Who is responsible for the content of the financial statements management or the auditors?

� Business Readings

By M. Frank Barton

Reprinted with permission of the Institute of Management Accountants, from Management Accounting, 1991; permission conveyed through Copyright Clearance Center, Inc.

In publicly held companies, management produces the financial statements showing the results of operations and the financial position of the company. The auditor�s role is to consult with management if any deficiencies have been identified through an audit. Assuming that all discovered material deficiencies are accounted for, the external auditor certifies that, based on his examination of the financial statements and their underlying documentation, the statements do fairly represent the financial position of a firm at that time.

The depth of the audit can vary; it depends on the cost of more audit time versus the potential benefit of a greater level of assurance. Thus, if external auditors are assigned the task of assuring that there is no fraud in financial statements, the cost of audits inevitably will rise�probably dramatically.

Only management has the resources (internal auditors) and the authority to institute internal controls and the leadership to establish and maintain the standards of ethics. Such leadership is necessary to provide even a reasonable level of assurance that the financial statements are fair representations of the company�s financial condition.

In an effort to increase management�s awareness of and responsiveness to its responsibility for the financial statements, the Commission on Fraudulent Financial Reporting, in its April 1987 report, made many significant recommendations, among which the following two would be most far reaching:

"The Auditing Standards Board should revise the auditor�s standard report to state that the audit provides reasonable but not absolute assurance that the audited financial statements are free from material misstatements as a result of fraud or error."

"All public companies should be required by SEC rule to include in their annual reports to stockholders signed by the chief executive officer and chief accounting officer. The management report should acknowledge management�s responsibilities for the financial statements and internal control, discuss how these responsibilities were fulfilled and provide management�s assessment of the effectiveness of the company�s internal controls." 1

Together, these two recommendations not only would make the public aware of the inherent limitations of cost/benefit�driven external audits and management�s ultimate responsibility for the financial statements, but they would also force management to assume its responsibility for assuring that the statements are fair.

The Survey

As part of a larger ongoing research project to discover the views of management as to the relative responsibilities of management and of external auditors, we sent survey questionnaires to 250 presidents and CEOs of the top 1,000 businesses according to sales, selected from Ward�s Business Directory. We received 77 responses (31%) to our mailing. The survey identified areas of responsibilities likely to be presented in financial statements and the functions involved in gathering the information for the statements. Items were selected to determine the presidents� and CEOs� perceptions of who is responsible for completeness and accuracy of information presented in financial statements, specifically how much responsibility the external auditor has for:

• Detection of fraud,
• Reasonableness of estimates,
• Inadequacy of internal control.

The questions were asked and answered as follows: Assuming management�s responsibility for the financial statements is 100, what is the external auditor�s responsibility (so that an answer of 50 versus 120 would indicate the auditor had 50% or 120% of the responsibility of management respectively)?

Detection of Fraud

We expected the answers to share two characteristics: consistency and the opinion that the auditor�s responsibility should be minimal. This expectation was consistent with the cost/benefit�constrained audit and with the wording of the opinions given by the external auditor, specifically, that the financial statements are representations of management.

As it turned out, however, the coefficient of variation, which measures the degree of dispersion in the responses, was 77% for fraud and indicated that the CEOs have no consistent view of the external auditor�s responsibility for fraud detection. CEOs� views on estimates and internal control were somewhat more consistent.

The presidents and CEOs are split into two groups, one indicating that the external auditor�s relative responsibility is significantly less than management�s responsibility (61% answered 50 or less) and the other responding that the external auditor�s responsibility is equal to or even greater than that of management.

Specifically, 39% of these corporate leaders perceive the external auditor as having a factor of 75 to management�s 100 of the responsibility, or higher, which gives the external auditor essentially equal responsibility for detecting fraud. Also, 27% of managers perceive the external auditors as shouldering equal or more responsibility.

Considering that external auditors spend as little as a month pulling samples of transactions based on judgment and/or a statistical method, it would seem obvious that there is little guarantee of their uncovering any fraud. Granted, the external auditor also analyzes internal controls, but this analysis in no way assures that internal controls are adhered to throughout the year. Maintaining compliance with internal controls is the domain of management. Again, the external auditor uses samples to assess the level of compliance, based on judgment and/or statistical methods.

To be more emphatic, management must have a clear and consistent understanding of its primary role as guardian of the firm�s assets. Only management has:

• The resources in the form of internal auditors,
• The authority to institute and enforce internal control procedures, and
• The leadership position to establish and maintain the standards of ethics necessary to provide even a reasonable level of assurance that the financial statements are fair representations of the company�s financial condition.

Reasonableness of Estimates

As to the responsibility for assuring reasonableness of estimates, again we expected the CEOs� responses to show a consensus and an understanding of the extent of management�s responsibility. Who else but management would know or should know whether estimates are reasonable or deceptive? Consider, for example, the case of the division controller of a consumer products corporation who decreased the amount of reserves set aside for inventory obsolescence, bad debts, and coupon redemption by a total of $2 million (as compared to sales of $98 million) at the end of a quarter because the corporation needed the profit. 2

It is true that, out of necessity and in an effort to meet their professional responsibilities, public accounting firms have developed or have hired experts to assess the reasonableness of various estimates. Nevertheless, how, in fact, can the external auditor be expected to know more about a business than the ones who manage it day in and day out, year after year?

The results were not only inconsistent, but a large percentage of presidents and CEOs consider the external auditor to have a significant responsibility for assuring that estimates are reasonable. More than one-fifth of the managers believe that external auditors have equal responsibility. Note, however, that the mode for this question is 50 with 35% and that 65% indicated 50 or below.

Inadequacy of Internal Controls

Judging the adequacy of internal controls usually is considered the domain of accountants, so it was anticipated that some CEOs would assign more responsibility to the external auditor than other CEOs. Specifically, some companies have established professionally competent internal auditors and management accountants whom they rely on to audit and manage internal control, respectively. Other CEOs would rely more extensively on the internal control evaluations. Thus, it would be more likely that this question would generate a wide range of responses. The anticipated results were verified with a coefficient of variation of 52%. . . .

Again, many CEOs do not fully appreciate management�s critical role as guardian of the firm�s assets. Almost 36% of the CEOs give the external auditor equal or greater responsibility. Yet is it not management that establishes and oversees the procedures that constitute internal control?

Solutions

As pointed out earlier the revision of the auditor�s standard report and a decision by the SEC to mandate a management letter would bring about two important changes:

• Management would be required to understand and accept its ultimate responsibility, and
• Management would have to document and assess its own efforts at preventing fraudulent financial statements.

To reduce the discrepancies in management�s view of its role, managers must be educated at all levels as to their responsibility for the integrity of financial statements. Along the same lines, managers must learn which factors can lead to fraudulently misstated financial statements and how to institute the internal control measures necessary.

Finally, any president or CEO who may view the external auditor as an adversary to be swayed to management�s interest would now have an incentive to change this outlook. In particular, because management would be acknowledging its responsibility by way of the signed statements of the CEO and the chief financial officer, it then should look on the external auditor as an advisor and consultant and not just as a necessary step to satisfy a regulatory requirement.

In spite of the disparity in the presidents� and CEOs� responses, a significant number of CEOs appear to understand the extent of management responsibility. For example, 15% of the respondents indicated that external auditors had a factor of less than 15 of the responsibility as compared with management�s 100. Although some other presidents and CEOs apparently perceive the auditor as having essentially equal or even more responsibility than management, the previous suggestions will do much to increase the consciousness of management as to its ultimate responsibility for detecting and preventing fraud.

Discussion Questions

• According to the survey, what is management�s view regarding auditors� responsibility to detect fraud, and what should the role of auditors be?
• According to the survey, what is managment�s view regarding its responsibility for estimates and internal controls, and what should its responsibility be?

1. Exposure Draft, Report of the National Commission on Fraudulent Financial Reporting, April 1987. �back
2. Kenneth A. Merchant, Fraudulent and Questionable Financial Reporting: A Corporate Perspective, Financial Executives Research Foundation, 1987. � back

Who is responsible for the content of financial statements?

Who is responsible for preparing financial statements true?

Who is accountable for financial statements?

Do auditors prepare financial statements?