Ethic Case
Copyright © 2011 by
American Institute of Certified Public Accountants, Inc.
New York, NY 10036-8775
All rights reserved. For information about the procedure for requesting permission to make copies of any part of this
work, please e-mail [email protected] with your request. Otherwise, requests should be written and mailed to the
Permissions Department, AICPA, 220 Leigh Farm Road, Durham, NC 27707-8110.
Ethics Interpretation No. 101-3, Performance of Nonattest Services
Proposed Revisions Clarify Independence Requirements
On February 28, 2011, the AICPA Professional Ethics Executive Committee (PEEC) issued an
omnibus exposure draft containing proposed revisions to Interpretation No. 101-3, “Performance
of nonattest services,” under Rule 101, Independence (AICPA, Professional Standards, ET sec.
101 par. .05). The PEEC believes these revisions will add clarity to the nonattest services
guidance and enhance practitioners’ understanding of the interpretation’s requirements. An
overview of the proposed revisions follows.
Establishing or maintaining internal control
One of the proposed revisions relates to a general activity that would impair a member’s
independence: establishing or maintaining internal controls, including performing ongoing
monitoring activities for a client. The PEEC recognized that an inconsistency existed within the
current interpretation in that certain bookkeeping and other nonattest services permitted under
the interpretation could be viewed as maintaining internal controls for the client and, as such,
may appear to be prohibited by the general activity. For example, under the proposed revisions to
the interpretation, a practitioner could prepare monthly bank reconciliations for an audit client
without impairing independence provided the general requirements of the interpretation are met,
such as ensuring that the client reviews and approves the bank reconciliations and sufficiently
understands the services performed to oversee them. However, preparing bank reconciliations for
a client is also considered to be maintaining an internal control for the client. Because it was
never the PEEC’s intent to have the permitted activities listed in the interpretation be considered
as impairing independence, the committee agreed to revise the general activity to state accepting
responsibility for designing, implementing or maintaining internal control. The PEEC believes
the phrase “designing and implementing” is not only clearer than “establishing,” but is more
reflective of the language used in the professional standards (for example, auditing standards)
and the Code of Ethics for Professional Accountants issued by the International Ethics Standards
Boards for Accountants (IESBA Code). The addition of the phrase “accepting responsibility for”
is intended to clarify that practitioners are able to assist their clients by performing services to
design, implement, or maintain certain aspects of internal control when management accepts
responsibility for such services and the other general requirements of the interpretation are met.
Even if client management accepts responsibility for internal control related services,
threats to independence (for example, self-review and management participation threats) may
still exist. The general requirements of the interpretation serve as safeguards to mitigate these
threats to an acceptable level and, therefore, are necessary in order to maintain independence.
American Institute of CPAs Page 2
Specifically, in addition to accepting responsibility for the services, management must make all
significant judgments and decisions in connection with the engagement and must also designate
an individual who has the skill, knowledge, and or experience to oversee the services and
evaluate the adequacy and results of the services performed. While the general requirements are
generally sufficient to safeguard independence, there could be situations in which the practitioner
may cross the line and impair independence due to the scope and extent of internal control
services performed. For example, as discussed in the proposed revisions to the interpretation, the
management participation threat created when a practitioner performs ongoing monitoring
procedures is so significant that no safeguards could reduce the threat to an acceptable level. In
addition, management is responsible for designing and maintaining the company’s internal
control process and, therefore, should not rely on the practitioner’s work as the primary basis for
its assertion regarding the effectiveness of its internal control over financial reporting.
Accordingly, in cases in which the practitioner’s involvement in the client’s internal control
process is so extensive that it results in management relying on the practitioner’s work as the
primary basis for its assertion, no safeguards could reduce the threats to independence to an
acceptable level, and independence would be impaired. Practitioners should use judgment in
determining whether services performed would constitute ongoing monitoring activities or
whether management appears to be relying on its work as the basis for its assertion on internal
control effectiveness.
Defining management responsibilities
In addition to the proposed revision to the general activity, the PEEC is proposing several other
clarifications to enhance the guidance in the interpretation. For example, the PEEC believes the
term management responsibilities is clearer than management functions and, therefore, proposes
certain revisions to reflect this change. The revised interpretation also incorporates a description
of the term management responsibilities as well as additional examples of management
responsibilities. The examples previously referred to as general activities have also been merged
into the examples of management responsibilities because the reason they impair independence
is because they are deemed to be responsibilities of management. The proposed language is
consistent with the IESBA Code, and, therefore, it aligns the AICPA Code closer with
international standards. The PEEC does not consider these revisions to be more restrictive than
the existing independence requirements of Interpretation No. 101-3, and, therefore, such changes
are not expected to change current practice.
Performing ongoing monitoring versus separate evaluations
One proposed revision to the interpretation may be viewed as more restrictive. Specifically, the
PEEC is proposing to include a requirement that members evaluate the significance of the
management participation threat created by performing separate evaluations on the client’s
internal control system. The PEEC believes that an inconsistency in the interpretation exists by
prohibiting a member from performing ongoing monitoring procedures for a client while
permitting separate evaluations because, depending on the scope or extent of the controls being
tested and frequency of the separate evaluations, the member may be performing services
equivalent to ongoing monitoring procedures. Accordingly, the PEEC is proposing that the
significance of the threat created by performing separate evaluations should be evaluated and
safeguards applied when necessary to eliminate the threat or reduce it to an acceptable level.
Incorporating nonauthoritative guidance
American Institute of CPAs Page 3
Other proposed revisions to the interpretation involve incorporating certain nonauthoritative
guidance contained in the Ethics Division’s answers to Frequently Asked Questions:
Performance of Nonattest Services. One such revision relates to clarifying the difference
between performing bookkeeping services and performing activities that are considered to be
part of the attest engagement. For example, proposing adjusting journal entries or making
suggestions about the form or content of the financial statements for a client (subject to
management’s review and approval) as part of an audit engagement would generally not be
considered a nonattest service subject to the requirements of Interpretation No. 101-3. However,
the practitioner is expected to use judgment in determining whether his or her involvement has
become so extensive that it would constitute performing a separate service which would be
subject to the interpretation’s general requirements. A client’s books and records should be
substantially complete and current in order to perform an audit or review of those books and
records. If practitioners find themselves performing a service to bring those books and records
current or complete, the service may be considered outside the scope of the normal audit or
review process and, therefore, a bookkeeping service subject to Interpretation No. 101-3.
To learn more about these and other proposed revisions to Interpretation No. 101-3, view
the exposure draft. Comments on revised Interpretation No. 101-3 and other proposals contained
in the exposure draft are due by May 31, 2011.