At a glance
Director and national head of Fraud & Forensic Services, Australia, RSM
What would holding auditors liable for failing to detect fraud actually achieve? [More] frauds would be detected, but it would most definitely result in a much more disruptive and far more expensive audit process, and potentially turn people off entering an already dwindling profession.
Because time available to spend on an audit is capped and testing cannot go on indefinitely, the auditor employs a risk- based approach when conducting audit testing, which means not everything is looked at.
This gives the client some reassurance, without bankrupting them.
Due to its inherently illegal nature, fraud is almost always hidden or disguised, making it very difficult to detect.
Even if the auditor was to double or triple the sample size, it would not guarantee a transaction indicating wrongdoing would be selected. If the auditor looked at every transaction comprising the financial statements, the cost would likely far outweigh the dollar value of the fraud committed.
If fraud is discovered after the audit, the auditor doesn’t just shrug and walk away.
Registered company auditors (RCAs) are answerable to the Australian Securities and Investments Commission (ASIC), which has the power to strip an auditor of registration.
Put bluntly, the threat of losing your ability to generate income by using your skill set is a much darker prospect than having to make a claim against indemnity insurance.
Claire Grayston CPA
Policy adviser – audit and assurance, CPA Australia
The governing body and management of the entity hold primary responsibility for prevention and detection of fraud, so blame cannot be placed automatically or solely on the auditor.
The auditor should be liable only if inadequacies in their audit resulted in failure to detect the fraud.
If fraud was perpetrated during a period covered by the auditor’s report on the entity’s financial statements, but not detected before the report was signed off, the auditor should be liable in certain circumstances.
However, it would not be reasonable for the auditor to always be liable.
Primarily, it will depend on whether failure to detect the fraud was due to shortcomings in the auditor’s work.
An auditor’s role is to form an opinion about whether the financial report as a whole is free from material misstatement, whether due to fraud or error.
The auditing standards provide the legal requirements for the conduct of an audit, which is intended to provide reasonable but not absolute assurance that the financial report contains no fraud or errors. It is not a guarantee.
The magnitude of any fraud, whether there was collusion and the sophistication of any concealment, will have a significant impact on whether the audit procedures are likely to identify that fraud.
Due to these factors, the auditor is less likely to detect a fraud than an error, but the auditor still needs to be sceptical and identify and address the risks of fraud.
Roger Darvall-Stevens is a partner and director of RSM in Australia. He has over 25 years’ experience in forensic investigations and forensic accounting; fraud; bribery and corruption control; related training; forensic IT; compliance (including foreign bribery and corruption risk); and corporate security. Darvall-Stevens started his career with the Victoria Police, and spent 13 years with EY as a partner in fraud investigation and dispute services, before joining RSM.
James Madden CPA
James Madden is a director of cloud-based accounting and audit firm, Madden Partners. He has worked as an accountant for over 10 years, focused primarily on not-for-profit audits. Madden is a CPA Australia member, belongs to the National Accountants and Tax Association (NTAA), and is also a CAANZ member.
Claire Grayston CPA
Claire Grayston is policy adviser – audit and assurance, at CPA Australia. She is responsible for monitoring, influencing and contributing to public policy, regulation, standard setting and implementation of audit and assurance practice both within Australia and internationally. Grayston focuses on improving audit and assurance quality, through communication, education and resources, and supporting the future relevance and value of audit, through outreach, thought leadership and innovation.