Assurance Engagements – Avoiding Claims and Reducing Liability

Audit and review engagements account for a significant number of all the claims reported each year to AICA Services Inc. (AICA), representing a combined total of 14.9% of the number of claims reported to AICA between 1999 and 2015. The audit engagement remains the largest area of assurance claims, representing 9.2% of the number of claims reported and 33.5% of the total incurred in damages and expenses during the same period.

Claims may be initiated by the practitioner’s client, or by third parties who have allegedly relied on the audited or reviewed financial statements in order to make certain financial decisions. Claims arising out of assurance engagements are often in the millions of dollars and lawsuits can drag on for years.

This article addresses the primary causes for assurance engagement claims and common mistakes that practitioners make that expose them to liability, and offers insight into preventative measures that practitioners can take to avoid claims.

Major areas of claims

The majority of claims arise out of the following four areas:

1. Failure to detect fraud;
2. Purchase and sale transactions;
3. Investment decisions; and
4. Family and shareholder disputes.

1. Failure to detect fraud

The failure to detect fraud, usually either the misappropriation of assets or financial statement fraud, comprises the largest number of claims against accountants in assurance engagements.

Misappropriation of Assets

By far the most common type of fraud encountered is the misappropriation of assets, including funds. The misappropriation can take many forms, including forging cheques, fictitious expense reimbursements, false payroll claims, skimming, and cash larceny. The client is often a small owner- managed business, not-for-profit organization, or credit union. Losses often exceed $500,000. The fraudster is typically a trusted employee who is in charge of the bulk of the decision making and on whom significant reliance was placed.

Although the argument is always made that an audit or review engagement is not designed to detect a fraud, the accountant is sometimes found to be exposed to liability as a result of deficiencies in the audit or review. Common errors include the following:

• Insufficient assessment of fraud risk;
• Overreliance on the fraudster for information and explanations;
• Failure to investigate material transactions;
• Failure to follow up on discrepancies detected and noted;
• Setting materiality too high; and
• Insufficient and inappropriate audit evidence in critical areas such as bank reconciliations and adjusting journal entries.

In order to manage the risk, practitioners should consider the following preventative measures:

• Plan the audit engagement carefully, ensuring that an assessment of the inherent and control risks includes whether fraud risk factors are present;
• In review engagements, be careful not to go beyond the scope of the engagement. Where a practitioner performs extra work beyond the scope of the engagement and fails to detect a problem, or did detect a problem but fails to follow up, the practitioner cannot hide behind negative assurance, claiming that an opinion is not being provided and that further procedures were not necessary. If red flags are encountered, the practitioner must investigate them further.
• Maintain an attitude of professional skepticism at all times, particularly where internal controls are weak and there is a lack of segregation of duties;
• Be alert to the prevalence of asset misappropriation in small businesses and the presence of red flags, such as a large number of questionable journal entries and conflicts of interest between employees and suppliers;
• Follow up on suspected misstatements in order to confirm or dispel them; and
• Document all facts, suspicions, and corresponding actions taken in writing.

Financial Statement Fraud

Financial statement fraud occurs where financial statements have been intentionally misstated, typically by a member of a company’s management. Motivation for financial statement fraud can come from various sources, including the desire to:

• comply with bank or loan covenants;
• increase financing to meet cash needs;
• increase the stock price or the value of the company for the purposes of a merger, acquisition, or sale; or
• meet expected revenue and earnings targets.

This is the most costly form of fraud, with damages often reaching the tens of millions of dollars. Losses are suffered by third parties, such as banks, suppliers, and purchasers, who bring accountants into the litigation by alleging that deficiencies with the audit or review failed to detect the fraud, as well as claiming reliance on the materially misstated statements in making the decision to loan money or extend credit.

Common areas of financial statement manipulation include the following:

• Overstatement of inventory;
• Overstatement of accounts receivable, often through the creation of fictitious invoices;
• Overstatement of revenue;
• Deferring or eliminating expenses, such as capitalizing costs that should be operating expenses; and
• Improper disclosure of related party transactions.

Common problem areas that increase an accountant’s exposure to liability include:

• Failure to use professional skepticism and judgment, particularly when any factors exist that could motivate the manipulation of financial statements;
• Excessive reliance on management, including the acceptance of vague or contradictory explanations;
• Failure to thoroughly understand the corporation’s business;
• Lack of objective verification procedures; and
• Failure to follow up when potential risks are identified.

Practitioners are encouraged to manage the risk of a claim for failure to detect fraudulently misstated financial statements by taking the following preventative measures:

• Identify risks that may result in fraud, giving consideration to the type of risk, the significance of risk, the likelihood of risk, and the pervasiveness of risk;
• Understand the entity’s business model;
• Maintain an attitude of professional skepticism and use professional judgment;
• Document every step and consideration in the audit or review — this is critical; and
• Consider the quality of the evidence. Do not accept vague or contradictory explanations. Obtain third-party evidence if possible (which may be appropriate in some circumstances in review engagements as well).

2. Purchase and sale transactions

At the outset of the engagement, it is imperative that a practitioner determine who the users of the financial statements will be and the purpose for which the statements will be used. It is advisable to clearly set this out in the written engagement letter.

Issuing financial statements on an audit or review basis for the purpose of a purchase and sale can sometimes be problematic. Practitioners ought to be aware of the specific purpose for which the statements will be used when determining materiality. Arguably the materiality will be lower where financial statements, or elements of the financial statements such as accounts receivable or inventory, are being used to determine the value of the business.

3. Investment decisions

Claims continue to arise from shareholders and investors who have relied on financial statements in order to make investment decisions. Again, the accountant must be aware of the purpose for which the statements will be used and who the potential users are. Although an audit or review is not designed to assist shareholders or outside investors in making decisions involving their own interests, problems can arise where the accountant knows that the statements will be provided to these users in order to solicit investments.

One trend that continues to gain traction is the commencement of class action lawsuits by investors of corporations or investment schemes against the professionals involved, including accountants. These claims typically arise where the financial statements have been used in the investment prospectus or where the whole company or investment scheme has been a sham.

4. Family and shareholder disputes

Family disputes

It is not uncommon for claims against accountants to be made in the context of family and matrimonial disputes, where the statements are used in the valuation of the business for net-family- property purposes. As previously discussed, knowledge of the intended use of the statements will alter the level of materiality. It is also important to be alert to the motivation of the party who is involved in the business, who may also want to undervalue the business.

Accountants should also be wary of putting themselves in a conflict of interest position in this situation, particularly where both the husband and wife were involved in the business and one no longer is, but both want to continue to engage the accountant.

Shareholder disputes

Another common problem arises where one shareholder of a company sells shares to another shareholder and there is a dispute. The accountant is often requested to act for both parties. The accountant needs to consider whether they can act for any of the parties, for independence reasons, as well as the perceived and real conflict of interest that exists.

Practitioners should also beware of the absent minority shareholder. Practitioners will often be in contact with the shareholder who is involved in the day-to-day business of the company, and need to ensure that the issue of communication is clarified early on in the engagement, and done so in writing. Communicating with and taking direction from one shareholder will inevitably lead to allegations that the practitioner preferred the interests of one shareholder over the other when a shareholder dispute arises. When material developments arise, the practitioner should consider obtaining legal advice on what should be communicated to which parties.

Best practices to manage risk

These can be summed up as follows:

• Actively manage risk, which involves proper planning, analysis, communication, and documentation;
• Use professional skepticism and judgment at every step of the engagement; and
• Remember that documentation is key to a quick and fair resolution to a claim.

Malcolm D’Souza, MBA, CPA, CA, is executive vice-president at AICA. During his 21 years at AICA, Malcolm has assisted in resolving over 7,000 claims against accountants. The AICA program insures CPAs in Quebec and the majority of small practitioners in the rest of the country.