VideoDealing with external auditors has never been easy. But for companies closing their books at the end of this year, the next audit cycle may be downright painful.
A new standard for reporting and detecting fraud, developed by the American Institute of Certified Public Accountants (AICPA), is set to kick in as of December 15. Under its auspices, auditors are mandated to aggressively seek out and report fraud using a detailed set of guidelines. The catch is that the resultant documents could possibly be used against them in court if any material fraud is missed. In the end, say some experts, finance executives may soon find themselves considered more suspects than clients.
While in theory auditors have always been responsible for reporting on activities that could affect the accuracy of financial statements, historically there have been few clear-cut guidelines, says Paul Munter, chairman of the accounting department at the University of Miami at Coral Gables, Florida. But with fraud costing American business more than $400 billion per year, and auditors increasingly being sued for "reckless audits," the need for clear standards has become apparent, says Steve Albrecht, director of Brigham Young University's School of Accountancy and Information Systems. "Fraud by its very nature is hidden, but there has been growing public and government expectation that auditors should be able to find it," says Albrecht.
To meet those expectations, the AICPA developed Statement on Auditing Standards (SAS) No. 82--"Consideration of Fraud in a Financial Statement Audit"--over the past three years. The title itself is the first indication of anew, tougher stance, says Dan Guy, vice president of professional standards at the AICPA. "It's the first time in the Auditing Standards Board's almost-60-year history that we've actually used the "f" word-- fraud--in the title of a standard," he says. "There are no euphemistic expressions here, like the word irregularities used in previous standards." Adds Munter: "The new standard requires auditors to explicitly evaluate information that may have been only intuitively considered in the past."
For finance executives, however, these new evaluations, coupled with fraud standards that were previously released in the 1995 Private Securities Litigation Act, promise audits that will be more time consuming, more involved, and potentially more confrontational, says Gary Zeune, a speaker on fraud and author of The CEO's Complete Guide to Committing Fraud. What's more, says Lawrence Wojcik, a securities and professional malpractice attorney at Rudnick & Wolfe, in Chicago, the two standards could have "a potentially chilling effect on the relationship between auditors and clients." For example, clients who uncover problems on their own, such as inaccurate inventory counts or payroll errors, may now think twice before pointing them out "off the record" to their accountants, he says, adding, "The [Securities and Exchange Commission] has always wanted the word independent, as in 'independent auditor,' to mean more, and now it will."
NOT PETTY CASH
Although many finance executives are just realizing the potential impact of SAS 82, it will affect the audits of all financial statements for periods ending on or after December 15, 1997, and require independent auditors to focus on the risk of fraud that might cause "a material misstatement to the financial statements."
"We're not talking about theft of petty cash," says David L. Landsittel, chair of the AICPA fraud task force that developed SAS 82. "We're talking about misstatements large enough to be important to investors."
To identify those misstatements, SAS 82 focuses on two basic types of fraud: fraudulent financial reporting and misappropriation of assets. In addition, it lists more than 40 specific fraud risk factors (see box, page 87), or "red flags," based on actual fraud cases. While many factors relate to internal controls and financial reporting processes, others encourage auditors to look beyond the financial statements and explore their client's business environment. "Auditors cannot rely on an audit of the financial statements to fulfill their obligations under the new standard, but must consider the audit in the context of what is happening to the client in general," says Zeune.
Thus, for example, paragraph 17a of the new standard suggests that auditors might want to examine the structure of management compensation systems to see if they could be catalysts for fraud. "If all senior managers, including finance executives, have bonuses tied to the bottom line, management could potentially have greater incentive to be aggressive with respect to income recognition," says Pat McDonnell, vice chairman of business assurance services at Coopers & Lybrand LLP, in Chicago.
Auditors will also look at risk factors relating to industry conditions, operating characteristics, and financial stability, Landsittel says. As a result, auditors might ask clients about company vulnerability to rapidly changing technology, or look at significant declines in customer demand. At the very least, says Zeune, CFOs can expect to be asked a lot more questions about "what keeps them up at night."
It's what auditors must do with the information that could give companies nightmares, however. Under SAS 82, for example, auditors must document identified risk factors and describe how clients plan to eliminate them. In the rare cases in which management ignores their advice, the auditors have the option of either offering an adverse opinion or resigning. However, they are not obligated to report the matter to authorities outside the company. "Under SAS 82, the auditor's responsibility to be a whistle- blower ends at the board level," says Zeune.
Reader Comments» Post a comment