PwC Audit Scandal and Fraud ACC 574 Week 6 Assignment 3
The Sarbanes-Oxley Act (SOX) of 2002 has gone to great lengths in enhancing accountability and integrity of financial information presented by public companies. The act lays down specific guidelines to be followed by public companies during preparation of financial reports. It also guides public accounting firms on specific areas they should investigate such procedures in place, internal controls, conformance to policies and other areas when conducting audit checks. The following explains in details how the SOX Act has managed to reduce corporate fraudulent activity and enhance credibility to the public who rely on the financial reports.
Introduction of new and better auditing practices
The SOX Act brought with it new practices in the auditing and accounting fields. The act lays down specific guidelines to be followed during auditing. One of the notable changes introduced by the act is the relationship between the public company’s management and the outside auditors. Prior to the enactment of the act, the public company’s management often developed cordial relations with the external auditors, often resulting from the long working periods shared (Carol and Rolf, 2005). This would often cloud judgment by the outside auditors as they were more inclined to overlook certain issues. In addition to this, outside auditors or firms could provide more than one service to the public company. With the enactment of the SOX Act, public companies were required to appoint an independent committee in charge of overseeing the appointment and general conduct of an external auditing firm (Jahmani, 2011). This reduced public companies’ control over the external auditors and also their ability to influence the external auditors’ decisions.
SOX Act makes the management responsible for accuracy of financial reports
The SOX Act holds the management responsible for accuracy of the financial reports. This gives users of such reports assurance of their authenticity. Prior to the SOX Act, the management could pass the blame to other parties such as the auditors or accountants (Carol and Rolf, 2005). A case in point is the downfall of Worldcom and Enron where the management passed the blame to auditors and accountants. This happened prior to the enactment of the act. With the enactment of the act, the Chief Executive Officers (CEOs) as well as the Chief Financial Officers (CFOs) are liable for any misinformation presented in quarterly and final reports (Carol and Rolf, 2005). In addition, the act stipulates that any illegal gains made by the top management must be reimbursed to the company. These provisions have made the top management keen in the affairs of the company especially in the preparation of financial reports. The act puts pressure on the top management to ensure that the financial reports are true and representing the true picture of the state of the company.
More oversight on internal controls
The SOX Act requires all public companies to periodically conduct internal tests that are aimed at reducing fraud. The act requires external auditors to conduct a thorough analysis of the internal controls put in place by the management, in a bid to assess their reliability (Carol and Rolf, 2005). The internal controls are vital to a business since they help establish whether there are violations to a company’s business systems. Public companies are required to produce an internal control report at the end of the financial year. External auditors are tasked with the responsibility of ensuring that the internal controls are effective in ensuring accuracy of financial records, proper recording of information and elimination of material weaknesses in financial records (Jahmani, 2011). This has greatly reduced fraudulent reporting by most public companies.
The audit of Satyam Computer Services ignited a heated debate over the quality and reliability of the audit report tabled by PWC LLP, an Indian affiliate that conducted the audit. An investigation was launched to determine whether claims made by the company’s founder, Ramalinga Raju, had any basis (Norris, 2011). The founder claimed to have fictitiously put the company’s assets at $1 billion. In addition, the reliability of the audit report was put into question after it emerged that some of the accounts reported were dubious.
The magnitude of the erroneous audit report indicates that PWC may have overlooked some of the important auditing standards while assessing Satyam Computer Services. According to Norris (2011), PWC auditors overlooked even the basic procedures that an audit ought to follow. This report faults the auditors who failed to directly verify cash in bank accounts, but instead chose to wholly depend on reports on bank balances provided by Satyam Computer Services’ management. The management exploited the loophole and thus gave the auditors fictitious account balances. The auditors did not adhere to auditing standards which resulted to the erroneous audit report. According to SOX Act, auditors must act independently of the public company’s management, and no consultation may be provided by the auditors to the public company.
PWC auditors failed to act on conflicting reports on bank account balances issued by various banks and those issued by the management on the same. According to Norris (2011), bank account balances sent to the audit firm significantly differed with those sent by the company’s management, yet the auditors disregarded these discrepancies. For instance, the auditors failed to investigate a cash discrepancy of $ 97.6 million dollars that resulted from differing figures given by BNP Paribas and Satyam Computer Services management in 2007. In 2008, another cash discrepancy was reported between the management which claimed cash balances of over $152.9 million while the actual figures released by Citibank showed that cash balances amounted to $ 330,172 (Norris, 2011). This clearly indicates that auditing standards were not observed. The SOX Act requires that public companies must have robust policies, IT systems and internal controls that are capable of enhancing compliance. In addition, public companies are required to validate or explain reported figures. For instance, companies should explain how reported figures were obtained. The audit team overlooked this critical standard.
Some analysts have raised suspicion on possible collusion between the auditors and the management to commit fraud. According to Bhasin (2013), PwC auditors were paid twice as much compared to what other auditors were paid in other firms. This indicates that there was a close relationship between Satyam management and the auditors, something which is against auditing standards. According to Francine (2009), PWC and Satyam had developed close relationships that compromised the ideal auditor-client relationship as outlined by auditing standards. In 2008, Satyam and PWC had entered into a contractual agreement whereby PWC marketed Idearc, a consulting firm under Satyam.
Much of the available evidence suggests possible collusion between PWC auditors and Satyam management. It is unlikely that the auditors over-relied on the internal controls and thus failed to perform all the necessary tests. Despite Satyam Computer Services having produced misrepresenting financial reports for over7 years since 2002, PWC auditors were unable to detect the anomalies. This comes even when some of the cash balance anomalies were so apparent that it would have been hard for any serious auditors to miss. For instance, Satyam Computer Services claimed to have in excess of $ 1.04 billion in non-interest bearing accounts. This would have raised alarm among PWC auditors as such an amount of money would basically be channeled to interest bearing accounts (Bhasin, 2013). Even without the reliance on internal controls, such a conspicuous error would easily be singled out.
Despite having been issued with contradictory account balances by BNP Paribas and Citibank, the auditors did not take any step to conduct further tests or to identify the source of the discrepancies. In a normal audit situation, such discrepancies would have necessitated thorough testing of the affected accounts. Surprisingly, just 10 days after a new auditing firm – Merrill Lynch was appointed, fraud cases dating back to 2002 were unearthed (Norris, 2011). This indicates that PWC auditors were either in collusion with the management or grossly inept. A normal audit would basically identify the errors in account balances and raise alarm. Thus, this failure cannot be attributed to overdependence on the internal controls.
Related paper: Emerging Auditing Issues
In fraud cases where the upper management is involved, internal controls may fail to yield the desired results as they can easily be circumvented. To overcome such limitations, external checks from either auditors or directors are necessary. Available literature indicates that the upper management has a critical role to play in preventing fraud, and in cases where the management lacks integrity, fraud may easily be perpetuated. According to Haugen and Selin (1999), quality of internal controls is largely determined by management’s integrity, and the level of technology applied. A study conducted by Sharma and Brahma (2000) found that those in supervisory positions have a critical role to play in averting fraud. In addition, the study also found that fraud often occurs in firms where there is laxity in conformance to procedures and rules. This shows that under no circumstances should auditors rely on internal controls established by the management. This is because they can easily be overridden by corrupt individuals in management levels. Bearing such knowledge, PWC auditors would not rely on internal controls over the7-year period that fraud occurred. Thus, the auditors’ failure may only be attributed to deficient audits they conducted the entire period.
PWC auditors also failed to ensure that Satyam Computer Services observed the audit procedures to the latter as outlined by the SOX Act. According to Patterson and Range (2009), Satyam failed to prepare a documentation of the internal controls that it had put in place to avert fraud cases as required by the act. The CEO as well as the CFO must attest that the internal controls put in place are reliable and have the capacity to identify fraud or errors in the system (Patterson and Range, 2009). This indicates that the auditors were negligent and only carried out deficient audits that would not unearth any fraud cases. PWC auditors failed to observe the basic auditing procedures, which resulted to fraud being perpetuated for over 7-years.
Bhasin, M. L. (2013). Corporate accounting fraud: A case study of Satyam Computers Limited. Open Journal of Accounting, 2, 26-38. doi.org/10.4236/ojacct.2013.22006
Carol, A., & Rolf, J. D. (2005). Efficay of the Sarbanes-Oxley Act in curbing corporate fraud. Rivier College Online Academic Journal, 1(1): 3-12.
Haugen, S., & Selin, J. R. (1999). Identifying and controlling computer crime and employee fraud,industrial management & data systems. Open Journal of Accounting, 99(8), 340- 344. doi:10.1108/02635579910262544
Jahmani, Y. (2011). Pros and cons of Sarbanes-Oxley Act. Journal of Business and Economics Research, 6(10), 30-57.
Norris, F. (2011, April 5). Indian accounting firm is fined $7.5 million over fraud at Satyam. The New York Times. Retrieved from http://www.nytimes.com/2011/04/06/business/global/06audit.html?_r=0
Patterson, S., & Range, J. (2009, Jan. 9). Pricewaterhouse defends its audit procedures. The Wall Street Journal. Retrieved from http://www.wsj.com/articles/SB123146526213566793
Sharma, S., & Brahma (2000). A role of insider in banking fraud. Journal of Business Research, 1(9), 13.45.