The Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA) issued new auditing standards ((SAS) No. 134) in May of 2019, which radically changed the form and content of auditor’s reports. This standard affects auditor’s reports on nonpublic entities, and is effective for audits of companies with December 31, 2021 and subsequent fiscal year ends. The reason for the changes to the audit report was to increase the transparency of the audit process and to bring reporting in line to international audit standards.
While the new standards do not affect the results of an entity’s operations (compared to the new lease standards that will impact the balance sheet), it will change engagement letters, required communication letters, and disclosure of audit risks along with the changes in the format of the audit report. If your company or organization has an audit of its December 31, 2021 year end, you need to know what to expect.
Significant changes in the format of the auditor’s report that are across the board
- The “Opinion” section is now required to be the beginning of the auditor’s report. Previously you had to dig through the report and find the opinion near the end of the report.
- There is a new section, “Basis for Opinion,” which must directly follow the Opinion section. This section now states that:
- The audit was conducted in accordance with U.S. GAAS
- The auditor is required to be independent
- The auditor believes that the audit evidence is sufficient and appropriate to provide a basis for the opinion
- There is an expanded description of management’s responsibilities for the financial statements in a section with the heading. This section is now required to include a statement regarding management’s responsibility to evaluate whether there are conditions or events that raise substantial doubt about the entity’s ability to continue as a going concern. While management has always had the responsibility to review any going concern issues, it is now laid out front and center in the audit report.
- There is an expanded description of the auditor’s responsibilities for the audit in a section. These are not new standards the auditor has had to follow, this is just the first time it has been required to be disclosed to the reader of the financial statements. In addition to the description of the auditor’s responsibilities currently included in auditor’s reports, this section also is required to state that:
- The auditor’s objectives are to obtain reasonable assurance about whether the financial statements as a whole are free from material misstatement, whether due to fraud or error, and to issue a report that includes the auditor’s opinion
- Reasonable assurance is a high level, but not absolute, assurance and is not a guarantee that an audit will detect a material misstatement when it exists
- Misstatements are considered material if there is a substantial likelihood that, individually or in the aggregate, they would influence the judgment made by a reasonable user based on the financial statements
- The auditor exercises professional judgment and maintains professional skepticism throughout the audit
- The risk of not detecting a material misstatement resulting from fraud is higher than one resulting from error
- The auditor’s responsibilities include concluding on the entity’s ability to continue as a going concern
- The auditor communicates with those charged with governance about, among other matters, the planned scope and timing of the audit and significant audit findings, including certain significant internal control-related matters that the auditor identifies
These changes do not just affect full GAAP statements. Many entities issue audited statements under the tax basis of accounting, other special purpose frameworks, the cash and modified cash basis, regulatory and contractual bases of accounting. All of these reporting standards will also have new and expanded audit reports.
The new standards now require that significant risks be formally communicated to management. While the format of this communication can be made orally, or via email, typically it will be in the engagement letter. For the first time, it will be disclosed what areas the auditor considers the highest risk in that particular audit (not just generalized audit risks).
Changes that may not affect every statement – Key Audit Matters
The biggest change in the new standards is the added concept of “Key Audit Matters,” or “KAMs”. KAMs are those matters that, in the auditor’s professional judgment, were of most significance in the audit of the financial statements of the current period. Key audit matters are selected from matters communicated with those charged with governance.” Examples of KAMs are:
- Inventory that is difficult to confirm or value
- A merger with a foreign entity
- Discovery of a material fraud
KAMs are listed in the audit report and should be specific to the entity (not generalized risks). Fortunately, the standards do not require KAMs to be disclosed in the audit report, unless the auditor is engaged to report on them. This will require management to discuss with key readers of their financials (grantors, banks, or equity partners) to determine if they will require KAMs and the engagement letter modified as appropriate.
If you have any questions on the new standards, please do not hesitate to contact Kristen Hoyle at Kristen.hoyle@tjtpa.com or at 919-532-7425.