAs, which requires successful completion of the Uniform CPA Examination. The specific requirements for licensure vary from state to state.
For the most part, auditing standards, including SASs, are general rather than specific. Many practitioners along with critics of the profession believe the standards should provide more clearly defined guidelines as an aid in determining the extent of evidence to be accumulated. This would eliminate some of the difficult audit decisions and provide a source of defense if the CPA is charged with conducting an inadequate audit. On the other hand, highly specific requirements could turn auditing into mechanical evidence gathering, void of professional judgment. From the point of view of both the profession and the users of auditing services, there is probably a greater harm from defining authoritative guidelines too specifically than too broadly.
Quality controls are the procedures used by a CPA firm that help it meet its professional responsibilities to clients. Quality controls are therefore established for the entire CPA firm as opposed to individual engagements.
The element of quality control is personnel management. The purpose of the requirement is to help assure CPA firms that all new personnel are qualified to perform their work competently. A CPA firm must have competent employees conducting the audits if quality audits are to occur.
A peer review is a review, by CPAs, of a CPA firm’s compliance with its quality control system. A mandatory peer review means that such a review is required periodically. AICPA member firms are required to have a peer review every three years. Registered firms with the PCAOB are subject to quality inspections. These are different than peer reviews because they are performed by independent inspection teams rather than another CPA firm.
Peer reviews can be beneficial to the profession and to individual firms. By helping firms meet quality control standards, the profession gains if reviews result in practitioners doing higher quality audits. A firm having a peer review can also gain if it improves the firm’s practices and thereby enhances its reputation and effectiveness, and reduces the likelihood of lawsuits. Of course, peer reviews are costly. There is always a trade-off between cost and benefits.