Fraud is defined as failure to use reasonable care in the performance of services.

Chapter 6 Discussion Questions

1. Distinguish between common-law liability and statutory liability for auditors. What is the basis for the difference in liability?

Common law liability arises from legal opinions issued by judges in deciding cases. These opinions become legal precedent and guide other judges in deciding on similar cases in the future. Common law cases are civil suits. Statutory liability reflects legislation passed at the state or federal level; the legislation establishes certain courses of conduct. Statutory law can either result in civil liability or criminal liability. A good example of statutory law is the SEC securities acts that establish liabilities for auditors in conducting an audit in accordance with GAAS and responsibilities with respect to material misstatements in the financial statements. Auditors have liabilities for ordinary negligence; gross negligence (constructive fraud); and fraud.

2. Explain the difference between the ethical responsibilities of auditors and auditor legal obligations.

Auditor legal obligations are a minimum requirement. The securities acts establish statutory liabilities and common law decisions establish civil liability. The law establishes minimum requirements for ethical conduct. The problem is when auditor responsibilities are not clear it is the ethical standards of the profession in the form of the Principles of Professional Conduct embodied in the AICPA Code that should guide auditors. Auditor ethical responsibilities will often go beyond what is required by law because the law cannot cover every situation an auditor might encounter. When the facts are unclear and the legal issues uncertain, an ethical person should decide what do on the basis of well-established standards of ethical behavior. In addition to the AICPA ethical standards that mirror Josephson’s Six Pillars of Character and virtues discussed in chapter 1, ethical standards require the auditor to reason through ethical conflicts weighing the effects on stakeholders and placing the public interests above all others. An ethical auditor will often do less than is permitted by the law and more than is required.

3. Is there a conceptual difference between an error and negligence from a reasonable care perspective? Give examples of each of your response.

Errors are unintentional mistakes or omissions. Error may involve mistakes in gathering or processing data or testing, misinterpretation of facts, mistakes in the application of GAAP or GAAS. A simple error is transposing numbers when entered into the data-base system (i.e., $492 recorded as $429). There can be errors in math, disclosure, and even in interpreting GAAP. In the latter case, an error is distinguished from fraud by intent. If the intent of the “error” was to deceive another party, it is fraud not an error.

Negligence is a violation of a legal duty to exercise a degree of care that an ordinarily prudent person would exercise under similar circumstances. Negligence would be deciding that the accounts receivable confirmations are unnecessary since they take too much time and normally do not change the balance sheet accounts in a significant amount.

4. Distinguish between the legal concepts of actually foreseen third-party users and reasonably foreseeable third-party users. How does each concept establish a basis for an auditor’s legal liability to third parties?

Actually foreseen third party users are a limited range of individuals or organizations that the client intends the information to benefit. The auditor need not know the exact identity of the third party. However, it owes a duty to persons who the professional knows will rely on the information. The auditor would be liable to any plaintiff that justifiably relied on the information and suffered a loss from that reliance. An example would be if the client informs the auditor that it will be using the audited financial statements to obtain a bank loan, without naming any specific bank. Under the (actually) foreseen third party doctrine, any bank would have relied on the audited financial statements in making lending decisions and may have a legal right to sue.

Foreseeable third party users are individuals or organizations that the client intends the information to benefit. The reasonably foreseeable third party user group would also include a limited class of potential users that the accountant could reasonably foresee (but may not be known to the auditor at the time of the audit) relying on the auditors’ work. Reasonably foreseeable parties may sue for ordinary negligence. Examples would include creditors, investors, potential investors, local banks and regular suppliers. The reasonably foreseeable third parties approach is used presently in only two states, Mississippi and Wisconsin.

5. Describe what the law requires with respect to the legal ruling in Credit Alliance v. Arthur Andersen & Co. Do you think the ruling establishes a fair basis for an auditor’s legal liability to third parties?

Credit Alliance establishes the criteria of a near privity relationship. Near privity is a relationship so close to privity, as to approach privity. A three point test was established by the court in Credit Alliance v. Arthur Andersen & Co.:

1. The auditor knew the audited financial statements would be used for a specific purpose by a particular third party;

2. The auditor knew the specific third party would rely on the statements; and

3. Some action by the auditor showed that auditor understood that the statements would be relied upon by the specific third party.

The ruling and three point test is seen as a way of limiting auditors’ liability to third parties closer to the primary beneficiary criteria of Ultramares. This seems to be a fair basis for establishing legal liability of auditors since it is limited to situations where the auditor know that a specific third party would rely on the statements rather than open up such liability to third parties that the auditor questionably did or did not foresee as users.

6. Explain the legal basis for a cause of action against an auditor. What are the defenses available to the auditor to rebut such charges? How does adherence to the ethical standards of the accounting profession relate to these defenses?

A client or a third party must prove that (1) the CPA accepted a duty of professional care to exercise skill, prudence, and diligence; (2) the CPA breached his/her duty of due professional care through negligence; (3) the client or third party suffered losses; and (4) the damages were caused (causation or proximate cause) by the CPA’s negligence. If the CPA performs the audit with due care and high level of professional performance, the CPA has a defense against (1), (2), and (4). The ethical standards of the accounting profession relate most directly to these defenses through the competence (due care) rule 201. One could say that objectivity (rule 102) also is involved because of its link to due care and due care encompasses professional skepticism.

7. A subsequent event is one that occurs after the date of the financial statements (i.e., December 31, 2013) but prior to the auditor having dated (or possibly issued) the audit report (i.e., March 15, 2014). One type of subsequent event is where additional evidence becomes available before the statements have been issued that sheds light on certain estimates previously made in the statements. A good example is additional evidence about the collectibility of a receivable that relates to its valuation in the December 31, 2013, financial statements but is not uncovered until January 31, 2014. Why is it important from an auditing perspective that an auditor be required to adjust the financial statement amounts for some material subsequent events? If an auditor fails to live up to this standard, what is the potential liability exposure for the auditor?

If the auditor is aware of a subsequent event that would change the reader’s or investor’s mind about the company and its financial statements, that subsequent event must be disclosed. Typically, such events have a direct effect on financial statement amounts. For example, the post-balance sheet date collection of a material receivable that had been written off at the balance sheet should lead to eliminating the write-off because the auditor knows prior to the issuance of the financial statements that the write-off is wrong and receivable balance is higher. On the other hand, some subsequent events do not affect the balance sheet amount but provide important information about the account at that date. An example of such a subsequent event would be for a manufacturing firm that had a fire destroy its manufacturing plant on February 10. Although the financial statements may present a fair representation as of December 31, a reader has the right to know that continuity of business has been threatened due to a fire at the plant.

8. What are the legal requirements for a third party to sue an auditor under Section 10 and Rule 10b-5 of the Securities Exchange Act of 1934? How do these requirements relate to the Hochfelder decision?

A plaintiff must prove the following under Rule 10b-5 of the Securities Act of 1934: 1) loss or damages; 2) financial statements were misleading; 3) reliance on the misleading statement; 4) misleading statements are the direct cause of loss; 5) accountant knew about the scheme to defraud (scienter). In the Hochfelder decision, the plaintiff could not prove scienter in that there was no showing that the auditors’ action was intentional or willful or designed to deceive investors.

9. Valley View Manufacturing Inc., sought a $500,000 loan from First National Bank. National insisted that audited financial statements be submitted before it would extend credit. Valley View agreed to this and also agreed to pay the audit fee. An audit was performed by an independent CPA who submitted her report to Valley View to be used solely for the purpose of negotiating a loan from National. National, upon reviewing the audited financial statements decided in good faith not to extend the credit desired. Certain ratios which as a matter of policy were used by National in reaching its decision, were deemed too low. Valley View used copies of the audited financial statements to obtain credit elsewhere. It was subsequently learned that the CPA, despite the exercise of reasonable care, had failed to discover a sophisticated embezzlement scheme by Valley View's chief accountant. Under these circumstances, what liability does the CPA have?

Under the situation, if the CPA can show due care and competency in the performance of the audit, the CPA would not be liable. The CPA will need to show that the audit was planned and performed to detect material misstatements, but that it is not absolute assurance that all misstatements, and especially sophisticated embezzlement by the chief accountant, will be discovered. The CPA would be liable to Valley View for ordinary negligence. The CPA would liable to the creditor for gross negligence or fraud only. The creditor was not a foreseen or reasonable foreseeable third party but would be considered the foreseeable user. Therefore, under the liberal Rosenblum ruling the creditor may be viewed as a reasonably foreseeable third-party user since the Valley View did not obtain a loan from National Bank.