Mandated auditing of public companies is supposed to include evaluation of internal controls in most cases. However, the Sarbanes-Oxley Act exempts auditors of smaller enterprises from checking internal control over financial reporting. New research suggests that closer scrutiny of this matter according to audit principles from CPA exam review is needed to reduce fraud at the smallest public companies.
From 1998 through 2010, auditors were sanctioned eighty-seven times by the Securities and Exchange Commission in cases involving fraudulent financial reports. Most of the problems surrounded poor practices at companies with revenue and assets below $40 million. These smaller enterprises are most commonly audited by accounting firms with much less size than the large national operations.
SEC sanctions targeted small audit firms in 57 percent of the fraudulent circumstances. This signals a need for accountants at these organizations to focus on developing sound audits consistent with their CPA preparation roots. Of course, large accounting firms were not immune to SEC criticism. Sanctions were leveled at them in 43 percent of the instances were financial statement fraud was connected to poor audit work.
Amazingly, six of the eighty-seven sanctioned cases were cited for lacking any meaningful audit work. All of these situations entailed small firms that completely neglected CPA course audit guidelines. Among the thirty-five sanctions against national audit firms, nine were aimed at defunct accounting firm Arthur Anderson.
Not every SEC fraud investigation concluded that auditors were deserving of some blame. However, a large number of fraud matters were related to poor audit quality. Clean audit opinions were issued in 58 percent of the SEC determinations of fraudulent financial statements. That alarming statistic points to audits that were unsuitably designed for achieving the objectives described in study for CPA licensing.
Some of the favorable audit opinions did include explanatory paragraphs that addressed auditor concerns such as risk of going out of business and changes in accounting principles. These factors are not considered meaningful enough to identify the existence of fraudulent financial reporting by companies. The SEC sanctions of auditors most commonly cited lack of competent and diligent audit work, failure to exercise adequate skepticism of evaluated data, inadequate identification and assessment of risk, and inadequate response to identified risks.
These are all crucial elements for accountants to understand from CPA study material. They are also points of emphasis by the Public Company Accounting Oversight Board, which has issued ongoing proclamations calling for auditors to conduct better risk assessments and elevate the degree of skepticism. The PCAOB believes that better audit performance will arise from on-the-job training that stresses a questioning mindset. The accounting profession is probably moving in this direction because only eleven of the eighty-seven SEC sanctions of auditors have occurred in the years following enactment of Sarbanes-Oxley.
IRS Circular 230 Disclosure
Pursuant to the requirements of the Internal Revenue Service Circular 230, we inform you that, to the extent any advice relating to a Federal tax issue is contained in this communication, including in any attachments, it was not written or intended to be used, and cannot be used, for the purpose of (a) avoiding any tax related penalties that may be imposed on you or any other person under the Internal Revenue Code, or (b) promoting, marketing or recommending to another person any transaction or matter addressed in this communication.