The AICPA and PICPA codes of professional conduct1 set out guidance and rules to members of each organization as they carry out their professional responsibilities. They consist of principles, rules, and interpretations related to the performance
The rules apply to all professional services performed by members. According to Rule 1.300.01, General Standards, members must possess professional competence for all engagements they accept and expect to complete in an appropriate manner; they must exercise
due professional care in the performance of professional services; they will adequately plan and supervise the performance of professional services; and they will obtain sufficient relevant data to form a reasonable basis for conclusions and recommendations
in providing professional services.2 Furthermore, Rule 1.310, Compliance with Standards, requires members to comply with the standards applicable to the services they perform, whether that be attest engagements, management consulting, tax,
or another professional service.
The most common referrals for ethics investigations result from regulatory agencies reporting that a CPA is in violation of General Standards and Compliance with Standards. Usually in these instances, members had undertaken engagements for which they
did not have the necessary professional competence or did not take due professional care in performing services, thus failing to be in compliance with applicable standards.
So, CPAs performing audits must comply with Generally Accepted Auditing Standards (GAAS) in all areas of completing the engagement. As business transactions become more complex, auditors may find it necessary to use the work of specialists. AU-C Section
620 defines the responsibilities of auditors when using the work of a specialist. But using the work of a specialist does not alter the fact that the auditor is solely responsible for the audit opinion expressed. The auditor must ascertain that the
work of the specialist is sufficient for the purpose of auditors to form and express an opinion on the financial statements. To arrive at a conclusion that the work of the specialist is adequate, the auditor should be satisfied with the technical
competence of the specialist and evaluate the specialist’s objectivity for the auditor’s purposes. Such evaluation should include inquiry pertaining to the interests and relationships that may create a threat to integrity and objectivity.
The auditor should complete risk assessments applicable to the subject matter as well as the specialist.
One of the matters identified in the guidance where auditors may need a specialist would be in the analysis of complex or unusual tax planning for reporting and compliance issues. This situation, then, would require an expert in tax law. CPAs who have
knowledge in accounting and auditing should use their professional judgment in ascertaining the qualifications of the specialist. Items to consider are whether the client company’s management used a specialist in the preparation of financial
statements, the nature and significance of the matter in question, its complexity, the risks of material misstatements related to the matter, and steps to be taken to respond to the risks identified.
The nature, timing, and extent of audit procedures may need to be modified to ensure that the auditor adheres to relevant auditing standards and remains in compliance with respect to standards, both in the technical subject area and in the risk assessment.
Certain procedures are necessary in evaluating the adequacy of the specialist’s work, such as reviewing working papers and reports, performing corroborative work, reviewing published data from authoritative sources, executing detailed analyses,
and, if need be, having discussions with another specialist with relevant expertise. Obtaining sufficient and appropriate audit evidence to support an independent audit opinion requires more than management representations and work performed by other
parties at management’s request, especially when it involves complex issues that have a material effect on the financial statements.
Insufficient risk assessment in audits is often identified as an issue in peer reviews. Performing audits in agreement with GAAS requires identifying the risks of material misstatements and understanding the client and its internal control, assessing
the risks, then designing and selecting procedures that respond to the risks. If complex issues are present, auditors should address it in the risk assessment consideration, and plan and perform audit steps to gain sufficient evidence to support the
forming of an opinion. This may involve the use of a specialist. This should be independent of, and separate from, the work performed by management’s own specialist used in preparation of the financial statements and disclosures. Consideration
of the risk of misstatement needs to include both the financial statement level and the relevant assertion level for significant items, whether they involve transactions, account balances, or disclosures.
In an age of highly technical tools used to complete much of the detail work of audits, CPAs are called on to maintain sufficient professional skepticism of certain positions taken by their clients in preparing their financial statements.
CPAs are given some latitude to use professional judgment to determine how best to conclude the need to engage a specialist in the performance of the audit, disclose it, and obtain consent from the client. A general disclosure may be appropriate within
the engagement letter. The client’s acceptance of the engagement letter with this detail in it would effectively constitute consent. In more sensitive situations, specific disclosures and signed consents may be more appropriate.
A U.S. company in the service industry has operations in the United States as well as overseas. It projects that its international business will expand and grow rapidly. The company is privately held, but to continue to expand it is looking for a strategic
buyer who can expand its client base and service offerings. A lawyer sits on the company’s board and owns some shares in the company. To increase the value of the company to a strategic buyer, the lawyer suggests that the company engage his
law firm to do some international tax restructuring and planning to decrease the foreign taxes the company is paying, thereby increasing the company’s annual earnings. Theoretically, this would increase the price a strategic buyer would be willing
to pay for the company.
The company engaged the law firm to do the international tax plan, and the company booked a fairly large tax benefit annually associated with the international tax planning. The lawyer tasked an inexperienced associate to design and implement the plan,
and there was no supervision or oversight of the associate by a more experienced attorney. The company paid the law firm significant fees to implement the tax plan.
The company had difficulty getting the global consolidated balance sheet to balance after the plan was completed, and decided to plug the difference to retained earnings to achieve balance. The auditors of the company’s financial statements permitted
the company to annually book the benefit from the tax plan, and made no inquiry or follow-up regarding the plug entry to retained earnings. The audit firm was also the preparer of the company’s tax returns; it took the benefit on the tax returns
but did not report or disclose the transaction that allegedly created the benefit. The auditor did not have expertise in international tax, and relied solely on the law firm as a “specialist.” The company did not want to pay additional
fees to the auditor to examine the planning, and suggested that the auditor should be able to rely on the law firm’s plan. The company told the audit firm that the international planning used was commonly done by other multinational companies.
However, there was no memo, tax opinion, or documentation of the transaction. There was only a board PowerPoint presentation that outlined the high-level benefit of doing the planning, but no details about how it would be done.
A few years later, a strategic buyer had been identified. The buyer engaged a firm for financial and tax due diligence. The due-diligence firm examined the international tax planning that was done, and concluded that not only should the tax benefit not
have been booked, but also that the plan actually cost the company millions of dollars of additional tax. An independent international tax expert was brought in by the company and its shareholders to review the international tax planning and determine
if the due-diligence firm was correct in its assessment.
The due-diligence firm was correct in its assessment, and the tax benefit should not have been booked. The plug to retain earnings was the gain that should have been recognized from the restructuring transaction that caused the additional tax to arise.
What had been done could not be unwound, and the buyer demanded that the company amend prior returns and pay the additional tax due. The buyer reduced the offer of what it was willing to pay for the company. The company’s other shareholders
sued the lawyer, the law firm, and the audit firm. An arbitrated out-of-court settlement was reached.
The auditor missed several crucial steps to avoid this outcome. The primary one was that it should have looked for potential conflicts, and then tailored its work plan and audit process accordingly. More independent work and analysis should have been
done, as it is inappropriate to rely completely on someone else’s work. The auditor should either have gained the expertise needed or engaged someone who had it. As the codes of conduct make clear, a CPA “shall not … subordinate
his or her judgment to others.”
The CPA needed to ensure that proper and complete documentation and analysis existed regarding the transaction. There is nothing in accounting principles and the accounting profession that would permit a plug entry to make everything balance. Yes, clients
may be difficult, but an auditor must not yield to bullying. If a client is being unreasonable, it is probably not worth keeping the client. Here, the auditor ended up paying much more to settle the case than it ever made from the audit and tax work
it did for this client.
CPAs are being pressed to bring ever more value to their clients. When bringing value, however, we need to be cognizant of what the downside risk might be. All the focus in this case was on the benefit. The potential downside risks and costs were never
identified. A more balanced approach needed to be taken.
The values that the CPA profession brings to the table are integrity, objectivity, and acting in accordance with a code of conduct that includes general standards of professional competence and compliance with all standards applicable to the engagement.
That was really what went wrong in the case study provided. The auditor failed to uphold the required standards in performing the audits, and did not follow the code of conduct with respect to the general standards and compliance with standards. The
CPA could have been better protected if it did the necessary work to determine if the benefit could, in fact, be booked.
Complex and difficult issues occur. How we, as CPAs, handle them is key to safeguarding the integrity for which the profession stands. Auditors, especially, should ensure that they are in compliance with the code of conduct to uphold the integrity of
1 PICPA’s Code of Professional Conduct mirrors the AICPA Code of Professional Conduct, with a few exceptions related to discrimination, harassment, and confidential information, as well as failure to cooperate in ethics investigations.
2 AICPA Code of Conduct 1.300.001, General Standards.
Ibolya Balog, CPA, is a consultant for Asterion Inc. in Allentown and 2019-2021 chair of the
Pennsylvania CPA Journal Editorial Board. She can be reached at firstname.lastname@example.org.
Andrew M. Bernard Jr., CPA, is a managing director for Andersen Tax LLC in Philadelphia and a member of the Pennsylvania CPA Journal Editorial Board. He can be reached at email@example.com.