As a result of the Sarbanes-Oxley Act and other reforms, a variety of structures and procedures were put into place to try to prevent or detect fraud. A number of these reforms involve auditors and the audit profession, in the implicit assumption that auditors have an important role to play in preventing and detecting corporate fraud. But a recent Grant Thornton survey (here) shows that many CFOs still do not feel constrained by their auditors’ oversight, notwithstanding the reform measures.

According to the survey, 62% of the 221 CFOs surveyed believe it would be possible to intentionally misstate their financial statements to their auditors. As one commentator in the November 15, 2007 CFO.com article (here) commenting on the survey put it, these numbers are “alarming,” given that “CFOs – if they’ve a mind to -are in a unique position, having the necessary information, intelligence and access to trick auditors in ways that are hard to decipher.”

Indeed, it is disconcerting that nearly two-thirds of CFOs feel they could fool their auditors on intentionally falsified financial statements. Clearly, if such a large percentage of CFOs feel they could, some of them might, and a few of them will. This intimation of the possibility of undetected fraud should be disconcerting to investors, analysts, and others (including D & O underwriters) who rely on auditors’ assurance that the financial statements are free from “material misstatement.”

The disappointment and even anger that investors and others feel when they find they have been misled by falsified financial statements often encompasses a sense of frustration that the auditors failed to detect the fraud. Accordingly, auditors are often named as co-defendants in securities fraud lawsuits, based on a failure to detect the fraud and the auditors’ statements that there are no material misstatements in the financial statements.

But a further Grant Thornton survey finding underscores the theoretical limitations of audit fraud detection. 83 percent of the surveyed CFOs said they did not feel that it was even possible for auditors to detect corporate fraud in all cases. This survey finding embodies the same sentiment expressed in the November 2006 statement of the heads of the six leading accounting firms entitled “Global Capital Markets and the Global Economy: A Vision From the CEOs of the International Audit Networks” (here). The accounting industry leaders noted that “there are limits to what auditors can reasonably uncover, given the limits inherent in today’s audits.” They go on to note that while there are audit techniques whose principal goals are to “ascertain whether fraud has occurred,” these techniques are “not foolproof, nor can they be expected to be.”

The problem for everyone, both auditors and those who rely in their audits, is that there is, in the words of the industry leaders’ statement, an “expectations gap.” According to the accounting leaders, the gap arises because “many investors, policy makers, and the media believe that the auditor’s main function is to detect all fraud, and thus, where it materializes and auditors have failed to find it, the auditors are presumed to be at fault.” The accounting leaders go on to assert that:

Given the inherent limitations of any outside party to discover the presence of fraud, the restrictions governing the methods auditors are allowed to use, and the cost constraints of the audit itself, this presumption is not aligned with the current auditing standards.

The accounting leaders’ frustration is palpable; they apparently recognize, as do the CFOs that responded to the Grant Thornton survey, that management bent on misrepresenting their company’s financial condition can conceal the misrepresentations from the auditors. But the reason there is nonetheless an expectations gap is that investors and others do rely, as they must, on company’s audited financial statements. Merely naming the problem as an expectations gap, or citing the limitations of current auditing standards, does not address the problem, which is that investors and others rely on the audited financial statements in ways the auditors apparently wish they wouldn’t or believe they shouldn’t. It almost seems as if the auditors’ message to those who would rely on financial statements is – don’t (or, at least, not so much).

Given the CFOs’ and the accounting leaders’ recognition of the limitations of audit fraud detection, it may be well argued that audited financial statements in fact should not be relied upon. But what alternative do investors have? The investors necessarily place some value on the fact that professionals independent of management have examined the financial statements.
It is nevertheless a significant concern that nearly two-thirds of CFOs believe they can fool their auditors. And apparently the auditors agree with the general proposition as well. This ought to make anyone who needs must rely on audited financial statements very uneasy.

Special thanks to John Condon at Audit Integrity for the link to the survey results and the CFO.com article.

A Service Error Apology: I am sorry that early in the evening on November 19, 2007, my syndication service spontaneously generated an erroneous email with the cryptic message “Forbidden 403.” (For those, like me, who have to know, Error 403 messages are explained –sort of — here.) I do not know why this error message was sent. I apologize to all of my readers for the unsolicited distribution email. I am attempting to ensure that this error will not recur.