Peer review update and regulatory updates
1 / 69

Peer Review Update and Regulatory Updates - PowerPoint PPT Presentation

  • Uploaded on
  • Presentation posted in: General

Peer Review Update and Regulatory Updates. Presenter. Janice L. Gray , CPA, CVA, CFF Oklahoma Accountancy Board Board Vice Chair. Disclaimer.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.

Download Presentation

Peer Review Update and Regulatory Updates

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript

Peer Review UpdateandRegulatory Updates


Janice L. Gray, CPA, CVA, CFF

Oklahoma Accountancy Board

Board Vice Chair


Any views expressed in this presentation are those of the presenter and do not necessarily represent the views of the Oklahoma Accountancy Board.


Common Non-Compliance with

Professional Standards

Peer Review Data Gathering Project

  • Peer Review Staff have compiled and analyzed 443 MFCs related to engagements with years ending during 2010 and 2011

  • Common areas of non-compliance include the following:

    • ASC 740-10-50-15

      • Example: Disclosures required by professional standards for information related to uncertain tax positions such as accounting policy and the tax years subject to examination were not included in the footnotes

    • AU 530

      • Example: Audit report is dated prior to completion of all required procedures

Peer Review Data Gathering Project

  • Common areas of non-compliance include the following:

    • AU 339

      • Example: Procedures were noted as “done” in the audit program with no documentation supporting the specific procedures performed

    • AU 380

      • Example: No documentation of the communication with those charged with governance

    • AU 312 and 314

      • Example: No documentation of the auditors understanding of information technology and the associated risks

Other Common Areas of Non-Compliance

  • Issues with ET 101-3 Performance of Nonattest Services

    • Lack of documentation of understanding with the client regarding nonattest services

  • Issues with report language

    • No indication that financial statements omitted substantially all disclosures

    • Report does not cover all periods presented in the accompanying financial statements

    • Report does not explain the degree of responsibility firm is taking with respect to supplementary information

    • Report did not state that it was a comprehensive basis other than GAAP

Other Common Areas of Non-Compliance

  • Issues with SAS 99 Consideration of Fraud in a Financial Statement Audit including:

    • Discussion among engagement personnel

    • Inquiries of management

    • Specific risks identified

    • Consideration of nonstandard journal entries

  • Various Omitted Disclosures including:

    • Concentration of credit risk

    • Notes payable does not disclose rates and maturity dates

    • Policy for accounting for notes receivables and capital leases

Other Common Areas of Non-Compliance

  • Management Representation Letter issues including:

    • Representations regarding fraud

    • Letter did not cover prior period on comparative statements

    • Letter was not appropriately modified when no attorney was consulted

Pre-engagement and Planning Activities

  • Most common audit planning deficiencies include a failure to:

    • Use the firm’s designated accounting and auditing materials developed by a third party

    • Use a written audit program

    • Include references to client responsibilities regarding fraud in engagement letter

    • Assess and document levels of materiality and tolerable misstatement used and the basis for those levels

    • Documentation of communication between predecessor and successor auditors

Risk Assessment and Developingthe Detailed Audit Plan

  • Most common performance deficiencies include a failure to:

    • Document the use of analytical procedures to determine the nature, timing and extent of audit procedures

    • Consult industry audit and accounting guides

    • Perform or document the engagement team discussion regarding the susceptibility of the entity’s financial statements to misstatement due to error or fraud

    • Document consideration of internal control

    • Assess or document the risk of fraud

Risk Assessment and Developingthe Detailed Audit Plan - Continued

  • Most common performance deficiencies include a failure to:

    • Document the assessment of risks, significant risks identified and the related controls and the overall responses to address the assessed risks of misstatement

    • Tailor audit programs for specialized industries or for a specific type of engagement – such as significant areas of inventory and receivable balances

Performing Further Audit Procedures

  • Most common related to performing further audit procedures include a failure to:

    • Observe inventory when amount is material

    • Confirm significant receivables or document appropriateness and utilization of other audit techniques

    • Test for unrecorded liabilities

    • Review loan covenants relating to current and long-term liabilities

    • Perform cut-off procedures

    • Perform ade3quate tests and sufficient documentation in key audit areas.

    • Adequately document the performance of substantive analytical procedures and related expectations

General and Completion Procedures

  • Engagement performance deficiencies regarding general and completion include a failure to:

    • Document the review of board of director minutes

    • Document consideration of nonstandard journal entries

    • Perform a review of subsequent events

    • Request a legal representation letter or include in management rep letter

    • Obtain a client management representation letter and/or include key components in the letter

    • Ensure that the dating of the rep letter and the date of the auditor’s report is the same

General and Completion Procedures – Contd.

  • Engagement performance deficiencies regarding general and completion include a failure to:

    • Document nontrivial uncorrected misstatements and a conclusion about whether the uncorrected statements individually or in the aggregate cause the statements to be misstated and the basis for that conclusion.

    • Document significant deficiencies in internal control

    • Ensure that all steps in audit programs are signed off

    • Perform and document and adequate review of the engagement workpapers and/or the auditor's report and accompanying financial statements by the engagement partner prior to the issuance of the auditor’s report.

Peer Review Exposure Draft

  • Exposure draft issued June 1, 2012 – Comments due August 31, 2012

    • Would require that all examinations performed under the Statements on Attestation Engagements (SSAEs) be required to have a system review.

    • Would add SOC 1 and 2 engagements to the list of engagements that must be selected during a system review.

AICPA Peer Review Web Resources

  • Peer Review Standards

  • Peer Review Standards Interpretations

  • Report Acceptance Body Handbook

  • Peer Review Alerts

  • System and Engagement Review checklists



Engagement Quality Control Review

  • Establish firm criteria for determining whether an engagement quality control review should be performed,

  • Evaluate all engagements against the criteria

  • Perform an engagement quality control review for all engagements that meet the firm’s criteria, and complete the review before the report is released.

  • Establish procedures addressing the nature, timing, extent and documentation of the engagement quality control review.

EQCR - Procedures

Perform - objective evaluation of the significant judgments made by the engagement team, and the conclusions reached in formulating the report.

  • Read financial statements and report, considering whether report is appropriate

  • Review selected engagement documentation, evaluating significant judgments and conclusions of engagement team

  • Discuss significant findings and issues with engagement partner

    Note - extent of EQCR procedures depends on the complexity of engagement and risk that report might not be appropriate in the circumstances.

Peer Review Statistics

  • System Reviews (2007-2009)

    • 91% Pass

    • 7% Pass with deficiencies

    • 2% Fail

  • Engagement Reviews (2007-2009)

    • 91% Pass

    • 8% Pass with deficiencies

    • 1% Fail

Reasons for Report Modifications

  • Reasons for Report Modifications (2009)

    • Leadership (“tone at the top”) – 3%

    • Ethical Requirements – 2%

    • Client Acceptance/Continuance – 3%

    • Human Resources – 13%

    • Engagement Performance – 55%

    • Monitoring – 23%

Recent Changes in

Public Interest

Single Audit Quality Concerns (PCIE Report)

  • Scope:June 2007 PCIE Report covered 208 out of 38,000 single audits performed in 2002/2003

  • Report Results/Concerns:

    • Acceptable 49%

    • Unacceptable/Limited reliability 51%

  • Findings:PCIE Reports Areas of Improvements Needed

    • Internal control, compliance, documentation, sampling, due professional care

Single Audit Quality Concerns (PCIE Report)

Frequent Single Audit Violations

  • Major program determination (missed major program—look back rule)

  • Percent of coverage

  • Incorrect threshold for major program determination

  • Improper identification of clusters (missing programs)

  • Failure to test all major programs within clusters

  • Not including all grants within a CFDA #

  • Internal control documentation and compliance testing

Practice Monitoring Task Force (PMTF)

  • Initial Areas of Focus:

    • Establish consistent measures of A-133 deficiencies

    • Develop guidance and training materials for peer reviewers

  • Task Force’s Initial Activities:

    • Meeting with OIGs to discuss Peer Review process and comparing to QCR process

    • Brainstorming session to consider comments and recommendations received from IGs

PMTF Actions Taken

  • Interpretation 63-1a revised to ensure selection of an A‑133 engagement

  • Revised engagement profile to require firm to provide additional information

  • Bifurcated engagement checklists to focus reviewer’s attention on frequent violations

  • Enhanced peer review acceptance process

Enhanced A-133 Acceptance Process Findings (So Far)

  • Missed major programs

    • Failed to combine federal expenditures for the same CFDA number

    • Failed to combine federal programs that are required to be clustered

    • Failed to identify as a major program that was not audited in one of the last two years

  • Failing to audit a program that should have been clustered with a program that was audited as major

  • Improperly identifying auditee as low risk

Employee Benefit Plans

  • DOL continues to see problems in Employee Benefit Plan audits

  • AICPA collaborating with regulators to improve peer review

  • Expanded peer review checklist

  • Separately identify 403(b) engagements

  • Creating 403(b) webinar


  • PCAOB may now inspect broker-dealers

  • Carrying broker-dealers are now a “must select”

  • Checklist for broker-dealer audit engagements developed by AICPA Peer Review Team

Peer Review at the OAB

  • Peer Review

  • Peer Review Oversight Committee (PROC)

  • Compilations

The Law –15.1A. Definitions

5. “Attest” means providing the following financial statement services:

a. any audit or other engagement to be performed in accordance with the Statements on Auditing Standards (SAS),

b. any review of a financial statement to be performed in accordance with the Statements on Standards for Account and Review Services (SSARS),

c. any report performed in accordance with the Statements on Standards for Attestation Engagements (SSAE), and

d. any engagement to be performed in accordance with the Auditing Standards of the Public Company Oversight Board (PCAOB).

The Law – 10:15-30-A


As a condition for issuance or renewal of permits, the Board may require applicants who perform review or audit services to undergo peer reviews conducted not less than once every three (3) years.

NEW LAW EFFECTIVE – August 26, 2011

As a condition for issuance or renewal of permits, the Board may require applicants who perform attest services, except compilations and those services described in subparagraph d of paragraph 5 of Section 15.1A of this title to undergo peer reviews conducted not less than once every three (3) years.

PROC Operating Statement

“To evaluate and monitor the Peer Review Program established by the Oklahoma Accountancy Board to provide reasonable assurance that the American Institute of Certified Public Accountant’s Peer Review Program Standards are being properly administered in the State of Oklahoma making referrals to the Oklahoma Accountancy Board as needed for further action as needed.”


To evaluate and monitor the peer review program established by the Board to provide reasonable assurance that the AICPA Peer Review Program standards are being properly administered in the state of Oklahoma making referrals to the Board for further action as needed. (10:15-33-7)

Objectives and Procedures

Ensure that peer reviews are conducted in accordance with AICPA Standards for Performing and Reporting on Peer Reviews. (10:15-33-7e3)

Objectives and Procedures

  • Regularly communicate results of PROC operations. (10:15-33-7a3)

  • PROC will meet and report activities to the Board at least quarterly

  • Annually report conclusions and recommendations regarding evaluation and monitoring of peer review program to Board

  • Communicate problems encountered to sponsoring organizations as needed

THE BOARD - Our Mission

The mission of the Board is to safeguard the public welfare by prescribing and assessing the qualifications of and regulating the professional conduct of individual registrants and registered firms authorized to engage in the practice of public accounting in the State of Oklahoma.

Oklahoma Accountancy Board

  • Vicky Petete, CPA, ChairAda

  • Janice L. Gray, CPA, Vice Chair Norman

  • Jay Englebach, CPA, SecretaryOklahoma City

  • Mike Sanner, CPA, Jones

  • Barbara A. Ley, CPAOklahoma City

  • Jody M. ManningBristow

  • Karen Cunningham, Public MemberOklahoma City

National Association of State Boards of Accountancy (NASBA)

Oklahoma Representation

  • Janice L. Gray, CPA

  • Member of the NASBA Board – SW Regional Director

  • Chair of the NASBA Compliance Assurance Committee

  • Member of the NASBA Relations with Member Board

  • Committee

Carlos Johnson, CPA

Member of the NASBA Board, at large member

Chairman of the NASBA Uniform Accountancy Act Committee

Member of the NASBA State Board Relevance and Effectiveness Committee

NASBA Chair Elect Nominee

Barbara Ley, CPA

Member of the AICPA State Board Examination Liaison Committee

  • Vicky Petete, CPA

  • Member of the NASBA Accounting & Finance Committee

Birth Month Registration

  • 15.14D of the Oklahoma Accountancy Act is as follows:

    • “…all valid Certificates or Licenses shall be renewed based on staggered expiration dates on the last day of the individuals’ birth months. Renewal will be effective for a twelve-month period.”

  • Everyone must complete the Annual Registrant Reporting form

  • You can renew your registration on the OAB website! Birth Month registration began in January, 2012.

Firm Registration

New registration system is open and has been for a few weeks. You have until June 30 to register.

There have been issues with the process Board Staff is working hard to get this corrected.

If you have issues call the Board staff and they will help walk you through the process

Continuing Professional Education (CPE)

  • Requirements

  • 120 CPE hours within a rolling three calendar year period, with a minimum of 20 hours in a calendar year

  • 4 hours of Ethics every 3 years

  • 4 hours of CPE in Compilation if prepare Compilations with or without disclosure and do not have a Peer Review

  • Report prior year CPE on an annual basis when birth-month certificate renewal takes place

Continuing Professional Education (CPE)

  • Every certificate holder, regardless of permit status, must report CPE to maintain their certificate

  • Exemptions to CPE

  • Disability

  • Military Service

  • Retired

  • Inactive

Example Of Rolling Three Years

2008 45 Hours

2009 35 Hours

201060 Hours

Total Hours 140 Hours

2009 35 Hours

201060 Hours

2011 25 Hours

Total Hours 120 Required Hours

Example Of Rolling Three Years

2010 60 Hours

2011 25 Hours

201260 Hours

Total Hours 145 Required Hours

2011 25 Hours

201260 Hours

2013 35 Hours

Total Hours 120 Required Hours




Don’t Get Caught!Things that can get you into trouble

  • New CPAs holding out

  • Not registering firms

  • Practicing with an unregistered firm (PLLC)

    • Failure to register a firm can incur $1000 fine from the Board

  • Not notifying the Board of change of address, job etc. WITHIN 30 DAYS

  • Not notifying the Board of legal issues, i.e.. DUI or other charges that would fall under the Moral question. WITHIN 30 DAYS

Don’t Get Caught!Things that can get you into trouble

  • What happens if your certificate lapses?

    • Before reinstatement:

      • Certificate revoked after 30 days

      • You must take AICPA Ethics Exam and score 90%

      • If revoked longer than 5 years you must retake the CPA exam

Don’t Get Caught!Things that can get you into trouble

  • Doing “one offs”

    • Examples:

    • Audits – PTA, Homeowner’s Association, Other non-profits

    • Compilations (without getting new CPE requirements)

    • Functions in which you do not have technical expertise

  • If you receive a letter of inquiry from the Board, it is a violation (and $1,000 fine) for failing to respond

  • Not completing or reporting CPE – HORROR STORY!

Case No. 1863

Noncompliance with auditing standards and failure to complete the appropriate peer review.

Case No. 1884

Noncompliance with professional standards in the performance of three years of city audits.

Case No. 1888

Noncompliance with professional standards in failing to obtain information critical to engagement acceptance as a successor firm.

Case No. 1905

Noncompliance with auditing standards in the performance of a school district audit.

Case No. 1913

Noncompliance with reporting standards in the performance of a city audit.

Case No. 1887

Failure to enroll in a peer review program within one year of the initial engagement.

Case No. 1904

Failure to enroll in a peer review program within one year of the initial engagement.

You Didn’t Follow the Rules?

  • Enforcement

  • If you fail to comply with any of the rules outlined in the Oklahoma Accountancy Act the Board can do one or all of the following:

  • Asses fines

  • Issue costs

  • Issue remedial action

  • More CPE

  • Undergo pre-issuance review

  • Limit practice


Pending Issues

Change in Title 74 added language:

(black is old language, red is added language)

Except as otherwise provided by law, all government entities, as defined by the Governmental Accounting Standards Board, shall have an audit conducted in accordance with auditing standards generally accepted in the United States of America and Government Auditing Standards. Copies of any audit, performance audit, agreed-upon-procedures report, or other attestation engagement report produced by a person other than the State Auditor shall be filed with the State Auditor and Inspector by that person.

Pending Issues

How does this impact the Government Auditors list?

Current opinion of the State Auditors Office is any registrant performing attestation work using Yellow Book standards, must report to the State Auditors office and register with the OAB.

The Board voted at the June meeting to require registration by all firm’s who file reports with the State Auditor’s office. A grace period will be allowed until December 31, 2012. After that date failure to register could incur enforcement action.

Non-Compliance Issues

  • Revoked CPA continues performing audits

    Clients fail to verify status with OAB

  • Impact on clients-Federal grants previously approved were revoked prior to funds being distributed

  • Impact on clients-return of money granted and spent has been demanded due to audit performed by non-cpa

Pending Enforcement Files as of 5/31/2012

  • Substandard Work17

  • Peer Review Noncompliance 3

  • CPE Noncompliance 4

  • Other 26

    Total Pending 50

Disposition of Files


  • Files Closed/Cases Dismissed 38

  • Files Closed with Private Reprimand 17

  • Files Merged with other Files 4

  • Administrative Consent Orders 29

  • Consent Orders 6

  • Hearings Held 7

    Total Dispositions 101

Now Available Online

  • Final Orders* are now posted to OAB website.

  • Locating a Final Order:

  • Select the Find a CPA/PA tab

  • Conduct an individual or firm search to find a particular Enforcement Order

  • *Disciplinary actions that required a Board order

Publish a Bi-annual newsletter that contains all enforcement actions for the previous 6 months.

Electronic for the first time in February. If you did not receive, please let Board staff know.


Oklahoma Accountancy Board201 N.W. 63rd Street, Suite 210Oklahoma City, Oklahoma

  • Login