Top risk issues for public practice firms
Content Summary
- Professional standards
This article was current at the time of publication.
CPA Australia’s most recent findings from its 2023 CPA Australia Best Practice Program (Program) assessments found issues ranging from failing to confirm client engagement terms to a lack of appropriate system of quality management of audits.
“Non-compliances consistently identified in all assessments performed is a risk for the profession and not just for the individual members,” says Jodie Smith FCPA, Manager Best Practice Team for CPA Australia.
The Program, which has replaced the Quality Review Program, supports and guides members toward building a sustainable business aligned to best practice, as laid out in the My Firm. My Future framework.
The assessments are conducted under the aegis of this Program. Here are the major areas of risk, in detail.
Ensuring terms of engagement
From the outset of the accountant-client relationship, best practice dictates full disclosure and explanation of services under APES 305 Terms of Engagement.
Key assessment findings included insufficient documentation of the use of outsourced services, including cloud computing, and the location of those services; use of outdated terms of engagement templates; and a lack of confirmation of clients’ acceptance of the terms of engagement.
Smith notes, “Often members fail to have, or have old terms of engagement, in their engagement files. This often means that they are missing some of the required disclosures of the Terms of Engagement APES 305 and disclosures relevant to their service offering such as Taxation APES 220, Financial Reporting APES 315 and Auditing Standards (ASA).”
Not being clear about the scope of service being offered can also result in accountants straying outside their role, further putting them at risk. Best practice is to update Terms of Engagement annually before commencing work, notes Melissa Read, FCPA Head of Professional Standards.
In taxation terms of engagement or letters, members also need to inform clients of their rights and obligations including the need to keep self-assessment records, as well as the penalties and consequences.
Not documenting client responsibilities, or insufficient documentation to support the compilation of financial information, and/or missing or incorrect compilation reports contained in the financial statements is risky for members.
“Compilation reports”, notes Smith, “provide the member, their client and the users of the financial information with the parameters around which the reports are prepared, disclaim the preparer from accuracy and reliability of the information and attest that no audit or assurance is provided.
“They also provide the date on which the financial information is prepared [and] the basis on which they are prepared.”
Audit and assurance: lack of documentation
Another key area of concern is audit and insurance.
“Audit Planning Procedures were often not documented, nor evidence provided to support the audit procedures which often leads to execution procedures not meeting the requirements,” says Smith.
The assessments also found cases where Management Representation Letters were missing, unsigned, undated or not prepared and signed as close to (and before) the issuing of the audit report.
“This letter provides the auditor with written assurance that those charged with governance take responsibility for the financial statements and their accuracy and completeness,” explains Smith.
“It also serves as important audit evidence to support the auditor’s opinion on the audit.”
In signing audit reports, auditors are saying they are compliant to all applicable auditing standards, which includes Auditing Standard ASQM1 requirements.
“Any non-compliance brings risk for claims and disciplinary action from regulators or even CPA Australia,” says Smith.
Read reiterates that it’s important for all accountants performing audit and assurance engagements to ensure there is adequate documentation to support the process.
Areas to pay attention to include:
- Independence
- Planning documentation, including, materiality, fraud and risk of material misstatement, and professional scepticism
- Use of sampling
- Going concern and post balance date events
- Management representations.
Quality and risk management
Assessment findings showed varying level of awareness and compliance with recent changes to quality management standards.
Says Smith: “Monitoring of ASQM1, APES 320 Quality Management, and APES 325 Risk Management are often overlooked despite manuals stating annual review.”
And finally better disclosure required
Non-compliance with the Risk Management Framework, Continuing Professional development and the display of the Limited Liability Statement on all required documentation/stationery as required in the Professional Standards Scheme jeopardises members’ reliance on the Professional Standards Scheme that helps limit liability.
“A larger than usual number of assessed members in 2023 did not fully meet all of the disclosure requirements of the Professional Standards Scheme legislation,” says Read. “If a member has not made the appropriate disclosures this could impact their ability to rely on the scheme in the event of a claim.”
The disclosures are simple and not time consuming to maintain, she says, adding, “members should consider them annually when renewing their Professional Indemnity Insurance as a prompt to check if the requirements have changed.”
Discover more
When it comes to independence and objectivity, vigilance pays
Independence and objectivity key to the accountant’s brand. Here’s how to maintain your integrity.
- Professional standards
article·Published onWhat ISSB standards could mean for sustainability reporting
8 August 2022 | What the draft recommendations could mean for your sustainability reporting
- Professional standards
- Accounting updates
Published on21 min read timeMaking IFRIC agenda decisions mandatory
1 May 2020 | What you need to know
- Professional standards
Published on22 min read timeProfessional Standards Scheme offers benefits to CPAs and clients
Not only does it strengthen your relations with clients, it’s also a risk management tool
- Professional standards
article·Published onIFRS 15 revenue from contracts with customers
13 October 2016 | Join our policy expert as key features are discussed
- Professional standards
- Financial reporting
Published on22 min read timePlanning for the end from the start of an SMSF
Published in SMS Magazine (November 2020)
- Professional standards