In December 2022, the AICPA Professional Ethics Executive Committee (PEEC) published revisions to the AICPA Code of Professional Conduct (the Code) that address the application of the independence rules to compliance audits. Specifically, New and revised definitions related to Compliance Audits added new definitions (“compliance audit” and “compliance audit client”) and revised the definition, “financial statement attest client,” all of which are found in ET section 0.400 of the Code.
The number of compliance audits being performed has risen due to the recent spike in federal funding (e.g., pandemic relief). Concerned that the independence requirements for performing compliance audits were being applied inconsistently, PEEC proposed changes to clarify the requirements, align the independence requirements with the applicable risks, and enhance consistency in application.
Two New Definitions
First, a compliance audit (ET section 0.400.09) is an attest engagement performed in accordance with AU-C section 935, Compliance Audits. If such engagement includes separate reporting under AU-C sections 725 or 805, the definition also applies to the audit of the schedule or statement accompanying the AU-C 935 report.
A compliance audit may include amounts from one or more compliance audit clients, defined as an entity that is subject to a compliance audit (ET section. 0.400.10). Generally, the same independence requirements applicable to an attest client apply to a compliance audit client except that:
1. The following independence interpretations do not apply to a compliance audit client:
a. Client Affiliates (ET section 1.224.010)
b. State and Local Government Client Affiliates (ET section 1.224.020)
2. If a compliance audit includes amounts in a schedule or statement from multiple entities, an entity would not be a compliance audit client if both of the following conditions apply:
a. The entity is not subject to compliance audit procedures.
b. Amounts in the schedule or statement are trivial and clearly inconsequential to the schedule or statement as a whole.
PEEC also excluded compliance audit clients from the definition, financial statement attest client, which relieves members from applying the Client Affiliates and State and Local Government Client Affiliates interpretations.
See Ethics Questions and Answers, section 10, Definitions, for related nonauthoritative guidance:
• Examples of a compliance audit
• Multiple compliance audit clients
• Trivial and clearly inconsequential
• Changes in entities that are compliance audit clients
• Using the Conceptual Framework in a compliance audit
• Evaluating independence when performing a financial statement audit and a compliance audit for the same client
The new and revised definitions will be effective for compliance audits beginning after June 15, 2023, with early implementation allowed.
The material in this publication is provided with the understanding that the author and publisher is not engaged in rendering legal, accounting, or other professional services. If legal advice or other expert assistance is required, the services of a competent professional person should be sought. The author and publisher make no representations, warranties, or guarantees as to and assume no responsibility for the content or application of the material contained herein, and expressly disclaim all liability for any damages arising out of the use of, reference to, or reliance on such material. You may reprint material in this newsletter if it is unaltered and credited to the author and Audit Conduct. If being reproduced electronically, the following link must also be included: www.auditconduct.com. © Copyright 2023 – Audit Conduct, LLC. All Rights Reserved.