Obtaining engagement letters is not required by generally accepted auditing standards, but it’s good business practice and can reduce the vulnerability of practitioners to liability claims. The engagement letter clarifies responsibilities between the practitioner and client.
It includes the scope of the audit, a description of fees and other terms and conditions.
Scope of the Audit
The scope of the audit is a key consideration for an auditor. It involves determining the procedures to be performed and what evidence will be required. This is a critical part of the planning process and should be documented in the audit plan or audit strategy, which serves as a roadmap for the auditor’s work. Scope is also an important factor when establishing the level of assurance in an audit report. A limited-scope audit can provide only a limited degree of assurance, while a full-scope audit provides greater confidence in the financial statements.
The letter should also contain an agreement on commercial matters, including a fee structure and invoicing arrangements. This is particularly relevant where multiple parties are likely to rely on the audit report (for example, lenders and third-party users). It may also contain provisions for disputes resolution and indemnification arrangements. The letter should also clearly define the responsibilities of both parties.
The letter should be sent to all new clients soon after the auditor’s appointment and, if possible, before the first audit engagement assignment. It should also be sent to existing clients for whom no letter has previously been sent. The letter should be addressed to the individual retaining the firm or approving the engagement; generally, this is the Board, its Chairperson, or the Chief Executive Officer of the company.
Responsibilities of the Auditor
An engagement letter helps the auditor define the responsibilities of both parties and establishes a legal basis for the professional relationship. This helps avoid misunderstandings and minimizes the exposure of practitioners to legal liability claims. Some malpractice insurance carriers offer reduced premiums to firms that use engagement letters.
In the letter, the practitioner identifies the services to be rendered and specifies the scope of those services. In the case of a financial statement audit, this includes a description of the nature of the audit and the objective of the audit.
The letter also outlines the scope of a review or compilation engagement. The letter identifies the entity, its name and fiscal year end and references the specific financial statements to be audited, reviewed or compiled.
If the engagement involves a forensic audit, the letter should identify that service and include a brief description of the type of procedures to be performed. This may also include a reference to a requirement to gather sufficient, appropriate evidence.
The letter should also address a number of other matters, such as the client’s ability to provide access to necessary information and records and a limitation on the use of the report produced by the practitioner. It should also state that the practitioner is not responsible for discovering all fraud or errors and cannot guarantee the accuracy of the financial statements.
Auditor fee arrangements are a major issue in establishing an audit relationship. The engagement letter should detail how the auditor will calculate his fees and specify payment terms. It should also provide a breakdown of the services to be provided and the cost to perform them. In addition, the letter should explain that an audit cannot detect all instances of fraud or error and that the auditor will not provide absolute assurance about the accuracy of the client’s financial statements.
The Audit Engagement Letter should also include a clause stating that the auditor will protect confidential and proprietary information and comply with applicable data protection regulations. It should also set out the auditor’s obligations to inform the client about his role in the audit and any possible conflicts of interest.
For recurring service engagements, the letter should state that either party may terminate the relationship at any time with written notice. It should also include a provision specifying that the audit work is done for the benefit of the client and that no third parties may rely on the results or findings of the work without the express consent of the client.
Auditors should consider instituting procedures for obtaining an engagement letter for every new client and, at a minimum, before the commencement of the first audit assignment. This will help avoid misunderstandings and clarify the terms of the relationship.
An engagement letter should specify when the professional relationship ends. It is not enough to simply notify the client that the audit is over. The engagement should state whether the termination of the relationship is effective on a specific date or until some other event occurs. The engagement letter should also indicate whether the practitioner will continue to provide other services that are not related to the audit. This can be important for firms that offer other services such as reviews and compilations, since they could be vulnerable to malpractice claims if a claim is made several years after the completion of the work.
If the firm will continue to provide other services, it is advisable to include an estimate of these costs in the engagement letter. This will help avoid misunderstandings between the practitioners and their clients as to the amount that they will need to pay for these other services. The engagement letter should also clearly state what the limitations will be for those other services.
For example, the engagement letter should clearly state that the engagement will be terminated if the auditor believes that the company’s books render them unable to express an opinion on its financial statements. There may be other limitations that should be clearly stated as well. These may be a requirement that the client not hire anyone on the current audit team, or a requirement that the auditor not accept another position with the same client.