Attestation Engagements That Address Specified Compliance Control Objectives and Related Controls at Entities That Provide Services to Investment Companies, Investment Advisers, or Other Service Providers

Article excerpt

Space considerations prevent publishing here the appendix to SOP 07-2. Since the appendices often are important to understanding SOPs, readers are advised to obtain complete copies. To obtain a copy of SOP 07-2 (product no. 014946), visit www.cpa2biz.com/store or contact the AICPA at 888-777-7077.

NOTE

This Statement of Position (SOP) is an interpretive publication and represents the recommendations of the Chief Compliance Officers Task Force of the AICPA Auditing Standards Board (ASB) regarding the application of Statements on Standards for Attestation Engagements (SSAE) primarily to examination engagements in which a practitioner reports on the suitability of the design and operating effectiveness of a service provider's controls in achieving specified compliance control objectives. Examples of the service providers addressed by this SOP are investment advisers, custodians, transfer agents, administrators, and principal underwriters that provide services to investment companies (including business development companies), investment advisers, or other service providers (user organizations). A practitioner's report on the suitability of the design and operating effectiveness of a service providers controls in achieving specified compliance control objectives is used primarily by user organizations because aspects of a user organization's compliance or internal control over compliance with laws, regulations, and rules may be affected by or include controls at service providers. The ASB has found the recommendations in this SOP to be consistent with existing standards covered by Rule 202, Compliance With Standards, of the AICPA Code of Professional Conduct (AICPA, Professional Standards, vol. 2, ET sec. 202.01).

Interpretive publications are not as authoritative as pronouncements of the ASB; however, if a practitioner does not apply the attestation guidance included in this SOP, the practitioner should be prepared to explain how he or she complied with the provisions of SSAE addressed by this SOP

TABLE OF CONTENTS

Introduction and Background/1-5
Objective of the Examination Engagement/6-7
Subject Matter of the Examination Engagement/8
Management's Responsibilities/9
Criteria/10
Reference to Laws, Regulations, and Rules/11
Practitioner's Responsibilities/12-13
Matters Addressed by the Compliance Control
   Objectives/14-18
Evaluating Deficiencies in Controls/19-20
User Organizations Affected by a Service
   Provider's Noncompliance With Federal
   Securities Laws or Elements Thereof/21-22
Management Assertion/23-24
Management Representational/25-27
Reporting/28-33
Agreed-Upon Procedures/34-36
Effective Date/37
Appendix A:
   Appendix A-1--Illustrative Practitioner's
      Examination Report on a Service Providers
      Assertion Regarding Specified Compliance
      Control Objectives and Related Controls
   Appendix A-2--Illustrative Practitioner's
      Examination Report on a Service Provider's
      Assertion Regarding Specified Compliance
      Control Objectives and Related Controls
      When the Service Provider Uses a Subservice
      Provider and the Subservice Provider's
      Control Objectives and Related Controls
      are Excluded From the Description and
      the Scope of the Practitioner's Engagement
   Appendix A-3--Illustrative Management
      Assertion Regarding a Service Providers
      Specified Compliance Control Objectives
      and Related Controls
   Appendix A-4--Illustrative Service Provider's
      Description of Specified Compliance
      Control Objectives and Related Controls
   Appendix B--Illustrative Practitioner's Examination
      Report Containing a Qualified
      Opinion on the Suitability of the Design
      and Operating Effectiveness of a Service
      Providers Controls in Achieving Specified
      Compliance Control Objectives
   Appendix C--Additional Illustrative Compliance
      Control Objectives
   Appendix D--Matters Identified in Securities
      and Exchange Commission Release
      Nos. …