Getting a financial statement audit sounds at most terrifying and at least intimidating. Coming from this side of the table (the people who do the auditing), we promise it doesn’t have to be either. It might not be the highlight of your year, but if it’s on your list of to-dos, then we’ve listed out everything you need to know about audits. Do I need one? What’s the point? Where do I even begin?
If you’ve ever found yourself asking these questions, then grab a cup of coffee and settle in for all the facts. Remember, we’re here to make your job easier.
Am I required to have an audit?
The California Nonprofit Integrity Act of 2004 (hereinafter referred to as the “Act”), was passed to ensure that charitable organizations based in California are operating with the highest levels of integrity so people can feel confident that their charitable donations are doing as much good as they can. One way in which the Act accomplishes this is by requiring a financial statement audit be obtained by “large” charitable organizations operating in California.
The Act defines a “large” charitable organization as any:
- charitable corporation,
- unincorporated association, or
- charitable trust
for any year in which the organization accrues $2 million or more in gross receipts. Educational institutions, hospitals, cemeteries, and religious organizations are exempt from this audit requirement.
Gross receipts include:
- all cash donations/grants, including one-time donations,
- non-cash contributions,
- realized gains or losses on the sale of investments (other than operational assets), and
- special events revenue (less the direct costs of conducting the special event).
It is important to note that unrealized gains and losses are NOT included in the Act’s gross receipts calculation. The Act specifically sets forth that the source of calculating an organization’s gross receipts will be Line 12 of the organization’s Form 990 or Part I, Line 12, column (a) of their Form 990-PF.
So, if you are a charitable entity in California with gross revenues of $2 million or more, you must have audited financial statements prepared by an independent Certified Public Accountant (CPA) in accordance with Generally Accepted Accounting Principles (GAAP).
Additionally, the Act requires that you make these audited financial statements available to both the California Attorney General and the general public within nine months after the close of the fiscal year covered by the financial statements and remain available for three years. This can be accomplished by providing them upon request at the organization’s principal place of business, by mail, or by posting them on the organization’s website.
Outside of California, about half of all states have enacted similar laws. Unfortunately, each state has its own threshold for requiring an audit. For example, in New York, charities with revenue between $250,000 and $1 million must receive a financial statement review (basically a scaled down audit) and must receive an audit if their revenue exceeds $1 million. If you are a public charity that receives donations from donors located outside of your “home states,” you should consult your accountant sooner rather than later to determine if you have registration and audit (or review) requirement that are triggered by those donations.
Finally, many larger grantors look favorably on audited financial statements when choosing whom to award their grants. So, some organizations with revenue below these statutory amounts may still choose to obtain a financial statement audit voluntarily or be required to do so in compliance with loan covenants from their bank.
What does an audit entail?
Most people hear the word “audit” and instantly feel the hairs on the back of their neck stand at attention, but that is because they do not truly know what a financial statement audit is all about. Unlike an IRS audit, a financial statement audit should not be antagonistic. An audit of financial statements is just the certification of an organization’s accounting books and records by a Certified Public Accountant (CPA). An auditor’s task is to express an opinion as to whether the financial statements give a fair presentation of the financial position of the organization in conformity with GAAP in the United States.
A financial statement audit is typically conducted in two phases. First, an organization’s internal controls will be tested. The results of those tests will determine the amount of test work that will need to be completed to verify the financial balances are accurate. This is considered ‘risk-based auditing.’ The lesson here is that having a strong set of internal controls reduces the risk that fraudulent or inaccurate transactions may occur, and the auditor can place some reliance on those controls and reduce the amount of financial testing that must be conducted. Less required testing means less time spent by the auditors, which ultimately means a more cost-effective audit.
The second phase of the audit process involves testing the financial balances presented. Auditors will review supporting documentation, perform analytical procedures, and confirm specific balances to gain assurance that the amounts being reported are appropriate. If discrepancies are identified, the auditors will discuss these with the organization’s accounting team and potentially propose adjusting journal entries to correct any variances.
A common misconception about a financial statement audit is that auditors are looking to find fraudulent activity or expose inappropriate accounting transactions. That simply is not the case. While the work of the auditors may result in the discovery of errors or misstatements, that is more a byproduct of the verification process that is required for the auditor to adequately form an opinion as to the reliability of the financial statements than it is a determined effort to find fault with the organization’s accounting team.
How do I prepare for an audit?
Regardless of your organization’s reason for having a financial statement audit, the process can be greatly improved and simplified if it is well thought out and planned in advance. To have a smooth and successful audit we recommend the following approach for getting ready:
Prepare all year
The audit is mostly about documentation, so ensuring that you retain well-organized and adequate records throughout the year will make a huge difference in the timing (and therefore cost) or your audit. Another common misconception is that the purpose of an audit is to “clean up” the books, however that task needs to be completed BEFORE the audit so that the auditors can effectively test ending balances and form an opinion.
Keep in mind the following items:
- Ensure that your internal controls are not only documented but are being followed on a consistent basis throughout the year (not just when the auditor arrives).
- Maintain contemporaneous documentation for all accounting transactions. We recommend electronic copies whenever possible.
- Prepare all “closing” journal entries (reclassification of net assets, depreciation, recording multi-year pledges, etc.) BEFORE sending your trial balance to your auditor. Reach out to your external bookkeeper or CPA as needed.
Form Your Audit Committee
A key feature of an audit is the establishment of an Audit Committee, which is specifically called for in the Act. In California, the Audit Committee for a charitable entity must be appointed by the governing board and may include persons who are not members of the governing board. Members of the Finance Committee may be members of the Audit Committee, but the Chair of the Audit Committee may not be a member of the Finance Committee. Staff members of the organization, including top management or any person having a material financial interest in doing business with the organization, are restricted from being members of the Audit Committee. Compensation, if any, of Audit Committee members must not exceed what Board members receive for service on the Board.
The Audit Committee is responsible for engaging the independent CPA, reviewing the audited financial statements, and approving non-audit services performed by the CPA to ensure proper regulations are followed. As a best practice, an additional function of an Audit Committee would include oversight of internal controls.
Approximately 2-3 months before your fiscal year end, have a conversation between the management team, accounting department, and the Audit Committee Chair about whom within the organization will support the audit process and timing of the audit based on deadlines or other timing requirements. It is usually not ideal to schedule an audit too close to year-end or a big event.
Following that meeting, contact your auditor to request an engagement letter and schedule fieldwork. Make sure to communicate to your auditor any changes that occurred within the organization during the year that had a financial impact or may affect the audit process. Be prepared to talk with the auditor about risks associated with the exempt organization and what mitigating controls have been implemented to reduce the risk of fraud or misreporting.
Once the engagement letter has been signed and returned to your auditor, request an audit request list (preferably in an editable format like Excel or Word). Once the request list is received, identify who within the organization (staff and Board/Committee members) will be responsible for what items on the list and when they need to be completed by.
Once the fiscal year has ended, begin the close process. In addition to the normal bank and credit card reconciliations that are completed during a normal month-end close, you will want to reconcile and/or prepare schedules for all the accounts listed on the Statement of Financial Position (Balance Sheet) and certain accounts on the Statement of Activities (Income Statement). This is where using the auditor’s request list in conjunction with year-end close is helpful because it will tell you what schedules need to be prepared for what accounts and give you a jump start on completing the request list. This is also a good time to gather the other items on the request list that were assigned to other members in the organization.
Approximately 2-3 weeks before the start of fieldwork (timing may vary based on the auditor), send the auditor the items on a request list and ask the auditor to return their preliminary testing selections to you 1-2 weeks before the start of fieldwork.
Once the preliminary testing selections have been received, begin pulling all the items requested so that everything has been gathered before the auditors arrive on the first day of fieldwork. Sometimes it is helpful to number each testing selection and cross-reference that number to the supporting documents that are pulled as it will help the organization ensure all testing selections have been addressed and the auditor can move quickly through the testing selections with minimal questions.
Successful planning and preparation for the audit will ensure that once fieldwork begins, the process will progress quickly, and the organization will arrive at the end of the audit with financial statements issued on time and limited disruptions to the work of the organization.
Your part is mostly done. Assuming the auditors received all the documentation and testing selections requested, they will proceed with the analyses and documentation of the audit procedures to ensure the completeness and reliability of balances presented on the financial statements. They may have additional questions as they proceed and the speed with which you are able to furnish answers will directly impact the final timing of the audit.
Once their analysis is complete, they will provide a draft of the financial statements along with detailed footnotes to management and the audit committee for review, comment, and modification as necessary. They may provide journal entries that are necessary to adjust your internal books to accurately reflect the balances on the financial statements. When all the parties are satisfied with the financial statements, management will be asked to provide a Management Representation Letter, which certifies that management is taking responsibility for the numbers presented, the organization’s internal controls, assumptions used, and certifying that they have provided information regarding all material events that could have an impact on the financial position of the organization.
Upon receipt of the Management Representation letter, the auditor will issue the final financial statements with signed audit report attached, stating the auditor’s opinion on the financial statements. If the auditors have any significant concerns regarding your accounting procedures or internal controls, they may also issue a Deficiency Letter to the audit committee, detailing the areas of concern and making recommendations for remedying them.
That wasn’t so bad, was it?
And that’s it. While it may not have been the most fun you have ever had, the financial statement audit has several benefits for a nonprofit organization. Everyone can use a second set of eyes to help ensure that nothing material slips through the cracks. You now have a document certified by and independent third party that you can share with donors and grantors as a marketing tool and have a relationship with an accounting professional who will be able to answer questions and provide valuable insight throughout the year.
If you have any questions about exempt organization accounting and attestation, don’t hesitate to contact us!
Was this article helpful? You might also enjoy What to Expect for Nonprofit Compliance in 2022