I received an interesting Google alert yesterday. The Supreme Court of Canada ruled that Deloitte should be held responsible for damages related to its audit work performed almost 20 years earlier.
The case centered on whether an auditor is responsible for catching fraud – and what happens when it is missed. In this case Deloitte was engaged to audit the financial statements of a theater production company. The audit was required by both its lending arrangement and because it had sufficient investors who demanded it. The financial statements understated certain expenses (see yesterday’s blog) and recording certain pre-sales as revenue – debt recorded as income.
There are two questions in these situations – the significance of the fraud and reliance upon the statements. In some trials it was proven that there was significant fraud but no one relied upon the financial statements. Without reliance, the auditor is not really responsible – after all, the purpose of the audit is to provide relevant information to stakeholders and if they choose to ignore it, that is their choice.
In this particular case there was substantial fraud. Deloitte’s procedures did not identify the activity, or if it did, the fraud was not brought to the attention of the appropriate level of management. Now, this case is interesting because the chairman and vice chairmen were the perpetrators of the fraud so really, who would have been the appropriate level of management? Technically the auditor should withdraw at that stage – which surprisingly was one of Deloitte’s defenses – that they were being punished for not withdrawing as the auditor.
But I digress as the court did not find that Deloitte discovered the fraudulent activity. Which, by the way, went on for 5 years.
Needless to say, the lenders and investors were decidedly unhappy to know their money disappeared with no likelihood of recovery. The Company, Livent, filed for bankruptcy and it was the bankruptcy trustee that sued. Their position is that the auditors’ failure to identify and report the fraud led to the 5 years of borrowing and additional investor funding which essentially went straight to the two chairmen charged with fraud.
The Supreme Court agreed that the auditor was responsible for not identifying the fraudulent activity and taking steps to correct it earlier.
As an auditor, this is one of those rulings that give us pause. If we perform the audit and gather, what we believe to be sufficient, audit evidence to support the conclusion, then there really shouldn’t be an audit failure. But actually, even if we gather lots of evidence, the reality is we ask questions of management. Sometimes, management lies. Or in this case, were probably instructed by their senior leadership to provide certain answers which proved to be incorrect in the end.
Or, in other words, the audit partner meets with the president and CEO. She has a list of questions that have filtered up from the audit team through various levels of audit management. One of those questions was probably, “We discovered certain transactions that were authorized by you, are you comfortable with how those transactions are recorded?” The answer was no doubt yes.
The auditors may have felt uncomfortable but what can they do? This type of activity probably doesn’t lead to issuing a qualified, adverse, or disclaimed opinion. The auditor’s only option is to withdraw because the reporting of fraud is not something you will find in the auditors’ report. Why? you may ask. Because fraud is a legal claim that would have to be adjudicated and proven and what the auditor discovers might be evidence of such activity but it hasn’t been proven in a court of law.
It is a terrible position for the auditor. It is also the risk of performing audits. I would like to tell you that, in that situation, we would resign. But because we have withdrawn from engagement before doesn’t mean that the evidence in every case is sufficient to draw that conclusion. Honestly, there were engagements that we completed that made us uncomfortable but that discomfort never rose to the level of us wanting to withdraw. This is ultimately what audit leadership is required to made the decision upon. It isn’t easy and sometimes auditors are wrong. But if we withdrew from every engagement that caused us to be nervous there would never be another audit performed.
An interesting story that I will still be thinking about for a few days.
Have an awesome day.