This Document Contains Chapters 19 to 21 Chapter 19 Audit of Accounting Estimates SOLUTIONS FOR REVIEW CHECKPOINTS 19-1 The going concern assumption is a basic one of not only auditing but also accounting. If the auditor cannot rely on the going concern assumption then the entire valuation basis of financial reporting is thrown into doubt. This could have a huge impact on the type of audit evidence that would need to be gathered, e.g., evidence and reporting on liquidation values. 19-2 Opinion shopping is suspect because it has occurred in situations wherein clients have attempted (and sometimes succeeded) in finding a new auditor who will agree with a questionable accounting treatment (early revenue recognition or unwarranted expense or loss deferral). It can be beneficial, like getting a second medical opinion, to help solve a difficult accounting and financial reporting problem. SOLUTIONS FOR EXERCISES AND PROBLEMS – PART I EP19-1 To summarize, audit risk as represented in the audit risk model incorporates factual and projected misstatements of CAS 540 but not judgmental misstatements. Audit risk is evidence risk and we know from chapter 10 that statistical sampling theory helps justify the audit risk model. Two of the misstatements concepts of CAS 540.A118, factual and projected misstatements, deal directly with audit risk. They have analogues straight out of sampling theory. For example, factual misstatements in inventory counts are the differences between the counted inventory and what is recorded. If the count is done on a sampling basis then the factual misstatements in the sample can be used to estimate the misstatements for the entire population. This is referred to as projected misstatements (see chapter 10). Note that both misstatements relate to evidence gathering, and both are used to assess the materiality of the misstatements. Sampling theory can also be used to assess the risks associated with failing to detect a material misstatement, as shown in chapter 10. The class of risks related to testing not covered by the audit risk model are the non-sampling risks. In this sense judgemental misstatements create non-sampling risk of material misstatement and these risks are not covered in the audit risk model. They are, however, covered in part by audit training and experience, quality control standards, and accounting standards. The particular risk we focus on in this chapter, accounting risk, arises from judgemental misstatements due to forecast errors in predicting the future. Thus you will not find accounting risk in the audit risk model. EP19-2 A reasonable estimate is essentially one that does not have significant risks arising from estimation uncertainty (CAS 540.11). As explained in this chapter, this requires that the auditor look for 2 quantitative conditions for the estimate: first that there exists a well calibrated reasonable range (i.e., the range captures a reasonable number of future outcomes such as 95% or other level of assurance that might be used for the engagement), and second that there exists an estimate with acceptable level of accounting risk within this range. The auditor decides what is acceptable EP19-3 To see this, ask the class if the auditor can “know” what interest rates, or gold prices, or oil prices will be like a year from now. Can the auditor control these? The answer is “no.” If the auditor could do these things auditors would be the wealthiest people on earth! However, auditors are not clairvoyants. Can the auditor “control” these prices within a given materiality amount? If the answer is “no” then the auditor will not necessarily, and increasingly, “not usually,” be able to limit an accounting estimate based on such forecasts to a given materiality. Increasingly, the best the auditor can do is to make sure that uncertainties with respect forecasted estimates are properly disclosed via financial reporting, either as estimates in the financial statements, or disclosed in notes, or can be ignored for fair presentation. This is what risk based reporting (RBR) is all about. SOLUTIONS FOR EXERCISES AND PROBLEMS – PART II EP19-4 Horse Business Accounting Part I: Revenues minus expenses equals profit (pre-tax) from the horse business = 1600 minus 1400 = 200. University students seem to get thrown by the fact the same horse is involved in both transactions. See if your students have the same problem. Note the audit risk and accounting risk are both zero here. Everything is totally factual. Part II: � Under contingency accounting the profit is -$500 (no contingent gain can be recognized—IFRS and HB3290.18) with accounting risk = .25. Note there is no audit risk because the auditor has all the evidence they need for this transaction and there is no additional information. � Under fair value accounting the profit is $200 (based on expected cash flow—IFRS and HB3063.A18) but accounting risk is 100%, and audit risk is again zero. � Note that fair value accounting results in a recorded amount that is 100% guaranteed to not be realized. This is the same risk of misstatement as if the transactions would have been entirely fictitious! � The above suggests a logical inconsistency in the treatment of measurement uncertainties in the Handbook. What first principles should we be using in fair presentation concept? Here we propose risk based reporting with consideration of accounting risk. � If acceptable accounting risk is .2 then construct an RBR matrix showing that if probability of payoff of lottery ticket is between 1.00 and .8 I.e., region I of the RBR matrix, the record region of the RBR matrix)), then the ticket can shown as a $2800 asset to result in fair presentation. If payoff probability is between .8 and .2 (i.e., region II of RBR matrix, the disclose region of RBR matrix), then this ticket should not be recorded as an asset on the balance sheet but should be disclosed in the notes. And if the payoff probability is between .2 and 0 (i.e., region III, the ignore region of the RBR matrix), then the lottery ticket can be ignored in financial reporting. All this follows from RBR logic using the RBR matrix. This illustrates that the RBR matrix can be a useful way of summarizing what should be done in financial reporting to result in fairness of presentation. Note also did this decision is entirely under the control of the auditor because it is the auditor who sets the acceptable level of accounting risk, and this acceptable level drives the boundaries of the three regions in the RBR matrix. Thus with acceptable accounting risk of .25 we see that the lottery ticket falls in region II and we should only disclose this, and not record the lottery ticket as an asset as of the balance sheet date. This means no asset should be recognized when the lottery ticket is acquired, but the contingent gain should be disclosed. So revenues equal total assets received = 900, total expenses = 1400 to give a loss of 500 in the horse business. A contingent asset of 2800 is disclosed in the notes. � If acceptable accounting risk is .3, then the record region (region I) becomes probability of payoff 1.00 to .7, the disclose region (region II) is .7 to .3, and the ignore region (region III) is .3 to 0 probability of payoff. The profit on the horse business now is still -500, but there is no need to disclose the potential payoff from having the lottery ticket. Part III � GAAP profit under contingency accounting is same as in Part II illustrating how immune to accounting risk GAAP accounting can be. Under fair value accounting the expected gain from the lottery ticket is now .75 times $2800 equals $2100, so that total revenues from the horse business are now 2100 + 900 = 3000 and total expenses remain 1400 yielding a profit of $1600. � Using the same logic and RBR matrix as in Part II, but with a probability of payoff of the $2800 now much higher. With acceptable accounting risk of .2, the payoff probability falls in region II so can only disclose the payoff and profit in the horse business remains at -500. � With acceptable accounting risk of .3 the lottery payoff probability now falls into the record region (region I) so that the entire amount of payoff is recognized on the balance sheet and as part of income. Profits for the period thus are revenues of $2800 + $900 = $3700 minus expenses of $1400, yielding a profit of $2300. We can now see the effects of increasing the acceptable level of accounting risk: it tends to increase reported profits and assets. Put another way the increased profits and assets arise because of the higher risks that are taken in financial reporting as captured by the accounting risk concept. Part IV A man bought a horse for $300 and sells it the first time for a financial instrument (asset 1) having payoffs in the reasonable range $600-800. You assume a uniform distribution applies to this range and that the auditor’s materiality is $60. Then the man buys the same horse back for $600 and sells it a second time for a lottery ticket (asset 2) with a payoff of $3600 at probability of 0.75 and $0 at probability of 0.25. How much was earned in the horse business, assuming the profit needs to be calculated well before the payoff dates for both asset 1 and asset 2? Give at least 2 alternative profit calculations under IFRS as per the CICA Handbook. Clearly indicate the values of asset 1 and asset 2 separately, and clearly explain the CICA Handbook reasoning. You can assume that “probable” of Part I, Basis for Conclusions, the conceptual framework for financial reporting of IFRS in the CICA Handbook means the same as .5 probability; and that the auditor uses the highest future payoff that is appropriate. The horse business example requirements: RBR and justifying a reporting decision. Assuming acceptable accounting risk is .40, calculate a profit in Part I under EBAT and any related disclosure decisions. There are many profits possible because of the high acceptable AccR. A good example is 700 + 3600 – 900 = 3400. Assuming acceptable accounting risk is .20, calculate a profit in Part I under EBAT and any related disclosure decisions. Now only one profit is possible: 0 + 0 – 900 = -900 i.e., a $900 loss. What is the maximum income using contingency accounting for IFRS? To get this 4 mark question you first need to find the benchmark range with assumed acceptable AccR = .5 as the meaning of “probable”: B = (640, 760). Since you want the max income use 760 from B so that income = 760 + 3600 – 900 = $3460. Which of the alternatives in Parts I and II do you prefer and what are the warrants in your reasoning? Most pick RBR with AccR = .2 because it yields the most conservative number. As long as you give me a good reason consistent with your answer, you got full marks for this part. Some people got bonus marks for noting that prohibition of contingencies would also require that the concept of “probable” would need to be re-visited. EP19-5 i) Give a numerical example of a materiality that results in a Nirvana accounting estimate situation for the above RR. Is your materiality a performance materiality or overall materiality? MM = 10k. Specific materiality is the more correct response as then we know it applies to the specific estimate. However, it can be overall mateiality if there is no specific materiality based on user needs. Performance materiality is not an issue because this is not a sampling context. Only the financial statement user needs matter for accounting risk. ii) Give an example of a materiality for which there exists a benchmark range with acceptable AccR = .2 at least at one point, but not at all points within RR, thereby solving Cockburn’s problem. MM = 4k or more. iii) Give an example of a materiality that results in Nightmare accounting estimate situation. MM is less than 4k iv) What should the auditor do about an auditee company’s reported estmate in its financial statements that happens to be in a Nightmare situation? There is no estimate acceptable. Report to audit committee. Add an EOM paragraph. Other possibilities: Add disclosures in notes to FS. Eliminate the estimate as it is misleading for fairness of prsentation. Use a compliance reporting framework instead of a fairness of presentation framework. EP19-6 Review and refer to PMM formula in appendix 19A. Audits are supposed to provide high assurance, meaning low risk of failing to detect a material misstatement (e.g., .05). Yet Petroni and Beasley find that the probability of material misstatement for their audited estimates is over 0.90. How can this be explained? One explanation is that auditor’s planned an appropriately low audit risk (e.g., .05) yet achieved a risk of .90. Such an explanation does not reflect well on the profession as the explanation would indicate that the auditors do not know how to control audit risk! Another explanation is that auditor’s planned an audit risk of .90 and achieved it. This does not make sense either because a planned audit risk of .90 indicates a planned assurance of only .10. In no sense of the word “high assurance” can we accept .10, and in no sense of the words low audit risk can we accept .90. Both explanations above indicate auditor incompetence. Can you come up with an explanation that reflects more positively on the profession? That’s what the accounting risk concept tries to do! The accounting risk concept does this by assuming that audit risk concept misses an important risk of financial reporting, which is the accounting risk. Accounting risk captures the business risk of the client not captured by audit risk. Most business risk is not captured by the audit risk concept. To understand this ask yourself if audit procedures should affect client business risks like failing to meet targeted sales levels or failing to make loan payments on time. If you agree that audit procedures will not have an impact on many important client business risks and that client business risks are largely independent of audit procedures then you get the PMM model shown in Appendix 19A. EP19-7 If you accept the logic of the solution to EP19-6 then you are ready to use the formula for PMM to explain the Petroni and Beasley results. The formula is as follows as explained in Appendix 19A. PMM = AudR + ((1 minus AudR) * AccR). Using this formula we see that Petroni and Beasley’s result apply to the audited estimates meaning both audit and accounting risk have been incorporated in their probability of material misstatement, which we model with this formula for the reasons given in EP 3. This means the .90 applies to PMM, and if we make the charitable assumption that the auditors did achieve a planned audit risk (AudR) of .05, then using the formula we can calculate what AccR was on these audits. It was .89! In other words accounting risk was much more important than audit risk on these audits for these estimates. For those who think these Petroni and Beasley results are some king of outliers, you should review the Christensen et al. 3012 study referenced in the chapter. It is clear that with fair value accounting and IFRS accounting risks are becoming more important and common. EP19-8 The calibration exercises have check figures at the end of each exercise. Note that students should do this based on the knowledge they possess when doing these exercises. They should not be doing any research to answer the questions. The whole point is to learn that it is possible to get ballpark estimates based on existing background knowledge, and that a team may do better than an individual in making these assessments. Calibration Exercise 1: 1. 5.9% 2. 0.9% 3. $4.2 billion (in U.S. dollars) 4. 7.4% 5. 1% 6. 15.9% 7. 1.61 8. $639 billion 9. 179 billion 10. 1 USD for 1.0168 CAD Calibration Exercise 2: 1. $1,561 million 2. $53 million 3. $15 million 4. $100.36/bbl 5. $28.57 billion 6. $1.4 billion 7. $29.55 billion 8. $10 billion 9. $38.5 billion 10. 3.00% Calibration Exercise #3: (If 9 out of 10 of your ranges include these then your ranges are well calibrated; anything lower than 90% indicates an optimism bias) 1. Estimated as high as $23 billioni. 2. BP spilled 30 million gallons of oil, three times the Exxon Valdez, for example-$11 millionii. 3. In 1994, the court ordered Exxon to pay $287 million in actual damages and $5 billion in punitive damages. However, the punitive damage was reduced to $507.5 million after 14 yearsiii. 4. 5731iv. 5. In the four years before the company’s bankruptcy, the investors lost $74 billion, of which $40 to 45 billion was estimated to be due to fraudv. 6. Approximately $19 billion; Enron revealed that the actual debt is closer to $36.4 billion rather than the reported amount of $17 millionvi. 7. The average yield over 10 years for government of Canada marketable bonds is 2.59% at 29 Nov 2011vii. 8. It rose by more than 9,000 percentviii. 9. Approximately 120 countries permit or require IRFS for domestic listed companiesix. 10. 1.8%x. CHAPTER 20 Legal Liability Cases SOLUTIONS FOR REVIEW CHECKPOINTS 20-1 The plaintiff in a common law action for civil damages essentially bears all the burdens of affirmative proof. He must prove damages, that the accountants' work was faulty, that he relied upon the accountants' product, that his loss resulted from this reliance, and that the accountants were negligent (in whatever degree is required for recovery). The plaintiff will probably also have to show privity or another form of foreseeable relationship (e.g., known third-party beneficiary). The defendant accountant only has to present a defense and refutation of plaintiff's charges and evidence. 20-2 The Ultramares rule, essentially, is that if an auditor conducts his work with such gross negligence as to amount to constructive fraud or constructive deceit then he may be liable for damages. The decision, and also a part of the "rule" from Ultramares, was that an auditor may not be liable to unidentified third parties for negligence. One can infer that liability for negligence might be imposed when third party beneficiaries are known (but this was not explicit in the court opinion). The Ultramares rule(s) is (are) being eroded today. No longer is privity the shield that it was in 1931, and auditors are being held responsible for a greater degree of care. However, in some jurisdictions, the Ultramares view is still strong. 20-3 Privity refers to the direct relationship of parties to a contract. Accountants owe contracting parties (e.g. clients) a duty not to be negligent. Liability can be imposed for ordinary negligence by the accountant. A primary beneficiary is the party an accounting service is intended to benefit, a known or reasonably foreseen users. Accountants can be liable for ordinary negligence. Foreseeable beneficiaries are the creditors, investors, or potential investors the accountant can figure to use financial statements. Accountants' liability is not entirely clear. Some courts have ruled liability for ordinary negligence, while others have required more-than-ordinary to trigger liability. 20-4 Lawsuits related to compilation and review engagements, 11 percent. Some of these lawsuits may include those arising from the following SEC requirements. Regulation S-X contains requirements for audited annual and unaudited interim financial statements filed with the SEC. Regulation S-K contains requirements relating to all other business, analytical and supplementary financial disclosures in SEC filings. Financial Reporting Releases express new rules and policies about accounting and disclosures required or encouraged by the SEC. SOLUTIONS FOR DISCUSSION CASES AND PROBLEMS EP20-1 Responsibilities for Errors and Irregularities a. Yes, a weakness in internal control exists. It may be considered a material weakness because the compensating control (internal auditors' work on slow-moving inventory) did not operate in a timely enough manner to detect the irregularity before it had gotten large. Ritter may have violated the accounting and internal control provisions of the Corruption of Foreign officials Act. If Ritter is a public company registered under the Exchange Act (1934), it may have violated the accounting and internal control provisions of the Foreign Corrupt Practices Act. If a material weakness in internal control exists, Huffman & Whitman are obligated by CAS 260 to report it to those charged with governance directors. b. The problem description indicates that this element of the audit was conducted in a negligent manner. There's nothing wrong about auditing a sample of the transactions, but Whitman's follow-up and explanation of the missing receiving reports leaves much to be desired. At the very least he could have reviewed the reports produced by Lock at a later date, and he could have traced the purchases to the inventory records and perhaps noticed an over-stocking condition. The auditors had some evidence that an irregularity might exist, but they failed to apply extended audit procedures properly. EP20-2 Responsibility for Errors and Irregularities Donovan's responsibility under GAAS, is to plan the audit procedures to detect errors and irregularities that would have a material effect on the financial statements. Whether McCoy would prevail depends upon two questions: (1) The materiality of the undiscovered embezzlement and whether it was concealed by falsifying the financial statements and (2) Donovan's planning and performance of appropriate procedures. If the amount is material, Donovan is potentially liable. If Donovan performed a careful audit without negligence, liability probably would not attach. If not, Donovan might be found negligent and liable to McCoy with whom he was in a privity relation. All the common law features (damage, reliance, cause, negligence, privity) are present. The actual resolution of liability is only a matter of their degree. McCoy, however, can be faulted (although probably not in a contributory negligence sense) for not informing Donovan about the anonymous letter. Donovan should have obtained a signed representation letter in which McCoy asserted he knew of no errors or irregularities that he had not told Donovan. With such a signed assertion, Donovan might not be found liable at all. Even if Donovan is judged liable, McCoy could probably recover only the embezzled amounts after the audit ($65,000) but not the amounts taken before the audit ($40,000). EP20-3 Common Law Liability Exposure Yes. The PA firm is guilty of a common law deceit, commonly referred to as "fraud." The PA firm was associated with financial statements that were not in conformity with generally accepted accounting principles because of the failure to disclose the restriction on the cash received, as well as the contingent liability. This association constitutes the commission of an actionable tort (deceit) upon the creditors. The fact that there was no privity of contract between the creditors and the accountants is not crucial for an action based on deceit. Where deceit is involved, the defense of lack of privity is not available. Deceit is an intentional tort, and those who engage in it must bear the burden of their wrongdoing, even though they may not have intended harm to those affected. Thus the PA firm is liable to all injured parties including the creditors. EP20-4 Common Law Liability Exposure a. Under the Ultramares rule Risk Capital would prevail if it is shown that Wilson & Wyatt were grossly negligent and perpetrated a constructive fraud. Risk Capital would have a basis in the law of tort for gross negligence. However, the problem assumes that only ordinary negligence is proved, so under Ultramares Risk Capital would not likely prevail for lack of privity of contract for the audit with Wilson & Wyatt. b. Under the Rusch Factors decision Risk Capital may be viewed as a foreseeable third-party beneficiary to the audit contract between Wilson & Wyatt and Sunshine, especially since Wilson & Wyatt had opportunity to read the contract between Risk Capital and Sunshine and thereby know of Risk Capital's intended reliance on the audit. The Rusch Factors decision appears to impose liability in this situation for ordinary negligence on the part of the auditor. EP20-5 Common Law Liability Exposure a. Yes. Smith was a party to the issuance of false financial statements and as such is a joint tortfeasor. The elements necessary to establish an action for common law fraud are present. There was a material misstatement of fact, knowledge of falsity (scienter), intent that the plaintiff bank rely on the false statement, actual reliance and damage to the bank as a result thereof. If action is based upon fraud there is no requirement that the bank establish privity of contract with the PA. Moreover, if the action by the bank is based upon ordinary negligence, which does not require a showing of scienter, the bank may recover as a third-party beneficiary (an exception to the strict privity requirement). Thus, the bank will be able to recover its loss from Smith under either theory. b. No. The lessor was a party to the secret agreement. As such, the lessor cannot claim reliance on the financial statements and cannot recover uncollected rents. Even if he was damaged indirectly, his own fraudulent actions led to his loss, and the equitable principle of "unclean hands" precludes him from obtaining relief. c. Smith was not independent. His report is improper and he is probably subject to disciplinary action. According to the ethics interpretation on actual or threatened litigation: "An expressed intention by the present management to commence litigation against the auditor alleging deficiencies in audit work for the client is considered to impair independence if the auditor concludes that there is a strong possibility that such a claim will be filed." EP20-6 Common Law Liability Exposure Ordinarily, users of financial statements, other than those who contracted for the audit and those known in advance to the auditor, may not recover for ordinary negligence by the auditor in the performance of an audit. Usually, recovery of damages by third parties must be based on fraud. Actual knowledge of falsity (scienter) is generally required for an action based upon fraud may be satisfied by either * Showing a reckless disregard for the truth. * Demonstrating that the auditor was grossly negligent. It appears that the three deficiencies in the audit by Farr & Madison might be sufficient to satisfy either approach. The deficiencies of failure to check the existence of certain receivables, collectibility of other receivables, and existence of security investments, taken collectively, if not individually, appear to show a reckless disregard for the truth. In fact, the audit probably lacks sufficient competent evidential matter as a reasonable basis for an opinion. The auditors may be judged to have been grossly negligent. EP20-7 Review Engagement Liability a. Liability to Hotshot and other stockholders: Hotshot in its own right may bring an action, or the other stockholders may bring a derivative action against Mason & Dilworth on behalf of the corporation, for negligent performance in failing to detect the fraud (embezzlement). A lawsuit based on constructive fraud might be asserted against M & D, because the conduct of the review may be characterized as gross negligence with reckless disregard for the truth. Individual shareholders and lending institutions will claim this is the case, and if upheld, privity of contract will not be a valid defense. b. Liability to financial institutions: Third-party financial institutions have rights to sue accountants for negligence in performing review engagements. As a general rule, third parties, even though not direct parties to an audit contract, may successfully assert negligence if they can show that they are members of a class of persons intended to benefit from the services performed by the PA and that their use of the statements was reasonably foreseeable by the PA. EP20-8 Regulation D Exemption; Refer to Appendix 20A a. After the sale, Fancy will have more than $5 million assets and more than 500 shareholders. (Note: Be careful-- the SEC changes these numbers from time to time.) Fancy will have to register under the Exchange Act and start to file reports on Forms 10-K, 10-Q, and 8-K. Fancy will become a public, "reporting" company. (Fancy will also be subject to the insider trading, proxy solicitation, and other requirements.) b. Any purchaser can sue the company for failure to file the required registration statement. The purchasers can get their money back. Willful violation of the Securities Act of 1933 also carries monetary fine and jail penalties. c. An offering under Regulation D is exempt from registration. The securities can be sold to an unlimited number of accredited investors (institutions or wealthy individuals). For all other investors (nonaccredited), a maximum of 35 can buy the securities. (Regulation D also requires Fancy to provide some financial statements and to limit the general advertising of the offer. These technical topics were not discussed in the textbook chapter.) EP20-9 Applicability of Securities Act and Exchange Act: Refer to Appendix 20A 1. a. The statement is essentially true. The greater liability exposure is to all purchasers of the securities registered under the Securities Act (1933), whereas under common law only parties in privity or primary beneficiaries have good standing to sue. Other persons may sue, to be sure, but the standards of greater negligence stand in their way of recovery. b. The statement is essentially not true. Under Section 11 of the Securities Act (1933) the auditors have to show that they conducted a reasonable investigation. Courts could find that negligence considerably short of actual or constructive fraud could constitute lack of "reasonable investigation." 2. a. T This is required as part of training and proficiency (Audit Standards) and competency (Ethics Rule 201) and by SEC Rule 2(e). b. F Both incorporated and unincorporated issuers are subject to the securities acts. c. F The Exchange Act (1934) applies to all listed companies. d. T Refer to the answer in (1) above. e. F The Securities Act (1933) regulates securities offerings regardless of the intrastate nature of the business. The Exchange Act (1934) regulates trading on exchanges, also regardless of the intrastate nature of the business. The law applies so long as the "instrumentalities of interstate commerce" are used to issue securities subject to regulation. EP20-10 Section 11 of Securities Act (1933): Refer to Appendix 20A Yes. The situation is covered by the Securities Act (1933). First, it eliminated privity as a defense in cases involving third-party investors suing accountants for negligence. Any person acquiring securities described in the registration statement may sue if the financial statements contain a false statement or misleading omission of a material fact. Clearly, the financial statements in question contained either a false statement or material omission. However, the PA may avoid liability if he can show freedom from negligence or fraud by showing that he had, after reasonable investigation, grounds to believe and did believe the financial statements were true. The Act requires, however, that the PA be able to sustain this freedom from fault not only as of the date of the financial statements, but beyond that, as of the time when the registration statement become effective. In this case it would appear that the PA firm cannot avoid liability. It failed to make any reasonable effort to verify the validity of the statements as of the effective date. Merely taking the word of the company's executives would not be sufficient. Thus liability may be imposed upon the accountants, May, Clark & Company. The corporation and its officers will also be liable. EP20-11 Rule 10b-5 Liability, Exchange Act (1934): Refer to Appendix 20A a. The case should be dismissed. A suit under Section 10(b) and Rule 10 b-5 of the Exchange Act (1934) must establish fraud. Fraud is an intentional tort and as such requires more than a showing of negligence. Although the audit was admittedly improper and performed in a negligent manner, the CPAs neither participated in the fraudulent scheme nor did they know of its existence. The element of scienter or guilty knowledge must be present in order to state a cause of action for fraud under Section 10(b) of the Exchange Act (1934). (Refer to the Hochfelder decision.) b. The plaintiffs might have stated a common law action for negligence. However, they may not be able to prevail due to the privity requirement. There was no contractual relationship between the defrauded parties and the PA firm. Although the exact status of the privity rule is unclear, it is doubtful that the simple negligence in this case would extend Gordon & Groton's liability to the customers who transacted business with Bank. However, the facts of the case as presented in court would determine this. EP20-12 Foreign Corrupt Practice Act a. FCPA violations: The corporation and the individuals violated the anti-bribery provisions, and they caused the corporation to violate the internal control requirement by overriding the Global controls related to proper classification and disclosure of expenditures. b. Penalties: The corporation can be fined as much as $1 million. The SEC, for an extreme penalty, could seek to have trading halted on the NYSE. The individuals can be fined as much as $10,000 each and given jail sentences of as much as five years. (Note: Be careful--the SEC changes these numbers from time to time.) (AICPA adapted) EP20-13 Management Fraud Probability Assessment This problem is one of Robert Ashton's cases on judgment and decision making (Accounting Review, January, 1984, pp. 78-97.) Ashton gives credit to Joyce and Biddle, "Are Auditors' Judgments Sufficiently Regressive?", Journal of Accounting Research, Autumn, 1981, pp. 323-49.) The case versions A, B, C, and D manipulate two variables you can use to experiment with students' perception of the meaning of "hit rates" of models or, perhaps, prior knowledge of the incidence of events. The four versions of the case differ as follow: Case A Case B Case C Case D If a key manager has been involved in fraud,the test indicates "fraud" 8 of 10 8 of 10 8 of 10 8 of 10 If a key manager has not been involved in fraud, the test indicates "fraud" 20 of 100 4 of 100 20 of 100 4 of 100 Evidence indicates managers have been involved in mater- ial fraud 10 in 100 10 in 100 1 in 100 1 in 100 Ashton's Answer Guide Two factors are manipulated in this exercise to produce four different forms of the problem: (1) the base rate, or prior probability, of fraud (one percent or ten percent), and (2) the "false positives" rate (four percent or 20 percent). The "positive hit rate" is held constant, at 80 percent, for all forms of the exercise. A high positive hit rate is not sufficient for a test like the one described here to be highly diagnostic; a low false- positives rate is also required. Of course, the base rate is relevant in this exercise. However, the base rate is likely to be ignored or underutilized by people who employ the representativeness heuristic... The application of Bayes Theorem to this exercise shows that the correct answers are probabilities of: Form A .31 Form B .69 Form C .04 Form D .17 (You may need to be ready with Bayes' probability calculation if you show these "correct answers" to students!!) Holding false-positive rates constant, forms with lower base rates (C and D) should produce responses lower than forms with higher base rates (A and B). Holding base rates constant, forms with higher false-positive rates (A and C) should produce responses lower than forms with lower false-positive rates (B and D). If students tend to consider only the positive hit rate and ignore base rates and/or false positives, however, their responses will tend to be too high. FORM B Management Fraud Probability Assessment A team of accountants and psychologists has developed a procedure to test for the existence of management involvement in fraudulent activities. The procedure consists of developing a personality profile of key managers and relating this profile to a master profile compiled from interviews conducted by clinical psychologists with a substantial number of individuals who have admitted to perpetrating material frauds. If the manager's profile is sufficiently similar to the master profile, the test signals "fraud." If there is not sufficient similarity, the test signals "no fraud." In the last 18 months, the procedure has been tested rather extensively in the field by a national public accounting firm and it has found the following: ** If a key manager has been involved in a material fraud, the test procedure indicates "fraud" eight times out of ten. ** If a key manager has not been involved in a material fraud, the test will nonetheless indicate "fraud" 4 times out of 100. ** The evidence indicates that about 10 key managers in 100 have been involved in material fraud. Based on these results, what is your assessment of the probability that a key manager who receives a "fraud" test signal is actually involved in fraudulent activities? (Circle the number closest to your probability estimate.) .00 .10 .20 .30 .40 .50 .60 .70 .80 .90 1.00 FORM C Management Fraud Probability Assessment A team of accountants and psychologists has developed a procedure to test for the existence of management involvement in fraudulent activities. The procedure consists of developing a personality profile of key managers and relating this profile to a master profile compiled from interviews conducted by clinical psychologists with a substantial number of individuals who have admitted to perpetrating material frauds. If the manager's profile is sufficiently similar to the master profile, the test signals "fraud." If there is not sufficient similarity, the test signals "no fraud." In the last 18 months, the procedure has been tested rather extensively in the field by a national public accounting firm and it has found the following: ** If a key manager has been involved in a material fraud, the test procedure indicates "fraud" eight times out of ten. ** If a key manager has not been involved in a material fraud, the test will nonetheless indicate "fraud" 20 times out of 100. ** The evidence indicates that about 1 key manager in 100 has been involved in material fraud. Based on these results, what is your assessment of the probability that a key manager who receives a "fraud" test signal is actually involved in fraudulent activities? (Circle the number closest to your probability estimate.) .00 .10 .20 .30 .40 .50 .60 .70 .80 .90 1.00 FORM D Management Fraud Probability Assessment A team of accountants and psychologists has developed a procedure to test for the existence of management involvement in fraudulent activities. The procedure consists of developing a personality profile of key managers and relating this profile to a master profile compiled from interviews conducted by clinical psychologists with a substantial number of individuals who have admitted to perpetrating material frauds. If the manager's profile is sufficiently similar to the master profile, the test signals "fraud." If there is not sufficient similarity, the test signals "no fraud." In the last 18 months, the procedure has been tested rather extensively in the field by a national public accounting firm and it has found the following: ** If a key manager has been involved in a material fraud, the test procedure indicates "fraud" eight times out of ten. ** If a key manager has not been involved in a material fraud, the test will nonetheless indicate "fraud" 4 times out of 100. ** The evidence indicates that about 1 key manager in 100 has been involved in material fraud. Based on these results, what is your assessment of the probability that a key manager who receives a "fraud" test signal is actually involved in fraudulent activities? (Circle the number closest to your probability estimate.) .00 .10 .20 .30 .40 .50 .60 .70 .80 .90 1.00 EP20-14 Deficiencies in the auditor’s report are as follows: Address The report should be addressed to the Shareholders of PPC Ltd., not the Board of Directors. Introductory Paragraph The Statement of Changes in Financial Position is not identified. The auditor’s responsibility to express an opinion is omitted. Scope Paragraph The auditor obtains reasonable assurance about whether the financial statements are “free of material misstatement,” not “fairly presented”. The auditor’s assessment of the accounting principles used is omitted. An audit provides a “reasonable basis for an opinion,” not a “basis for determining whether any material modifications should be made.” First Explanatory Paragraph There should be no reference to the change in amortization methods in the auditor’s report as it is disclosed in the notes to the financial statements. Opinion Paragraph The phrase “except for” should not be used. The auditor’s concurrence with the change in accounting principles is implicit and need not be mentioned. Second Explanatory Paragraph There should be no reference to the lawsuit in the auditor’s report as it is disclosed in the notes to the financial statements. EP20-15 SAMPLE RESPONSE a) In determining whether the bank will be successful in its suit, the court would consider the following factors in arriving at its decision: - Auditor owed duty of care to bank as foreseeable third party user - Auditor breached duty of care - Damages resulted to bank who relied on financial statements - Damages were caused by breach of duty - the bank, as a creditor was a legitimate foreseeable third party that would rely on the statements. Therefore, the auditor owed a duty of care to the bank - Muss accepted the work of Able without examination of either the subsidiary’s accounting records or Able’s working papers. The courts would consider Muss’ relationship with Able. Muss says they were in good standing with the institute. If Muss deals with them frequently and know of the firm’s integrity and high quality work examination of working papers probably would not be necessary. However there is nothing to indicate a long standing relationship and therefore perhaps some examination of their work should have been performed. Muss says 10% of consolidated net income was not material. However according to many materiality guidelines this would be considered material. In addition it is stated that a major cause of the insolvency was over valuation of the subsidiary’s net assets, therefore the subsidiary appears to represent a material part of Muss’ client. Is there a connection between loss and negligence? If the bank had given a loan to the subsidiary or increased a line of credit based on the financial statements, then there would appear to be a connection between the damages and the breach of duty. However, the loan may have been based on prior year’s financial statements. In this case, there would not be a connection. In my opinion, the bank would be successful as they could say that they would have called the loan (which was granted based on prior year’s financial statements)had they known about the overstatement of assets. Furthermore, if it could be proven that the auditor knew about the misstatement then the auditor could be found guilty of fraud. b) As soon as possible after the review, the additional work on the subsidiary should have been done and if changes to the original statements appeared to be necessary, then the revised statements with additional disclosure should then have been re-issued to all parties. c) Materiality is the amount, if exceeded, that would influence the decisions of a user of the financial statements. Factors to consider when determining materiality are a follows: - pre-tax income - Risk - the risk increases when we must rely on other auditors - the bank will be relying on our report - consideration of users is important - nature of the business and any inherent risks in the business - environmental factors such as a poor economy or declining profits that may alert the auditor to situations involving going concern problems and thus possible overstatement of assets (or income) EP20-16 Sample Response To: Malory Dowell From: Alex P.Keaton, Jr. Re: Expansion Exploration Ltd. Prospectus a) As requested, I am outlining our involvement on the prospectus and the communications which need to be provided. Consent Letter We will provide audited balance sheets for the last two years and income statements for the last five years to be included in the prospectus. The letter addressed to the Securities Commission will provide our consent to the inclusion of the financial statements and our audit reports in the prospectus. Also, a subsequent review should be performed through enquiry and discussion since our last audit report to the date of the consent letter (to determine if any adjustments to the financial statements) is required. Comfort Letter We will perform a review on the interim financial statements using procedures such as enquiry, analysis and discussion. Upon completion, a comfort letter will be issued to the Securities Commission expressing negative assurance on the interim financial statements. As we are associated with the prospectus, we will read the entire document to ensure that the financial statements and reports are reproduced accurately and contain no misleading information. b) The auditors owe a duty of care to: - Expansion Exploration Ltd. due to privity of contract - Third party users such as potential investors under tort law. EP20-17 SAMPLE RESPONSE a) Overview Our role is to investigate the work of the auditors who conducted the examination of a now bankrupt real estate company. The client in this investigation, is a bank who loaned money to the real estate company. The bank is asking us to determine whether or not the real estate company’s auditors were negligent in performing their examination (i.e., did the auditors comply with GAAS). This is the basis for a possible court case. Guidelines We should establish whether or not the auditors acted in a manner in which prudent practitioners would in similar circumstances (i.e., did the auditors follow the standards of the profession). We must determine whether or not: - the financial statements were presented in accordance with GAAP, including the CICA Handbook and industry practice (CIPREC) - the audit was conducted in accordance with GAAS as set out in the CICA Handbook, and was consistent with other sources such as the CICA Audit Techniques Study for audits of real estate companies. Outline We should assess the auditor’s independence (e.g., the basis of client billing, the relationship of the auditors to the real estate company), whether the auditors had adequate technical proficiency and if their work was undertaken with due care. By reviewing the auditor’s working papers, we should determine whether or not the examination standards were met and consider the following: - if the audit was properly planned (is there evidence of: knowledge of the real estate industry and of the client’s business; determination of auditor risk and materiality with reference to financial statement users; determination of the audit approach) - if assistants were properly trained and supervised (evidence of working paper review) - if there was a study and evaluation of those internal controls on which the auditor relied in determining the nature, extent and timing of substantive procedures - if sufficient appropriate audit evidence was obtained to support the content of the audit report (consideration of: materiality; results of compliance testing; support for sample sizes; subsequent events; support for specific audit objectives; adequacy of note disclosure) b) The courts will decide the auditors’ liability to the bank based on the following criteria: - did the auditors owe the bank a duty of care? (i.e., was the bank a foreseeable third party who would rely on the financial statements?) - did the auditors breach their duty of care by performing the audit negligently? (i.e., without due care) - did the bank suffer a loss? - was the bank’s loss connected to the auditors’ breach of duty of care? EP20-18 The case presents a situation where several ‘red flags’ relating to money laundering are raised. An approach to analysing the case is set out below a) The approach can list several factors that suggest money laundering is suspected, for example the complexity of banking arrangements that have no apparent business purpose, the frequency of cash transfers between accounts, in particular foreign banks, and the lack of valid business explanations for these transfers, the unwillingness of the company’s management to address the auditor’s questions on the propriety of the transfers and potentially acting to deliberately intimidate the auditor into not following up on suspicions. The response can discuss how the auditors handled these red flags from the case facts resulting in further investigation of the suspicions, and how the auditors may have behaved differently with the result that the situation would not have been further investigated. b) Key issues in whistle blowing include the confidentiality requirements of the auditor, lack of legal solicitor client privilege so that clients cannot provide sensitive information to the auditor, the risk of the auditor being wrong and destroying a client relationship, etc. EP20-19 The main professional ethics principle is that auditors need to uphold the reputation of the profession. The main way to do this is to not be associated with misleading information, and from this follows that the purpose of the audit is to detect material misstatements. Confidentiality is a means to an end. The confidentiality principle exists to assist the auditor in being more effective by encouraging free communication between the auditor and the asserter. If a conflict were to arise between confidentiality and misleading information then to uphold the reputation of the profession the auditor should avoid such conflicts. But if such conflict is unavoidable confidentiality should not be allowed to create auditor association with misleading information. Thus the association principle should be the dominant principle. Note if this were made clearer in professional standards, then it is less likely that the courts would send conflicting signals as well. EP20-20 There are several aspects to this legislation (Bill 198 is now the Ontario Securities Act or OSA). First, the proportional liability created by OSA is in line with the auditor’s responsibility for failing to meet user needs, so that part is consistent with protecting the public interest. Second, putting a cap on auditor liability equal to the audit fee seems to be insufficient disincentive to deter auditors from skimping on audit quality. Hopefully, the monitoring of CPAB will compensate for this temptation to skimp on audit work. Finally, the fraud on the market theory if fully applied would appear to address the monetary losses of investors. In summary, OSA is at least a step in the right direction. Whether it fully meets user needs in a cost effective manner only time will tell. CHAPTER 21 Other Professional Accounting Services and Reports, Including Fraud Auditing SOLUTIONS FOR REVIEW CHECKPOINTS 21-1 Prospective financial statements are defined as complete financial statements in the same form as traditional income statements, balance sheets and statements of changes in financial position (cash flows). However, an abbreviated presentation constitutes prospective financial statements if it contains all of these items (if applicable): 1. Sales or gross revenue 2. Gross profit 3. Unusual or infrequently occurring items 4. Provision for income taxes 5. Discontinued operations or extraordinary items 6. Net income 7. Primary and fully diluted earnings per share 8. Summary of significant changes in financial position 9. Summary of significant assumptions 10. Summary of significant accounting policies Omission of any items 1-8 makes the presentation a partial presentation. Omission of 9 or 10 makes it a deficient presentation. 21-2 Similarities and Differences Examination Report on a Forecast Audit Report on Historical Statements a. Identification of financial statements and what they intend to represent. a. Identification of statements audited. b. Warning about ultimate attainment of prospective results. c. Statement about examination in accordance with CICA standards. c. Statement that audit was in accordance with GAAS. d. Opinion/assurance about presentation and reasonable assumptions. d. Opinion about conformity with GAAP. e. Statement about no responsibility to update the report. Compilation Report on a Forecast Compilation Report on Historical Statements a. Identification of financial statements and what they represent. a. Identification of statements compiled. b. Warning about ultimate attainment of prospective results. b. Statement/warning that information is the representation of management (owners). c. Statement about compilation in accordance with AICPA standards. c. Same kind of statement about compilation and CICA standards. d. Disclaimer of opinion/assurance. d. Disclaimer of opinion/assurance. e. Statement about no responsibility to update the report. 21-3 The main responsibility is to identify material inconsistencies between MD&A and the financial statements. Other responsibilities include review for completeness and reliability of MD&A. 21-4 In both AADBA and foreign-GAAP financial statements, the issuers use a "language" of accounting principles that is not the standard Canadian generally accepted accounting principles. Report users, who might expect standard Canadian GAAP, need to be put on notice (just like they need to be put on notice about AADBA statements) that the "language" is different and they must pay attention to the differences in order to accomplish desired analysis and interpretation. 21-5 The Canadian auditors should take care that the foreign-GAAP financial statements are not mistaken for U.S.-GAAP financial statements. This is accomplished by writing U.S.-style audit reports that are qualified or adverse, AADBA- type reports, giving notice of foreign-GAAP financial statements, or writing the foreign audit report. Foreign-GAAP financial statements that will have more than limited distribution in the United States. The options are: 1. Give the U.S. standard report, qualified or adverse for departures from U.S. GAAP, with another separate paragraph expressing an opinion on the fair presentation in conformity with the Canadian GAAP. 2. Give both (a) the report form used by auditors in the other country (A2 in the chapter) or a Canadian -style AADBA-type report modified to refer to the GAAP of the other country (A1 in the chapter), and (b) the qualified or adverse U.S. standard report with an additional paragraph expressing an opinion on the foreign GAAP (B1 in the chapter). When two sets of financial statements, Canadian GAAP and U.S. GAAP, are prepared and both may be distributed in Canada and in the United States. Report on each one: 1. Report on the Canadian-GAAP financial statements with a modified AADBA-type report (A1 in the chapter), with an additional paragraph notifying users that another report has been issued on U.S.-GAAP financial statements. 2. Report on the U.S.-GAAP financial statements as normally done for U.S. financial statements, but add a paragraph notifying users that another report has been issued on Canadian-GAAP financial statements. 21-6 While external auditors have responsibilities under the CICA generally accepted auditing standards for detecting material errors, irregularities, and certain illegal acts in connection with the independent audits of commercial and not-for-profit financial statements, governmental entities and government fund recipients contend with many more laws and regulations. It's a matter of degree. It's also a matter of reporting. In "normal" audits, external auditors do not report separately on compliance or on internal control. The OAG requires reports on compliance. The auditors can give positive assurance on areas tested with compliance procedures and negative assurance on areas not tested. 21-7 Operational auditing (performance auditing and management auditing) refers to auditors' study of business operations for the purpose of making recommendations about economic and efficient use of resources, effective achievement of business objectives and compliance with the company policies. An AICPA committee, having defined management advisory services (MAS) in much the same terms, thus "claims" operational auditing as a type of MAS--a kind of manifest destiny for public accountants to lay claim to all services. 21-8 Internal auditors' independence is enhanced by having the authority and responsibility to report to a high executive level and to the audit committee of the board of directors. They are most independent, in a practical sense, when they are not under the control or direct influence of operating managers whose functions, operations and results they may be assigned to audit. However, if truly independent audit committees were solely responsible for internal auditors and internal auditors were accountable only to the audit committee then some internal auditors claim there would be need for an external audit function. It would be an interesting governance experiment if things would be set up this way. Independent Internal Audit report versus independent external audit report! 21-9 The services provided by internal auditors include: (1) audits of financial reports and accounting control systems, (2) reviews of control systems that ensure compliance with company policies, plans and procedures and with laws and regulations, (3) appraisals of the economy and efficiency of operations, and (4) reviews of effectiveness in achieving program results in comparison with pre-established objectives and goals. 21-10 The Office of the Auditor General emphasizes the accountability of public officials for the efficient, economical and effective use of public funds and other resources. The CICA’s public sector pronouncements define and describe expanded scope governmental auditing including not only work done by accountants and auditors in examining financial statements, but also work done in reviewing (a) compliance with applicable laws and regulations, (b) economy and efficiency of operations and (c) effectiveness in achieving program results. 21-11 Public sector independence concerns speak to substantive issues of integrity and objectivity as well as to the independence-damaging appearance of financial and managerial involvement. Government auditors must be aware that personal factors such as preconceived ideas about programs, political or social convictions, and loyalty to a level of government may impair the integrity and objectivity that is the foundation of real independence. Like internal auditors, government auditors must be wary of external sources of independence impairment, such as interference by higher-level officials and threats to job security. Auditors of governmental units are presumed independent when they are: (1) free from sources of personal impairment, (2) free from sources of external impairment, (3) organizationally independent, (4) independent under Provincial Rules of Professional Conduct, (5) elected or appointed and reporting to a legislative body of government, or (6) auditing in a level or branch of government other than the one to which they normally are assigned. 21-12 According to the CCAF the 12 attributes of effectiveness are as follows: 1. Management Direction 2. Relevance 3. Appropriateness 4. Achievement of Results 5. Acceptance 6. Secondary impacts 7. Costs of productivity 8. Responsiveness 9. Financial results 10. Working environment 11. Protection of assets 12. Monitoring and reporting 21-13 A comprehensive audit is a CCAF umbrella concept that is used to designate an audit have all of the following elements: 1. A financial statement audit 2. A compliance audit and, 3. A VFM audit. 21-14 Compliance audits are narrower in focus involving tests of compliance with legislative and related authorities. VFM audits on the other hand consider broader concepts of economy, efficiency, and effectiveness to evaluate whether broader objectives are being achieved. In the case of financial reporting, since GAAP is currently nor risk based with respect to accounting risk one can argue that compliance reporting with GAAP ignores accounting risk whereas fairness of presentation reporting should not. 21-15 Economy relates to obtaining the lowest price for goods of acceptance quality. Efficiency relates to obtaining the maximum output for given inputs. Effectiveness relates to the degree to which explicit or implicit objectives are being met. Effectiveness is the most difficult attribute to audit because objectives may not be readily apparent, or suitable criteria may be difficult to develop (e.g., how to measure the effectiveness of a police dept., fire dept., hospital, or university?). 21-16 CAS 240, 250 require: (a) understanding and awareness of signs of errors, irregularities (including direct-effect illegal acts), and illegal acts (far removed). There is no difference among the categories at the awareness level. (b) design the audit to provide reasonable assurance of detecting material errors and irregularities (including direct-effect illegal acts), but the expectation is lower for far-removed illegal acts, where audit procedures (other than inquiry and familiarity) are performed only when specific information indicates that possible illegal acts may have a material indirect effect on financial statements. (c) about the same degree of scepticism with respect to all the categories; in connection with errors and irregularities (including direct-effect illegal acts) auditors should have the proper degree of professional skepticism, assuming neither dishonesty nor unquestioned honesty of management; in connection with far- removed illegal acts, auditors should make inquiries about management's policies and procedures for compliance with laws and regulations and obtain written management representations concerning the absence of violations of laws and regulations. (d) for reporting, the materiality concept is different: (1) for errors, the usual idea of materiality prevails, (2) for irregularities (including direct-effect and far removed illegal acts) immateriality is expressed in terms of "clearly inconsequential." Matters that fall below the threshold apparently can be reported to levels of management below the board of directors and audit committee. More important matters go to the director level, and management involvement in irregularities and illegal acts is never considered inconsequential. 21-17 Internal auditors include fraud detection responsibility by exercising due professional care and being aware of signs and indicators of fraud and alert to signs of wrongdoing, errors and omissions, inefficiency, waste, ineffectiveness, and conflicts of interest. They consider the possibility of noncompliance with policies, procedures, laws, and regulations. They review the systems used to safeguard assets from various types of losses, including those resulting from theft and improper or illegal activities. If significant control weaknesses are detected, they conduct additional tests directed toward identification of other indicators of fraud. 21-18 The CICA Public Sector standards are virtually the same: Public sector requires that auditors: Determine which laws and regulations are to be considered in an audit and to know about compliance requirements, and design procedures to detect abuse or illegal acts that could significantly affect the audit objectives. CICA requires that auditors: Be aware of various kinds of errors, irregularities and illegal acts, and design the audit to provide reasonable assurance of detecting material errors and irregularities (including direct-effect illegal acts), but the expectation is lower for far-removed illegal acts, where audit procedures (other than inquiry and familiarity) are performed only when specific information indicates that possible illegal acts may have a material indirect effect on financial statements. 21-19 Public sector standards do not make fine distinctions between different types of abuse, errors, irregularities, and illegal acts; they just say that auditors have responsibility to detect them. The CICA makes distinctions and imposes a detection responsibility for errors and irregularities, but is much lighter on far-removed illegal acts, and says nothing about "abuse." The internal auditors are still at the awareness level, with little said about a procedural detection responsibility. 21-20 For fraud examiners, control systems exist to be subverted, so they must "think like crooks" for the ways and means to do it. For fraud examiners, an oddity is an oddity no matter the amount of money involved, and small oddities ought not be passed by just because "$5,000 isn't material to the financial statements taken as a whole." External auditors comprehend materiality in relation to each year's financial statements, where, for example, a $50,000 misstatement of income might not be big enough to matter. Fraud examiners think of materiality as a cumulative amount. A fraud loss of $20,000 this year may not be material to an external auditor, but $20,000 each year for a 12-year fraud career amounts to $240,000 in the fraud examiner's eyes, and it is big enough to matter! 21-21 External Auditors Fraud Examiners Program/procedural approach, standard job Mind-set of sensitivity to the unusual. Nothing standard Make note of errors and omissions Focus on exceptions, oddities, patterns of conduct Assess control risk in general and specific terms to design other procedures "Think like a crook" to imagine ways to subvert controls for fraudulent purposes Use a concept of materiality that is usually much higher than amounts fraud examiners consider worth pursuing Very low threshold of materiality Materiality one year at a time Materiality multi-year, cumulative Use theories of financial accounting and auditing logic Theory of behavioral motive, opportunity, and integrity 21-22 Fraud-Prevention Management Style Style Leading to Fraud Democratic, open-door management Autocratic management Trust the employees and give them power in their jobs Orient management to low trust and power Install controls that don't make work difficult Install tight, bureaucratic controls Let people design and manage their jobs and work Insist everything be documented with a rule for everything Decentralize authority Centralize authority in top management Manage with foresight Manage by crisis Measure performance on long-run basis Measure performance on a short-term basis Have multiple measures of performance Make profits the only criterion for success Make rewards positive and generous Make rewards punitive, stingy, and political Give constructive positive and negative feedback Give feedback that is always critical and negative Create a cooperative workplace Create a highly hostile, competitive workplace Boss' exemplary behavior and decisions Boss' questionable behavior and decisions Make background checks on new employees Be lax about background checks Prosecute fraudsters Fire fraudsters without prosecution 21-23 (Good for in class discussion): The three general descriptions are: (1) overstating revenues and assets, (2) understating expenses and liabilities, and (3) giving disclosures that are misleading or omit important information. Merchant gives this typology of fraudulent financial reporting ploys (Merchant, K.A., Fraudulent and Questionable Financial Reporting: A Corporate Perspective (Morristown: Financial Executives Research Foundation, 1987), p. 5) Type of Fraud Examples Manipulating, falsifying or altering records or documents Changing dates on supplier invoices to delay expense recording Changing dates on shipping documents to record sales early Changing invoice amounts to understate recorded expenses Creating false inventory count sheets Suppressing or omitting transactions Failing to record supplier invoices at year end Recording transactions without substance Creating fictitious customer orders Misapplying accounting principles Capitalizing costs that should be expenses according to GAAP Recognizing revenue on sales for which a significant risk of return exists Purposely recording inadequate reserves estimates to show a predetermined (target) income Recording prepayments as current expenses to understate income Failing to disclose significant information Concealing an impairment in the value of certain assets Concealing pending litigation Not reporting a change in accounting policy 21-24 Find information about real estate valuation (tax appraisal) in the city and county tax assessor-collector files. About aircraft ownership from the Federal Ministry of Transportation. Names of licensed doctors in the provincial medical society directory. Assumed business names in the provincial or county assumed named registry. Liens on personal property in documents filed, by borrower name, in the county clerk or Ministry of Commercial Affairs or commercial department office. 21-25 Extended procedures are audit procedures performed only when (external) auditors think something deserves imaginative investigation in the circumstances. Usually they are more complicated and expensive than "normal" audit procedures, and they usually suggest a suspicion of something fraudulent going on. The text contains brief explanations of several "extended procedures," but these may seem "normal" for fraud examiners. 21-26 Two endorsements may indicate that the payee of the cheque is not the party that received the benefit of the cheque payment. The payee may be fictitious. 21-27 Medical and life insurance: ghosts usually do not elect these insurance coverages. Social insurance numbers: ghosts often have false or unlikely numbers made up by the fraudster. Addresses: ghosts may have the same address as a real employee or the same address as other ghosts, multiple employees at the same address is the tipoff. 21-28 Horizontal analysis refers to changes of financial statement numbers and ratios across several years. Vertical analysis refers to financial statement amounts expressed each year as proportions of a base such as sales for the income statement accounts and total assets for the balance sheet accounts. Auditors look for relationships that do not make sense as indicators of potential large misstatement and fraud. Net worth analysis is used when fraud has been discovered or strongly suspected, and the information to calculate a suspect's net worth can be obtained (e.g. asset and liability records, bank accounts). The method is to calculate the suspect's net worth (known assets - known liabilities) at the beginning and end of a period (months or years), then try to account for the difference as (1) known income less living expenses, and (2) unidentified difference. The unidentified difference may be the best available approximation of the amount of a theft. Expenditure analysis is similar to net worth analysis, except the data is the suspect's spending for all purposes compared to known income. If spending exceeds legitimate and explainable income, the difference may be the amount of a theft. 21-29 Prosecution of fraudsters is advisable, because left unpunished, they often go on to steal again. 21-30 According to CAS 240, immaterial (with relationship to the overall financial statements) errors are supposed to be reported to management at least one level above the people involved. The idea is that small matters can be kept in the management family. However, errors material to the financial statements must be adjusted and handled by management persons responsible for the financial statements to the satisfaction of auditors, or else the audit report will be qualified. According to CAS 250, the materiality threshold for irregularities and illegal acts is described as those that are "clearly inconsequential." The auditors should inform the audit committee of the board of directors of all irregularities, except ones that are "clearly inconsequential." Irregularities involving senior management are never "inconsequential." 21-31 Auditors should know how to preserve the chain of custody of evidence. The chain of custody is the crucial link of the evidence to the suspect, called the "relevance" of evidence by attorneys and judges. If documents are lost, mutilated, coffee-soaked, compromised (so a defense attorney can argue that they were altered to frame the suspect), they can lose their effectiveness for the prosecution. 21-32 1) If the employees cannot be found, maybe they do not exist. The names are odd. All the first and last names begin with the same letter. 2) If Eloise Garfunkle is a company employee, somehow she cashed a check payable to a supplier. Maybe she is related to the supplier, or maybe she intercepted the check before it reached the supplier. 3) Somebody is working on holidays! These dates are normal workdays off for most businesses: New Year's Day, Victoria day, Canada day, Labor day, Thanksgiving day, Christmas day. (Would students have been able to identify holidays like Victoria day and labor day if the other more obvious ones had not been listed?) 21-33 To audit for fictitious sales, audit the account(s) that could hold the "dangling debit" -- cash and accounts receivable. SOLUTIONS FOR EXERCISES AND PROBLEMS EP21-1 Review of Forecast Assumptions Assumption Evidence Sources and Procedures a. Sale of real estate 1. Determine market value of real estate: * Review appraisals (if any), inquire of real estate broker for the selling price of similar pieces of land. 2. Determine cost and tax basis of land: * Examine underlying documents (use financial statement cost presentations, if previously audited)--deeds, purchase contracts. * Review Internal Revenue Code and appropriate publications to determine proper tax basis, tax rates, treatment. 3. Determine after-tax profit and proceeds: * Based on above information, compute profit and proceeds. Compare amounts to client representations to determine reasonableness. 4. Determine authority for use of proceeds: * Examine minutes of directors' and officers' meetings for evidence of authority to sell the eal estate and a formal plan for using the proceeds to retire bonds. b. Retire outstanding debentures. 1. Determine probable cost of repurchasing bonds: * Examine amount, terms of bonds outstanding. * Review current forecasted market for bonds, in light of terms, amount. * Compute estimated cost of repurchase. 2. Determine adequacy of funding for repurchase: * Compare amount of proceeds [computed in (a)] to amount estimated for repurchase. 3. Determine authority for retirement: * Examine minutes of executives' and officers' meetings for evidence of approval of retirement. c. Labor contract 1. Determine probable wage increase: * Examine prior contract settlements, including subjective analysis of labor-management relations. Confer with union officials. * Examine documents, memos, and minutes regarding upcoming labor negotiations. * Examine management's proposed contract. 2. Determine effect of higher than predicted wage settlement: * Recompute effect of percent change in wage increase to net income and correlate to management's figures. d. Sales projections 1. Determine estimated completion date of Portsmouth facility: * Examine contract plans, consult with contractor, observe facility. * Examine contracts for machinery, installation; consult with vendor--dates, type of equipment, productive capacity. * Compare auditor-estimated completion date to management's for reasonableness. * Consider if company can meet personnel requirements of the new facility. 2. Estimate financial impact of Portsmouth production: * Compare productive capacity to forecasted sales figure (presumed determined reasonable by the auditor). * Recompute probable effect of delay in Portsmouth's completion date and compare to management's figures. EP21-2 Auditing A Current-Value Balance Sheet a. The main practice standard is the Assurance Standard (Section 5025). As to conduct of the review, however, the general and field work standards of GAAS are applicable. Also, the standard on using the work of specialists is applicable in connection with the appraisal of asset values. b. Primary current value--related procedures: 1. Reconcile or correspond the description, quantity or other characteristics of appraised assets to the historical cost-based accounting records. 2. Utilize the work of appraised specialists as guided by Section 5360. c. Yes, additional disclosures will be necessary. NPC will need to write footnote disclosures explaining the "comprehensive basis of accounting other than GAAP." Full disclosure of the nature and determination of the current values will need to be made. d. Yes, there is an evidential problem. The land appraisal is too old. ($250,000 was the appraisal value 28 months ago.) The value is probably higher now, but it could be lower--there's no evidence that it is up to date. Also, there is a problem of how to account for the income tax element--whether to impute taxes to all book- current value differences, just to the land value difference (since it is a "surplus" asset), or to impute none at all. This matter is one of wide disagreement among accountants. EP21-3 Errors in a forecast examination report. 1. The statement about the underlying assumptions is poorly phrased. The auditor should not say "the underlying assumption of $1.5 million average revenue per store is sufficient to cover the fixed and variable expenses..." The more general phrase about all "underlying assumptions provide a reasonable basis for management's forecast" is more appropriate. 2. In addition, the report should not contain statements about facts of the deal (the mention that certain expenses are the obligations of the limited partners), because this is the kind of financial information that should be disclosed in the terms of the deal. If this information was omitted by Kingston, the auditors should qualify the report for omission of information. 3. The first mention of the sufficiency of the store revenue assumption to cover expenses is an inappropriate way to say the assumption is reasonable. The statement seems to imply the forecast results will be achieved. 4. The warning phrase ("However, there will usually be differences between the forecasted and actual results, because store revenues frequently do not materialize as expected, and the shortfall may be material.") is poorly phrased, because it suggests that the only potential difference may be in the revenue, implying that other elements of the forecast (expenses, for example) will turn out to be the amounts forecasted. EP21-4 The question requires a discussion of the distinctions among transaction-based audits, ‘strategic systems’ audits and reviews. Some points that can be discussed include the following. Both types of audits result in a positive assurance in the form of an opinion on whether or not financial statements are presented fairly in accordance with GAAP (or other disclosed basis of accounting). The review provides a lower level of assurance, or ‘moderate’ assurance, in the form a statement that the nothing has come to the public accountant’s attention to suggest the financial statements are not ‘in accordance with GAAP’. No reference to fair presentation is made in the review engagement report. While it is reasonable to expect that an audit requires a higher level knowledge of the business than a review, it is interesting to note that the CICA review standards specifically set out the requirement for the accountant to have adequate knowledge of the business to conduct the review. In contrast, the GAAS examination standards make no reference to a requirement for the auditor to have an adequate knowledge of the business to conduct the audit. Perhaps the GAAS imply this requirement in the general standard of performing the audit with ‘due care’, and recommendations are provided elsewhere in the Assurance Handbook but it is not explicit in the standards themselves. GAAS do include a requirement for the auditor to obtain an understanding of internal control, which also may imply a good understanding of the business operations. There are no formal professional standards governing ‘strategic systems’ audits, but the description in the text implies that this approach involves obtaining an intense understanding of the business, its operations, risks and strategic decisions and applying this understanding to achieve audit efficiencies by performing substantive procedures only when the understanding suggests a high risk of error. Finally, a discussion of how much knowledge and how much evidence is ‘enough’ involves considering the ubiquitous role of professional judgment in all assurance engagements. Factors such as those used to set audit risk, and assess inherent and control risks can be elaborated on in the context of different assurance objectives, as well as the role of experience, training, supervision and other practical factors. EP21-5 The question requires application of judgment in determining appropriate communication with a successor auditor. Factors such as professional conduct, confidentiality and other assumptions about relevant issues not provided in the scenarios need to be considered to support the recommended communication. From the predecessor auditor viewpoint: in all cases request permission from client to communicate with successor auditor regarding the points at issue. If client refuses, the refusal should be communicated to the successor. From the successor auditor viewpoint, assuming the predecessor is allowed to communicate the point at issue: situation a—ask for progress payments, situation b—most likely refuse the engagement as too risky, situation c— decide on the basis of whether or not you agree with the client’s judgment given the fact circumstances, situation d—most likely refuse the engagement as too risky. If the client refuses to allow communication with the predecessor auditor, this is normally an important sign of an overly risky client. EP21-6 This case involves considering how audit or review reports on specific items (e.g., CICA s.5805 or s.8500) or performance of specified verification procedures (s. 9100) can be used to provide useful services to clients in certain situations. In this case the client is looking for assurance that tenants are providing complete information on which their rent payments are calculated. a) Identify the client’s needs, list the applicable services and analyse the costs and benefits of each for the client in term of procedures to be performed and level of assurance provided b) Additional benefits to note could include improvements in report formats to be obtained from tenants, identification of additional reporting items or system requirements that can be included in future lease terms with tenants, etc. EP21-7 The case involves applying standards for attestation engagements (CICA s. 5025) to a public sector funding situation. An example of an approach to the case is below. a) ‘Homecare accountability’ is the subject matter. It might be attested to as an attestation on a written assertion or a direct reporting engagement. Assuming a report, some categories that would be relevant include training, administration, payroll and other expenditures related to providing homecare. Some performance benchmarks and measures of the province’s results against them could also be part of an accountability reporting framework. b) Suitable criteria should be relevant, reliable, neutral, understandable and complete in evaluating the subject matter - accountability for spending federal healthcare money on homecare initiatives and delivery. c) Reference can be made here to performance standards - obtaining sufficient appropriate evidence to support the conclusion, documenting basis for conclusion including significance (materiality) and engagement risk, and appropriate form of report for high assurance. Specific procedures would include review of payment approvals, cost allocations and controls over expenditures and recording, vouching expenditures to establish proper classification, etc. EP21-8 The case involves an audit of financial statements that may be affected by environmental issues. An approach to analyzing the case is outlined below. a) Data are provided that can be used to assess expected disposal costs and volumes, to corroborate the new disposal cost impact and assess the potential for environmental liability arising from compliance with disposal regulations. Assumptions are required and will affect the analysis and conclusions. b) The analysis may support the General Managers information, however additional independent evidence can be obtained from the disposal company, from review of industry statistics and examination of payments, etc. c) To the extent that environmental non-compliance creates a liability, the estimation of this liability and the need to include it in the financial statements if it is material and estimable can be relevant to assessing whether the financial statements are fairly presented. CICA Audit Guideline No. 19 is useful to read to respond to this question. EP21-9 Reasonable responses include: a) PA has associated him/herself by performing services in connection with company information b) PA has associated him/herself by providing advice to the company c) PA is associated without his/her knowledge, by the company informing its banker that PA is its accountant d) PA has associated him/herself with the company, assuming permission was given to include PA’s name in the promotional materials e) PA has associated him/herself by serving as the company’s auditor f) PA has associated him/herself by performing services in connection with company information EP21-10 Expenditure Analysis FORENSIC ACCOUNTING CONSULTING ENGAGEMENT 1 Known Expenditures: House payments 12 @ $ 1,377 $ 16,524 Mercedes payments 12 @ $ 2,361 28,332 Nissan Maxima payments down + monthly 9,444 Audio and video equipment 5,532 Household expenses 12 @ $900 10,800 Total estimated expenditures $ 70,632 Known Sources: Beginning bank balance $ 3,462 Takehome pay 12 @ $2,950 35,400 Ending bank balance (2,050) Total known sources $ 36,812 Expenditures financed by unknown sources $ 33,820 EP21-11 Net Worth Analysis: Nero’s Records FORENSIC ACCOUNTING CONSULTING ENGAGEMENT 2 END YEAR ONE END YEAR TWO END YEAR THREE ASSETS: Residence $ 100,000 $ 100,000 $ 100,000 Stocks and Bonds 30,000 30,000 42,000 Automobiles 20,000 20,000 40,000 Certificate of Deposit 50,000 50,000 50,000 Cash 6,000 12,000 14,000 Total Assets $ 206,000 $ 212,000 $ 246,000 LIABILITIES: Mortgage Balance 90,000 50,000 -0- Auto Loan 10,000 -0- -0- Total Liabilities $ 100,000 $ 50,000 -0- Net Worth $ 106,000 $ 162,000 $ 246,000 Change in Net Worth $ 56,000 $ 84,000 TOTAL EXPENSES* 30,800 28,000 Increase in Net Worth + Expenses $ 86,800 $ 112,000 KNOWN INCOME 40,000 42,000 FUNDS FROM UNKNOWN SOURCES $ 46,800 $ 70,000 * Includes some principal payments on debts. SOLUTIONS TO DISCUSSION CASES DC21-1 Essentially, compliance frameworks are those general purpose frameworks that do not meet the conditions of fairness presentation frameworks (see page 654 of the text). This means compliance reporting frameworks do not have a fairness override, and explains why the words present fairly cannot be used in compliance reporting (e.g., see the wording of a compliance opinion in the box on page 654 of the text). As pointed out in the application case analysis section at the end of the chapter, suitable criteria for compliance frameworks tend to rely on detailed rules rather than on general principles because one fairly narrow objective tends to be involved in compliance frameworks (e.g., tax reporting or other legal requirements). Compliance auditing discussed in the public sector section of the chapter indicates examples of compliance reporting. Compliance audits are quite common in code law countries such as continental Europe where contents of financial reporting are specified by legislation. When general purpose financial statements are prepared using a compliance framework – an unlikely scenario in Canada – the wording of the auditor’s opinion under CAS 700 is different from the opinion when a fair presentation is used. Notice how the words “presents fairly” do not appear. The auditor only opines whether the financial statements are ‘prepared in accordance with” the compliance framework. This situation is not addressed in Section 5400. Generally, an auditor would issue a reservation of opinion if the compliance framework resulted in financial statements that are not prepared in accordance with the stated criteria. DC21-2 Currently the FASB GAAP hierarchy consists of 1. FASB standards (authoritative) and 2. Everything else including the conceptual framework (non-authoritative). Some recent history to illustrate how the accounting reasoning process has been changing: The FASB’s GAAP hierarchy until July 1, 2009 was as follows. This hierarchy had five strata, listed below in descending order of authority: 1. FASB Statements and Interpretations, APB Opinions, and AICPA Accounting Research Bulletins. 2. FASB Technical Bulletins, AICPA Industry Audit and Accounting Guides, and AICPA Statements and Practices. 3. Consensus positions of the FASB emerging Issues Task Force and AICPA Practice Bulletins. 4. AICPA accounting interpretations, “Questions and Answers” published by the FASB staff, as well as industry practices widely recognized and prevalent. 5. Other accounting literature, including FASB Concept Statements, AICPA Issues Papers, International Accounting Standards Committee Statements, GASB Statements, Interpretations and Technical Bulletins, pronouncements of other professional associations or regulatory agencies, AICPA Technical Practice Aids, and accounting textbooks, handbooks and articles. Originally, the GAAP hierarchy in the US was decided by auditing standards (I.E., NOT ACCOUNTING STANDARDS). The AICPA’s GAAP hierarchy ranked the FASB Concept Statements [components of the Conceptual Framework] in the bottom stratum. However, on April 28, 2005, pursuant with the FASB’s issuance of an exposure draft titled “The Hierarchy of Generally Accepted Accounting Principles” and associated documentation, the FASB (2005, p. i) conceded that the place of the Conceptual Framework in its hierarchy was too low, out of kilter with the IASB, and that the FASB intended to do something about this. Nonetheless, in May 2008, when it issued a revised version of this exposure draft as FASB 162, it observed in its “Summary” preface that FASB 162 was not expected to result in changes in current practice. It is noteworthy that in FASB 162, FASB Concept Statements remained in the bottom stratum of the hierarchy —although it did mention that they should “normally be more influential than other sources” in the (bottom) category in which they appear (para 5). Nevertheless, with the new FASB Codification of accounting standards that went into effect on July 1, 2009 the concept statements are treated as “non- authoritative,” even though their original function was to guide the more detailed FASB statements that are “authoritative” in the new codification. The above state of affairs suggests that under CAS 700, FASB codified standards are not fair presentation standards because they do not allow a fairness override in the application of specific statements. In particular the 3 requirements listed on the bottom of page 654 of the text are not satisfied by the FASB codified standards. Some might even argue that FASB codification standards are not logical as a consequence. This can discuss this be discussed in class as part of a critical thinking exercise. DC21-3 The application case and analysis at the end of the chapter now discusses this. The parts of the FASB/IASB conceptual framework for financial reporting currently approved still do not address this issue (as of June 30, 2012). Solution Manual for Auditing: An International Approach Wally J. Smieliauskas, Kathryn Kate Bewley 9780071051415
Download
Close
Close
