A group of people are working on a financial success plan on a table.
A person is typing on a laptop computer with a graph on the screen.
August 18, 2022

The Time is Now

How to be Proactive with Your Next Peer Review

Unable to properly prepare for your next AICPA peer review during the two-off years can mean a lot more than just the loss of bragging rights: A CPA firm that receives anything less than pass with no findings (a “clean” report) may soon find that existing clients are questioning their relationship while potential prospects are avoiding them.


A clean report assures clients, prospects, regulators, standard-setters and competitors that your firm’s attest practice is performing at a high level and is not required to improve the quality of its services and processes. Simply put, your firm’s reputation is on the line every time you undergo a triennial peer review.


It’s important to get a jump start on preparing for your next peer review. Here are some steps to take to ensure you have a properly designed and effective quality control system in place that leads your firm to receive a pass — with no findings — on your next peer review report.

 

Establish a culture of quality from day one. A common mistake CPA firms make that can cause them to perform poorly on a peer review is not properly designing, implementing and maintaining a system of quality control. If your system is not properly maintained, the peer reviewers will more likely find reportable issues. In accordance with AICPA’s Statement on Quality Control Standard (SQCS) No. 8, A Firm's System of Quality Control (Redrafted), all CPA firms must establish and maintain appropriate quality control policies and procedures and comply with those policies and procedures to ensure the quality of the professional services they provide to the public.


To make sure you’re following all relevant policies and procedures, there are several publications available from the AICPA that provide guidance, such as Professional Standards, the AICPA Peer Review Program Manual, and the Practice Aids for Establishing and Maintaining a System of Quality Control for a Firm's Accounting and Auditing Practice.


Familiarize yourself with these standards and ensure the auditors/accountants at your firm have the research capabilities and tools to their jobs correctly and adhere to the highest standards.

 

Plan ahead & stick to deadlines. Your firm’s peer review should be finished by its due date. The firm’s due date is reflected on the letter acknowledging your firm’s original enrollment in the peer review program and in the committee acceptance letter related to your firm’s last peer review. The due date is the date by which peer review documents, including the report and if applicable, the letter of response, should be submitted to the reviewer.


To make sure your peer review is completed on time, you should start the review soon after your firm’s peer review year-end. You should plan ahead so that the review takes place at a convenient time for your firm and to allow your reviewer time to properly plan and schedule your review. For example, if you have a heavy tax practice and your review due date falls between January and April, you should plan to start the review in September or October to make sure the review is completed before your busy season begins.

 

Make sure that workpapers can stand on their own. It’s critical to ensure that your workpaper files are deemed to be in compliance with Professional Standards. As you assess your workpapers, give them the “5 Ws” test: Do they stand on their own without any verbal explanation, clearly explaining “who, what, were, when and why?” Don't leave a peer reviewer grappling for answers – make their job easier by making sure your workpapers are in order.

 

Keep up with your internal inspections. During the two off years when the peer reviewer is not up on your doorstep, make sure you're regularly conducting your annual internal inspections so that you can correct any mistakes your firm may be making before peer review time. At Collemi Consulting, we’ve created a “must-do” testing approach to assist CPA firms with an internal inspection process that includes drafting and reviewing your firm’s Quality Control Document to interviewing and evaluating your professional staff.

Here are some examples of the other areas we test during the inspection:

 

  • Review a cross section of attest engagements
  • Test professionals’ CPA licensing
  • Test professionals’ CPE requirements
  • Examine firm’s professional literature

 

Most attest practices we advise get some things right, but almost all of them miss some key points. Common pitfalls include lack of understanding of the auditor independence rules, particularly regarding unpaid prior years’ fees, and not meeting the General Requirements from the Code of Professional


Conduct prior to performing permissible non-attest services for an attest client.
Other missteps include a failure to appropriately modify a report for a scope limitation or a significant departure from GAAP, omissions of required critical reporting elements of applicable standards, and issuing an audit report when the auditor was in fact not independent.


Connect with your peer review team captain sooner rather than later. You should contact your peer review team captain and begin planning the review together early enough, at least six to nine months prior to the due date, to make sure all documents will be submitted to the Administrating Entity (AE) by your firm’s due date.


The peer review team captain will ask for the following items:

  • The firm’s Quality Control Document.
    A list of accounting and auditing engagements for all engagements with periods ending during the year under review (or report dates during the year under review for financial forecasts and/or projections and agreed upon procedures) regardless of whether the engagement reports are issued as well as a description of the approach taken to ensure a complete and accurate engagement listing.
  • A list of the firm’s professional personnel showing name, position and years of experience with the firm and in total.
  • A copy of the firm’s documentation maintained since its last peer review to demonstrate compliance with the monitoring element of quality control.


Based on this information, the team captain will make a preliminary selection of the offices and engagements he or she intends to review.

 

The initial selection of engagements to be reviewed will be provided no earlier than three weeks before the commencement of the peer review. This should provide ample time to enable the firm to assemble the required client information and engagement documentation before the review team commences the review. However, at least one engagement from the initial selection to be reviewed will be provided to the firm once the review commences and not provided to the firm in advance. This engagement should be the firm’s highest level of service and should not increase the scope of the review.


All engagements with years ending during the peer review year (or report dates during the year under review for financial forecasts and/or projections and agreed upon procedures) that are performed and issued by the firm should be available to the team captain at the start of fieldwork.

 

Finally, make it your goal to be timely and accommodating to the peer reviewer. Missing deadlines or seeming uncooperative will leave a bad taste in the peer reviewer’s mouth. Put your best foot forward and let the peer reviewer know that your firm takes quality control very seriously.

 

At Collemi Consulting, we offer a full spectrum of services to assist CPA firms get ready for their AICPA peer reviews, including conducting an engagement review and ensuring workpapers are in order. And there’s no need to undergo the peer review process alone: We can partner with you during every step of the process to help you gather required information and documents and ensure you hit all deadlines. To schedule an appointment, contact us at (732) 792-6101.



Learn More

Testing of Non-Standard Journal Entries to Identify Questionable Transactions

By Jennifer Ruf March 24, 2025
As audit season is in high gear, it’s important for auditors to step back and plan how they are going to audit a client’s books and records. What are the red flags you’re looking for when it comes time to throw open the books and look through a huge swath of journal entries to pluck out the ones that are questionable, and need to be questioned? First off, it’s important to understand how journal entries are created at the company being audited. For an auditor, that means looking at the internal control environment to understand how a journal entry is created: Who’s authorized to create one and who can create one. You have to understand the process. How does it start and how is the entry eventually recorded onto the financial reporting system? Once you know that, you can determine whether someone can come in and override the system, or if someone can pretend to be someone else and start recording journal entries onto the system. That will help you figure out what to look for to decide what entries to pull out and ask management to get back up information to support and validate those entries. Finding the needle The key here is not to just go through the mechanics, but to really go through the exercise so you can determine if management is playing games in the recording of those transactions. You have to be able to get comfortable with that, and that means you need to be able to document what you’re looking for. Because what the auditor is really doing is looking for a “needle in the haystack”, to identify the transactions that don’t look right, that don’t make sense in the ordinary course of business. For example, if the business is not open on weekends, are transactions being posted on a Saturday or Sunday, or even on holidays? If you see rounded numbers or accounts that are seldom used, those can be red flags as well. Sometimes it can be as simple as asking managers and others like accounting, data entry and IT personnel if they’ve observed any unusual accounting entries. Depending on the size of the company and scope of the work, you might need to use computerized audit software program — some of them with AI built in — that can scan the entries to identify anomalies. Red flags When an auditor is looking for evidence of management override of controls, they can look for some of these 12 red flags indicators: ● Top-side entries ● Entries made to unrelated, unusual or seldom-used accounts ● Entries made by individuals who typically don't make entries. ● Entries recorded at the end of the period ● Post-closing entries with no explanations ● Entries made before or during the preparation of financial statements with no account numbers ● Entries that contain rounded numbers or a consistent ending number ● Entries processed outside the normal course of business ● Accounts that contain transactions that are complex or unusual in nature ● Accounts that contain significant estimates and period-end adjustments ● Accounts that have been prone to errors in the past ● Accounts that contain intercompany transactions When testing non-standard journal entries and other adjustments, you should look for documentary evidence indicating that they were properly supported and approved by management. Finally, remember that while most fraudulent entries are made at the end of a reporting period, you shouldn't ignore the rest of the year  Collemi Consulting leverages nearly three decades of experience to provide trusted technical accounting and auditing expertise when you need it the most. We regularly work with CPA firm leadership to help them reduce risk and maximize efficiencies. To schedule an appointment, contact us at (732) 792-6101.

It’s Time For Year-End Audits

December 20, 2024
Are you prepared?
A woman's hands holding a microphone

Shake It Off

December 9, 2024
Conquer your fear of public speaking and present like a pro
Man with hand by his ear straining to listen.

Hear, Hear!

December 4, 2024
Boost your business by becoming adept at active listening.
More Posts
Share by: