By Robert N. Waxman

Much of the capital formation process in America relies on investors and lenders being ready and able to commit their own funds (or funds they control) to make investments in or loans to both public and private companies. Among other things, before committing their money, these investors and lenders (along with investment analysts and rating agencies) rely on management’s abilities and integrity and their representations, the company’s financial statements, and the auditor’s opinion that these financial statements “present fairly, in all material respects, the financial position, results of operations, and cash flows of the company, in conformity with accounting principles generally accepted in the United States.”

Management’s Role in Financial Reporting

It is well understood that the financial statements and the accompanying footnotes that are presented in conformity with generally accepted accounting principles (GAAP) are management’s responsibility. Management is responsible for selecting and applying the company’s accounting policies, and making sure that these financial statements (and other disclosures both in and outside of the financial statements) are neither false nor misleading. It is management who is directly responsible for establishing and maintaining a system of internal accounting controls and for keeping accurate books, records and accounts.

In a registered securities offering, the parties subject to liability for material misstatements or omissions contained in the registration statement include everyone who signs the registration statement, every director, the underwriters, control persons and the experts (e.g., the independent auditor).

Today, management, the board and the audit committee have an obligation to their shareholders, lenders and others to make sure that the company has a properly functioning and appropriately governed internal audit function. The New York Stock Exchange, in their recently proposed new listing standards for public companies, significantly increases the role of the internal auditors and audit committees in the governance process. There is little question that in the future the internal auditors will have more status and a much greater role to play.

Among many varied duties, internal auditors will examine, analyze, evaluate and monitor the adequacy and the effectiveness of internal controls. In effect, the internal auditors are an integral part of the system of internal control. Other functions of the internal auditor may include the review of the reliability and integrity of financial and operating information, thereby enhancing the credibility of the financial statements and disclosures; the execution of audits of specific areas or operational functions; and direct assistance to management and the board of directors in carrying out their operational and legal duties. The internal auditors may review and assess the company’s business risk management process; perform procedures to detect accounting and financial reporting errors, fraud, and illegal acts; examine any noncompliance with the corporate code of conduct and regulatory requirements; coordinate the external audit process; and establish a direct line of communication with the audit committee.

Not every company has an internal audit function and some companies outsource this function, but whether internal or outsourced, the internal auditors ideally should be independent of the audit activities and independent from the day-to-day internal control processes.

The Auditor’s Role

Under our federal securities laws, the independent auditors (CPAs) are considered one of the “gatekeepers” to the public securities markets. The securities laws require that independent auditors examine the company’s financial statements and render an opinion on financial statements filed with the Securities and Exchange Commission. Under the Securities Act of 1933, without an opinion, a company cannot satisfy its regulatory requirements for audited financial statements and consequently cannot sell securities in the U.S. markets.

As we know, the auditor’s responsibility is to express an opinion on the financial statements, and the CPA’s report is the medium through which he or she expresses or disclaims an opinion. The opinion provides the public with assurance over and above that which management provides when the opinion says that the audit was conducted “in accordance with auditing standards generally accepted in the United States and those standards required that he (or she) plan and perform the audit to obtain a reasonable assurance about whether the financial statements are free of material misstatement” (whether caused by error or fraud).

Current auditing standards say that the auditor has a responsibility to plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatements, whether caused by error or fraud. As for illegal acts, the auditor’s responsibility to detect misstatements is the same as that for an error or fraud. However, it should be noted that because of the nature of audit evidence and the characteristics of fraud, the auditor is only able to obtain reasonable, but not absolute, assurance that material misstatements are detected. The auditor has no responsibility to plan and perform the audit to obtain reasonable assurance that misstatements, whether caused by errors or fraud, that are not material to the financial statements are detected.

Type of Audit Opinions

Generally Accepted Auditing Standards (GAAS), in addition to the General Standards and the Standards of Field Work, require the auditor to report on his or her audit in certain prescribed ways. The types of reports that may be issued include:

1. Unqualified or standard report.
2. Unqualified report with explanatory language. For example, the explanatory language may be that the opinion is based in part on the report of another auditor; that there is a departure from GAAP due to unusual circumstances; that there are ongoing concern issues; consistency; that quarterly data was omitted; the emphasis of a matter.
3. Qualified report. Here there are material departures from GAAP, inadequate disclosure, and material scope limitations.
4. Disclaimer. The auditor is unable to form an opinion due to a scope limitation, or the lack of independence, or ongoing concern issues.
5. Adverse. There is a material departure from GAAP and the financial statements are not fairly stated.

Major Repairs Needed

There is no question we are now in a transitional stage where everyone will be held more accountable and everyone’s responsibilities are going to radically shift. For auditors to combat audit failures, accounting misstatements and fraudulent reporting, some radical surgery is needed. Auditors need to restructure their entire audit approach. There must be more emphasis on the rules of ethical conduct; a better understanding of audit objectives of each engagement; better planning for the audit; a vastly improved understanding of materiality and risk; and a new approach to the evaluation and tests of internal accounting controls. Additionally, there must be greatly expanded audit tests and more audit evidence gathered; major improvements in the documentation of the work done by the auditor and the results of the examination; the adoption of better, clearer records retention policies; and a deeper knowledge of GAAP.