COVID-19 update: A message from our partnersRead more
You’re required to have an audit of your financial statements, and you have a contract or grant agreement that requires a compliance audit. What is the difference between these audits, and can they be done together?
It depends on who is requiring the audit. For example, you may have a loan with a bank that requires an annual financial statement audit, and you may have a contract with a customer that requires a compliance audit related to a particular requirement of their agreement with you. In this case, there would be two separate audits, although compliance with the particular contract may also be a part of your financial statement audit, depending on materiality or other risk factors.It depends on who is requiring the audits.
If you receive government funding, your audit will typically include procedures to audit the financial statements as well as tests of compliance with laws, regulations and specific grant or contract terms. In this case, the audit would include both the report on the financial statements and reports on compliance and internal controls under government auditing standards and the requirements of the Office of Management and Budget under OMB Circular A-133.
Any compliance exceptions – as well as any significant deficiencies or material weaknesses in internal controls – would be disclosed, along with the organization’s corrective action plan.
Audits of financial statements are focused on whether the financial statements are presented in accordance with U.S. generally accepted accounting principles (GAAP) or another basis of accounting. Compliance audits are focused on whether you followed the terms of the agreement, which is most often a “yes” or a “no” regarding a particular compliance requirement.
In a compliance audit, the auditor is required to disclose noncompliance with the applicable requirements, except when the noncompliance is inconsequential.
Financial statement audits for private companies and nonprofit organizations in the United States are conducted by certified public accountants in accordance with U.S. generally accepted auditing standards. Most of these audits are of financial statements prepared in accordance with U.S. GAAP, although financial statements prepared in accordance with other comprehensive bases of accounting, such as the income tax basis or the cash basis, may also be audited.
The focus of an audit of financial statements is on the amounts presented and the accompanying disclosures. The auditor forms an opinion about whether the financial statements “present fairly in all material respects” the financial position, results of operations and cash flows in accordance with U.S. GAAP or other applicable basis of accounting.
In laymen’s terms, a financial statement audit provides a level of assurance that the financial statements can be used by lenders, investors and other users to make decisions about the financial health of the entity from a historical perspective. While a financial statement audit takes into consideration internal controls as they pertain to the preparation and fair presentation of the financial statements, the auditor does not provide an opinion on the effectiveness of the internal controls.
Financial statement audits are dependent upon good accounting systems and supporting documentation that is readily accessible. Compliance audits are dependent upon a clear understanding of the internal controls over compliance, and of the terms of applicable agreements and contracts, to identify compliance requirements that must be met by the organization and tested by the auditor.
In most cases, either the agreement itself, or laws and regulations incorporated by reference, delineate the compliance requirements. Compliance requirements can be either financial or nonfinancial.
An example of a financial compliance requirement is raising matching funds for a grant agreement. An example of a nonfinancial requirement is meeting an eligibility requirement based on age.
It is important that organizations identify compliance requirements when agreements are signed. Incidents of noncompliance can result in reduced funding and potential termination of the contract.
When new funding or revenue generating opportunities arise that include compliance requirements, ensure that the cost of compliance does not exceed the revenue to be earned from the contract or grant agreement.
Audits of financial statements and compliance intersect when a compliance exception has a direct and material effect on financial statement amounts. For example, questioned costs identified as a result of compliance testing can result in an adjustment to contract or grant revenues earned. – Janet Holland, CPA, with DZH Phillips LLP, a CPAmerica International member firm