Common Deficiencies from 2015-16 Practice Inspections

The purpose of the Practice Review Program is to protect the public through assessing firms’ and practitioners’ compliance with professional standards, and by taking appropriate follow-up or remedial action in cases of non-compliance. The Practice Review Program further protects the public by providing an educational experience to firms.

The focus of the program this past year has been on integrating all legacy bodies into the CPABC practice review program, along with continued emphasis on the proper performance of a risk-based audit and on assessing whether sufficient enquiry, analysis and discussion has been performed in review engagements.

For the 2015-2016 inspection year, 521 offices were reviewed under the CPABC methodology and an additional 128 reviews were completed for legacy CGA practitioners under their legacy program prior to adoption of the new methodology on July 1, 2015. The overall pass rate for all offices reviewed this past year was 91%, with 9% of the offices being assessed by the Practice Review Committee as not meeting the requirements of the practice review program. Of the total 649 reviews completed, 375 of the offices perform assurance work and the remaining 274 offices do not perform any assurance engagements.

For the 375 offices which perform assurance engagements:

• 85% were assessed by the Committee as either meeting requirements or meeting requirements with an acceptable action plan from the office; and
• 15% were assessed by the Committee as not meeting the requirements and thereby requiring a re-inspection of the office.

Of the 274 offices which do not perform any assurance engagements:

• 99% were assessed by the Committee as either meeting requirements or meeting requirements with an acceptable action plan from the office; and
• 1% were assessed by the Committee as not meeting the requirements and thereby requiring a re-inspection of the office.

For the firms that performed assurance work and were assessed as not meeting the standards of the Practice Review Program, there were some notable findings:

• Over half of these firms had very small assurance practices with five or less assurance engagements. The focus of their practice was not assurance engagements and therefore often insufficient resources were dedicated to keeping technically current and ensuring these engagements were performed to professional standards.
   
• The majority of firms had insufficient documentation and execution of audit or review procedures throughout multiple areas of the engagement and/or throughout multiple engagements. The remaining firms had adequate documentation, but did not meet the standards due to a specific technical issue that lead to a material error or could potentially lead to a material error.
   
• Checklists were signed off or ticked off without any additional working papers or commentary demonstrating the actual completion of the procedures and support for conclusions.

The most common deficiencies found during this past year are listed below.

Financial Statement Presentation

• Insufficient disclosure for related party transactions – disclosure of terms and conditions, nature and extent of transactions, description of relationship and measurement basis.
• Debt obligations due on demand, frequently including related party debt, inappropriately classified as long-term debt.
• Missing or inadequate disclosure of the significant accounting policy for revenue recognition.
• Inappropriate classification of preferred shares that are not issued under a qualified tax planning arrangement. For preferred shares issued under a qualified tax planning arrangement, disclosure was often incomplete.
• Long-term debt – Disclosure was found to be deficient in relation to maturity dates, interest rates and repayment terms. Furthermore, entities did not disclose the carrying value of assets pledged as security for liabilities.
• Missing disclosure of significant risks arising from financial instruments - disclosure of the nature and extent of financial instruments, and credit risk, interest rate risk, currency risk and fair value, if considered a significant risk for the entity.

Audit Engagements

Planning

• Documentation of the auditors’ understanding of the entity and its environment missing one or more of the following: ◦The control environment, including the entity’s internal controls relevant to the audit. This is required for all audits, irrespective of whether a substantive approach will be taken with no reliance placed on controls.
  • The entity’s risk assessment process.
  • The nature of the entity (operations, ownership, governance and financial structure).
• Lack of documentation of fraud risk factors as part of the assessment of the risks of material misstatement within audit planning. This was particularly identified as an issue in audits of smaller entities and Not-For-Profit Organizations.
• No documentation that a team planning meeting took place.
• Missing performance materiality.
• No preliminary analytical procedures performed.

Substantive Procedures

Insufficient documentation and/or execution of substantive audit procedures on material classes of transactions and account balances in the following key areas:

• Accounts payable completeness and cut-off
• Payroll completeness, accuracy and cut-off
• Revenue, particularly for long-term contracts and transactions with multiple elements
• Expense completeness and cut-off
• Accounts receivable valuation
• Collectability of loans receivable, particularly from related companies
• Classification of preferred shares as debt or equity
• Inventory count procedures and valuation
• Journal entry testing
• Subsequent events review
• Going concern analysis

File Completion

• Communication with those charged with governance did not include one or more of the following items (or, in some cases, there was no communication with those charged with governance):
  • The auditor’s responsibilities in relation to the financial statement audit.
  • An overview of the planned scope and timing of the audit.
  • The written representations that the auditor is requesting from management.
  • Significant matters arising from the audit that were discussed, or subject to correspondence with management.
  • Other matters arising from the audit that are significant to the oversight of the financial reporting process.
• No final analytical procedures performed.
• Representation letter dated before auditors’ report.
• No evaluation of final materiality and impact on unadjusted errors, particularly in an engagement with numerous adjusting entries.
• Auditor’s report not in accordance with CAS.

Review Engagements

The lack of adequate documentation of the inquiry, analytical procedures and discussion to establish plausibility in the following areas:

• Inter-relationship/comparison of revenues, expenses, gross margin, operating ratios and balance sheet items. 
  • The practitioner should focus on significant financial statement items, or key aspects of the client’s business. Unless there is documentation that no unusual amounts, variances or trends are expected, an assessment of the plausibility of significant items should be included to evidence that the practitioner gave such items due consideration.
• Cash, sales, purchases/inventory and accounts payable - cut-off procedures. 
  • Typically, documentation would include a description of procedures followed by the client to ensure proper cut-off, a conclusion on their adequacy and, if deemed necessary, details of any additional review procedures required to assess plausibility of the related balances.
• Accounts receivable and loans due from related parties - valuation. 
  • Typically, documentation would include a detailed aged account listing, and an analysis of collectability based either on the age of receivables or on specific identification. For related parties, this could include an analysis of the ability of this party to repay the amount owing, which will typically include an analysis of that entity’s operations and its own liquidity.
• Inventory – client’s count procedures and valuation. 
  • Typically, documentation would include a description of the client’s inventory count procedures, including the date of the inventory count, count instructions, use of count tags, supervision, segregation of obsolete and slow-moving inventory and inventory on consignment, to assess whether the procedures are designed to arrive at a proper and consistent count. The client’s basis of determining “cost” (FIFO, specific item, etc.) and whether that basis is consistent should also be documented.
• Contingencies, commitments and subsequent events. 
  • Typically, documentation would include matters discussed with the client, including name and title of the individual with whom inquiries were made and the date thereof (which should be either on or before the date of the review engagement report).
• Classification of preferred shares as either debt or equity. 
  • Typically, documentation would include review and analysis of the underlying documentation to ensure these shares are correctly classified.

Compilation Engagements

• The file did not include documentation of the accountant’s consideration and assessment of independence.
• Notice to Reader did not comply with requirements of paragraph 9200.25 of the CPA Canada Handbook.
• Working papers included conflicting figures or information which had not been addressed or resolved.
• The financial statements contained notes which referred to GAAP.

Tax Engagements

• The statement of business activities and/or the statement of rental income in the T1 and/or the schedule 100 and 125 of the T2 did not include tax disclaimers indicating that the information was prepared solely for income tax purposes without audit or review from information provided by the taxpayer.
• No documentation within the file regarding foreign assets and income.

Quality Control

• Firms not assessing whether an engagement quality control reviewer (EQCR) is necessary for assurance engagements, as required by their Quality Control Manual.
• Firms applied insufficient or inappropriate criteria to assess whether an EQCR is required. In some cases, the EQCR is not appropriately qualified for the role.

Firms have not completed their ongoing monitoring and cyclical monitoring requirements, as required by the Canadian Standard on Quality Control (CSQC 1), and as outlined in their Quality Control Manual.