Auditor liability has always been one of the main concerns of the public. Often falling under common law, tort law or both, public liability claims can arise out of unfair or unjust practices when it comes to auditing a company’s financial standing (Lambe, 2007). The auditors can be held liable for approving a fraudulent account on behalf of a business organisation.
Auditor liability, or failure to detect and report illegal manipulations of financial statements, could lead to serious damages for the shareholders of the company (Schaefer, 2004). In most cases, a fraudulent act exists when one or more auditors, on behalf of a company, approve inaccurate accounting for the reason of tax evasion or to strategically register for an Initial Public Offering (IPO).
To prevent moral hazard associated with auditor liability, the British Serious Fraud Office has imposed heavy penalties on swindlers and white collar criminals in order to shut down or suspend suspicious businesses (Country Updates, 1997). On the other hand, auditors who are found guilty of professional negligence may end up facing a monetary loss or penalty through punitive fines and/or the confiscation of their licence to practise in the United Kingdom.
According to Priddy (2011, p. 59), as stated by Michael Power of the London School of Economics, “it was not ‘reasonable’ to expect auditors to be challenging business models and raising strategic issues with finance directors, because that was not their job ‘and if we want it to be their job, then things would have to change quite substantially’ â€¦ The direction of my comment is that we might be expecting too much from this black box [External Audit] in terms of what it actually delivers”.
In response to Power’s statement, this report will first discuss the roles and responsibilities of external auditors and then provide a brief overview of corporate governance. In line with this, there is a strong need to go through some business theories and concepts that will enable readers to have a better understanding of how businesses function in the corporate world. Based on the individual offices and duties of shareholders, internal and external auditors, the board of directors, and the Chief Executive Officer (CEO), this report will explain the limitations of the roles and responsibilities of external auditors when it comes to detecting and controlling fraudulent business activities.
Roles and Responsibilities of External Auditors
External auditors are professionals who are hired to conduct audits based on the rules or laws on creating financial statements for the government, a private company, or a legal organisation (The Institute of Internal Auditors, 2011). According to Kwok (2005, pp. 151-161), accounting irregularities can be made for the purpose of tax evasion or theft, for instance, creating ghost employees, skimming from the proceeds, or stealing an asset. Specifically in the United Kingdom, Chartered Accountants and Certified General Accountants are the groups of individuals who are qualified to conduct external auditing.
According to Poorter (2008), auditors practising within the United Kingdom have to perform a special duty of care towards a liable third party. This means that external auditors are made responsible for the fair, just and reasonable treatment of the company’s external shareholders. In case of a binding contract between the company and its shareholders, it is a general rule for the external auditor(s) to fulfil his or her statutory duty as an auditor to shareholders collectively.
As a standard operating procedure, external auditors are expected to evaluate the financial statement of an organisation on a yearly basis (Hicks and Goo 2008, p. 261). Upon going through the financial statement of a government, a private company, or a legal organisation, external auditors are expected to come up with a professional opinion regarding the financial statement presented to them by the organisation (Kwok 2005, p. 178). Correspondingly, external audit committees are expected to determine whether the accountants are able to adapt along with generally accepted accounting principles or whether they have made appropriate judgments, estimates, and complete disclosures in the financial statements (Hicks and Goo 2008, p. 259; Kwok 2005, p. 178). Given that the external auditors find something inappropriate in the presented financial statement, they should report their complaints to the company to allow the board of directors to review.
As part of protecting the company and its shareholders, external auditors are expected to determine any possible damages that could result from the company owners’ major business decisions. Considering that external auditors are liable to both the company for which they work and the shareholders of the company as a third party, external auditors should avoid coming up with a biased judgment by making use of their best professional knowledge to protect the interests of everyone involved.
Although internal and external auditors technically have the same roles and responsibilities when it comes to auditing a financial statement, an important difference between the two is that an external auditor is an independent party outside the organisation being audited (The Institute of Internal Auditors, 2011). Another difference between internal and external auditors is that the general public, large groups of investors, and government agencies have the tendency to rely more on the audit report coming from the external auditors than the report presented to them by the internal auditors.
Brief Overview with regards to Corporate Governance
According to Colley et al. (2005), corporate governance refers to a system of authoritative direction or government which carefully examines the individual roles and responsibilities of the business owners, the shareholders, the board of directors (executive and non-executive), the CEO, and accountants. Since corporate governance is composed of both neutral and objective corporate values (Solomon 2007, p. 4; Haller and Shore 2005, p. 18), a lot of people consider good corporate governance as an acceptable model of business ethics and a moral duty on the part of a corporation’s executives and board of directors.
Board of Directors
Aguilera et al. (2008) revealed that corporate governance is often considered as the basis for making policy for a business organisation in relation to the actual structure of the board, the activism of the shareholders, and overall business performance. With regards to organisational policies and procedures, the board of directors within a business organisation has a significant role to play when it comes to successfully implementing corporate governance (Nordberg, 2007; Kim and Nofsinger 2006, p. 41). For this reason, the members of the board are required not only to carefully analyse the corporate financial report, but also to meet regularly to discuss the proposed strategic plans and issues that will significantly affect the success of the business (Solomon 2007, p. 103).
Executive and Non-Executive Directors
The board of directors is composed of executive and non-executive directors. As part of strengthening corporate governance, the company’s board of directors is given responsibility for making important decisions in the best interests of the company and its shareholders (Mallin 2007, p. 125).
Aside from determining corporate goals, developing strategic plans that will enable the business to meet those corporate goals, and implementing organisational policies to meet the business’s objectives (Mallin 2007, p. 124; Kim and Nofsinger 2006, p. 41), the board of directors is responsible for controlling operations, making decisions for resource acquisitions, and driving improvements in the quality of service (Carpenter, 1988; Pfeffer and Salancik, 1978). Since not all of the members of the board are directly or actively engaged in the daily business operations of a company, readers should be aware of some crucial distinctions between the roles and responsibilities of executive and non-executive directors with regards to corporate governance.
It is common business knowledge that the executive directors are the ones who are directly involved in the daily business transactions that occur within and outside of the company, whereas the non-executive or outside directors are not. Despite the differences between the responsibilities of executive and non-executive directors, the Commission has publicly announced under the Action Plan “Modernisation of company law and enhancing corporate governance in the European Union” that all of the board of directors (regardless of whether they are executive or non-executive) should at all times ensure their collective responsibility when it comes to monitoring the financial and non-financial information behind the corporation (Communication from the Commission to the Council and the European Parliament, 2003).
Unlike the non-executive directors, the executive board of directors can easily access valuable business information such as corporate financial statements. By accessing this information, executive directors are able to examine company records on daily sales and expenses and other major business transactions like public shares, loans and investments. In the process of going through the company’s financial statements, executive shareholders should be on the lookout for any signs of unusual business activity that could adversely affect the long-term operation of the business.
Similar to the role of executive directors in corporate governance, it is the role and responsibility of the non-executive directors to reduce conflicting interests between the actual shareholders, the executive board of directors, and the management team who works behind the company (Solomon 2007, p. 82 and 92). For this reason, Waldo (1985, p. 5) strongly suggests that the best way for the executive and non-executive directors to perform their duty effectively is to actually go through the company’s business information, including the corporate financial statement.
Even though the non-executive directors are inactive in terms of monitoring the daily operations of a company, several studies revealed that the non-executive directors are expected to strictly and regularly monitor the progress of the overall business, its legal and ethical performance, strategic choices and implementation techniques used by the top management, including the appointing or removal of the members of the senior management aside from giving the rest of the board members some advice with regards to the strategies used in enabling the company reach the corporate goals and business objectives (Solomon 2007, p. 82; Carpenter, 1988)  . By closely monitoring the daily activities of the company’s executive directors, the non-executive directors should make the executive directors accountable for the company’s shareholders and external investors (Mallin 2007, p. 132; Solomon 2007, p. 88; Fama and Jensen, 1983).
Solomon (2007, p. 86) revealed that there is a link between the role of non-executive directors and the role of institutional investors in the sense that the non-executive directors’ effort in ensuring that the business is free from any forms of corruption could somehow protect the socio-economic welfare of the company’s public investors. Several authors suggest that the non-executive board of directors is strongly encouraged to actively participate in the board meetings with the rest of the directors and shareholders to protect the interests of the public investors (Mallin 2007, p. 125; Solomon 2007, pp. 86-88).
Roles and Responsibilities of Accountants
In general, accountants are not only made responsible for producing an accurate, true, and fair financial statement that not only enables the senior managers to make important business decisions, but also give the public stockholders the privilege of accurately monitoring their investments in the company. Because corporate accountants maintain accurate and transparent financial accounting information at all times, accountants play one of the few most important roles in the development of effective corporate governance.
To ensure that the company is able to come up with an accurate corporate financial statement, the business organisation should hire internal and external auditors who are qualified in monitoring fair and true financial values.
Romano (1996) explained that the shareholders have the authoritative power to influence the manifestations of legal and/or illegal business transactions. Given that most of the corporate shareholders are the business owners, these individuals are the ones who are in the position to select and elect their preferred members to the board for the purpose of managing the business affairs. On the other hand, it is the board of directors who appoint, hire, and delegate specific roles and responsibility to a selected CEO. In a normal business setting, it is the CEO who is in charge of managing the actual business operations. For this reason, the CEO is often made accountable not only to the business owners but also to the board of directors.
Upon analysing the corporate structure that is commonly used in large-scale companies, it is often the business owners – together with the voluntary participation of the executive directors, the CEO, and the accounting manager – who have the authoritative power to manipulate the company’s official business documents. By going through the corporate financial statement, the non-executive board of directors should search for any signs of unusual business activities that could create serious consequences for the company. To prevent coming up with a biased judgment, the non-executive board of directors should consult with the internal or external auditors regarding any signs of unusual business transactions.
Due to the flow of authoritative power within a business organisation, it is possible on the part of the shareholders, the members of the board, and the CEO to enter into business collusion with the business owners. By engaging the cooperation of accountants, business owners and corporate leaders may easily manipulate corporate financial records at the expense of the stakeholders and external shareholders. According to Becht, Jekinson and Mayer (2005), collusion among corporate leaders makes corporate governance one of the most controversial topics related to business and finance.
Cassill and Hill (2007) explained that according to the principles of corporate governance, by voting on major financial decisions, the board of directors is made responsible for ensuring a balance between the business owners’ monetary interests and actual profit-sharing with the company’s employees and the rest of the other stakeholders. Several authors agree that corporate governance should be based on neutral and objective corporate values (Solomon 2007, p. 4; Haller and Shore 2005, p. 18). Since there is plenty of opportunity for the business owners to manipulate the board of directors to support their own personal interests, the concept of corporate governance can easily be violated at the expense of the majority of employees and public investors.
A corrupt business culture is one that not only does not balk at accepting bribery, but may also be open to the practise of illegal offshore financing or the intentional manipulation of the actual financial statement (Dine, 2008). Within a business organisation, the board of directors and executives are among the few individuals typically behind the practise and development of a corrupt culture. For this reason, Dine (2008) revealed that European corporate law, following the UK model of corporate governance, is focused on investigating shareholders and the board of directors.
Two good examples of real-world scenarios in the history of finance are the cases of WorldCom and Enron. In the case of WorldCom, its board of directors failed to fulfil their duty in terms of closely monitoring the executives’ management activities (Monks and Minom 2004, p. 509). This made them unable to protect the interests of their stakeholders. In the case of Enron, a total of 18 directors, including the CFO, ex-CEO, chief accounting officer and chief risk officer, voluntarily participated in the CEO’s decision to manipulate the company’s financial statement (Kim and Nofsinger 2006, pp. 52-53; Davis, 2005; CNN Money, 2004).
Limitations in the Roles and Responsibilities of External Auditors when it comes to Detecting and Controlling Fraud Activities in Business
Although the general public, government agencies, and a large number of investors rely heavily on the audit reports coming from the external auditors, there are still some limitations with regards to what the external auditors can do in detecting and controlling fraud activities that could happen within a profit or non-profit organisations. Hicks and Goo (2008, p. 258) explained that “it is the management’s responsibility to prepare complete and accurate financial statements and disclosures in accordance with the financial reporting standards and applicable rules and regulations”. Therefore, it is wrong to believe that the external auditors are solely responsible for preventing the incidence of financial fraud.
As stated by Kwok (2005, p. 168), “an audit does not guarantee the detection of all material misstatements because of such factors as the use of judgment, the use of sample testing, the inherent limitations of internal control, and the fact that much of the evidence available to the auditors is persuasive rather than conclusive in nature”. Since external auditors are auditing financial statements that are presented to them by the corporate accountants, it is expected that external auditors could only provide the general public, investors, and government agencies with a reasonable assurance that the audited financial statements are free of misstatements, alteration of the accounting records, honest accounting errors, or falsification of the financial statements.
Based on the Court’s decision in the case of Caparo (Richards, 2004), “in the absence of any contract between the auditor(s) and either the investor, a potential investor, or any other third party involved, no duty of care will be owed.”  Despite the external auditor’s responsibility to double check the accuracy of a company’s financial statements, external auditors who work for a public company owe no duty of care outside the existing shareholders who purchase stocks in reliance on a statutory audit. It simply means that the external auditors can only be held liable to investors, potential investors, or any other third party involved only if there is a written contract stating that the external auditor owes them duty of care. In fact, external auditor(s) who are held liable for pure economic loss are considered as a case of simple negligence under contract law. Schaefer (2004) explained that the case is different when the auditor(s) are being judged based on tort law because tort law does not include a pure economic loss as a negligent act.
Considering the difference between a contract law and a tort law, external auditor(s) who are found guilty of negligence will be held responsible and will be obliged to pay for the victims’ loss. In case an external auditor violates any of the auditing guidelines and is found guilty, the accused external auditor(s) will not be held responsible to compensate the victims’ loss because of the fact that tort law excludes liability of a pure economic loss. In other words, the victim of a wrong audit can demand a claim against those people guilty of the wrong audit under a contract law (Ewert, 1999). Given that the general public can prove that both external auditor(s) and the managers of the company colluded against the outside stakeholders, the stakeholders of a given company can demand a claim against both the parties involved.
Even though external auditors can be held liable for negligence and misconduct, there is still a limit as to whether an auditor can be held liable for a misconduct or not. For example, in case an external auditor has not provided the actual report to the company he works for, any law suit filed during the time frame wherein the external auditor has not yet submitted his final report will not be considered punishable by the Court, because technically there is no duty of care that exists between the company and the external auditor(s) (Poorter 2008, p. 70).  In other words, the duty of care between an external auditor(s), the company, and the shareholders of the company will only exist when the external auditor has already submitted his final report to his client, the company.
Basically, the extent of auditor liability will depend on the Court judgment and the degree of damages caused by the act of negligence that has occurred in the process. In line with this, it is possible for an act of negligence to occur when the external auditor(s) and the owner or manager of the company agree to underestimate the actual revenue of the company in order to pay lower taxes to the government; or both parties may agree to overvalue the company in order to be able to get a better price when selling the company’s shares to the public. Since there are different ways in which auditor liability may occur, the Court will be responsible for the investigation behind the said act of negligence.
According to Schaefer (2004, p. 9), external auditor(s) with a binding contract towards the third party involved should not be held responsible for the loss that may occur in the purchase of stocks as long as the auditors did not take any actions that could trigger the decline in the stocks’ value. Therefore, external auditor(s) who did not manipulate the value of stocks are free from being held responsible in case the value of stocks depreciated. Rather than considering the loss of a public investor as a result of negligence on the part of the external auditors, the public investors are expected to be responsible enough to study the market first before they invest their money in the stock market.
In case the general public is able to prove that external auditors were behind the manipulation of stock prices in such a way that they depreciated over time, then the Court has the option to make the company, including those people who were directly involved in the process of the fraudulent act, partially liable for the victims’ monetary losses. However, if a buyer was able to sell his share of stocks at an overvalued price for the reason that the internal and external auditors were not able to accurately detect the true market value of the company’s stocks, the person who bought the overpriced stocks will have to compensate for the loss simply because it was the buyer’s decision to purchase an overpriced share of stocks.
The personal obligations of external auditors to the general public or public investors is limited for the reason that the roles and responsibility of the external auditors are limited in terms of determining whether the accountants were able to present the financial statement based on the rules or laws accepted for the development of financial statements for the government, a private company, or a legal organisation. Likewise, external auditors are also made responsible for detecting any potential accounting irregularities made for the purpose of tax evasion or theft by the creation of ghost employees, skimming of the proceeds, or theft of an asset.
Under the principles of corporate governance, the board of directors (executive and non-executive directors), the Chief Executive Officer (CEO), and the accountants have different roles and responsibilities in protecting the socio-economic welfare of the corporate stakeholders, including public investors. In case of a fraud scandal, it would be a misconception to put the blame purely on external auditors, since the board of directors (executive and non-executive directors), the Chief Executive Officer (CEO), and the accountants share responsibility in protecting the socio-economic welfare of the corporate stakeholders, including public investors.