Why auditors fail to detect fraud

They are the money people in organisations … and not investigators, right? But failure to define clearly the roles and responsibilities of auditors can prove risky when a scam goes undetected

Sonia Jaspal currently provides consulting through her own organisation – RiskBoard.

WHEN THE media reports a new fraud, the initial reactions from the public are – “What were the auditors doing? How did they miss it? Were they involved?” The auditors get labelled as morons, conspirators or criminals.

Generally most people jump to the conclusion that auditors had mala fide intentions and became accomplices to get more business. While this may be true in some cases, auditors need the benefit of doubt. They sometimes genuinely miss the cases despite their best effort to diligently perform their duties. This article is an attempt to explain why auditors miss the frauds.

I want to share a joke with you before I explain. Two drunkards were walking on a railway track. The first said to other – “I am really tired, I hope the steps will end soon.” The second replied – “Yeah. I wish they had put the handrails at a better height, my back is killing me.”

Auditors responsibility to detect frauds
We can laugh at this, but if I say most of us don’t see clearly, there will be a lot of angry reactions. But hold on a minute, psychology experiments have time and again proved human beings’ lack of attention to detail. Let me ask you a question – if you see a moonwalking bear on the road, will you notice it? You most probably answered yes. However, in an awareness test, eight basketball players were passing the ball among themselves, and the viewers’ job was to count the number of passes made. In between, a moonwalking bear entered the game for a few minutes. Most of the viewers were so busy counting the passes, that they didn’t notice the bear.

Auditors have the same problem. They have to give a true and fair opinion on the financial statements.

They are not required to focus on detecting frauds, as auditors don’t design the audit programmes to conduct tests for detecting fraud symptoms and probability. Therefore, with no specific coverage, auditors fail at detecting frauds as their attention is diverted to other tasks. For instance, an extract from India’s New Companies Bill, Section 143 reads as follows. Normally, other countries have similar provisions for auditors.

“The auditor shall make a report to the members of the company on the accounts examined by him and on every financial statements which are required by or under this Act to be laid before the company in a general meeting. The report shall, after taking into account the provisions of this Act and the accounting and auditing standards, give a true and fair view of the state of the company’s affairs as at the end of its financial year and profit or loss and cash flow for the year… and such other matters as may be prescribed.”

Auditors punishment on failure
The second question frequently debated is – “Should auditors be punished if they fail to detect frauds?” Section 147, clause 4 of India’s New Companies Bill states the auditor’s liabilities in respect to fraud in the following words:

“Where, in case of audit of a company being conducted by an audit firm, it is proved that the partner or partners of the audit firm has or have acted in a fraudulent manner or abetted or colluded in any fraud by, or in relation to or by, the company or its directors or officers, the liability, whether civil or criminal as provided in this Act or in any other law for the time being in force, for such act shall be of the partner or partners of the audit firm and of the firm jointly and severally and such partner or partners of the audit firm shall also be punishable in the manner as provided in Section 447.”

This clause in some form is generally applicable to auditors of most countries and puts them on shaky ground. It is difficult to prove innocence once fraud is detected. How can an auditor state – “I did my work properly, saw these documents, looked at the same audit evidence but didn’t find anything wrong with it”? Most will jump to the conclusion that the auditor knowingly ignored all the evidence.

Let us build a scenario for the auditor. An auditor is checking 100 vouchers with supports. One voucher among the 100 is fraudulent. What is the probability of the auditor noticing it? What if I say it is less than 25%?

You might have difficulty believing this, but a normal person doesn’t even notice when the person he/she is talking to is swapped in between the conversation. British author Derren Brown conducted a perception and change blindness experiment to prove so. A person was asking directions from a stranger on the road. Two people carrying a huge painting interrupted the conversation. Meanwhile, the person asking for directions was swapped quickly and the new person continued the conversation. In 75% of the cases, people didn’t notice that the six foot man they were talking to was different!

Is it possible then for auditors to have such heightened sensitivity that they will notice minuscule alterations and fudging on fraudulent documents? After understanding these experiments, it shouldn’t be surprising that auditors fail to detect frauds. Though auditors are trained, they are human. The same psychology works with them too.

The success rate of detecting frauds will be higher when the auditors – external and internal – have specific responsibility to detect frauds. Without the specific responsibility, regulators can continue to complain and investors will share their anguish, however all will be futile. The laws need to be devised to hold someone responsibly for detecting frauds.

What is your opinion?