CPA Australia’s Quality Review Program has identified the most common ways members breached professional standards or legislative or regulatory requirements.
1. APES 315 Compilation of Financial Information
- Not having all the required elements in a compilation report such as date, name, title, complete address (either a PO Box or Street address with applicable state), the specific purpose for which the special purpose financial statements have been prepared, as required by paragraph 10.10.
- Not having a reference such as "Unaudited", "Compiled without audit or review", or "Refer to Compilation Report" on every page of the compiled financial information as required by paragraph 10.11.
- No evidence of obtaining acknowledgement from the client of their responsibility for the reliability, accuracy and completeness of the accounting records and disclosure to the member of all material and relevant information as required by paragraph 9.1.
- Not having included in the compilation report that the member has performed the engagement in compliance with the relevant ethical requirements (being APES 110), as required by paragraph 10.10(c).
- No evidence that the member has documented their rationale when they decided not to issue a compilation report, as required by paragraph 10.4.
- No evidence that the member has planned the engagement, as required by paragraph 4.1.
- No evidence that the member has documented and communicated the terms of engagement, as required by paragraph 6.1.
2. APES 305 Terms of Engagement
- No evidence of having documented and communicated terms of engagement when performing professional services and not having documented the terms of the engagement in the engagement document as required by paragraphs 3.1 and 3.4.
- No evidence of having an engagement document in place for long-standing clients. Members should have an engagement document in place for all clients regardless of how long they have been a client for or what type of client they are. The engagement document can be in the form of a letter (e.g. for business clients) or in the form of a brochure (e.g. for individual tax returns).
- No evidence of revised engagement documentation being issued to a client where the terms and scope of the engagement have changed. For recurring engagements, members need to assess whether the existing engagement document covers the scope of the engagement or if there is a need to reissue a new engagement document.
- No evidence of having outlined the terms and scope of an engagement being performed. In particular members are found to have breached this due to outlining what services they are providing with respect to Corporate Secretarial services. Many of our members only include one line item to say "Corporate Secretarial services as required" or completely miss including it all together. The engagement document can be a useful tool to allow the member to provide to their clients, in conjunction with the terms and scope of the Corporate Secretarial services, what the responsibilities are of the client (e.g., if the client is maintaining the minutes books then state that in the engagement letter) and what the member is not offering to perform.
- No evidence of having advised their clients that the member's liability may be limited by being a participant under the Professional Standards Legislation as required by paragraph 6.2.
3. APES 220 Taxation Services
- No evidence of having maintained open, frank and effective communications with a client advising them of their rights, obligations and options available under taxation law as well as advising them of their rights and obligations under taxation law with respect to seeking a private ruling and lodging objections and appeals against adverse positions adopted by revenue authorities as required by paragraph 3.14(a).
- No evidence of having maintained open, frank and effective communications with a client advising on the application of the Taxation Law, including any possible penalties and other legal tax consequence, so as to allow the client or employer to make an informed decision of the course of action to be taken as required by paragraph 3.14(b).
- No evidence of having provided their client with a statement in writing that the responsibility for the accuracy and completeness of the particulars and information provided by the client rests with the client as required by paragraph 3.15(a).
- No evidence of having provided their client with a statement in writing that any advice given to the client is only an opinion based on the member’s knowledge of the client’s particular circumstances as required by paragraph 3.15(b).
- Not having provided their client with a statement in writing that a taxpayer has obligations under self-assessment to keep full and proper records in order to facilitate the preparation of accurate returns as required by paragraph 3.15(c).
- No evidence that the member has documented and communicated the terms of engagement, as required by paragraph 8.1.
4. CPA Australia's Professional Standards Scheme
- Not having included the Limited Liability Disclosure Statement on all business stationery including the member's website and email.
- A member incorrectly determining they were eligible to participate in CPA Australia's Professional Standard Scheme, in which member is an AR of a full AFSL or is associated with someone that offers financial advisory services, which has resulted in the Limited Liability Disclosure Statement being included incorrectly on some/all business stationery.
5. APES 325 Risk Management for Firms
- Not having a documented Risk Management Framework applicable to the firm which includes policies and procedures for associated risk.
- No evidence of having a monitoring and review process in place for their risk management framework.
- No evidence of having identified, assessed and managed key organisational risks.
- Members are often breached for not having documented risk management policies and procedures or having just downloaded the CPA guidance material and saying that this is their risk management framework. Members need to develop something that is appropriate to their practice reflecting the services being offered. The manual should have policies (the what) and procedures (the how) for the risks the member has identified. No two firms will have the same risk management framework as it is dependent on many factors such as the type of practice, services offered, client base, location, technology systems, security systems, whether there is staff. It also depends on a member's risk appetite, that is, what risks the member is willing to accept as part of operations and what risks they will seek to avoid. This will determine a member's focus and therefore build their risk management framework.
- No succession plan.
6. CPA Australia Branding Requirements
- The CPA Australia logo the member is using on their stationery is the corporate logo and not the Public Practice logo.
- The member’s logo is still referring to the Australian Society of CPAs.
- The member has separated the logo so that there is a gap between the CPA name and the coat of arms.
- The member has not included with the logo the approved clause which states that the firm is a CPA Practice.
- The member has used incorrect colours for the logo on their stationery.
7. APES 110 Code of Ethics for Professional Accountants
- Not being independent when performing an audit and/or review engagement as required by paragraph 290.
- Members are found to have breached this standard when preparing the financials for a client and then auditing those financials, most commonly with respect to self-managed superannuation funds. For a sole practitioner even when they have separate staff preparing the accounting files and the audit files there are no safeguards to eliminate the self-review threat. Independence is compromised as the sole practitioner is ultimately responsible for both engagements. The Independence Guide, as released by the Joint Accounting Bodies, provides further guidance in this area.
- Not having performed an engagement with professional competence and due care, as required by paragraph 130. This is often breached in conjunction with the Corporate Secretarial services where the member’s actions have caused their client not to be compliant with a section within the Corporations Act. A common reason for this is where a member has agreed to maintain the minutes book and has not updated this within the required timeframe.
8. APES 320 Quality Control for Firms
- Not having established and maintained a documented system of quality control as required by paragraph 3.
- Not having a system of quality control which addresses all of the six mandatory elements as required by paragraph 10.
- Not having appropriate documentation to provide evidence of operation of each element of its system of quality control as required by paragraph 124.
- No evidence that the member has monitored their quality control policies and procedures to ensure that they are updated and maintained, as required by paragraph 10 and paragraph 106.
- Members are often breached for not having documented quality control policies and procedures or having just downloaded the CPA quality control manual and then called it their own. Members need to develop something that is appropriate to their practice reflecting the engagement work that is performed. The manual should have policies (the what) and procedures (the how). Checklists provide evidence of operation but are only a part of a procedure and policy.
9. APES 310 Dealing with Client Monies
- Failing to have a trust account audited within three months of the applicable year end date as required by paragraph 8.1.
- Failing to have client monies transactions audited within the required timeframe as required by paragraph 8.1. This is applicable to members who deal in client monies (such as a bookkeeper transacting directly from clients' bank accounts to make payments). Members are failing to realise the applicability of this standard to transactions which are considered to be Dealing with Client Monies.
10. CPA Australia CPD Requirements
- Failing to undertake at least 120 hours of CPD of which at least 20 hours must be undertaken in each year of the triennium as required by paragraph 4.1.
- Failing to keep CPD records as required by paragraph 4.2:
(a) maintain a record of the precise nature of CPD including date, time expended and topics covered.
(b) retain such record for at least 12 months after the end of the relevant triennium.
(c) produce such record to an officer of CPA Australia for inspection upon request.
- Failing to meet requirements of applicable regulatory standards to ensure they are acting with sufficient professional competence as required by paragraph 4.5.
- Members who are undertaking SMSF audits and / or Limited Assurance Engagement failed to meet the minimum approved competency standards established jointly by CPA Australia, CAANZ and IPA as required by paragraph 4.6.