Requirements in SSARS 10
Perceptions Raise Interesting Questions
Michael D. Akers and Jodi L. Bellovary
APRIL 2006 - With
the issuance of Statement on Standards for Accounting and
Review Services (SSARS) 10, Performance of Review Engagements,
which is effective for review engagements for periods ending
on or after December 15, 2004, the AICPA Accounting and Review
Services Committee (ARSC) requires accountants performing
review engagements to make inquiries regarding fraud. Furthermore,
the management representation letter must address fraud.
authors reviewed the comment letters that the AICPA received
in response to the exposure draft for SSARS 10 and conducted
a survey of practitioners after the statement was issued.
Both the comment letters and the survey results suggest
a concern that the requirements under SSARS 10 are increasing
public expectations and accountants’ responsibilities
for fraud in review engagements.
its July 2003 meeting, the ARSC considered whether guidance
was needed on how accountants should consider fraud in review
engagements and how accountants should document expectations
developed when performing analytical procedures in review
engagements. In the following months, the staff liaison
to the ARSC prepared drafts of the proposed standard and
revised it based on comments from the ARSC. Between December
2003 and April 2004, the ARSC accepted comment letters on
the exposure draft of the standard. At its April 2004 meeting,
the ARSC revised the draft based upon the comment letters
received and issued the final standard. Based on comment
letters, the ARSC also decided to issue two other documents:
An interpretation providing guidance on communicating
indications of possible fraud or illegal acts to clients,
An issues paper providing guidance on documenting expectations
developed in review engagements.
ARSC issued the standard due to consideration of protection
of the public, the need for more meaningful reviews, and
feedback from the peer review process.
Fraud Requirements Under SSARS 10
10 amends SSARS 1, Compilation and Review of Financial
Statements, primarily by expanding inquiries during
review engagements to include fraud and by requiring that
the management representation letter address fraud. While
SSARS 10 also clarifies and provides additional guidance
regarding review procedures and workpaper documentation,
this article focuses only on the additional fraud requirements.
1, AR section 100.05, “Understanding with the Entity,”
discusses the need for the accountant to establish an understanding
with the client. Included in this is “the understanding
… (a) that the engagement cannot be relied upon to
disclose errors, fraud, or illegal acts and (b) that the
accountant will inform the appropriate level of management
of any material errors that come to his or her attention
and any fraud or illegal acts that come to his or her attention,
unless they are clearly inconsequential.” The ARSC
determined that there was a need for clarification of these
issues and for an explicit outline of the procedures implied
in SSARS 1, and the result was SSARS 10.
10 lists inquiries that accountants should consider making
during a review, including management’s knowledge
of actual or suspected fraud that could materially impact
the financial statements. The statement suggests that the
accountant inquire of management concerning “their
knowledge of any fraud or suspected fraud affecting the
entity involving management or others where the fraud could
have a material effect on the financial statements”
(paragraph 31). Appendix B to the statement, which provides
a list of inquiries for illustrative purposes only, suggests
questions such as “Have there been any instances of
fraud or illegal acts within the entity?” and “Have
there been any allegations or suspicions that fraud or illegal
acts might have occurred or might be occurring within the
accountant may be able to obtain further significant information
by inquiring of management regarding other violations. For
example, Appendix B suggests the following inquiry: “Are
there any violations, or possible violations, of laws or
regulations the effects of which should be considered for
financial statement accrual or disclosure?” Additional
questions may be necessary to obtain sufficient responses.
SSARS 10, management must acknowledge its responsibility
for fraud detection and prevention in the management representation
letter. Management’s written representations must
also disclose knowledge of any actual or suspected fraud
that could have a material impact on the financial statements.
to SSARS 10 Exposure Draft
ARSC received 14 comment letters on the exposure draft.
Seven responses were from practitioners, six were from state
boards and CPA societies, and one was from the AICPA Peer
Review Board. Six of the comment letters expressed concerns
regarding the new fraud requirements. One respondent thought
the ARSC was “requiring procedures that are close
to audit procedures for reviews.” Another response
included a similar comment. Two respondents believed that
the new standard would increase accountants’ liability
and would bring about an increase in litigation. Three responses
expressed concern for increased costs, and four respondents
believed the additional requirements would be burdensome
for small or nonpublic businesses.
ARSC considered the comment letters received, and concluded
that the proposed guidance did not include any new procedures
or responsibilities with respect to the performance of review
responsibilities regarding fraud. Instead, the proposed
guidance clarified what had always existed in the standards
but had not been explicitly stated. As such, the ARSC concluded
that no changes were necessary.
purpose of the survey was to assess practitioners’
perceptions regarding the new fraud requirements under SSARS
10. Specifically, the authors wanted to determine whether
practitioners believe that SSARS 10 will increase their
responsibility for fraud detection as well as their exposure
to legal liability. They also wanted to determine practitioners’
opinions about the reasons for the fraud requirements in
SSARS 10. Last, the authors wanted to learn how practitioners
plan to address the fraud requirements in SSARS 10.
authors surveyed 500 AICPA members who indicated “compilation
and review” as an area of interest. Forty-four (8.8%)
completed surveys were returned. Respondents rated five
statements on a scale of 1 (strongly disagree) to 5 (strongly
agree). The Exhibit
presents the survey statements and mean responses.
on the mean values of responses, respondents agreed that
SSARS 10 was issued primarily to address public expectations
with regard to fraud. Respondents also agreed that SSARS
10 will increase exposure to legal liability for review
engagements and responsibility for fraud detection.
authors’ findings led them to propose two questions:
If these additional procedures lead to increased litigation
costs for review engagements, and there is evidence that
litigation costs continue to increase for audit and assurance
engagements, do the benefits exceed the costs?
Will these new procedures lead to an expectation gap with
respect to review engagements, similar to audit and assurance
opinions were fairly neutral concerning the comment that
their firm intends to expand procedures to go beyond making
client inquiries regarding fraud based on the new SSARS
10 requirements. The
findings suggested that respondents disagree that in the
future accountants will have the same level of responsibility
for fraud in review engagements that auditors have in audit
were also asked to provide written responses to three questions.
procedures. Respondents were asked: “If
procedures will be expanded, what additional procedures
will be included?” Six respondents were unsure what
additional procedures will be performed. One respondent
indicated that the firm intends to drop all of its review
clients. Other responses indicated the following:
The firm was considering using audit procedures.
The firm planned to perform a more detailed review of
The firm would clarify the understanding of its responsibility
related to fraud in the engagement and representation
Currently, all review engagements are approved by all
partners prior to the acceptance of the engagement. Additional
procedures may include a fraud assessment of the client
prior to acceptance.
of SSARS 10. The second question was: “In
your opinion, what was the primary purpose of including
fraud inquiries and management representation regarding
actual or suspected fraud in SSARS 10?” Responses
tended to include some reference to public expectations.
Examples included the following:
To make people aware.
Public perception of widespread management fraud.
Public reaction to high-level fraud in publicly held companies.
To address public expectations.
An attempt to satisfy the public perception of CPAs after
respondents thought that the primary purpose of including
fraud inquiries was to establish an understanding with the
client regarding fraud and to enhance the awareness of management
and accountants. Several respondents indicated a belief
that SSARS 10 is moving the review engagement requirements
toward audit requirements—for example, to eliminate
the review engagement in favor of an audit and to bring
review standards in line with auditing standards.
procedures prior to SSARS 10. Last, respondents
were asked: “Prior to the issuance of SSARS 10, did
you include fraud procedures in review engagements?”
Twenty-six respondents indicated that they did not specifically
include fraud in review engagements prior to SSARS 10. Several
stated that they would follow up on any unusual relationships
or findings during a review engagement. One respondent included
fraud inquiries in its review checklist already. Two respondents
included specific procedures, such as testing check signing
and endorsements and reviewing accounts susceptible to fraud.
Several respondents inquired about fraud during interviews
or addressed fraud in the representation letter.
SSARS 10 Necessary?
engagements provide limited, not positive, assurance. While
additional inquiries and disclosures in management’s
representation letter should be relatively easy to incorporate,
the authors could find no substantive reasons for these
procedures to be considered necessary. The question, however,
is whether performing such procedures increases public expectations
for the detection of fraud.
from the exposure draft and the findings of the authors’
survey of practitioners who perform reviews suggest that
the additional fraud requirements in SSARS 10 were adopted
to meet public expectations. Yet no evidence suggests that
review engagements were not meeting public expectations
with regard to fraud.
the additional procedures expose accountants to increased
litigation? The authors’ findings suggest that respondents
believe SSARS 10 will result in additional exposure to legal
liability. With the additional fraud requirements in SSARS
10, the public may hold accountants to a higher level of
responsibility for review engagements, which could lead
to increased litigation.
D. Akers, CPA, CMA, CFE, CIA, CBM, is a professor
and the chair of the department of accounting and the Charles
T. Horngren Professor of Accounting at Marquette University
Jodi L. Bellovary, CPA, is a graduate student
at the University of Wisconsin–Madison.