Performing and Documenting Review Engagements

New Guidance Under SSARS 10 and SSARS 11

By Thomas A. Ratcliffe

Applicable to both compilation and review engagements, SSARS 11 establishes a hierarchy of the technical literature and other publications. While SSARS 11 is not expected to have a significant impact on how compilation or review engagements are performed, it will distinguish the literature with standards that must be followed from guidance that is available to help.

Performing the Review Engagement

The objective of review engagement procedures is to provide a reasonable basis for communicating any material modifications that must be made to the financial statements for them to be in conformity with generally accepted accounting principles (GAAP) or, where applicable, with an other comprehensive basis of accounting (OCBOA). The primary review engagement procedures are generally limited to performing analytical procedures and making inquiries of management. Other review engagement procedures might include reading reports for subsidiaries or investees of the primary reporting entity. Also, as in compilation engagements, the financial statements under review must be read for compliance with GAAP or OCBOA.

Review engagements do not require an understanding of internal control–related issues, testing of accounting records, corroboration of responses to inquiries, or any other procedures typically associated with a financial statement audit. A CPA engaged for a financial statement review should possess knowledge of the accounting principles and practices in the client’s industry and an understanding of the business in order to perform the appropriate analytical review and inquiry procedures to provide the limited assurance that no material modifications must be made to the financial statements to bring them into conformity with GAAP or OCBOA.

A CPA should perform analytical procedures in all review engagements. These procedures help identify, and provide a basis for, any necessary inquiries about relationships and individual items within the financial statements that may indicate a material misstatement.

Analytical procedures in review engagements should include the following:

• Developing expectations by identifying and using plausible relationships that are reasonably expected to exist for the reporting entity and its industry.
• Comparing recorded amounts, or ratios developed from recorded amounts, to the expectations.

Effective analytical procedures cannot occur without first developing expectations related to the results of those procedures. This requirement has existed in the performance of analytical procedures since the issuance of SSARS 1. SSARS 10 creates a new requirement to document significant expectations where those expectations are not otherwise readily determinable from other documentation of work performed in the engagement.

In addition to analytical procedures, SSARS 10 adds to the SSARS 1 inquiries for consideration in review engagements:

• The status of uncorrected misstatements identified during the previous engagement (if applicable).
• Knowledge of fraud or suspected fraud affecting the entity involving management or others, where the fraud could have a material effect on the financial statements (e.g., communications received from employees, former employees, or others).

Unlike audit engagements, review engagements do not require the incorporation of uncorrected misstatements into the management representation letter. The status of these uncorrected misstatements must be understood, however, because of the potential impact on the current-year review engagement. Like audit engagements, there is a parallel requirement, established in SSARS 10, for representations related to fraud to be incorporated into the management representation letter. Essentially, because misstatements in the financial statements could be unintentional (error) or intentional (fraud), SSARS 10 requires inquiries about fraud and representations about fraud in the management representation letter.

If the Answer Is Yes

In response to feedback on the exposure draft that ultimately became SSARS 10 requesting guidance for cases when a fraud inquiry received a “yes” answer, the ARSC released Interpretation 26, Communicating About Possible Fraud to Management and Others, simultaneously with SSARS 10. Interpretation 26 applies to both compilation and review engagements when fraud is suspected, and expands on SSARS 1, paragraph 5. Essentially, whenever fraud is suspected to have occurred, the matter should be brought to the attention of the appropriate level of management unless the fraud is considered to be clearly inconsequential. If the suspected fraud involves senior management, the matter should be reported to an individual or group at a higher level within the reporting entity (e.g., the owner/manager or the board of directors). Additional procedures to ascertain whether fraud has occurred or the probability that fraud has occurred are not required.

Paralleling the guidance in AICPA Code of Professional Conduct Section 301, Confidential Client Information, Interpretation 26 clearly stipulates that the disclosure of possible fraud to parties outside the reporting entity ordinarily is not a CPA’s responsibility and ordinarily would be precluded by ethical or legal obligations of confidentiality. In the following circumstances, however, a duty to disclose a fraud issue to parties outside the entity might exist:

• To comply with certain legal and regulatory requirements.
• To notify a successor accountant, if the successor communicates with the predecessor accountant regarding acceptance of an engagement.
• In response to a subpoena.

Because the ethical and legal obligations for client confidentiality are complex, it is usually wise to consult legal counsel before disclosing suspected fraud to parties outside the reporting entity.

Documenting the Review Engagement

CPAs should document work performed in a review of financial statements; the form and content of the documentation reflect the circumstances of the engagement. Review engagement documentation is the principal record of procedures performed and conclusions reached. Because each review engagement is unique, it is not possible to specify the form and content of review engagement documentation for all engagements. Documentation should, however, include any significant findings or issues that arose.

Review engagement documentation should include the following:

• Matters covered in inquiry procedures.
• Analytical procedures performed.
• The significant expectations used in analytical tests, and the factors considered in the development of these expectations if they are not otherwise readily determinable in other workpaper documentation.
• Results of the comparison of expectations to recorded amounts or computed ratios.
• Any additional procedures performed in response to significant unexpected differences and their results.
• Any unusual matters considered during the performance of review procedures, including the disposition of those matters.
• The management representation letter.

SSARS 10 includes a significant new requirement to document significant expectations used in analytical tests. While effective analytical tests cannot be performed without developing expectations for recorded amounts or ratios, the requirement to document the significant expectations is new. The Exhibit provides an example of how to document expectations for analytical tests in review engagements. The ARSC has developed a revised management representation letter that incorporates the provisions of SSARS 10; it is available at www.aicpa.org/members/div/auditstd/
Revision_of_Appendix_F.htm.

Compilation/Review Engagement Hierarchy

CPAs must perform compilation and review engagements in accordance with SSARSs. SSARSs provide a measure of quality, and the objectives to be achieved, in these engagements. Because of the wealth of literature about compilation and review engagements, SSARS 11 provides the following hierarchy for the literature:

• Level I: SSARSs. These documents should be followed in the performance of both compilation and review engagements.
• Level II: Interpretive publications. These consist of Interpretations of the SSARSs, appendices to the SSARSs, applicable AICPA accounting and auditing guides, and applicable AICPA Statements of Position (SOP). These interpretive publications should be considered and, when they apply, followed.
• Level III: Other compilation and review publications. These include AICPA accounting and review publications not included within Level I and Level II; the annual AICPA Compilation and Review Alert; compilation and review articles in the Journal of Accountancy; other professional journals; compilation and review articles in the AICPA’s CPA Letter; continuing professional education programs and other instruction materials, textbooks, guidebooks, compilation and review programs, and checklists; and other compilation and review publications from state CPA societies, other organizations, and individuals. Although not authoritative, such sources may aid in understanding and applying the guidance contained in the SSARSs.

Effective Dates

Because SSARS 10 both clarifies and expands the requirements for review engagements, its effective date is for reviews of financial statements for periods ending on or after December 15, 2004. Because SSARS 11 should not affect the performance and documentation of either compilation or review engagements, the compilation and review engagement hierarchy literature became effective upon issuance of the document.

Close