The Auditors Report

Fraud: A Review of Academic Literature

AAA Auditing Standards Committee
Kay W. Tatum, Chair; Brian Ballou; Joseph V. Carcello; Peter R. Gillett; George Krull; Konrad W. Kubin; Larry E. Rittenberg; Roger Simnett

Introduction
The AICPA’s Auditing Standards Board formed the Fraud Task Force to consider revising SAS No. 82, Consideration of Fraud in a Financial Statement Audit, and/or recommend other related standard-setting initiatives. After its September 2000 meeting, the task force (chaired by David Landsittel with academic members Mark Beasley and Zoe-Vonna Palmrose) asked the AAA’s Auditing Standards Committee to prepare a review of the academic fraud literature. The committee prepared a report that summarized 25 articles and classified them according to questions posed by Landsittel and Bedard (1997) after the issuance of SAS No. 82. The following report is based on the report that was presented to the task force at its December 2000 meeting.

Issue 1: Is the concept of a separate fraud risk evaluation appropriate?

  • Zimbelman (1997). This study found that auditors who separately assess fraud risk spend more time reading fraud cues (i.e., red-flag risk factors) compared to those who make a combined evaluation of risk of both fraud and error, implying that more attention might be paid to red-flag cues under SAS No. 82. Budgeted hours for audit testing were higher using a separate assessment of fraud risk, in both high- and low-fraud risk scenarios, and participants did not choose different audit procedures in response to differences in perceived risk. The results suggest that SAS No. 82 may not lead to increased fraud detection.
  • Knapp and Knapp (2000). This study examines the effects of audit experience and explicit fraud risk assessment instructions on the effectiveness of analytical procedures in detecting financial statement fraud. Explicit instructions to assess fraud risk led to better performance. Audit managers were more accurate in their fraud risk assessment than audit seniors. Managers with explicit instructions performed significantly better than other groups, showing that experience and explicit instructions interact.

Issue 2: What are the most important factors that may be indicative of fraud?

  • Albrecht and Romney (1986). This study tests the relative incidence of 87 red flags across fraud and no-fraud observations. Only about one-third of these red flags were found to be significant predictors of fraud. A large number of the red flags found to be good predictors pertained to personal characteristics of management (e.g., key executives living beyond their means, key executives who are “wheeler-dealers,” etc.). Moreover, many company-specific factors (e.g., business operations deteriorating significantly, etc.) were either insignificant or untestable.
  • Loebbecke, Eining, and Willingham (1989). This paper presents the results of a survey of audit partners from KPMG who have had experiences with fraudulent financial reporting and with asset misappropriations. The authors develop a fraudulent financial reporting assessment model, which incorporates a reasoning process in evaluating the likelihood of fraud. The model posits that fraudulent financial reporting is a function of conditions, managerial motivation, and attitude. The authors suggest a separate assessment of the likelihood of errors, fraudulent financial reporting, and asset misappropriation.

The authors found two factors—decision-making domination by one person or a small group acting in concert and weak internal controls—in 75 percent of the observations. The primary indicators of conditions suggesting heightened risk of fraud were: dominated decisions, the presence of one or an aggregation of transactions that have a major effect on the financial statements, related party transactions, weak internal control, and difficult-to-audit transactions. The primary indicators of managerial motivation for fraud were: industry decline, inadequate profits, emphasis on earnings projections, and significant contractual commitments. The primary indicators of an attitude predisposing one toward fraud were: dishonest management, undue emphasis on earnings projections, personality anomalies, prior year fraud, lies or evasiveness, and an aggressive attitude toward financial reporting. Fraudulent financial reporting was found to be more common than asset misappropriations and much more likely in public than private companies.

Fraudulent financial reporting was more common among manufacturing, transportation, and technology/ communications firms, and less common among educational and other institutions.

  • Pincus (1989). Auditors using a red flags questionnaire considered a more comprehensive and uniform set of potential fraud indicators than auditors who were not using a questionnaire. However, questionnaire use did not lead to more effective fraud detection; non-users outperformed the questionnaire users in a fraud case.
  • Hackenbrack (1993). Factors related to incentives to commit fraud (e.g. pressure to increase the stock price and earnings-based management incentive compensation) were rated as highly important by auditors, along with a domination by a manager.
  • Dechow, Sloan, and Sweeney (1996). Firms subject to SEC enforcement actions for overstating earnings desired to (1) raise external financing at low cost, and (2) avoid violations of debt covenant restrictions. They also were (3) less likely to have an audit committee, (4) more likely to have a company founder as CEO, (5) more likely to have a board dominated by insiders, and (6) less likely to have an external stockholder monitoring management. The results did not support the notion that managers manipulate earnings to obtain larger earnings-based bonuses or to sell their stockholdings at inflated prices.
  • Summers and Sweeney (1998). This paper examines whether insider trading is a useful predictor of financial statement fraud. The authors find that insiders reduce their holdings of company stock in the presence of fraud. Insiders reduce their stock position by engaging in significant selling activity. There was not a significant difference between fraud and nonfraud firms in stock purchases by insiders. Note that insider trading is not mentioned in SAS No. 82 as a risk factor.

Issue 3: Can the identified fraud indicators be weighted or put into a model?

  • Hackenbrack (1993). High variability in the importance ratings assigned to various fraud risk factors was noted. Some of this variability appears related to the auditors’ experience with large vs. small clients. Auditors assigned primarily to large client engagements place relatively more emphasis on risk factors relating to opportunity to commit fraud than do auditors assigned primarily to smaller companies.
  • Bell and Carcello (2000). This paper presents the results of an attempt to develop a model useful in predicting the existence of fraudulent financial reporting. The model is based on 77 fraud instances and 305 nonfraud instances drawn from KPMG’s audit practice. The model correctly classified 80 percent of the fraud cases while only misclassifying 11 percent of the nonfraud cases. The significant risk factors included in the model were: weak internal control environment, rapid growth, inadequate/inconsistent profitability, undue emphasis on meeting earnings projections, dishonest or overly evasive management, ownership status (private vs. public), and an interaction between a weak control environment and an aggressive attitude toward financial reporting.

Issue 4: When does a risk factor become a “red flag”?

  • None of the articles reviewed directly related to this issue. However, see Bell and Carcello (2000) discussed in Issue 3.

Issue 5: Should auditors rely on controls when risk factors are present?

  • Matsumura and Tucker (1992). Auditors are expected to better detect fraud when penalties for not detecting fraud are increased, when testing requirements are increased, or when clients’ internal controls are strong. Managers are expected to be less likely to commit fraud when testing requirements are increased or when clients’ internal controls are strong. An experimental market using accounting students and economic gains and losses to represent benefits and costs in this setting found results consistent with the expectations.
  • Bloomfield (1997). Subjects acting as auditors make less accurate risk assessments when the auditor perceives that control risk is low (i.e., a client with strong internal controls), while legal liability for audit failure is high. Bloomfield notes that the severity of this effect may be mitigated if auditing standards imposed maximum levels of detection risk, and/or if auditors commit to some substantive testing regardless of their risk assessment.
  • Caplan (1999). The study models the auditor’s fraud investigation decision in a setting in which management is given two choices: whether to install weak or strong internal controls and whether to engage in fraudulent financial reporting. The study concluded that the use of control strength as a “red flag” in fraud risk assessment is reasonable even when management can override controls, and that, the audit failure rate is higher when internal controls are weak. When internal controls are weak, the auditor expects to find numerous errors. Because routine audit procedures do not distinguish between errors and fraud, the impact of fraud on audit evidence may go unnoticed.

Issue 6: What “lessons” for auditors have been identified by examining data on prior fraud litigation and SEC enforcement actions?

  • Palmrose (1987). Economic downturns tend to be associated with increases in auditor litigation. Professional standards may not protect auditors from litigation. However, most business failures that occur without management fraud resulted in a dismissal of the case against the auditor (without the auditor making payments).
  • Bonner, Palmrose, and Young (1998). The most common categories of fraud that resulted in SEC enforcement actions were (1) omitted or improper disclosures, (2) fictitious revenues, (3) premature revenue recognition, and (4) overvalued assets and undervalued expenses/liabilities. Fictitious transactions were also more likely to cause auditors being named as defendants.
  • Erickson, Mayhew, and Felix (2000). Failure to detect fraud can be attributed to failure to understand the client’s business/industry. A detailed analysis of publicly available working papers and depositions from Lincoln Savings and Loan unveiled persuasive evidence that auditors became so entrenched in accounting for complex transactions that they failed to understand the viability of the transactions in Lincoln’s industry and economic environment.

Issue 7: How can the profession promote more “professional skepticism” among auditors?

  • Bernardi (1994). Except for auditors with a high degree of sensitivity to ethical situations, auditors are insensitive to information about client integrity and competence when conducting a substantive audit procedure. This conclusion was supported in a behavioral experiment using managers and seniors from five of the then Big 6 firms. Further, fraud detection was higher for managers and for those with an increased prior belief about fraud.
  • Hoffman and Patton (1997). This paper examines whether the extent of dilution (i.e. the extent to which auditors’ judgments are influenced by irrelevant information) in the fraud risk context is affected by accountability to superiors. Results show that auditors’ judgments exhibit the dilution effect regardless of accountability. While accountability does not exacerbate the dilution effect, it is associated with more conservative fraud-risk assessments.
  • Braun (2000). Time pressure reduces the likelihood that auditors will detect cues that could lead to discovery of fraudulent financial reporting. Experienced auditors under time pressure in an experiment were more focused on accumulating evidence regarding frequency and amount of misstatements at the expense of attention given to qualitative aspects of misstatements indicative of potential fraud. Further, evidence suggested that those under low levels of time pressure considered a broader range of cues while executing detailed tests.

Issue 8: Would a requirement for management reports on controls or an auditor opinion on controls provide an effective deterrent to fraud?

  • Hermanson (2000). This study investigates the demand for reporting on internal control by surveying 1,350 people across nine user groups. Respondents agreed that both voluntary and involuntary management reports on internal control motivate management to improve controls and audit committees to increase their oversight of internal control. Respondents were neutral about whether management reports on internal controls provide substantially greater protection against material fraud.

Issue 9: Can new technologies be used to improve fraud detection (e.g., electronic sensors, software, expert systems, modeling)?

  • Eining, Jones, and Loebbecke (1997). Auditors using a model that provided a suggested fraud risk assessment perform better than those using the checklist and those making unaided decisions. However, those using the expert system with constructive dialogue outperformed all other groups. The importance of management fraud assessment stems from its potential effect on subsequent audit planning decisions. In this regard, auditors using the expert system make decisions concerning additional audit actions that are more consistent with their risk assessments than auditors in the other groups.
  • Green and Choi (1997). This study examines the relative effectiveness of neural networks (NN) as a means of detecting financial statement fraud in the revenue and collection cycle of publicly held manufacturing and merchandising companies. Three NN models are developed and applied to a sample containing both fraudulent and nonfraudulent financial statements. The study’s results support future use of NNs as a fraud-risk assessment tool.

Issue 10: Are communications “hot lines” an effective deterrent to fraud?

  • Hooks, Kaplan, and Schultz (1994). An open communication environment can assist in deterring fraud. Whistle-blowing was found to be an important factor in fraud prevention and detection, since potential perpetrators of fraud were less likely to proceed if the prospects of being reported were increased.
  • Schultz and Hooks (1998). The authors predict that an individual knowledgeable about fraud is more likely to disclose it to an auditor when there is a close relationship with the auditor and the individual does not stand to benefit from the fraud. The results of a classroom experiment involving auditing students acting in a scenario involving these factors were consistent with this prediction.

Issue 11: Can analytical procedures be better used to detect fraud warning signals?

  • Calderon and Green (1994). This paper examines the use of financial analysts’ forecasts in performing analytical procedures directed toward identifying fraudulent financial reporting. The authors find that financial analysts’ forecasts provide relatively accurate signals of fraud in the presence of fraudulent financial reporting. However, financial analysts’ forecasts are ineffective in signaling the absence of fraud when fraud is not present.
  • Hassell (1994). This paper identifies two limitations of the Calderon and Green (1994) study. First, analysts’ forecasts are not intended to predict fraud. Second, analysts’ forecasts may not be independent of management because of personal relationships between analysts and company employees.
  • Summers and Sweeney (1998). This paper (discussed in Issue 2) also considers the explanatory power of a number of financial characteristics in predicting fraud. Fraud companies have a higher level of inventory relative to sales, are growing faster, and have a higher return on assets than nonfraud companies in the year prior to the beginning of the fraud.

Issue 12: Is there a significant relationship between corporate governance and fraud?

  • Beasley (1996). This paper examines whether a significant relationship exists between board of director composition and financial statement fraud (both fraudulent financial reporting and asset misappropriation, although approximately 90% of the observations involved fraudulent financial reporting). Results supported a significant negative relationship between the percentage of outside directors (i.e., nonmanagement) and the likelihood of financial statement fraud. This result does not depend on how an outside director is defined. Results did not show a significant relationship between audit committee existence (or composition) and the likelihood of financial statement fraud. However, the results showed a negative relationship between the percentage of stock held by outside directors and the likelihood of financial statement fraud. Similarly, a negative relationship existed between the tenure of outside directors and the likelihood of financial statement fraud. A direct relationship between the number of other directorships held by outside directors and the likelihood of financial statement fraud was also observed. Finally, those firms with smaller boards were less likely to experience fraud.
  • McMullen (1996). Companies that have audit committees were found to have a lower incidence of: (1) shareholder litigation alleging management fraud, (2) quarterly earnings restatements, (3) SEC actions, (4) illegal acts, and (5) auditor turnover.

References

Albrecht, W. S., and M. B. Romney. 1986. Red-flagging management fraud: A validation. Advances in Accounting3: 323–333.

Beasley, M. S. 1996. An empirical analysis of the relation between the board of director composition and financial statement fraud. The Accounting Review 71 (October): 443–465.

Beasley, M. S., J. V. Carcello, and D. R. Hermanson. 1999. Fraudulent Financial Reporting: 1987–1997, An Analysis of U.S. Public Companies. New York, NY: COSO.

Bedard, J. C., R. Simnett, and J. A. Devoe-Talluto. 2000. Auditors’ consideration of fraud: How behavioral research can address the concerns of standard setters. Advances in Accounting Behavioral Research (forthcoming).

Bell, T. B., and J. V. Carcello. 2000. A decision aid for accessing the likelihood of fraudulent financial reporting. Auditing: A Journal of Practice & Theory 19 (Spring): 169–184.

Bernardi, R. A. 1994. Fraud detection: The effect of client integrity and competence and auditor cognitive style. Auditing: A Journal of Practice & Theory 13 (Supplement): 68–84.

Bloomfield, R. J. 1997. Strategic dependence and the assessment of fraud risk: A laboratory study. The Accounting Review 72 (October 1997): 517–538.

Bonner, S. E., Z-V. Palmrose, and S. M. Young. 1998. Fraud type and auditor litigation: An analysis of SEC accounting and auditing enforcement releases. The Accounting Review 73 (October): 503–532.

Braun, R. L. 2000. The effect of time pressure on auditor attention to qualitative aspects of misstatements indicative of potential fraudulent financial reporting. Accounting, Organizations and Society 25: 243–259.

Calderon, T. G., and B. P. Green. 1994. Analysts’ forecasts as an exogenous risk indicator in analytical auditing. Advances in Accounting 12: 281–300.

Caplan, D. 1999. Internal controls and the detection of management fraud. Journal of Accounting Research 37 (Spring): 101–117.

Dechow, P. M., R. G. Sloan, and A. P. Sweeney. 1996. Causes and consequences of earnings manipulation: An analysis of firms subject to enforcement actions by the SEC. Contemporary Accounting Research 13 (Spring): 1–36.

Eilifsen, A., and W. F. Messier. 2000. The incidence and detection of misstatements: A review and integration of archival research. Journal of Accounting Literature (forthcoming).

Eining, M. M., D. R. Jones, and J. K. Loebbecke. 1997. Reliance on decision aids: An examination of auditors’ assessment of management fraud. Auditing: A Journal of Practice & Theory 16 (Fall): 1–19.

Erickson, M., B. W. Mayhew, and W. L. Felix. 2000. Why do audits fail? Evidence from Lincoln Savings and Loan. Journal of Accounting Research 38 (Spring): 165–194.

Green, B. P., and J. H. Choi. 1997. Assessing the risk of management fraud through neural network technology. Auditing: A Journal of Practice & Theory 16 (Spring): 14–28.

Hackenbrack, K. 1993. The effect of experience with different sized clients on auditor evaluations of fraudulent financial reporting indicators. Auditing: A Journal of Practice & Theory 12 (Spring): 99–110.

Hassell, J. M. 1994. An academic perspective on “Analysts’ forecasts as exogenous risk indicators in analytical auditing.” Advances in Accounting 12: 301–305.

Hermanson, H. 2000. An analysis of the demand for reporting on internal control. Accounting Horizons 14 (September): 325–341.

Hoffman, V. B., and J. M. Patton. 1997. Accountability, the dilution effect, and conservatism in auditors’ fraud judgments. Journal of Accounting Research 35 (Autumn): 227–237.

Hooks, K. L., S. E. Kaplan, and J. J. Schultz, Jr. 1994. Enhancing communication to assist in fraud prevention and detection. Auditing: A Journal of Practice & Theory 13 (Fall): 86–117.

Knapp, C. A., and M. C. Knapp. 2000. The effects of experience and explicit fraud risk assessment in detecting fraud with analytical procedures. Accounting, Organizations and Society (forthcoming).

Landsittel, D., and J. Bedard. 1997. Fraud and the auditor: Current developments and ongoing challenges. The Auditor’s Report (Fall): 3–4.

Loebbecke, J. K., M. M. Eining, and J. J. Willingham. 1989. Auditors’ experience with material irregularities: Frequency, nature, and detectability. Auditing: A Journal of Practice & Theory 8 (Fall): 1–28.

Matsumura, E. M., and R. R. Tucker. 1992. Fraud detection: A theoretical foundation. The Accounting Review 67 (Fall): 753–782.

McMullen, D.A. 1996. Audit committee performance: An investigation of the consequences associated with audit committees. Auditing: A Journal of Practice & Theory 15 (Spring): 87–103.

Nieschwietz, R. J., J. J. Schultz, Jr. and M. F. Zimbelman. 2000. Empirical research on external auditors’ detection of financial statement fraud. Working paper.

Palmrose, Z-V. 1987. Litigation and independent auditors: The role of business failures and management fraud. Auditing: A Journal of Practice & Theory 6 (Spring): 90–103.

Pincus, K. V. 1989. The efficacy of a red flags questionnaire for assessing the possibility of fraud. Accounting, Organizations and Society 14: 153–163.

Schultz, J. J., Jr., and K. Hooks. 1998. The effect of relationship and reward on reports of wrongdoing. Auditing: A Journal of Practice & Theory (Fall) 17: 15–35.

Summers, S. L., and J. T. Sweeney. 1998. Fraudulent misstated financial statements and insider trading: An empirical analysis. The Accounting Review 73 (January): 131–146.

Zimbelman, M. F. 1997. The effects of SAS No. 82 on auditors’ attention to fraud risk factors and audit planning. Journal of Accounting Research 35 (Supplement): 75–97.

Back to Contents Page