Submitted by Jeffrey Stefan, CPA
Some board members (and occasionally members of management) mistakenly assume that the outside CPA is responsible for the organization's financial statements. The outside CPA is responsible for the auditor's report. Management is responsible for the financial statements and for establishing and maintaining effective internal control. As part of Generally Accepted Auditing Standards (GAAS), the outside CPA is required to obtain management’s representation acknowledging their responsibility for the financial statements.
The governing board engages the outside CPA to perform an audit, and the CPA is responsible for meeting professional standards while performing that audit. In order to properly oversee an organization and its financial matters, board members need to understand how changes in auditing standards will impact the audit performed on their organization.
For example, the AICPA recently issued SAS 99, Consideration of Fraud in a Financial Statement Audit. That SAS doesn't change the auditor's responsibility to plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement, whether caused by error or fraud. Instead, it provides revised and expanded guidance on how the auditor should fulfill that responsibility. The main goal of an audit is still to obtain reasonable assurance about whether the financial statements are free of material misstatement, not to detect fraud. Outside CPAs need to make sure that their clients understand the impact of the new fraud SAS on their organizations. For instance, auditors may need to perform additional procedures to meet the requirements in SAS 99. Those additional procedures may result in more interaction between the auditors and client personnel, additional procedures that weren't performed as part of the prior year audit, as well as increased audit fees. SAS 99 is effective for audits of financial statements for periods beginning on or after December 15, 2002, with early application allowed.
An outside CPA can be a nonprofit's most trusted financial advisor. Because the auditor is knowledgeable about the organization's financial affairs, it can be tempting to think that the auditor can, and should, perform a multitude of services for the organization. It doesn't always work that way, however. Independence rules prohibit auditors from performing services or making management decisions that would result in them auditing their own work during the financial statement audit. Auditors of organizations that receive federal funding face even more stringent independence rules. The highly publicized SEC independence rules resulting from the Sarbanes-Oxley Act currently don't apply to audits of nonpublic (i.e., not publicly traded) companies. However, some state boards of accountancy are considering changes in their independence rules to apply Sarbanes-Oxley's principles more broadly. Nonprofit boards need to be kept informed as these rules change.
Outside CPAs can play a vital role in board education. It's important to note that educating the board is a continuous process rather than a one-time event. That's because many nonprofit organizations have frequent board turnover, and new auditing and accounting standards are issued every year. Outside CPAs are knowledgeable of accounting and auditing standards and how those standards will impact their nonprofit organization clients and their engagements. That allows them to provide board education as an additional service to their clients.
For more information contact Jeff Stefan at jstefan@tatetryon.com
