In a recent interview with The Wall Street Journal (“WSJ”), Paul Munter, the Acting Chief Accountant of the Securities and Exchange Commission (“SEC”), warned that, amidst a market selloff and fears of a recession, more companies could feel pressure to make misrepresentations in their financial statements, emphasizing the auditors’ responsibility to detect them. The interview comes on the heels of an October 11, 2022 written statement by Munter released by the SEC’s Office of the Chief Accountant (“OCA”), which outlined those responsibilities with respect to fraud detection.
According to Munter, the current economic environment and resulting uncertainties tend to lead to heightened fraud risk. The WSJ cites two active multi-billion dollar actions (in Germany and the United Kingdom) against Ernst & Young (“EY”), which is accused of alleged failings in its audits of two corporations—financial technology company Wirecard AG and hospital operator NMC Health PLC. Stateside, the WSJ reports, the SEC is similarly getting tougher on lax accountants, with record monetary sanctions having been issued in the most recent fiscal year.
Notably, under Public Company Accounting Oversight Board (“PCAOB”) auditing standards, auditors for publicly traded companies have a responsibility to consider fraud and obtain reasonable assurances about whether the financial statements are free of material misstatements, irrespective of whether caused by fraud or error.
In Munter’s October OCA written statement, he noted that PCAOB inspections consistently find instances where auditors (1) fail to apply due professional care and professional skepticism when considering fraud or (2) respond insufficiently to fraud risks and red flags. Munter emphasized in his October written statement that auditors must have “a questioning mind” and “exercise professional skepticism” when conducting audits.
Even seemingly small quantitative misstatements should be scrutinized. As the SEC has previously advised, such minor misstatements in financial statements should not be presumed to be immaterial, as qualitative factors may cause misstatements of quantitatively small amounts to be material.
A big problem, as Munter sees it, is when auditors seek to excuse their lack of fraud detection by focusing on what is outside of their purview rather than taking a proactive approach to identifying fraud. Munter’s October OCA statement warns that auditors should not treat the auditing standards as an exhaustive checklist, but should instead tailor audits to be responsive to both the identified fraud risk and changing business environments.
It is in part for this reason that Munter said he wanted to send a “very strong reminder to audit firms” about their responsibilities.
This reticence on the part of auditors to identify fraud and material misstatements may be fueled by ever-present potential conflicts of interest. The WSJ notes that there still exists a basic conflict in the industry, where accounting firms are paid by the companies that they audit, making it less likely that they will confront the bad behavior of their benefactors.
Auditors can face these pressures to neuter diligence both externally (from corporate clients) and internally (from within their own audit firms). Externally, the auditor’s client could, for instance, insist on tight deadlines or apply audit fee pressures. Internally, a company’s internal audit team could face resource constraints, time pressures, or internal operational metrics and systems. Any or all of these situations could serve to discourage skepticism among auditors.
A real-world example of these types of conflicts were on display in the 2001 Enron collapse, where a partner at Enron’s auditor (Arthur Andersen LLP) had objected that his advice against certain accounting practices was being ignored. After an Enron executive complained, the audit partner was removed from the Enron audit team.
And those conflict-of-interest problems do not appear to have dissipated. More recently, in September 2022, a former EY employee filed a lawsuit against the audit firm claiming that she was punished for flagging concerns about potential fraud in 2020 by two large audit clients.
Thus, as Munter noted in his October OCA statement, a company’s “[m]anagement is in a unique position to perpetrate fraud, and instances of fraud often involve management override of controls, including concealment of evidence or misrepresentation of information.”
Munter explained in his written statement that such actions can only be effectively countered through the diligence and awareness of auditors. “Auditors must remain diligent when considering and responding to this risk and remain aware of techniques used by management to circumvent existing controls. Additionally, if an auditor believes that an identified misstatement might be indicative of fraud, they should perform procedures to obtain additional audit evidence and evaluate the related implications.”
* * *
One positive indicator that auditors are leaning into their fraud-detection responsibilities comes from a recent EY report (perhaps as a reaction at least in part to the recent enforcement actions brought against it) that it has begun to use new seemingly-novel tools to ferret out fraud (supported by, for instance, machine learning and artificial intelligence (AI)). According to the WSJ, EY’s fraud detection measures have further expanded to the use of those AI tools to parse ledgers for suspicious transactions, the mining of social-media posts, and the more proactive use of forensic-accounting specialists to search for potential accounting violations at high-risk companies.
Time will ultimately tell if these new efforts are reactionary responses to recent enforcement actions or instead will pave the way for more auditors to act proactively to identify fraud.