Audit Liability
Audit Liability
AUDITING
Audit Liability
Learning Objectives
Understand the legal environment for auditors.
Learn the definition of key legal terms.
Know the types of litigations against auditors.
Know the auditor’s liability to clients under common law.
Know the auditor’s liability to third parties under common law.
Understand the conditions for tort of negligence under common
law.
Know the auditor’s legal duties to report breaches of laws under
various statutes.
Know the approaches that public accounting profession and the
firms can take to minimise legal liability.
Learn the elements of quality control for audit and assurance
services.
Understand the nature of audit
liabilities
Fraud
Error
Fraud
An intentional act by one or more individuals among the management,
those charged with governance, employees, or
3rd parties, involving the use of deception to obtain an unjust
or illegal advantage. (ISA 240)
The legal system and the litigious climate are the main contributing
factors for the significant rise in litigation in the U.S.
Rise in Litigation
This so-called “deep pocket” syndrome accounts for many of the legal
actions taken against the professional accountants acting as auditors.
Injured parties who take legal actions in the hope of recovering part or
all of their losses from the “deep pockets” of practitioners with large
insurance coverage are not duly concerned whether the professionals
are at fault or not.
1. Common law – this represents case law developed over time by judges
who issue legal opinions when deciding a case. The legal principles
announced in these cases become precedent for judges deciding
similar cases in the future.
Unwritten Law.
These laws were not contained in any statutes & can be found only in case
decisions.
In situation when there is no law governing a particular circumstances,
Malaysia case law may apply.
Civil actions under common law typically allege that the auditor did
not properly perform the audit.
Persons taking action alleging fraud must prove that the auditor has
made false representation and the auditor has the knowledge or belief
that the representation was false.
Under common law, the auditor may also be liable to the client for gross
negligence and fraud.
Common law does not require that the auditor guarantee his work
product.
The contract between the client and the auditor stipulate the amount of
fees to be charged for the designated professional services, and
deadlines for completing the services are normally indicated or
implied in the contract.
Liability to Clients – Breach of Contract
In a statutory audit, the client and the auditor may contract for
responsibilities additional to the specific requirements under the law
but the auditor is not permitted to exclude or reduce his statutory
duties through contractual terms.
If the client entity breaches its obligations under the engagement letter,
the auditor is excused from his contractual obligations. If the auditor
discontinues an audit without adequate cause, he may be liable for
economic injury suffered by the client.
Negligence has been defined as: “some act or omission which occurs
because the person concerned has failed to exercise that degree of
professional care and skill, appropriate to the circumstances of the
case, which is expected of accountants and auditors.”
Liability to Clients and Third Parties -
Negligence
In an action for negligence against an auditor, whether brought by the
client or third party, the plaintiff must prove the following elements:
1) The auditor owed a duty of care to the plaintiff to conform to a
required standard of care.
2) There is a failure to act in accordance with that duty of care, that is, a
breach of duty of care to the plaintiff on the part of the auditor.
If the auditor fails to discharge his duty properly, the client has the
right to bring legal action against the auditor either for breach of
contract or negligence or both.
Duty of Care to Third Parties
Under common law, actions can be brought by non-client third parties
against the auditors for tort in negligence.
The traditional view based on privity held that, under common law,
auditors had no liability to third parties who did not have privity
relationship with the auditor.
The auditors were aware of the fact that the audit reports were being
used by the client to obtain external debt financing but did not know
which specific banks or finance companies would be given the audit
reports.
Duty of Care to Third Parties
The company went bankrupt after obtaining the loan from the
plaintiff. The plaintiff alleged that the auditors had been negligent in
their audit for failing to detect or report deceptive accounting entries
that had concealed the borrowing company’s problems.
During that time, this case was viewed as a test case for third parties
seeking damages from auditors. At the court of appeals, it was ruled
unanimously in favour of the auditor, thus upholding the privity
doctrine.
The rational for this finding by the New York Court of Appeals is
summarised in a famous quote by Judge Cardozo:
Duty of Care to Third Parties
“If a liability for negligence exists, a thoughtless slip or blunder, the
failure to detect a theft of forgery beneath the cover of deceptive
entries, may expose accountants to a liability in an indeterminate
amount for an indeterminate time to an indeterminate class. The
hazards of business on these terms are so extreme as to enkindle doubt
whether a flaw may not exist in the implication of a duty that exposes
to these circumstances.”
In U.K., the case of Candler v. Crane Christmas & Co. (1951)
reinforced the doctrine that third parties, in the absence of a
contractual relationship, were not entitled to recover financial damages
resulting from an auditor’s negligence. The outcome of this case was,
a majority of the Court of Appeal in England held that, in the absence
of a contractual relationship between the parties, the auditor did not
owe a duty of care to the plaintiff (Mr Chandler).
Duty of Care to Third Parties
The privity doctrine was again tested in another important English case:
Hedley Byrne v. Heller & Partners (U.K. 1963). In that case, the
dissenting Judge Denning’s view in the Candler Case was shared by other
judges.
The case of Hedley Byrne did not involve auditors but a merchant bank
which gave a certificate of creditworthiness to an advertising agency. The
credit reference was for a potential customer of the advertising agency;
unfortunately the bank gave the reference negligently without proper
checking of its records. The advertising agency relied on the credit
reference and suffered financial loss because the customer went into
liquidation.
The bank denied responsibility on the ground that it owed no duty of care
to the plaintiff in the absence of a contractual relationship. The House of
Lords however held that the bank owed a duty of care to the plaintiff.
Breach of the Standard of Care
The second condition in a tort of negligence is to establish that the person
who owed the duty of care has breached the duty of care. For a
professional person such as an auditor, the standard of care is that of the
reasonable skill and care of another skilled person carrying out the same
assignment.
Under common law, an auditor has the duty to perform an audit using the
same degree of care that would be used by an ordinary, prudent member of
the public accounting profession. Negligence represents a deviation from a
standard of behaviour that is consistent with that of a “reasonable person.”
With respect to audit engagements, two classic statements have often been
referred to in defining the auditor’s responsibility in relation to auditing of
an entity’s account. The first is by Lindley LJ in Re London and General
Bank (1895):
Breach of the Standard of Care
“An auditor…. Is not bound to do more than exercise reasonable care and skill
in making inquiries and investigations.
He is not an insurer; he does not guarantee that the books do correctly show
the true position of the company’s affairs; he does not even guarantee that his
balance sheet is accurate according to the books of the company. If he did, he
would be responsible for error on his part, even if he were himself deceived
without any want of reasonable care on his part, say by the fraudulent
concealment of a book from him. His obligation is not so onerous as this.
Such I take to be the duty of the auditor; he must be honest – i.e. he must not
certify what he does not believe to be true, and he must take reasonable care
and skill before be believes that what he certifies is true. What is reasonable
care in any particular case must depend upon the circumstances of the case.
Where there is nothing to excite suspicion very little inquiry will be reasonably
sufficient, and in practice I believe businessmen select a few cases at
haphazard, see that they are right and a
Breach of the Standard of Care
Assume that others like them are correct also. Where suspicion is
aroused more care is obviously necessary; but, still an auditor is not
bound to exercise more than reasonable care and skill, even in a case of
suspicion, and he is perfectly justified in acting on the opinion of an
expert where special knowledge is required.
Causal Relationship or Connection
The third element in the tort of negligence is the proof of causation or
connection between the plaintiff’s loss and the act of negligence.
While not aimed directly at auditors, these laws can expose auditors to
potential legal liability.
The additional duty is the duty to report, and not to detect, any
violation of laws that came to the auditor’s attention during the course
of the audit.
For example, audit firms have seen their costs of defending such
lawsuits, including management time and their insurance premiums,
increase dramatically in recent years. The firms has also suffered
from significant blows to their reputations through the negative
publicity arising from litigation.
Approaches to Minimising Legal
Liability
Everyone involved with the public accounting profession has an
interest in minimising auditors’ exposure to legal liability.