| Dear Center Members: |
This alert contains information regarding:
- New EFAST2 authentication process
- AICPA testifies on recordkeeping in the electronic age
- New technology practice aid
|
|
|
New EFAST2 Authentication Process
The DOL's EFAST2 website authentication process is being modernized in 2023. As part of this modernization, DOL is phasing out the existing method of logging in to the EFAST2 website with an EFAST2-issued User ID and password. In January 2023, EBSA began moving EFAST2 users to a single sign-in solution at Login.gov to access federal government websites, so users will no longer need to obtain unique EFAST2-issued credentials. Login.gov enables users to log-in securely to many government agencies' services with a single username and password. Members may wish to inform their EBP audit clients of this change.
While EBSA is helping users make a gradual transition by allowing users with EFAST2 accounts established before Jan. 1, 2023, to use those credentials until Dec. 31, 2023, all users must obtain Login.gov credentials by December 31, 2023. Users who created new EFAST2 accounts since Jan. 1, 2023, have already been directed to obtain Login.gov credentials.
The changes made to the EFAST2 website are needed to allow users to obtain new electronic signature credentials for the Form 5500 Series, and to file Form PR or to use IFILE, the government's free Form 5500 Series filing application. For existing Form 5500 Series filers using approved private software, logging into the EFAST2 website is generally not necessary.
Click here for more information about Login.gov.
AICPA Testifies on Recordkeeping in the Electronic Age
The AICPA recently testified before the DOL's ERISA Advisory Council (Advisory Council) on July 19, 2023, and September 20, 2023, rearding recordkeeping in the electronic age. Jason Eddy, Chair of the AICPA Employee Benefit Plans Expert Panel, addressed the effect of electronic recordkeeping on the auditor's ability to perform a quality audit, including the authenticity and reliability of the electronic records; the consequences of inadequate records retention; and the data security of electronic records that affect the plan's financial reporting, and provided recommendations in each of those areas. Sandi Carrier, a member of the EBPAQC Executive Committee, provided detailed examples of the issues and challenges highlighted in Jason's remarks, and also addressed the profession's concerns related to nondisclosure agreements auditors are asked to sign.
Click here for the July 19 AICPA testimony.
New AICPA Audit Technology Practice Aid
The AICPA Auditing Standards Board's Technology Working Group has developed a new free, downloadable practice aid, Use of Technology in an Audit of Financial Statements, that emphasizes how technology should be seen as a key enabler, elevating audit effectiveness and efficiency for the future. It is intended to help auditors, especially those in small- to medium-sized firms, make full use of technology to drive efficient, effective and high-quality audits.
The practice aid focuses on applying technology when performing risk assessment procedures in accordance with SAS No. 145, Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement. The practice aid also discusses commonly used automated tools and techniques and, through the SAS No. 145 example, highlights the differences between traditional risk assessment procedures and technology-enabled procedures. The practice aid contains three modules:
- Module 1-A, "The benefits of leveraging technology in the auditor's risk assessment and of obtaining an understanding of the entity's use of technology," is designed to help the auditor understand the benefits of using technology when performing risk assessment procedures in an audit of financial statements. It explains why the auditor's risk assessment is important, highlights the importance of obtaining an understanding of the entity's technology maturity, and provides insights into ways the auditor may want to use automated tools and techniques for risk assessment.
- Module 1-B, "Commonly used automated tools and techniques in the auditor's risk assessment," helps the auditor understand commonly used forms of automated tools and techniques and how they may be used when performing risk assessment procedures.
- Module 1-C, "Example of the auditor's use of technology when performing risk assessment procedures," is designed to illustrate a traditional risk assessment approach and how that may differ from a technology-enabled risk assessment approach.
Based on feedback received on the practice aid, additional parts may be added to provide additional examples of how technology may be used.
Sincerely,
AICPA Employee Benefit Plans Audit Quality Center |
|
 |
|
| In This Alert |
|
|
| Additional Resources |
|
|
| Stay Informed |
We welcome any suggestions or questions - please send them by e-mail at EBPAQC@aicpa.org.
Members of the Employee Benefit Plan Audit Quality Center (EBPAQC) may only reproduce and distribute EBPAQC Alerts internally within the firm to other Center member firm personnel as part of the firms' professional services. For information about permission to copy any part of these documents for redistribution or inclusion in other work, please click on the copyright notice at the bottom of the page or phone the copyright permission hotline (919) 402-4031.
©2023 Association of International Certified Professional Accountants.
Online privacy policies and copyright information.
220 Leigh Farm Road, Durham, NC 27707-8110.
|
|
|
|
|
