[Fulltext] Accountants and auditors are often asked by their clients to sign reports that have been requested by trade bodies, regulators and other third parties with whom their clients have a relationship. Some regulators and trade bodies are looking for greater assurance than ever before in an effort to ensure that entities have complied with certain of their rules and regulations, sometimes connected with protecting the public from financial loss. Put less kindly, there is, perhaps, a growing tendency for regulators in the UK and Republic of Ireland to get auditors and accountants to do some of their work for them and to accept responsibility when things go wrong.
When asked by their clients to provide such assurance, auditors and accountants often have great difficulty when considering whether they can provide the type of opinions being requested. This difficulty is often compounded by the bodies responsible for requesting these opinions having little knowledge or understanding of what auditors and accountants can and cannot provide. Perhaps these bodies are not solely responsible for this lack of understanding. To date, there has been little guidance by way of providing a framework within which such reports can be given. There has been a danger, therefore, that forms of reports have been agreed whose contents are, arguably, very questionable. There is also a danger that firms, particularly small firms, are simply signing reports without either doing any additional work or charging additional fees in the belief that no risk or liability attaches to the signing of such reports.
Recognising the need for guidance in this area, in 2001 the Audit and Assurance Faculty of the Institute of Chartered Accountants in England and Wales (ICAEW) issued Technical Release Audit 1/01 'Reporting to Third Parties'.This guidance has recently been adopted by the Institute of Chartered in Ireland and issued to members as Miscellaneous Technical Statement M39. The Institute gratefully acknowledges the permission of ICAEW to reproduce this guidance.
M 39 provides the following to assist those who provide and who request such reports:
examples of types of wording and opinions that are unacceptable to auditors and accountants providing special reports
example wording for inclusion in engagement letters;
examples of potential 'pitfalls'.
In all engagements, it is important for accountants to establish at an early stage what reporting requirements there are, in addition to statutory reporting requirements.
M 39 notes that accountants and auditors are not bound to sign such ad hoc reports and are not bound to sign just anything a third party requires. While auditors and accountants will wish to help and support their clients, this is done in full knowledge of any risks being taken.
When reporting to third parties, auditors and accountants will, prima facie, owe a duty of care to such parties unless they restrict or limit their liability. It is therefore essential that there are no misunderstandings about the nature of work to be performed, the level of assurance to be provided and the purpose of the information or the report provided.
To address this, M 39 recommends the following process be followed when providing such reports:
Determine the extent of third party reliance;
Determine the form of report required by the third party;
Agree the work to be performed;
Perform the work;
Report.
Duty of care
It will always be important to establish the identity of the third party, the purpose for which it requires the report and the extent of loss which the third party could suffer. If, for example, a third party operates a compensation scheme for compensating members' customers in the event of member insolvency, the risk is much greater. Depending upon the risks involved, paragraph 10 of M39 advises that accountants and auditors either;
accept that they owe a duty of care to the third party and enter into an engagement contract with that party and limit their liability, if appropriate; or
before allowing access to their report by the third party, require that third party to acknowledge in wrting that no duty of care is owed; or
disclaim or limit any liability or duty to the third party by notice in their report; or do not accept the engagement.
Forms of report required
M 39 notes that the requested form of report may often be inappropriate, for example, because the considerations in the guidance are not met. There should be no acceptance of third party arguments that such standard report forms cannot be changed. Furthermore, accountants and auditors only only sign reports if they have performed sufficient work and obtained sufficient evidence to support the statement they are asked to make in the report. Appendix 2 of the guidance provides some useful examples of the forms of wording that practitioners should avoid.
Agreeing the work to be performed and the form of report to be given
The provision of special reports to third parties are separate engagements from the statutory audit requirement. This should be made clear to clients and the work performed to provide such reports will be separate work and subject to a separate fee.
Practitioners should attempt to agree with the client and third party an appropriate form of report, bearing in mind its purpose, the amount of work to be performed and the cost. The higher the level of assurance required, the more work will be involved and, therefore the greater the cost.
M 39, at paragraph 22, refers to the different options for the forms of such reports;
high level of assurance;
moderate level of assurance;
agreed upon procedures;
compilation engagements.
Commentary on each of these options is provided.
Accountancy Ireland Vol 34 No 5 October 2002.