Looking at the code you seem to concatenate values directly to the SQL statement. For example here
Set rec = DB.Execute("Select Sum(Debit) as Debit,Sum(Credit) as Credit from QryTrialAcbook Where Account='" & cboAccount & "' and TrnDate <#" & ctlFrom & "# Group by Debit,Credit ")
If the data contains invalid characters or the date format is not correct, the query will fail. Furthermore this leaves you open to
SQL injection - Wikipedia[
^]
Instead of using the SQL statements directly, try using a querydef and applying parameters. Have a look at
Parameters collection (DAO) | Microsoft Docs[
^]