Assurance Engagement Letter Template for the United States

Generate a bespoke document

Trusted by 200k+ teams

4.7 Capterra
4.8 Product Hunt
4.6 Trustpilot

What is a Assurance Engagement Letter?

The Assurance Engagement Letter is a critical document used when a client requires independent assurance services for their financial statements, internal controls, or other subject matters. This document, governed by U.S. federal and state regulations, establishes the professional relationship between the assurance provider and the client. It clearly defines the scope of work, methodologies to be employed, and deliverables expected. The letter must comply with AICPA standards, relevant state laws, and where applicable, SEC requirements. It serves as both a legal contract and a planning document, helping to manage expectations and mitigate risks for both parties.

Reviewed by

Swetha Meenal

Legal Engineer, GenieAI

Swetha Meenal profile photo

A lawyer, legal researcher and legal tech founder, Swetha has built AI products deployed inside Tier 1 firms and enterprises. She ensures GenieAI's alignment with the latest regulation and executes testing on the legal robustness of Genie output.

Reviewed by

Imad Mohammed Nazar

Legal Engineer, GenieAI

Imad Mohammed Nazar profile photo

A Skadden-trained M&A lawyer, Imad advised on cross-border transactions and contractual risk before moving into legal AI. He reviews GenieAI's output for compliance and enforceability across our 150+ supported jurisdictions, as well as facilitating external benchmarking.

Jurisdiction

United States

Publisher

GenieAI

Sector

Business

Cost

Free to use

Last updated

About the Assurance Engagement Letter

When your organization requires independent verification of financial statements, internal controls, or compliance matters, an Assurance Engagement Letter becomes an essential legal document. This formal agreement establishes the professional relationship between you and your assurance provider, clearly defining responsibilities, scope, and deliverables under United States federal regulations and professional standards.

When do you need this document?

You need an Assurance Engagement Letter whenever your organization engages a certified public accountant or professional services firm to provide assurance services. This includes situations where you require independent verification of financial statements for lenders or investors, compliance attestation for regulatory requirements, or internal control assessments under Sarbanes-Oxley Act requirements. Public companies must use these letters when engaging auditors for SOX compliance work, while private companies often need them for bank loan requirements or due diligence processes. The letter is also necessary when you need assurance on sustainability reports, cybersecurity frameworks, or other specialized subject matters that require independent professional verification.

Key legal considerations

The engagement letter must clearly define the scope of services to avoid misunderstandings and potential liability issues. Professional standards require specific language regarding management responsibilities, including your obligation to provide complete and accurate information to the assurance provider. The document should explicitly state which professional standards govern the engagement, whether AICPA SSAEs for attestation services or PCAOB standards for public company audits. Independence requirements under federal securities laws must be addressed, particularly regarding prohibited non-audit services and potential conflicts of interest. The letter should also include limitation of liability clauses, fee arrangements, and dispute resolution mechanisms to protect both parties from unforeseen complications during the engagement.

Legal requirements in United States

Under United States law, assurance engagement letters must comply with multiple layers of regulation depending on your organization type and the nature of services required. Public companies must ensure their engagement letters meet PCAOB Auditing Standards and Sarbanes-Oxley Act requirements, particularly regarding auditor independence and management certifications. The Securities Exchange Act of 1934 and Securities Act of 1933 impose additional disclosure and reporting requirements that may affect engagement scope and timing. AICPA Statements on Standards for Attestation Engagements provide the foundational framework for most assurance services, requiring specific communication protocols and professional responsibilities. State regulations may also apply, particularly regarding professional licensing requirements and ethical standards for CPAs practicing within your jurisdiction. The engagement letter must demonstrate compliance with these overlapping regulatory requirements while establishing clear contractual terms that protect your organization's interests throughout the assurance process.

GOVERNING LAW

Applicable law

This Assurance Engagement Letter is drafted to comply with United States law. Key legislation includes:

Sarbanes-Oxley Act (SOX): Federal law that sets requirements for all U.S. public company boards, management, and public accounting firms. Key for defining auditor independence and corporate responsibility.

Securities Exchange Act of 1934: Federal law governing secondary trading of securities and establishing the SEC, which impacts reporting and disclosure requirements in assurance engagements.

Securities Act of 1933: Federal law requiring registration of securities offerings and detailed financial disclosure, affecting the scope of many assurance engagements.

AICPA SSAEs: Statements on Standards for Attestation Engagements that provide the framework for assurance services other than audits of financial statements.

PCAOB Auditing Standards: Standards set by the Public Company Accounting Oversight Board that govern the audits of public companies and other issuers.

AICPA Code of Professional Conduct: Ethical principles and rules that guide the conduct of CPAs in all professional activities, including assurance engagements.

GAAS: Generally Accepted Auditing Standards that set the minimum standard for auditing private companies in the United States.

State Accountancy Laws: State-specific regulations governing the practice of public accountancy, including licensing requirements and professional standards.

Professional Liability Regulations: Laws and regulations governing the liability of accounting professionals in assurance engagements, including limitations and insurance requirements.

Privacy Laws: Federal and state laws governing data protection and privacy, including Gramm-Leach-Bliley Act for financial institutions and state-specific privacy requirements.

Genie's Security Promise

Genie is the safest place to draft. Here's how we prioritise your privacy and security.

Your data is private:

We do not train on your data; Genie's AI improves independently

All data stored on Genie is private to your organisation

Your documents are protected:

Your documents are protected by ultra-secure 256-bit encryption

We are ISO27001 certified, so your data is secure

Organizational security:

You retain IP ownership of your documents and their information

You have full control over your data and who gets to see it