Compliance Assessments and Attestations
We provide a number of compliance type assessments on a wide range of topics and regulations. The AICPA’s AT 601 Compliance Attestation Standard allows a CPA firm, such as ML&F, to attest to an entity’s compliance with requirements of specified laws, regulations, rules, contracts, or grants or the effectiveness of an entity’s internal control over compliance with specified requirements. The compliance requirements may be either financial or nonfinancial in nature. These assessments can be structured for private or internal use or can be developed for use by parties outside the entity.
These services can also be performed in a preparation capacity, to assist the entity in bench-marking their current performance prior to an official attestation or audit. A preparation or readiness engagement would come in the form of an assessment, versus an attestation.
A compliance assessment would be an actual attestation that would be treated at the same level as a financial audit. The same type and level of testing would be used to determine if compliance had or is presently occurring with regards to a regulation or group of regulations within the entity.
ML&F performs assessments of internal controls (including IT controls) based on specific regulatory standards and frameworks. The following is a partial list of regulatory statutes that can be used as a basis for assessment: