MARCUM LLP QUALITY CONTROL MANUAL. March 31, 2017

Transcription

1 MARCUM LLP QUALITY CONTROL MANUAL March 31, 2017

2 MARCUM LLP QUALITY CONTROL MANUAL CONTENTS I. Firm Background Information 1-3 II. Elements of Quality Control System 3-4 A. Leadership Responsibilities for Quality Within the Firm 4-6 B. Relevant Ethical Requirements 6-13 C. Acceptance and Continuance of Client Relationships and Specific Engagements D. Human Resources E. Engagement Performance F. Monitoring III. Statement of Firm Philosophy 39 A. The Firm and its Objectives 39 B. Professional Performance C. Relationships with Clients 40 D. Services Provided 41

3 MARCUM LLP QUALITY CONTROL MANUAL I. FIRM BACKGROUND INFORMATION Edwin Marcum and Edwin Kliegman founded Marcum & Kliegman LLP (M&K) in M&K has grown through internal expansion and from mergers with sole practitioners and other CPA firms. Effective June 1, 2009, Marcum and Kliegman LLP offically changed its name to Marcum LLP. Marcum also operates in the Cayman Islands through a separate legal entity, Marcum (Cayman). Our objective is to provide quality accounting, auditing, tax, consulting and litigation support services, computer technical consulting, and management advisory services to our clients. To this end, we expect to limit our practice to those clients we can properly serve. We intend to further develop expertise that will enable us to increase the number of clients we service. Therefore, we plan to hire and train professional personnel who will be able to function to meet these goals. We expect our growth to continue internally through new business development and selective mergers and to continue to expand in our present geographic practice area. In addition, we intend to retain our local identity and personal relationship with the clients that are the foundation of our practice. We hope to be a firm that is enjoyable and rewarding. We intend to continue our involvement in and contribution to community and professional activities and organizations. Our practice is currently conducted from offices in New York, California, Connecticut, Florida, Massachusetts, New Jersey, Pennsylvania, Rhode Island and Grand Cayman. We are a general practice primarily composed of, but not limited to, the following types of clients and industries: SEC Compliance Government and Not-for-Profit Broker-dealers Investment Companies (which include Alternative Investments) Insurance Financial institutions Manufacturing Retail and wholesale establishments Entertainment Service industries Life Sciences and Technology, including computer software Real Estate ERISA Construction 1

4 Overall The objectives of a system of quality control for a CPA firm are to provide the firm with reasonable assurance that the firm and its personnel comply with professional standards and applicable regulatory and legal requirements, and that the firm and/or engagement partners issue reports that are appropriate in the circumstances. A system of quality control consists of policies designed to achieve the objectives of the system and the procedures necessary to implement and monitor compliance with those policies. The nature, extent, and formality of a firm s quality control policies and procedures will depend on various factors such as the firm s size; the number and operating characteristics of its offices; the degree of authority allowed to, and the knowledge and experience possessed by firm personnel; and the nature and complexity of the firm s practice. These quality control policies and procedures extend to our partnership, Marcum (Cayman). All auditing procedures for clients who must file in the Cayman Islands are conducted in the United States by the assigned engagement team. The engagement partner located in the Cayman Islands is involved in the audit process from the planning stage through the conduct of the audit procedures and performs the final review of the audit file and the financial statements and signs the audit report. The firm s system of quality control, which includes policies and procedures that address the six elements of quality control are presented on the following pages. All employees and members of the firm have access to Marcum s Intranet where this document is located. All employees of the firm are responsible for understanding, implementing, and adhering to these policies and procedures. Also available on the Intranet under the caption Assurance Department are firm guidelines and an Index of Forms and Policies for professional staff to utilize. Our policies and procedures are routinely updated utilizing general distribution s. The firm is a member of the AICPA s Center for Audit Quality, AICPA Governmental Audit Quality Center, and the AICPA Employee Benefit Audit Quality Center (collectively, the Centers). The firm has agreed to establish policies and procedures specific to the firm s public company audit practice, governmental audit practice, and ERISA employee benefit plan practice to comply with the applicable professional standards and the membership requirements of the respective centers. The firm is also registered with the Public Company Accounting Oversight Board (PCAOB), and is therefore subject to PCAOB standards and the Securities and Exchange Commission rules and requirements. With regard to the firm s alternative investment practice covered by CISPA (The Cayman Islands Society of Professional Accountants) the firm is a member of CISPA. CISPA is an associate of the International Federation of Accountants (IFAC) which is subject to Quality Controls Standards covered by International Standard on Quality Control 1 ( ISQC1 ), The firm s quality control policies and procedures are documented and communicated by this document, and updated from time-to-time through general distribution s. As required by the membership requirements of the AICPA, it is the policy of the firm that all eligible audit partners and firm employees be members of the AICPA. It is the responsibility of the partner in charge of assurance services to ensure that each partner and firm employee be advised annually that AICPA membership is mandatory. As required by the membership requirements of the Centers, the managing partner designates an audit partner to assume firm-wide responsibility for the quality of the firm s public company audit practice, government and not-for-profit audit practice, and ERISA employee benefit plan practice. 2

5 As required by ISQC1, ethical requirements to which the engagement team and engagement quality control reviewer are subject, which ordinarily comprise Parts A and B of the International Ethics Standards Board for Accountants Code of Ethics for Professional Accountants (IESBA Code) together with national requirements that are more restrictive are required to be followed. It is the Firm s policy to adhere to all applicable unconditional and presumptively mandatory requirements of SQCS No.8 A Firm s System of Quality Control(Redrafted), the AICPA Code of Professional Conduct, IESBA Code and other relevant ethical requirements, as evidenced by the policies and procedures within this quality control document. Any questions, concerns, or recommendations about the firm s quality control system should be communicated to the partner in charge of assurance services. The AICPA audit quality centers also require member firms to: A. Meet the requirements to legally engage in the practice of public accounting. B. Adhere to the quality control (QC) standards established by the AICPA. C. Submit to, and pay for, a peer review of the firm s accounting and auditing practice every three years and submit the peer review report, and letter of response to the AICPA for inclusion in the AICPA public file. D. Ensure that all professionals (CPAs and non-cpas) comply with the AICPA membership CPE requirements. E. Pay annual dues and agree to comply with the rules and regulations of the Centers and any sanctions that may be imposed on the firm. F. File an appropriate compliance or update forms with the respective audit quality centers annually. G. Adhere to the portions of the AICPA Code of Professional Conduct and the Statement on Standards for Consulting Services dealing with independence in performing management advisory services for SEC audit clients and adhere to the guidelines established by the PCAOB. A firm must refrain from performing, for such clients, services that are inconsistent with the firm s responsibilities to the public and would impair its independence, integrity, and objectivity as prohibited by the guidelines set forth by these governing bodies. II. ELEMENTS OF QUALITY CONTROL SYSTEM The six elements of our quality control system are as follows: Leadership Responsibilities for Quality Within The Firm Relevant Ethical Requirements 3

6 Acceptance and Continuance of Client Relationships and Specific Engagements Human Resources Engagement Performance Monitoring A. Leadership Responsibilities for Quality Within the Firm It is the firm s policy to promote a culture of quality that is pervasive throughout the firm s operations through the development of its system of quality control. Firm management, under the direction of the managing partner or his designee, assumes responsibility for the firm s system of quality control and designs the system to (a) emphasize the importance of performing work that complies with professional standards and regulatory and legal requirements, and (b) issue reports that are appropriate in the circumstances. In maintaining a culture of quality, the firm emphasizes the importance of ethics and integrity in every decision that personnel make, particularly at the engagement level. The firm ensures compliance with this policy by implementing the following procedures: i. The firm dedicates sufficient and suitable resources to its quality control system and quality initiative and assigns the operational responsibility for the firm s quality control system to individuals with the experience, ability, and authority to identify, develop, and implement the necessary QC policies and procedure based upon their comprehensive understanding of SQCS No. 8. The firm appropriately communicates clear, consistent, and frequent actions and messages that emphasize the firm s quality control policies and procedures. Such actions and messages include: (1) Advising all new professional employees where to locate a copy of the firm s Quality Control Manual on the Intranet, which all employees have access to, and advising them of the importance of and their responsibility to review the Quality Control Manual. (2) Reviewing the firm s quality control policies and procedures, especially in areas where questions or problems have arisen with personnel during firm training sessions. Also, a portion of the firm s policies and procedures are maintained on the intranet in the Index of Forms, Policies section. ii. The managing partner or his designee evaluates client relationships and engagements to ensure that commercial, economic, and political considerations are not placed ahead of the firm s commitment to quality control. Additionally, the firm s compensation and advancement policies and procedures (covered in the Human Resources section of this QC Manual) are designed to ensure that commercial considerations are not placed ahead of the quality of work performed. 4

7 iii. The managing partner and other partners in the firm demonstrate the importance of quality by their actions. Such actions include: (1) Making decisions with a focus on the public interest and emphasizing that personnel do the same. (2) Demonstrating the importance of creating and maintaining a good public reputation. (3) Ensuring partners and staff have sufficient time and resources to solve engagement challenges. (4) Adhering to professional, regulatory, and legal standards. (5) Displaying enthusiasm and sincerity in communicating the commitment to a quality initiative. (6) Demonstrating consistency. iv. The firm establishes a formal code of professional ethics, included throughout this document and in the Employee Handbook that reflects the firm s core value of quality and guides personnel to make appropriate decisions throughout their workday. This code of conduct is regularly communicated and reiterated to all employees. v. The firm establishes and maintains a positive work environment by combining the firm s quality objectives with the personnel s needs to be valued and appreciated. vi. The firm hires, compensates, and promotes individuals who possess and exhibit high levels of integrity, as covered in the Human Resources QC policies and procedures. vii. The firm provides at least (2) CPE credits of ethics training, or minimum required ethics credits in the applicable State of practice, for all professional personnel every year, as covered in the Relevant Ethical Requirements section of this QC Manual. viii. The firm rewards personnel who demonstrate a commitment to quality through its performance evaluation, compensation, and advancement system, as covered in the Human Resources QC policies and procedures section of this document. ix. The firm prohibits unethical behavior to occur unchallenged and addresses instances of noncompliance with the firm s quality control system through swift disciplinary action or, in extreme cases, termination of the offending employee. x. At least annually, the firm s leadership responsibilities, policies and procedures are reviewed to determine if they are appropriate and operating effectively. See the Monitoring section of this document for further information. 5

8 xi. The firm reports litigation that alleges deficiencies in an audit of any client including an SEC client or certain financial institutions. xii. The firm reports annually to the audit committee or board of directors (or its equivalent in a partnership) of each SEC audit client on the total fees received from the client for management advisory services during the year under audit and a description of the types of such services rendered. B. Relevant Ethical Requirements It is the policy of our firm that all professional personnel be familiar with and adhere to the relevant ethical requirements of the AICPA contained in the Code of Professional Conduct, the applicable State Board s of Accountancy, State Societies of Certified Public Accountants, state statutes for applicable engagements, the PCAOB along with the SEC and the AICPA Centers for Audit Quality, as well as the International Ethics Standards Board for Accountants ( IESBA ) in discharging their professional responsibilities. Furthermore, it is the policy of our firm that for engagements that are subject to Government Auditing Standards, PCAOB audit standards and SEC and other regulatory agencies rules and regulations, all professional personnel are required to be familiar with and adhere to the relevant independence and other ethical requirements included in those standards and that personnel will always act in the public interest. Any transaction, event, circumstance or action, that would impair independence or violate the firm s relevant ethical requirements policy on a compilation, review, audit, attestation (including forecast and projection) or consulting engagement or other service subject to the standards of the AICPA Auditing Standards Board or the AICPA Accounting and Review Services Committee (as required under Rules 201 and 202) or the IESBA is prohibited. Additionally, when the firm and its professional personnel encounter situations that raise potential independence threats, but such situations are not specifically addressed by the independence rules of the AICPA Code of Professional Conduct, or the IESBA, the situation will be evaluated by referring to the Conceptual Framework for AICPA Independence Standards, and the IESBA and applying professional judgment to determine whether an independence breach has occurred. The firm will take appropriate action to eliminate those threats or mitigate them to an acceptable level by applying safeguards. If effective safeguards cannot be applied, the firm will withdraw from the engagement or take other corrective actions as appropriate to eliminate the breach. Any financial transaction (including loans, brokerage accounts, and other investments), business relationship, proscribed services, fee arrangements, and any employment restriction between (a) the firm, its benefit plans, and its professionals and their close relatives, and (b) restricted entities, which include audit clients that are SEC registrants and all entities related to such clients, such as parent companies, that would impair the firm's independence or violates its integrity and objectivity policy is prohibited. Although not necessarily all-inclusive, the following are considered to be prohibited transactions (these are general rules, and are not meant to be more restrictive than applicable standards): i. Investments by any partner, principal or professional employee in a client's business during the period of a professional engagement, including a commitment to acquire any direct or material indirect financial interest in a client. 6

9 ii. An investment in an entity or property by any of the following individuals and the client (or the client s officers or directors, or any owner who has the ability to exercise significant influence over the client) that enables them to control (as defined by Generally Accepted Accounting Principles (GAAP) for consolidation purposes) the entity or property: (1) An individual on an attest engagement team (including an audit; SSARS review; or examination, review, or agreed-upon procedures under the AICPA attestation standards). (2) An individual in a position to influence the attest engagement by doing any of the following: (a) evaluating the performance or recommending the compensation of the attest engagement owner, (b) directly supervising or managing the attest engagement owner and all of that owner s superiors, (c) consulting with the attest engagement team about technical or industryrelated issues specific to the engagement, or (d) participating in or overseeing quality control activities, including internal monitoring, with respect to the attest engagement. (3) A partner, principal or manager who provides nonattest services to the attest client beginning once he/she provides ten or more hours of nonattest services to the client within any fiscal year and ending on the later of the date: (a) the firm signs the report on the financial statements for the fiscal year during which those services were provided or (b) he/she no longer expects to provide ten or more hours of nonattest services to the attest client on a recurring basis. (4) An owner/partner in the office in which the lead attest engagement partner primarily practices with respect to the attest engagement. iii. Borrowings from or loans to a client, or client's personnel, during the period of a professional engagement by any individuals listed in items ii ((1) (4). iv. Accepting or offering gifts or entertainment from or to a client (with the exception of non-cash token gifts of nominal value), and v. Certain family relationships between professional personnel and client personnel (consult the managing partner or partner in charge of assurance services for a ruling on such relationships). 7

10 vi. Any public statement about a client, or any group of companies which includes a client, is prohibited without the approval and consent of the partner in charge of assurance services and the Firm s General Counsel s office. Public statements would include those statements included in marketing materials, blasts or statements on websites about any Issuer audit clients or prospects, with respect to any Firm-hosted or Firm-sponsored conference, including the Marcum MicroCap Conference. No public statement should be made without careful consideration of the general standard of independence set out in Rule 2-01(b) of Regulation S-X, including consideration of the four principles in the preliminary note to Rule In all cases, public statements about issuer audit clients must avoid creating any appearance that we are advocating for the clients and must avoid putting us in a position of appearing to have a mutual interest with the client, as could occur with, for example, statements intended to create an impression that the securities of an issuer audit client are a good investment. vii. The Firm must not engage with issuer audit clients in business relationships as described in Rule 2-01(b)(3) of Regulation S-X. This means, among other things, that an issuer audit client may not be a sponsor of any Firm-hosted conference, including the Marcum Microcap Conference. viii. For purposes of (vi) and (vii), Issuer audit client includes (1) issuer audit clients of the Firm, (2) issuer audit clients of any associated entity of the Firm, and (3) all of those issuers affiliates, as defined in Rule 2-01(f) of Regulation S-X. Notwithstanding the preceding policy and list of prohibited transactions, at the managing partner's discretion, certain prohibitions can be waived if it is deemed to be in the best interest of the firm. However, in so doing, the engagement service performed for the client must be limited to that allowed by all professional and regulatory standards. The firm ensures compliance with this policy by implementing the following procedures: 1. All professional personnel are required to sign a representation letter when hired (or shortly thereafter), and annually electronically thereafter, that acknowledges their familiarity with the firm's relevant ethical requirements and policies and procedures, particularly with regard to independence (see Intranet for form). Such representation is also required from part-time, seasonal, and contract professionals and any other individuals who work on accounting and auditing engagements. All administrative managers and all professional staff of Marcum affiliated entities, are required to be independent. Independence and ethics training are generally provided for all professional personnel at least in accordance with applicable State ethics requirements. As a general rule, the firm provides two (2) CPE credits to all professionals on an annual basis. Such training covers the firm s relevant ethical requirements policy and the independence and ethical requirements of all applicable regulators. 2. Additions to the firm s restricted client list are communicated to all personnel on a timely basis via from the administrative partners. All other new clients are maintained on the firm s Intranet. All professional personnel are required to review the firm's client list at least annually for possible violations. All 8

11 professional personnel are also required to review the client list before they and their spouses or dependents enter into investment or loan transactions or business relationships, including those listed in the firm's independence, integrity, and objectivity policy, to determine if the entity is on the list. The list of clients is maintained by the firm administrator and new SEC clients are communicated on a timely basis by an from the administrative partners. This list is available on our network at all times. When hired (or shortly thereafter), and annually thereafter, all professional personnel are required to sign an Independence, Integrity & Objectivity form (see the firm s Intranet for form) that confirms this responsibility. All professional personnel are required to report on a timely basis, apparent violations of the independence policies involving himself or herself and his or her spouse and dependents, when identified, and the corrective action taken or proposed. 3. If a potential threat to independence is identified, the managing partner or the partner in charge of assurance services accumulates and communicates relevant information to appropriate personnel so (a) firm management and the engagement partner can determine whether they satisfy independence requirements, (b) the engagement partner or the partner in charge of assurance services can take appropriate action to address identified threats to independence, and (c) the firm can maintain current independence information. For clients of whom the firm is not independent, only compilation services, or other services permitted by the applicable standards, are performed. 4. To ensure that independence is properly addressed at the engagement level, the engagement partner will consider relevant information about client engagements and evaluate the overall effect, if any, on independence requirements as part of the engagement and acceptance decision. In making this determination, any familiarity threat related to senior personnel recurring on an audit or attest engagement for five years or more will be considered, including any other specific rotation requirements of regulatory agencies or other authorities. Additionally, the work programs and forms in the accounting and auditing manuals used by the firm contain steps requiring an evaluation of independence on each new and recurring engagement. Furthermore, those manuals contain reporting guidance for the types of engagements where a lack of independence is allowed. 5. All professional personnel are required to notify the managing partner or the partner in charge of assurance services of any potential prohibited transaction or violation of an independence, integrity, or objectivity rule as soon as they become aware of such a situation involving himself or herself and his or her spouse and dependents and the corrective action taken or proposed to be taken on a timely basis when identified. Reporting apparent violations under this requirement would not include for example, timely disposition of client securities resulting from additions to the Restricted Entity List or upon becoming a member (as defined) by ISB (or its successor), SEC, Public Company Accounting Oversight Board (PCAOB), other applicable regulatory agencies, or relevant AICPA or IESBA independence rules. To acknowledge that responsibility, all professional personnel are required when hired (or shortly thereafter) and annually thereafter, to sign a representation letter and to list situations they know of that could impair independence or that violate the firm s integrity or objectivity policy. 9

12 6. Current copies of all applicable independence, integrity, and objectivity requirements are maintained on the firm s Intranet or can be located in one of our research tools. (The firm s on line reference tools contains the authoritative rules on independence, integrity, and objectivity that govern our firm. That literature and the advice of the managing partner or the partner in charge of assurance services should be consulted when an employee is not sure if a transaction, event, circumstance, or action should be reported). 7. The work programs and standard forms on the Intranet (under Assurance Department and/or Alternative Investment Group) for accounting and auditing materials used by the firm include steps that require: a. A determination of complying with relevant ethical requirements on each new and recurring client. b. A consideration of unpaid fees. c. An annual confirmation of the independence of a component auditor performing work on a segment of an audit, review, or attestation (including forecast and projection) engagement. d. Appropriate reporting on compilations in which the firm is not independent. e. A consideration of whether actual or threatened litigation has an effect on the firm s independence with respect to the client. f. A determination of whether all professional personnel are independent of the financial reporting entity, if the firm is engaged as the group auditor to report on the basic financial statements of the financial reporting entity. g. A consideration of whether the firm was party to a cooperative arrangement with a client that was material to the firm or the client. 8. If our firm is engaged as the group auditor and another firm (component auditor) is engaged to audit a subsidiary, branch, division, governmental component unit, or to perform procedures on an element or account grouping within a client's financial statements, the engagement team is required to obtain a written representation regarding the component auditor s independence with respect to our client. In the Index of Forms on the Intranet are templates used by the firm containing examples of representation letters to use in such situations. Furthermore, in review or attestation engagements, if another firm performs work on a segment of the engagement, a written representation regarding the other firm's independence is required. In addition, in the Index of Forms on the Intranet is an audit program used by our firm that contain steps to ensure compliance with this procedure. 9. The engagement partner (or the in-charge accountant under the partner's supervision) has the primary responsibility for determining if there are significant unpaid fees on any of his/her clients that would impair the firm's independence. The engagement work programs used by the firm contain program steps to ensure compliance with this policy. The firm's client accounts receivable listing and the engagement partner's knowledge of unbilled fees should be considered in making this determination. In addition, the managing partner and regional partners in charge have secondary responsibility to review the firm's accounts receivable listing on a periodic basis to identify potential independence problems. 10

13 10. The engagement partner has the primary responsibility to identify all nonattest (and in the case for engagements subject to Government Auditing Standards, Nonaudit Services) services performed for an attest service client [including services performed by entities closely aligned through common employment] and for determining if such nonattest services impair independence with respect to that client. Reviewing nonattest services performed for attest clients includes obtaining and documenting an understanding with the client regarding the client s responsibilities for the nonattest services performed by the firm. Firm engagement work programs for all attest, as well as compilation engagements, include steps to ensure compliance with this procedure. The engagement partner is responsible for ensuring that services prohibited by the SEC or PCAOB or any other regulatory requirements are not performed for SEC audit clients. 11. The engagement partner has the primary responsibility for determining whether actual or threatened litigation has an effect on the firm s independence with respect to the client. Independence could be impaired by litigation (a) between the client and the firm, (b) with the client s security holders, and (c) from other third parties. 12. The partner in charge of assurance service or his designee is responsible for obtaining professional employee representation letters, reviewing for completeness for resolving questions relating to relevant ethical requirement matters (including questions from the representation letters and those from other sources) and is available to provide guidance. In so doing, the partner in charge of assurance service or his designee should, when necessary, consult the AICPA s Conceptual Framework for AICPA Independence Standards, the IESBA Code or other regulatory bodies standards and, when necessary, consult the AICPA or other regulatory bodies or the State Societies of Certified Public Accountants for assistance in interpreting independence, integrity and objectivity rules. Documentation, if any, of the resolution of an independence, integrity and objectivity matter is left to the discretion of the partner in charge of assurance services or his designee; however, if written documentation is deemed necessary by the managing partner, such documentation should be filed in the client's permanent workpaper files or with the human resources department. 13. The partner in charge of assurance service or his designee is also responsible for determining actions to be taken when professional personnel violate firm independence policies and procedures. The action for each incident is determined based on its unique circumstances and may include eliminating the condition that caused the impairment, additional training, reprimand letter, or termination. 14. The partner in charge of assurance services or his designee is also responsible for monitoring the firm s independence of attest clients at which partner or other senior personnel have been offered management positions or have accepted offers of employment. The independence, integrity, and objectivity questionnaire used by the firm and the client acceptance checklists used by the firm in attest engagements include questions to help ensure compliance with this requirement. 11

14 15. To ensure that relevant ethical requirements policy and procedures are properly considered at the engagement level, the work programs in our on line library contain steps that require a determination of independence on each new and recurring client. Furthermore, our library contains reporting guidance for those types of engagements where a lack of independence is allowed. 16. The firm maintains a database ( Restricted Entity List ) that includes, among other items, all restricted entities. The partner in charge of assurance services will review the firm s client additions and deletions to update the Restricted Entity List. Restricted entities shall include all audit clients of the firm that are SEC registrants, Investment Companies and all entities related to such clients (e.g., parent companies) for which the firm must maintain independence under the SEC, ISB (or its successor), PCAOB, or relevant AICPA independence standards. The term SEC registrant is defined as (1) an issuer making an initial filing, including amendments, under the Securities Act of 1933; (2) a registrant that files periodic reports under the Investment Company Act of 1940 or the Securities Exchange Act of 1934; (3) a bank or other lending institution that files periodic reports with the Comptroller of the Currency, the Federal Reserve System, the Federal Deposit Insurance Corporation, or the Federal Home Loan Bank Board; and (4) a company whose financial statements appear in the annual report or proxy statement of an investment fund because it is a sponsor or manager of such a fund, but which is not itself a registrant required to file periodic reports under the 1940 Act or section 13 or 15(d) of the 1934 Act. Prior to acquiring any security in an entity, obtaining a loan from an entity, opening or modifying a brokerage account with an entity or entering into a business relationship with an entity, professionals are required to comply with restrictions and review the Restricted Entity List to determine whether the entity is included thereon. This review would also be required for similar activities by the professional s spouse or dependents. a. With regard to Cayman audit clients, for which the firm must maintain independence under the IESBA Code, references to a restricted entity for such a client includes related entities over which the Cayman client has direct or indirect control. When the audit team knows or has reason to believe that a relationship or circumstance involving another related entity of the Cayman client is relevant to the evaluation of the firm s independence from the Cayman client, the audit team shall include that related entity when identifying and evaluating threats to independence and applying appropriate safeguards. 17. The partner in charge of assurance services shall be responsible for (1) keeping the Restricted Entity List updated on a timely basis, (2) making it readily available to all personnel who are required to comply with independence restrictions, (3) communicating additions to the list on a timely basis (generally as each new client is accepted), and (4) overseeing the adequate functioning of the independence policies of and the consultation process within the firm. 18. If a breach of independence is identified, the firm promptly communicates the breach and the required corrective actions to (a) the engagement partner, who (along with the firm) has the responsibility to address the breach and (b) other relevant personnel in the firm and those subject to the independence requirements 12

15 who need to take appropriate action. The engagement partner confirms to the firm when required corrective actions related to the breach and noncompliance with these policies and procedures have been taken. 19. To monitor compliance with our firm's policy and procedures on independence, integrity, and objectivity, representation letters are obtained annually. During our firm's annual inspection, a sample of employee personnel files are reviewed to determine that a current independence, integrity and objectivity policy representation letter is on file (which may be kept in a separate file by HR or online). Also during the annual inspection, a sample of engagements will be reviewed to determine compliance at the engagement level with our firm's independence, integrity and objectivity policy and procedures. 20. At least annually, the managing partner or designee reviews the firm s relevant ethical requirements policy and procedures to determine if they are appropriate and operating effectively. See the Monitoring section of this document for further information. 21. On an annual basis, the firm s general legal counsel and the partner in charge of assurance services obtains the income tax returns and brokerage statements from each firm partner. A sample of these documents are selected to review for prohibited investments. The partner in charge of assurance services selects a sample of managers and reviews income tax returns and brokerage statements to review for prohibited investments. 22. When either safeguards are required to reduce an independence threat to an acceptable level, documentation regarding the nature of the threat and the safeguards in place or applied that reduced the threat to an acceptable level and/or when an independence threat required significant analysis to determine whether safeguards were necessary and it was concluded that they were not because the threat was already at an acceptable level, documentation regarding the nature of the threat and the rationale for the conclusion are documented in either the client engagement binders, which are included in the client files, or in a central data based maintained by the partner in charge of assurance services. C. Acceptance and Continuance of Client Relationships and Specific Engagements It is the policy of our firm that, for all compilation, review, audit, and attestation (including forecast and projection) engagements, the acceptability of the client and the engagement, be evaluated before the firm agrees to provide professional services. The firm will only accept engagements where it has considered the integrity of the client and believes the engagement can be completed with professional competence after considering the risk associated with providing the professional services. The procedures listed below are followed to ensure compliance with this policy: (i) For each prospective new client that a compilation, review, audit or attestation engagement is performed, the partner making initial contact with the client designates an in-charge to complete an Engagement Acceptance Form (for SEC engagements, an Engagement Acceptance Form for Public Companies must be completed). That form documents, among other things, background information including financial information regarding the client and its operations; an 13

16 assessment of the apparent integrity of management; possible independence problems or conflicts of interest; an assessment of the availability of staff; adequacy of the firm s professional competence; known disagreements with the client s prior accountants; and consideration of risks associated with the engagement. The forms can be found in the Index of Forms on the Intranet. In connection with engagement acceptance, note the following: (1) Available financial information regarding the prospective client, such as annual reports, interim financial statements, reports to regulatory agencies, and income tax returns, are obtained and reviewed. Registration statements, such as Form S-1, 8-K and/or Form 10-K, are obtained for public companies. (2) Inquiries about potential clients may be made to bankers, attorneys, credit services, and others having business relationships with the company. (3) Predecessor auditors (if applicable) are contacted and inquiries are made in accordance with professional standards. (4) Consideration is given to circumstances that would cause the firm to regard the engagement as one requiring special attention or presenting unusual risks. These circumstances include, but are not limited to, the following: (a) Audits of publicly held companies. (b) Audits of companies operating in high-risk industries, such as those industries where it is difficult to establish an adequate internal control structure or those industries whose operations are especially sensitive to general economic conditions. (c) Audits of companies in the development stage. (d) Audits of companies in serious financial difficulty. (5) The firm's independence, integrity and objectivity rules, and ability to adequately serve a potential client are evaluated prior to acceptance. In evaluating the client acceptance, consideration is given to the technical skill requirements, knowledge of the industry and availability of qualified personnel. (6) A review is made to ensure that acceptance of the client would not violate applicable regulatory agency requirements and the Code of Professional Conduct of the AICPA and the State Societies of CPAs and the IESBA Code. (7) For all new attest engagements, the acceptance of a client is to be approved and documented in writing on the Engagement Acceptance Form by the engagement partner and applicable members of the Client Acceptance Committee. 14

17 (8) The Client Acceptance Committee is responsible for administering the specific procedures for acceptance of clients and performs an annual review (on an informal basis) for compliance with the firm's policies and procedures for acceptance of clients. (9) For each new or existing client that is, or expects to become a publicly held company, the firm requires the following procedures in addition to those listed above: (a) Review of filings with the SEC (or other government agencies), including Form 8-K, if any, during at least the prior year. (b) Consideration of the SEC and PCAOB independence rules (or the rules of other government agencies) in determining any existing or potential situations that impair or may impair in the future the firm s independence. (c) Background checks are performed for key client personnel, generally the CEO, CFO, Audit Committee Chair, and possibly selected Board of Director members. (d) Consideration of any other additional information as required by the Engagement Acceptance Form. ii. For existing clients, the managing partner and Client Acceptance Committee annually review the firm s client list and evaluate the acceptability of each client and engagement. Furthermore, the engagement continuance work programs used by the firm contain steps requiring the engagement team to consider whether the firm should discontinue providing all or certain services to a client. In making the continuance decision, the firm considers whether any significant issues have arisen during the course of the relationship with the client and how such issues affect the ongoing client relationship. Reasons that might surface in either the firm-wide or individual engagement review that would cause the firm to consider discontinuing services if the information had been available earlier include the following: (1) Public companies - Any public client that meets one of the following criteria is evaluated for retention; (1) going concern opinion, (2) material weaknesses in internal control, (3) client realization below 80% (60% in the first year), and (4) not in compliance with established credit arrangements. (2) All public audit clients not meeting the above criteria and all non-public clients must complete an Engagement Continuance Form. If there are any YES answers on the form, it is subject to review by the Client Acceptance Committee. The form addresses many of the items listed below. (a) Significant changes in the client, e.g., senior management, perceived integrity of management, ownership, financial stability or the risk associated with the particular engagement. 15

18 (b) Changes in the nature or scope of the engagement, including requests for additional services the firm may not be adequately prepared to render. (c) Significant changes in the composition of the firm, e.g., a change in the firm s professional competence (expertise) or the decision to discontinue client services in a particular industry. (d) Significant unpaid fees that may cause an independence problem or create doubt about the collectability of future fees. (e) The existence of conditions that would have caused the firm to reject the client or engagement had such conditions existed at the time of the initial acceptance. (f) The client is in the development stage or operates in a highly specialized or regulated industry, such as a financial institution, governmental entity, or employee benefit plan. (g) More time is required to perform the engagement than the firm can provide. (h) The client has ignored prior recommendations, such as recommendations addressing internal control deficiencies. (3) The Client Acceptance Committee is responsible for evaluating the relationship and making continuance or rejection recommendations. If there is a recommendation for discontinuance, all partners involved participate in the decision. iii. The firm will communicate in writing within five (5) business days to an SEC registrant and the SEC when the client - auditor relationship with an SEC registrant has ceased. iv. If situations occur after the commencement of an engagement and while work is in process that indicates the firm should consider withdrawing from the engagement, the managing partner should be notified of the circumstances. Circumstances that may cause the firm to withdraw would include: (1) The client s unwillingness to make a material correction to the financial statements or accept a modified report or when a modification of the standard report will not adequately indicate the deficiencies in the financial statements taken as a whole. (2) Failure by the client to take remedial action with regard to an illegal act that might be discovered during the engagement. (3) The discovery of facts after the engagement commences that may have caused the firm to reject the engagement had those facts been known prior to starting the work, e.g., a significant risk of fraud. 16

19 (4) The client provides information that is incorrect, incomplete, or otherwise unsatisfactory and refuses to provide additional or revised information. (5) The inability to apply the analytical and review procedures considered necessary for a SSARS or attest review, and it is inappropriate to issue a compilation report. (6) The client s refusal to provide a representation letter. (7) Other information in a client-prepared document containing the firm s attest report is materially inconsistent with the information in the attest report, and the client does not revise the information to eliminate the inconsistency. v. The managing partner is responsible for deciding whether to withdraw from an engagement. If, based on the facts and circumstances identified in performing the above steps, the managing partner concludes that the firm should discontinue providing all or certain services to a client or withdraw from a current engagement, the managing partner and the engagement partner should determine how the client should be informed about that decision. Furthermore, the managing partner should consider whether legal counsel should be consulted in making that decision. The engagement team will be notified by the managing partner of the name of any client to which services are discontinued. vi. If the firm discovers a potential conflict of interest during the acceptance and continuance decision, the Client Acceptance Committee or the managing partner determines whether it is appropriate to accept the engagement. If the engagement is accepted, the ethical requirements under AICPA Interpretation No , Conflicts of Interest, under Rule 102, Integrity and Objectivity, are considered. vii. The engagement partner is responsible for ensuring that an engagement letter is obtained for each client that we issue compilation, review, and audit or attestation reports. The engagement letter should document the firm s understanding with the client regarding the nature, scope, and limitations of the services to be performed. viii. At least annually, the partner in charge of assurance services along with the managing partner reviews our acceptance and continuance policies and procedures to determine if they are appropriate and operating effectively. D. Human Resources Overall The success of the firm is dependent upon its professional staff. It is the firm s intent to succeed in the marketplace by having partners and staff who possess the capabilities, competence, and commitment to ethical and professional principles to assure that engagements performed by the firm are in accordance with professional standards and regulatory and legal requirements and that appropriate reports are issued. Having effective QC policies and procedures over the human resources element will help ensure the proficiency of its personnel. The activities of a comprehensive human resources QC system include: 17