The audit expectation-performance gap is probably at its widest in relation to the auditor's duty to detect fraud. The public's position is reflected in the Cohen Commission's (CAR, 1978) statement that:
Court decisions, criticism by the financial press, actions by regulatory bodies, and surveys of users indicate dissatisfaction with the responsibility for fraud detection acknowledged by auditors .... Significant percentages of those who use and rely on the auditor's work rank the detection of fraud among the most important objectives of an audit. (p.31)
The Commission reports that a survey conducted for Arthur Andersen & Co. in 1974 found that 68% of business journalists, 66% of shareholders and 55% of analysts and brokers consider that detection of fraud is the most important function of an external audit (CAR, 1978, p.31). The results of surveys conducted by Lee (1970), Beck (1973) and Porter (1983) similarly indicate that the public has high expectations of auditors with respect to detecting corporate fraud.
The
stance of the auditing profession in relation to detecting corporate fraud has changed markedly over the last 50 years. Until about the 1930s, the prevention and detection of fraud and error were regarded as primary audit objectives. However, between the 19305 and 1960s the importance of fraud detection as an audit objective was steadily eroded. This is reflected in successive editions of textbooks and in professional promulgations published over this period. For example, in the first three editions of Montgomery'sAuditing,
the detection and prevention of fraud and error were referred to as the 'chief objects' of an audit. In subsequent editions, fraud detection was givenprogressively less emphasis until, in the eighth edition (1957), the detection of fraud was described as a 'responsibility not assumed' (CAR, 1978, pp.33-34).
Professional promulgations have, from their start, focused on the limitations of auditors to detect fraud. They have played down auditors' responsibilities in this regard and have pointed out that corporate fraud is the responsibility of management and is best prevented and detected by a good system of internal control. At least until the 196Os, auditing standards and guidelines emphasised that audits were not designed and could not be relied upon to disclose irregularities. They generally also pointed out that, "if an auditor were to discover defalcations and similar irregularities he would have to extend his work to a point where its cost would be prohibitive" (AICPA, 1951, p.13).
By the 1960s the profession's position was subject to criticism from both inside and outside the profession. Morison (1970, p.414), for example, observed that both the press and the general public consider that if an audit is not meant to uncover major frauds it must be of very little use. He also noted that it is absurd for auditors to state that financial statements are reliable, that they are 'all right', and then to add that they are all right, subject to the possibility that undetected fraud may have made them all wrong.
In
similar vein, the investment analyst whose solo efforts were responsible for exposing the notorious Equity Funding fraud raised the very pertinent question: "If routine auditing procedures cannot detect 64,000 phony insurance polides [two-thirds of -.the total number], $25 million in counterfeit bonds, and $100 million in missing assets,what is the purpose of audits?" (as reported by Woolf, 1978, p.62).
In
response to the widespread criticism, professional promulgations were amended to acknowledge that when conducting an audit, auditors have a responsibility to be aware that fraud may exist and that if it is suffidently material it may affect their opinion on the financial statements. The general position of the auditing profession today in the English-speaking world is embodied in Auditing Guideline 9,Fraud and Error
(NZ5A,1986d)5. This Guideline continues to emphasise that responsibility for preventing and detecting fraud and error rests with management and is best achieved through the maintenance of an adequate system of internal control, but it also acknowledges that auditors have some responsibility to detect fraud. In particular, it requires auditors to plan their audits so that they have a reasonable expectation of detecting material mis statements in the financial information which result from fraud (para.6). However, the Guideline also warns that, "due to inherent limitations of an audit there is a possibility that material mis-statements of financial information resulting from fraud ... may not be detected" (para.7).
In recent years pressure has mounted, especially in Britain and the United States,. for auditors to assume greater responsibility for detecting fraud. In the mid-1980s, faced by a rising wave of corporate fraud in Britain, Fletcher and Howard, successive MinisterS of Corporate and Consumer Affairs, made it clear that they viewed auditors as being in the front line of the public's defences in the fight against fraud and they called on auditors to extend their duties in this regard (Smith, 1985, p.l0; Allen, 1985, p.17). Their stance was supported by officers of the Fraud Investigation Group in Britain (FIG) who stated that they considered it both practical and desirable, within the limits of cost and auditing procedures, for auditors to accept a general responsibility to detect fraud (Smith, 1985, p.10). In the United States, the National Commission on Fraudulent ,_ Financial Reporting (the Treadway Commission)6 (AICPA, 1987, p.12) concluded that .s, external auditors have a role, while secondary to that of management, which is crucial
to detecting and preventing fraudulent financial reporting.
Despite the pressures on auditors to extend their acknowledged responSibilities to detect fraud, they have been reluctant until recently to do so. Surveys conducted by the working parties of three British Accountancy Institutes7 found that auditors were very opposed to added responsibility for detecting fraud (lCAEW, 1985a; Institute of Chartered Accountants of Scotland [lCAS], 1985). A similar rejection of extended responsibilities
was the result of a survey conducted by the Auditing Practices Committee in Australia in 1985 (Carty, 1985, p.30). The strength of opposition among auditors to an extension of their duties in this regard is reflected in a statement by Nelson, chairman of One of the working parties:
It would be quite impossible for auditors to accept responsibility for detecting fraud - the cost would be astronomical. The Government has no idea how an audit is conducted, what it can achieve and what it is there for .. .1 don't believe the profession should roll over and play dead and accept an increase in its responsibilities. (as quoted by Barclay, 1985a, p.1)
r In relation to the auditor's duty to detect fraud the expectation-performance .gap appears to be very wide indeed and analysis indicates that all three components of the gap are present. Nelson's statement (above) suggests that at least some auditors consider that they are being asked to detect
all
corporate fraud - even petty theft by employees. Given cost-benefit constraints and the ability of perpetrators to cover their traces, this clearly goes beyond what auditors can reasonably be expected to accomplish.In
this respect, the issue is seen to contribute to the reasonableness gap component of the audit expectation-performance gap. At the opposite end of the spectrum, given some of the blatant fraudulent activities of company officials which have been reported in the media in recent times (which auditors apparently failed to uncover), it appears that at least some auditors are failing to perform their professional duties. Thus, the issue also contributes to the deficient performance component of the gap.It is submitted that current auditing standards also fall short of what the public can reasonably expect, but in this regard there are signs that the auditing profession is yielding to public pressure and is taking steps to narrow the gap. For example, in the United States, in SAS no. 53,
The Auditor 's Responsibility to Detect and Report Errors
and Irregularities
(AICPA, 1988a), the AICPA has adopted a far more positive approach in defining auditors' duties in relation to fraud than it did in its earlierStandards.
In
place of its former insistence that an audit cannot be relied on to disclose irregularities (as in AICPA, 1951; 1972) it now states:Because of the characteristics of irregularities, particularly those involving forgery and collusion, a properly designed and executed audit may not detect a material irregularity. [However] the auditor should exercise (a) due care in planning, performing and evaluating the results of audit procedures, and (b) the proper degree of professional skepticism to achieve reasonable assurance that material errors or irregularities will be detected. (para.7-8)
This seems to bring auditors' duties to detect fraud closer to the public's expectations.
A similar change in the stance of the auditing profession, particularly in Britain, is reflected in the acknowledgement that corporate fraud is likely to impact on. the auditor's report to shareholders. This is considered below.