Auditing for Fraud:
Implications of Current Market Trends
and Potential Responses
Toby J. F. Bishop, Partner, Arthur
The confluence of high stock market capitalizations for corporations and a
greater willingness of senior managers to cook the books poses a
challenge to the accounting profession. Unless the incidence of undetected
material financial statement fraud is reduced significantly, a series of frauds
with multi-billion dollar losses for investors can be expected, along with an
increase in lawsuits (and associated damages) against professional services
firms. In time this could threaten the viability of private sector auditing.
However, significant changes in the way we audit for fraud could contribute to
a solution. Implementing the recommendations of the Panel on Audit
Effectiveness (POB 2000) may help, but further work is needed to develop new
tools and techniques that will deliver a quantum leap in fraud detection rates.
Other industries offer some ideas that could be adopted by the profession.
However, given the inherent difficulty of detecting fraud, the most effective
way for auditors to reduce undetected fraud is to press corporations to improve
their fraud prevention measures.
Financial statement fraud has always been a challenge for auditors. Public
expectations of auditors (reasonable or otherwise) continue to exceed
performance, partly due to the inherent limitations of auditing and the fact
that fraud involves intentional deception. According to the Treadway Commission
expect auditors to search for and detect material
misstatements, whether intentional or unintentional, and to prevent the
issuance of misleading financial statements. The expectation
gap may have been reduced by the auditing standards issued in 1988 and by
SAS No. 82 in 1997 (AICPA), but the gap remains a gulf. As Albrecht and
Willingham (1993) stated, The public has always expected auditors to
detect all financial statement fraud. If the profession cannot reduce the
publics expectations it should focus on reducing the incidence of
undetected fraud by greatly improving prevention and detection measures.
In the last decade
financial statement fraud has affected approximately 300 public companies in
the U.S. (Beasley et al. 1999), costing millions of investors billions of
dollars. One recent case involved investor losses of approximately $20 billion.
Some factors suggest that such large losses may be indicative of a new
environmentone that creates more risk for auditors. First, market
capitalizations can be much greater these days. This is due to megamergers
spurred by global competition and due to higher stock prices caused by investor
speculation, stock pricing based on growth opportunities rather than past
profits, and higher P/E ratios. Second, markets now absorb information about
earnings surprises much more quickly (Ip 1998). Financial statement fraud may
now destroy 50 percent of market capitalization overnight and 80 to 90 percent
overall. This makes it easier to associate larger stock losses with particular
Indicators about the
frequency of financial statement fraud are ambiguous. However, surveys of the
willingness of managers to cook the books suggest intentional
misstatement is far more common than most people think. A survey of attendees
at a conference sponsored by CFO magazine found that 45 percent had been
asked to misrepresent financial results and 38 percent of that group did so
(Barr 1998). A similar Business Week survey found that 67 percent of
CFOs had been asked to misrepresent results and 12 percent did so (Shuster
1998). No professional services firm in the world has pockets deep enough to
absorb litigation costs of the size and frequency that these trends suggest. In
addition, political pressure from irate investors would drive regulators to
take increasingly aggressive actions. The accounting profession should
recognize this new environment and consider viable options for reducing the
incidence of undetected material fraud not just incrementally but radically.
Ideas from Other
General Electric has adopted a quality program called Six Sigma, which pursues
a challenging goal3.4 defects per million opportunities (DPMO) as
compared to a more traditional level of quality of four sigma, which is 6,210
DPMO. The book Six Sigma (Harry and Schroeder 2000) describes how in 1996 CEO
Jack Welch told shareholders that to achieve Six Sigma quality by the year 2000
will require us to reduce defect rates 10,000-foldabout 84 percent
per year for five consecutive yearsan enormous task, one that stretches
even the concept of stretch behavior. GEs 1999 annual report states
that its Six Sigma program produced more than $2 billion in benefits in
1999, with much more to come this decade. The report emphasizes that
The objective is not to deliver flawless products and services that we
think the customer wants when we promise thembut rather what customers
really want when they want them.
The Six Sigma program
could provide a tool to reduce the incidence of fraud. Based on information
from the Wall Street Journal, which reported 25 new cases of alleged material
financial statement fraud at U.S. public companies in 1999, and Who Audits
America (Harris 2000), which list 8,873 audits of U.S. public companies, the
rate of such frauds is 2,818 DPMObetter than the traditional overall
defect levels of most successful companies but well short of Six Sigma.
The airline industry
provides a stunning example of how quality can be improved over time to reach
exceptional levels. In 1999 there were 11,160,000 U.S. scheduled airline
flights of airplanes with ten or more seats and only two major accidents (NTSB
2000), or 0.18 DPMO, where major accidents are defined as those involving
destruction of the airplane, multiple fatalities, or one fatality and
substantial damage to the airplane. In 1996, NASA reported that The
history of aviation safety has been characterized by major quantum jumps in
safety brought about by advances in technology, followed by years of marginal
improvements (NASA 1996). According to Boeing (2000), in 1959 the rate of
hull loss and/or fatal accidents among U.S. and Canadian operators was 25 DPMO,
so the reduction in accident rates since then is dramatic. This has been
achieved through a massive and consistent focus on accident prevention. A
number of safety breakthroughs and institutional protocols contributing to this
improvement could be applied to auditing. First, cockpit automation presents
pilots with a greater volume of information, but in a way that can be more
easily scanned and understood. It also uses computers to perform some maneuvers
automatically. These techniques could be used to automate certain audit tasks
such as the analysis of financial statements and the benchmarking of business
performance. The results could be integrated with other relevant information
and presented to help the auditor make particular judgments, e.g., fraud risk
and bankruptcy risk. Other systems could help auditors deal with information
overload by serving up at the point of demand guidance to facilitate decision
management systems enable pilots to better manage the conduct of a flight,
changing the pilots role to that of strategic planner and flight manager.
General and flight-specific data is programmed into the system, which computes
appropriate control settings and flight activities. These computations are
adjusted if necessary during flight, based on data gathered from onboard
sensors. Similarly, enhanced audit management software could help audit teams
to program audit activities based on general requirements and client-specific
activities. Audit activities could be adjusted in-flight based on
data gathered during the audit, such as indicators of heightened fraud risk.
Such systems could help auditors ensure that all relevant audit procedures are
performed and that information from different audit areas is checked for
Third, ground proximity
warning systems and long-range radar alert pilots to potential danger in time
for them to take evasive action. Comparable tools can be used to analyze
financial statements, comparing their characteristics with those of financial
statements that have historically been associated with material fraud and
flagging items that indicate potential proximity to fraud. Other
tools could be developed to evaluate key aspects of a companys corporate
governance and compensation practices, providing a long-range warning about
corporate environments that may be conducive to fraud.
simulators have revolutionized pilot training and have been the single
most important safety advance in training, enabling pilots to gain
experience in handling various situations that they might otherwise encounter
for the first time in a real aircraft with real passengers onboard. Some of
these flight situations are so rare that the majority of pilots may never
encounter them, yet they must be ready to recognize them and react
appropriately. Similarly, most auditors do not encounter material financial
statement fraud during their careers. However, audit simulations conducted in
laboratory settings mimicking the real world could enable auditors to build
skills in identifying and detecting fraud. Such simulations could be delivered
efficiently by using web-based training modules.
Fifth, aviation safety
improvements have been supported by investigations into airplane accidents and
the accumulation of extensive data, enabling the identification of common
factors that justify focused research and recommendations for improvements.
Although legal, business, and economic issues have impaired the availability of
financial statement fraud data, the profession should explore the feasibility
of constructing a shared database containing factual information relating to
all cases of publicly reported material financial statement frauds. Such data
is vital to support research which could ultimately reduce the incidence of
Finally, and arguably
most important, the aviation industry has made a priority of installing and
regularly evaluating appropriate preventive controls. The accounting profession
could adopt more fully this approach and evaluate the anti-fraud controls
established by the companies we audit. The auditor could be required to report,
at least to the audit committee, on the existence, effectiveness, and potential
improvement of the companys internal controls designed to prevent and
detect fraud. Many companies today fall well short of best practices in this
area and research suggests that reports would lead to improved controls
(Hermanson 2000). Amending auditing standards to require such an evaluation and
communication would support auditors in implementing this sensitive measure.
Given the narrow focus of the report, the incremental cost should be greatly
outweighed by the benefits to investors.
Changing the nature of the audit to better address fraud and getting companies
to improve their anti-fraud controls will be difficult, for there will be many
who resist it. Robert Frey, President of Cin-Made Corporation, suggests why:
change. Change of any kind is a struggle with fear, anger, and uncertainty, a
war against old habits, hidebound thinking, and entrenched interests. No
company can change any faster than it can change the hearts and minds of its
people, and the people who change fastest and best are those who have no choice
(Harry and Schroeder 2000, p. 265).
If the investing public
is to have a much safer investing experience, where financial statement fraud
is as rare as major jetliner accidents, then corporations and auditors have no
choice. In the public interest, we must both change and change now.
About the Author
Toby J. F. Bishop, FCA, CPA, CFE is the partner in charge of fraud research and
development for Arthur Andersen. The views expressed are not necessarily those
of Arthur Andersen. He may be contacted at
S., and J. J. Willingham. 1993. An Evaluation of SAS No. 53, The
Auditors Responsibility to Detect and Report Errors and
Irregularities. In The Expectation Gap Standards: Progress,
Implementation Issues, Research Opportunities. New York, NY: AICPA.
American Institute of
Certified Public Accountants (AICPA): Auditing Standards Board. 1997.
Statement on Auditing Standards No. 82: Consideration of Fraud in a
Financial Statement Audit. New York, NY: AICPA.
Barr, S. 1998.
Misreporting Results. CFO: The Magazine for Senior Financial Executives
Beasley, M. S., J. V.
Carcello, and D. R. Hermanson. 1999. Fraudulent Financial Reporting:
19871997. New York, NY: Committee of Sponsoring Organizations of the
Boeing Company (The):
Commercial Airplanes Group. 2000. Statistical Summary of Commercial Jet
Airplane Accidents: Worldwide Operations 19591999. Seattle, WA: The
Boeing Company. See www.boeing.com/news/techissues/.
Harris, S. P. 2000.
Who Audits America, 43rd Edition. Menlo Park, CA: Data Financial Press.
Harry, M., and R.
Schroeder. 2000. Six Sigma: The Breakthrough Management Strategy
Revolutionizing the Worlds Top Corporations. New York, NY: Doubleday.
Hermanson, H. M. 2000.
An Analysis of the Demand for Reporting on Internal Control. Accounting
Horizons (September): 325341.
Ip, G. 1998. Big News on
Your Stock? Hold On to Your Hat. The Wall Street Journal (April 27).
and Space Administration (NASA). 1996. The History of Aviation Safety.
Washington, D.C.: NASA. See
National Commission on
Fraudulent Financial Reporting (NCFFR) (Treadway Commission). 1987. Report
of the National Commission on Fraudulent Financial Reporting. New York, NY:
Safety Board (NTSB). 2000. 1999 Aviation Accident Statistics.
Washington, D.C.: NTSB. See www.ntsb.gov/aviation/stats.htm.
Public Oversight Board
(POB), Panel on Audit Effectiveness. 2000. Report and Recommendations.
Stamford, CT: POB. See www.pobauditpanel.org. Shuster, S.
1998. The Seventh Annual Business Week Forum of Chief Financial Officers.
Business Week (July 13).
Back to Contents Page