Understanding Business Accounting For Dummies, 2nd Edition (117 page)

Do Audits Always Catch Fraud?

Business managers and investors should understand one thing: Having an audit of a business's financial statements does not guarantee that all fraud, embezzlement, theft, and dishonesty will be detected. Audits have to be cost-effective; auditors can't examine every transaction that occurred during the year. Instead, auditors carefully evaluate businesses' internal controls and rely on sampling - they examine only a relatively small portion of transactions closely and in depth. The sample may not include the transactions that would tip off the auditor that something is wrong, however. Perpetrators of fraud and embezzlement are usually clever in concealing their wrongdoing and often prepare fake evidence to cover their tracks.

Looking for errors and fraud

Auditors look in the high-risk areas where fraud and embezzlement are most likely to occur and in areas where the company's internal controls are weak. But again, auditors can't catch everything. High-level management fraud is extraordinarily difficult to detect because auditors rely a great deal on management explanations and assurances about the business. Top-level executives may lie to auditors, deliberately mislead them, and conceal things that they don't want auditors to find out about. Auditors have a particularly difficult time detecting management fraud.

Under tougher auditing standards adopted recently, auditors have to develop a detailed and definite plan to search for indicators of fraud, and they have to document the search procedures and findings in their audit working papers. Searching is one thing, but actually finding fraud is quite another. There had been many cases in which high-level management fraud went on for some time before it was discovered, usually not by auditors. The new auditing standard was expected to lead to more effective audit procedures that would reduce undetected fraud.

Unfortunately, it does not appear that things have improved. Articles in the financial press since then have exposed many cases of accounting and management fraud that were not detected or, if known about, were not objected to by the auditors. This is most disturbing. It's difficult to understand how these audit failures and breakdowns happened. The trail of facts is hard to follow in each case, especially by just reading what's reported in the press. Nevertheless, we would say that two basic reasons explain why audits fail to find fraud.

First, business managers are aware that an audit relies on a very limited sampling from the large number of transactions. They know that there is only a needle-in-the-haystack chance of fraudulent transactions being selected for an in-depth examination by the auditor. Second, managers are in a position to cover their tracks - to conceal evidence and to fabricate false evidence. In short, well-designed and well-executed management fraud is extraordinarily difficult to uncover by ordinary audit procedures. Call this
audit evidence failure
; the auditor didn't know about the fraud.

In other situations, the auditor did know what was going on but didn't act on it - call this an
audit judgment failure.
In these cases, the auditor was overly tolerant of wrong accounting methods used by the client. The auditor may have had serious objections to the accounting methods, but the client persuaded the auditor to go along with the methods.

Take note of an article in
The Wall Street Journal
in late 1999, on the SEC's stepped-up activity in dealing with financial statement fraud. This article used the following terms: ‘busted audits', ‘bend the accounting rules', ‘fake numbers', ‘doctoring the books', ‘weak-kneed auditors', and ‘went soft on companies' books'. Even allowing for journalistic hype, these are rather harsh words for an article in such a respected newspaper as
The Wall Street Journal.
The tone of the article says a lot about the state of affairs in the world of auditing.

What happens when auditors spot fraud

In the course of doing an audit, the audit firm may make the followingdiscoveries:

Errors in recording transactions:
These honest mistakes happen from time to time because of inexperienced bookkeepers, or poorly trained accountants, or simple failure to pay attention to details. No one is stealing money or other assets or defrauding the business. Management wants the errors corrected and wants to prevent them from happening again.

Theft, embezzlement, and fraud against the business:
This kind of dishonesty takes advantage of weak internal controls or involves the abuse of positions of authority in the organisation that top management did not know about and was not involved in. Management may take action against the guilty parties.

Accounting fraud (
also called
financial fraud
or
financial reporting fraud):
This refers to top-level managers who know about and approve the use of misleading and invalid accounting methods for the purpose of disguising the business's financial problems or artificially inflating profit. Often, managers benefit from these improper accounting methods - by propping up the market price of the company's shares to make their stock options more valuable, for example.

Management fraud:
In the broadest sense, this includes accounting fraud, but in a more focused sense, it refers to high-level business managers engaging in illegal schemes to line their pockets at the business's expense, or knowingly violating laws and regulations that put the business at risk of large criminal or civil penalties. A manager may conspire with competitors to fix prices or divide the market, for example. Accepting kickbacks or bribes from customers is an example of management fraud - although most management fraud is more sophisticated than taking under-the-table payments.

When the first two types of problems are discovered, the auditor's follow-up is straightforward. Errors are corrected, and the loss from the crime against the business is recorded. (Such a loss may be a problem if it is so large that the auditor thinks it should be disclosed separately in the financial report, but the business disagrees and does not want to call attention to the loss.) In contrast, the auditor is between a rock and a hard place when accounting or management fraud is uncovered.

When an auditor discovers accounting or management fraud, the business has to clean up the fraud mess as best it can - which often involves recording a loss. Of course, the business should make changes to prevent the fraud from occurring again. And it may request the resignations of those responsible or even take legal action against those employees. Assuming that the fraud loss is recorded and reported correctly in the financial statements, the auditor then issues a clean opinion on the financial statements. But auditors can withhold a clean opinion and threaten to issue a qualified or adverse opinion if the client does not deal with the matter in a satisfactory manner in its financial statements. That's the auditor's real clout.

The most serious type of accounting fraud occurs when profit is substantially overstated, with the result that the market value of the corporation's shares was based on inflated profit numbers. Another type of accounting fraud occurs when a business is in deep financial trouble but its balance sheet disguises the trouble and makes things look more sound than they really are. The business may be on the verge of financial failure, but the balance sheet gives no clue. When the fraud comes out into the open, the market value takes a plunge, and the investors call their lawyers and sue the business and the auditor.