International Journal of Auditing                                     doi:10.1111/j.1099-1123.2011.00442.xInt. J. Audit. 1...
80                                                                                                     C. Holm et al.et al...
Establishing Proactive Auditor Responsibilities in Relation to Fraud                                                      ...
82                                                                                                 C. Holm et al.irregular...
Establishing Proactive Auditor Responsibilities in Relation to Fraud                                                      ...
84                                                                                                     C. Holm et al.(AICP...
© 2011 Blackwell Publishing Ltd                                  Table 1: Classification of fraud cases based on case docu...
86                                                                                                     C. Holm et al.sever...
Establishing Proactive Auditor Responsibilities in Relation to Fraud                                                      ...
88                                                                                                     C. Holm et al.in [t...
Table 3: Sanctions against auditors in fraud cases 1996–2006*                                  Case ID                    ...
90                                                                                                    C. Holm et al.consid...
Establishing Proactive Auditor Responsibilities in Relation to Fraud                                                      ...
92                                                                                                  C. Holm et al.5. DISCU...
Establishing Proactive Auditor Responsibilities in Relation to Fraud                                                      ...
94                                                                                                     C. Holm et al. 2. T...
Establishing Proactive Auditor Responsibilities in Relation to Fraud                                                      ...
Establishing proactive auditor responsibilities in relation to fraud: The role of the courts and professional bodies in De...
Establishing proactive auditor responsibilities in relation to fraud: The role of the courts and professional bodies in De...
Upcoming SlideShare
Loading in …5
×

Establishing proactive auditor responsibilities in relation to fraud: The role of the courts and professional bodies in Denmark

1,196 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,196
On SlideShare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
16
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Establishing proactive auditor responsibilities in relation to fraud: The role of the courts and professional bodies in Denmark

  1. 1. International Journal of Auditing doi:10.1111/j.1099-1123.2011.00442.xInt. J. Audit. 16: 79–97 (2012)Establishing Proactive AuditorResponsibilities in Relation toFraud: The Role of the Courts andProfessional Bodies in Denmark ija_442 79..97 Claus Holm,1 Lars Bo Langsted2 and Jesper Seehausen3 1 Department of Economics and Business, Aarhus University 2 Department of Law, Aalborg University 3 Auditor, Beierholm Aalborg Over the years, there has been considerable discussion about the extent and exact nature of the responsibilities of the auditor to detect fraud. The purpose of our study is to examine how the courts and professional bodies in a principle-based legal system respond to the change in the audit promulgations introducing proactive responsibilities in relation to fraud. We observe the outcome of actual fraud cases in which the court system and professional bodies in Denmark establish the responsibilities of auditors. The data set includes all publicized cases in the period 1996–2006. We find that the Danish audit profession has adopted the new proactive responsibilities identified by the standard setters, whilst the courts and the professional bodies seem to see ‘the changes’ as mere clarifications of existing responsibilities. The proactive responsibilities are not further accelerated by prescriptive court rulings. Key words: Fraud, auditor responsibility, Denmark, court system, proactive, good audit practiceSUMMARY 1981; Chandler et al., 1993; Bonner et al., 1998; Fraser & Lin, 2004). This is illustrated by theOver the years, there has been considerable continuous ‘clarification’ of pertinent auditingdiscussion about the extent and exact nature of standards on fraud in the United States andthe responsibility of the auditor to detect fraud in similarly by the International Federation ofrelation to audit engagements (e.g., Uecker et al., Accountants (IFAC) in the International Standards on Auditing. It is noticeable that the auditor’s responsibilities in relation to fraud have undergoneCorrespondence to: Claus Holm, Department of BusinessStudies, Aarhus School of Business, Aarhus University, a change from reactive to proactive, asFuglesangs Alle 4, DK-8210 Aarhus V, Denmark. Email: promulgated through the auditing standards (e.g.,hoc@asb.dk Anderson et al., 1998; DeZoort & Lee, 1998; GloverISSN 1090-6738© 2011 Blackwell Publishing Ltd
  2. 2. 80 C. Holm et al.et al., 2003; Lynford & Bedard, 2003). In this study, 1. INTRODUCTIONwe examine how this change in regulationis adopted in a Danish setting. Engaging in The auditor’s work is unlikely to be subject toclarification of existing responsibilities identified in scrutiny unless something adverse occurs such asauditing standards can be seen as a way for the fraud. Over the years, there has been considerableaudit profession to protect self-interests (Parker, discussion about the extent and exact nature of the1994; Chandler, 1997; Cowton, 2009). This can be responsibility of the auditor to detect fraud in auditinterpreted as a chosen level of self-regulation in engagements (e.g., Uecker et al., 1981; Chandlerorder to avoid legal intervention enforcing new et al., 1993; Bonner et al., 1998; Fraser & Lin, 2004).audit regulations or adverse court rulings claiming This is illustrated by the continuous ‘clarification’audit failures in fraud cases (see also Jönsson, 1991; of pertinent auditing standards on fraud in theBuckless & Peace, 1993; DeZoort & Lee, 1998; United States, e.g., SAS 53 (AICPA, 1988), SAS 82Glover et al., 2003). (AICPA, 1997) and SAS 99 (AICPA, 2002), and The purpose of our study is to examine how similarly by the IFAC in the International Standardscourts and professional bodies have responded to on Auditing, e.g., ISA 240 (IAASB, 2001, 2004,the change in the audit promulgations introducing 2009). Sunder makes the argument that mostproactive responsibilities in relation to fraud. standards in accounting are born small, but grow inConsequently, we observe the outcome of actual detail over time because ‘earlier versions generatefraud cases in order to analyse and discuss the requests for clarification that arise from conflictingrole of the Danish Responsum Committee, interpretations rooted in the self-interests ofDisciplinary Tribunal and the courts in those who implement the standards’ (Sunder,establishing the extent and nature of the 2010: 108). The economic rationale suggests thatpromulgated proactive responsibilities. We have any profession will protect the rights and benefitschosen to focus on the first decade after the acquired (Parker, 1994; Wallace, 2004; Cowton,introduction of the ‘proactive responsibilities’ 2009). The European Commission points out in itsin relation to fraud. This enables us to discern Green Paper on the role, position and liability of thewhether the courts and professional bodies statutory auditor within the European Union thatconsider these as new (changed) responsibilities the public expects the auditor to play a role inor clarified (existing) responsibilities. The data set protecting the interests of shareholders, creditorsincludes all publicized fraud cases against Danish and other stakeholders by providing assuranceauditors in the period 1996–2006. Our paper regarding the existence of fraud (EU Commission,provides insight into the Danish audit market 1996). Hence, the public’s trust in auditing iswith an ultimately principle-based legal system diminished by fraud scandals: for example, thebased on the legal provision termed ‘good audit collapse of Enron and other corporate scandalspractice’. which have contributed heavily to decreasing the Overall, we find that the Danish audit profession trust of users of financial statements and thehas adopted the new proactive responsibilities general public in the reliability of auditorsidentified by the standard setters, whilst the (Knechel, 2007; Landsman et al., 2009). A frequentcourts and the professional bodies seem to see response to calm the political waters has been‘the changes’ as mere clarifications of existing codification of standards, meaning the rules areresponsibilities. This study contributes to ongoing made clear to all (Sunder, 2010). An elaboratedebates about principle-based vs. rule-based effort on this part has been the now completedregulatory systems. While the nature of a principle- ‘clarity project’ by the International Auditingbased legal system implies more uncertainty about and Assurance Standards Board (IAASB) withthe extent of the auditor’s responsibilities in the proclaimed aims of enhancing therelation to fraud, we do not find that the regulatory comprehensibility as well as making substantivechange towards proactive responsibilities in changes to many of the existing auditing standardsrelation to fraud has been further accelerated by (IAASB, 2008). Engaging in clarification of existingprescriptive court rulings. We suggest that the responsibilities identified in auditing standardsinteraction between standard setters and the can be seen as a way for the audit profession torulings of courts and professional bodies should protect self-interests (Parker, 1994; Chandler, 1997;be understood in the context of the less litigious Cowton, 2009). From the perspective of the auditenvironment of our study. profession, this can be interpreted as a chosen level© 2011 Blackwell Publishing Ltd Int. J. Audit. 16: 79–97 (2012)
  3. 3. Establishing Proactive Auditor Responsibilities in Relation to Fraud 81of self-regulation in order to avoid legal proactive responsibilities. We choose to focus onintervention enforcing new audit regulations or the first decade after the introduction of theadverse court rulings claiming audit failures in ‘proactive responsibilities’ in relation to fraud.fraud cases (see also Jönsson, 1991; Buckless & This also enables us to discern whether the courtsPeace, 1993; DeZoort & Lee, 1998; Glover et al., and professional bodies consider these as new2003). (changed) responsibilities or clarified (existing) It is noticeable that the auditor’s fraud responsibilities.responsibilities have undergone a change from The audit profession is facing increasingreactive to proactive, as promulgated through the demands for documentation of compliance withauditing standards (e.g., Anderson et al., 1998; auditing standards (examples in the context ofDeZoort & Lee, 1998; Glover et al., 2003; Lynford & fraud are provided by Glover et al., 2003; MockBedard, 2003). Statements like the following made & Turner, 2005; Hammersley et al., 2010). Legalby the US Public Company Accounting Oversight environments may be either principle-based orBoard (PCAOB) illustrate the proactive emphasis rule-based (e.g., Satava et al., 2006; Dennis, 2008),encompassing the auditor’s responsibilities in hence the audit profession in different countriesrelation to fraud: ‘the auditor should [because has been forced to deal with such opposingthe risk of non-detection is likely to be higher demands. Therefore, it is important to examinefor misstatements caused by fraud than for and recognize the conditions of the auditmisstatements caused by error] assess risks and profession in the context of different legalapply procedures directed specifically to the environments, which have been shown todetection of a material, fraudulent misstatement of influence disciplinary outcomes under differentthe financial statements’ (PCAOB, 2007: 2). liability regimes (e.g., Carrington, 2010) as well as In this study we examine how this change key attributes such as levels of audit fees (e.g.,in regulation is adopted in a Danish setting. Kallunki et al., 2007) and audit quality (e.g.,Because auditing is inherently a practice-oriented Francis, 2004). Our paper provides insight into thediscipline, audit regulation has often been Danish audit market with an ultimate principle-described as a codification of established good based legal system based on the legal provisionaudit behaviour (Wilks & Zimbelman, 2004) which termed ‘good audit practice’. With its historicalis ‘nudged along’ by enforcement activities tradition for mandatory audits of listed companies(Campbell & Parker, 1992). It is in this context that and most limited liability companies, Denmarkthe auditor’s responsibilities in relation to fraud represents a rather large audit market which,have developed over time. Peecher et al. (2007: before the new regulation exempted the smallest464) suggest that auditing approaches evolve companies from mandatory audits, numberedendogenously in response to changes in society’s approximately 140,000 companies under theinformation needs and regulations, business mandatory audit regime (Holm & Warmingorganizations’ value creation processes and Rasmussen, 2007). In the period before 1996,available accounting and auditing technologies. In codification of ‘good audit practice’ dominated thea similar manner, it is our contention that the Danish audit regulation, introducing the auditor’sresponsibilities manifested in audit regulations reactive responsibilities in relation to fraud in thework in a symbiotic relation with actual practice, general auditing standards. The period witnessedcourt rulings on litigation cases and disciplinary a number of serious fraud cases resulting in highactions imposed by professional and supervisory public and political awareness, but sanctionsbodies subject to institutional differences in against auditors were not strengthened beyondindividual countries (see also Anderson, 1977; the proportional size of the cases (Holm et al.,Anderson et al., 1998; Blij et al., 1998). Hence, the 2011). In the period after 1996, the proactivepurpose of our study is to examine how courts approach to the auditor’s responsibility to detectand professional bodies have responded to the fraud was introduced in the audit regulation inchange in the audit promulgations introducing Denmark, i.e., starting by the Executive Order onproactive responsibilities in relation to fraud. In Auditors’ Statements issued in 1996. One of theeffect, we observe the outcome of actual fraud provisions in this Executive Order states thatcases in order to analyse and discuss the role of when planning and performing the audit, thethe courts and professional bodies in establishing auditor must to a certain extent be aware ofthe extent and nature of the promulgated circumstances that are indicative of fraud or other© 2011 Blackwell Publishing Ltd Int. J. Audit. 16: 79–97 (2012)
  4. 4. 82 C. Holm et al.irregularities that are of importance to the users of about the extent of the auditor’s responsibilities infinancial statements.1 This provision predates the relation to fraud, we do not find that the regulatoryDanish Audit Guideline 21 on fraud (DISAPA, change towards proactive responsibilities in1999) by a few years. The latter is inspired by the relation to fraud has been further accelerated byAmerican SAS 82 (AICPA, 1997) and is the first prescriptive court rulings. We suggest that theDanish auditing standard that deals exclusively interaction between standard setters and thewith the auditor’s responsibility in this area rulings of courts and professional bodies should(Kiertzner, 2006).2 be understood in the context of the less litigious The actual cases provide a basis for identifying environment of our study. Our findings do not,the responsibility to recognize potential fraud however, rule out the potential for future discoursesituations during an audit and the responsibility to concerning interpretations of the auditor’sreact upon such knowledge (on the relevance of responsibilities in relation to fraud.situational factors, see also St. Pierre & Anderson, In the next section, we review prior literature on1984). The low incidence and the confidential fraud issues related to our study. In Section 3, wenature of fraud provide serious constraints on describe the methodology used to identify, classifydata availability for research studies in this area and analyse the actual fraud cases. Section 4(Lynford & Bedard, 2003). Though accounting provides an analysis of fraud cases handled bystudies identify the contribution of court systems courts and professional bodies. Finally, Section 5as being very important, this has been relatively concludes the paper.ignored in research (Mills & Young, 1999: 244). Inthe context of our study, examining the outcome of 2. LITERATURE REVIEWactual fraud cases is of prime importance becausethe auditor’s responsibilities are ultimately Prior studies have dealt with the issue of thedetermined by the courts (DeJong & Smith, 1984; auditor’s responsibilities in relation to fraudBuckless & Peace, 1993; Baker & Prentice, 2008). from different viewpoints, including audit failures Overall, we find that the Danish courts and and regulations. In a comprehensive review ofprofessional bodies are responsive to the proactive empirical fraud research, Nieschwietz et al. stateresponsibilities identified by the standard setters. that their review is warranted primarily becauseWe find that in the fraud cases handled by the policy makers, academics, government officialsResponsum Committee as part of the professional and practising auditors have debated the auditor’sbody, the proactive responsibilities are interpreted responsibility for detecting fraud for severalas a clarification of previously uncodified specific decades (Nieschwietz et al., 2000: 190). Hoganresponsibilities in relation to fraud. Differences et al. (2008: 246–7) note that ‘despite existingin perception of the auditor’s responsibilities auditing standards and authoritative guidance oncould lead to adverse outcomes. However, we an auditor’s responsibility for discovering andfind that the Disciplinary Tribunal acts in line with reporting financial statement fraud, there remainsthe interpretations of the professional body, and an expectation gap between what investors believewe find no discord with the interpretations by the auditor’s responsibility should be in detectingthe courts either. As regards the change in financial fraud and what auditors are willing topromulgated responsibilities, we do find that court assume as responsibility in this area’. From therulings relate to specific proactive audit acts, such users’ point of view, the lack of understanding ofas the prescribed responsibility to consider the the role of an auditor obscures the distinctionpossibility of fraud when planning the audit between detecting fraud and reacting to observedprocedures at the beginning of the audit process. fraud. Differences in expectations are observed inHence, we find that the Danish audit profession terms of the perceived level of assurance for fraudhas adopted the new proactive responsibilities detection, with users expecting higher levels thanidentified by the standard setters, whilst the auditors (e.g., Epstein & Geiger, 1994; Goldwasser,courts and the professional bodies seem to see 2005).‘the changes’ as mere clarifications of existing The studies on audit failures are concernedresponsibilities. The study contributes to ongoing primarily with the litigation and enforcementdebates about principle-based vs. rule-based activities of supervisory bodies such as theregulatory systems. While the principle-based legal Securities and Exchange Commission (SEC) in thesystem implies the existence of more uncertainty United States (see, e.g., Campbell & Parker, 1992;© 2011 Blackwell Publishing Ltd Int. J. Audit. 16: 79–97 (2012)
  5. 5. Establishing Proactive Auditor Responsibilities in Relation to Fraud 83Rollins & Bremser, 1997; Bonner et al., 1998). In a assessments. Their study provides descriptiveclosely related study, Carrington examines how the evidence that most clients have one or more factorsSwedish Supervisory Board of Public Accountants indicative of fraud risk. But only the client’sframe a sufficient audit (‘good audit practice’) by financial condition is a significant factor related toinvestigating a sample of 354 disciplinary cases fraud risk assessments. They also show that the rolefrom the period 1995 to 2004 (Carrington, 2010). of fraud risk assessments in audit test planningHe classifies the wrongdoings mentioned in varies depending on the type of procedure beingthe disciplinary cases into two main categories planned.(process and professional) and suggests that Some studies specifically examine user‘the relative importance between process and perceptions of the replacement of SAS 53 (AICPA,professional aspects of a sufficient audit is clearly 1988) by SAS 82 (AICPA, 1997). Relying ontilted in favour of the professional aspects. A the attribution theory framework, Andersonsufficient audit is an audit that preserves the et al. (1998) examine attributions of auditorpriest-like status of the auditor, which enables the responsibilities by auditors and practising judges.ritual of verification’ (Carrington, 2010: 680). While This is relevant in the context of our study, i.e.,the focus of his study goes beyond the fraud ‘the judges were selected as a knowledgeable,focus of our study, he examines the demands influential group who provide views reflective offor a sufficient audit in a disciplinary context the legal environment and, therefore, allow forconditioned by low litigation very similar to the detection of potential expectational differencesthe Danish corporate environment (for Swedish between the legal and audit communities’auditor regulation in relation to fraud, see also (Anderson et al., 1998: 217). They find that auditors’Larsson, 2005a, 2005b). attributions of responsibility are significantly Several US studies are relevant to the context affected by the collusion and materiality variablesof our study because they examine the audit in the fraud case, while the judges’ assessmentsimplications and user perceptions of the of auditor responsibility are affected by thereplacement of SAS 53 (AICPA, 1988) by SAS 82 interaction between their general attitudes(AICPA, 1997), hence reflecting queries about the regarding the auditing profession and collusionintended clarification of the fraud responsibilities in the fraud case. They also find that evidence(e.g., Anderson et al., 1998; DeZoort & Lee, 1998; reliability and materiality significantly affectKnapp & Knapp, 2001; Glover et al., 2003; Lynford auditors’ attributions, while they do not play a role& Bedard, 2003). In an experimental study, Glover in the attributions of the judges (Anderson et al.,et al. (2003) distinguish between ‘pre- and post-SAS 1998). In another experimental study, DeZoort and82’ auditors and find that, in accordance with the Lee (1998) hypothesize that the nature of the newprescribed changes in the fraud standard, auditors standard (SAS 82) and the contemporary auditare more aware of the need to modify audit plans environment will result in perceptions that theand more likely to increase the extent of their audit new standard increases auditors’ responsibilitiestests performed in response to increased fraud. for fraud detection (as compared to SAS 53).However, they do not find (pre- or post-SAS 82) Their findings suggest that perceptions ofevidence that auditors modify the nature of the external auditor responsibility to detect fraud wereplanned tests in response to the increased fraud increased across different groups of participants.risk (Glover et al., 2003: 249). The professional body They also find that the external auditors’(AICPA) argues that SAS 82 should provide perceptions increased more than the perceptions ofoperational guidance to audit practitioners. One of internal auditors and fraud examiners (DeZoort &the proactive responsibilities introduced in SAS 82 Lee, 1998: 168). The empirical evidence fromis the need to make explicit fraud risk assessments. the US studies suggests that the introduction ofKnapp and Knapp (2001) examine this proactive responsibilities was accompanied byresponsibility in an experimental study and their more detailed guidance for external auditors and,findings suggest that effectiveness is improved for thus, resulted in an increase in perceptions ofexperienced auditors performing an explicit fraud auditor’s responsibilities for fraud detection.risk assessment using analytical procedures. In a However, these studies also show that newsample of 23 Big 5 audit clients, Lynford and concerns and challenges were raised by researchBedard (2003) examine the relationship between as well as standard setters. This subsequentlyfraud risk factors and auditors’ fraud risk led to a rapid replacement of SAS 82 by SAS 99© 2011 Blackwell Publishing Ltd Int. J. Audit. 16: 79–97 (2012)
  6. 6. 84 C. Holm et al.(AICPA, 2002), introducing further clarifications (see Eilifsen, 1998; Carrington, 2010). The Danishand suggestions for new audit procedures such as term is ‘god revisionsskik’ and it is based on thebrainstorming sessions on the possibility of fraud idea of the ‘bonus pater familias’ (good family father)in all audit engagements (see, e.g., Carpenter, 2007; in Roman law or ‘the reasonable man’ in EnglishHunton & Gold, 2010). law. The key point is that the legal provision does not provide guidance on what to do, partly because even good and reasonable people sometimes act3. METHODOLOGY negligently, partly because the demands of careIn this section, we describe the methodology used differ depending on the specific circumstancesto identify, classify and analyse the fraud cases (Langsted, 2008). The legal provision provided inused in this study. The 30 fraud cases considered the Auditors Act is supplemented (and interpreted)in this study are instances where the responsibility by other acts and other types of regulation, e.g.of the auditor has been questioned. It includes the Danish auditing standards. Furthermore, theall the cases that were made publicly available in extent and nature of the auditor’s responsibilitiesthe period from 1996 to 2006. We chose to limit are interpreted under specific circumstancesthe period studied to the first decade after the through responsa from the Responsum Committee,introduction of the ‘proactive responsibilities’ in disciplinary decisions made by the Disciplinaryrelation to fraud. We deliberately consider the cases Tribunal and rulings by the courts in the regularbased on the outcome dates and not on the time of court system.the audit pertaining to the case. This is necessary to The fraud cases considered by the Responsumexamine the role of courts and professional bodies Committee are presented in Table 1, together within establishing the proactive responsibilities, and the cases from the Disciplinary Tribunal and theit also enables us to discern whether the courts courts. Cases can be put before the Responsumand professional bodies consider the promulgated Committee by the members of DISAPA, thefraud responsibilities as new (changed) or clarified government, the administrative authorities and the(existing) responsibilities. It should be noted that court system. The Responsum Committee has nothe list of cases is not exhaustive in terms of fraud obligation to consider cases from other parties suchcases raised within the court system in Denmark as clients, and hence other parties have to engage aand certainly not in terms of the number of criminal State Authorized Public Accountant to raise a caseoffences committed. In fact, in many fraud cases on their behalf. Unlike the Disciplinary Tribunalthe particular responsibilities of the auditor is and the courts, the Responsum Committee cannotnot questioned. In comparison, the MARC impose sanctions on auditors. The Responsum‘Classification and Analysis of Major European Committee makes expert opinions regarding ‘goodBusiness Studies’ (2005) identifies 21 of 60 business audit practice’, but it is up to the Disciplinaryfailures as involving the role of the auditor. Due Tribunal and/or the courts to decide whetherto our interest in examining the auditor’s sanctions should be imposed on the auditorresponsibility for fraud, only fraud cases involving involved (Langsted, 2009). Furthermore, neitherthe role of the auditor are examined. the Disciplinary Tribunal nor the courts are obliged Table 1 provides an overview of the type of fraud to request a responsum from the Responsumcases considered. Here we make a distinction Committee before deciding whether to enforcebetween case documents provided by the sanctions.Responsum Committee, the Disciplinary Tribunal As identified in Table 1, three types of legaland the court system. The responsibility of liability can be imposed on auditors: (1)the Responsum Committee as an independent disciplinary liability, (2) civil liability (or liabilitycommittee formed by the Danish Institute of State to pay damages) and (3) criminal liability. TheAuthorized Public Accountants (DISAPA) is to Disciplinary Tribunal is mandated by the Danishprovide expert opinions called ‘responsa’ on ‘good Auditors Act (2008) to handle disciplinary liabilityaudit practice’. The concept of ‘good audit practice’ cases regarding the audit profession.3 Theis a legal provision in the Danish Auditors Act Disciplinary Tribunal is chaired by a judge and(2003, 2008). It states that the auditor must perform consists of members representing the businessaudits in accordance with what can be described as community (the majority) as well as members ofgood or sound audit practice. Similar provisions the audit profession. Disciplinary liability canare found in the audit laws of Norway and Sweden result in different sanctions depending on the© 2011 Blackwell Publishing Ltd Int. J. Audit. 16: 79–97 (2012)
  7. 7. © 2011 Blackwell Publishing Ltd Table 1: Classification of fraud cases based on case document and outcome Criticism and sanctions Responsum Committee Disciplinary Tribunal High and Supreme Courts No. of cases Criticism Disciplinary liability Civil liability Criminal liability Criticism No criticism 3 3 Criticism 8 8 Establishing Proactive Auditor Responsibilities in Relation to Fraud Sanctions No liability 0 2 0 2 Warning 0 0 Fine 12 1 13 Suspension 0 0 0 Payment of damages 4 4 Imprisonment 0 0 No. of cases 11 12 6 1 30Int. J. Audit. 16: 79–97 (2012) 85
  8. 8. 86 C. Holm et al.severity of the offence and other circumstances. court systems need to arrive at an interpretation ofThese sanctions include a warning, a fine or a the auditors’ responsibilities, the responsum may besuspension of the license to practise as an auditor. a useful instrument in tribunal and court systems.Cases of civil or criminal liability, on the other One of the court cases provides an example ofhand, are resolved in the regular Danish court the importance of the responsum. Here, two of thesystem consisting of local district courts, two high three judges stated that the absence of a responsumcourts and the Supreme Court.4 Similarly, criminal pertaining to the specific area precludes them fromliability can result in different sanctions depending finding the auditor responsible in violating ‘goodon the severity of the offence, the provision that is audit practice’, see court case 2 (1997), as listed inviolated and other circumstances.5 These sanctions Table 3. Consequently, a certain overlap of fraudinclude a fine, imprisonment or – similar to cases could be expected, but because we discarddisciplinary liability – a suspension of the license to interrelated cases issued earlier than 1996, only twopractise as an auditor. Civil liability cannot result overlaps are present in our investigation, i.e.,in any sanctions as such. Instead, in cases of civil responsum case 1151 (2000) is related to court caseliability, the plaintiff seeks to claim damages from 5 (2003) and responsum case 1213 (2003) is relatedthe defendant, i.e., the auditor. Thus it is assumed to court case 7 (2006). We have decided to includethat the plaintiff has suffered an economic loss, the cases as separate cases in the investigatione.g., because the auditor has been negligent in due to the different approaches of the differentperforming an audit or another type of engagement institutions, while still noting that the substance(Langsted, 2009). matter of the underlying frauds is the same for these particular cases.Classification of fraud cases We have examined each of the 30 fraud cases in detail in order to extract information about theWe obtained information about the publicized specific circumstances of the fraud scenariosfraud cases from various sources. The database of and the responsibilities of the auditors involved.the Danish Institute of State Authorized Public In addition to the detailed information in theAccountants is electronically available to the public individual fraud cases, we use the following mainand contains more than 1250 responsum cases classifications:dating back to 1930. Based on a thorough word (a) type of case document (responsum, tribunal,search using several different combinations of court)words such as fraud, criminal act, etc., we were able (b) type of perpetrator(s) (management,to identify a total of 11 cases related to fraud in the employee, management and employee inperiod 1996–2006 (see Table 1). As a next step, we collusion, external party, internal and externalcarried out a detailed examination of the fraud party in collusion)6responsa provided by the Responsum Committee. It (c) ISA 240 fraud classification (fraudulentshould be noted that any particular responsum reporting, misappropriation of assets,typically addresses more than one issue pertaining concealment/ combination of the two)7to the responsibility of the auditor. Most of the (d) criticism of auditor (yes/no)issues raised involve specific scenarios which (e) type of criticism (none, insufficient orprovide insight into whether the auditor has inappropriate audit tasks, communicationconducted the mandated tasks in accordance with failure(s), both audit task and communication‘good audit practice’. Table 1 also shows whether failure(s))the auditor has received criticism from the (f) type of liability (disciplinary, civil, criminal)Responsum Committee, which is the case in 8 of (g) type of sanction (none, warning, fine, liabilitythe 11 cases. Criticisms raised in the responsum may amount, imprisonment, suspension)later on lead to sanctions against the auditor, but Based on a tabulation of the 30 fraud cases, we arethis is not necessarily the outcome in the tribunal able to discern the relationships between types ofand court systems. An additional 19 fraud cases fraud and types of perpetrator (see Table 2). Thewere identified from the Disciplinary Tribunal (12) identified relationships provide an initial insightand court systems (7) (see Table 1). We have into which kind of scenarios would most likely leadconsidered only publicly available cases that raise to an examination of the auditor’s responsibilitiesquestions in relation to the responsibility of the in relation to fraud. Firstly, it is observed thatauditor in fraud settings. Because the tribunal and fraudulent reporting is a management deed (6 out© 2011 Blackwell Publishing Ltd Int. J. Audit. 16: 79–97 (2012)
  9. 9. Establishing Proactive Auditor Responsibilities in Relation to Fraud 87Table 2: Types of fraud and perpetrators 1996–2006 Management Employees Collusion TotalFraudulent reporting 6 6Misappropriation of assets Pure cases 2 1 3 Cases with concealment 12 9 21Total 20 10 0 30of 6 cases). Secondly, most of the cases where the and professional bodies in establishing the extentresponsibility of the auditor is questioned (21 of 30) and nature of the promulgated proactiveinvolve concealment of misappropriation of assets. responsibilities. The empirical findings availableAs identified in ISA 240, fraud often involves for the period 1996 to 2006 are based on ancarefully organized schemes designed to conceal increased number of fraud cases relative to the timethe fraud.8 Pure cases of misappropriation of span.9 In 8 of the 11 responsum cases, criticism isassets are rare for obvious reasons – the perpetrator made by the Responsum Committee. Before 1996,does not want to be caught. Thirdly, both the specific regulatory requirements for the Danishmanagement and employees choose concealment auditor’s responsibilities in relation to fraud werewhere possible. Fourthly, none of the cases involve absent (Holm et al., 2011). The earliest reference tocollusion by internal or external parties or pure the ‘new’ Danish Audit Guideline 21 (DISAPA,theft by an external party. While collusion is 1999) is found in responsum case 1181 (2001, 2,generally likely in fraud cases, we find no cases in in translation): ‘In Audit Guideline 21 it is statedthe period where questions are raised against the that if the auditor during his audit detects anyauditor in such contexts. The relatively small transactions that could give reason for anumber of cases identified in this decade is typical presumption that there was a risk of fraudulentin the Danish setting and comparable to other acts, the audit must be extended to clarify this.European countries with less aggressive litigation It is noted that this guideline came into effect inenvironments than in the United States (see Baker 1999, but according to the committee it conforms& Quick, 1996; Carrington, 2010). For comparison, with the guidelines for good audit practice inwe have also identified the number of fraud cases the period concerned’. Thus the Responsumduring the two decades immediately before our Committee expresses a possible reaction to fraudperiod of interest. Only six fraud cases were detection that is very similar to earlier references toidentified from 1976 to 1986, whereas the total the Danish Audit Guideline 1 (DISAPA, 1993)for the period 1986–1996 amounted to 22 fraud related to the general responsibility of the auditorcases. The increase in number of tribunal and court (as opposed to specific responsibilities). In thecases suggests an interesting pattern, but this may majority of the fraud cases, the Responsummerely reflect trivial fluctuations in cases raised Committee actually refers to the Danish Auditagainst auditors. Consequently, only a closer Guideline 1 and not Audit Guideline 21. In thisscrutiny of the individual cases will enable us to sense, the criticism raised during this period doesdetermine whether and how the new proactive not seem to change dramatically, suggesting thatresponsibilities established by the courts and the the proactive responsibilities are interpreted byprofessional bodies have affected auditors. the professional body as a mere clarification of previously uncodified specific responsibilities in4. ANALYSIS relation to fraud. This also brings up the question whether theIn this section, we examine how the courts and professional body interprets and enforces theprofessional bodies have responded to the change promulgations as new (changed) responsibilities.in the audit promulgations introducing proactive The responsum cases deal with this in various ways.responsibilities in relation to fraud. Consequently, In responsum case 1151 (2000, 1, in translation), thewe observe the outcome of actual fraud cases in auditor under scrutiny argues along the linesorder to analyse and discuss the role of courts followed in the past: ‘It is noted that the auditor© 2011 Blackwell Publishing Ltd Int. J. Audit. 16: 79–97 (2012)
  10. 10. 88 C. Holm et al.in [the communication with those charged with responsible for detecting fraud. This limits thegovernance] dated on March 11, 1991 has stated proactive responsibilities to active fraud awarenessthat “it is not the main purpose of the audit to in the conduct of the audit. As suggested indetect frauds and irregularities” and that “if any previous studies (e.g., Anderson et al., 1998;inaccuracies are detected during the audit, the audit DeZoort & Lee, 1998; Fraser & Lin, 2004), this iswill be extended to clarify this”.’ The Responsum consistent with the auditors’ own interpretation ofCommittee counters with criticism based on the the promulgated fraud standards at the time, i.e.,new proactive responsibilities, i.e., identifying an Audit Guideline 21 (DISAPA, 1999), SAS 82audit plan failure (responsum case 1151, 2000, 1, (AICPA, 1997) and ISA 240 (IAASB, 2001).in translation): ‘In the specific case, it is the The number of tribunal cases in the periodcommittee’s opinion that the present audit plans 1996–2006 increased compared to the two priorare adequate for an overall planning of the audit, decades. However, not all of the cases are worthbut that the audit plan should have included a examining in detail. One common type of fraudreview of the internal control in the company as far involves illegal loans to owners. The Danishas salaries are concerned. This would have revealed Penalty Code classifies such loans as fraudulentthat the management had not established an misstatements (Greve & Langsted, 2011).appropriate control of the salaries paid out.’ Hence, Accordingly, seven of the 12 cases lead to sanctionsthe responsibility to plan for the possibility of against auditors because of their failure to adherefraud is here considered in the specific context of to the explicit responsibility of the auditor toauditing the payroll and personnel cycle. The communicate about such illegal loans through thepotential shortcomings in the course of an audit audit opinion. The disciplinary sanctions in theseare now more regularly tied to the responsibility almost identical cases were auditor fines rangingfor planning. Audit planning is, of course, a from DKK 10,000 to DKK 40,000. Due to the similarprerequisite for ‘good audit practice’, but now the nature of these cases involving illegal loans, Table 3wording of the Responsum Committee’s criticism only summarizes the particulars of the remainingaddresses this explicitly. Thus, the criticism assists five tribunal cases.10in clarifying specific responsibilities in accordance The tribunal cases include two examples ofwith the proactive emphasis on fraud awareness. fraudulent reporting by management (see tribunal In a later fraud case, the Responsum Committee cases 7 and 12). The size of the fine in tribunal casealso addresses the issue of an extension of the 7 (2001) is considerably higher than previouslyaudit scope as a consequence of fraud suspicion seen. Although high, a fine of DKK 100,000 is(responsum case 1239, 2005, 1, in translation): ‘[I]t is still just one-third of the maximum fine applicablethe management that is responsible for establishing at that time and fines of that relative magnitudeadministrative procedures and good internal had been used before. The list of shortcomingscontrol. It is the auditor’s task to confirm this. related to the audit is comprehensive andHowever, it is the committee’s opinion that the contains elements related to audit planning,auditor should have checked that agreed initiatives conduct, documentation and communication. Thewith a view to strengthening the administrative fraudulent reporting includes examples of doubleprocedures and the internal controls had been counting of company cars, wrongful inclusion ofimplemented. . . . [T]he fact that the auditor may property, overvaluation of assets, missing liabilities,not have complied with good audit practice on etc. The decision made by the Disciplinary Tribunalcertain points does not mean that the auditor loses suggests that many of the particular issues in thehis right to receive a fee for his assistance in fraudulent reporting would be discovered if thedetecting fraud.’ It is noticeable that the extension auditor had conducted the audit in accordanceof the audit scope to examine the particular with ‘good audit practice’. Hence, the Disciplinarycircumstances where there is a suspicion of fraud is Tribunal is not imposing a new harshernot considered part of the normal audit. The interpretation of shortcomings of the audit. In thesolving of the crime may be a task where the latest tribunal case in this period, the fines imposedauditor is expected to have a natural advantage, but on the two auditors involved are even higher, i.e.,this is not necessarily a part of the audit task for disciplinary sanctions amounting to DKK 150,000which the auditor will receive the audit fee. This and 140,000, respectively, in tribunal case 12 (2006).is a task beyond the financial audit. Accounting Very similar to what is seen in the responsumto the professional body, the auditor is still not cases during this period, the Disciplinary Tribunal© 2011 Blackwell Publishing Ltd Int. J. Audit. 16: 79–97 (2012)
  11. 11. Table 3: Sanctions against auditors in fraud cases 1996–2006* Case ID Type of court/tribunal Fraud type Perpetrator Auditor responsibility Tribunal case 6 (1999) Disciplinary Tribunal Concealment Management Disciplinary sanction: fine (amount DKK 25,000)© 2011 Blackwell Publishing Ltd Tribunal case 7 (2001) Accountants Tribunal Fraudulent reporting Management Disciplinary sanction: fine (amount DKK 100,000) Tribunal case 9 (2005) Disciplinary Tribunal Concealment Employee Disciplinary sanction: fine (amount DKK 75,000) Tribunal case 11 (2006) Disciplinary Tribunal Concealment Employee Disciplinary sanction: fine (amount DKK 10,000) Tribunal case 12 (2006) Disciplinary Tribunal Fraudulent reporting Management Disciplinary sanction: fines (amounts DKK 150,000 and 140,000) Court case 1 (1997) Supreme Court Fraudulent reporting Management Civil liability sanction (amount DKK 543,497) Establishing Proactive Auditor Responsibilities in Relation to Fraud Court case 2 (1997) High Court Concealment Management No civil liability Court case 3 (1998) High Court Fraudulent reporting Management Criminal liability sanction (auditor 1: 20 day-fines of amount DKK 2,000, auditor 2: 10 day-fines of amount DKK 2,000 and auditor 3: acquittal) Court case 4 (1999) High Court Fraudulent reporting Management Civil liability sanction (amounts DKK 922,108.98 and 1,531,820.71) Court case 5 (2003) Supreme Court Concealment Employee Civil liability sanction (amounts DKK 374,584.64 and 43,750) Court case 6 (2004) Supreme Court Fraudulent reporting Management No civil liability Court case 7 (2006) Supreme Court Misappropriation of assets Management Civil liability sanction (amount DKK 8,000,000) *Tribunal cases 1, 2, 3, 4, 5, 8 and 10 are examples of illegal loans, which are excluded from the table.Int. J. Audit. 16: 79–97 (2012) 89
  12. 12. 90 C. Holm et al.considers the importance of audit planning with scandal of the period involving ‘Nordic Featherexplicit references to the Danish Audit Guidelines 1 Company’. The fraudulent reporting was initiated(Fundamental Principles), 14 (Auditing Companies by the charismatic and dominant head of theUsing EDP), 17 (Audit of EDP-Based User Systems) listed company, Johannes Petersen, who held aand 18 (Audit Protocol Communication), but not combined position as chair of the supervisoryAudit Guideline 21 (Fraud) (DISAPA, 1989, 1990, board and CEO. In 1990, the company was1991, 1993, 1999). Audit planning is seen as an declared bankrupt – at that time the head of theindispensable prerequisite for an appropriate audit company had committed suicide. The bankruptand therefore presumably also for any fraud estate was met with claims of more than DKK 2detection on the part of the auditor. Similar billion. Trust in the auditor profession became aremarks are made in tribunal case 9 (2005), which public issue because it was difficult for the publicinvolves a pure case of employee concealment to understand how the company could havemade possible by insufficient separation of duties. received unqualified audit opinions for a numberIn this case, the tribunal sanctions the auditor with of years, even after the auditors had become awarea fine of DKK 75,000 due to inappropriate audit of major problems, including the obvious signal ofplanning (tribunal case 9, 2005, 3).11 auditors resigning. The fraud case continued for The different composition of members of several years in the court systems and ended withthe Responsum Committee and the Disciplinary a High Court decision against the managementTribunal opens the possibility of conflicting and the auditors (court case 3, 1998). Membersinterests of the two bodies. Differences in of management were sentenced to several years’perception of the auditor’s responsibilities (as imprisonment for gross fraud against investorssuggested in prior studies by Anderson et al., and creditors. Later, two of the three auditors1998, DeZoort & Lee, 1998 and Fraser & Lin, involved were found to be criminally liable and2004) could lead to adverse outcomes in cases were sanctioned with fines. We find no discordconsidered by the professional body acting in the between the interpretations by the professionalself-interest of the membership body of auditors body and the High Court. The court’s ruling wasand in cases considered by the Disciplinary in line with the interpretation of the ResponsumTribunal with a majority of non-accounting Committee which on ten specific issues criticizedmembers. However, the outcome of the fraud the auditors for not providing qualified auditcases in this period suggests that the Disciplinary opinions. The identified shortcomings related toTribunal acts in line with the interpretations of the specific audit tasks and communication failures inprofessional body. audits conducted before the promulgation of the Finally, we turn to the circumstances of the fraud proactive responsibilities. However, the ruling cancases handled in the court system from 1996 to be viewed as addressing the societal need for2006. Due to the often very public nature of the reassurance of trust in the audit profession, hencefraud cases brought before the High Courts or the supporting the clarification effort promoted bySupreme Court, the courts are positioned to the profession at the time. In the related case, theadvocate the auditors’ fraud responsibilities in a Supreme Court ruled in favour of two resigningprescriptive manner if there is a discord between auditors (court case 6, 2004). The two auditorslegal, societal interests and professional interests in were appointed in 1987 and resigned in 1988the auditing standard promulgations. As explained without auditing the company in question. Thein Section 3, courts base their rulings on their Supreme Court finally absolved the two resigninginterpretation of the legal provision ‘good audit auditors of civil liability towards the shareholders.practice’ as supplemented by other laws, auditing Consequently, the court ruling clarified that thestandards as well as existing responsa from the auditors had the prerogative to signal that theResponsum Committee and decisions made by audit engagement was impossible to fulfil, hencethe Disciplinary Tribunal. Hence, it is from this the court concurred that auditors are not ascribedperspective that we analyse the role of the courts special or additional responsibilities due to fraudin establishing the extent and nature of the occurring in the company.promulgated proactive responsibilities. The remaining fraud cases are civil liability cases All but one of the seven court cases in this raised on behalf of stockholders or other plaintiffsperiod are related to management frauds. Court asserting that they have suffered an economiccases 3 and 6 deal with the major corporate fraud loss, e.g., because the auditor has been negligent© 2011 Blackwell Publishing Ltd Int. J. Audit. 16: 79–97 (2012)
  13. 13. Establishing Proactive Auditor Responsibilities in Relation to Fraud 91in performing an audit or another type of statements, the auditor was found liable in relationengagement. In court cases 2 and 6, the auditors to both plaintiffs.were acquitted of neglect. The particular reasoning The two remaining fraud cases both presentin court case 2 was briefly mentioned earlier; examples of an auditor’s neglect in relation toto demonstrate the weight the courts assign to adequately checking the internal control systemsinterpretations provided by the Responsum of the clients. Court case 5 (2003) involvesCommittee. That is, the ruling is in favour of concealment fraud committed by an employee. Thethe auditor due to the absence of a responsum Supreme Court ruled in accordance with theexplaining the particular responsibilities regarding criticism raised by the Responsum Committeean audit of related companies within a group. in the related responsum case 1151 (2000). The The size of the civil liability claims should not be premises of the ruling indicate that the auditorseen as a measure of the severity of the sanction. The should have (a) examined the internal controlsamount awarded in court cases 1, 4, 5 and 7 reflects which would have revealed that the managementthe economic losses on the part of the plaintiffs due had not established appropriate controls in relationto neglect on the part of the auditors (see Table 3). to payment of salaries, and (b) communicatedThe importance of the interpretations from the the weaknesses of the internal controls to thoseResponsum Committee is further emphasized by charged with governance as well as describedthe fact that, in each of the cases incurring civil appropriate measures to improve the controlliability, a responsum is used as an element of the systems. The Supreme Court found that the auditorcourt ruling showing auditor neglect. The criminal was liable to pay damages to the plaintiffs becauseacts of the management predate the promulgation of the neglect can be directly associated with theproactive responsibilities of the auditors in court absence of preventive measures against thiscases 1 and 4. In court case 1 (1997), the management particular fraud. Hence, the proactive role of theissued fictitious invoices to their factoring service auditor in relation to fraud is here extendedcompany. The criticism raised in responsum case 938 considerably compared to previous interpretations(1989) expresses the auditor’s responsibility. The of fraud responsibilities. Court case 7 is classifiedResponsum Committee finds shortcomings in this as an example of misappropriation instead ofaudit as compared to an appropriate audit, e.g., the concealment. This is a somewhat arbitrarylack of sampling tests controlling the existence of classification because the main problem herereal deliveries behind hypothecated invoices and is a widespread absence of bookkeeping in thethe lack of confirmation letters to debtors. Under the company. The Responsum Committee in thepremises of the court case, it is assumed that the related responsum case 1213 (2003) expressedbank involved would have refused further use of criticism of the auditor as he should have madethe credit facilities if appropriate information on the sure that the accounting system and internalcircumstances of the company had been provided to controls of this investment company werethem. The neglect by the auditor, compared to an established and functioning. The premises of theappropriate audit, is sufficient to find him liable in Supreme Court are clear, i.e., court case 7 (2006, 17)this fraud case. Court case 4 (1999) is a somewhat refers directly to the Danish Audit Guideline 1:similar instance of fraudulent reporting. In due to the lack of appropriate bookkeepingaccordance with responsum case 1049 (1995), the and financial reporting, the auditor should haveHigh Court found that the auditor involved had planned the audit in accordance with anincurred civil liability and he was sentenced to pay assessment of the risk of errors as being relativelydamages to the plaintiffs (i.e., to the factoring high (DISAPA, 1993, paragraph 6). The lack ofcompany amounting to DKK 922,108.08 and to the inspection constitutes an audit failure that is sobank amounting to DKK 1,531,820.71). Under the severe that the auditor and the audit firm are foundpremises, the court decision states that the auditor is liable to pay damages to the plaintiff of the highestnot reproached for not detecting fictitious invoices amount to date, i.e., DKK 8 million. Consequently,as part of the management fraud scheme. However, the interpretation of the court concurs with thedue to clearly demonstrated shortcomings of the view promoted by the professional body, henceaudit, the financial statements portray an excessively establishing the extent and nature of the auditors’positive picture of the actual financial responsibilities in relation to fraud by clarifying thecircumstances. Because of his obligation to provide case-specific responsibilities in accordance with thean opinion on the true and fair view of the financial proactive emphasis on fraud awareness.© 2011 Blackwell Publishing Ltd Int. J. Audit. 16: 79–97 (2012)
  14. 14. 92 C. Holm et al.5. DISCUSSION AND CONCLUSION bodies responded to the change in the audit promulgations introducing proactiveThe auditor’s responsibilities in relation to fraud responsibilities in relation to fraud. Our studyhave undergone a change from reactive to provides insight into the Danish audit market andproactive, as promulgated through the auditing its ultimate principle-based legal system based onstandards (e.g., Anderson et al., 1998; DeZoort & the legal provision termed ‘good audit practice’. InLee, 1998; Glover et al., 2003; Lynford & Bedard, the period after 1996, the proactive approach to the2003). The audit profession engages in clarification auditor’s responsibilities for fraud detection wasof existing responsibilities. This can be interpreted introduced in Denmark parallel to other nationalas a way to protect self-interests (Parker, 1994; and international auditing standards on fraud (e.g.,Chandler, 1997; Cowton, 2009) and a means of SAS 82, SAS 99 and ISA 240).self-regulation in order to avoid legal intervention In this study, we collect and analyse a uniqueimposing new audit regulations or detrimental data set which includes all publicized fraud casescourt rulings (see also Jönsson, 1991; Buckless & against Danish auditors in the period 1996–2006.Peace, 1993; DeZoort & Lee, 1998; Glover et al., We chose to focus on the first decade after the2003). While the auditor’s responsibilities relating introduction of the ‘proactive responsibilities’ into fraud have been subject to numerous studies (for order to examine the role of courts and professionalextensive literature reviews, see Nieschwietz et al., bodies in establishing the proactive responsibilities.2000; Hogan et al., 2008), previous research has An important issue is, of course, whether thenot provided empirical evidence on the adoption courts and professional bodies consider theof this change by the national court systems. promulgated fraud responsibilities as newExamining the outcome of actual fraud cases (changed) or clarified (existing) responsibilities.is of prime importance because the auditor’s We find that in the fraud cases handled by theresponsibilities are ultimately determined by the Responsum Committee, the criticisms against thecourts (DeJong & Smith, 1984; Buckless & Peace, auditor have been based on shortcomings of1993; Baker & Prentice, 2008). As a premise for the audits, either in the form of inappropriate/our study, we contend that responsibilities laid insufficient audit tasks or communication failures.down in audit regulations work symbiotically The nature of the criticisms suggests thatwith actual practice, court rulings on litigation the proactive responsibilities are interpreted bycases and disciplinary actions by professional and the professional body as a mere clarification ofsupervisory bodies (see also Campbell & Parker, previously uncodified specific responsibilities in1992; Wilks & Zimbelman, 2004; Peecher et al., relation to fraud. According to the professional2007). This interaction is subject to institutional body, the auditor is still not responsible fordifferences in individual countries, thus implying detecting fraud, which is consistent with thethe relevance of international as well auditors’ own interpretation of the promulgatedcountry-specific studies in this area. Prior studies fraud standards (see also Anderson et al., 1998;have dealt with the issue of the auditor’s DeZoort & Lee, 1998; Fraser & Lin, 2004). Theresponsibilities in relation to fraud from differences in composition of members in thedifferent viewpoints, including audit failures Responsum Committee, the Disciplinary Tribunaland regulations. The studies on audit failure are and the courts opens up the possibility ofconcerned primarily with the litigation and conflicting interests of these bodies (see alsoenforcement activities of supervisory bodies such Sunder, 2010). Moreover, differences in theas the SEC in the United States (see, e.g., Campbell perception of auditors’ responsibilities (as& Parker, 1992; Rollins & Bremser, 1997; Bonner suggested in prior studies by Anderson et al., 1998,et al., 1998). Hence, this provides the impetus for DeZoort & Lee, 1998 and Fraser & Lin, 2004)research into the role of the courts and professional could lead to adverse outcomes in cases consideredbodies in establishing the extent and nature by the professional body acting in the self-interestof the promulgated proactive responsibilities in of the auditor profession and in cases consideredless litigious environments than, for example, by the Disciplinary Tribunal with a majority ofthe United States (for a related study in the non-accounting members. However, the outcomeScandinavian context, see also Carrington, 2010). of the fraud cases in this period suggests thatAccordingly, the purpose of our study is to the Disciplinary Tribunal acts in line with theexamine how Danish courts and professional interpretations of the professional body.© 2011 Blackwell Publishing Ltd Int. J. Audit. 16: 79–97 (2012)
  15. 15. Establishing Proactive Auditor Responsibilities in Relation to Fraud 93 Due to the often very public nature of the importance in a more principle-based legal systemfraud cases brought before the High Courts or such as the Danish system. The presumption isthe Supreme Court, the courts are positioned to that the audit profession has to monitor theadvocate the auditor’s fraud responsibilities in a interpretations of the outcomes of specific fraudprescriptive manner if there is a discord between cases brought before the court systems andlegal, societal interests and professional interests professional bodies. In the context of thein the auditing standard promulgations. However, low-litigious environment exemplified in thiswe find no discord between the interpretations study, it is noticeable that the audit professionby the professional body and the courts. The seems to pre-empt the possible discourse on thecommon outcome of the fraud cases considered responsibilities in relation to fraud by embracingby the courts and professional bodies is in line the proactive regulation introduced by the standardwith the court rulings before the transition into setters. Hence, further research into how themore proactive auditor responsibilities regarding auditor’s responsibilities are determined infraud. However, pertaining to the transition in different legal systems and what constitutes anpromulgated responsibilities, we find that court appropriate audit effort in relation to fraudrulings relate to specific proactive audit acts, such certainly continues to be pertinent.as the prescribed responsibility to consider the The limitation of this study is related to datapossibility of fraud when planning the audit availability. Even though our study is based on allprocedures at the beginning of the audit process. the publicized fraud cases in the period 1996–Overall, we find that the courts and professional 2006, we acknowledge that the number of casesbodies can be characterized as responsive to the is relatively small. Although this it not aproactive responsibilities identified by the standard generalizability issue due to the availability ofsetters even though their interpretations suggest all data, it is a caveat of the study to bethat they see the ‘changes’ as mere clarifications of recognized. In the Danish setting, frauds are fairlyexisting responsibilities. In the period 1996–2006, rare in occurrence and not all fraud cases leadwe also observe an increase in sanctions imposed to questions being raised as to the particularand civil liabilities. We attribute this to a change in responsibilities of the auditor. This is consistentperception by the court system. Consequently, the with the perception that the corporateDanish court system now considers fraud as a environment in Denmark is not highly litigious.normal, although unusual, business scenario for This is noticeable and accentuates the importancewhich the auditor has proactive responsibilities of interpretations of the fraud responsibilitieswhen planning and conducting the audit. based on the relatively few responsum, tribunal Due to the exploratory nature of this study, and court rulings. Future research shouldthe implications for practice and future research examine the role of courts and professional bodiesare interrelated. The study contributes to ongoing in other countries and institutional environments.debates about principle-based vs. rule-based The ease with which new promulgations can beregulatory systems. Our findings demonstrate that adopted into audit practice is germane to ensurewhile the principle-based system has a possible trust in auditors. This calls for internationaldisadvantage in terms of uncertainty of the legal comparisons of the interaction between standardposition of the auditor, the change towards setters, court systems and the new oversightproactive responsibilities in relation to fraud is not bodies established in many countries in the wakeaccelerated by prescriptive court rulings. ‘Good of recent corporate scandals.audit practice’ is a legal provision to be interpretedand hence it changes continuously with thedevelopments in society and in the audit NOTESprofession. Our findings, however, do not rule outthe potential for future discourse concerning 1. Specifically, the provision stipulates theinterpretations of the auditor’s responsibilities in following: ‘In connection with this [i.e., whenrelation to fraud. The continuous need for changes planning and performing the audit], thein the regulations in rule-based systems is evident auditor to a certain extent must be aware ofby observing the pace of the standard setters. While circumstances that are indicative of fraud andthe changes in regulations are enforced globally other irregularities and that are of importanceacross legal systems, they are supposedly of less to the users of financial statements’.© 2011 Blackwell Publishing Ltd Int. J. Audit. 16: 79–97 (2012)
  16. 16. 94 C. Holm et al. 2. The audit codification process in Denmark cases of misappropriation of assets are often, experienced a shift from local Danish audit but not exclusively, employee fraud. guidelines to the International Standards on 8. Examples of such schemes that the standard Auditing (ISAs) similar to the development in mentions include (1) forgery, (2) deliberate other countries. In effect, Danish auditing failure to record transactions, and (3) standards based on ISAs were implemented intentional misrepresentations being made to through a gradual transition from 2002 to 2006 the auditor. concurrent with the translation of the ISAs into 9. The six fraud cases identified in the period Danish (Holm & Warming Rasmussen, 2007). 1976–1986 consist of 5 responsum, 1 tribunal and 3. From 1967 to 2002, the Danish auditor no court cases, whereas the 22 fraud cases in disciplinary system was a two-stage system 1986–1996 consist of 14 responsum, 6 tribunal with the Disciplinary Tribunal as the first layer and 2 court cases. As shown in Table 1, the and the Accountants’ Tribunal as a court of number of cases in our period of interest appeal. The Accountants’ Tribunal is now (1996–2006) is 30, which consists of 11 abolished and the Disciplinary Tribunal alone responsum, 12 tribunal and 7 court cases. constitutes the disciplinary system. 10. Even though the seven cases involving illegal 4. No cases start out at the Supreme Court level. loans are simple and straightforward illegal As a main rule, it is only possible to appeal acts, we have decided to include them in this a judgment once, i.e., either from one of the study as they represent a subset of the total district courts to one of the two High Courts number of fraud cases raised against auditors (if the case starts out at the first level) or from in the period, i.e., we examine all and not a one of the two High Courts to the Supreme sample of the fraud cases against Danish Court (if the case starts out at the second auditors. See also Fraser and Lin (2004) on the level). auditors’ perception of illegal acts related to 5. Many of the criminal provisions – in particular fraud. the most ‘serious’ ones – are found in the 11. The size of the fines suggests different Criminal Code. However, criminal provisions – circumstances in each of the disciplinary cases. in particular the less ‘serious’ ones – are The two cases involving fraudulent reporting also found in other acts, e.g., the Financial lead to relatively higher fines than the cases Statements Act (§164), the Auditors Act (§27) involving concealments (see Table 3). It should and the Companies Act (§§160–61). be noted that the fine of DKK 25,000 in tribunal 6. Management fraud is defined as fraud case 6 (1999) relates to a fraud case involving involving one or more members of the criminal charges against both the management management or those charged with governance, and the auditor. Part of the circumstances is whereas employee fraud is defined as fraud outdated, while the part considered by the carried out by employees only. In either case, tribunal dates back to 1991 and 1992 when the there may be collusion inside the company or maximum fine would have been DKK 50,000. with third parties outside the company (IAASB, This is considered explicitly in the decision of 2009, §36). the tribunal court. In comparison, the sanction 7. Fraud may be divided into fraudulent of DKK 10,000 in the employee concealment financial reporting and misappropriation case found in tribunal case 11 (2006) should be of assets. Fraudulent financial reporting regarded as being considerably less harsh. is defined as intentional misstatements or omissions of amounts or disclosures in financial statements intended to deceive users REFERENCES of financial statements (IAASB, 2009, A2). Misappropriation of assets, on the other American Institute of Certified Public Accountants hand, is defined as theft of a company’s (AICPA) (1988), Consideration of Fraud in a Financial assets (IAASB, 2009, A5). Compared to the Statement Audit. Statement on Auditing Standards No. 53. New York: AICPA. distinction between management fraud and American Institute of Certified Public Accountants employee fraud, cases of fraudulent financial (AICPA) (1997), Consideration of Fraud in a Financial reporting are often, but not exclusively, Statement Audit. Statement on Auditing Standards characterized as management fraud, whereas No. 82. New York: AICPA.© 2011 Blackwell Publishing Ltd Int. J. Audit. 16: 79–97 (2012)
  17. 17. Establishing Proactive Auditor Responsibilities in Relation to Fraud 95American Institute of Certified Public Accountants Accounting and Business Research, Vol. 39, No. 3, (AICPA) (2002), Consideration of Fraud in a Financial pp. 177–89. Statement Audit. Statement on Auditing Standards Danish Institute of State Authorized Public No. 99. New York: AICPA. Accountants (DISAPA) (1989), Revision iAnderson, B., Maletta, M. & Wright, A. (1998), virksomheder som anvender EDB (Audit in Companies ‘Perceptions of auditor responsibility: Views of the Using EDP). Revisionsvejledning No. 14. judiciary and the profession’, International Journal of Copenhagen: Foreningen af Statsautoriserede Auditing, Vol. 2, No. 3, pp. 215–32. Revisorer.Anderson, J. A. (1977), ‘The potential impact of Danish Institute of State Authorized Public knowledge of market efficiency on the legal liability Accountants (DISAPA) (1990), Revision af EDB- of auditors’, The Accounting Review, Vol. 52, No. 2, baserede brugersystemer (Audit of EDP-based User pp. 417–26. Systems). Revisionsvejledning No. 17. Copenhagen:Auditors Act (2003), Lov nr. 302 af 30. april 2003 om Foreningen af Statsautoriserede Revisorer. statsautoriserede og registrerede revisorer (Law of Danish Institute of State Authorized Public State Authorized and Registered Auditors). Accountants (DISAPA) (1991), RevisionsprotokollenAuditors Act (2008), Lov nr. 468 af 17. juni 2008 (Audit Protocol Communication). Revisionsvejledning Revisorloven (Law of Approved Auditors). No. 18. Copenhagen: Foreningen afBaker, C. R. & Prentice, D. (2008), ‘The origins of Statsautoriserede Revisorer. auditor liability to third parties under United States Danish Institute of State Authorized Public common law’, Accounting History, Vol. 13, No. 2, Accountants (DISAPA) (1993), Grundlæggende pp. 163–82. principper for revision af regnskaber (FundamentalBaker, C. R. & Quick, R. (1996), ‘A comparison of Principles for Audits of Financial Statements). auditors’ legal liability in the USA and selected Revisionsvejledning No. 1. Copenhagen: European countries’, European Business Review, Vol. Foreningen af Statsautoriserede Revisorer. 96, No. 3, pp. 36–44. Danish Institute of State Authorized PublicBlij, I., Hassink, H., Mertens, G. & Quick, R. (1998), Accountants (DISAPA) (1999), Besvigelser (Frauds). ‘Disciplinary practices and auditors in Europe: Revisionsvejledning No. 21. Copenhagen: a comparison between Germany and the Foreningen af Statsautoriserede Revisorer. Netherlands’, European Accounting Review, Vol. 7, DeJong, D. V. & Smith, J. H. (1984), ‘The determination No. 3, pp. 467–91. of audit responsibilities: an application of agencyBonner, S. E., Palmrose, Z.-V. & Young, S. M. (1998), theory’, Auditing, Vol. 4, No. 1, pp. 20–34. ‘Fraud type and auditor litigation: an analysis Dennis, I. (2008), ‘A conceptual enquiry into the of SEC accounting and auditing enforcement concept of a “principles-based” accounting releases’, The Accounting Review, Vol. 73, No. 4, standard’, British Accounting Review, Vol. 40, No. 3, pp. 503–32. pp. 260–71.Buckless, F. A. & Peace, R. L. (1993), ‘The influence DeZoort, F. T. & Lee, T. A. (1998), ‘The impact of SAS of the source of professional standards on juror no. 82 on perceptions of external auditor decision making’, The Accounting Review, Vol. 68, responsibility for fraud detection’, International No. 1, pp. 164–75. Journal of Auditing, Vol. 2, No. 2, pp. 167–82.Campbell, D. R. & Parker, L. M. (1992), ‘SEC Eilifsen, A. (1998), ‘Auditing regulation and the communications to the independent auditors: statutory auditor’s responsibilities in Norway’, an analysis of enforcement actions’, Journal of European Accounting Review, Vol. 7, No. 4, pp. Accounting and Public Policy, Vol. 11, pp. 297–330. 709–22.Carpenter, T. D. (2007), ‘Audit team brainstorming, Epstein, M. J. & Geiger, M. A. (1994), ‘Investor views fraud risk identification, and fraud risk assessment: of audit assurance: recent evidence of the implications of SAS No. 99’, The Accounting Review, expectation gap’, Journal of Accountancy, Vol. 177, Vol. 82, No. 5, pp. 1119–40. No. 1, pp. 60–65.Carrington, T. (2010), ‘An analysis of the demands on EU Commission (1996), Green Paper on the Role, a sufficient audit: professional appearance is what Position and Liability of the Statutory Auditor in the counts!’ Critical Perspectives on Accounting, Vol. 21, European Union. No. 8, pp. 669–82. Francis, J. R. (2004), ‘What do we know about auditChandler, R. A. (1997), ‘Taking responsibility: the quality?’ British Accounting Review, Vol. 36, No. 4, early demand for institutional action to define an pp. 345–68. auditor’s duties’, International Journal of Auditing, Fraser, I. A. M. & Lin, K. Z. (2004), ‘Auditors’ Vol. 1, No. 3, pp. 165–74. perceptions of responsibilities to detect and reportChandler, R. A., Edwards, J. R. & Anderson, M. (1993), client illegal acts in Canada and the UK: a ‘Changing perceptions of the role of the company comparative experiment’, International Journal of auditor, 1840–1940’, Accounting and Business Auditing, Vol. 8, No. 2, pp. 165–84. Research, Vol. 23, No. 92, pp. 443–60. Glover, S. M., Prawitt, D. F., Schultz Jr, J. J. &Cowton, C. J. (2009), ‘Accounting and the ethics Zimbelman, M. F. (2003), ‘A test of changes in challenge: re-membering the professional body’, auditors’ fraud-related planning judgments since© 2011 Blackwell Publishing Ltd Int. J. Audit. 16: 79–97 (2012)

×