Independence and Liability Issues for Advisory Services
Business growth, the increase in the complexity of the business environment and increased financial reporting standards have turned risk and compliance into opportunities for CPAs to develop more as a trusted advisor to their clients.
The historical accounting firm model has changed — no longer will compliance services be the foundation of success; tomorrow’s measure of success will be based on advisory services. Through advisory services, a trusted advisor enhances value and develops solutions to assist their clients with critical issues in today’s complicated financial landscape.
There are many factors to consider when providing advisory services, especially when providing attest and nonattest services for the same client; it is imperative that CPAs identify and ensure that the requirements listed in the American Institute of CPAs (AICPA) Code of Professional Conduct have been met. CPAs performing attest and nonattest services for the same client must first determine whether the three AICPA requirements outlined below have been met.
The Code of Professional Conduct defines an attest engagement as “an engagement that requires independence.” Attest services include audits, reviews, agreed upon procedures and other examinations. Examples of nonattest services would be financial statement preparation, cash to accrual conversion and tax return preparation.
Don’t Assume Management Responsibilities
The first general requirement in properly performing advisory services for an attest client is that the CPA does not assume any management responsibilities. Examples of activities that are considered management responsibilities, which would constitute an impairment of the CPA’s independence, include the following:
- Setting policies or strategy direction for the client and directing or accepting responsibility for the actions of the client’s employees;
- Authorizing, executing, consummating transactions or otherwise exercising authority on the client’s behalf or having authority to do so;
- Having custody of client assets and accepting responsibility for the preparation and fair presentation of the client’s financial statements in accordance with the applicable financial reporting framework; and
- Accepting responsibility to design, implement or maintain internal controls.
If the CPA was to assume a management responsibility for an attest client, the management participation threat created would be so significant that no safeguards could reduce the threat to an acceptable level; therefore, independence would be impaired.
Avoid the Appearance of Assuming Management Responsibilities
The second general requirement is to avoid the appearance of assuming management responsibilities. The CPA should be assured that management will assume all management responsibilities, including oversight of the service by designating an individual, preferably within senior management, who possesses suitable skills, knowledge and experience. Management should evaluate the adequacy and results of the services performed and accept responsibility for the results of the services. Again, if management cannot or will not meet its responsibilities, the CPA’s independence will be considered impaired.
Have a Written Understanding
The third general requirement is to establish an understanding with the client, in writing, about the type and level of services to help prevent any misunderstanding with the client. This should outline the objectives of the engagement, the specific services to be performed, an acknowledgement of the client’s acceptance and responsibilities, and the CPA’s responsibilities and any limitation of the engagement.
If the CPA services are only advisory in nature and the CPA applies the “general requirements” for performing nonattest services, threats would be at an acceptable level and independence would not be impaired. It is important to carefully evaluate the circumstances and use judgment to determine whether advice or assistance rendered goes beyond what is acceptable. Some examples of advisory services include research materials and recommendations to assist management in performing its functions and making decisions. Other examples include attending board meetings as a nonvoting advisor; interpreting financial statements, forecasts or other analysis; and providing management with advice regarding its potential plans, strategies or relationships.
Tips to Avoid Liability Issues
Some liability issues to be avoided when offering advisory services include whether to accept a new client and continue servicing a recurring client. A CPA should not accept or continue an association with a client that has a poor or questionable reputation for honesty and business ethics. While professional standards do not mandate any specific checking or communications before accepting a consulting client, it is a practical recommendation that the CPA should check at least one source for reputation (e.g., professionals serving the potential client) and check with a credit evaluation source (e.g., Dun & Bradstreet). An acceptance and continuance form is also recommended for all prospective clients. These forms should be completed in evaluating whether to accept the client.
The most important CPA tool to utilize in order to avoid liability issues is an engagement letter. The engagement letter should be a comprehensive contract and not just a fee agreement. An engagement letter communicates and documents the understanding between the CPA and the client about the services to be performed. Owners and managers of small businesses do not always understand some of the provisions of these agreements. As a result, small business clients may resist signing the engagement letter. The purpose of the engagement letter is to simply define the scope of the work that is going to be performed to prevent differing expectations. Engagement letters define the mutual responsibilities of the CPA and the client. A best-practice approach is to develop standardized engagement letter templates for firm-wide use. It is also important to ensure that the CPA uses the most up-to-date template. When performing different services, the CPA should include specific language for each level of service to be performed or alternatively consider preparing a separate engagement letter. The engagement letter should be addressed to management, those charged with governance or both. By taking the proper measurements, CPAs can mitigate risks and avoid independence and liability issues.
“The percentage of CPA firm revenues coming from consulting services is on the rise,” says Jennifer Wilson, partner and co-founder of ConverganceCoaching LLC. “More and more, firms are seizing opportunities to deliver difference-making consulting services.” Advisory services will indeed be tomorrow’s measure of success for accounting firms.
Desiree Martinez is a senior auditor at Traphagen Financial Group, LLC. She is a CPA Candidate member of the NJCPA and serves on the Accounting and Auditing Standards Interest Group. Desiree can be reached at email@example.com or 201-262-1040 x400.
This article appeared in the July/August 2019 issue of New Jersey CPA magazine. Read the full issue.