THE YEAR-END FINANCIAL STATEMENT PROCESS:

A Practical Guide for Small Nonprofit Organizations having a CPA Audit (or Review)

(Part 3 of 5)

Part III: Deliverables and Outputs of the Audit Process  

A. Financial Statements and Audit Report

At the end of the engagement, the auditor will present the organization’s financial statements and footnote disclosures into a generally accepted format. The financial statements will be preceded by the Auditors Report.  This report will state whether the financial statements are “presented fairly, in all material respects.” It is this “assurance” that enables the users of the financial statements to rely on them. Almost every audit will have an “unqualified opinion”, which is the best outcome. The reason for this is that any adjustments the auditor “proposes” will most likely be accepted and posted by the organization. A “qualified” opinion would be an “except for” opinion. It means the auditor agrees with the financial statements except for a particular item.  The last opinion is an “adverse” opinion. That would mean the auditor is stating the financial statements are “not presented fairly”.

B. Auditor Communications

Besides the Auditor’s Report on the financial statements, there are other items the auditor will report to the organization. These auditor communications can be broken into three areas: (1) required communications to governance; (2) a report on internal control deficiencies; and (3) recommendations for strengthening internal controls and operating efficiency. The ways auditors communicate these items to the organization varies.

(1)   Required Communications to Governance: This is usually in letter form and will highlight to governance key aspects of the audit and the financial statements. This will include complex accounting policies, significant estimates, important disclosures (footnotes), difficulties encountered in performing the audit, and disagreements with management. Also, there would be information about uncorrected and corrected misstatements. Corrected misstatements would be the adjustment entries that were proposed and accepted. There would normally not be any material uncorrected misstatements in a small nonprofit audit.

(2)   Internal control deficiencies: Although it is not the purpose of the audit to render an opinion on internal controls, the auditor is required to report any significant deficiencies in internal control encountered during the audit.

Generally Accepted Auditing Standards advise that a deficiency in internal control exists when the design or operation of a control does not allow management or employees, in the normal course of performing their assigned functions, to prevent, or detect and correct, misstatements on a timely basis. A material weakness is a deficiency or a combination of deficiencies in internal control, such that there is a reasonable possibility that a material misstatement of the organization’s financial statements will not be prevented, or detected and corrected, on a timely basis.

Since almost all organizations receive an unqualified opinion on the financial statement audit report, the internal control communication letter could be the most important output of the audit. It is common for a small nonprofit audit to result in some significant deficiency findings. Correcting internal control deficiencies is critically important to the financial health of all nonprofit organizations. Weaknesses in internal control can impact financial reporting or entice someone to perpetrate fraud. Common deficiency findings in nonprofit audits involve segregation of duties, oversight of financial reporting, monthly reconciliation and closing procedures, controls over cash and governance issues. The items identified in the internal control letter should be reviewed and addressed by the board and management. Many organizations develop a written response and action plan for each item. 

(3)   Recommendations:  During the audit process the auditor may become aware of opportunities for strengthening controls and operating efficiency.  These may be internal control items not deemed material enough to be included in the internal control letter.  These also may be items involving issues that are not directly related to the audit such as Form 990, payroll filings, other general business items.  If not addressed, items on the recommendation letter may escalate to deficiencies in future periods.  The “recommendations” should be reviewed and addressed by the board and management, as well. These recommendation items are not required by auditing standards and can be communicated orally during the course of the audit.  

Although written communication letters are addressed to the organization, they are often requested by outside parties, such as funders. Also, certain states require any communication letters prepared by the auditor to be submitted with the annual filing. If the organization changes auditors, a potential subsequent auditor may ask to see the communication letters, as well. 

Go to Part 4 of 5

THE YEAR-END FINANCIAL STATEMENT PROCESS:

A Practical Guide for Small Nonprofit Organizations having a CPA Audit (or Review)

(Part 2 of 5)

Part II: DIFFERENT ROLES IN THE AUDIT PROCESS

A. Governance’s Role in the Audit Process (The Board):

Unlike a small business, a nonprofit organization does not have “owners”.   A nonprofit is “governed” by a board of directors under the direction of the organization’s bylaws and state law. The Attorney General (or other state official) provides oversight and regulates all the charities operating in the state.  Additionally, because of its tax exempt status, the organization must adhere to IRS regulations as well. The board acts as trustee of the organization's assets and ensures that the nonprofit is well managed, fiscally sound and adhering to its mission and exempt purpose. In doing so, the board must exercise proper oversight of the organization's operations and maintain the legal and ethical accountability of its staff and volunteers. Generally, board members are legally responsible and have the ultimate authority over the organization. All board members should be familiar with the organization’s bylaws, finances, annual audit and Form 990. The executive director may manage the day to day operations, but major decisions should have direct board approval. It is also important that matters involving the executive director’s compensation be decided by the board. All audits will involve governance (the board). In the absence of an audit committee, the independent board members (i.e., unpaid) will perform the audit oversight function. This involves the following basic duties: (1) Overseeing the accounting and financial reporting processes of the organization and the audit of its financial statements; (2) Annually retaining or renewing the retention of an independent auditor; and (3) Reviewing with the independent auditor the results of the audit (including the management letter).  All board matters should be documented in proper meeting minutes. The organization is required to have a Conflict of Interest policy to show how it makes decisions involving interested (i.e., related) parties.

B. Management’s Role in the audit process: (Executive Director)

In many organizations, the board hires an executive director to manage the operations. The position usually reports to the executive committee or directly to the full board of directors. In most cases, a paid executive director is not a voting member of the board but the bylaws of an organization may dictate otherwise. Although not on the audit committee, the executive director will usually be the point person and work with the auditor during the audit process.

C. The Independent Accountant’s Role in the Audit Process (CPA)   

In a financial statement audit, the CPA expects the organization’s management to present the financial statement figures at year end. Furthermore the auditors will want explanations and evidence to support the figures.

Audits and Reviews are attest engagements that require independence. Services performed in conjunction with Audits or Reviews are called non-attest services. Specific rules have to be followed regarding non-attest services in order for the CPA to remain independent. Some non-attest services that frequently are performed in conjunction with an audit (or review) engagement are financial statement preparation, accounting adjustments, reconciliations, functional expense allocation assistance and tax preparation. Original bookkeeping or major overhauls of financial data cannot be performed in an attest engagement. Importantly, the auditor cannot participate in the decision making process of the client.  Audit standards also dictate that if the auditor assists too significantly in the financial statement preparation process, independence could be deemed to be impaired. In order to remain independent while performing these non-attest services, special precautions have to be followed. The organization’s management has to be responsible for the non-attest service by doing the following (1) designating an individual who possesses suitable skills to oversee the service; (2) evaluate the adequacy and results of the services performed; and (3) accept responsibility for the results. Under no circumstances can the CPA assume management responsibilities in an attest engagement. Some organizations hire an accountant or qualified bookkeeper to perform year-end close services before an audit or review engagement begins.

Auditing standards also require certain “disclosures” to be made by the organization. These come in the form of footnotes that follow the financial statements. The CPA’s assistance in preparing the footnotes disclosures is another type of non-attest service. The auditor will need to obtain information and evidence to support the financial statement disclosures. Common areas requiring disclosures are Accounting Policies, Fixed Assets, Notes Payable, Leases, Related Parties, Contingencies, Retirement Plans, Restricted Net Assets, Pledges / Contributions, Joint Costs and Subsequent Events.

The following language is part of the standard engagement letter which outlines the auditor’s role:

Audit procedures will include tests of documentary evidence supporting the transactions recorded in the accounts, tests of the physical existence of assets, and direct confirmation of receivables and certain assets and liabilities by correspondence with selected individuals, funding sources, creditors, and financial institutions…. An audit includes examining, on a test basis, evidence supporting the amounts and disclosures in the financial statements….An audit also includes evaluating the appropriateness of accounting policies used and the reasonableness of significant accounting estimates made by management, as well as evaluating the overall presentation of the financial statements…..Our audit will include obtaining an understanding of the Organization and its environment, including internal control, sufficient to assess the risks of material misstatement of the financial statements and to design the nature, timing, and extent of further audit procedures.

Go to Part 3 of 5

The Year-End Financial Statement Process:

A Practical Guide for Small Nonprofit Organizations having a CPA Audit (or Review)

(Part 1 of 5)

Part I: Introduction

This article is an overview of the financial statement audit process for a small non-profit organization. The objective is to help the governing board, management and other interested parties understand the annual financial statement audit process. The information provided here could be used as a guide for a review engagement as well.

Although all types of nonprofits could receive an annual audit, smaller organizations that have an audit are most likely a 501(C)(3) organization. 501(C)(3) organizations are often required to have an annual financial statement audit by the state charity regulatory body. Also, charitable organizations may be required to have an audit in order to qualify for grants or other funding. The Internal Revenue Service (IRS) does not require financial statement audits. Although they will do compliance audits.

Having an audit is a major endeavor for smaller 501(C)(3) organizations.  Firstly, the cost could be prohibitive. Another factor is finding an accounting firm servicing this segment. Optimally, an accountant would need to be a peer reviewed CPA, provide audits to small organizations and specialized in not-for-profit organizations. The same audit standards apply to small nonprofits as they do for large corporations. Accounting firms need to tailor their approach to efficiently serve these smaller organizations at a reasonable cost while complying with professional standards. 

The “audits” we are dealing with in this overview are “financial statement” audits. Most people know the term audit as it relates to an IRS audit of business or personal taxes.  Financial statement audits are quite different from an IRS audit. Although there will be testing and evidence support needed to substantiate the amount on your financial statements, the CPA will not look at every transaction or every receipt. Also, it is important to realize the financial statements being audited are prepared by the organization, not the auditor. In order to effectively audit the financial statements and provide assurance on them the auditor needs to obtain an understanding of the organization and its environment, including internal controls and governance. Deficiencies in internal controls and other matters will be communicated to the organization at the conclusion of the audit.

Go to Part 2 of 5