Working with auditors: tips and traps.
The relationship between management accountants and auditors continues to evolve, and recent changes in U.S. and international auditing standards highlight that. Regulators are urging management to work more closely with auditors and support them.
The role of the auditor is unique in the business environment. Usually when a company hires a consultant, the goals of the company and the consultant are consistent. In some cases, the role of the consultant is to act as an advocate for the company. Yet the very nature of the auditor/client relationship creates a certain degree of friction between the auditor and the client. Standards and regulatory authorities require the auditor to be independent, which often creates some misperceptions about the auditor. Management pays the auditor for an independent report assessing management's financial performance and adherence to established accounting standards-a critical assessment, if you will-even though it's against human nature to like criticism.
Some financial executives view the audit at best as a necessary evil and at worst as a threat. In fact, auditors want to avoid conflict as much as anyone else. Most auditors aren't seeking confrontation; they think a good audit is one where there are few contentious issues and management's judgments mirror their own.
But financial executives and others often have some common misperceptions about auditing that can be stumbling blocks to working closely with auditors (see "5 Common Mistaken Ideas About Auditing").
What Is Professional Skepticism?
One key to understanding the role of the auditor is the universal audit concept of professional skepticism.
Paragraph 13 of the International Standard on Auditing (ISA) 200, Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance with International Standards on Auditing, from the International Auditing and Assurance Standards Board (IAASB), defines professional skepticism as:
* "An attitude that includes a questioning mind,
* Being alert to conditions which may indicate possible misstatement due to error or fraud, and
* A critical assessment of audit evidence."
The U.S. Public Company Accounting Oversight Board (PCAOB) has a similar definition.
Management determines when and how to record certain transactions. Professional skepticism, which assures that an auditor maintains independence, consists of making an independent determination of how the same transactions should be recorded in the company's records. At that point, the auditor can make a comparison between his or her judgment and management's actions. In reputable companies, the auditor's assessment most often will mirror management's actions.
Threats to Professional Skepticism
The two big threats to an auditor's professional skepticism are familiarity with management and the cult of personality.
The nature of auditing requires that the auditor maintain a certain distance from the client. Too much familiarity endangers both professional skepticism and a quality audit. Auditors trust their clients in the sense that no respectable audit firm wants to have the reputation of catering to dishonest or disreputable firms-but that trust doesn't relieve the auditor of the responsibility to conduct the audit with a questioning mind.
ISA 200 notes that we can't expect auditors to disregard past experience with management and those charged with governance. But the auditor must maintain professional skepticism despite believing that those charged with governance are honest and have integrity. Also, the auditor must not be satisfied with less-than-persuasive audit evidence when obtaining the reasonable assurance necessary to form an opinion on the financial statements. (See ISA paragraphs 15-16 at http://bit.ly/IAASBhandbook.)
That high standard underlies the International Accounting Standards Board's (IASB's) 10-year audit firm rotation requirement, which the IAASB follows, and the earlier seven-year audit partner rotation requirement. It takes basic human nature into account. If an auditor finds that management has been honest in the past, that builds a level of trust and the expectation that management will be honest in the foreseeable future. Professional skepticism mandates that the auditor resist this very human reaction because corporate or personal pressures on management might tempt the most honest managers to bend the rules in certain circumstances. The auditor is the last line of defense to keep management honest. That's why he or she must verify what management reports.
The cult of personality is a threat because CEOs are often charismatic figures, especially the entrepreneurial ones who have built their own companies. The auditor, being human, can easily fall under the spell of a charismatic CEO.
For two examples of major U.S. frauds where the cult of personality and a "too big or too important to fail" attitude played a role, see "Avoiding Audit Disasters."
How Will the Manager / Auditor Relationship Change?
The latest PCAOB and IAASB standards are designed to ensure that auditors will maintain professional skepticism and not develop a personal relationship with management that is too close. At the same time, the standards mandate that the auditor develop a close but professional relationship with management to promote transparency and communication.
But the relationship of the CFO and controller with their auditor will change in certain ways. The IAASB's "A Framework for Audit Quality: Key Elements that Create an Environment for Audit Quality," published on February 18, 2014, recommends an increased interaction between the auditor and the preparers of financial information (see http://bit.ly/FrameworkAudit Quality). The result will be a closer working relationship between the auditor and a company's financial staff. It's important to recognize that the purpose is to increase the auditor's understanding of how the financial information is acquired and consolidated and how judgments are made. That will create a greater understanding of the risks and specific judgments involved.
The PCAOB's requirement that auditors monitor transactions with related parties more closely-especially those with company executives-may be a cause of friction between auditors and executives (see "Audit Regulators Say Get More Involved!"). The intent of this monitoring reflects the PCAOB's concern that executive stock trading may signal insider knowledge of the company's future events. Kenneth Lay notoriously unloaded much of his Enron stock in the months before Enron's bankruptcy. These kinds of executive actions may signal risks.
CFOs and controllers should view this closer auditor monitoring of their actions from the perspective that they have nothing to hide. The only executives who should feel threatened by this requirement are those who have something to hide. If CFOs and controllers recognize the PCAOB's intent and management ensures clear communication between auditors and executives, the transition will be less painful.
The IASB's audit firm rotation requirement of 10 years can be increased to 20 years if the audit is put out to bid, but that still imposes a limit on the auditor/client relationship. While this limit may not seem onerous, it changes the dynamic between the auditor and management by making the relationship impermanent. The auditor will begin to feel that his or her work may be subject to oversight (review) by a competing firm, which will make the auditor more careful in exercising professional skepticism. In addition, the company will begin to view its relationship with the auditor as more transient. Once every 10 years, the company will have to build trust and a working relationship with a new audit firm. The company will be motivated to establish procedures and protocols for this predictable event. Right now, auditor change is often a rare and chaotic event.
Understanding the Auditor's Roles
To understand what auditors want, bear in mind that the auditor has three key roles.
First, the auditor must expedite efficient and fair access to financial markets. If all companies competing for resources in financial markets are on an even playing field, financial resources can be allocated efficiently among competing firms. In an efficient market, this maximizes overall returns. The auditor's role here is to ensure that all companies are playing by the same rules and to minimize cheating.
The auditor's second role is to report to shareholders. Management creates the financial reports, and the auditor provides a second set of eyes to assure that management is being fair and direct in assessing and reporting the company's performance. In part, this serves to prevent management from reporting biased results to shareholders.
The auditor's third role is to serve as a part of the regulatory mechanism. The auditor is a licensed expert in financial reporting and disclosure matters, assuring that the company's financial reporting is in compliance with the rules established by the IASB and/or the Financial Accounting Standards Board (FASB).
CFOs, controllers, and their staffs must understand that the purpose of the audit process is to enable the auditor's key roles. It isn't a punitive or adversarial exercise. Keeping that in mind will help expedite the audit and establish a trustful relationship with the auditor. By professional standards, the auditor is neither a friend nor an enemy to the company.
What Do Auditors Want?
The auditor needs a relationship with a client's CFO and controller that has some very special characteristics: transparency, thoroughness, and timeliness.
Experienced auditors are human, but they are also generally better-than-average judges of character. Being a good judge of character is an essential quality in a good auditor. Transparency is the first quality an auditor seeks when developing and maintaining a good relationship with a client's financial officers. This means the financial officers must provide clear and concise answers to the auditor's inquiries, but it can extend beyond that. For example, it's best to be open about whether there are contentious accounting issues where the client company chose between a number of alternatives. The auditor will probably discover it anyway. A good auditor will find any discrepancy that may be material (i.e., can affect the overall accuracy of the financial statements).
The proper way to handle a contentious accounting issue is for the CFO and controller to bring any unusual or questionable accounting treatment to the auditor's attention in the early stages of an audit. Then they all can discuss the issue and resolve it. If financial officers answer the auditor's questions directly, without trying to hide something or cloud the issue, then the client is likely to get fair consideration.
But if the auditor discovers that a questionable treatment wasn't brought to his or her attention by the financial officers, a climate of distrust is created. Then, at the very least, the auditor will look for similar instances and be extremely conservative in his or her judgments.
It's also important for financial officers to be very thorough in dealing with an auditor and to demonstrate that they were also very thorough in determining what accounting treatments to use. If a CFO and controller can clearly show that they considered and rejected other alternatives in their decision-making processes, the auditor will take that into consideration. Yet if the reasons for a chosen accounting treatment are obscure or confusing, the auditor will be more suspicious immediately. A lack of thoroughness can lead an auditor to question other management decisions.
Finally, timeliness is important for both the auditor and the financial officers. An auditor needs to work as efficiently as possible to complete the work on time. This is one area where the company and its auditor share the same concern. The auditor wants to complete the audit as much as the company does. It's frustrating to an auditor when completion is held up while waiting to resolve a few issues or deal with incomplete documentation. Quick responses to auditor requests also build trust, while long delays in getting requested materials and documentation can make the naturally suspicious auditor even more suspicious.
Preparing for Change?
As you can see, the latest auditing regulations mean that CFOs and controllers will have to work more closely with auditors. For help in preparing for this change, see "Audit Tips and Traps Checklist."
Keep in mind that the auditor has a job to do, just like the company's financial staff. Working closely and cooperatively with an auditor will speed up the process and avoid the trap of an unpleasant and risky adversarial situation.
RELATED ARTICLE: 5 common mistaken ideas about auditing.
Here are some misperceptions about the auditor and the nature of auditing.
It's a mistake to believe that:
1 The purpose of the audit is to detect fraud.
In general, the audit is designed to test that management's assertions about the valuation of assets, the completeness of liabilities, and the reported income of the company are consistent with Generally Accepted Accounting Principles (GAAP), rules, and regulations. The discovery of fraud may be a byproduct of the auditor's efforts, but it isn't the primary focus of the audit.
2 The audited financial statements are certified (guaranteed) to be accurate by the auditor.
The terminology used in expressing the auditor's opinion across international and U.S. standards is that the financial statements "fairly present." No guarantee of absolute accuracy is or can be given.
3 The auditor is an adversary of management.
The auditor is neither a friend nor foe of management. But the auditor must maintain some distance, retain professional skepticism, and have his or her questions answered in a transparent, thorough, and timely manner.
4 The auditor prepares the financial statements.
Some investors may believe that the auditor prepares the financial statements. That isn't true. The auditor's role is to test the financial statements prepared by management to offer an independent, expert opinion that rules have been followed and standards applied correctly.
5 The auditor reviews every transaction.
Some investors or managers may also believe that the auditor actually reviews every transaction. The truth is that the auditor doesn't have the time or resources to review every company transaction. Instead, the auditor relies on statistical sampling methods to look at a small but representative percentage of a company's transactions to test overall accuracy.
RELATED ARTICLE: Avoiding audit disasters.
To avoid audit disasters, CFOs and controllers must make sure that auditors retain their professional skepticism. Management and auditors must avoid two dangerous traps: the cult of personality and an attitude that the CEo or company is too important or too big to fail. Those traps will trigger a calamity. Not convinced? Here are two famous examples from recent major frau s.
Kenneth Lay, former CEO of Enron, was a charismatic figure who led Enron at the time the company's accounting fraud occurred. His resume was impressive. He had been an undersecretary at the U.S. Department of the Interior and was a close associate of President George W. Bush. Lay also had co-chaired President George H.W. Bush's 1992 reelection committee, was appointed to the President's Council on Sustainable Development by President Bill Clinton, and was considered for the job of U.S. Treasury secretary. Lay's celebrity status and political connections would have made it difficult for an auditor to challenge Enron's accounting practices.
Enron was a successful company for many years and was the largest client in auditing firm Arthur Andersen's Houston, Texas, portfolio. Enron's accounting included some complex and controversial accounting policies regarding revenue recognition, mark-to-market accounting, and the decision not to consolidate certain special purpose entities (SPEs) that were sustaining significant losses. The audit firm failed to maintain professional skepticism regarding these practices. It should have considered how an auditor would have accounted for the practices in his or her independent judgment. Instead, Arthur Andersen acquiesced to Enron's choices. This fatal error led to Arthur Andersen's demise.
Former WorldCom CEO Bernie Ebbers had an appealing rags-to-riches life story. Ebbers came from a relatively lower-class background, paying his own way through college as a milkman, to eventually head one of the largest companies in the world. To attack such an entrepreneurial, charismatic CEO's legend with an audit report wouldn't have been easy. But the WorldCom fraud shows the value of professional skepticism and the risk of losing it.
The fraudulent financial reporting involved two significant aspects: capitalizing rather than expensing certain questionable transactions and booking fictitious revenue. The auditing firm, again Arthur Andersen, didn't consider how an independent, professionally skeptical auditor would have recorded these transactions. Instead, Arthur Andersen bowed to WorldCom's judgment. That let the fraud remain undiscovered for a much longer time.
RELATED ARTICLE: Audit regulators say get more involved!
Auditing and accounting regulators want management-including CFOs and controllers-to work more closely with auditors and support them better, especially because changes in audit regulations will mean more management involvement in the auditing process.
For example, in February 2014 the IAASB issued "A Framework for Audit Quality: Key Elements that Create an Environment for Audit Quality" (see http://bit.ly/FrameworkAuditQuality). It stresses the need for all audit process participants in the financial reporting supply chain to interact cooperatively and support the auditors.
In June 2014, the PCAoB issued Auditing Standard (AS) No. 18, Related Parties (see http://bit.ly/RelatedParties). It boosts the auditor's responsibility to understand and assess a company's interactions and financial transactions with company executives (i.e., insiders). Auditors will be looking at executive officer compensation and the key role executive officers (including CFos and controllers) may play in accounting decisions or financial reporting. The PCAOB's goal was to heighten the auditor's attention to incentives or pressures for the company to achieve a particular financial position or operating result. And it means auditors will be taking a closer look at what executives are doing and will be interacting with them more.
On April 16, 2014, the European Union (EU) Parliament issued Directive 2014/56/EU, which approved final rules requiring audit firm rotation after 10 years (http://bit.ly/DirectiveEU). Previous EU rules mandated audit partner rotation (not firm rotation) every seven years. A provision in this rule does allow for an extension to 20 years, and member states are allowed to adjust the rules independently. The rule's purpose is to address the familiarity threat and to reinforce auditor independence. Audit firm rotation in Europe and the United States will bring more management involvement. Companies forced to change auditors more regularly will have to establish procedures and protocols for these recurring events.
RELATED ARTICLE: Audit tips and traps management's checklist.
Regulatory changes will mean closer auditor relationships with financial executives and their staffs. Be proactive by briefing your staff and establishing rules for productive interaction.
[check] Cooperatively support the auditor in his or her work.
[check] Avoid common misperceptions about auditors or the audit.
[check] Avoid seeing the audit as a necessary evil or a threat.
[check] Realize that the auditor is neither a friend nor a foe of the company.
[check] Help the auditor maintain professional skepticism. Beware of the cult of personality or an attitude that the company or CEo is too important or too big to fail.
[check] Ensure clear communication between auditors and executives.
[check] Establish procedures and protocols for mandated auditor change or rotation and to build a trusted working relationship with a new auditing firm.
[check] Keep in mind that the audit's purpose is to enable the auditor's key roles. It isn't a punishment or adversarial exercise. That will help expedite the audit and establish a trustful relationship with the auditor.
[check] Provide quick responses to auditor requests. Avoid long delays in delivering requested materials and documentation. That can make the naturally suspicious auditor even more suspicious.
[check] Provide clear and concise answers to the auditor's inquiries.
[check] Be open about any contentious accounting issues where the company chose between a number of alternatives. Bring any unusual or questionable accounting treatment to the auditor's attention in the early stages of an audit. Then you can discuss the issues and resolve them.
[check] Don't feel threatened by the auditor's PCAOB-mandated monitoring of insider company executives. Financial officers must view this closer monitoring of their actions from the perspective that they have nothing to hide.
[check] Be very thorough in dealing with the auditor, and demonstrate that financial officers were also very thorough in determining what accounting treatments to use.
[check] Remember that the auditor has a job to do, just like the company's financial staff.
GEORGE E. NOGLER, CPA, CGMA
George E. Nogler, CPA, CGMA, DBA, is an associate professor at Merrimack College in North Andover, Mass. He specializes in audit quality control consulting and has nearly 40 years of experience as a practicing Certified Public Accountant (CPA). You can reach George at firstname.lastname@example.org.
|Printer friendly Cite/link Email Feedback|
|Author:||Nogler, George E.|
|Date:||Jul 1, 2015|
|Previous Article:||Brand value: 'hidden' asset in plain view.|
|Next Article:||Supporting your career pathway.|