Blog

Audit quality today is judged less by the number of procedures performed and more by the reliability of the supporting evidence. Regulators, inspection teams, and audit committees increasingly ask a simple question: Could a reasonable auditor trust the evidence behind the opinion? This question sits at the heart of PCAOB AS 1105. 

For CPAs, the standard is no longer theoretical guidance. It has become the operational core of audit execution in 2026, especially as accounting records move to cloud systems, confirmations become digital, and fraud risks evolve.

The Public Company Accounting Oversight Board has repeatedly observed a pattern in inspection findings over the past decade. Audit teams documented extensive procedures, yet the audit opinions still lacked adequate support. The issue was rarely missing documentation. Instead, auditors relied heavily on information prepared or influenced by management. As a result, PCAOB AS 1105 is now one of the most cited standards in PCAOB inspection reports.

Understanding the objective of PCAOB AS 1105

The standard focuses on whether audit evidence is both sufficient and appropriate.

• Sufficient refers to the quantity of evidence obtained
• Appropriateness refers to the quality and reliability of that evidence

Many audit deficiencies occur because teams focus on quantity while overlooking reliability.

The standard defines audit evidence as information used by the auditor to support the audit opinion. However, not all information qualifies as reliable evidence. The reliability of evidence depends primarily on its source and the auditor’s level of control over it.

How PCAOB AS 1105 interacts with other PCAOB standards

PCAOB AS 1105 does not operate in isolation. Evaluating the reliability of audit evidence requires integration with several other PCAOB standards that govern risk assessment, substantive testing, and sampling.

AS 2110 – Identifying and Assessing Risks of Material Misstatement

Risk assessment drives evidence requirements. Higher-risk areas require more persuasive and reliable evidence. If risks are not properly identified under AS 2110, the auditor may obtain insufficient or inappropriate evidence under AS 1105.

AS 2301 – The Auditor’s Responses to the Risks of Material Misstatement

AS 2301 links risk assessment to audit procedures. The nature, timing, and extent of procedures must be designed to obtain reliable evidence that responds directly to assessed risks. Weak evidence in high-risk areas is a common PCAOB inspection finding.

AS 2315 – Audit Sampling

When auditors use sampling, AS 2315 requires that the selected items provide a reasonable basis for conclusions. Even a properly designed sample fails AS 1105 if the underlying evidence within the sample lacks reliability.

Together, these standards reinforce that audit quality depends not only on performing procedures, but on obtaining evidence that is both responsive to risk and sufficiently reliable to support the audit opinion.

The reliability hierarchy of audit evidence

Evidence exists on a reliability spectrum. The higher the auditor’s control and independence, the more reliable the evidence. While PCAOB AS 1105 does not prescribe a formal hierarchy, in practice, inspection findings consistently reflect this reliability spectrum based on source and auditor control.

1. External third-party evidence (highest reliability)

Generally more reliable because it is obtained from independent sources, provided the auditor controls the confirmation process and verifies respondent authenticity.

Examples:

• Bank confirmations
• Accounts receivable confirmations
• Legal letters
• Custodian statements

2. Auditor-generated evidence

Reliable because the auditor performs the procedure.

Examples:

• Recalculations
• Reperformance of controls
• Physical inventory observations
• Independent analytical procedures

3. Internally generated evidence with effective controls

Reliability depends on control testing.

Examples:

• ERP system reports
• Approved contracts
• Authorized purchase orders

4. Management representations (lowest reliability)

Cannot stand alone under PCAOB AS 1105.

Examples:

• Verbal explanations
• Unsupported schedules
• Management estimates without corroboration

Digital systems and electronic evidence in 2026

Companies now maintain accounting records in:

• Cloud accounting software
• Integrated ERP platforms
• Automated revenue systems
• Digital banking platforms

Automation increases efficiency but not reliability. System-generated data reliability depends on the effectiveness of relevant controls, consistent with the linkages to AS 1105, AS 2110, and AS 2301.

Before relying on electronic evidence, auditors typically evaluate:

• Who generated the report
• Whether management can edit the data
• Access controls over the system
• Testing of IT general controls
• Reconciliation to the general ledger
• Independent assurance (such as SOC reports)

Without these steps, reliance on system reports does not meet PCAOB AS 1105 expectations.

Corroboration: a core requirement

Generally, no single document should support a material financial statement assertion. Evidence strength increases when multiple independent sources agree.

Example — revenue testing:

Weak evidence

• Internal sales register only

Strong evidence

• Signed contract
• Invoice
• Shipping documentation
• Payment receipt
• Customer confirmation

Inspectors frequently cite audits where auditors accepted internal schedules without verification. These are frequently cited PCAOB AS 1105 deficiencies.

Third-party confirmations

Confirmations directly address key assertions:

• Existence
• Rights and obligations
• Accuracy

However, confirmation risks have changed. Auditors typically now consider:

• Spoofed email responses
• Fake domains
• Management-controlled mailing lists
• Altered contact details

The auditor must control the process. Reliability decreases if management:

• Selects respondents
• Distributes confirmations
• Receives responses

Under PCAOB AS 1105, confirmation procedures typically remain under auditor control.

Evaluating information produced by the company (IPC)

Common IPC examples include:

• Aging reports
• Inventory listings
• Deferred revenue schedules
• Commission calculations

Auditors often use these reports but forget to test them. To rely on IPC, auditors must evaluate:

• Source data accuracy
• System logic
• Change management procedures
• Access controls
• Reconciliation to accounting records

Without these procedures, the evidence generally does not satisfy PCAOB AS 1105.

Professional skepticism and evidence evaluation

Professional skepticism is demonstrated through procedures, not attitude. Auditors must challenge evidence when:

• Management incentives exist
• Transactions are unusual
• Estimates are aggressive
• Related parties are involved

For example, a management revenue accrual spreadsheet requires:

• Recalculation
• Contract review
• Subsequent cash testing
• Independent corroboration

Accepting explanations without verification is a common PCAOB AS 1105 deficiency.

Inspector mindset: How PCAOB reviewers evaluate evidence

From an inspector’s perspective, the key question is not whether evidence exists, but whether the auditor demonstrated why it was reliable.

PCAOB inspectors rarely challenge whether documents were obtained. Instead, they evaluate whether the auditor:

• Maintained control over the evidence
• Corroborated management-provided information
• Addressed risks of manipulation or bias
• Clearly documented why the evidence was appropriate

When workpapers fail to explain why evidence can be trusted, inspectors frequently conclude that PCAOB AS 1105 was not satisfied—even if multiple procedures were performed.

High-risk audit areas

Revenue recognition

Auditors must verify:

• Contract terms
• Delivery or performance
• Payment conditions
• Collectability

Estimates and fair value

Reliable evidence requires:

• Independent assumptions
• Market data
• Sensitivity analysis

Related-party transactions

Reliability risk is high because independence is limited. External corroboration becomes essential.

Technology, data analytics, and AI

Modern audits increasingly use:

• Data analytics
• Anomaly detection
• AI-based risk identification
• Automated sampling

These tools improve risk assessment but do not replace evidence. AI outputs do not, on their own, constitute sufficient appropriate audit evidence. The auditor must still obtain independent support. Technology improves efficiency but, in and of itself, does not satisfy PCAOB AS 1105.

Common PCAOB inspection findings

Recurring inspection deficiencies include:

• Overreliance on inquiry
• Weak confirmation procedures
• Lack of testing of system reports
• Acceptance of management explanations
• Insufficient corroboration

The recurring issue is not the lack of documentation. It is insufficiently reliable documentation.

Practical steps CPAs should implement in 2026

To align with PCAOB AS 1105, audit teams should:

Strengthen confirmation controls

• Independently verify respondent identity
• Avoid client-provided contact information
• Maintain control of distribution and response

Validate system-generated reports

• Test IT general controls
• Reconcile to the general ledger
• Reperform report logic when necessary

Improve evidence corroboration

• Rely on multiple independent sources
• Avoid single-document support

Enhance documentation

• Explain why evidence is reliable
• Link evidence directly to assertions

Limit reliance on inquiry

• Inquiry should support evidence, not replace it

Documentation expectations

Audit workpapers must clearly demonstrate:

• How the auditor obtained the evidence
• Why the evidence is reliable
• How the evidence supports the audit opinion

Inspectors often conclude that auditors gathered documents but failed to prove appropriateness. Proper documentation must explicitly address reliability under PCAOB AS 1105.

Legal and litigation perspective

In audit litigation, the central argument often becomes:

Should the auditor have trusted this evidence?

Courts often evaluate whether a reasonable auditor would have questioned the documentation. If yes, the matter becomes a failure to comply with PCAOB AS 1105. Therefore, evidence reliability is also a key element of audit defensibility.

Conclusion

Modern auditing centers on evaluating evidence rather than merely completing procedures. Auditors must move beyond checklists and focus on the credibility of the information supporting their opinion. 

As accounting systems become digital and remote, the risk of manipulated documentation increases. Independent and verified evidence is therefore more important than ever.

Secure confirmation workflows, identity-verified responses, and controlled third-party communication significantly strengthen audit support and help auditors meet PCAOB AS 1105 expectations. AuditConfirm supports auditors in this environment by enabling secure audit confirmations, structured workflows, and authenticated respondent verification. By strengthening third-party evidence and reducing confirmation risk, AuditConfirm helps CPAs obtain higher-quality audit evidence and better withstand regulatory scrutiny.

Ultimately, the audit opinion is only as strong as the evidence behind it. Reliable evidence remains the defining factor of audit quality in 2026.

FAQs

What is PCAOB AS 1105, and why is it important for auditors?

PCAOB AS 1105 sets the standard for evaluating the reliability of audit evidence. Auditors use it to determine whether the evidence they gather is sufficient and appropriate to support their audit opinion. Following this standard helps CPAs reduce risk and comply with regulatory expectations.

How do auditors ensure they obtain reliable evidence under PCAOB AS 1105?

Auditors obtain reliable evidence by prioritizing independent sources, testing system-generated reports, and corroborating management-provided information. Using third-party confirmations and validated internal controls increases the strength and credibility of the audit evidence.

Can technology and AI replace traditional audit evidence in compliance with PCAOB AS 1105?

Auditors use technology and AI to identify anomalies and enhance risk assessment, but these tools cannot replace traditional evidence. Auditors must validate all AI-generated insights with independent or corroborated evidence to comply with PCAOB AS 1105.

What role do third-party confirmations play in meeting PCAOB AS 1105 requirements?

Third-party confirmations provide highly reliable audit evidence because they come from independent sources. Auditors control the process, verify respondent identities, and avoid management interference to ensure the evidence meets PCAOB AS 1105 standards.

How can CPAs document evidence to satisfy PCAOB AS 1105?

CPAs document evidence by clearly explaining how the auditor obtained it, why it is reliable, and how it supports the financial statement assertions. Proper documentation demonstrates compliance with PCAOB AS 1105 and strengthens audit defensibility.

In the accounting profession, the audit process is rapidly evolving, and traditional approaches are giving way to electronic solutions. One area of the audit process that is experiencing significant change is the audit confirmation process, and more firms are turning to electronic audit confirmation to improve it.

This article explores the confirmation process, the benefits of electronic confirmations, potential risks, and relevant guidance from the Public Company Accounting Oversight Board (PCAOB). CPAs and audit professionals will gain practical insights to implement best practices in their audit engagements.

What is the confirmation process?

The confirmation process is an essential step in the audit, conducted to ensure the accuracy of the information the client provides to the auditor. During the confirmation process, the auditor requests information directly from third parties, including the client’s bank, customers, or vendors. The process is conducted to ensure the accuracy of the client’s information and includes verifying the existence, completeness, and accuracy of the client’s balances.

Traditionally, auditors conducted confirmations via email, postal service, or fax and waited for responses, which could take days or weeks. These delays can affect the audit. The electronic audit confirmation process replaces this traditional method.

How the electronic audit confirmation process works

The electronic audit confirmation process is streamlined and secure. The audit confirmation process begins when the auditor sends a confirmation request through a specific platform. The third party receives the confirmation request, with the client’s consent, through a secure portal or email. The third party verifies the requested information through a dedicated online portal. The response received is automatically recorded, dated, and saved.

The steps involved in the audit confirmation process are:

• Preparation – The CPA prepares the confirmation request and supporting information for the third party to verify, with the client’s consent.
• Request initiation – The third party receives a confirmation request via electronic means.
• Confirmation – The third party verifies the information and sends a response back via an online portal to the CPA.
• Documentation – The response received is archived (evidence).
  

Benefits of the electronic audit confirmation process

Using the electronic audit confirmation process has many benefits:

1. Efficiency and speed – The confirmation process is significantly faster through electronic confirmation. Auditors send the confirmation request electronically, and third parties respond within the given timeline, helping them meet deadlines.
2. Accuracy and reliability – The audit confirmation process is more accurate, minimizing errors. The response received is in a standardized format, providing reliable information.
3. Enhanced security – The audit confirmation process is secure, reducing the risk of unauthorized access to financial information.
4. Audit trail and documentation – The audit confirmation process electronically records all confirmations, creating a clear audit trail that meets regulatory requirements.
5. Global reach – The process extends to third parties worldwide, a significant advantage for multinational corporations that reduces the risk of delays due to international mail and time zone differences.
6. Improved response rates – Third parties find it more convenient to respond to electronic confirmations, resulting in higher response rates and, in turn, more comprehensive audit evidence.
7. Cost reduction – Reducing traditional processes with less manual work and administrative costs, thereby reducing the overall audit process cost without compromising quality.
   

Risks and challenges in the electronic audit confirmation process

Even though the electronic process is more efficient, it is not without its challenges and risks, including:

1. Cybersecurity threats – Electronic systems are more prone to hacking, phishing, and unauthorized access. The electronic process must have stringent cybersecurity measures in place.
2. Authentication of third parties – The electronic process relies on the third party to respond electronically; therefore, it is essential to authenticate the third party to ensure the response is accurate and not fraudulent.
3. Technical challenges – The electronic process may be affected by technical hitches, such as system downtime, connectivity issues, and software problems, which can delay the process.
4. Regulatory compliance – Electronic confirmation processes must comply with PCAOB AS 2310, AU-C 505, and ISA 505; failure to do so may result in inspection findings or audit deficiencies.
5. Resistance to change – Third parties may resist the electronic process and prefer the traditional method; therefore, it is essential to educate clients about its benefits.
   

Best practices for implementing electronic audit confirmations

CPAs can adopt several best practices to use electronic audit confirmations more effectively:

1. Selection of a reliable platform – CPAs should select a platform that offers the highest level of security, a user-friendly interface, and the ability to track confirmation status.
2. Training of audit staff – CPAs need to train their audit staff to use the electronic confirmation system.
3. Verification of third parties – CPAs must use a system to verify respondents’ identities.
4. Monitoring of responses – CPAs should monitor responses in real time for swift follow-ups. 
5. Maintain clear documentation – Auditors must document all confirmations, communications, and follow-ups to support the audit evidence.
6. Assess risks – Risks may include cybersecurity breaches, technology failures, and third-party non-compliance.
7. Continuous improvement – Auditors should continually improve the confirmation process by seeking feedback from audit teams, clients, and third parties. 

Real-world examples

The electronic audit confirmation process has gained significant traction among CPA firms and other large-scale auditing firms. Banks, multinational corporations, and publicly traded companies have begun using these systems to speed up their audits. Some of the confirmation types that can be verified using electronic systems include:

• Bank balances
• Loans obtained from banks
• Accounts receivable from major clients
• Accounts payable to major vendors
• Investment holdings
• Legal confirmations 

The role of CPAs in electronic confirmations

The role of CPAs is of prime importance in electronic audit confirmation. The responsibilities of a CPA include planning and executing confirmation procedures. Additionally, it includes assessing the reliability of client responses and resolving discrepancies or non-responses. Finally, it includes maintaining proper documentation.

Future trends in electronic audit confirmations

Technological advancements will continue to drive the evolution and improvement of the electronic audit confirmation process. Some of the trends that will shape the future of electronic audit confirmations include:

• Integration of the electronic audit confirmation process with audit management software for improved workflow and integration with audit work papers and accounting systems.
• The use of blockchain technology for real-time electronic confirmations and digital ledgers creates tamper-proof audit evidence.
• The use of Artificial Intelligence (AI) to analyze electronic data collected around confirmations, such as bank transactional data.
• Standardization of the electronic audit confirmation process globally for the development of a consistent approach to the use of electronic confirmations in the auditing process.

Conclusion

The electronic audit confirmation process is a significant improvement over the traditional manual- and often paper-based approach. It provides a fast, more accurate, and efficient process that is also more secure, with the added advantage of operating on a global scale. 

The electronic audit confirmation process enables the CPA to obtain reliable and sufficient audit evidence. However, the CPA must be mindful of the risks associated with the electronic audit confirmation process and be able to identify and mitigate them.

The electronic confirmation process provides sufficient and appropriate audit evidence for the CPA. For CPA firms seeking a robust, reliable, efficient, and practical electronic confirmation solution, AuditConfirm provides a comprehensive solution for the electronic audit confirmation process. It provides a smooth, efficient process that ensures compliance with audit standards.

The electronic confirmation process is a significant improvement over the traditional paper-based approach. It is a technological upgrade that significantly improves the accuracy, security, and efficiency of the audit process. It is a strategic move that ensures the audit process is more accurate, transparent, and efficient.

FAQs

What is the confirmation process in an audit?

The confirmation process is an audit procedure where auditors obtain independent verification of account balances or transactions from third parties. This process provides reliable evidence to support, e.g., financial statements and ensures accuracy, completeness, and existence of reported information.

How does the electronic audit confirmation process work?

In the electronic audit confirmation process, auditors send confirmation requests digitally through secure platforms. Third parties respond electronically, and all responses are automatically recorded and stored. This method reduces delays, minimizes errors, and enhances overall audit efficiency.

Why is the audit confirmation process necessary for CPAs?

The audit confirmation process is crucial because it provides independent verification of, e.g., financial information. It helps auditors detect discrepancies, prevent fraud, and meet regulatory requirements such as PCAOB standards. Reliable confirmations strengthen audit quality and credibility.

What are the benefits of using an electronic audit confirmation process over traditional methods?

The electronic audit confirmation process offers faster responses, enhanced security, improved accuracy, and a complete audit trail. It also reduces administrative costs and allows CPAs to reach third parties globally, ensuring more timely and reliable audit evidence.

How can CPAs ensure the electronic audit confirmation process is secure and reliable?

CPAs can ensure security and reliability by using trusted platforms, verifying third-party identities, monitoring responses in real-time, and documenting all confirmations. Adhering to PCAOB AS 2310, AU-C 505, and ISA 505 ensures that electronic audit confirmations provide sufficient and appropriate audit evidence.

Auditors face increasing scrutiny in today’s financial reporting environment. Ensuring the accuracy of account balances, receivables, payables, cash, and other third-party confirmations is critical for reliable financial statements. The Public Company Accounting Oversight Board (PCAOB) has established standards to guide auditors in their confirmation procedures. Among these, PCAOB AS 2310, titled “The Auditor’s Use of Confirmation”, is a cornerstone standard for audit confirmations. This guide provides a comprehensive overview of PCAOB AS 2310 confirmation requirements, best practices, and practical insights for CPAs conducting audits.

Understanding PCAOB AS 2310

PCAOB AS 2310 sets out the auditor’s responsibilities in using confirmations to verify account balances and other confirmation types. Confirmations are external requests sent by auditors to third parties. Their purpose is to obtain direct evidence about specific financial statement assertions. The standard applies to all public companies in the United States and is also relevant for global audits conducted under PCAOB standards. The standard also emphasizes that confirmation evidence should be both relevant and reliable in addressing financial statement assertions.

Key objectives of PCAOB AS 2310 confirmation include:

• Obtaining reliable audit evidence.
• Reducing audit risk.
• Enhancing the credibility of financial statements.
• Documenting procedures to meet regulatory requirements.

By following this standard, auditors ensure that confirmations are adequately planned, executed, and evaluated.

Types of confirmations

PCAOB AS 2310 identifies two primary types of confirmations:

1. Positive confirmations

A positive confirmation requires the third party to respond directly to the auditor, whether the information confirms or differs from the recorded balance. This type is typically used when:

• Accounts are material.
• Internal controls are weak.
• Errors or irregularities are suspected.

Positive confirmations provide stronger audit evidence. They require follow-up if no response is received.

2. Negative confirmations

A negative confirmation requests a response from the third party only if the information provided differs from their records. Negative confirmations are used when:

• The risk of material misstatement is low.
• The population of accounts is large.
• There is confidence in internal controls and accounting records.

Auditors should exercise caution with negative confirmations. Non-response may be considered evidence only when specific conditions under PCAOB AS 2310 are met.

Positive confirmations are generally considered more persuasive audit evidence than negative confirmations.

Planning the confirmation process

Proper planning is critical to comply with PCAOB AS 2310. The standard emphasizes that confirmations should be part of the overall audit strategy. Key planning steps include:

• Identifying accounts for confirmation: Focus on high-materiality or high-risk accounts, such as bank balances and accounts receivable.
• Determining the type of confirmation: Decide between positive and negative confirmations based on risk assessment.
• Designing confirmation requests: Ensure the information requested is clear, complete, and specific.
• Setting timelines: Plan for sufficient time to send, receive, and follow up on confirmations.

Effective planning minimizes delays and strengthens audit evidence. These decisions should align with the auditor’s assessed risks of material misstatement.

Selecting accounts for confirmation

Not every account requires confirmation. PCAOB AS 2310 emphasizes the use of professional judgment when selecting accounts for confirmation. Factors to consider include:

• Materiality: Larger balances are prioritized.
• Risk of misstatement: Accounts with complex transactions or weak controls need more attention.
• Historical issues: Accounts with prior errors may require additional confirmations.
• Industry practices: Consider industry-specific risks and norms.

Documenting the rationale for account selection is essential for audit compliance.

Designing confirmation requests

The wording and content of confirmation requests are critical. PCAOB AS 2310 requires that confirmations:

• Clearly identify the account or transaction.
• Include the requested information for verification.
• Specify a response deadline.
• Provide the auditor contact information for queries.

For example, a bank confirmation should include the account number, balance, and account type. A receivable confirmation should state the outstanding balance, payment terms, and invoice details.

Sending confirmations

Auditors must ensure that confirmation requests are sent directly to the third party. This reduces the risk of fraud or misstatement. PCAOB AS 2310 encourages:

• Using reliable communication methods: Email, postal mail, or secure portals.
• Maintaining confidentiality: Ensure sensitive information is protected.
• Documenting the sending process: Record dates, recipients, and methods used.

This documentation is crucial for audit evidence and regulatory inspection. Auditors should maintain control over the confirmation process from initiation through receipt. 

Follow-up procedures

Not all confirmations are returned promptly. PCAOB AS 2310 outlines precise follow-up requirements:

• Non-response follow-up: Send reminders or make phone calls to non-respondents.
• Alternative procedures: If responses are not received, use other audit procedures such as reviewing subsequent cash receipts or examining contracts.
• Evaluating reliability: Assess whether the confirmation responses are consistent with other audit evidence.

Proper follow-up ensures that confirmations provide valid and reliable evidence.

Evaluating confirmation responses

Auditors must critically assess the responses received. PCAOB AS 2310 requires evaluation for:

• Accuracy: Verify that balances and details match the client’s records.
• Completeness: Ensure all requested information is provided.
• Discrepancies: Investigate any differences between confirmation responses and client records.

Discrepancies may indicate errors, misstatements, or fraud. Auditors should document their findings and any corrective actions taken. They should also apply professional skepticism when evaluating confirmation responses.

Common challenges in PCAOB AS 2310 confirmation

Even experienced auditors may face challenges, including:

• Delayed responses: Recipients may be slow to respond, which can affect audit timelines.
• Incomplete information: Responses may lack sufficient detail for verification.
• Fraud risk: Third parties may collude with management to misrepresent balances.
• Global considerations: International clients may have different regulations, language barriers, or varying banking practices.
• Review by senior team members: Everything should be reviewed by senior team members to avoid mistakes. 

Auditors must plan ahead and proactively address these challenges.

Best practices for effective confirmations

To comply with PCAOB AS 2310, auditors should adopt best practices:

• Use standardized templates for confirmation requests.
• Maintain a central tracking system for confirmations.
• Prioritize high-risk or high-value accounts.
• Document all follow-ups and alternative procedures.
• Train audit teams on confirmation procedures and regulatory expectations.

These practices enhance efficiency, reliability, and compliance.

Technology in confirmation procedures

Modern audit tools can streamline the confirmation process. Platforms like AuditConfirm allow auditors to:

• Send confirmations electronically.
• Track responses in real time.
• Reduce manual errors.
• Automate follow-up reminders.

Technology adoption aligns with PCAOB guidance on reliable and timely audit evidence while improving overall audit efficiency.

PCAOB AS 2310 confirmation in the global context

While PCAOB AS 2310 is a US standard, it has global relevance. PCAOB standards apply to audits of SEC-registered issuers, regardless of where the auditor or audit work is located. Non-US auditors performing work that is part of, or relied upon in, an issuer audit must comply. Key considerations for global audits include:

• Adhering to local laws regarding data privacy and communication.
• Translating confirmation requests for non-English-speaking recipients.
• Considering time zones and postal delays.
• Understanding foreign banking practices for accurate confirmation requests.

Global auditors must balance PCAOB compliance with international operational realities.

Documentation requirements

Documentation is central to PCAOB AS 2310 compliance. Auditors must maintain records of:

• Accounts selected for confirmation.
• Confirmation requests sent.
• Responses received.
• Follow-up actions.
• Alternative procedures performed.

Detailed documentation not only ensures regulatory compliance but also strengthens audit defensibility.

Role of confirmation in audit evidence

Confirmations are an essential source of external audit evidence. PCAOB AS 2310 emphasizes their importance in validating:

• Account balances.
• Transaction completeness.
• Accuracy of disclosures.

While confirmations are not the sole evidence, they enhance audit reliability and reduce detection risk.

Common misconceptions

Some auditors misunderstand PCAOB AS 2310 confirmation requirements:

• Misconception 1: All accounts require confirmation. Reality: Only accounts with materiality or risk require confirmation.
• Misconception 2: Negative confirmations are unreliable. Reality: They can be sufficient if risk is low and controls are strong.
• Misconception 3: Non-response invalidates the audit. Reality: Alternative procedures can substitute for non-responding confirmations.

Understanding these points ensures efficient and compliant audits.

PCAOB inspections and confirmations

The PCAOB actively inspects audits of public companies to ensure compliance. Inspections often focus on:

• Whether confirmations were sent correctly.  
• Documentation of follow-ups.
• Evaluation of responses and discrepancies.

Adhering to PCAOB AS 2310 minimizes inspection findings and enhances auditor credibility.

Integrating confirmations with the overall audit

Confirmations should not be isolated procedures. PCAOB AS 2310 recommends integrating them into the broader audit strategy:

• Cross-check confirmation responses with client records.
• Combine with analytical procedures and substantive tests.
• Assess the impact on financial statement assertions.

This integrated approach strengthens audit conclusions and reduces overall risk.

Conclusion

Auditors play a crucial role in ensuring the reliability of financial statements. PCAOB AS 2310 confirmation requirements provide a structured framework for effective confirmation use. By understanding the standard, planning meticulously, selecting appropriate accounts, sending accurate requests, and evaluating responses, auditors can gather strong, reliable evidence.

For modern auditors, leveraging technology is essential. Platforms like AuditConfirm streamline confirmation procedures, track responses, and facilitate compliance with PCAOB standards. By combining traditional audit rigor with technological tools, CPAs can meet regulatory expectations while improving efficiency.

Ultimately, adherence to PCAOB AS 2310 not only supports audit quality but also reinforces stakeholder confidence in financial reporting. AuditConfirm supports auditors globally to execute confirmation procedures with precision, transparency, and reliability.

FAQs

What is PCAOB AS 2310 confirmation?

It is a standard that guides auditors on obtaining external confirmation of account balances and other types, e.g., accounts receivable, to gather reliable audit evidence.

Which accounts require PCAOB AS 2310 confirmation?

Material, high-risk, and weakly controlled accounts typically require confirmation based on auditor judgment. 

What is the difference between positive and negative confirmations under PCAOB AS 2310?

Positive confirmations require a response regardless of accuracy, while negative confirmations require a response only if the balance is incorrect.

What should auditors do if confirmation responses are not received?

PCAOB AS 2310 recommends following up and performing alternative audit procedures to obtain sufficient evidence.

How can technology help with PCAOB AS 2310 confirmation?

Platforms like AuditConfirm automate sending, tracking, and follow-up of confirmations, improving efficiency and compliance.

Audit confirmations have long been a foundation of audit evidence. They provide independent verification. They strengthen the credibility of audit conclusions. They help auditors rely less on internally generated data.

In 2026, audit confirmations are no longer just a procedural requirement.
They are a strategic necessity.

Audits today face greater scrutiny. Regulators demand higher assurance. Stakeholders expect transparency, speed, and accuracy. Within this environment, the audit confirmation letter plays a vital role.

This article explains what an audit confirmation letter is, how to use it, and why it matters more than ever for CPAs operating in a rapidly evolving audit landscape.

What Is an Audit Confirmation Letter?

An audit confirmation letter is a formal communication sent by an auditor to an independent third party. Its objective is to verify, e.g., financial information provided by the audit client. The auditor uses it to obtain reliable, external audit evidence. It supports key financial statement assertions.

An audit confirmation letter typically:

• Is initiated and controlled by the auditor.
• Is sent to an independent third party.
• Requests confirmation of specific information.
• Is returned directly to the auditor.

The respondent’s independence is critical as an appropriate safeguard when independence is limited (e.g., banks acting in the ordinary course). The reliability of confirmations depends on the respondent’s autonomy and competence. That’s what makes confirmations a strong form of audit evidence.

What Is a Confirmation Letter for Audit?

Auditors use an audit confirmation letter to verify specific balances, transactions, or terms. They tailor it to their audit objectives and risk assessment.

These letters commonly address:

• Cash and bank balances
• Accounts receivable
• Accounts payable
• Loans and credit facilities
• Investments and custodial holdings
• Legal claims or commitments

By obtaining confirmations, auditors can:

• Validate the existence of balances
• Confirm accuracy and completeness
• Verify rights and obligations

For CPAs, confirmation letters remain one of the most persuasive sources of audit evidence.

Understanding the Audit Balance Confirmation Letter

An audit balance confirmation letter focuses specifically on confirming monetary balances.
It is one of the most widely used confirmation tools in audits.

Auditors commonly apply these confirmations to:

• Bank accounts and loan balances
• Trade receivables
• Debt instruments
• Investment accounts

Audit balance confirmations are particularly important when balances are material. They directly support balance sheet assertions.

In U.S. audits, auditing standards and inspection bodies frequently emphasize balance confirmations as a key source of external audit evidence, particularly for material balances.

Why Audit Confirmation Letters Matter More in 2026

The audit environment in 2026 is fundamentally different from the past.
Several factors have elevated the importance of confirmations.

1. Heightened Regulatory Scrutiny

Audit regulators are placing greater emphasis on audit quality. Inspection findings increasingly highlight weaknesses in confirmation procedures.

In the United States:

• PCAOB inspections frequently cite deficiencies in confirmation procedures, including insufficient auditor control, inadequate follow-up, and inappropriate reliance on alternative evidence.
• AICPA standards stress the need for reliable external evidence. 

A well-executed audit confirmation letter demonstrates professional care. It supports compliance with applicable auditing standards.

2. Increasing Fraud and Misstatement Risk

Fraud risks continue to rise across industries and geographies. Complex financial arrangements make detection more difficult.

Audit confirmations help address this risk by:

• Providing independent verification
• Reducing reliance on management representations
• Supporting professional skepticism

For higher-risk engagements, confirmations are often expected and difficult to replace without strong alternative procedures. They are essential.

3. Pressure to Deliver Faster Audits

Audit timelines continue to shrink. Clients expect quicker turnaround. Public companies face strict reporting deadlines.

Traditional confirmation methods often cause delays due to:

• Postal delivery issues
• Manual tracking
• Repeated follow-ups

In 2026, efficiency is critical. Confirmation processes must support faster audits without compromising quality.

For example, during year-end close, delays in bank confirmations can stall audit completion. Auditors often wait weeks for responses, forcing teams to perform additional follow-ups or alternative procedures under tight reporting deadlines. These delays increase pressure on audit teams and elevate the risk of last-minute issues.

4. The Digital Transformation of Audits

Audits are becoming increasingly digital. Paper-based workflows no longer align with modern audit practices.

CPAs now expect confirmation processes that:

• Integrate with digital audit tools
• Provide real-time status tracking
• Maintain secure and complete audit trails

The audit confirmation letter must evolve to meet these expectations.

Types of Audit Confirmation Letters

Audit teams use different confirmation types depending on audit risk and objectives.

Positive Confirmations

Positive confirmations require a response.

Auditors use them when: 

• Balances are material
• The risk of misstatement is higher

Key characteristics include:

• Respondent must confirm or dispute the information
• Provides more reliable audit evidence than negative confirmations
• Commonly used for receivables and bank balances

Negative Confirmations

Negative confirmations request a response only if the information is incorrect.

They are suitable when:

• Inherent and control risk is low
• A large number of small balances exist
• Other audit evidence is strong

They provide less assurance than positive confirmations.

Blank Confirmations

Blank confirmations require respondents to provide the balance.

Their advantages include:

• Reduced risk of confirmation bias
• Higher reliability of responses

Auditors often use them in accounts receivable confirmations.

Auditing Standards Governing Confirmations

Professional standards govern audit confirmations.

In the US, key standards include:

• AICPA AU-C Section 505
• PCAOB AS 2310

These standards require auditors to:

• Maintain control over the confirmation process
• Assess the reliability of responses
• Perform follow-up procedures when needed

Regulators will closely monitor compliance with these standards in 2026.

Challenges with Traditional Confirmation Processes

Despite their importance, traditional confirmation methods present challenges.

Common issues include:

• Low response rates
• Delayed confirmations
• Incomplete or unclear responses
• Limited visibility into confirmation status

Paper-based confirmations increase administrative burden. They are challenging to track and document.

Email confirmations raise concerns about authenticity and security. They may not meet audit evidence requirements.

The Move Toward Digital Audit Confirmations

Digital confirmation solutions are reshaping audit workflows.

They address traditional challenges by offering:

• Secure delivery and response channels
• Verified identities of respondents
• Automated reminders and follow-ups
• Centralized audit documentation

For CPAs, digital confirmations enhance both efficiency and reliability. They also support compliance with auditing standards.

Best Practices for CPAs Using Audit Confirmation Letters

Effective use of confirmations requires discipline and planning.

Plan Confirmations Early

Auditors should plan confirmations during audit planning.

Auditors should determine:

• Which accounts require confirmation
• Which type of confirmation is appropriate
• Expected response timelines

Early planning reduces last-minute delays.

Maintain Auditor Control

Auditor control over confirmations is essential.

CPAs must ensure that:

• The auditor sends confirmations
• Responses are received directly by the auditor
• Client involvement is appropriately limited

It preserves independence and reliability.

Evaluate Responses with Professional Judgment

Not all confirmations provide sufficient evidence.

Auditors must evaluate:

• Authenticity of the response
• Completeness of information
• Any discrepancies or exceptions

Auditors must clearly document all findings.

Address Non-Responses Properly

Non-responses require follow-up.

Auditors may perform alternative procedures such as:

• Reviewing subsequent cash receipts
• Examining supporting documents

However, confirmations remain the preferred source of evidence.

Audit Confirmation Letters in Global Engagements

Global audits introduce additional complexity.

Challenges may include:

• Cross-border coordination
• Time zone differences
• Language and regulatory variations

Despite this, confirmation principles remain consistent.

For US-based CPAs:

• Confirmations enhance group audit consistency
• Digital platforms simplify international confirmations
• Centralized tracking improves oversight
  

Professional Judgment and Confirmation Decisions

Audit confirmations are not mechanical. They require careful judgment.

CPAs must decide:

• When confirmations are necessary
• Which balances are material
• How to respond to discrepancies

In 2026, regulators and inspection bodies will closely review these decisions. Clear documentation is critical.

The Cost of Weak Confirmation Practices

Weak confirmation procedures can lead to serious consequences.

These include:

• Inspection findings
• Increased audit risk
• Reputational damage
• Reduced stakeholder confidence

A poorly executed audit confirmation letter weakens the audit. A strong one reinforces trust.

The Future of the Audit Confirmation Letter

The audit confirmation letter is evolving with the profession.

In 2026, auditors expect confirmations to be:

• Digital and secure
• Efficient and trackable
• Fully documented
• Aligned with modern audit workflows

CPAs who adapt can better meet future expectations.

Conclusion: Strengthening Audit Assurance with AuditConfirm

The audit confirmation letter, the audit balance confirmation letter, and all audit confirmation letters remain essential tools for CPAs in 2026.

They provide independent evidence. They reduce audit risk. They strengthen audit credibility.

As audits become more complex and time-sensitive, confirmation processes must modernize. Manual and fragmented approaches are no longer sufficient.

AuditConfirm enables CPAs to manage audit confirmations through secure, digital, and auditable workflows. It supports regulatory compliance, improves efficiency, and enhances response rates.

In an environment where assurance matters more than ever, AuditConfirm helps CPAs deliver audits with confidence and clarity.

One of the most powerful tools available to a CPA during an audit is the audit confirmation. This procedure enables CPAs to verify financial information independently. This technique increases the reliability of the audit evidence that a CPA uses to certify financial statements.

In today’s environment of cyber threats and an ever-changing regulatory landscape, audit confirmations have evolved from simple paper mail to secure, web-based electronic communications. Likewise, their initial intent remains the same: to procure valid evidence for the independent auditor’s opinions.

This guide defines: 

• What is an audit confirmation
• Objectives of audit confirmation
• Types of audit confirmations
• Examples of each type of audit confirmation 
• The impact of technology on this vital activity
  

What Is an Audit Confirmation

An audit confirmation is a procedure auditors follow to obtain evidence of a third party’s account balance or financial information.

In other words, it occurs when an auditor requires a third party, such as a bank, customer, or supplier, to verify specific information.

The goal is independence. Instead of relying solely on the company’s internal records, the auditor validates information by consulting external sources to ensure it is accurate and complete.

Formal Definition: 

Auditing standards define an audit confirmation procedure as “the process of obtaining and evaluating a direct communication from a third party in response to a request for information about a particular item affecting financial statement assertions.”

This procedure for the U.S. follows guidance provided by the Public Company Accounting Oversight Board Auditing Standard 2310 (PCAOB AS 2310), ‘The Auditor’s Use of Confirmation.’ PCAOB updated AS 2310 to include further secure confirmation procedures and to help counter cyber threats by being more data-centric.

Why Audit Confirmations Matter

Auditing confirmations can enhance the reliability of financial statement audits by providing verifiable and objective evidence. This procedure can directly substantiate the principal account balances.

Here’s why they’re so important:

• Independent Verification: They confirm information from outside the entity, reducing management bias.
  
• Detection of Misstatement or Fraud: Differences between internal records and third-party confirmations may indicate misstatement or fraud.
  
• Regulatory Compliance: The PCAOB, AICPA, and IAASB support the importance of confirmations as a reliable source of audit evidence.
  
• Quality of Audit: A robust confirmation system consistently improves audit quality.
  
• Fraud Prevention: Confirmations can uncover fictitious balances or round-tripping schemes that internal data might hide.
  

PCAOB Auditing Standard AS 2310

PCAOB AS 2310, ‘The Auditor’s Use of Confirmation’, was adopted by the Public Company Accounting Oversight Board on September 28, 2023, and subsequently approved by the Securities and Exchange Commission on December 1, 2023. The standard was later updated and is effective for audits of financial statements for fiscal years ending on or after June 15, 2025. It replaces the prior interim confirmation standard (AS 2310, The Confirmation Process). 

AS 2310 emphasizes:

• Auditor control
  
• Risk assessment of confirmation channels
  
• Professional skepticism
  
• Validation of respondent identity

Auditors are now required to demonstrate control over the confirmation procedure, independence, and to obtain responses directly from trustworthy third-party sources.

The shift also accounts for the fact that portal-driven and technology-mediated confirmations can be equally or even more persuasive than conventional techniques when properly secured.

Purpose of Audit Confirmations

Under AU-C Section 505, external confirmation procedures are used to obtain relevant and reliable audit evidence from knowledgeable third parties. Audit evidence is generally more reliable when obtained from independent sources outside the entity; however, reliability depends on the circumstances under which the evidence is obtained. Accordingly, external confirmations received directly by the auditor may be more reliable than evidence generated internally by the entity, depending on the circumstances.  

The primary objective of audit confirmations is to obtain sufficient appropriate audit evidence by addressing relevant financial statement assertions, which commonly include existence/occurrence, rights and obligations, completeness, and accuracy/valuation (depending on what is being confirmed and how the confirmation request is structured).  

External confirmations are considered among the most reliable forms of audit evidence because they originate from independent sources. Audit confirmations can help provide evidence about relevant financial statement assertions, commonly including:

• Existence / Occurrence — assets and liabilities exist at the date, and recorded transactions/events occurred during the period (depending on what is being confirmed). 
• Rights and Obligations — the entity holds rights to assets, and liabilities represent obligations of the entity.  
• Completeness — all items that should have been recorded or disclosed are included (often a key objective for certain liability-related confirmations). 
• Accuracy / Valuation (Valuation or Allocation) — amounts are recorded appropriately in accordance with the applicable financial reporting framework. 
• Cutoff — transactions are recorded in the correct accounting period (typically addressed only when confirmations are structured around period-end activity, not as a blanket claim).
  

For instance, when auditing cash, the auditor may confirm the balance directly with the client’s bank. If the bank confirms the amount, it provides strong evidence supporting both the existence and accuracy assertions.

Types of Audit Confirmations

Knowledge of the types of audit confirmations can help one plan their procedures accordingly.

Traditionally, audit confirmations fall into two types: positive and negative. However, with digital transformation, new categories such as electronic and portal-based confirmations have emerged.

1. Positive Confirmations

A positive confirmation always requires a response from the receiver, regardless of whether the receiver agrees with the information presented.

“Please acknowledge that as of December 31, 2025, the outstanding balance due to you from the ABC Company is $50,000.”

Both parties must acknowledge that amount or identify the correct one.

• Pros: Provides strong audit evidence. Reduces the risk of undetected misstatements.
  
• Cons: Time-consuming and costly. Lower response rates due to non-response to requests.
  

Blank Positive Confirmations

A positive confirmation in which, instead of stating the amount owed, the format requires the respondent to enter it.

It eliminates the issue of ‘auto-approval’ and may reveal discrepancies that prefilled estimates could cover. Response rates will be lower.

2. Negative Confirmations

A negative confirmation requires the addressee to reply only if they disagree with the specified information.

“If the amount due from you to the ABC Company as of December 31, 2025, is not $50,000, notify us.”

Otherwise, the auditor considers the information provided to be accurate.

• Pros: Faster and cheaper. Efficient with many small accounts with little risk.
  
• Cons: Provides weaker evidence. Banks on the notion that non-response equals agreement. Not suited for high-risk accounts and material balances.
  

3. Electronic Confirmations

Electronic confirmations involve sending and receiving confirmation requests by electronic means.

This method reduces mailing delays, improves tracking, and can automate responses. However, the auditor must ensure that:

• This system is safe and auditable.
• The respondent’s identity is confirmed.
• The auditor must evaluate whether the communication method provides sufficient security and reliability.

Electronic confirmations are becoming more common as regulators encourage digitalization and cyber-secure processes.

4. Portal-Based or Direct Source Confirmations

Portal-based confirmations represent the next generation of electronic confirmations. They enable auditors to access information directly from the primary source—for instance, a bank or other institution—via a controlled portal.

For example, instead of emailing a bank contact, the auditor retrieves the balance directly from the bank’s secure system.

Consistent with the principles of PCAOB AS 2310, when auditor control and source reliability are appropriately designed.

Portal-based confirmations significantly reduce fraud risk. However, auditors still must evaluate exceptions and evidence.

Examples of Auditing Confirmations

Audit confirmations may relate to almost every account on the balance sheet and the income statement. Let’s break down some examples.

1. Bank and Cash Confirmations

Auditors confirm cash balances and bank loan arrangements. It verifies both the existence of cash and the accuracy of related liabilities.

“Please verify the balances of all deposit and loan accounts held by the ABC Company as of December 31, 2025.”

2. Account Receivable Confirmations

Auditors verify customer receivable balances to ensure the recorded amounts are collectible and legitimate.

You can request both negative and positive confirmations, depending on materiality and risk.

3. Accounts Payable Confirmations

While being less common, auditors may confirm payables with suppliers in cases of suspected fraud risk or cut-off problems.

4. Debt and Lease Confirmations

Lenders or lessors verify principal amounts due, interest rates, and maturities to ensure the accuracy of liabilities on the balance sheet.

5. Legal Confirmations

Auditors require letters from the legal counsel of the audited entity to obtain information about litigation matters that may affect the financial statements.

6. Inventory and Third-Party Holdings

When inventories are held at off-site warehouses or by third-party owners, auditors physically verify their existence and ownership.

Traditional v/s Modern Audit Confirmation 

Historically, audit confirmations were sent by mail or, more recently, by email.

While these methods provided some level of assurance, they also carried significant risks:

• Paper mail: Slow; liable to loss or misplacement
  
• Email: Prone to spoofing and interference
  
• Fax: Archaic and insecure
  
• Spreadsheets created: Risk of data entry errors
  
• Relying on intermediaries: Breaks auditor control
  

With cybercrime on the rise, auditors increasingly face challenges proving that a confirmation response is authentic and unaltered.

It has led to the emergence of technology companies that provide safe, reliable evidence platforms for the future.

Risks and Challenges in Audit Confirmations

Even a single compromised confirmation can undermine an audit’s credibility. Common risks include:

• Interception and Forgery – Attackers can intercept and forge email confirmations.
  
• Response Delays – Paper technology results in slower auditing.
  
• Identity Verification – Auditors may not always recognize the identity of the responder.
  
• Incomplete Responses – Missing or incomplete confirmations can weaken the reliability of evidence.
  
• Lack of Control – Third-party intermediaries acting on the requests undermine auditor independence.
  

AS 2310 addresses many of these weaknesses by encouraging the use of auditor-controlled, technology-secured confirmations.

Best Practices for CPAs When Designing Confirmation Procedures

Assess Risk Before Type Choice

Choose between positive, negative, or electronic confirmations based on materiality, fraud risk, and internal control effectiveness.

Maintaining Auditor Control

All requests and responses should go through auditor-controlled systems, not management.

Guarantee Respondent Authenticity

Verify contact details independently and ensure responses originate from a legitimate source.

Document Every Step

Record all requests and responses. Also, follow up.

Use Secure Channels

Encryption, authentication, and access control aren’t optional.

Assess Non-Response

Verify follow-up on missing responses and their impact on the sufficiency of audit evidence.

Leverage Technology for Efficiency

Use PCAOB AS 2310-compliant confirmation platforms that also comply with global data privacy requirements.

How Technology Is Transforming Audit Confirmations

Today’s auditing environment requires speed, accuracy, and tangible evidence. Manual confirmations do not meet this requirement.

Technology has revolutionized confirmations in three main ways:

1. Automation and Real-Time Access

Today, audit teams can send and manage hundreds of confirmations simultaneously. Real-time dashboards provide better visibility, reducing response times from weeks to hours.

2. Data Integrity through Blockchain and Metadata

Blockchain technology enables tamper-proof evidence by anchoring digital fingerprints (hashes) of confirmation data on public ledgers.

Metadata — such as timestamps, IP addresses, and authentication details — ensures each confirmation is auditable and legally defensible (jurisdiction-dependent).

Disclaimer: While blockchain-based confirmations enhance data integrity, they remain emerging practices, and neither the PCAOB nor the AICPA auditing standards prescribe them. PCAOB has not endorsed blockchain anchoring. 

3. Global Compliance

Leading confirmation services providers are SOC 2 Type II and ISO 27001 compliant, enabling auditors to obtain assurance on the safety and reliability of their information.

This harmonization not only supports PCAOB AS 2310 guidance but also enables firms operating in the EU, UK, and Asia to comply with GDPR and other data privacy legislation.

Illustrative Example: From Email to Portal-Based Confirmations

A middle-tier audit firm in the U.S. was utilizing email-based bank confirmations.

Every cycle, it made hundreds of requests and waited weeks for responses. And then it validated signatures by hand. Naturally, this led to a backlog of reports.

The migration to a secure portal-conformation system reduced the turnaround time by 83%. Feedback was automatically verified, with every transaction recorded on the blockchain.

The company’s audit partners found increased confidence in the evidence and compliance with the PCAOB inspection requirements.

The Global Perspective on Audit Confirmations

In the international context, the IAASB’s ISA 505, ‘External Confirmations,’ provides equivalent guidance to PCAOB AS 2310. Both emphasize auditor control, reliability, and third-party validation.

Globally active audit firms increasingly use standardized electronic systems that can manage confirmations across multiple jurisdictions and currencies. Today’s confirmation technology methods simplify international auditing procedures; CPAs can instantly obtain verified information from global banks and law firms.

Integrating Audit Confirmations into the Audit Workflow

Audit confirmations are most effective when strategically integrated into the audit process:

• Planning Phase: Identify balances and assertions that need substantiation.
  
• Execution Phase: Designing confirmation requests, identifying types of audit confirmations, and timing of the procedure.
  
• Evaluation Phase: Test the responses for exceptions and note results.
  
• Reporting Phase: Use confirmation results to support the audit opinion disclosures.
  

Use of technology at every step eliminates friction, improves the integrity of information presented to audit committees and regulators, and enhances transparency.

The Future of Audit Confirmations

The accountancy profession is moving toward continuous assurance, where confirmation and reconciliation occur in near-real time. Upcoming confirmation cases may involve:

• API Integration with financial institutions
  
• Automated fraud-detection algorithms
  
• Immutable Blockchain Anchors for All Confirmation Data
  
• AI analytics for pattern recognition and outlier analysis

It means CPAs need to do less manual work and that their audit evidence is of higher quality when rendered under PCAOB AS 2310.

Disclaimer: These are emerging trends, not standards. 

Conclusion — Audit Confirmation: Modern Evidence for a Modern Audit

Confirmations have always remained a key area for quality auditing. But changes in the profession call for changes in methodologies. Paper and email confirmations may present heightened risks and require additional safeguards to meet modern auditing standards.

Regulators, including the PCAOB, are aware of changes that have enabled secure, independent evidence to be obtained directly from the source.

AuditConfirm, the global digital confirmation platform, is at the forefront of this transformation.

• It provides auditor-controlled access to original financial data sources.
  
• Its blockchain-anchored Internet original documents support tamper-proof, verifiable evidence.
  
• While the PCAOB does not mandate SOC 2 Type II or ISO 27001 certifications, it supports the information security and operational integrity of confirmation platforms.
  
• Operating in over 195 countries and connecting to 50,000+ trusted sources, it helps auditors to verify financial information instantly and globally.
  
• Aligning with PCAOB AS 2310, it helps firms meet compliance requirements while enhancing efficiency and reliability. 

In conclusion, the future of audit confirmation is digital, decentralized, and secure, and Audit Confirmation is leading that future.

FAQs

What is an audit confirmation?

An audit confirmation is a formal verification process used by auditors to confirm the accuracy of financial information with third parties. It helps ensure that the figures reported in financial statements are correct and reliable.

Why are audit confirmations necessary?

Audit confirmations provide independent evidence of account balances and transactions. They reduce the risk of errors and fraud and help CPAs comply with auditing standards, including GAAS and PCAOB guidelines.

What are the types of audit confirmations?

There are several types of audit confirmations: positive, negative, and blank. Auditors can also divide these by account type, including accounts receivable, accounts payable, cash, inventory, and legal confirmations.

How do auditors send audit confirmations?

Auditors can send confirmations via traditional mail, email, or secure electronic platforms. Modern audit confirmation services streamline the process, making it faster, more reliable, and easier to track responses.

Can audit confirmations detect fraud?

Yes, audit confirmations can help detect discrepancies, misstatements, or potential fraud in financial statements. However, auditors use them as one part of a comprehensive audit, alongside other audit procedures.