While the industry is preparing to meet third-party vetting requirements from lenders, Carr, Riggs & Ingram (CRI) Partner-in-charge of ALTA Best Practices, Kim McConkey, said that there exists misinformation and confusion regarding certifications and third-party assurances. Here, he tried to clear up some of that confusion.
“ALTA Best Practices certifications are similar to reports rendered regarding financial statements. Both the certification and report are intended to give lenders and other readers assurance on the information (i.e. ALTA Best Practices procedures or financial statements) they contain. With financial statements, that assurance can range from the company’s self-assurance to a high level of assurance from a CPA. For example, a bank or other user might accept company-prepared financial statements (where no assurance is given by the CPA) or they may request audited financial statements by a CPA; for those that are unfamiliar, an audit is a particular type examination where a CPA provides a high-level of assurance. Similarly, in the ALTA Best Practices arena, self-certifications exist, with no assurance from a third-party or CPA, or lenders may request an examination, a high level of assurance.
“Based on the lender’s risk management policies, they determine what level of assurance on financial statements they will require to mitigate that risk. If a company is perceived to be a high risk, the lender may require audited financial statements. If they are perceived to be a very low risk, the lender may only require internally prepared financial statements.In either case, management of the company is implicitly asserting that its financial statements are complete, accurate, and fairly stated when compared to generally accepted accounting standards (i.e. those standards are a suitable framework).
“When performing ALTA Best Practice compliance attestation engagements, the starting point for a CPA is management’s explicit assertion that they are compliant with ALTA Best Practices, where the ALTA Best Practices framework is the suitable framework.
“Assurance, while not exactly the same, is similar to attestation. A CPA attests to provide assurance regarding the agent’s certification or assertion that they are compliant. The CPA’s attest report indicates that they are giving some level of assurance on that agent’s compliance certification or assertion.
“An ALTA Best Practices self-certification is the same as internally or company-prepared financial statements. In both cases, the CPA provides no assurance regarding the subject matter.
“For attestations, CPA’s can give three levels of assurance on the agent’s compliance certification or assertion:
1) reviews (moderate assurance),
2) agreed-upon procedures (specific procedures performed and the results of those procedures, where lenders draw their own conclusion), and
3) examinations (high level of assurance)
“The assertion wording provided by management is virtually the same as what is in ALTA’s certification package. Then, the CPA issues their attestation report at the requested level of assurance regarding the agent’s compliance certification or assertion.
“The stronger or higher the level of assurance requested, the more work a CPA does to support that assurance level.
“The appropriate level of assurance ultimately comes down to the users (e.g. lenders, management, or others). In practice this often comes down what the lender’s risk management policies are or what their perception of risk is. Where an agent is deemed to be a high risk by a lender’s risk management policies, then the lender may want a high level of assurance on that agent’s certification or assertion regarding compliance.
“In that case, the lender would ask for an examination level attestation certification. This is similar to audited financial statements, versus reviewed financial statements. Large agents can differentiate in the marketplace that they received an examination level certification, versus a review level certification that a small agent may receive.”