What Services are Auditors Not Allowed to Provide to Nonprofit Organizations?

What Services are Auditors Not Allowed to Provide to Nonprofit Organizations?

Generally audit services provided must be performed by CPAs who are deemed independent. Generally, CPAs are not independent if they are in a position to influence, make management decisions, provide accounting services or have financial interests in a nonprofit organization. Auditor independence requirements are determined by the American Institute of Certified Public Accountants, state boards of accountancy, state CPA societies, the Government Accountability Office (GAO) where a law, regulation, agreement, policy or contract requires the CPA’s report to be filed under Government Auditing Standards and any other organization that issues or enforces standards of independence that would apply to the engagement.

The GAO has established independence requirements under Government Auditing Standards, otherwise known as the Yellow Book. The Yellow Book was most recently revised by the GAO in December 2011. The Yellow Book covers federal entities and those organizations receiving federal funds. The Yellow Book contains a conceptual framework for independence to assist auditors in determining whether they are independent with regard to activities that are not expressly prohibited. The conceptual framework should be considered by audit committees when they are evaluating whether the external and internal auditors can provide certain services.

The following services involving the preparation of accounting records always impair auditor independence per the Yellow Book:1

  • Determining or changing journal entries, account codes or classifications for transactions for an organization without obtaining management’s approval
  • Authorizing or approving the organization’s transactions
  • Preparing or making changes to source documents without management’s approval

Other nonaudit services that always impair external and internal auditors’ independence with respect to the audited organization include:

  • Accepting responsibility to authorize payment of entity funds that are non-tax related disbursements, electronically or otherwise, signing or co-signing checks and maintaining an organization’s bank accounts, and approving vendor invoices for payment
  • Performing benefit plan administration that includes making policy decisions, dealing with plan participants, making disbursements on behalf of the plan, having custody of plan assets and serving as a plan fiduciary
  • Performing investment advisory or management functions that include investment decisions or having discretionary authority over investments, executing buy or sell transactions and having custody of investments
  • Providing corporate finance services that include committing an organization to a contract, acting as a promoter, underwriter, broker-dealer or guarantor of an audited entity’s securities, and maintaining custody of an organization’s securities
  • Providing executive or employee personnel services including committing to compensation or benefit arrangements and hiring or terminating employees
  • Performing business risk consulting including making or approving business risk decisions and presenting business risk considerations to those charged with governance

With these rules in mind, audit committees are well-served by establishing formal yet flexible pre-approval policies with regard to audit and non-audit services that are reflective of the nature of the organization’s operations and business needs.

The Report of the NACD Blue Ribbon Commission on The Audit Committee contains a sample of audit committee pre-approval policies that may be helpful.2 In addition, the AICPA Audit Committee Toolkit Not-for-Profit Organizations 2nd Edition contains useful tools in the chapter entitled “Independence and Related Topics: Conflict of Interest, Related Parties, Inurement, and Other Issues.”

UP NEXT: What are the Required and Other Desirable Communications That Audit Committees Should Have with the Auditors?

GO BACK: Effective Audit Committee Guide

(1) Refer to the U.S. Government Accountability Office (GAO) Government Auditing Standards (GAS) (the Yellow Book), December 2011 Revision. The 2011 revision of GAS will be effective for financial audits and attestation engagements for periods ending on or after December 15, 2012 and for performance audits beginning on or after December 15, 2011. Earlier implementation is not permitted. See http://www.gao.gov/yellowbook

(2) The “Report of the NACD Blue Ribbon Commission on The Audit Committee” is referred to throughout this publication and may be purchased on the NACD’s website at: http://www.nacdonline.org.