6.5 Legal Protective Clauses in Engagement Letters

Generally, legal protective clauses to mitigate the auditor’s potential liability are permitted in AICPA audit engagement letters. The most common legal protective clause that is included in such letters is a release and indemnification for management misrepresentations. In certain circumstances, such as some financial statement audits performed in connection with a transfer of ownership interests, other legal protective clauses (e.g., a limitation of liability) may also be included in AICPA audit engagement letters.

However, the SEC’s independence rules do not permit inclusion of legal protective clauses in audit engagement letters. When an entity is an issuer or the auditor is engaged to perform an audit in accordance with PCAOB standards, auditors are subject to, and must comply with, the SEC’s independence rules; accordingly, auditors do not include such legal protective clauses in PCAOB audit engagement letters. Any prior AICPA audit engagement letters for financial statement periods included in the initial registration statement will need to be amended to remove legal protective clauses before (1) independence matters are communicated to the audit committee and (2) the terms of a PCAOB audit engagement letter are executed.