How can auditors learn to more effectively detect financial statement fraud? One of the best ways is to “profit” from the mistakes of others. The information presented here is based on cases in which the SEC sanctioned auditors for their association with fraudulent financial statements. Enforcement actions against auditors are rare, but the consequences of individual cases can be great and the cases offer the profession an opportunity to learn and grow. While the lessons presented here will be most valuable to practitioners who perform audits, auditors employed by client companies may also benefit from understanding the process so they can develop realistic audit expectations.
Our analysis is based on a report we completed in 2000 for the AICPA ASB titled Fraud-Related SEC Enforcement Actions Against Auditors: 1987–1997. Our research initially involved 56 cases. However, 11 of those 56 cases involved a bogus audit or auditor where either the audit never took place or a non-CPA posed as an auditor and issued a phony opinion. In the remaining 45 cases the SEC alleged deficiencies in performing one or more “attempted” audit engagements. These cases form the basis for our analysis.
All of the cases involved public companies, most of which engaged in fraudulent financial reporting (or “cooking the books”). Only a few engaged in misappropriation of assets or defalcation (stealing). While the audit deficiencies described here may help auditors detect or prevent either type of fraud, with private companies—where stealing is the more pervasive risk—auditors face an entirely different set of considerations.