Engagement Acceptance, Terms, and Liability Basics

Learning objectives

• Assess whether to accept or continue an audit engagement by evaluating client integrity, ethical threats, and the firm’s capability and resources.
• Draft and interpret the main elements of audit engagement terms, including scope, responsibilities, timetable, reporting, and fees.
• Identify common engagement red flags (integrity, competence, independence, access restrictions, unrealistic deadlines and fees) and determine appropriate responses.
• Explain, at a practical level, how liability can arise and how careful documentation and communication reduce exposure.
• Analyse how scope restrictions and uneconomic fees can threaten quality and increase engagement risk.

Overview & key concepts

Engagement acceptance, continuance, and engagement terms sit at the front of the audit process and shape everything that follows. If the client is unsuitable, if ethical requirements cannot be satisfied, or if the firm lacks the time and competence to do the work properly, the engagement is high risk before planning even begins.

In practice, acceptance and continuance operate within the firm’s quality management system and are documented to demonstrate compliance with ethical requirements and auditing standards. Engagement terms then translate those decisions into clear, workable expectations about scope, access, timing, reporting, and fees.

Clear engagement terms reduce disputes about “what was agreed” and support audit quality by ensuring the team has proper access and sufficient time. Weak acceptance decisions and vague terms are common root causes of audit failures, complaints, and uncollectable fees.

(Those charged with governance: the individuals or group responsible for overseeing the entity’s financial reporting and audit interaction, such as the board or audit committee.)

Throughout this chapter, the audit is used as the main illustration, but the acceptance and engagement-terms logic applies to other assurance engagements with suitable adjustments.

Core theory and frameworks

Engagement acceptance

Engagement acceptance is the decision to take on a new audit engagement. It should be made before significant work is performed and supported by documented reasoning.

A robust acceptance process addresses five themes.

1) Client integrity and conduct

Indicators of higher integrity risk include:

• reluctance to answer questions about ownership, governance, or funding
• a dismissive attitude to reporting, tax, or compliance obligations
• frequent adviser changes, disagreements with prior auditors, or unresolved issues
• pressure for a “quick sign-off” without adequate records or time

Integrity concerns matter because they increase the risk of misstatement, obstruction, and later disputes.

2) Practical deliverability (feasibility gate)

Even if the client appears attractive, the engagement may be undeliverable if access will be restricted, records are unreliable, or the reporting deadline is impossible. Deliverability should be tested early through realistic milestones and conditions (for example, information deadlines, site access, and availability of key staff).

3) Ethics and independence (practical screening)

Before accepting (or continuing), ask a simple question: “Could anything about this relationship make a reasonable observer doubt our objectivity?”

Objectivity can be pulled off course by different kinds of pressure, for example:

• Financial pressure: where the fee, overdue amounts, or commercial dependence may encourage the team to keep the client satisfied.
• Work we have done ourselves: where the firm has helped create information that the audit would then need to challenge.
• Over-familiarity: where long association or close personal connections make robust challenge less likely.
• Taking the client’s side publicly: where the firm is seen as championing the client’s position rather than evaluating it.
• Bullying or implied consequences: where management pressure encourages shortcuts or softer conclusions.

Where a risk is identified, the firm should decide whether it can reduce it to an acceptable level (for example by changing personnel, separating teams, adding independent review, or stopping certain non-audit work). If it cannot, the safest decision is not to accept, or to withdraw where permitted.

4) Capability, resources, and timing

The firm should be satisfied it can perform the work with appropriate quality. This requires:

• relevant technical competence for the industry and reporting issues
• enough appropriately supervised staff
• access to specialists where needed (for example IT controls, valuations, tax)
• a workable timetable that allows planning, fieldwork, clearance, review, and reporting

An unrealistically short deadline is a quality risk. If the timeline forces shortcuts, the engagement should be renegotiated or declined.

5) Fee realism and commercial risk

A fee should be consistent with the resources needed and the engagement’s risk profile. A materially uneconomic fee can create:

• quality risk(procedures and review may be compressed, reducing the likelihood of obtaining sufficient appropriate evidence)
• ethical risk(commercial pressure can influence judgement and reduce professional scepticism)
• commercial exposure(write-offs and disputes become more likely)

The fee does not have to be calculated as “cost plus”. However, it must be consistent with resourcing the work properly and should not create pressure that threatens objectivity.

Engagement continuance

Engagement continuance is the periodic reassessment of whether the firm should remain appointed. It is typically performed annually and also when major events occur (such as ownership changes, fraud allegations, significant disputes, or new ethical threats).

Continuance revisits acceptance factors, using what the firm has learned from prior experience:

• cooperation of management and those charged with governance
• quality of records and timeliness of information
• unpaid fees and repeated billing disputes
• recurring access restrictions or “last-minute” pressure
• repeated misstatements and resistance to correction
• significant disagreements and how they were resolved

Where serious concerns cannot be resolved, withdrawal (where permitted) may be appropriate.

Preconditions: what must be true for an audit to work

An audit only makes sense when the engagement is set up so that evidence can be obtained and responsibilities are clear. In practice, three “green lights” are needed:

• Records and access: the team can obtain documents, explanations, and access to people and locations in time to do the work properly.
• Reporting basis: the financial statements will be prepared using a recognised framework that is appropriate for the entity.
• Responsibility clarity: management accepts it owns the financial statements and the underlying books, internal controls, and records needed to produce reliable financial information.

If management is unwilling to accept these fundamentals, the issue is not “planning”. It signals that the engagement may be undeliverable or high integrity risk, and acceptance/continuance should be reconsidered.

Setting and confirming engagement terms

Engagement terms convert acceptance decisions into a clear, workable arrangement. They reduce misunderstandings, support quality, and provide a reference point if circumstances change.

Engagement letter: a simple “What–Who–How–When–Money” map

A good engagement letter is a one-page mental model expanded into a document:

• What: the engagement and boundaries (period, scope, and what is not covered).
• Who: what management provides and what the auditor does.
• How: how issues are raised, cleared, and reported during the work.
• When: access needs, information deadlines, and the knock-on effects of delay.
• Money: how fees are calculated, billed, and adjusted for extra work.

Add only the clauses that genuinely matter for this client (use of experts, multi-site coverage, confidentiality and data protection, retention of working papers, dispute handling, and any legally reviewed liability wording where lawful and appropriate).

The key principle is that the letter should make it difficult for either party to later say: “I thought you were doing something else.”

Responding to scope limitations and red flags

A scope limitation is any restriction that prevents the auditor from performing necessary procedures or accessing evidence. Limitations can be:

• foreseeable at acceptance(for example, management refuses third-party confirmations, denies site access, or demands an impossible reporting date), or
• arising after acceptance(for example, records are lost, a location cannot be visited, or management later refuses access).

This distinction matters. A foreseeable limitation should be treated as an acceptance issue: it should be removed through clear preconditions and engagement terms, or the engagement should not be accepted. A limitation that arises later requires an active response aimed at finding alternative evidence; if evidence remains insufficient, the likely effect on the auditor’s report should be addressed in good time.

Practical response framework

1. Identify the cause: management-imposed or circumstantial? Temporary or permanent?
2. Assess significance: which balances/assertions are affected and how material could the impact be?
3. Seek alternatives: different procedures, revised timetable, additional coverage, or other evidence sources.
4. Escalate: discuss with those charged with governance where appropriate, and communicate early if the issue may affect the opinion or conclusion.
5. Conclude and act:
   • if sufficient appropriate evidence can still be obtained, proceed and document the resolution;
   • if not, consider the implications for the auditor’s report and whether withdrawal is appropriate where permitted.

Early identification remains vital. Timetable pressure is often an indirect scope restriction because it reduces the opportunity to obtain sufficient appropriate evidence.

Professional competence, due care, and documentation

Competence and due care are demonstrated through:

• appropriate planning and supervision
• timely involvement of specialists when needed
• robust challenge of management explanations (professional scepticism)
• review that is proportionate to risk and complexity

Audit documentation supports quality and protects the firm by recording:

• key acceptance/continuance judgements and ethical assessments
• the planned approach and reasons for major decisions
• evidence obtained and how conclusions were reached
• discussions and escalation of significant matters with management and governance

Documentation is strongest when it is clear, contemporaneous, and linked to conclusions.

Liability basics: duty of care, negligence, and limitation clauses

Duty of care (practical meaning)

A duty of care arises where the law recognises a responsibility to act with reasonable skill and care toward particular parties. In many statutory audit situations, the duty is primarily to the company and its shareholders as a body; extending it to other parties is fact-dependent and varies by jurisdiction.

Negligence (in audit disputes)

Negligence is commonly alleged where a claimant argues that:

• the auditor failed to perform work with reasonable care and skill
• this contributed to an inappropriate report or a missed material issue
• loss was suffered as a result

Clear engagement terms, good-quality work, timely escalation of issues, and strong documentation reduce exposure.

Limitation of liability wording (legal caution)

Some engagement letters propose wording intended to limit or define liability where it is lawful and appropriate. This area is highly jurisdiction-sensitive and may be restricted for statutory audits. Any such wording should be drafted with legal review and should never be treated as a substitute for quality work and clear communication.

Worked example

Narrative scenario

Brightlake Services Ltd, a medium-sized service provider, has requested an audit for the year ended 31 December 20X4. The proposed audit fee is £9,000. The audit team estimates the following time requirements:

• Senior time: 35 hours at £140 per hour
• Staff time: 75 hours at £70 per hour
• Partner review: 8 hours at £220 per hour
• Specialist time (IT controls): 6 hours at £180 per hour

The firm has no prior experience with Brightlake Services Ltd, and the client has multiple locations. Management has promised unrestricted access to records and personnel but has requested a very short deadline for the audit report.

Required

1. Calculate the total expected cost of the audit based on the estimated time requirements.
2. Compare the proposed fee to the expected cost and identify any shortfall.
3. Evaluate the implications of the fee shortfall on audit quality and risk.
4. Propose a course of action to address the fee shortfall.
5. Identify any red flags in the engagement scenario and suggest appropriate responses.

Solution

1) Total expected cost

• Senior: 35 × £140 =£4,900
• Staff: 75 × £70 =£5,250
• Partner: 8 × £220 =£1,760
• Specialist: 6 × £180 =£1,080

Total expected cost = £4,900 + £5,250 + £1,760 + £1,080 = £12,990

2) Fee shortfall

• Proposed fee:£9,000
• Expected cost:£12,990

Shortfall = £12,990 − £9,000 = £3,990

3) Implications for quality and risk

A fee materially below expected effort creates several risks:

• Quality pressure: there may be pressure to reduce planning, supervision, and review time, or to narrow testing. This increases detection risk because fewer procedures are performed and less evidence is obtained.
• Ethical pressure: a loss-making engagement can create self-interest pressures that threaten objectivity, particularly under deadline pressure.
• Planning distortion: unrealistically tight budgets can weaken supervision and professional scepticism.
• Commercial exposure: write-offs and disputes become more likely, especially where the engagement is more complex than anticipated.

The fee is not required to mirror a “cost-plus” model, but it must be consistent with resourcing the work properly and should not create self-interest pressures that threaten objectivity.

4) Course of action to address the shortfall

A practical response is to align scope, timetable, and fee with the work required for a competent audit:

• Renegotiate the feeto reflect the estimated effort and the complexity of multiple locations and specialist work.
• Agree a realistic timetablethat permits planning, fieldwork, clearance, and review.
• Specify triggers for additional fees, such as late information, extra locations, significant post-fieldwork adjustments, or expanded reporting requirements.
• Decline the engagementif management will not agree to terms that allow a quality audit to be performed.

Re-scoping should not be used to remove essential audit work. If the only way to meet the fee is to do less than is necessary, the engagement is unsuitable.

5) Red flags and responses

Red flag 1: Very short reporting deadline

• Risk: compressed work, reduced evidence gathering, higher chance of missed misstatement.
• Response: negotiate a timetable with milestones; make delivery of records a condition; refuse deadlines that make competent work impractical.

Red flag 2: No prior experience with the client

• Risk: additional time needed to understand systems and reporting issues; higher likelihood of surprises.
• Response: plan extra time for understanding; involve experienced staff early; obtain background information and consider communication with previous advisers where appropriate.

Red flag 3: Multiple locations

• Risk: added complexity in systems, controls, and evidence gathering; potential need for site visits.
• Response: identify significant locations; plan site coverage; consider specialist input where systems or controls differ.

Red flag 4: Uneconomic fee

• Risk: under-resourcing and compromised quality; increased likelihood of disputes.
• Response: renegotiate fee and timetable; document that the fee supports the planned work; decline if not resolved.

Common pitfalls and misunderstandings

• Treating acceptance as a formality rather than a documented risk decision.
• Assuming “unrestricted access” removes risk without testing deliverability through milestones.
• Ignoring fee realism: an uneconomic fee is a quality and ethics issue, not just a pricing choice.
• Underestimating first-year effort and multi-location complexity.
• Addressing deadline pressure too late, after it has become a practical scope restriction.
• Over-reliance on management explanations instead of obtaining independent evidence.
• Weak documentation of acceptance decisions, scope issues, and key communications.
• Failing to update engagement terms when scope, timing, or fee basis changes.

Summary and further reading

Acceptance and continuance decisions determine whether an audit can be performed to an appropriate standard while meeting ethical requirements. Key considerations include integrity, objectivity, competence, resources, access, timing, and fee realism. Engagement terms should clearly set out what work will be done, what management must provide, how issues will be communicated, and how fees will be charged.

Scope limitations should be handled differently depending on when they arise. If a restriction is foreseeable at the outset and cannot be removed through clear preconditions, the engagement should not be accepted. If restrictions arise later, the team should pursue alternative evidence, escalate appropriately, and communicate early if the matter may affect the opinion or conclusion. Where evidence remains insufficient, consider the implications for the auditor’s report or withdrawal where permitted.

Liability exposure is reduced through careful engagement screening, clear engagement terms, strong evidence and documentation, and timely communication of significant matters.

FAQ

What factors matter most when deciding whether to accept a new audit engagement?

Focus on integrity indicators, ethical threats to objectivity, and whether the firm has the competence, time, and resources to perform the work properly. Practical feasibility is equally important: access to records, cooperation, timetable, and whether the proposed fee supports appropriate resourcing.

How should scope limitations be handled in practice?

First distinguish whether the limitation is foreseeable at acceptance or arises during the engagement. Foreseeable restrictions should be removed through clear preconditions or the engagement should be declined. Later-arising limitations require alternative evidence where possible, escalation to those charged with governance, and early communication if the issue may affect the opinion or conclusion.

What is the engagement letter for?

It documents scope, responsibilities, access, timetable, reporting, and fees so both parties have the same understanding. It supports quality by making cooperation and timing explicit and reduces disputes about what was agreed.

How does liability arise for auditors?

Claims typically allege that the auditor failed to act with reasonable care and skill, contributing to an inappropriate report and loss. In many statutory audit situations, the duty is primarily owed to the company and shareholders as a body; extending it to others depends on the facts and jurisdiction. Strong documentation and clear communication reduce exposure.

Why is a fee shortfall a quality issue rather than just a commercial issue?

Because sustained loss-making work creates pressure to compress planning, supervision, and review, weakening evidence and judgement. It can also create self-interest pressures that threaten objectivity. If the fee cannot support competent work, it should be renegotiated or the engagement declined.

Glossary

Engagement acceptance
The decision to take on a new audit engagement after evaluating integrity, ethical threats, capability, resources, access, timing, and commercial risk.

Engagement continuance
The reassessment of whether to remain appointed, performed periodically and when significant changes or concerns arise.

Preconditions for an audit
Fundamental conditions that make an audit workable: timely access to records and people, an appropriate reporting framework, and management acceptance of responsibility for the financial statements and the underlying books, internal controls, and records that generate them.

Engagement letter
A written agreement setting out scope, responsibilities, access, timetable, reporting, and fees to reduce misunderstandings and disputes.

Scope limitation
A restriction that prevents necessary procedures or access to evidence, arising from management actions or circumstances.

Those charged with governance
The individuals or group responsible for overseeing financial reporting and the audit relationship (for example, the board or audit committee).

Independence threat
A circumstance that could undermine objectivity, requiring safeguards or refusal/withdrawal where the risk cannot be reduced appropriately.

Professional competence and due care
The requirement to perform work with appropriate skill, care, supervision, and resources, including the use of specialists when needed.

Audit documentation
Records of work performed, evidence obtained, conclusions reached, and key communications, supporting both quality and defensibility.

Duty of care
A legal responsibility to act with reasonable skill and care toward parties recognised by law in the relevant circumstances.

Negligence
A failure to act with reasonable care and skill that contributes to an inappropriate outcome and loss to a party to whom a duty is owed.

Limitation of liability wording
Engagement wording intended to cap or define liability, where lawful and appropriate, subject to legal enforceability, regulatory constraints, and legal review.

Engagement risk
The overall risk to the firm from association with a client and engagement, including quality, ethical, regulatory, reputational, litigation, and fee recovery risks.