WELCOME TO ACCT 4240: AUDITING AND ASSURANCE SERVICES Professor Zabi Rezaee Ph.D., CPA, CMA, CIA, CFE, CGFM Thompson/Hill Chair of Excellence, Professor of Accountancy Spring 2008
The Cost of “Bad Press” The Arthur Andersen partner was on his cell phone when he said, “Ship the Enron documents to the feds,” But his secretary heard, “Rip the Enron documents to shreds.” It turns out that it was all just a case of bad cellular. The Clear Alternative to Cellular TM
Financial Statement Fraud: Prevention and Detection • Review in Journal of Accountancy,December 2002, pp. 89−90: • “Financial Statement Fraud is a good reference for understanding some of the current corporate financial statement problems in making sure that financial statements are correct.” • Review in Internal Auditing May/June 2002, • p. 46−47: • “This professional reference is highly recommended reading for all internal auditors and should be included in all internal auditing libraries and used in internal auditing training programs. This book should hit the bestseller lists rather quickly.” by Zabihollah Rezaee, published by John Wiley & Sons, March 2002
Cooks Recipes EndResults FSF = Crime Incentives Monitoring Cooking the Books = FSF = CRIME Financial Statement Fraud Formula Cooks + Recipes + Incentives + Monitoring (lack of) + End Results = CRIME
Corporate Governance Post-Sarbanes-Oxley: Regulations, Requirements, and Integrated Processes Lynn Turner writes, “Corporate Governance Post-Sarbanes-Oxley appropriately provides the reader with a useful discussion of emerging and contemporary issues confronting those involved with corporate governance including those in the monitoring function, as well as those in the growing field of not-for-profit organizations. And it adds an international flavor to its pages, which is unquestionably important and useful as today’s largest investors as well as accomplished management teams and directors come from a multitude of countries.” Michael McCauley, Director of Corporate Governance for the Florida State Board of Administration, wrote, “Corporate Governance Post-Sarbanes-Oxley offers one of the most comprehensive examinations available. Dr. Rezaee achieves an in-depth, thorough review of today’s corporate governance landscape and provides a sound perspective for the reader. His systematic description offers a practical guide for any investor interested in the role of governance within the capital markets. An excellent book.” by Zabihollah Rezaee, published by John Wiley & Sons, 2007
Current State of the Accounting Profession • The wave of financial scandals of the late 1990s and the early 2000s eroded investor confidence in corporate America and its financial reports. • Congress responded with the passage of the Sarbanes-Oxley Act of 2002. • National stock exchanges (NYSE, NASDAQ, AMEX) issued corporate governance guiding principles. • The PCAOB was created to monitor and discipline the auditing profession. • These responses to the financial scandals established new corporate governance reforms, which provide public companies, their executives, boards of directors, audit committees, internal auditors, external auditors, legal counsel, financial analysts, investment banks with a set of new challenges, and opportunities to improve their performance and hold themselves accountable for their actions.
Legislative and Regulatory Responses The Sarbanes-Oxley Act of 2002 (the “Act”): “Sarbanes-Oxley Blues” • Goals: • Restore investor confidence • Enforce more accountability for public companies • Regulate corporate governance and the accounting profession • Reactions: • Most comprehensive reform since 1930s to improve corporate governance, enhance quality of financial reports, and improve effectiveness, objectivity, and credibility of audit functions • Patchworks of market-based mechanisms already in effect, or codifications of existing corporate laws and regulations • Quick political response by Congress to widely publicized business and accounting scandals. • High compliance cost for small public companies, forcing them to go private • No significant impact on restoring investor confidence and public trust in corporate America and its financial reports
Audit Function Provisions of the Act • Establishment and operation of the Public Company Accounting Oversight Board (PCAOB), an independent nongovernmental agency that regulates and oversees the audit of public companies. • Registration with the PCAOB of public accounting firms that audit public companies. • PCAOB authority to issue auditing standards, inspect registered accounting firms’ operations, and investigate potential violations of Securities laws. • Requirement that auditors be appointed, compensated, and overseen by the audit committee. • Many nonaudit services are prohibited from being performed contemporaneously with an audit. • Rotation of the lead (or coordinating) audit partner and the lead review partner every five years.
Audit Functions (cont.) • Auditors must report to the audit committee. • Prohibiting where CEO or CFO previously employed by auditor. • Auditors attest to and report on management assessment of internal controls. • Limitations on partner compensation. • Disclosure of fees paid to the auditor. • Requirements for preapproval of audit and permitted nonaudit services by the audit committee. • Retention of audit work papers and documents for five years. • Increased penalties for destruction of corporate audit records.
Setting Auditing and Other Professional Standards for Public Company Auditors • Section 103 of the Sarbanes-Oxley Act directs the board to establish: • Auditing and related attestation standards. • Quality control standards. • Ethical standards. • Independent standards • In April 2003, the PCAOB adopted interim professional standards (AIPCA’s auditing, attestation, quality control, ethics, and independent standards) on an initial transitional basis to assure continuity and certainty in the standards that govern audits of public companies. • The PCAOB replaces the AICPA Auditing Standards Board (ASB) in establishing GAAS. • The PCAOB replaces the AICPA SEC practice section (SECPS) in conducting peer reviews of audit quality and inspection of registered public accounting firms. • The PCAOB replaces the AICPA Professional Ethics Executive Committee (PEEC) in establishing ethics standards. • In December 2003, the PCAOB adopted amendments to start issuing auditing standards to supercede and effectively amend existing interim standards. • The PCAOB auditing standards may permanently modify, repeal, replace, or adopt the interim professional standards.
SAG PCAOB Inspections Round- tables Task Forces & Working Groups Other Public Information OCA PCAOB Enforcement Recommendations from Professional Organizations SEC Board Proposed Rules Source: http://pcaobus.org/
The Accounting Profession Accounting produces • High-Quality Financial Information (HQFI): • Useful • Relevant • Reliable Users of Financial Statements Internal Users: management, board of directors, employees External Users: investors, creditors, government
The Role of Financial Reporting Financial Reports Low Quality High Quality Less Accurate More Accurate Less Complete More Complete Less Transparent More Transparent Higher Risk Lower Risk Less Trustworthy More Trustworthy Less Value-Relevant More Value-Relevant Lower Stock Prices Higher Stock Prices Less Economic Growth or Prosperity More Economic Growth or Prosperity Detrimental to Public Interest Supportive of Public Interest
Accounting Information System Inputs Processing Outputs Source Documents • Financial Statements • Balance Sheet • Income Statement • Statement of Cash Flows • Statement of Owners’ Equity Accounting Cycle
Corporate Structure Corporation Create Owners Elect Management Board of Directors Hires Hires Audit Committee Prepares Internal Auditors Hires Financial Statements (GAAP) Independent Auditors Examine (GAAS) Accountants
Corporate Governance Role in Financial Reporting OVERSIGHT Board of Directors Audit Committee MANAGERIAL MONITORING Management Users FUNCTIONS COMPLIANCE Governing Bodies Corporate Governance ASSURANCE External Auditors AUDIT ADVISORY Internal Auditors Legal Counsels Financial Advisors
Why Independent Audits? • Reliable information needed for decision making • Reliability affected by: • Potential conflicts of interest • Complexity of information • Separation (time, distance, expertise) • Time-sensitivity • Consequences (billions of dollars at stake)
Auditing (financial statements) Auditing and Assurance Services Assurance Services (any information) Attesting Services (primarily financial information)
Assurance Services • Assurance services are independent professional services that improve the quality of information, or its context, for decision makers. • Examples • CPA WebTrust (http://www.cpawebtrust.org) • Systrust • Performance View • PrimePlus Services (formerly known as ElderCare) • Can you think of others?
Attestation Engagements • An attestation engagement is one “in which a practitioner is engaged to issue or does issue a report on subject matter or an assertion about the subject matter that is the responsibility of another party.” • Some financial attestation engagements (other than audits): • Supplementary financial statistics • Pro forma financial information • Financial forecasts and projections • Some nonfinancial attestation engagements: • Compliance with contractual requirements • Effectiveness of internal control systems • Inventory quantities and locations
Professional Skepticism • Professional skepticism is an auditor’s tendency not to believe management’s assertions without sufficient corroboration. • A potential conflict of interest always exists between the auditor and the client. • Management wants to portray the company and its operations in the best possible light. • Auditors want to portray the company and its operations fairly. • Ask questions, get answers, then verify the answers.
Examples of Assurance Services • Internet website certification (WebTrust) • Accounts receivable review • Operations review • Information systems review (SysTrust) • Internal audit strategy review • Fraud and illegal acts examinations • Internal controls review
Accounting Careers • Public accounting • Audit (CPA, CISA) • Tax (CPA) • Consulting • Other services • Internal auditing (CIAs) • Fraud examiners (CFEs) • Corporate accountants (CMA) • Governmental accountants (CGFM)
Definition of Auditing Auditor Obtains and evaluates evidence To ascertain correspondence between and Assertions about economic data Established criteria Communicates results To interested USERS
Auditing Financial Statement Auditing Compliance Auditing Operational Auditing Examines financial statement assertions Examines person’s or entity’s actions Examines all or part of organization’s activities Criterion is generally accepted accounting principles (GAAP) Criteria are policies, codes, regulations, etc. Criteria are specified objectives of the organization Reports on fairness of the financial statements in conformity with GAAP Reports on compliance with criteria Reports on recommended improvements
Characteristics of Financial Audits • Auditors are independent of management and financial statement users. • Opinions are based on samples rather than on every item. • Opinions are based on “reasonable assurance”—Auditors are never absolutely certain that financial statements are accurate. • Opinion is based on financial statements as a whole—not on individual items. • Report is issued to many types of users.
Professional Skepticism • Management makes assertions about the validity of financial statements. • Auditor seeks evidence indicating assertions are not supportable. • If evidence against against assertion is not substantial, auditor finds “not guilty” rather than “innocent”. • Not guilty results in a “clean” opinion.
Management Assertions • Existence or Occurrence—Assets, liabilities, and owners’ equity accounts reflected in the financial statements exist; the recorded transactions have occurred. • Completeness—All transactions, assets, liabilities, and owners’ equity that should be presented in the financial statements are included. • Valuation or Allocation—Assets, liabilities, owners’ equity, revenues, and expenses are presented at amounts that are determined in accordance with generally accepted accounting principles (GAAP).
Management Assertions • Presentation and Disclosure—Accounts are described and classified in the financial statements in accordance with GAAP, and all material disclosures are provided. • Rights and Obligations—The client has rights to assets and obligations to pay liabilities that are included in the financial statements. • Compliance—The client is in compliance with all applicable laws, rules, and regulations.
Overview of a Public Accounting Audit Engagement 1.Pre-engagement Activities Investigate new and existing clients. Assign partner, manager, and staff to engagement. Obtain an engagement letter. 2.Planning Activities Obtain knowledge of the client’s business. Design a preliminary account balance audit program (considering knowledge of internal control). Obtain preliminary understanding of internal control. 3.Internal Control Risk Assessment Activities Gather evidence and evaluate the client’s internal control structure. Document the assessed level of control risk. Modify the audit program to final form (if necessary in light of new knowledge of internal control). 4.Account Balance Audit Activities Gather evidence about the account balance dollar amounts and related footnote disclosures. Prepare audit working papers. Decide whether evidence is sufficient. If not, obtain more, unless cost is prohibitive. Evaluate the evidence and make audit decisions. Document the decisions in working papers. 5.Reporting Activities Decide on the appropriate unqualified or qualified audit report.
Relationship between Accounting and Auditing Analyze events and transactions Obtain and evaluate evidence concerning the financial statements Measure and record transaction data Verify statements are presented fairly in conformity with GAAP Classify and summarize recorded data Express opinion in audit report Prepare financial statements per GAAP Deliver audit report to client Distribute financial statements and auditor’s report to stockholders in annual report
Organizations • State Boards of Accountancy • AICPA (American Institute of CPAs • Auditing Standards Board • SEC (Securities and Exchange Commission) • PCAOB (Public Company Accounting Oversight Board) • FASB (Financial Accounting Standards Board) • State Societies of CPAs
Summary of Some Provisions of the Sarbanes-Oxley Act of 2002 (SOX) • Establishes Public Company Accounting Oversight Board (PCAOB). • Prohibits auditors from performing nonaudit services contemporaneously with audit services. • Requires publicly traded companies to have an audit committee composed of independent members of the board of directors.
Summary of Some Provisions of SOX (cont.) • Requires CFO & CEO to certify that financial reports do not contain any untrue statements, and they fairly present the company’s financial condition and results of operations. • Requires CFO & CEO to be responsible for establishing, maintaining, and reporting on internal controls. • Requires corporate executives to repay any bonus or compensation received if the company is required to prepare an accounting restatement due to material misstatements caused by fraud.
Summary of Some Provisions of SOX (cont.) • Increases the prison sentences for wire and mail fraud and a new category of crime for securities fraud to a 20-year maximum sentence. • Makes document shredding unlawful and a crime subject to prison. • Ensures that corporate fraud is punishable regardless of when it is discovered. • Requires the lead partner in charge of the audit and the audit partner responsible for reviewing the audit be replaced every five years.
Summary of Some Provisions of SOX (cont.) • Directs the SEC to conduct a study of securities professionals who have been found to have aided and abetted a violation of Federal Securities laws. • Authorizes the SEC to recognize any generally accepted accounting principles that are issued by a standard-setting body (e.g., the FASB) that is a private entity, governed by a board of trustees, and funded in a manner similar to the PCAOB.
General Ethics • Ethics that branch of philosophy which is the systematic study of reflective choice, of the standards of right and wrong by which it is to be guided, and of the goods toward which it may ultimately be directed. - Wheelwright, 1959 • Key elements • Decision problems • Moral principles • Consequences
Definitions • Business Ethics: The moral principles and ethical standards that guide business behavior. • Professional Ethics: The National Association of State Boards of Accountancy (NASBA) defines education in ethical and professional responsibilities as “a program of learning that provides potential professional accountants with a framework of professional values, ethics and attributes for exercising professional judgment and for acting in an ethical manner that is in the best interest of the public and the profession” (NASBA, 2005). • Corporate Governance: An ongoing process of managing, controlling, and assessing business affairs to create shareholder value and protect the interests of other stakeholders.
Ethics Sensitivity Business Ethics Ethical Behavior Ethics Incentives Ethics Triangle Ethics sensitivity: Moral principles, workplace environment, gamesmanship, loyalty, peer pressure, and job security that influence one’s ethical decisions. Ethics incentives: Rewards, punishments, and requirements for ethical behavior (e.g., tone at the top, AICPA code of professional ethics). Ethics behavior: Doing “the right thing” rises above a rules-based mindset that asks, “is this legal,” and adopts a more principles-based approach that asks, “is this right?”
An Ethical Decision Process • Define all facts and circumstances. • Identify stakeholders. • Identify stakeholders’ rights and obligations in general and to each other. • Identify alternatives and consequences. • Choose superior alternative with respect to consequences and/or rules.
Principles Rules of Conduct Interpretations Ethical Rulings Code of Professional Conduct • Ideal standards of ethical conduct • Minimum standards of ethical conduct stated as specific rules • Interpretations of the rules by the AICPA division of professional ethics • Published explanations and answers to questions about rules of conduct
Principles Basic tenets of ethical conduct: • Responsibilities—Exercise sensitive professional and moral judgment. • Public interest—Honor the public trust. • Integrity—Perform responsibilities with the highest sense of integrity. • Objectivity—Impartial, unbiased, and independent. Free of conflicts of interest and independent in fact and appearance. • Due care—Diligent, competent, thorough, prompt. • Scope and nature of services—Observe the principles when considering the scope and nature of services provided.