July 11, 2016
On July 6, the American Institute of Certified Public Accountants (AICPA) issued an Audit Risk Alert on Revenue Recognition. This AICPA Alert pertains to the significant changes in revenue recognition accounting requirements under U.S. generally accepted accounting principles (GAAP) – resulting from the issuance of FASB Accounting Standard Update (ASU) No. 2014-09, Revenue Recognition: Revenue from Contracts with Customers (Topic 606) – that are likely to affect how and when revenue is recognized in the financial statements of many companies across multiple industries once the new standard is in effect. The alert is intended to provide preparers and auditors of financial statements with an overview of the provisions under the new revenue recognition framework, highlighting differences from current standards and focusing on the important accounting and auditing considerations.1
The AICPA Alert is important because it provides useful guidance to a company’s accountants and financial reporting managers, to internal auditors and to others charged with financial reporting compliance and governance. This guidance is focused on assisting issuers and preparers in understanding the changes resulting from the new revenue recognition requirements and, in particular, addressing areas of audit risk and concern as a result of these impending changes. To that end, the alert serves as a resource for understanding the accounting, financial reporting and disclosure impact of the new requirements, as well as serving as an important tool to help issuers and preparers (as well as their external auditors) gain a better understanding of the standard itself, highlight issues that must be addressed at transition and beyond, and identify risks that may result in a potential material misstatement of financial statements, including significant risks requiring consideration for audit preparation.
The new guidance is expected. And more is coming. To further support the financial reporting and auditing community, the AICPA has charged 16 industry task forces to develop industry-specific implementation issues to incorporate into a comprehensive resource manual for the new revenue recognition standard planned for issuance in 2017. To that end, the AICPA has drafted a set of implementation guides for nine specific industries to be incorporated in the 2017 manual. The AICPA is asking for comment on the various issues it has identified for the industries, which include aerospace and defense, airlines, broker-dealers, engineering and construction contractors, gaming, healthcare, investment asset management, not-for-profits, and software. According to AICPA Senior Technical Manager Kim Kushmerick, “The industry revenue recognition implementation issues will be included in a new Revenue Recognition Guide that will be issued in 2017, and also included in stand-alone audit and accounting guides for industries that have them.”2
And so it begins. Guidance is being issued, with further guidance expected. The sheer volume of guidance being communicated currently, as expected, highlights the importance and complexity of the implementation of the new revenue recognition standard, which is one of the reasons why companies need to focus, now, on the transition process. This Flash Report provides background information on the new revenue recognition standard and commentary on the use of the new guidance and various internal control considerations.
In May 2014, the International Accounting Standards Board (IASB) and FASB issued a joint accounting standard on revenue recognition to address a number of concerns around the complexities and various differences in accounting for revenue. The outcome of the issued joint standard was heavily based on an exposure draft that was jointly released in 2011. The IASB and FASB spent most of 2012 and 2013 redeliberating on the various implementation issues of the proposed standard based on comments and feedback on the 2011 draft in advance of finalizing the standard.
In 2014, the FASB issued its updated standard in the form of FASB Accounting Standards Update (ASU) No. 2014-09, Revenue from Contracts with Customers (Topic 606), as previously noted, and the IASB issued International Financial Reporting Standards (IFRS) 15, Revenue from Contracts with Customers. In the U.S., the new standard supersedes revenue recognition requirements in FASB ASC 605, Revenue Recognition, along with most of the guidance under the 900 series of industry-specific topics. IFRS 15 was intended to supersede International Accounting Standard (IAS) 11, Construction Contracts, and IAS 18, Revenue.
For U.S. reporting entities, the guidance in the new standard was originally effective for annual reporting periods of public entities beginning on or after December 15, 2016, including interim periods within that reporting period. Early application was not permitted for public entities. For all other entities, the guidance in the new standard was originally effective for annual reporting periods beginning after December 15, 2017, and interim periods within annual periods beginning after December 15, 2018.
However, to allow entities additional time to plan and execute the implementation transition, the FASB issued an ASU update in August 2015, to defer the effective date of FASB ASU No. 2014-09 for one year.
As such, public business entities (including certain not-for-profit entities, and certain employee benefit plans) would apply the new revenue recognition guidance to annual reporting periods beginning after December 15, 2017, including interim reporting periods within that reporting period. Earlier application would be permitted only for annual reporting periods beginning after December 15, 2016, including interim reporting periods within that reporting period (essentially allowing the original implementation date as an option for companies who prefer to stay on the original trajectory).
All other entities (e.g., private companies) would apply the new revenue recognition guidance to annual reporting periods beginning after December 15, 2018, and interim reporting periods within annual reporting periods beginning after December 15, 2019. Application would be permitted earlier only as of an annual reporting period beginning after December 15, 2016, including interim reporting periods within that reporting period, or an annual reporting period beginning after December 15, 2016, and interim reporting periods within annual reporting periods beginning one year after the annual reporting period in which an entity first applies the new guidance.
Using the Alert to Avoid Potential Misstatements
The alert summarizes the new guidance, explaining the overarching principles as well as highlighting important considerations to assist preparers (and their auditors) to appropriately record (and audit) revenue under the new revenue recognition framework. When evaluating whether revenue was recognized properly, preparers (and their auditors) need to consider (1) whether the entity has properly applied GAAP, (2) whether the entity has properly applied their own internal accounting policies, (3) the nature of the entity’s goods or services and the relative risk of material misstatement in recognizing revenue from those goods and services as well as (4) the structure, business intent and relative complexity of their various contracts with customers.
The AICPA guide provides the reader various indicators related to sales transactions that may indicate potential misstated revenue recognition, based on the new standard’s five-step process. The indicators are categorized into revenue that may not be realized as a result of:
- The absence of a contract with the customer;
- The failure to properly identify various performance obligations;
- Where the transaction price appears to be undeterminable;
- Where the allocation of the transaction price appears to be incorrect; or
- The entity has not satisfied the performance obligations.
Each of these indicators are discussed below.
Identifying the Contract with the Customer
Under the new standard, a contract is defined as an agreement between two or more parties that creates enforceable rights and obligations. The contract should have the approval and commitment of the parties, identify the rights of the parties, identify the payment terms, have commercial substance, and contain terms that evidence that collectability is considered probable.
Entities should update or develop processes evaluating the criteria necessary for a contract to exist. Preparers should also focus on nonstandard sales agreements or transactions which are not part of the entity’s normal terms and conditions. Companies are encouraged to use this opportunity to standardize contract terms and conditions, if commercially feasible based upon their stature in the industry they serve.
Additionally, entities should focus on the risks associated with contracts signed in new markets, revenue from new and emerging technologies and, especially, cross-border transactions. The AICPA Alert has highlighted the following potential transactions which may create greater risk of potential misstatement when evaluating whether a contract exists, or the terms of the contract:
- Transactions with related parties;
- Transactions involving new products, new customers, international markets, or new sales or distribution channels;
- Transactions based on implied (or oral) contracts that are enforceable or based on the entity’s customary business practices;
- Sales of merchandise that are shipped in advance of the scheduled shipment date without evidence of the customer’s agreement or consent or documented request for such shipment; and
- Sales in which evidence indicates the customer’s obligation to pay for the product is contingent on resale to another party (i.e., distributor or consignment sales) or receipt of financing from another (third) party.
The point is this: Transactions such as the above warrant close attention. Contract modifications may also have a significant impact on an entity’s ability to record revenue and, therefore, the focus should be on situations involving modified or amended contracts. In these cases, particular attention should be focused on the “final” contract as well as the various modified agreements along the business cycle when evaluating whether any additional rights or obligations are created through the contract modifications.
Identifying the Performance Obligations in the Contracts
Misidentification of various performance obligations in a customer contract may create potential material misstatements depending on the nature of the goods or services an entity sells to its customers. In addition to reviewing an entity’s contracts with its customers, preparers should evaluate the entity’s own marketing materials, press releases, and external-facing websites, as well as review current and planned business processes with the sales team, to determine what previously identified or additional performance obligations may exist. Peer industry practices should also be considered, as well as situations where an entity’s customary business practices often and typically differ from their stated terms. In these cases, preparers should be aware that external auditors may be justifiably focused on substance-over-form considerations. Therefore, advanced “audit readiness” preparation and business process clean-up is key to ensuring that management’s identification of performance obligations is able to withstand the scrutiny of the audit process.
Determining the Transaction Price
Variable transaction price contracts, including discounts, rebates, refunds, credits, price concessions, incentives, performance bonuses, or penalties, are likely to create an increased risk of material misstatement. Existing business practices that contain these types of items will likely impact the amount of consideration an entity ultimately expects to receive in exchange for transferring promised goods or services and should be considered and evaluated in advance. In terms of the financial reporting process and related audit risk, the accounting for these items is based in large part on management’s estimates and, accordingly, may also be subject to management bias.
Allocating the Transaction Price to the Performance Obligations
Typically, external auditors will have a heightened focus on areas of accounting and reporting that are determined by estimation processes and/or management’s judgment. In regard to revenue recognition, financial statement preparers are well served to consider those judgmental and estimation processes during the planning and implementation phases of transitioning to the new standard. Financial reporting risk is higher in situations where the transaction price is allocated to each performance obligation based on management’s judgment as to the appropriate stand-alone selling price (i.e., management’s estimates may be viewed as more susceptible to error or manipulation than other pricing determinations).
Based upon the business operating model and the nature of the entity’s goods and services, an observable price based on a stand-alone sale may not always be available. In these cases, when an entity needs to estimate a stand-alone selling price of a specific performance obligation, management should critically assess and evaluate the underlying assumptions and estimates. Rest assured, these assumptions and estimates can become a primary area of emphasis for the external auditor.
In addition, the level of estimation uncertainty may increase in situations where the stand-alone selling price is based on non-observable inputs. Similar to variable price considerations, as noted above, these items are based in large part on management’s estimates, may also be subject to internal bias, and may thus increase relative financial reporting and audit risk.
Recognize Revenue When (or as) the Entity Satisfies a Performance Obligation
In situations in which the performance obligation is satisfied at a point in time, there may be cut-off risks associated with revenue being recorded in the correct period.
The AICPA Alert has provided examples of these situations, which are highlighted below:
- Sales billed to customers (e.g., bill-and-hold or ship-in-place sales) before the transfer of control over goods held by the seller;
- Shipments made after the end of the period, e.g., books kept open to record revenue for products shipped after the end of the period do not satisfy the control criterion for the current period;
- Shipments made to a warehouse or other intermediary location without the instruction of the customer;
- Goods pre-invoiced before or in the absence of actual shipment;
- Partial shipments made in which the portion not shipped is a critical component of the single performance obligation product; and
- Purchase orders recorded as completed sales.
Similarly, the assessment of satisfaction of performance obligations over time requires judgment and includes criteria that companies should consider. The AICPA Alert has provided examples of financial reporting and audit risks that exist for these types of contracts:
- Management defaults to “straight line” revenue recognition that does not accurately depict how the customer receives and consumes the benefits of the promise during the contract period.
- When measuring progress toward complete satisfaction of a performance obligation over time, management does not correctly calculate progress to date.
- When measuring progress toward complete satisfaction of a performance obligation over time, the method of measurement is not consistently applied.
These and other examples should be avoided if they fail to accurately recognize revenue according to the satisfaction of performance obligations.
Consideration of Fraud as it Relates to Revenue
In its alert, the AICPA has highlighted the authoritative requirements and guidance about an auditor’s responsibilities concerning the consideration of fraud in conjunction with a financial statement audit. These responsibilities pertain primarily to planning and performing the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement, whether caused by error, omission or fraud. In general, two types of misstatements are usually relevant to the auditor’s consideration of fraud in a financial statement audit: (a) misstatements arising from fraudulent financial reporting and (b) misstatements arising from misappropriation of assets.
Management is required to be cognizant and prepare diligently for the three conditions that are generally present when fraud occurs:
- Management or other employees have an incentive or a reason to commit fraud,
- Circumstances exist that provide an opportunity for a fraud to be perpetrated (such as the absence of controls, the existence of ineffective controls or the ability of management to override established controls), and
- Those involved with initiating and perpetrating a fraud are able to rationalize committing a fraudulent act.
The AICPA Alert reminds preparers and auditors alike regarding the presumption that improper revenue recognition exists as a fraud risk. Potential misstatements as a result of fraudulent financial reporting often result from an overstatement of revenue, but in certain circumstances may also result from an understatement of revenue.
The alert provides examples of fraud risks relating to improper revenue recognition, and some of these risks are listed below:
- Management override of entity controls over revenue recognition resulting in misstatement of revenue
- Premature revenue recognition
- Recording fictitious revenue
- Improperly shifting revenue to an earlier or later period
- Improperly using a portfolio approach to mask the results of an individual contract or group of contracts with unfavorable results
- Not recognizing unsigned or oral contracts or contracts implied by the entity’s customary business practices
- Not identifying all material performance obligations
- Manipulating estimates used in accounting for revenue, such as (a) determinations of variable consideration, including constraining estimates of variable consideration (e.g., management must assess the probability that a significant reversal in the amount of cumulative revenue recognized will not occur once the uncertainty associated with the variable consideration is subsequently resolved), (b) reserves for estimated returns, and (c) estimation of the stand-alone selling prices of bundled goods and/or services.
The Role of Controls over Financial Reporting in Revenue Recognition
The COSO Internal Control – Integrated Framework (2013) defines control activities as “actions established through policies and procedures that help ensure that management’s directives to mitigate risks to the achievement of objectives are carried out.” Control activities normally arise from responding to risks identified through an entity’s risk assessment process. Failure to design and execute effective controls to address risks may result in significant deficiencies and, worse, material weaknesses in the system of internal control over external financial reporting.
As widely discussed, the new revenue recognition standard is a principles-based standard that will require management to exercise more judgment and potentially formulate more estimates in recognizing revenue than ever before and, as a result, exercise more influence in the revenue recognition process. Best practices dictate that entities have an effectively designed system of internal controls to address this increased financial reporting risk.
The AICPA Alert provides the following table suggesting typical control activities that organizations are well served to consider in regard to planning and implementing the new standard:
Five-Step Revenue Recognition Model
- Identifying contracts (whether written or unwritten) that meet the criteria defined in FASB ASC 606-10-25-1
- Reassessing arrangements not initially meeting the criteria of a contract in accordance with FASB ASC 606 due to the possibility of significant changes occurring in the underlying facts and circumstances
- Assessing management’s and the customer’s commitment and ability to perform under the contract
- Ensuring payment terms are properly considered
- Assessing the collectability criterion
- Evaluating whether combined or individual contracts meet the various criteria specified in FASB ASC 606-10-25-9
- Evaluating contract modifications
- Identifying performance obligations, including those explicitly stated in the contract and those that may be implied based on customary business practices
- Evaluating whether a promised good or service is distinct, particularly within the context of the contract
- Evaluating whether a series of goods or services should be treated as a single performance obligation
- Estimating the amount to which the entity expects to be entitled (that is, the transaction price), including any variable consideration (when valuation consultants are hired, it is normally expected that controls are in place to ensure their competence and objectivity)
- Evaluating whether any portion of variable consideration should be constrained
- Determining the fair value of non-cash consideration
- Identifying and measuring whether there is a significant financing component in the contract
- Determining the accounting for consideration payable to a customer
- Estimating the stand-alone selling price, including the maximizing of observable inputs in that process
- Determining the appropriate transaction price allocation, including variable consideration and discounts
- Determining whether performance obligations are satisfied at a point in time or over time
- Measuring progress toward complete satisfaction of a performance obligation that is satisfied over time (that is, the input and output methods)
- Recognizing revenue only when (or as) control is transferred to the customer
Internal Audit Considerations
The COSO Internal Control – Integrated Framework (2013) also recommends that entities “maintain an effective internal audit function that is adequately staffed with qualified personnel appropriate to the size and nature of the entity.” To enhance the objectivity of the internal audit function, the lead internal auditor will typically have a direct reporting relationship to the entity’s chief executive and to the audit committee. An important responsibility of the internal audit function is to monitor the performance of an entity’s internal controls.
Given the emergence of the new revenue recognition framework, internal auditors may want to consider focusing on monitoring management’s ongoing implementation of the new revenue standard. Audit committees and executive management may encourage incorporation of the revenue recognition standard into the audit plan. To be effective in this regard, internal auditors must be familiar with the new requirements. Additionally, internal auditors and management should collaborate in developing plans to monitor the effectiveness of new or revised controls that the organization may need to implement as a result of adopting the new revenue recognition standard.
The new revenue recognition accounting standard has accounting and reporting as well as “people, process and technology” ramifications across many industries. Numerous functions and departments within organizations are going to be impacted and are going to need to be involved in a successful transition to the new standard. The release of this AICPA Alert, as well as the planned drafting, evaluation and release of the forthcoming industry-specific implementation issues and comprehensive resource guides, highlight the importance, significance and relative complexity for preparers and auditors alike in planning and implementing the transition to the new standard and auditing the results of its implementation.