9230).
1. An auditor's written communication to client when wishing to or required to provide access
2. An auditor's letter to a regulator
3. A written communication to the client when regulator may request access to audit documentation when not required by law or regulation
Illustration 4, which lists audit documentation requirements in other sections, is adapted from the application guidance in AU-C 230.
Illustration 1. Auditor's Written Communication to Client When the Auditor May Wish and in Some Cases May Be Required to Provide Access (Adapted from AU-C Interpretation AU-C 9230.1 and Footnote 4)
The audit documentation for this engagement is the property of Guy & Co. and constitutes confidential information. However, we may be requested to make certain audit documentation available to [name of regulator] pursuant to authority given to it by law or regulation. If requested, access to such audit documentation will be provided under the supervision of [name of auditor]. Furthermore, upon request, we may provide copies of selected audit documentation to [name of regulator]. The [name of regulator] may intend or may decide to distribute the copies of information contained therein to others, including other governmental agencies.
You have authorized Guy & Co. to allow [name of regulator] access to the audit documentation in the manner discussed above. Please confirm your agreement to the above by signing below and returning it [name of auditor, address].
Firm signature
_______________
Agreed and acknowledged:
_______________
[Name and title]
_______________
[Date]
Illustration 2. Auditor's Letter to Regulator (from AU-C Interpretation of AU-C 230.06)
[Date]
[Name and address of regulatory agency]
Your representatives have requested access to our audit documentation in connection with our audit of December 31, 20X1 financial statements of Widget Company. It is our understanding that the purpose of your request is [state purpose: for example, “to facilitate your regulatory examination”].
Our audit of Widget Company December 31, 20X1 financial statements was conducted in accordance with auditing standards generally accepted in the United States of America, the objective of which is to form an opinion as to whether the financial statements, which are the responsibility and representations of management, present fairly, in all material respects, the financial position, results of operations, and cash flows in conformity with generally accepted accounting principles. Under generally accepted auditing standards, we have the responsibility, within the inherent limitations of the auditing process, to design our audit to provide reasonable assurance that errors and fraud that have a material effect on the financial statements will be detected, and to exercise due care in the conduct of our audit. The concept of selective testing of the data being audited, which involves judgment both as to the number of transactions to be audited and as to the areas to be tested, has been generally accepted as a valid and sufficient basis for any auditor to express an opinion on financial statements. Thus, our audit, based on the concept of selective testing, is subject to the inherent risk that material errors or fraud, if they exist, would not be detected. In addition, an audit does not address the possibility that material errors or fraud may occur in the future. Also, our use of professional judgment and the assessment of materiality for the purpose of our audit means that matters may have existed that would have been assessed differently by you.
The audit documentation was prepared for the purpose of providing principal support for our report on Widget Company December 31, 20X1 financial statements and to aid in the conduct and supervision of our audit. The audit documentation is the principal record of the auditing procedures performed, the evidence obtained, and the conclusions reached in the engagement. The auditing procedures that we performed were limited to those we considered necessary under generally accepted auditing standards to enable us to formulate and express an opinion on the financial statements taken as a whole. Accordingly, we make no representation as to the sufficiency or appropriateness, for your purposes, of either the information contained in our audit documentation or our audit procedures. In addition, any notations, comments, and individual conclusions appearing on any of the audit documentation do not stand alone, and should not be read as an opinion on any individual amounts, accounts, balances, or transactions.
Our audit of Widget Company December 31, 20X1 financial statements was performed for the purpose stated above and has not been planned or conducted in contemplation of your [state purpose: for example, “regulatory examination”] or for the purpose of assessing Widget Company compliance with laws and regulations. Therefore, items of possible interest to you may not have been specifically addressed. Accordingly, our audit and the audit documentation prepared in connection therewith should not supplant other inquiries and procedures that should be undertaken by the [name of regulatory agency] for the purpose of monitoring and regulating statements of Widget Company. In addition, we have not audited any financial statements of Widget Company since [date of audited balance sheet referred to in the first paragraph above], nor have we performed any audit procedures since [date], the date of our auditor's report, and significant events or circumstances may have occurred since that date.
The audit documentation constitutes and reflects work performed or evidence obtained by [name of auditor] in its capacity as independent auditor for Widget Company. The documents contain trade secrets and confidential commercial and financial information of our firms and Widget Company that are privileged and confidential, and we expressly reserve all rights with respect to disclosures to third parties. Accordingly, we request confidential treatment under the Freedom of Information Act or similar laws and regulations when requests are made for the audit documentation or information contained therein or any documents created by the [name of regulatory agency] containing information derived therefrom. We further request that written notice be given to our firm before distribution of the information in the audit documentation (or photocopies thereof) to others, including other governmental agencies, except when such distribution is required by law or regulation.
[If it is expected that photocopies will be requested, add:]
Any photocopies of our audit documentation we agree to provide you will be identified as “Confidential Treatment Requested by [name of auditor, address, telephone number].”
Firm signature
_______________
Illustration 3. Written Communication to the Client When Regulator May Request Access to Audit Documentation When Not Required by Law or Regulation (from AU-C Interpretation 9230.13)
The audit documentation for this engagement is the property of [name of auditor] and constitutes confidential information. However, we may be requested to make certain audit documentation available to [name of regulator] for [describe the regulator's basis for its request]. If requested, access to such audit documentation will be provided under the supervision of [name of auditor] personnel. Furthermore, upon request, we may provide photocopies of selected audit documentation to [name of regulator]. The [name of regulator] may intend or decide to distribute the copies of information contained therein to others, including other government agencies.
You have authorized [name of auditor] to allow [name of regulator] access to the audit documentation in the manner discussed above. Please
