The Securities and Exchange Commission has sanctioned auditors a total of 87 times from 1998 through 2010 for various failures associated with financial reporting fraud, with only 11 of those failures falling in the years after enactment of the Sarbanes-Oxley Act.

New research on auditor sanctions related to fraud allegations suggests auditors faced SEC disciplinary actions primarily related to audits of smaller companies, or those with median revenues and assets below $40 million. Those are the same companies that are exempt from the Sarbanes-Oxley requirement to have auditors check internal control over financial reporting. “That definitely has some implications,” says Mark Beasley, accounting professor at North Carolina State University and one of four co-authors of the study. “It's hard to know exactly what it means, other than it's not the large multinationals where we see problems.”

The study, An Analysis of Alleged Auditor Deficiencies in SEC Fraud Investigations: 1998–2010, was commissioned by the Center for Audit Quality. It finds auditors who were sanctioned for poor audit work in connection with fraudulent financial statements issued clean opinions 58 percent of the time. The remainder of opinions were also favorable opinions, but they included explanatory paragraphs that addressed issues noted by auditors, such as changes in accounting principles or concerns that the company could go out of business.

The study also found that six of the 87 cases against auditors involved situations where auditors did nothing meaningful in the way of audit work at all. Of the remaining 81 cases where auditors performed actual audits, 43 percent were performed by national firms with global networks, which generally audit the vast majority of all market capitalization in the United States. Smaller audit firms were targeted in the other 57 percent of sanctions. The defunct Arthur Andersen accounted for nine of the 35 cases involving national firms.

According to the research findings, the SEC most often sanctioned auditors for four basic failures: a lack of competence and diligence in their audit work, a failure to exercising adequate professional skepticism, inadequately identifying and assessing risks, and inadequately responding to risks they identified.

The Public Company Accounting Oversight has focused heavily on those areas in recent years, issuing several new standards that call on auditors do to a better job assessing and responding to risks, and considering ideas on how to raise the bar on auditor performance and exercise of skepticism. Beasley says he's not sure new auditing standards will produce the intended effect when it comes to improving overall audit performance or skepticism. “Maybe it's training, or maybe it's root cause analysis to find out why people don't apply a questioning mindset,” he says. “But there are a couple of things the last few years that suggest we are moving in the right direction in trying to address the problems.”

Topics