The American Institute of Certified Public Accountants (AICPA) Auditing Standards Board issued a suite of new auditing standards – Statements on Auditing Standards (SAS) 134-140 – that impacts several aspects of an audit to include, but not limited to, modifying the auditor's report and communication to those charged with governance as well as requiring additional audit procedures over related party relationships and significant unusual transactions.
These new pronouncements are effective for private entities with periods ending on or after Dec. 15, 2021. Therefore, if your entity's year-end is a calendar year-end of Dec. 31, 2021, or a fiscal year-end date any time after Dec. 15, 2021, these changes apply.
Changes to the Auditor's Report
Every audited entity strives for a "clean" or unmodified audit opinion. No longer do users of the financial statements need to read through an entire auditor's report, or as some may do, skip to the end to find the opinion. The revised auditor's report features an increased prominence of the opinion by presenting the opinion first followed by the basis for the opinion given.
Following the opinion comes a more detailed description of both management's and the auditor's responsibilities for the audit. Such responsibilities laid out in the auditor's report include, but are not limited to, management's required evaluation as to whether there are conditions and events, considered in the aggregate, that raise substantial doubt about the entity's ability to continue as a going concern for a reasonable period of time when required by the applicable financial reporting framework; and the auditor's responsibility to obtain reasonable assurance, exercise professional judgement and to design audit procedures responsive to the assessed risk of material misstatement.
While the auditor's report is lengthier than that of the past, the added language provides a clarification of management and auditor responsibilities during the audit and is responsive to the needs of financial statement users by presenting the opinion prominently at the beginning of the auditor's report.
Key Audit Matters
The presentation of key audit matters (KAMs) is a new concept to the audits of nonpublic entities in the US. Similar concepts exist in International Standards on Auditing (ISA) and in audits in the U.S. performed under the standards promulgated by the Public Company Accounting Oversight Board (PCAOB).
KAMs are matters presented in the auditor's report that, in the auditor's professional judgment, were of most significance in the audit of the financial statements of the current period. These generally are matters that are communicated to those charged with governance and include reporting on areas of higher risk of material misstatement, areas of the financial statements that involve significant judgment or significant events or transactions occurring during the current year audit. The intent of KAMs is to provide greater transparency to users of the financial statements regarding the audit performed providing insight as to where risks may be and what areas of the audit required significant audit attention.
The presentation of KAMs is not required for nonpublic entities, however, an entity may elect to engage their auditor to communicate KAMs. Those electing to engage their auditor to communicate KAMs should understand that KAMs is not solely an addition or extension of the auditor's report. Behind that additional language is a significant amount of additional work performed by the audit team in properly identifying, assessing and communicating KAMs.
Look for additional communications with those charged with governance regarding significant risks identified during planning for the audit engagement. As with most of the amendments in the new auditing standards, the intent is to provide additional transparency into the audit process. Entities should be on the lookout for this sort of communication during the normal planning period of the audit and be open to discussing these matters with their auditor to continue to enhance the auditor/client relationship.
The new standards require additional procedures over related parties and related party transactions inclusive of testing for related party transactions that have not been appropriately authorized or instances where exceptions to the entity's established related party transaction policies have been granted. Additional testing procedures are also now required over the completeness and accuracy of the related party relationships and transactions.
This means additional documentation, additional questions and potentially additional audit time. Therefore, it is important to expect more questions or requests never made in prior year audits and understand that with those additional requests and questions come additional audit effort.
Other Information Included in Annual Reports
Changes have been made to clarify the auditor's responsibility for other information included in an entity's annual report as extant standards were not always clear what was in scope for these requirements. The new standards clarify that the auditor's responsibility to perform procedures over other information is limited to considering whether a material inconsistency exists between the other information and the audited financial statements. Further, to help reduce the confusion in the existing requirements, the auditor is now required to obtain a written acknowledgment from management which defines the contents of the annual report (for which the auditor is responsible).
Planning for Success
Change can be difficult, but proper lines of communication and a mutual understanding of the impending change will undoubtedly result in a successful outcome. Management and their auditors should start discussing the impact of these changes as soon as feasibly possible to set each party up for success in the coming audit season.