 Hello and welcome to this session. This is Professor Farhad in which we will discuss the standards for attestation engagement But first we need to know what is attestation in order to understand the attestation engagement What does it mean to attest to something? Well to attest to something means to be a witness to confirm to authenticate Validate verify. Well, we should be familiar with the term attestation because the traditional audit is a form of attestation What are we doing when we perform a financial statement audit? Well management make assertions make claims about the financial statements about the presentation of the financial statements about the disclosure of The financial statements our job is to do what is to attest is to attest to that claim and we follow a criteria called gap and we follow tools that are called generally Accepted auditing standards to find out whether those claims are as they claim to be Now since CPAs are trusted professional business people many Parties engage them to perform a variety of audit like services And this is where we bring in the attest services the attestation services a good example will be a bank Request a CPA to issue a written report whether the client had adhered to all requirement of the loan agreement Simply put we have three parties here. We have the CPA We have the bank and We have the client so notice the client is the client for the bank the bank is engaging us To verify whether the client is in adherence with the loan requirement. Now. What do we do in order to perform this? Engagement we have to review the loan agreement to find out What's the criteria for the engagement in order to issue an opinion finding whatever we need to issue? Another example will be our website is reliable and secure someone is making a claim Well, let's attest to it. Can we attest to it? so the standard for attestation and engagement are governed or they are issued by the AI CPA not PC a OB so we are dealing with Non-issue or it's applicable to the preparation and issuance of attestation report for non issuers So what is an attestation? Well an attestation engagement isn't either an examination Review or agreed upon procedure now notice next to examination I put opinion because if you are engaged for an examination you will issue an opinion a review a conclusion and agreed upon procedure is A finding now bear in mind. We are going to cover Examination review and agreed upon procedures much much more in details each and a separate recording So don't worry about that. It's those engagement perform under the attestation standard related to subject matter and assertion That's the responsibility of another party notice the bank hired us And they said these are the criteria go ahead and Tell me if this client is in compliance or not, okay? So this the subject matter is the compliance here. Okay, so this is what we do now In this session, we're gonna do we're gonna cover the common concept for the clarifying standard for the attestation simply put in 2016 the standard for engagement attestation changed and we're gonna do we're gonna go over the common concept today Which is the purpose written assertions precondition acceptance and continue continuous guidance documentation Practitioners and responsible party responsibilities then in another session would look at the level service such as Examination engagement review engagement agreed upon procedure subject matter will include the prospective financial information reporting on pro format compliance Report on suck and MDNA and each one of those most likely will have its own recording So we have a lot to go but today just to kind of give you what's going on We're gonna look at common concept that apply to all attestation Engagement now before we start to discuss them. I would like to make a public announcement about my company Farhat lectures comm Farhat accounting lectures is a supplemental educational tool That's gonna help you with your CPA exam preparation as well as your accounting courses My CPA material is aligned with your CPA review course such as Becker Roger Wiley Gleam Miles my accounting courses are aligned with your accounting courses broken down by chapter and topics my resources consist of Lectures multiple choice questions through false questions as well as exercises go ahead start your free trial today No obligation no credit card required Starting with the purpose and this applies to all attestation engagement The purpose of an attestation engagement is to provide users of information with an opinion if it's an examination or a view conclusion for a review and finding for an agreed upon procedures about the right reliability of Subject matter or an assertion about the subject matter as measured by suitable criteria Simply put we're gonna issue a report for for the users about either a subject matter like the loan agreement Or some sort of an assertion someone is making some sort of a claim. This is basically the purpose of the attestation engagement Now bear in mind no historical financial data. We're not working with the historical financial data because this is an audit We're not doing an audit It's a separate and an audit and we're not using gap as a criteria So forget about gap when we talk about attestation Okay. Now written assertions should be Assertion be in written well written assertion is expected. Okay, when you are performing examination review or agreed upon procedure It's good to have now if you are performing an examination or a review and If the in if the engagement party is the responsible party and refuses to provide a written assertion for an examination or review No assurance without Without written assertion simply pot Remember we have three things that we can do examination review Agreed upon procedures if we are dealing with examination and reviews and we're gonna see why later Examinations and reviews. We are giving some sort of an assurance for example examination We are giving the highest level of assurance, which is reasonable assurance in the review We are giving a limited type of assurance. Nevertheless, we are giving some sort of an assurance If the engagement party is the same as the responsible party, what does it mean? Engage in party and responsible party. You remember our relationship the CPA We have the bank and we have the client, right? Now the bank engaged us the bank engages and the bank Gave us the criteria, which is the loan agreement, but We could have an engagement party and the criteria could be issued by someone else Using someone else's criteria. So if they are they are the same We will not perform an examination or a review without giving us a written representation Because no assurance if it's not written because we're giving assurance and we'll see what I mean by assurance later when we discuss examination and reviews when the Engage in party is not the responsible party And the responsible party refuses to provide a written assertion. Well, that's fine disclose in the report How would that work? Let's assume we are a CPA. We have the state of Pennsylvania and we have the Lehigh Valley Hospital It's a hospital. Here's what's gonna happen. The state of Pennsylvania or the federal government Engages to have an examination about the Lehigh Valley reimbursement process or Government reimbursement process within their insurance system. Okay, either the state of Pennsylvania or the federal government So notice the engage in party. Well, the reimbursement process. It's for it's for the hospital for the Lehigh Valley Hospital So they're not the they are not the engage in party Lehigh Valley Hospital is not the engage in party Well, who's the engage in party the state of Pennsylvania, but they're using the criteria for the hospital If that's the case, that's fine We will go for it and we will disclose in the report and we have to restrict the report So we cannot have the report available if it's agreed upon procedures And we're gonna learn more about the greed upon procedure examination and review later When the responsible party refuses to provide the written assertion, that's fine disclose in the report because by its nature Agreed upon procedures. It's agreed upon procedure between two parties. So look, you don't want to give me an assertion I will give you a finding it's between you and I it's your problem because you're engaging me to say something That's fine. I'm just gonna disclose it in the report that you did not provide me with written Assertions certain preconditions should exist for our attestation engagement One you must the practitioner must be independent generally speaking unless required by law or regulation to perform the engagement For example, good example will be the state of Pennsylvania by law They want to audit the hospitals well by law even though I may not be independent in terms my relationship with Lehigh Valley Hospital Because Lehigh Valley Hospital is a client of mine. I ordered their financial statements. It doesn't matter I don't have to be independent if that engagement is required by law, but generally speaking you have to be independent Just know there is an exception the responsible party must take responsibility for the subject matter Of course, whoever the responsible party is should take should take Responsibility for the subject matter and also we have to have four additional characteristic To have an attestation engagement the subject matter is appropriate Well, the subject will we're gonna talk about what subject matter is inappropriate is the criteria is suitable and available We can measure it the criterion will talk about Criteria a little bit more in a moment You must issue a report and that report could be an opinion finding or conclusion depending On the engagement and the report must be in return. Now. What do we mean by subject matter is appropriate? Okay, subject matter is appropriate. It means capable of consistent measurements of I am if I am if I am Measuring the reimbursement process of Lehigh Valley Hospital. I should be able to do it because it's consistent I can see what's going on. They have internal control. They have certain procedures I can gather appropriate evidence in order to support it to support my either opinion conclusion or findings if The subject matter is not appropriate for an examination. It's not appropriate for a review. Just know that what is suitable criteria? Remember, it has to be appropriate. It has to have suitable criteria It has to it has to be relevant to the subject matter. The criteria has to be relevant They are free from bias. They are not favoring for example the state versus the hospital or the hospital versus the state They allow reasonable consistent measurement slash evaluation. I can see this I can see the process Consistently being applied again and again year after year month after month for for different customers the same way and I don't emit any relevant factors in My in those criteria Now if the criteria is established by the AICPA because the AICPA will have many criteria for Attestation engagement, we could always assume it's suitable because they set the rules if the criteria is not suitable for an examination not suitable for a review If the criteria is so specialized to a specified party, then you would restrict the report because you don't want to issue a report About some special specialized knowledge to the general public Acceptance and continuance so when you are engaging in attestation, you have to have a quality control for your firm Practitioners should determine if they should accept and continue an engagement For example, somebody might engage them and for environmental law engagement if they don't have this if they don't have the Specialist on staff they should reviews either don't take or hire a specialist Now if you hire a specialist evaluate their companies competency and independence Have a mutual understanding about the scope and timing of the of their work Review their work for the purpose of the engagement because your name is going on that letter Then decide whether you want to mention them or not in the report. Anyhow, you are responsible for them How about documentation? Well, you should have a file ready 60 days after you complete the report No documents should be deleted or get rid of till the end of the retention period. What is the retention period? Well, the retention period should be sufficient to meet the need of any legal or regulatory environment So because different engagement will have in different states in different counties They'll have different legal requirement make sure your retention policy for those documents comply with this So no make sure you know what they are. There's no specific rules If you add any documents to the working file after the 60-day period You want to justify it and make sure you initial why and by whom? Okay, practitioner should also practice reasonable measure to predict the confidentiality of the file Okay, that's also required What guidance or what guidance we should use there are two categories of professional requirement on the Statement of attestation There one is unconditional requirement those unconditional requirement You should always comply with them in the word must as a good indicator in the literature If the if it says you must do it then you must do it in all circumstances then some are presumptively mandatory requirement Those if it's a presumptively as long as you can find an alternative procedures to it It's acceptable to meet the spirit of the requirement and those procedures will have the word should is an indicate Isn't as an indicator that it's a presumptively mandatory requirement You should do it if not find the procedure to do it now other resources for guidance You can use the appendices of the SS AE of the ICPA and Those would would have should have words like may might or could and you could you could use those as Additional explanation or examples for the appropriate procedures. That's also an acceptable guidance You could also look at other publication interpretive publication or attestation publication Those are recommended but not required Before the auditing standard board had the opportunity to comment and validate them or not Now we spoke about the responsible party and we discussed that the responsible party usually the management But it doesn't have to be For the subject matter as well as the assertion of the subject matter. It doesn't have to be but usually it is It should provide the responsible party should provide the practitioner with access to all information That's relevant for the measurement evaluation and disclosure if you're engaging me if you're the responsible party I need the information to be able to make to issue an opinion or a conclusion or a finding I need to have access to all necessary information and I need unrestricted access to people that I can talk to if need be in order to obtain the evidence the practitioners responsibility Responsible for complying with relevant performance and reporting requirement established in the attestation standard That's a giving they're also responsible for having appropriate competence and capable people in performing the engagement How make sure they comply with relevant ethical requirement maintain professional skepticism at all time and exercise professional skepticism throughout the planned Throughout the planning and performance of the engagement make sure you have an objective opinion. Now. This is an introduction To attestation engagement next I'm gonna be covering examination Review agreed upon procedures, then I'm gonna cover more in details different type of procedures whether it's an MDNA whether it's pro forma financial statements so on and so forth So we have a lot to go in these sessions But this is an important topic for the CPA exam as well as your accounting courses go to far hat lectures and Start to do work and MCQs through false that's gonna help you understand this topic. Good luck study hard and stay safe