The POB’s 2000 Panel on Audit Effectiveness, considered the most comprehensive study of the profession ever done, called for auditors to use forensic techniques in every audit, assume the possibility of management dishonesty, and incorporate an element of surprise into audits. After spending two years in committee at the AICPA, the suggestions finally emerged in much-watered-down form as SAS No. 99. For instance, the strongly worded POB report called for auditors to “modify the otherwise neutral concept of professional skepticism and presume the possibility of dishonesty at various levels of management including collusion, override of internal control, and falsification of documents.” It recommends a forensic/fieldwork phase during every audit of a public company. SAS No. 99, in contrast, focuses more on risk assessment than on forensic procedures. “The AICPA was happy with the way things were,” says Arthur Bowman, editor of Bowman’s Accounting Report.
The New Sheriff in Town
The AICPA’s reluctance to make dramatic changes may explain why Congress transferred responsibility for setting standards to the PCAOB. The board’s newly named chief auditor, Douglas Carmichael, who has gone from writing audit standards to testifying as an expert witness against audit firms, calls current auditing standards “a lot of explanation about what an auditor does or might do, and very little about what he is required to do.”
Carmichael’s appointment to the PCAOB has been applauded by a variety of observers. Industry critics love him because they believe he will be less influenced by both corporate finance executives looking to hold down costs and by the industry itself.
Frank Borelli, former CFO of Marsh & McLennan Cos. and chairman of the Express Scripts Inc. audit committee, lauds the appointment as well. “Carmichael is going to make a difference,” he says. “I’m glad to see they appointed someone with that kind of vigilance. That’s the only way we’re going to see if auditors are doing what we want them to do.”
The fundamental question is: What do we want them to do? What is the point of an audit? Auditors and companies contend that the purpose of an audit is to back up a company’s contention that its numbers are “reliable.” “An audit is a test of a company’s records that backs up the company’s representation of the company results,” says Greg Weaver, national managing partner for assurance at Deloitte Touche Tohmatsu. “We’re doing a test of assertions.”
But can auditors be sure results are reliable without testing for fraud? Auditors say it’s not that they don’t want to catch fraud, but since it’s impossible to catch it 100 percent of the time, they shouldn’t be held responsible if they miss it. “We get it right 98 percent of the time,” says Weaver. “But to do 100 percent verification, you’d basically be recreating the records. There’s no way that anyone could do that at a cost the public would consider acceptable.”
History of a Profession
Historically, accounting has been considered a highly professional and trustworthy profession. Firms have always trained new accountants in the audit function, but with keen oversight from senior partners who saw their firm’s integrity riding on every engagement.