Independent audits can go a long way toward providing stakeholders with assurance about your nonprofit organization’s financial stability. Ensuring true independence requires more than just hiring an outside firm, though. Nonprofit leaders should familiarize themselves with the technical meaning of the term “independence” and some of the ways that a seemingly independent firm may not satisfy the independence requirements set forth in the American Institute of Certified Public Accountants (AICPA) Code of Professional Conduct.
Fact and appearance requirement
The code mandates that CPAs and their firms be independent in the performance of professional services, including audits. It requires independence in both fact and appearance. Independence in appearance calls for avoiding circumstances that would cause a third party to reasonably conclude that the auditor’s integrity, objectivity or professional skepticism is compromised.
When assessing circumstances that threaten independence in appearance, it’s the totality of the circumstances that matters. Insignificant individual threats (for example, an auditor’s small contributions to the nonprofit) can become an issue in the aggregate with other ostensibly minor threats.
Potential threats for nonprofit clients
The AICPA code identifies several examples of threats to independence that could arise during a nonprofit audit and when the threat may be acceptable. An acceptable threat generally is one where a reasonable and informed third party would conclude that the threat wouldn’t impair the auditor’s independence.
On the other hand, these threats could impair an auditor’s independence:
Advocacy. This happens if an auditor promotes the client’s interests to the point of compromising the auditor’s objectivity. It could happen, for example, where an organization is pursuing a cure for an illness that afflicts an auditor’s loved one.
Familiarity. Be careful if a close friend or relative of the auditor holds a key position in your nonprofit. The auditor may be too close to this situation.
Management participation. This occurs, for example, when an auditor serves as a director or officer or designs, implements or maintains an organization’s internal controls.
Self-review. A threat exists if an auditor’s firm has previously performed work for the client or supervised the client’s work (for instance, if the firm has prepared the nonprofit’s financial statements or served as its accountant or advisor).
Undue influence. This occurs when an auditor faces threats or pressures from the client. For example, a nonprofit might tell its auditor that it will only pay discounted rates.
Depending on the level of threat, appropriate safeguards may be necessary to eliminate or reduce it to an acceptable level. In some circumstances, though, no safeguards can reduce the threat to an acceptable level.
Recommended safeguards
The AICPA ethics code recognizes that appropriate safeguards may be created by the accounting profession, legislation or regulation. These include education and training requirements, the possibility of discipline, external review of a firm’s quality control system, and licensure requirements. The code also says that clients could implement safeguards that would operate in combination with other safeguards. Your nonprofit could, for example, have an active audit committee that ensures proper decision making, oversight and communications regarding an auditor’s services.
An auditor can implement safeguards, too, such as using different partners or engagement teams from separate offices. When an auditor implements safeguards, it must document the identified threats and safeguards applied.
Choose with care
A desire to simplify the process of auditor selection is understandable, particularly for nonprofits with limited time and money. Working with an independent public accounting firm like Hood & Strong is critical to ensuring your nonprofit's compliance.
