Auditors — Watchdogs or Bloodhounds??
A watchdog is defined by the American Heritage dictionary as “One who serves as a guardian or protector against waste, loss, or illegal practices.” A bloodhound is defined informally by the same dictionary as “A relentless pursuer.” If we compare these definitions to the audit profession, how should we classify the role of the auditor? Are they watchdogs or bloodhounds?
Consider this scenario: Mike, a staff auditor, completed a review of various accrual accounts during a recent audit of Hyper Space Inc. He uncovered approximately ten manual entries made after the quarter close which lacked sufficient supporting documentation and significantly reduced the reserve balance for each account. The auditor reviewed the entries in the system and found the same explanation for each adjustment, “reduce accrual by $1,500,000 per John Davies, Corporate Controller”. The total amount of reductions to the accruals exceeded $15,000,000 and was material to the company financial statements. Being a conscientious auditor, Mike sought additional support only to be provided with verbal explanations for all of the entries. Mike pondered his next steps and decided to accept the verbal reasoning and moved on. Nine months later the Corporate Controller was terminated for perpetrating financial statement fraud.
The frequency of corporate scandals over the past several years has brought much attention to the auditing profession. Auditors now find themselves operating under continuous scrutiny and their efforts to uncover fraud red flags are often questioned and, in many instances, deemed insufficient. The guidance published over the past few years brings added responsibilities and additional requirements to the auditor. However, there continues to exist much ambiguity about where the auditor’s role ceases and the fraud examiner’s begins. The differentiation between these roles is of vital importance to the auditors as they must be cognitive of the expectations placed upon them by any third party user making an informed economic decision based upon the financial statements presented. Failing to accurately define the auditor’s roles and responsibilities can only lead to increased liability and possible legal proceedings when a fraud goes undetected creating a loss for the company.
All published guidance point to management as the individuals responsible for preventing fraud. The requirement to implement a system of internal controls to reduce the risk of fraud remains with management now, and into the future. This remains clear. However, management relies on auditors, both internal and external, to review and opine on the existence and effectiveness of those controls. Auditors must also employ audit techniques aimed to assist them in their efforts to detect fraud. The auditor’s ability to employ these techniques is based upon:
- their knowledge of the industry and entity they are auditing;
- their understanding of the socioeconomic and psychological reasons why people commit fraud;
- their understanding of the various schemes fraudsters use in today’s business environment, and
- their understanding of the methodologies used to perpetrate fraud.
The auditor’s responsibility to detect fraud is further evidenced by a jury study conducted by Camico Insurance, which found that 64% of jurors believed audits are designed to uncover all types of fraud or wrongdoing. How then does the auditor satisfy the expectations of both third party users of the financial statements and the trier of fact?
To do this, the auditor must define their role and determine how best to meet client needs and satisfy the expectations placed upon them. This is not an easy task. Although published guidance provides direction on fraud detection and deterrence, the overall responsibilities are obfuscated by the lack of clear requirements for specific techniques to accomplish this task. Auditors who employ forensic type procedures to uncover fraud red flags during the audit have a much greater chance of providing reasonable assurance that material fraud does not exist compared to those who simply tick and tie their way through the audit. For instance, an auditor who brainstorms the risk for fraud and/or employs horizontal and vertical analyses to identify unusual patterns of financial activity is better positioned to identify fraud than someone who follows a strict program or checklist approach. However, an auditor who uncovers unusual events or patterns of suspicious activities and elects to ignore these findings or deems them as immaterial, may fail to meet expectations and, more than likely, transfer legal liability to their firm if the audit failed to uncover a material fraud.
This was proven most recently in Overton versus Todman & Company, CPAs. The US Second Circuit of Appeals states that an auditor violates its “duty to correct” and becomes primarily liable under SEC Rule 10b-5 “when it:
- makes a statement in its certified opinion that is false or misleading when made;
- subsequently learns or was reckless in not learning that the earlier statement was false or misleading;
- knows or should know that potential investors are relying on the opinion and financial statements; yet
- fails to take reasonable steps to correct or withdraw its opinion and/or the financial statements; and
- all the other requirements for liability are satisfied.”
So are we watchdogs or bloodhounds? Guardians and protectors or relentless pursuers? Watchdogs keep watch and protect against waste and abuse. They remain aware of their surroundings, act upon suspicious behavior or activity and may defer to the bloodhound when a relentless pursuit is necessary. Bloodhounds fixate on the scent of the animal and follow the trail through water, rain, sleet and snow until they detect the animal or collapse of fatigue. Obviously, this approach will result in additional fees, added time and client relationship management issues as they may often perceive our efforts as unnecessary, intrusive, and expensive. Judging by our definitions above, it would appear that auditors fall more into the role of a watchdog who possesses the ability to determine when a bloodhound is needed. After all, you wouldn’t want a German Shepard following the scent of the rabbit nor would you want a hunting beagle guarding the inventory.
Mike began his next assignment and within a few days found payments made to a new vendor with a PO Box address. Mike dug deeper and discovered the vendor was owned by a company employee and recently added to the vendor master file. Upon further investigation, Mike uncovered over $2,000,000 in payments made to the vendor within the past 10 months. He later determined that all payments were made for consulting services never rendered by the vendor. The company employee created a ghost vendor scheme to defraud his employer. Mike was congratulated this time for uncovering a massive fraud. His efforts led to the prosecution of the employee and recovery of almost 50% of the estimated loss. Mike worked well as a watchdog at the beginning of the audit but soon turned into a trained bloodhound when he scented the red flags of fraud. So are you a watchdog or bloodhound? Hopefully you have some of the qualities of both breeds in you!