AICPA Describes Audit Procedures For Conflict Minerals Audit

The AICPA has issued additional guidance regarding the independent private-sector audit, or IPSA, which is required in some circumstances under the conflicts minerals rules.  (Note that AICPA’s guidance is only applicable to Attestation Engagements under the GAO Government Auditing Standard. Issuers may elect to have their IPSA conducted as either (1) an attestation engagement performed by or under direction of a CPA or (2) a performance audit which can be preformed by a wider range of professionals and guidance on such performance audits is forthcoming from the Auditing Roundtable).

For those issuers that choose to use an Attestation Engagement for their IPSA, the guidance is useful because it describes audit procedures to be used and what is beyond the scope of the IPSA.

Audit Objectives

The guidance describes the interrelationship of the two audit objectives of the IPSA which are:

  • whether the design of the issuer’s due diligence framework as set forth in the Conflict Minerals Report (CMR), with respect to the period covered by the report, is in conformity with, in all material respects, the criteria set forth in the nationally or internationally recognized due diligence framework used by the issuer, and
  • whether the issuer’s description of the due diligence measures it performed as set forth in the Conflict Minerals Report, with respect to the period covered by the report, is consistent with the due diligence process that the issuer undertook.

Audit Procedures

Appropriate procedures relating to the first objective may include, but are not limited to:

  • Ask management to identify how the design of the issuer’s due diligence framework is set forth in the conflicts minerals report, or CMR.
  • Identifying the nationally or internationally recognized due diligence framework used as the basis for the issuer’s due diligence framework. (Note: As of December 2013, the OECD framework is the only nationally or internationally recognized framework.)
  • Obtaining management’s assertion that the design of the company’s due diligence framework, for the period covered by the Conflict Minerals Report, conforms in all material respects to the OECD framework.
  • Obtaining from management documentation of the design of the issue’s due diligence framework as set forth in the CMR, with respect to the period covered by the report.
  • Inquiring of management how the design of their due diligence framework conforms to the OECD framework.
  • Evaluating whether the design is in conformity, in all material respects, with the OECD framework.
  • Obtaining management representations that the design of the due diligence framework conforms, in all material respects, to the OECD framework.

Appropriate procedures relating to the second audit objective may include, but are not limited to:

  • Obtaining management’s assertion that the description of the due diligence measures that the issuer performed is consistent with the due diligence process that the issuer undertook for the period covered by the CMR.
  • Inquiring of management as to, and inspecting documentation identifying, the specific due diligence process undertaken.
  • Obtaining documentation supporting the description of the reported due diligence measures disclosed or planned to be disclosed in the CMR.
  • Performing procedures (such as inquiry, recalculation, observation, and inspection) and obtaining evidence that the description of the due diligence measures performed was consistent, in all material respects, with the due diligence process the issuer undertook. The nature and extent of the specific procedures to be performed are determined, and will vary, based on management’s description of its due diligence measures.
  • Obtaining management representations that the description of the due diligence measures it performed as set forth in the CMR, with respect to the period covered by the report, is consistent, in all material respects, with the due diligence process that the issuer undertook.

Matters Outside Scope of Auditors Examination

Only the portion of the CMR that describes the design of the issuer’s due diligence framework and the due diligence measures that the issuer performed is within the scope of an IPSA.

Accordingly, the auditor’s examination would not include a number of matters, including an evaluation of:

  • Matters relating to the issuer’s reasonable country of origin inquiry, including the design, operating effectiveness and results thereof.
  • The consistency of the due diligence process that the issuer undertook with either the design of the issuer’s due diligence framework or the nationally or internationally recognized due diligence framework used by the issuer.
  • The completeness of the issuer’s description or operating effectiveness of the due diligence measures performed.
  • Whether the reader can determine if the due diligence process the issuer undertook is consistent with the nationally or internationally framework used by the issuer.

As the focus of the auditor’s objectives is on the design of the issuer’s due diligence framework and the due diligence measures undertaken by the issuer, and not on the conclusions that the issuer drew from such procedures, the auditor’s examination does not address the issuer’s conclusions about:

  • The conflict minerals necessary to the functionality or production of the product manufactured or contracted to manufactured.
  • Which conflict minerals were outside the supply chain at January 31, 2013.
  • The issuer’s products subject to due diligence.
  • The source or chain of custody of conflict minerals and the suppliers thereof.
  • Whether its products were DRC conflict free, not DRC conflict free, DRC conflict free undeterminable, or not been found to be DRC conflict free.

Hat tip to Broc Romanek (subscription required) and The Elm Consulting Group International LLC for pointing out this development.