ROLE OF AUDITORS
In defence of auditors: detecting fraud is not their main job — but that could change
Probing wrongdoing is the task of the forensic audit, but perhaps the scope of the financial statement audit should be broadened, writes Andrew Mackie
Media reports of corporate failures, globally and locally, have shone a spotlight on the role of auditors and what a financial statement audit entails. While reporting and criticism of the profession have been focused on the audit quality debate, understanding of the role of the auditor remains limited.
Dubbed the "expectation gap", there is a discrepancy between what an audit does and what people think it does or should do. Trust and confidence have partly fallen due to this gap, with many stakeholders expecting an infallible audit, with a guarantee about the absence of fraud and misstatements irrespective of how immaterial they are.
The roles and responsibilities of the parties involved in the financial reporting process should be clearly understood and upheld. The management should be held accountable by shareholders for the effectiveness and reliability of its internal controls and for creating a culture of honesty and ethical behaviour, which should be actively reinforced by the board. The external auditor’s role is to provide reasonable assurance on whether a company’s financial statements are presented fairly, in all material respects, in accordance with the financial reporting framework of the jurisdiction in which the company operates.
The auditor should be aware of the potential management override of controls and that the audit procedures designed to detect error may not be effective in detecting fraud.
Auditors must objectively examine the company’s financial statements and use their professional judgment in reaching the audit opinion.
The financial statement audit is conducted in terms of the International Standards on Auditing. The standards highlight that the primary responsibility for the prevention and detection of fraud lies with a company’s board and management. The responsibility of the auditor is to maintain professional scepticism throughout the audit, an attitude that includes a questioning mind, being alert to conditions that may indicate a possible misstatement due to fraud or error and a critical assessment of evidence.
The auditor should be aware of the potential management override of controls and that the audit procedures designed to detect error may not be effective in detecting fraud. As such, fraud may be detected in the audit process, but the audit is not specifically designed for this purpose as it is not an official investigation into wrongdoing.
In terms of the International Standards on Auditing, the auditor is not expected to, and cannot, provide certainty or absolute assurance that the financial statements are free from material misstatement due to fraud or error. This is due to the inherent limitations of an audit, which result in most of the audit evidence being persuasive rather than conclusive. The limitations of an audit arise from, inter alia, the judgment applied by the management in preparing the financial statements, the practical and legal limitations on the auditor’s ability to obtain audit evidence and the time constraints for audited results given that the relevance of the information diminishes over time.
Detecting misstatement of the financial results due to fraud is more difficult than detecting misstatement due to error. Fraud in its very nature is designed as a complex scheme to conceal the wrongdoing. The auditor’s ability to detect fraud may be affected by the seniority and skilfulness of the perpetrators, the extent of the fraud and the degree of collusion involved.
An unavoidable risk exists that some material misstatement of the financial statements may remain undetected, despite an audit being properly planned and executed. Consequently, fraud might remain concealed to the external auditors, even if a thorough financial statement audit is conducted.
The detection of fraud as a primary focus falls within the realm of the forensic audit.
The question arises whether the scope of the financial statement audit should be broadened to include the detection of fraud. A consideration of the role and scope of the audit should focus on what could and should be done to meet investor and societal expectations.
The status quo is unsustainable and change is inevitable. A new consensus must be built around the role of the auditor and the scope and expectations of an audit. It is our priority to find workable solutions to address concerns and ensure we serve the public interest.
We support an independent review of the role and responsibilities of auditors with input from investors, regulators, standard setters, auditors and especially the public.
Establishing a truly independent review or commission with collaboration by many interested parties will allow for a robust assessment on whether audit meets the needs of 21st century investors and society, and recommendations on how to move forward accordingly.
• Mackie is audit leader for Deloitte Africa.