Mandatory Auditor Rotation is Dead

Almost two years ago, I wrote about a PCAOB proposal that would require companies to rotate auditors every 5 to 10 years.  The theory was that forcing companies to change auditors regularly would make audits better, because fresh eyes on the books every few years would mean a more skeptical audit.

My position was that it doesn’t matter how long an auditor worked on the same engagement. Instead, the problem is audits themselves. Audits have never been designed to detect fraud. Thus, audits rarely find fraud. I wrote previously:

Research by the Association of Certified Fraud Examiners supports the notion that financial statement audits are not effective at finding fraud. In the most recent Report to the Nations on Occupational Fraud and Abuse, external audits were responsible for detecting only 4.6% of the frauds examined in the underlying study.  This was in spite of the fact that in more than 76% of the cases studied, the victimized organizations had regular external audits.

Further, 31.5% of fraud examiners participating in the study stated that external audits were “very important” in detecting or limiting the fraud. This demonstrates the disconnect between the perception of the effectiveness of audits in detecting fraud and the reality. Even though independent audits detected only a tiny portion of the frauds, the fraud investigators still thought they were very important to doing so.

If this kind of disconnect exists with those investigating fraud, it is likely even worse for management and outside investors. Despite boiler plate disclaimers on the auditors’ responsibility for detecting fraud, and the independent evidence that demonstrates over and over that audits do not regularly find fraud, users of financial statements still appear to expect that external auditors can and will find fraud.

Unless the process of auditing is changed substantially, the rate of detection of fraud during audits will not increase in any meaningful way. And Sarbanes Oxley has proven that regulations don’t make auditors better at preventing and detecting fraud.

So it is interesting that PCAOB has abandoned the idea of auditor rotation. Maybe PCAOB could instead focus on figuring out what would make audits more effective when it comes to finding fraud?


  1. You are preaching to the choir Tracy. As a now former auditor who has done a lot of PCAOB audits, I thought this proposal was totally useless, but for different reasons. Yours make a lot of sense.

    Your last sentence is also right on the money. I’ve attended three or four PCAOB seminars on auditing in the small business environment and found them to also be mostly useless. They always started with 30 minutes of horror stories on bad audits designed to scare us. Then more criticism. And more. The PCAOB views auditors as the enemy; they don’t think that auditors want to do a good audit. I always wished they would have spent time in these sessions working with auditors to make the audits more effective period, both from a misstatement perspective and towards finding fraud. That apparently made too much sense.

    1. Tracy Coenen

      Good to hear from you, Joel!

      As much as I think auditors want to do a good job, I also realize they are out to protect their own asses. Enhancing procedures to better detect fraud would inherently place more responsibility (perceived or real) on the auditors to detect fraud. That means more liability with each and every audit. That is the reason why I think auditors in general are quietly opposed to any large scale changes.

Leave a Reply