Get in line: CPAs face new set of CBA regs - Cover Story - California Board of Accountancy regulations for certified public accountants

California CPA, July, 2003 by Jerry Ascierto

CPA's Across a Wide Spectrum of Practice Areas Are Facing a New Spate of Regulations from the California Board of Accountancy

What Do They Mean for You?

As the Sarbanes-Oxley Act flexes its muscles nationally, California CPAs also are weathering their own regulatory climate. The California Board of Accountancy is proposing new regulations that will effect CPAs across a spectrum of practice areas. For some, the regulations may spell changes, such as to a firm's standard engagement letter or documentation practices. For others, it may mean exiting a market segment.

CHANGE IS A WAY OF LIFE

Nearly every aspect of a CPA's practice has changed, is changing or is being reviewed for possible change, both nationally and at the state level, says Bruce Allen, CalCPAs director of government relations.

"California's Board of Accountancy was already one of the strongest consumer-focused boards in the nation," Allen says. "With the proposed regulations and recently passed statutes, it has a whole new set of requirements and tools at its discretion--and more are planned."

Regulations concerning audit documentation, financial statement restatement reporting and non-CPA ownership recently passed by the CBA will take effect once approved by the Office of Administrative Law. The regulations clarify laws that have been in effect since Jan. 1, 2003.

Though the effect of these regulations on the profession remains to be seen, one thing is certain: These laws are on the books and cannot be ignored.

"To some degree, what's being asked of the profession, maybe we should've come up with by ourselves a while ago," says John Dodsworth, president, director and co-founder of CAMICO. "The public, the juries, they're the people who really make the rules."

And those rules "will be called a verdict," says Ron Klein, JD, CFE and vice president of claims at CAMICO. "Some of these issues have been practice management issues that have been left up to the individual firms. But that freedom is now going away."

HARSHER THAN SOX?

While Sarbanes-Qxley has received much attention, some believe that the CBA's new regs may--in some instances--be tougher than SOX.

"My sense is that what appears to be California's approach is probably going to be modestly harsher than the federal approach," Dodsworth says.

Dodsworth should know a thing or two about avoiding risk. Manning the helm at CAMICO, the second-largest provider of professional liability insurance and risk management services in the country for accountants, he's advised scores of CPA firms on issues of compliance.

Two areas strike Dodsworth as particularly significant: changes to the disciplinary process, or what is now a "reportable event," and regulations dealing with audit documentation and retention.

AUDIT DOCUMENTATION

Under the Business and Professions Code Sec. 5097, auditors must comply with an audit documentation standard that, if not met, creates a rebuttable presumption that the work wasn't done. The burden of proof then falls on the auditor. This documentation must be retained for seven years from the report date.

"The profession hasn't had any kind of common guidance on record retention and one could argue that should've been out there already," says Dodsworth. "We've told firms for years you've got to do a better job on documentation because that's what the public expects. The law didn't require it, but public expectation did."

Specifically, the rebuttable presumption is one area, "where California went further (than SOX)," Dodsworth says.

Regardless of whether you're a global firm or a sole practitioner, the newly passed Regulation 68.5 states you must have a written audit documentation and destruction policy.

"It's going to have to be a pretty comprehensive document to cover things like electronic records, e-mails, faxes, all forms of communication," says Dodsworth.

The policy must include procedures to have back-up copies of electronic audit documentation; maintain documentation; approve changes to the documentation; and approve the destruction of documentation when it's no longer required.

Firms may not want to relegate this practice to audit work only, Dodsworth says. "While these rules apply to audits, it won't take long before somebody says, 'Why shouldn't the same standard apply to other kinds of documentation?"'

This is no small task, especially for small firms, many of which usually don't have written procedures, says CPA Linda McCrone, CalCPA's director of technical services.

"There are some very specific things in here that auditors need to know," McCrone says.

The types of documentation that must be kept include programs, analyses, memoranda, letters of confirmation and representation, copies or abstracts of company documents and schedules or commentaries prepared or obtained by the licensee.

According to the legislation, an experienced reviewer with no prior knowledge of the engagement should be able to understand the nature, timing, extent and results of the audit, as well as who performed and reviewed the work.