Unit Two The Auditing Profession
Unit Two The Auditing Profession
Unit Two The Auditing Profession
LEARNING OBJECTIVES
A. PROFESSIONAL ETHICS
Ethics can be defined broadly as a set of moral principles or values. Each of us has such set of values,
although we may or may not have considered them explicitly. Philosophers, religious organizations,
and other groups have defined in various ways the ideal sets of moral principles or values. Examples of
prescribed sets of moral principles or values at the implementation level include laws and regulations,
church doctrine, codes of business ethics for professional groups such as CPAs, and codes of conduct
within individual organization.
It is common for people to differ in their moral principles and values and the relative importance they
attach to these principles. These differences reflect life experiences, Successes and failures, as well as
the influences of parents, teachers, and friends.
1
Ethical behaviour is necessary for a society to function in an orderly manner. It can be argued that
ethics is the glue that holds a society together. Imagine, for example what would happen if we couldn't
depend on the people we deal with to be honest. If parents, teachers, employers, siblings, co-workers,
and friends all consistently lied, it would be almost impossible for effective communication to occur.
The public attaches a special meaning to the term professional. Professionals are expected to conduct
themselves at a higher level than most other members of society. For, example, when the press reports
that a physician, clergyperson, or CPA has been indicted for a crime, most people feel more
disappointment than when the same thing happens to people who are not labelled as professionals.
The term professional means a responsibility for conduct that extends beyond satisfying individual
responsibilities and beyond the requirements of society's laws and regulations. A CPA, as a
professional, recognizes a responsibility to the public, to the client, and to fellow practitioners,
including honourable behaviour, even if that means personal sacrifice.
The underlying reason for a high level of professional conduct by any profession is the: need for public
confidence in the quality of service by the profession, regardless of the individual providing it. For the
CPA, it is essential that the client and external financial statement users have confidence in the quality
of audits and other services. If users of services do not have confidence in physicians, judges, or CPAs,
the ability of those professionals to serve clients and the public effectively is diminished.
It is not practical for users to evaluate the quality of the performance of most professional services
because of their complexity. A patient cannot be expected to evaluate whether an operation was
properly performed. A financial statement user cannot be expected to evaluate audit performance. Most
users have neither the competence nor the time for such an evaluation. Public confidence in the quality
of professional services is enhanced when the profession encourages high standards of performance
and conduct on the part of all practitioners.
In recent years, increased competition has made it more difficult for CPAs and many other
professionals to conduct themselves in a professional manner. Increased competition sometimes has
the effect of making CPA firms more concerned about keeping clients and maintaining a reasonable
profit than with providing high-quality audits for users. Because of the increased competition, many
CPA firms have implemented philosophies and practices that are often called improved business
2
practices. These include such things as improved recruiting and personnel practices, better office
management, and more effective advertising and other promotional methods. CPA firms are also
attempting to provide more efficient audits through the use of engagement management software and
more effective audit planning. These changes are desirable, as long as they do not interfere with the
conduct of CPAs as professionals.
CPA firms have a different relationship with users of financial statements than most other
Professionals have with the users of their services. Attorneys, for example, are typically engaged and
paid by a client and have primary responsibility to be an advocate for that client. CPA firms are
engaged and paid by the company issuing the financial statements, but the primary beneficiaries of the
audit are statement users. Often, the auditor does not know or have contact with the statement users but
has frequent meetings and ongoing relationships with client personnel.
It is essential that users regard CPA firms as competent and unbiased. If users believe that CPA firms
do not perform a valuable service (reduce information risk), the value of CPA firms' audit and other
attestation reports is reduced and the demand for audits will thereby also be reduced. Therefore, there
is considerable incentive for CPA firms to conduct themselves at a high professional level.
The AICPA Code of Professional Conduct provides both general standards of ideal conduct and
specific enforceable rules of conduct. There are four parts to the code: principles, rules of conduct,
interpretations of the rules of conduct, and ethical rulings. The parts are listed in order of increasing
specificity; the principles provide ideal standards of conduct whereas ethical rulings are highly
specific.
Ethical Principles
3
1. Responsibilities In carrying out their responsibilities as professionals, members should
exercise sensitive professional and moral judgments in all their activities.
2. The Public Interest Members should accept the obligation to act in a way that will
serve the public interest, honor the public trust, and demonstrate commitment to professionalism.
3. Integrity To maintain and broaden public confidence, members should perform all
professional responsibilities with the highest sense of integrity.
4. Objectivity and Independence A member should maintain objectivity and be free of
conflicts of interest in discharging professional responsibilities. A member in public practice
should be independent in fact and appearance when providing auditing and other attestation
services.
5. Due Care A member should observe the profession's technical and ethical standards,
strive continually to improve competence and quality of services, and discharge professional
responsibility to the best of the member's ability.
6. Scope and Nature of Services A member in public practice should observe the
principles of the Code of Professional Conduct in determining the scope and nature of services to
be provided.
This part of the Code includes the explicit rules that must be followed by every CPA in the practice of
public accounting. Those individuals holding the CPA certificate but not actually practicing public
accounting must follow most, but not all, of the requirements. Because the section on rules of conduct
is the only enforceable part of the code, it is stated in more precise language than the section on
principles. Because of their enforceability, many practitioners refer to the rules as the AICPA Code of
Professional Conduct.
4
interpretations is difficult if not impossible for a practitioner to justify in a disciplinary hearing. The
most important interpretations are discussed as a part of each section of the rules.
Ethical Rulings
Rulings are explanations by the executive committee of the professional ethics division of specific
factual circumstances. The following is an example:
Question-A member serves on the board of directors of a nonprofit social club. Is the
independence of the member considered to be impaired with respect to the club!
Answer-Independence of the member is considered to be impaired because the board of
directors has the ultimate responsibility for the affairs of the club.
The second section contains the enforceable rules of conduct. Below you will find discussions on
important parts of the rules.
1. INDEPENDENCE
The first rule deals with independence in an audit and non-audit context. It states that "A member in
public practice shall be independent in the performance of professional services required by
standards promulgated by bodies designated by council."
In dealing with this rule, auditors preserve independence by a) avoiding financial connections that
make it appear that the auditor's wealth depends upon the outcome of the audit, and b) avoiding
managerial connections that make it appear that the auditors are involved in management decisions of
the audit client (thus auditing their own work).
The value of auditing depends heavily on the public's perception of the independence of auditors.
Independence in auditing means taking an unbiased viewpoint in performing audit tests, evaluating the
results, and issuing the audit report. If the auditor is an advocate for the client, a banker, or anyone
else, the auditor cannot be considered independent. Independence is regarded as the auditor's most
5
critical characteristic. The reason that many diverse users are willing to rely on the CPA's reports as to
the fairness of financial statements is their expectation of an unbiased viewpoint. It is not surprising
that independence is included as a generally accepted auditing standard and a rule of conduct.
Not only is it essential for auditors to maintain an independent attitude in fulfilling their
responsibilities but it is also important that the users of financial statements have confidence in that
independence. These two objectives are often identified as independence in fact and independence in
appearance. Independence in fact exists when the auditor is actually able to maintain an unbiased
attitude throughout the audit, whereas independence in appearance is the result of others'
interpretations of this independence. If auditors are Independent in fact but users believe them to be
advocates for the client, most of the value of the audit function is lost.
This rule applies not only to CPAs in public practice but also to CPAs working in government and
industry. The rule requires integrity and objectivity in all kinds of professional work-tax practice and
consulting practice as well as audit practice for public accountants-and all kinds of accounting work
performed by CPAs employed in corporations, not-for-profit organizations, governments, and
individual practices. In addition to integrity and objectivity this rule emphasizes (a) being free from
conflicts of interest between CPA and others, (b) truthful representation of facts in reports and
discussions, and (c) not allowing other people to dictate or influence the CPA's judgment and
professional decisions.
6
It is therefore recommended that recurring fees paid by one client or group of connected clients should
not exceed a certain reasonable percentage (such as 15%) of the gross practice income. The percentage
could be even lower if the client is a public company. Where one particular office within a practice
derives income over these limits, but the practice as a whole is not affected, the final reporting
responsibility for the audit should be transferred to another office.
If clients are retained above these limits, special safeguards should be set up. Where fee income from
one client exceeds those percentages, review procedures should be triggered.
The following persons would normally be regarded as being closely connected with a practice:
I. a partner, or in the case of a corporate practice, a director or shareholder:
II. a person closely connected with (i) above
III. an employee of the practice.
These categories are not exhaustive, for example, persons not related any way by blood or marriage
may nevertheless enjoy a friendship closer than any blood relationship. The auditor must always bear
in mind the need to maintain not merely independence but also the manifest appearance of
independence.
The threat to independence may be less where a partner or senior members of staff is not personally
engaged on the audit in questions, where his or her offices is distant from the reporting office and
where effective safeguards are in place in the internal procedures of the practice, such safeguards
might include rotation of the engagement partner and/or of senior members of staff. Similarly, a
7
connection with junior members of staff of the practice is less likely to be a threat than a connection
with a senior member of staff or partner.
A member should not personally take part in the conduct of the audit of a company if he or she has,
during the period upon which the report is to be made, or at any time in the two years prior to the likely
to the first day thereof been an officer (other than auditor) or employee of that company.
Shares inherited or acquired by marriage should be disposed of at the earliest practicable opportunity,
being a date at which the transaction would not amount to insider dealing.
(d) Loans
Again, independence may be threatened. A practice or anyone closely connected with it should not,
either directly or indirectly:
8
Objectivity may be threatened or appear to be threatened by acceptance of goods, services or
hospitality from an audit client.
Goods or services should not be accepted by a practice or by anyone closely connected with it unless
the value of any benefit is modest. Acceptance of undue hospitality poses a similar threat.
In all cases in which a practice is concerned in the preparation of accounting records for an audit client
the following safeguards should be observed:
I. the client should accept responsibility for the records as its own:
II. the practice should not assume the role of management conducting the operations of an
enterprise: and
III. the practice should make appropriate audit tests even where it has processed or maintained
certain records.
In general, a member should be careful not to go beyond an advisory role and drift into the
management sphere.
9
fairly and impartially on the company's accounts. In an action, under the circumstances, management
may be unwilling disclose information to the auditor.
A member in public practice shall not disclose any confidential information without the specific
consent of the client.
Confidential information is information that should not be disclosed to outside parties unless
demanded by a court or an administrative body having subpoena or summons power. Privileged
information is information that cannot even be demanded by courts. In all the recognized privilege
relationships, the professional person is obligated to observe the privilege, which can be waived only
by the client, patient, or penitent. (These persons are said to be the holders of the privilege.)
The rules of privileged and confidential communication are based on the belief that they facilitate a
free flow of information between parties to the relationship. The nature of accounting services makes
it necessary for the accountant to have access to information about salaries, products, contracts,
merger or divestment plans, tax matters, and other data required for the best possible professional
work. Managers would be less likely to reveal such information if they could not trust the accountant
to keep it confidential. If accountants were to reveal such information, the resultant reduction of the
information flow might be undesirable, so no accountant should break the confidentiality rule
without a good reason.
10
Difficult problems arise over auditors' obligations to "blow the whistle" about clients' shady or illegal
practices. Auditing standards deal with this problem: If a client refuses to accept an audit report that
has been modified because of inability to obtain sufficient competent evidence about a suspected
illegal act, failure to account for or disclose properly a material amount connected with an illegal act,
or inability to estimate amounts involved in an illegal act, the audit firm should withdraw from the
engagement and give the reasons in writing to the board of directors. In such an extreme case, the
withdrawal amounts to whistle blowing, but the action results from the client's decision not to
disclose the information. For all practical purposes, information is not considered confidential if
disclosure of it is necessary to make financial statements not misleading.
Auditors are not, in general, legally obligated to blow the whistle on clients. However, circumstances
may exist where auditors are legally justified in making disclosures to a regulatory agency or a third
party. Such circumstances include: (1) when a client has intentionally and without authorization
associated or involved a CPA in its misleading conduct, (2) when a client has distributed misleading
draft financial statements prepared by a CPA for internal use only, or (3) when a client prepares and
distributes in an annual report or prospectus misleading information for which the CPA hasn't
assumed any responsibility.
4. CONTINGENT FEES
Professional services should not be offered or rendered to a client on a contingent fee basis.
A contingent fee is a fee established for the performance of any service in an arrangement in which no
fee will be charged unless a specific finding or result is attained, or the fee otherwise depends on the
result of the service.
Under this rule, CPAs can charge contingent fees for such work as representing a client in a tax audit
and certain other tax matters, achieving goals in a consulting service engagement, or helping a person
obtain a bank loan in a financial planning engagement. CPAs can charge contingent fees like
investment bankers in merger deals and lawyers in injury lawsuits.
11
The rule permits CPAs to receive contingent fees except from clients for whom the CPAs perform
attest services, where users of financial information may be relying on the CPAs' work. The
prohibitions apply to attest engagements in which independence is required. Acceptance of contingent
fee arrangements during the period in which the member or the member's firm is engaged to perform
any of these attestations or during the period covered by any historical financial statements involved in
any of these engagements is considered an impairment of independence.
5. ACTS DISCREDITABLE
A member shall not commit an act discreditable to the profession.
This rule may be called the moral clause of the code, but it is only occasionally the basis for
disciplinary action. Penalties normally are invoked automatically under the AICPA Bylaws, which
provide for expulsion of members found by a court to have committed any fraud, filed false tax
returns, been convicted of any criminal offense, or found by the AICPA Trial Board to have been
guilty of an act discreditable to the profession.
Withholding a client's books and records and important documentation when the client has
requested their return.
Failing to follow government audit standards and guides in governmental audits when the client
or the government agency expects such standards to be followed.
Soliciting or disclosing CPA Examination questions and answers from the closed CPA
Examination.
Failing to file tax returns or remit payroll and other taxes collected for others (e.g., employee
taxes withheld).
Making, or permitting others to make, false and misleading entries in records and financial
statements.
12
A member in public practice shall not seek to obtain clients by advertising or other forms of
solicitation in a manner that is false, misleading, or deceptive. Solicitation by the use of coercion,
overreaching, or harassing conduct is prohibited.
To encourage CPAs to conduct themselves professionally, the rule prohibits advertising or solicitation
that is false, misleading or deceptive. Basic guidelines about advertising include:
Advertising may not create false or unjustified expectations of favourable results.
Advertising may not imply the ability to influence any court, tribunal, regulatory agency, or
similar body or official.
Advertising may not contain a fee estimate when the CPA knows it is likely to be substantially
increased, unless the client is notified.
Advertising may not contain any other representation likely to cause a reasonable person to
misunderstand or be deceived.
Advertising consists of messages designed to attract business that are broadcast widely to an
undifferentiated audience (e.g., print, radio, television, billboards). The guidelines basically prohibit
false, misleading, and deceptive messages.
Solicitation, on the other hand, generally refers to direct contact (e.g., in person, mail, telephone) with
a specific potential client. In regard to solicitation, the rule basically prohibits extreme bad behaviour
(coercion, overreaching, or harassing conduct).
Most CPAs carry out only modest advertising efforts, and many do no advertising at all. Public
practice is generally marked by decorum and a sense of good taste. However, there are exceptions, and
they tend to get much attention-most of it disapproving-from other CPAs and the public in general.
The danger in bad advertising lies in getting the image of a professional huckster, which may backfire
on efforts to build a practice.
13
to third party. A professional accountant in public practice shall not accept a commission for
referral of the product/service of others.
A commission is generally defined as a percentage fee charged for professional services in connection
with executing a transaction or performing some other business activity. Examples are insurance sales
commissions, real estate sales commissions, and securities sales commissions. CPAs can earn
commissions except in connection with any client for whom the CPA performs attest services.
The rule treats commissions as an impairment of independence just like the rule on contingent fees.
When a CPA is involved in an attest engagement with a client, the CPA cannot receive a commission
from anyone for (l) referring a product or service to the client, or (2) referring to someone else a
product or service supplied by the client. It does not matter which party actually pays the commission.
However, the rule permits commissions, provided the engagement does not involve attestation
services. This permission is tempered by the requirement that the CPA must disclose to clients an
arrangement to receive a commission.
I. AUDIT RESPONSIBILITIES
Many users of audit reports expect auditors to detect fraud, theft, and illegal acts and to report them
publicly. Auditors take responsibility for detecting material misstatements in financial statements but
they are very cautious about taking responsibility for detecting all manner of fraud, and are especially
cautious about accepting a public reporting responsibility. Fraud and misleading financial statements
loom large among the concerns of financial statement users. They are afraid of information risk, and
they want it to be reduced, even eliminated.
When auditors do not meet the expectations of financial statement users, they may be held liable under
common law or statutory law. Common law is composed of legal decisions regarding actions taken
14
that injure a person or a person's property. In a common law action the judge will evaluate prior
decisions looking for legal precedent. Where no legal precedent can be found, the judge will follow a
sense of justice or morality taking into consideration prevailing customs and moral standards. Statutory
law is based on laws passed by legislative bodies and compiled in federal, state, and municipal codes.
In a statutory case the primary basis for a decision is whether the law, as written in the code, has been
violated by the actions of the party. A lawsuit claiming that the auditor did not perform the audit in an
appropriate manner would be a common law action.
The auditor's responsibility for detecting fraud in financial statements is a complex topic, and auditing
standards have emphasized that the auditor's need to be diligent in the pursuit of fraud. However, while
auditors have taken steps to increase their detection and awareness of fraud, the responsibility they
assume is still less than many users expect. This disparity leads to lawsuits, even when auditors have
performed an audit with due professional care.
Before we start to discuss the various legal liabilities faced by auditors it would be better to see issues
that are considered to be the sources of material misstatements in financial reports that form the basis
of professional responsibility of auditors.
Detect and Report Errors and Irregularities. Errors are basically defined as unintentional mistakes,
and irregularities refer to intentional distortions of financial statements. Auditors' concerns arise from
the fact that users of financial statements look to companies' controls and independent audits to provide
reasonable assurance that financial statements are not materially misstated as a result of errors or
irregularities.
Under generally accepted auditing standards, independent auditors have the responsibility to: (1) assess
the risk that errors and irregularities may cause a client's financial statements to be materially
misstated, and (2) design the audit to provide reasonable assurance of detecting errors and irregularities
material to the financial statements. In addition to the procedures ordinarily used to obtain audit
evidence, extended procedures should be performed if evidence indicates that material errors or
irregularities might exist. These requirements are intended to meet public expectations that the audit
report means that the auditors believe the financial statements are not materially misstated as a result of
errors or irregularities.
15
Auditors are also obligated to inform the client's audit committee of irregularities they discover, unless
the matter is clearly inconsequential, which means that the irregularity is of a magnitude so minor that
it does not matter at all. For example, small-time employee pilferage in a retail store-a matter routinely
handled by managers-need not be reported to the audit committee of the board of directors. However,
all knowledge of irregularities by senior management of a company should be reported to the audit
committee.
Auditors generally are not obligated or entitled to report irregularities to parties outside the company.
The rule of confidentiality inhibits such communications. However, there are some special
circumstances that can result in auditor communications about irregularities such as the former
auditor's responses to inquiries made by a new auditor when the client changes auditors and the
auditors' response to a legal subpoena. All these exceptions are related to providing information to
other parties concerned with irregularities discovered in the course of audits.
Detection of illegal Client Acts Two kinds of illegal acts can be identified. The first is the kind that
has a direct and material effect on the determination of numbers in the financial statements; for
example, income tax determination, product pricing regulations, and government contract terms for
revenue accrual. Auditors have basic responsibility for obtaining evidence about the numbers in the
financial statements, and hence have basic responsibility regarding illegal acts of this type. Auditors'
responsibilities are the same as for irregularities-to assess the risk of occurrence and to design the audit
to detect this type of noncompliance with laws and regulations.
The second type, which in the audit literature is called by the term illegal acts, involves violations of
laws and regulations which do not enter directly into accounting numbers, at least not initially.
Examples include violations of employment discrimination laws, securities laws, occupational health
and safety laws, environmental protection regulations, and antitrust laws. These matters are generally
beyond auditors' detection capabilities. Their financial effect usually starts as a disclosure about the
initiation of litigation or government action, and auditors learn of the violations because management
and management's lawyers tell them, or because government investigators release a report about the
company's violations. Sometimes, such violations are revealed in the business press by investigative
reporters.
16
Auditors' responsibility is to be aware that such violations may have occurred, ask management to
make written representations about such violations, if any, read the business press, and be alert to
government investigation reports. Technically, auditors' alertness includes additional investigation of
unauthorized transactions, large unexplained payments to employees or "consultants," excessive
commissions and agent's fees, unexplained payments to government officials, and failure to file
required tax reports. All these devices have been used to mask past illegal activities.
When auditors detect illegal acts of either type, communication to the audit committee is required. The
audit standards advise that clearly inconsequential illegal acts need not be communicated, which is the
same standard you saw earlier in connection with irregularities.
Client Representations One of the most useful auditing procedures for obtaining evidence is to ask
client personnel about a matter under investigation. For example, subjects of inquiries may include
questions about related party transactions, collectibility of receivables, obsolescence of inventory,
possible litigation and loss contingencies, and plans to discontinue a line of business. Ordinarily,
auditors can corroborate clients' responses by obtaining evidence from other sources, but in some cases
(e. g., plans to discontinue a line of business) no other source exists, and in others the corroborating
evidence may be very difficult to find (e.g., some kinds of related party transactions). Thus, auditors
may have to rely on client cooperation in important areas.
Identifying Related Parties Several cases involving materially misleading financial statements have
resulted from corporate officers' dealings among themselves, with affiliated companies, with family
members, and with shell companies. Transactions included borrowing or lending funds at interest rates
below the current market, selling real estate at prices significantly different from its appraised value,
exchanging property, and making loans with no repayment schedule. Auditing standards require
auditors to follow specific procedures for determining the existence of related parties, identifying
transactions with related parties, and auditing the identified transactions.
17
Communication of Internal Control Structure Related Matters Noted in an Audit. Most auditors
report internal control weaknesses to management in a management letter. This letter is a private
communication between auditor and management and is viewed as an additional service to
management as a result of the audit. Auditing standards established a requirement that auditors
communicate reportable conditions to the audit committee of the client's board of directors. Reportable
conditions are defined as deficiencies in the design or operation of internal controls which could
adversely affect the company's ability to record, process, summarize, and report financial data in the
financial statements. The purpose of this communication is to help the board of directors fulfill its
responsibilities for financial statements and oversight of the independent and internal audits.
Communication with Audit Committees You have already seen requirements about communicating
with audit committees in connection with errors, irregularities, and illegal acts. The ones listed below
have the general characteristic of general information intended to inform the audit committee about (1)
auditors' responsibilities, and (2) auditor-management interactions. The audit committee should be
informed, either orally or in writing, of the following:
18
II. LEGAL LIABILITY OF AUDITORS
Professionals have always had a duty to provide a reasonable level of care while performing work for
those they serve. Audit professionals have a responsibility under common law to fulfil implied or
expressed contracts with clients. They are liable to their clients for negligence and/or breach of
contract should they fail to provide the services or not exercises due care in their performance.
Auditors may also be held liable under common law in certain circumstances to parties other than their
clients. In addition to common law, auditors may be held liable to third parties under statutory law.
1. LIABILITY TO CLIENTS
The most common source of lawsuits against CPAs is from clients. The suits vary wide including such
claims as failure to complete a nonaudit engagement on the agreed-upon date, inappropriate
withdrawal from an audit, failure to discover a defalcation (theft of assets), and breaching the
confidentiality requirements of CPAs. Typically, the amount of these lawsuits is relatively small, and
they do not receive the publicity often given to other types of suits.
Clients may bring a lawsuit for breach of contract. The relationship of direct involvement between
parties to a contract is known as privity. When privity exists, a plaintiff usually need only show that
the defendant accountant was negligent. (Ordinary negligence-a lack of reasonable care in the
performance of professional accounting tasks-is usually meant when the word negligence stands
alone). If negligence is proved, the accountant may be liable, provided the client has not been involved
in some sort of contributory negligence in the dispute.
A typical lawsuit involves a claim that the auditor did not discover an employee defalcation as a result
of negligence in the conduct of the audit. The lawsuit can be for breach of contract, a tort action for
negligence, or both. Tort actions can be based on ordinary negligence, gross negligence, or fraud. Tort
19
actions are common because the amounts recoverable under them are normally larger than under
breach of contract.
The principal issue in cases involving alleged negligence is usually the level of care required. Although
it is generally agreed that nobody is perfect, not even a professional in most instances, any significant
error or mistake in judgment will create at least a presumption of negligence that the professional will
have to rebut. In the auditing environment, failure to meet GAAS is often conclusive evidence of
negligence.
The question of level of care becomes more difficult in the environment of an unaudited review or
compilation of financial statements in which there are fewer accepted standards to evaluate
performance. There are some widely known examples of a lawsuit dealing with the failure to uncover
fraud in unaudited financial statements. Although the CPA was never engaged to conduct an audit for
the client, the CPA may be found liable for failing to detect an embezzlement scheme conducted by,
for instance, one of the client's managers. One of the reasons for this outcome was the lack of a clear
understanding between the client and the CPA as to the exact nature of the services to be performed by
the CPA. Now, CPA firms and clients typically sign engagement letters to formalize their agreements
about the services to be provided, fees, and timing. There can be privity of contract without a written
agreement, but an engagement letter defines the contract more clearly.
Legal liabilities of professional accountants may arise from lawsuits brought on the basis of the law of
contracts or as tort actions for negligence. Breach of contract is a claim that accounting or auditing
services were not performed in the manner agreed. As discussed above, this basis is most characteristic
of lawsuits involving a public accountant and his/her client. Tort actions cover civil complaints other
than breach of contract (e.g. fraud, deceit, and injury), and such actions are normally initiated by users
of financial statements.
Suits for civil damages under common law usually result when someone suffers a financial loss after
relying on financial statements later found to be materially misleading. When an injured party
considers himself damaged by an accountant and brings a lawsuit, he or she generally asserts all
20
possible causes of action, including breach of contract (for clients), tort, deceit, fraud, and whatever
else may be relevant to the claim.
Other parties not in privity had no cause of action for breach of contract. However, if the negligence is
so great as to constitute gross negligence-lack of even minimum care in performing professional
duties, indicating reckless disregard for duty and responsibility-grounds might exist for concluding that
the accountant had engaged in constructive fraud. Actual fraud is characterized as an intentional act
designed to deceive, mislead, or injure the rights of another person. Constructive fraud, however, may
not have the same element of intent, but the result is the same-to deprive or injure another unsuspecting
party.
Fraud is a basis for liability in tort, so parties not in privity with the accountant may have causes of
action when negligence is gross enough to amount to constructive fraud. These other parties include
primary beneficiaries, actual foreseen and limited classes of persons, and all other injured parties.
Primary beneficiaries are third parties for whose primary benefit the audit or other accounting service
is performed. Such a beneficiary will be identified to, or reasonably foreseeable by, the accountant
prior to or during the engagement, and the accountant will know that his or her work will influence the
primary beneficiary's decisions. For example, an audit firm may be informed that the report is needed
for a bank loan application at the ABC Bank.
Accountants may also be liable to creditors, investors, or potential investors who rely on accountant's
work. If the accountant is reasonably able to foresee a limited class of potential users of his or her work
(e.g., local banks, regular suppliers), liability may be imposed for ordinary negligence. This, however,
is an uncertain area, and liability in a particular case depends entirely on the unique facts and
circumstances. Beneficiaries of these types and all other injured parties may recover damages if they
are able to show that an accountant was grossly negligent and perpetrated a constructive fraud.
The defendant accountant in a common-law action presents evidence to mitigate or refute the
plaintiff’s claims and evidence. For example, the accountant might offer evidence that the plaintiff was
not foreseen, the financial statements were not misleading, or the plaintiff contributed to the
negligence. The primary defense against a negligence claim is to offer evidence that the audit had been
conducted in accordance with GAAS with due professional care.
Accountants can defend a common-law action by presenting arguments and evidence to mitigate the
plaintiff's claims and evidence. In particular, an accountant can offer evidence to show:
1. There is lack of duty to perform the service means that the CPA firm claims that there
was no implied or expressed contract. For example, the CPA firm might claim that misstatements
were not uncovered because the firm did a review service, not an audit. A common way for a CPA
firm to demonstrate a lack of duty to perform is by use of an engagement letter. Many litigation
experts believe that a well-written engagement letter is one of the most important ways in which
CPA firms can reduce the likelihood of adverse legal actions.
2. The plaintiff did not suffer a real loss.
3. The financial statement misstatements were not material or the accountant's advice was
not faulty.
4. The plaintiff did not rely on the financial statements but on some other source of in-
formation.
5. Even if the plaintiff used the financial statements, the loss was caused by some other
events beyond the accountant's scope of responsibility. In other words, the auditor is claiming that
there is absence of causal connection. To succeed in an action against the auditor, the client must
be able to show that there is a close causal connection between the auditor's breach of the standard
of due care and the damages suffered by the client. For example, assume that an auditor failed to
complete an audit on the agreed-upon date. The client alleges that this caused a bank not to renew
an outstanding loan, which caused damages. A potential auditor defense is that the bank refused to
22
renew the loan for other reasons, such as the weakening financial condition of the client. This
defense is called an absence of casual connection.
6. Lack of Negligence: The accountant's work was performed in accordance with
professional standards (e.g., GAAS for audits of financial statements). In this case, the CPA firm
claims that the audit was performed in accordance with GAAS. Even if there were undiscovered
misstatements, the auditor is not responsible if the audit was conducted properly.
In addition, accountants can defend themselves on the grounds of contributory negligence. A defense
of contributory negligence exists when the client's own actions either resulted in the loss that is the
basis for damages or interfered with the conduct of the audit in such a way that prevented the auditor
from discovering the cause of the loss. As an example of the first circumstance, suppose a client claims
that a CPA firm was negligent in not uncovering an employee's theft of cash. If the CPA firm had
notified the client (preferably in writing) of a weakness in internal control that would have prevented
the theft but management did not correct it, the CPA firm would have a defense of contributory
negligence. As an example of the second circumstance, suppose a CPA firm failed to determine that
certain accounts receivable were uncollectible and, in reviewing collectibility, were lied to and given
false documents by the credit manager. In this circumstance, assuming the audit of accounts receivable
was done in accordance with GAAS, a defense of contributory negligence would exist.
3. CRIMINAL LIABILITY
Note that what may amount to a civil offence in one country may amount to a criminal offence in
another and vice versa.
23
In many high profile cases such as the Guinness scandal in the UK, where, it is impossible to
prove more serious charges, the seemingly minor offence of falsifying accounting records is
used and the maximum penalties applied.
c) In countries with established and mature stock markets, securities legislation usually makes
"insider dealing" an offence.
This is the misuse of unpublished price sensitive information'. Auditors are in a privileged
position to obtain price sensitive information such as mergers and take-overs or sudden changes
in profits. To encourage staff not to take advantage of this information, audit firms often
prohibit staff from holding and dealing in shares in client companies. In the USA securities
legislation itself prohibits auditors from holding shares in client companies.
d) Financial services legislation, as noted above, provides criminal sanctions for auditors and
others (principally directors) who knowingly or recklessly make false statements in connection
with the issue of securities (principally via the prospectus).
The auditor may leave the office due to various reasons: Some of them are;
– End of the term of engagement
– Disagreement between the auditor and the client
– Resignation by the auditor
24
The objectives of client acceptance and continuance procedure are:
1. To reduce the risk of accepting inappropriate auditor. The auditor is required to have insight in
to the prospective client’s past business practice, integrity of management team, and identify
any issues that may create a breach of professional obligations.
2. To ensure the quality of audit work
3. To comply with GAAS
The factors to be considered in client acceptance and continuance procedure:
a. Frequent changes of auditor: Could mean the firm is opinion shopping
b. Poor financial history: Could mean high chance for the fraud to exist in the financial statements
c. Work/business history: Unstable address
d. Overly litigious as a plaintiff or defendant: signals for party who is not afraid to sue (a risk of
non-payment) or who may not honor its agreements
e. High turnover in top management: Indication of lack of internal stability
f. Reluctance to provide references: Unwillingness to have a look at its background
g. Pressure to get deal quickly: Unwillingness to have a look at its background
h. Regulatory actions: Indication of poor controls or a management team ignoring internal
controls
The auditor is required to gather adequate information about the prospective client from various
sources such as predecessor auditor, inquiry of banks, & legal counsel, and background searches of
relevant database.
Engagement Letter
An engagement letter is an agreement between the auditor and the client with the purpose of avoiding
misunderstanding with respect to the engagement. The contents of an engagement letter may include:
• Objective of the audit
• Management responsibility for financial statement
• The applicable financial reporting framework
• The scope of the audit
• The form of any report
• Unrestricted access to any records, documents & other information
25
• The fact that some material misstatements may not be discovered due to the nature of the tests
and the inherent limitations of internal controls
• Management’s responsibility for establishing and maintaining internal controls
• Bases of fee computation
• Expectation of receiving written confirmation from management
• Description of letters to be issued by the auditor to the client
• Arrangements concerning the involvement of the internal auditor and other client staff
• Arrangements to be made with the predecessor auditor etc
26