Working with an auditor for the first time can be intimidating. Due to the nature of an independent auditor’s role, many people assume that they are solely out to find the mistakes and errors you’ve made. The reality is that the relationship is all about collaboration and joint problem solving.

When you work with us on an attest engagement there is no contentious environment, we’re there to help you through it as a trusted advisor. You can rest easy knowing that we are on the same team with our shared efforts of accurate financial reporting and helping your company reach its goals.

We are available year-round for support. Working with your auditor outside of the traditional season is a great way to ensure nothing goes amiss come the official audit. Throughout the year, you can lean on us for assistance and to discuss any issues you’re trying to overcome.

Discussing unusual and complex transactions with the our team in real time is a great way to avoid adjustments. Proactively involving your auditors early in the process gives us the insight to be predictive in our efforts to assist you, instead of being reactive to past events.

If you’ve entered into an unusual transaction, we recommend reaching out to your audit team so it can be accounted for correctly the first time around, as opposed to adjustments being made after year end while we perform our testing procedures.

While the list is vast, a few areas to involve your auditors would include:

Revenue recognition under Topic 606, Revenue from Contracts with Customers, was a huge undertaking for many private companies when the standard went into effect in 2019. If your company implements new streams of revenue during the year, or enters into unusual contracts with customers, proactively reaching out to your audit team to understand how and when those contracts should be recognized is a great way to avoid mishaps after year end.

If you purchase a business, you’ll need support to correctly account for the transaction using the acquisition method. We can help you through the complex and multi-step process of identifying the acquired assets and liabilities at the proper value, and accounting for any gain or loss on the transaction.

Whether your company is changing an accounting principal due to an allowance and voluntary change in preference, or due to a mandatory change required by an update to accounting standards, it is best to involve your auditors in the adoption of the principal as they can be difficult to implement or have a significant impact on prior and future fiscal periods.

Your audit team will obtain a current understanding of your controls to best assess your business. We will perform “walkthroughs” to identify key internal controls, how controls are implemented, and any areas where controls need improvement. We’ll provide information on where fraudulent items or errors might be able to break through your controls can be strengthened. With our help you can increase your confidence in your controls, and spend less time worrying about financial matters and more time on the things you enjoy.

At Sensiba, we focus on providing businesses with personalized audit and assurance services designed to enhance strategic planning and ease the stress of compliance and reporting. We will help you assess and strengthen the quality of information you use to make critical decisions, formulate solutions to your business problems, and evaluate your company’s financial performance.

Our team of knowledgeable professionals is here to make your audit process smooth, approachable and suited to your business structure. Reach out today to get started.

Along with providing an infusion of capital to a growing company, going public brings strict financial reporting and compliance requirements that must be in place well before the offering.

To meet investor expectations for a timely closing and regulatory requirements to provide accurate disclosures, pre-IPO companies need to have the right people, processes, and technology in place to meet their needs as a public company.

An important early step is assessing the skills and capabilities of the organization’s finance team. Management needs to be sure the team can meet the complex reporting and compliance needs of a public company, such as developing adequate internal controls and preparing accurate financial reports on a timely basis.

Financial planning and analysis skills are also critical since investors expect accurate forecasts about key metrics such as the company’s revenue, business outlook, net income, and operating cash flow. Being able to develop and share accurate forecasts is valuable in informing investors and avoiding potential surprises.

Perhaps the most obvious difference between public and private companies is the requirement to report financial and operating results quarterly. The finance team must close the books and report the company’s results quickly and accurately. It will need to develop and follow an efficient, repeatable process.

At least a year before the offering, it’s important to schedule quarterly rehearsals of the reporting process as if the company were public. Practice the multiple steps in closing the books, preparing an earnings release, and holding a mock investor call. This ensures the company’s finance team and management are familiar with the process when they must disclose actual earnings after the offering.

Another important part of the reporting process is establishing metrics to help management explain the company’s results to investors. Along with determining the most appropriate metrics, management should be ready to explain why they chose a specific metric and why it’s helping in understanding the company’s performance.

Similarly, the company will need to establish and document its internal controls, as well as the reasons behind the controls they create.

Another critical step in preparing for an IPO is upgrading the company’s financial tools to support these new reporting requirements and regulatory disclosures. Spreadsheets, for example, that may have been sufficient in the early stages of the company won’t allow the finance team and management to develop reports quickly. This will likely require manual workarounds (such as copying data between applications and reformatting documents) that take time and can introduce errors and delay the close process.

It’s more effective and efficient to implement a scalable financial management solution such as Sage Intacct that enables companies to automate the reporting process and general ledger entries, and to help the finance team close the books and prepare quarterly reports more rapidly and accurately.

Effective financial management will also provide management with daily visibility into the company’s revenue and treasury activities, and will offer data analysis and reporting tools to speed the closing process, offer insights into the company’s performance and trends, and support more strategic decision-making.

Overall, pre-IPO companies must act as if they are public before the initial public offering. Creating and honing the company’s processes and technology tools will help it be better able to operate as a public company and be ready and able to meet strict disclosure requirements and satisfy investor expectations.

For more information on preparing for IPO with Sage Intacct, reach out to our team for a consultation and demo.

Private or smaller publicly traded companies that proactively employ internal controls over financial reporting benefit from the following:

Formalizing or enhancing internal controls, like those expected of larger public companies, results in more reliable financial reporting and increases the credibility of management’s operations for bankers, investors, regulators, and other stakeholders.

Providing reliable financial information enables the company to produce financial statements with greater integrity and transparency. Internally, management can also make more effective decisions about the organization’s strategy, critical to maintaining a competitive advantage and potentially preparing for a public offering or a strategic transaction.

Understanding and documenting the company’s transactional flows, leads to a clearer understanding of financial risk. This, in turn, enables management to focus on control design. Effective controls help management realize and focus on the highest-risk areas – to optimize its financial reporting, operations, and compliance.

Through this analysis, management can better identify, streamline, and potentially automate, processes that divert staff attention from critical activities. One additional benefit – by centralizing process and controls documentation, management can reduce audit-related expenses.

That said, obtaining and reporting the right financial information depends partly on how well management identifies and mitigates financial statement risks. This may seem complex and challenging. However, it becomes manageable with the right messaging, methodology, and discipline across the organization — regardless of the company’s size, complexity, or structure.

For private companies that often lack a dedicated compliance resource, we recommend enlisting the help of experienced SOX advisors who will work with you to outline a roadmap, mitigate disruptions, and bring expertise to streamline the process and train staff.

For questions or more information related to an internal audit, controls optimization, or SOX compliance, contact our team.

You have worked hard to develop your business, and your efforts have paid off! Now you have a thriving business. You employ lots of employees, have a wider geographical reach, and have built relationships with lots of vendors. You have always been involved in every aspect of your business, but now it is too big for you to be directly involved with every part of the operations. Do you find yourself asking these types of questions?

If any of the above or similar thoughts have been weighing on you, having an internal audit might give you peace of mind.  So, what is involved with having an internal audit?

The internal audit process is not a cookie-cutter, one size fits all process. The process can be tailored to the specific needs of the organization. With that said, it would generally include some basic steps that will be discussed below.

The first step is to identify the key risks inherent to the organization that could prevent it from achieving its goals. This phase identifies “what can go wrong?” And if they do go wrong, would it have a high, moderate, or low negative impact? This phase is accomplished with the involvement of the key people in the organization who are knowledgeable about its various processes. The company’s management is usually aware of the various risks, but there could be important risks that are being overlooked.

The second step involves identifying what internal controls were implemented to mitigate the various risks faced by the organization. This exercise is intended to highlight if there are gaps (risks where no mitigating controls have been implemented). A side benefit is the identification of redundancies — risks where there are too many controls implemented, usually resulting in the cost of the controls outweighing the expected benefits. A comparison of the inherent risks and the controls in place results in the residual or net risk.

The internal auditor determines what areas will be included in the audit testing. Audit coverage usually focuses on the higher risk areas and the related key controls in those areas. If the internal audit is conducted in an advisory capacity for management, the nature and scope of the testing are subject to agreement with management. In this phase, various administrative tasks are performed, such as identifying and scheduling the internal audit resources with the requisite knowledge to perform the testing.

The internal audit function can serve as the eyes and ears of management. They can serve in an advisory capacity to management by performing testing to determine if the implemented controls are actually in place and working as intended. The methods used by the internal auditors to obtain evidence to support their conclusions are: inquiry, observations, inspections of records, and reperformance. Inquiry is the weakest form of audit evidence while inspection of records and reperformance are considered the strongest.

In this step, the results of the audit testing are summarized. The internal auditor determines if the exceptions represent a trend or are isolated cases. Exceptions that are pervasive (represent a pattern or trend) are then communicated to management.

Remediation is management’s responsibility. The internal audit usually comes in after corrective actions have been implemented and performed testing to verify that remediation efforts are successful in addressing the issues that were identified. Since remediation efforts can be like a New Year’s resolution that is practiced for one or two months and then forgotten for the rest of the year, an internal audit lets the newly implemented control mature before performing follow-up testing.

Read our article “How to Improve Your Internal Audit Process” to take your process to the next level.

If you would like more information about how an internal audit can help your company or would like a brief demonstration to experience how we operate, don’t hesitate to get in touch with us for a free consultation.

Your business needs financial statements so management can monitor performance, attract investment capital and borrow money from a bank or other lender. But not all financial statements are created equal. Audited statements are considered the “gold standard” in financial reporting. While public companies are required to issue audited statements, smaller, privately held organizations have options. CPAs provide three other types of financial statements, which, in order of descending level of diligence, are: reviews, compilations and preparations.

Here’s some insight into the newest and most basic financial reporting service available to private businesses — preparations — and how these engagements differ from compilations.

Financial statement preparations are often created as part of bookkeeping or tax-related work. While some lenders may accept preparations in support of small lending arrangements, preparations are generally reserved for internal purposes to provide information on the business’s current financial condition and as a basis of comparison against future accounting periods.

Preparations provide no assurance regarding the accuracy and completeness of the financial statements. Assurance is critical if you plan to share the financial statements with third parties. Generally speaking, the greater the level of assurance, the more trust a reader will have in the accuracy and integrity of your company’s financial statements.

In addition, professional standards don’t require CPAs to be independent of a business when preparing its financial statements. In other words, it’s OK for an accountant to have a financial interest in a company that he or she prepares financial statements for.

To avoid misleading any third parties who might receive a copy of these statements, each page of a prepared financial statement must include a disclaimer or legend stating that no CPA provides any assurance on the financial statements. In addition, prepared financial statements must adequately refer to or describe the applicable financial reporting framework that’s used and disclose any known departures from that framework.

Like preparations, compilations provide no assurance that the financial statements are accurate and complete. And independence isn’t required when issuing compiled financial statements. But there are subtle differences when moving from a preparation to a compilation.

A compilation involves the assurance of a formal report by a CPA who’s required to read the statements and evaluate whether they’re free from obvious material errors. The CPA’s report appears on the first page, before the financial statements. If the CPA isn’t independent of the business, he or she must disclose this fact in the report.

Notably, the use of a compilation of financial statements can extend beyond the business owner to third parties, including investors, business partners and lenders who may view the input of a CPA as beneficial.

Preparations may be a cost-effective way for small business owners to monitor performance. But they provide limited usefulness as a business grows and needs to interact with third parties. Eventually, prepared statements may need to be upgraded to a compilation, review or audit to give stakeholders greater assurance about the company’s financial results. Contact us to determine which type of financial statement is right for your current situation.

© 2023

For years, manufacturers have had an increasingly difficult time finding, attracting, and retaining skilled laborers. In the wake of the COVID-19 pandemic, these concerns have become even more pressing. A recent Reuters article notes that while the manufacturing industry continues to bounce back from pandemic uncertainties and demand slowdowns, potential growth is being limited by a continued labor shortage despite a record number of job openings.

This labor shortage is worsening an already fractured supply chain, as the shipping and warehousing industry has been hit particularly hard by the ‘Great Resignation’, which has seen a record number of workers leave their jobs in the midst of the pandemic. In a recent survey by the US Chamber of Commerce, over 90% of state and local chambers identify labor shortages as a factor limiting economic growth.

But in the face of so much economic uncertainty, what can be done to ease these concerns?

Retaining existing employees is more efficient and cost effective than hiring new employees. The Society for Human Resource Management (SHRM) estimates the average cost to replace an employee at up to 6-9 months of their salary in recruiting and training costs, which can cost the overall U.S. economy over a trillion dollars per year. Understanding why employees leave, and perhaps even more importantly why they stay, can be vital for an organization to understand where their strengths are, and where any shortfalls may lie.

A potential solution to the mismatch between available positions and finding workers willing and able to fulfill them might lie in expanding a company’s understanding of what is considered as the available pool of workers. One creative strategy noted by Brooke Sutherland in a recent Bloomberg article highlights the benefits of broadening such definitions of available workers. This can include revamping the company’s public image to appeal more widely to a younger audience base, expanding the use of government assisted training programs to help promote investment in a workforce, and working to move past the social stigma surrounding hiring certain individuals such as those with a previous criminal record.

If the pandemic has shown us nothing else, as we were ‘sheltered-in-place’ throughout much of 2020 and beyond, companies have been able to see how many jobs are able to be performed from home – a home that can be located anywhere with a stable internet connection. Recruitment efforts for many increasingly computer dependent positions, particularly as more and more companies are able to operate in cloud-based environments, are no longer required to be tied to a company’s physical location.

Through utilizing professional employer organizations (PEO’s), recruitment efforts can be expanded internationally based on the needs of a business, regardless of where potential candidates may be located. While it is true that it is certainly easier to outsource some jobs more than others, where efficiencies can be gained, expanding these perspectives can offer invaluable insights. Particularly where professional services are concerned, many firms offer a sliding scale of support from part time assistance with data entry or customer collections and vendor payments, to fully outsourced controller services and other types of executive management assistance.

In these unprecedented times, there has never been a better opportunity for unique and vast changes to occur. With so much uncertainty surrounding daily life, it can feel like too big of a risk to enter any additional unknowns into the equation, but that is exactly why those risks must be taken. A company’s workforce can be the greatest reason behind its success or its largest liability leading to its failure. The difference between the two lies in a willingness to think outside the box, open new doors, and redefine what a modern-day workforce may entail.

Need More Support? Contact us for more information.

Beyond regulatory requirements, developing an effective internal controls framework is valuable in helping your company manage risk.

Identifying and mitigating the company’s financial and operational risks under the Sarbanes Oxley Act’s (SOX) Section 404 requirements can also be a prudent investment in improving efficiency by aligning management’s priorities with the organization’s internal processes and operations.

One of the keys to successful SOX compliance is understanding whether your company falls under the reporting requirements of 404 Section (a) or Section (b). While management must certify the effectiveness of its internal controls in either case, Section (b) adds the requirement (based on the company’s capitalization and revenue) for your external auditor to attest to that effectiveness.

In practice, we often see companies that are not required to file under Section (b) scale back their compliance efforts by trimming assessments to the bare bones and eliminating internal testing — yet continuing to issue certifications.

This may seem like a cost-savings move, but the company may run into significant deficiencies and material weaknesses that are discovered during the year-end external audit. This, in turn, leads to additional remediation steps that must be implemented quickly. More importantly, these deficiencies can reduce confidence in the quality of the company’s financial reporting and internal controls from auditors, the board, and potentially investors.

Taking the time to develop an effective compliance framework and culture helps your company manage risk more effectively while also satisfying your regulatory obligations.

It’s critical for your company’s management to identify the most important risks to the quality and accuracy of your financial statements, and to focus attention and resources on the areas that represent the most important risk.

The COSO Enterprise Risk Management – Integrated Framework offers a good starting point for developing an effective internal controls system. The framework offers 17 principles embedded within five components outlining your controls environment, risk assessment, control activities, and other key aspects.

To learn more, you can view a recording of our webinar, Navigating SOX 404a Compliance.

Similarly, it’s helpful to understand that, over time, the company’s risk profile is going to evolve in response to market conditions as well as organizational changes. Part of an effective risk assessment strategy is understanding those changes, the potential impacts on the company, and the processes and controls that must be adjusted as a result.

Optimizing the value of your SOX investment, like your compliance effort, also depends on management setting an effective tone highlighting the importance of risk management and ethical behavior.

Management needs to stress the importance of compliance and risk management company-wide, and to back up those statements with internal training and quarterly check-ins to ensure management identifies and controls its most important financial statement risks.

Department leaders also need to understand that compliance isn’t a once-and-done or periodic activity, but rather an ongoing process of identifying risk, establishing effective controls, testing those controls, and making necessary corrections.

An effective compliance culture will improve risk management and cost savings by helping the company minimize last-minute surprises with its audit committee and auditors.

In addition, management can focus on the most direct risk to its financials, create appropriate controls, and produce the high-quality financial data the organization needs for external and internal reporting.

Whether you’re looking to establish, enhance, or outsource your internal audit function, we provide ‘right-sized’ audit support to assist you. For more information about optimizing the value of your SOX investment, reach out to our team.

The process of building a sustainable, comprehensive internal control environment sufficient to comply with the Sarbanes-Oxley act of 2002 (SOX) requires a significant investment of organizational resources. We have created the Zero to SOX implementation process to assist organizations in this endeavor.

On March 12, 2020, the SEC issued a ruling – Amendments to the Accelerated Filer and Large Accelerated Filer Definitions.  The effect of the changes was to reduce the burden and compliance costs for certain smaller registrants.  Under the new rules, certain low-revenue registrants no longer are required to have their assessment of the effectiveness of internal control over financial reporting (ICFR) attested and reported on by their independent auditors. The figure below from the U.S. Securities and Exchange Commission shows a detail of thresholds between Small Reporting Companies (SRCs) and Non-SRC organizations.

While the burden may have been lifted for smaller organizations, the requirement of a comprehensive internal control environment remain. An emerging growth company’s annual report still must contain an internal control report which:

During the five years following an IPO, a Small Reporting Company should take a risk-focused approach to SOX compliance by specifically identifying, implementing and monitoring those internal controls that enable management to achieve these regulatory requirements with confidence.

Activities in the first post-IPO year are focused upon the identification of HIGH Risk processes and the implementation of the documentation and monitoring activities necessary to support management’s annual reporting requirements under Section 404.

Activities in the second and third post- IPO year are focused upon evaluating and understanding the company’s internal control priorities in light of the company’s growth and evolution.  Monitoring activities necessary to support management’s annual reporting requirements under Section 404 continue.

Activities in the fourth post-IPO year add the additional objective of documentation and assessment of the MODERATE and LOW risk processes.

Evaluating and understanding the company’s internal control priorities in light of the company’s growth and evolution continues along with monitoring activities necessary to support management’s annual reporting requirements under Section 404.

Activities in the fifth post-IPO year are focused upon the monitoring activities necessary to support management’s annual reporting requirements under Section 404 continue and those necessary to support the integrated audit work of the company’s external auditors.

The Zero to SOX process designed with clearly defined goals, executed by experienced team members will lay the foundation to meet your company’s regulatory compliance requirements as well as practice effective corporate governance now and into the future.

For more information on our SOX Services, contact our team.

Several SOX challenges can affect a company’s ability to maintain an effective controls framework, or potentially hinder its ability to demonstrate that its ICFR efforts serve their intended purpose.

Management’s commitment to effective controls and financial reporting is a key component to a SOX effort receiving the required time and attention.

It’s essential to understand the company’s risks and to design controls to mitigate those risks, rather than treating SOX as a check-the-box compliance exercise.

Concise documentation that helps staff members and external auditors understand the thinking underlying a process is more effective than trying to capture every potential contingency and nuance (which can divert attention from more important activities).

Along with ensuring the data is accurate, you need to verify that the process used to generate that data is operating effectively.

Management and external auditors should understand the company’s risks to evaluate better the design and the effectiveness of the controls designed to mitigate those risks. Nobody should be surprised during the audit process.

This is typically a culture issue, but team members responsible for controls may not integrate risk and performance of controls as part of their typical activities.

Control activities performed manually, on a repetitive basis come with a greater cost and increased risk of error, when compared to automated controls.

Understanding the requirements of SOX 404(a) and 404(b) and communicating frequently with external auditors about the design and performance of your controls are cornerstones of effective risk management and SOX compliance. Knowing these SOX challenges can help a company with its compliance journey.

For questions or more information about SOX compliance, visit our SOX services page or contact our team.

Sustainability reports explain the impact of an organization’s activities on the economy, environment, and society. During the novel coronavirus (COVID-19) pandemic, stakeholders continue to expect robust, transparent sustainability reporting, with a stronger emphasis on the social and economic impacts of the company’s current operations than on environmental matters.

Investors, lenders, and even the public at large may pressure companies to issue these supplemental reports. But the information they provide isn’t based on U.S. Generally Accepted Accounting Principles (GAAP). So, is it worth the time and effort? One way to make your company’s report more meaningful and reliable is to obtain an external audit of it.

A sustainability report generally focuses on a company’s values and commitment to operating sustainably. It provides a mechanism for communicating sustainability goals and how the company plans to meet them. The report also guides management when evaluating corporate actions and their impact on the economy, environment, and society.

During the COVID-19 crisis, stakeholders want to know how your company handles issues such as public health and safety, supply chain disruptions, strategic resilience, and human resources. For example:

Stakeholders want assurance that companies are engaged in responsible corporate governance in their COVID-19 responses. Sustainability reports can showcase good corporate citizenship during these challenging times.

There aren’t currently any mandatory attestation requirements for sustainability reporting. That means companies can produce reports without engaging an external auditor to review the document for its accuracy and integrity. However, without independent, external oversight, stakeholders may view sustainability reports with a significant degree of skepticism. That’s where audits come into play.

Many organizations have developed standardized sustainability frameworks, including the:

External auditors can verify whether sustainability reports meet the appropriate standards and, if not, adjust them accordingly. In addition, numerous attestation standards govern the audit of a sustainability report, including those from the American Institute of Certified Public Accountants, the International Standard on Assurance Engagements, and the International Organization for Standardization.

Many companies agree that a sustainability report is important to their communications with stakeholders. But there’s little consensus on the approach, topics, or non-GAAP metrics that should appear in sustainability reports. We understand the standards that apply to these supplemental reports and can help you report sustainability matters in a reliable, transparent manner. Contact us today to speak to one of our industry professionals.

In the first half of 2021, there was a surge in restating financial statements. The reason relates to guidance issued by the Securities and Exchange Commission, requiring special purpose acquisition companies (SPACs) to report warrants as liabilities. SPACs are shell corporations listed on a stock exchange to acquire a private company, making it public without going through the traditional IPO process. Historically, SPACs that offer warrants (which allow investors buy shares at a set price in the future) have reported those instruments as equity.

In this situation, most SPAC investors understood that these restatements were related to a financial reporting technicality that applied to the sector, rather than problems with a particular company or transaction. But some restatements aren’t so innocuous.

The Financial Accounting Standards Board (FASB) defines a restatement as revising a previously issued financial statement to correct an error. Businesses may reissue their financial statements for several “mundane” reasons, whether publicly traded or privately held. Like the recent situation with SPACs, managers might have misinterpreted the accounting standards or made minor mistakes and need to correct them.

Often, restatements happen when the company’s financial statements are subjected to higher scrutiny. For example, restatements may occur when a private company converts from compiled financial statements to audited financial statements, decide to file for an initial public offering — or merges with a SPAC. Restatements also may be needed when the owner brings in additional internal (or external) accounting expertise, such as a new controller or audit firm.

In some cases, financial restatements also can be a sign of incompetence, weak internal controls — or even fraud. Such restatements may signal problems that require corrective actions.

The restatement process can be time-consuming and costly. Regular communication with interested parties — including lenders and investors — can help businesses overcome the negative stigma associated with restatements. Management must also reassure stakeholders that the company is financially sound to ensure their continued support.

We can help accounting personnel understand the evolving accounting and tax rules to minimize the risk of financial restatements. We can also help them effectively manage the restatement process and take corrective actions to minimize the risk of financial restatements going forward.

© 2023

As public companies grow, they may move from one filing status or issuer category to another. Recent and proposed changes to the Securities and Exchange Commission (SEC) rules for some categories could affect your company’s financial reporting and audit procedures.

Under existing rules, public companies fall into different SEC filing status categories, based on their public “float” (the amount of shares available to the public for trading):

What is an emerging growth company (EGC)? Generally, an EGC is a new public company that has gross revenues under $1 billion in its most recent fiscal year and meets certain other requirements. EGCs enjoy a variety of benefits during their first five years of existence, including scaled-back disclosures and exemption from the auditor attestation of a company’s internal control over financial reporting as required by Section 404(b) of the Sarbanes-Oxley Act.

A company that ceases to be an EGC must begin complying with Sec. 404(b), except for nonaccelerated filers, which are exempt from that requirement unless they become accelerated or large accelerated filers. (Congress currently is considering legislation that would extend the exemption for certain companies, however.)

On June 28, 2018, the SEC voted unanimously to issue the final rule in Release No. 33-10513, Amendments to Smaller Reporting Company Definition. The rule increases the public float threshold for SRCs to $100 million and nonaccelerated filers to $250 million.

To complicate matters, the SEC did not make conforming changes to the definition of an accelerated filer. Rather, it eliminated the automatic exclusion of SRCs in the definitions of accelerated and large accelerated filers. As a result, a registrant could be both an SRC and an accelerated filer. As an accelerated filer, a company would still be required to comply with Sec. 404(b).

The new SEC rule will be effective 60 days after publication in the Federal Register, which normally occurs a few weeks after a rule is posted on the SEC’s website. The SEC said 966 additional companies will be eligible for smaller company status in the first year of the new threshold.

Changes in filing status affect the form, content and timing of financial reports, as well as the extent of external audit procedures. So, it’s a good idea to re-evaluate your company’s status well before the end of each fiscal year. We can help you evaluate your filing status based on the SEC’s evolving guidelines. If a change is anticipated, we can help you prepare for new filing, disclosure and audit requirements. Contact us for more information on SEC filing status.

© 2023

Auditors typically deliver financial statements to calendar-year businesses in the spring. A useful tool that accompanies the annual report is the management letter. It may provide suggestions — based on industry best practices — on how to fortify internal control systems, streamline operations and reduce expenses.

Managers generally appreciate the suggestions found in management letters. But, realistically, they may not have time to implement those suggestions, because they’re focusing on daily business operations. Don’t let this happen at your company!

A management letter may address a broad range of topics, including segregation of duties, account reconciliations, physical asset security, credit policies, employee performance, safety, internet use, and expense reduction. In general, the write-up for each deficiency includes the following elements:

The auditor describes the condition, identifies the cause (if possible) and explains why it needs improvement.

This section quantifies the problem’s potential monetary effects and identifies any qualitative effects, such as decreased employee morale or delayed financial reporting.

Here, the auditor suggests a solution or lists alternative approaches if the appropriate course of action is unclear.

Some letters present deficiencies in order of significance or the potential for cost reduction. Others organize comments based on functional area or location.

AICPA standards specifically require auditors to communicate two types of internal control deficiencies to management in writing:

1. Material weaknesses. These are defined as “a deficiency, or combination of deficiencies, in internal control, such that there is a reasonable possibility that a material misstatement of the organization’s financial statements will not be prevented or detected and corrected on a timely basis.”

2. Significant deficiencies. These are “less severe than a material weakness, yet important enough to merit attention by those charged with governance.”

Operating inefficiencies and other deficiencies in internal control systems aren’t necessarily required to be communicated in writing. However, most auditors include these less significant items in their management letters to inform their clients about risks and opportunities to improve operations.

When you review last year’s management letter, consider comparing it to the letters you received for 2019 (and earlier). Often, the same items recur year after year. Comparing consecutive management letters can help track the results over time. But, be aware: Certain issues may autocorrect — or worsen — based on factors outside of management’s control, such as changes in technology or external market conditions. If you’re unsure how to implement a particular suggestion from your management letter, reach out to your audit team for more information.

© 2023

Analytical software tools will never fully replace auditors, but they can help auditors do their work more efficiently and effectively. Here’s an overview of how data analytics — such as outlier detection, regression analysis and semantic modeling — can enhance the audit process.

When it’s appropriate, instead of manually testing a representative data sample, auditors can use analytical software tools to compare an entire data population against selected criteria. This process quickly identifies anomalies hidden in large amounts of data that can be tagged for further examination by auditors during fieldwork. Analytical software tools can test various kinds of data, including accounting, internal communications and documents, and external benchmarking data.

If unusual transactions or trends are found, auditors will investigate them further using the following procedures:

In addition, confirmations and representation letters from attorneys, customers and other external parties may corroborate what management says and external research reveals.

Often, auditors conclude that irregularities have reasonable explanations. For instance, they may be due to an unexpected change in the company’s operations or external market conditions. If a change is expected to continue, it may alter the auditor’s expectations about the company’s operations going forward. Sometimes, a change discovered while auditing one part of the financials may affect audit procedures (including analytics) that will be performed on other accounts.

Alternatively, auditors may attribute some irregularities to inadvertent mistakes or intentional fraud schemes. Auditors usually communicate with the audit committee or the company’s owners as soon as possible if they discover any material errors or fraud. These irregularities might require adjustments to the financial statements. The company also might need to take action to mitigate financial losses and prevent the problem from recurring.

For example, the controller may need additional training on recent changes to the tax and accounting rules. Or management may need to implement additional internal control procedures to safeguard against dishonest behaviors. Or the owner may need to contact the company’s attorney and hire a forensic accountant to perform a formal fraud investigation.

Today, companies generate, process and store massive amounts of electronic data on their networks. Increasingly, auditors are using analytical tools on this data to conduct basic audit procedures, such as vouching transactions and comparing data to external benchmarks. This frees up auditors to focus their efforts on complex transactions, suspicious relationships and high-risk accounts. Contact us for more information about how our auditors use analytical software tools in the field.

© 2023

Many types of businesses — such as homebuilders and manufacturers — turn raw materials into finished products for customers. Production is a continuous process. So, any work that’s been started but isn’t yet completed before the end of the accounting period is reported as work in progress (WIP) under U.S. Generally Accepted Accounting Principles (GAAP).

The value of WIP relies on management’s estimates. Auditors often give special attention to these estimates during fieldwork. Here’s what to expect during a financial statement audit.

Inventory is classified as a current asset on the balance sheet under GAAP. There are three types of inventory:

When a company produces large volumes of the same product, management allocates costs as each phase of the production process is completed. This is known as standard costing. For example, if a production process involves eight steps, the company might allocate 50% of its costs to the product once the fourth stage is completed.

On the other hand, when a company produces unique products — such as the construction of a factory or made-to-order parts — a job costing system is typically used to allocate materials, labor, and overhead costs as incurred.

Most experienced managers use realistic estimates, but inexperienced or dishonest managers may inflate WIP values. This can make a company appear healthier than it really is by overstating the value of inventory at the end of the period and understating cost of goods sold during the current accounting period.

Auditors focus significant effort on analyzing how companies quantify and allocate their costs. Under standard costing, companies typically record inventory (including WIP) at cost, and then recognize revenue once they sell finished goods. The WIP balance grows based on the number of steps completed in the production process. Auditors analyze the methods used to quantify a product’s standard costs, as well as how the company allocates the costs corresponding to each phase of production.

Conversely, with job costing, revenue recognition happens based on the percentage-of-completion or completed-contract method. Auditors analyze the process to allocate materials, labor, and overhead to each job. In particular, they test to ensure that costs assigned to a particular product or project correspond to that job.

Under both methods, accounting for WIP affects the balance sheet and the income statement. We can help determine whether your company’s WIP estimates are reasonable and whether your accounting practices comply with the recent changes to the revenue recognition rules for long-term contracts, if applicable. Contact us for more information on auditing work in progress.

Businesses rely on internal controls to help ensure the accuracy and integrity of their financial statements, as well as prevent fraud, waste, and abuse. Given their importance, internal controls are a key area of focus for internal and external auditors. Many auditors use detailed internal control questionnaires to help evaluate the internal control environment — and ensure a comprehensive assessment. Although some audit teams still use paper-based questionnaires, many prefer an electronic format. Here’s an overview of the types of questions that may be included and how the questionnaire may be used during an audit.

The contents of internal control questionnaires vary from one audit firm to the next. They also may be customized for a particular industry or business. Most include general questions pertaining to the company’s mission, control environment, and compliance situation. There also may be sections dedicated to mission-critical or fraud-prone elements of the company’s operations, such as:

Questionnaires usually don’t take long to complete, because most questions are closed-ended, requiring only yes-or-no answers. For example, a question might ask: Is a physical inventory count conducted annually? However, there also may be space for open-ended responses. For instance, a question might ask for a list of controls that limit physical access to the company’s inventory.

Internal control questionnaires are generally administered using one of the following three approaches:

Here, management completes the questionnaire independently. The audit team might request the company’s organization chart to ensure that the appropriate individuals are selected to participate. Auditors also might conduct preliminary interviews to confirm their selections before assigning the questionnaire.

Under this approach, the auditor meets with company personnel to discuss a particular element of the internal control environment. Then the auditor completes the relevant section of the questionnaire and asks the people who were interviewed to review and validate the responses.

Here, the auditor completes the questionnaire after observing and testing the internal control environment. Once auditors complete the questionnaire, they typically ask management to review and validate the responses.

The purpose of the internal control questionnaire is to help the audit team assess your company’s internal control system. Coupled with the audit team’s training, expertise, and analysis, the questionnaire can help produce accurate, insightful audit reports. The insight gained from the questionnaire can also add value to your business by revealing holes in the control system that may need to be patched to prevent fraud, waste, and abuse. Contact us for more information.