AUD: Review and Compilation Engagements

For CPA candidates and practicing accountants, mastering review and compilation engagements is essential not only for the AUD exam but also for serving clients who need financial statement services without a full audit. These non-audit engagements, governed by SSARS (Statements on Standards for Accounting and Review Services), offer flexible options for businesses requiring different levels of credibility in their financial reporting. Understanding when to use each service, what they entail, and how they differ from an audit is a core competency for any CPA providing attestation or accounting services.

The SSARS Framework for Non-Audit Engagements

The SSARS are issued by the AICPA and establish the standards for accounting and review services performed by CPAs. Unlike an audit, which provides the highest level of assurance, SSARS covers engagements that provide either limited or no assurance. A review engagement is designed to provide limited assurance that no material modifications are needed for the financial statements to be in accordance with the applicable financial reporting framework. In contrast, a compilation engagement involves presenting financial statements without providing any assurance on them. For you as a CPA, the choice between these engagements depends on the client’s needs, regulatory requirements, and the intended use of the financial statements. The SSARS guidelines precisely outline the procedures, reporting, and professional requirements for each type.

Review Engagements: Obtaining Limited Assurance

A review engagement primarily involves performing analytical procedures and making inquiries of management to obtain a basis for expressing limited assurance. Analytical procedures evaluate financial data by studying plausible relationships, such as comparing current year ratios to prior periods or industry benchmarks. Inquiries are directed towards management regarding the accounting principles applied, unusual transactions, and subsequent events. The objective is not to gather audit-level evidence through confirmation or inspection but to apply these procedures to identify items that might require material adjustment.

The end product is a review report, which states that the CPA is not aware of any material modifications that should be made for the statements to conform to the applicable framework. This is often called negative assurance. For example, a medium-sized private company might engage a CPA for a review to satisfy a bank’s requirements for a loan renewal, where a full audit is not mandated. On the CPA exam, you’ll need to recognize that the standard review report explicitly mentions the procedures performed and emphasizes the more limited scope compared to an audit.

Compilation Engagements: Presenting Information Without Assurance

A compilation engagement has a fundamentally different objective: to assist management in presenting financial information without expressing any assurance. The CPA’s role is to organize and format the client’s data into financial statements. Procedures are minimal and may include reading the statements to consider whether they appear appropriate in form and are free from obvious material errors. No analytical procedures or inquiries are required to provide no assurance.

The compilation report must accompany the financial statements and clearly state that the CPA has not audited or reviewed them and, therefore, does not express an opinion or any assurance. A common scenario is a small start-up needing compiled financials for internal use or to share with a potential investor who understands the limitations. Crucially, for compilations, the CPA does not need to be independent of the client, but if independence is impaired, that fact must be disclosed in the compilation report. This is a key distinction from reviews and audits, where independence is always required.

Key Differences from Audit Engagements

Understanding how reviews and compilations differ from an audit is critical for both practice and the exam. The differences span scope, procedures, and the level of assurance provided.

• Scope and Objective: An audit has the objective of obtaining reasonable assurance about whether the financial statements are free from material misstatement. A review aims for limited assurance, and a compilation has no assurance objective. The audit scope is therefore substantially broader.
• Procedures: Audit procedures are extensive and include risk assessment, test of controls, substantive testing, confirmation, observation, and inspection. Review procedures are primarily analytical procedures and inquiries. Compilation procedures are largely clerical, involving assembling data into a financial statement format.
• Report and Assurance: The standard audit report expresses an opinion (usually unqualified). The review report provides negative assurance. The compilation report explicitly disclaims any assurance. On the exam, a classic trap is confusing the wording of a review report with an audit opinion; remember that a review report never uses the phrase "in our opinion" regarding the fairness of presentation.

Common Pitfalls

1. Confusing Levels of Assurance: The most common error is mixing up the assurance levels: audit provides reasonable assurance, review provides limited assurance, and compilation provides no assurance. On the exam, questions often test your ability to match the engagement type with the correct assurance wording in a report.

• Correction: Drill the hierarchy: Audit (High/Reasonable) -> Review (Moderate/Limited) -> Compilation (None). Remember that "limited assurance" is synonymous with "negative assurance" in a review report.

1. Misapplying Procedure Requirements: Assuming that compilation engagements require analytical procedures or that review engagements include confirmation of accounts receivable.

• Correction: Compilations require no analytical procedures or inquiries. Reviews require analytical procedures and inquiries but do not include substantive audit evidence like confirmation or physical inspection. Keep the procedure sets distinct.

1. Overlooking Independence Rules: Believing that independence is required for all attestation-related services.

• Correction: Independence is absolutely required for audits and reviews. For compilations, it is not required, but any lack of independence must be disclosed in the report. This is a key differentiator tested frequently.

1. Incorrect Report Identification: Failing to recognize the standard wording for each type of report, especially under time pressure.

• Correction: Memorize key phrases. Audit report: "In our opinion..." Review report: "We are not aware of any material modifications..." Compilation report: "We have not audited or reviewed the financial statements..."

Summary

• Review engagements provide limited assurance through the performance of analytical procedures and inquiries, resulting in a report that offers negative assurance on the financial statements.
• Compilation engagements involve presenting financial information in statement format while providing no assurance; the report explicitly disclaims an opinion or any assurance.
• All such engagements are governed by SSARS, which sets forth specific requirements for procedures, documentation, and reporting that differ significantly from audit standards.
• Independence is a mandatory requirement for review engagements but not for compilations, though a lack of independence in a compilation must be disclosed.
• The core distinction from an audit lies in the scope of procedures and the level of assurance: audits (reasonable assurance) involve extensive evidence gathering, reviews (limited assurance) rely on analysis and inquiry, and compilations (no assurance) are primarily presentation services.
• For the CPA exam, focus on correctly associating each engagement type with its objective, required procedures, standard report language, and independence conditions to avoid common traps.