In cases of corporate fraud, including embezzlement, financial statement fraud, earnings management, bribery, and the like, it’s easy to blame the auditors. After all, they have very deep pockets, often with large malpractice policies.
Even though the task of auditors is usually well-defined and agreed-to by shareholders, management, and the board of directors, it doesn’t seem to matter to them that the financial statement auditors aren’t responsible to find fraud during their audits. People quickly forget that the auditors disclaim responsibility for finding fraud multiple times before, during, and after the audits, and that management is ultimately responsible for preventing and detecting fraud in their own companies.
Last week Navistar sued their former auditors, Deloitte & Touche, for fraud, fraudulent concealment, breach of contract, and malpractice. The lawyers say Deloitte lied about its competency in performing audits, and the company ultimately restated its financial statements for 2002 through 2005. Whose fault is it that Navistar overstated its pre-tax income by $137 during those years? According to them, Deloitte.
Navistar employees buried their fraud in accounts that are easy to manipulate, and the task of hiding the fraud from the auditors isn’t too hard either. The fraud was hidden in accounts such as vendor rebates, warranty reserve, vendor buybacks, and other income.
In this case, there is little dispute that management engaged in wrongdoing. In 2010, employees Mark Schwetschenau, James McIntosh, Thomas Akers, James Stanaway, Ernest Stinsa, and Michael Schultz agreed to bee sanctioned by the SEC for their role in the fraud and cover-up. The employees held positions including VP of Finance, Controller, Director of Purchasing, Director of Finance, and Plant Controller.
As per usual, Navistar and its employees didn’t admit to any wrongdoing in their settlement with the SEC, but it’s obvious to the world that there was wrongdoing, thus the restatement of the financial statements and the settlement of SEC charges. In settling the case, each employee agreed to pay a fine of $25,000 to $150,000. In addition, Navistar’s CEO Daniel Ustain and CFO Robert Lannert agreed to clawbacks of $1.3 million and $1 million in bonuses they got during the periods that Navistar’s income was fraudulently inflated. (Not to worry, however! Ustain got an extra big bonus in December 2010 that made up for what he had to pay back.)
Navistar’s story about the fraud seems to keep changing. Early on in the case, the company denied wrongdoing and said the problem was with “complicated” rules under Sarbanes-Oxley. I’m not sure how SOX is to blame for management having secret side agreements with its suppliers who received “rebates.” Or improperly booking income from tooling buyback agreements, while not booking expenses related to the tooling. Or not booking adequate warranty reserves. Or failing to record certain project costs.
And now the company says Deloitte is to blame.
Here’s what’s funny about lawsuits like this: They essentially say… Our employees committed fraud and actively took steps to avoid discovery by the auditors. The auditors did not discover the fraud (at all, or soon enough), and now we’re going to hold them responsible for that failure.
In the case of Navistar, each of the fraudulent accounting schemes above are nearly impossible to detect. The company failed to book items or provide information about them to the auditors, yet they are suing the auditors for failing to find the items.
The same thing is happening at Koss Corp. Their VP of Finance, Sujata Sachdeva engaged in a long-term scheme to steal more than $31 million from the company. She actively engaged in the cover-up, ensuring that auditors Grant Thornton would never find her fraud. Indeed, they didn’t find it, and now Koss is suing them for malpractice.
Remember that an audit is a limited examination of a company’s books and records to determine if the financial statements comply with the accounting rules. Francine McKenna gives a good summary of the auditors and the audit. An audit is not an examination of every transaction throughout the year, and even if it was, there is still no guarantee that they’d find a fraud scheme. Errors are often found during audits because they are naturally occurring and unconcealed. Fraud (sometimes called “irregularities” to pretty it up a little) is intentionally concealed from the auditors, so it is difficult (if not impossible) to find during a routine financial statement audit.
I’m not a fan of audits. I think investors give them more reliance than they should, mostly because they don’t really understand the audit process or what assurance audits really provide.
I am not saying that auditors are blameless. They make plenty of mistakes. But that doesn’t mean that in this case, Deloitte is truly to blame.
I often refer to audits as a process which has “limited usefulness.” An audit is a specific type of examination that leaves plenty of stones unturned. If people don’t like the audit process or the results, then they need to work to change the role and work of auditors. Auditors are not required to find fraud, and audits are conducted in such a way that they rarely do find fraud. That is reality.