2Presentation Outline Preliminary Legal Concepts Common Law and the AuditorStatutory Law and the AuditorProfession’s Response to Legal LiabilityProtecting Individual CPAs from Legal Liability
3I. Preliminary Legal Concepts Distinguishing Between Failures and Audit RiskThe Expectations GapThe Prudent Person ConceptCPA Liability
4A. Distinguishing Between Failures and Audit Risk Business failure occurs when a business is unable to repay its lenders or meet the expectations of investors because of economic or business conditions.Audit risk represents the risk that the auditor will conclude that the financial statements are fairly stated when in fact they are materially misstated.Audit failure occurs when the auditor issues an erroneous audit opinion as a result of failing to comply with GAAS.
5In most cases, courts continue to support the auditor’s view. B. The Expectations GapMany financial statement users believe that auditors guarantee the accuracy of financial statements, and some even believe that an auditor guarantees the financial viability of the client’s business.Most auditors believe that the conduct of an audit in accordance with GAAS is all that can be expected of auditors.In most cases, courts continue to support the auditor’s view.
6C. The Prudent Person Concept A person offering service is understood as holding themselves out to the public as possessing the degree of skill commonly possessed by others in the same employment, and if the pretentions are unfounded, commits a species of fraud upon every person who employs them.A person is liable for negligence, bad faith, or dishonesty, but not for losses resulting from pure errors of judgment.
7Joint and Several Liability Separate and Proportionate Liability D. CPA LiabilityJoint and Several LiabilityThe assessment against a defendant for the full loss suffered by the plaintiff, regardless to which other parties shared in the wrongdoing.Separate and Proportionate LiabilityThe assessment against a defendant caused by the defendant’s negligence. For example, if 30% of plaintiff loss is due to misstated financials an accountant would only be held liable for the 30%.For lawsuits in state courts, state law determines which approach to damages applies. When lawsuits are brought under federal securities laws, the separate and proportionate approach will apply except in cases where it can be shown that the CPA knew or participated in the fraud.
8II. Common Law and the Auditor A. Common Law DefinedSources of Auditor Liability to Clients Under Common LawC. Common Law Burden of ProofD. Auditor Liabilities to Third PartiesE. Auditor Defenses Under Common Law
9A. Common Law DefinedCommon law refers to unwritten or case-made law that evolves from prior or precedent cases. It is state dependent meaning that different laws can be applied under common law in different states.
10B. Sources of Auditor Liability To Clients Under Common Law Suit in Contract is based on privity and the auditors alleged breach of the agreement (usually the engagement letter). This source does not apply to third parties (nonclients).Suit in tort is based on negligence, gross negligence, or fraud.
11B1. The Meaning of Negligence Negligence is a failure of a CPA to use due professional care. It is also known by the names simple negligence and ordinary negligence.
12B2. The Meaning of Gross Negligence The CPA made a representation about a materialfact with lack of reasonable support.2. The purpose of the representation was to inducereliance by another.3. The representation was relied on by the client orthird party.Negligence is a failure of a CPA to use due professional care.4. The reliance caused damages to the client or thirdparty.
13B3. The Meaning of Fraud Fraud contains the following items: 1. False representationKnowledge of a wrong and acting with the intent to deceive3. The intent to induce reliance4. Justifiable reliance5. Resulting damages
14Negligence v. Gross Negligence Gross Negligence v. Fraud B4. A Comparison of TermsNegligence v. Gross NegligenceDifference is a matter of degree. Negligence is failure to exercise due care. Gross negligence is a reckless departure from the standard of due care.Gross Negligence v. FraudFraud is different from gross negligence in that there is an intent to deceive.
15C. Common Law Burden of Proof In order to hold the auditor liable for substandard auditing, the client must prove:The CPA has a duty of care to the client.The CPA has breached the duty of care.3. The client suffered damages.The damages were caused by the CPA’s breach of the duty of care.
16Ultramares Corporation v. Touche D1. Auditor Liability to Third Parties (Nonclients) – Traditional RulingsUltramares Corporation v. Touchedecided in 1931 in New York.The Ultramares doctrine holds that ordinary negligence is insufficient for liability to third parties because of lack of privity of contract between the third party and the auditor, unless the third party is a primary beneficiary. However, liability to more general third parties will exist if the the third plaintiff can establish gross negligence or fraud. Many courts have broadened the Ultramares doctrine by introducing the concept of a forseen user. Three views have emerged regarding the concept of forseen users.
17D2. Views on Auditor Liability to Third Parties Credit Alliance(1) Auditor must know and intend that the work product be used by the plaintiff third party for a specific purpose. (2) The knowledge and intent must be evidenced by the auditor’s conduct.Restatement of Torts RuleForseen users must be members of a reasonably limited and identifiable group of users that have relied on the CPA’s work, such as creditors, even though those persons were not specifically known to the CPA at the time the work was done.Forseeable UsersAny users that the auditor should have reasonably been able to forsee as being likely users of financial statements have the same rights as those with privity of contract.Current movement is away from the forseeable users approach. There may be some movement toward the Credit Alliance ruling.
18E. Auditor Defenses Under Common Law CPA may use the following defenses under common law:1. There was a lack of duty to perform the service.2. The engagement was performed using reasonable care and skill, and in accordance with GAAS.3. There is no connection between the client’s loss and the CPA’s actions.The second defense can not be used in an action for breach of contract. In addition, there is a trend toward proportional negligence.4. The client was contributively negligent. Note that is defense is not viable against third party plaintiffs since they are not in a position to misstate the financial statements.
19III. Statutory Law and the Auditor A. Statutory Law DefinedB. The Sarbanes-Oxley ActC. Liability to Third Parties (Nonclients) Under the Securities ActsD. Criminal Procedures and Defenses
20A. Statutory Law Defined Statutory law refers to written law as established by federal or state legislative bodies.
21B. The Sarbanes-Oxley Act The Sarbanes-Oxley Act provides for fines and imprisonment of up to 20 years for altering or destroying documents to impede an official investigation. (See Figure 5-9 on page 122)
22C. Liability to Third Parties (Nonclients) Under the Securities Acts The Securities Acts signficantly extended the CPA’s liability to third parties beyond the bounds of common law.Securities Act of 1933 (1933 Act) regulates the initial offering and sale of securities through the mails and other forms of interstate commerce. Only protects original purchaser of securities.Securities Exchange Act of 1934 (1934 Act) deals primarily with trading in previously issued securities.
23C1. Plaintiff’s Burden of Proof Under the 1933 Act - Section 11 The security was part of the offering of shares covered by the registration statement.The registration statement was false or misleading or omitted material information that should have been included.
24C2. Auditor Defenses under the 1933 Act - Section 11 Third-party users do not have the burden of proof that they relied on the financial statements or that the auditor was negligent or fraudulent in doing the audit. The auditor has the burden of demonstrating as a defense that:An adequate audit was conducted in the circumstances orall or a portion of the plaintiff’s loss was caused by factors other than the misleading financial statements.
25C3. Plaintiff’s Burden of Proof Under the 1934 Act – Rule 10b-5 The materiality of the alleged false, misleading, or omitted statement.The CPA’s knowledge of the statement. Although not the current trend, earlier cases considered poor judgment to be equivalent to knowledge.The plaintiff’s reliance on the statements.Actual damages sustained as a result of such reliance.
26C4. Auditor Defenses under the 1934 Act – Rule 10b-5 CPA’s conduct does not include scienter. Scienter is “a mental state embracing intent to deceive, manipulate or defraud.”2. The engagement was performed using reasonable care and skill, and in accordance with GAAS.3. There was a lack of duty to perform the service.4. There is no connection between the client’s loss and the CPA’s actions.
27D. Criminal Procedures and Defenses In a criminal action, the U.S. Justice Department or the state attorney general files suit as the plaintiff.Plaintiff does not need to establish damages, only that a statute has been violated.Plaintiff must establish beyond a reasonable doubt that the auditor knew they were acting criminally.Continental Vending case proved that having an audit conform to GAAS is not always a sufficient defense. Audit personnel were fined and put on probation for inadequate disclosure of related party receivables.Equity Funding Case involved overstatement of net income and assets. Accounts were manipulated by creating fictitious entries in accounting records. Some auditors received jail sentences for sloppy work.Primary defense is “good faith” meaning that the audit complied with GAAP and GAAS, and there was no willful knowledge of criminal acts.
28IV. Profession’s Response to Legal Liability Auditing research in regard to errors, fraud, and auditor independence.Standard setting to meet changing needs.Peer review to identify deficiencies in meeting standards.Oppose unwarranted lawsuits.Lobby for changes in laws to protect accountants.
29V. Protecting Individual CPAs from Legal Liability Deal only with clients possessing integrity.Understand the client’s business.Document the work properly.Exercise professional skepticism.
30The Legal Environment of the Auditor Illegal Client ActsCommon lawNegligenceGross negligenceFraudStatutory lawSecurities lawsCriminal liability