Issues in accounting

Interpretation 101-3: As of January 1, 2005, CPA attesters performing non-audit services have some new rules to observe. The goal is to stop those black eyes.

Numerous lenders, their customers, and their CPAs have learned the hard way that no single CPA firm should perform a spectrum of services for its publicly traded clients. Unfortunately, large consulting and non-audit fees have often led a CPA firm astray, to perform "less rigorous" audits and to otherwise compromise its objectivity. The Sarbanes-Oxley Act of 2002 was Congress's reaction, and the black eye given CPA firms quickly spread to systemic failure for some.

In September 2003, the AICPA's Professional Ethics Executive Committee tried to sort things out a bit and help rebuild the CPA's public image. By amending Interpretation 101-3 of its Code of Professional Conduct, "Performing Non-Attest Services for Attest Clients," effective January l, 2005, the AICPA provided guidance on which services a single CPA firm can and should perform for publicly as well as non-publicly traded companies.

General Provisions

The AICPA now forbids all CPA firms from performing consulting services that entail management duties or functions for clients that receive the same CPA firm's audit, review, or other attestation services. CPAs can still perform compilation services for these clients, as long as their report discloses this lack of independence. To help clarify whether such services constitute prohibited management duties, the client must accept responsibility for the CPA's scope of services. The client and CPA, in essence, become jointly responsible for the CPA's duties. Moreover, client management must designate an employee to oversee the CPA's services.

While CPAs can still perform research or act as a "sounding board" for virtually any type of client support, they must not be perceived as serving as members of management. For example, a CPA can no longer serve as an attest client's internal audit department, since bankers and other members of the public associate internal-auditing duties with management. So the CPA can only assist--not manage---internal audit tasks. If client management still wants to use its auditors to assist the internal audit department, it should:

* Designate competent employee supervisors to oversee the CPA's work.

* Determine any audit risks in using a CPA for these tasks.

* Evaluate both the CPA's and the internal auditor's work--e.g., audit reports and findings.

However, a CPA can perform research and give advice to the client's internal auditors, with the following provisions:

* The internal auditors can accept or reject this advice.

* The client designates a specific internal auditor for the CPA firm to report to.

* The responsible (management) party oversees the evaluation and adequacy of the CPA's work.

* The responsible party monitors the CPA's progress and final output.

* The responsible party accepts (joint) responsibility, for the CPA's work.

Thus, the client must understand the CPA's responsibilities well enough to oversee them. In turn, CPAs should document to the client and in their own records how they meet these new standards, so that reasonable people cannot construe the CPA as supervising client personnel or otherwise serving as part of client management. In essence, CPAs may not perform any task falling under the following seven criteria:

1. Authorize, execute, or have authority for client transactions.

2. Prepare manual or EDP source documents.

3. Have custody of client assets.

4. Supervise normal client activities.

5. Determine which CPA recommendations should be followed.

6. Report to the client's board of directors on behalf of management.

7. Serve as the client's stock transfer/escrow agent, registrar, general counsel, or equivalent.

Specific Provisions

Interpretation 101-3 lists many consulting jobs that CPA attesters can no longer perform, including:

* Bookkeeping services.

* Payroll and other client disbursements.

* Benefit plan administration.

* Investment management.

* Corporate finance consulting.

* Executive/employee search.

* Business risk consulting.

* Client information systems and design.

However, CPAs can still perform certain nonmanagement tasks for the above services. For example, a CPA can still post client-approved entries to the client's trial balance; make client-approved payroll tax payments, per the client's specific written request; and communicate summary pension plan data to the client's pension plan trustee. Moreover, clients can ask their CPA auditors to help screen and solicit qualified employee candidates based on specific client-determined criteria (e.g., number of years of experience and specific educational or certification achievements). However, the CPA may not hire or terminate any client employee.

In addition, this new rule forbids CPA attesters from performing appraisal, valuation, or actuarial services that are material or significantly subjective, such as appraisals for Employee Stock Ownership Plans (ESOPs). However, CPA consultants can perform nonsubjective valuations of pensions for nonfinancial statement purposes.

Alan Reinstein may be contacted by e-mail at a.reinstein@wayne.edu.

[c] 2005 by RMA. Alan Reinstein, CPA, DBA, is the George R. Husband Professor of Accounting at Wayne State University. A frequent contributor to The RMA Journal and other publications, Reinstein's consulting and writing experience includes the areas of litigation support, business valuations, audit committees, and other professional issues.

COPYRIGHT 2005 The Risk Management Association
COPYRIGHT 2005 Gale Group