Bridging the expectations gap

  • Published on

  • View

  • Download

Embed Size (px)


  • Regulators andothers firstbegan immortal-izing the term expec-tations gap in the1970s (e.g., AmericanInstitute of CertifiedPublic Accountants[AICPA], 1977; Liggio, 1974) as a wayto describe the differencebetween financial statementusers ideas of a financial state-ment audit and what auditingstandards require in a financialstatement audit. Thirty years, anuntold number of new auditingstandards, and at least a dozenaccounting scandals later, westill appear to be no closer toclosing the gap.

    Recent efforts to close thegap include the Public CompanyAccounting Oversight Boards(PCAOBs) recently issuedAuditing Standard (AS) No. 6,Evaluating the Consistency ofFinancial Statements, intendedto improve communication whenfinancial statements are restated(PCAOB, 2008), and the Sub-committee on Firm Structureand Finances of the TreasuryAdvisory Committee on theAuditor Professions final rec-ommendation that the auditorsrole in detecting fraud under

    current auditing standards beclarified in the auditors report(Advisory Committee on theDepartment of the Auditing Profession, 2008).


    Unfortunately, the communi-cation tool that the professionuses to describe a financial state-ment audit is three paragraphslong and a little under 250 words.In this article, we attempt to bet-ter clarify what auditors do. Inaudits of the largest corporations,backing up those 250 wordsentails fees of millions of dollarsand thousands of hours of profes-sional labor.1 We hope by betterexplaining the auditing standardsthat underlie the meaning of theauditors report that we can helpreduce the expectations gap.

    Explaining the role of theaudit is important for several

    reasons. First, a lack ofunderstanding betweenthe public and auditorshas long been consid-ered a source of litiga-tion risk. Research indi-cates that jury poolshave very differentexpectations of audi-tors roles than auditors

    do (Frank, Lowe, & Smith,2001). These business risks ofaudit firms are necessarilypassed onto clients in the formof higher audit fees. Further, theconfidence of the capital mar-kets in the assurance role of theauditor is undermined when therole of the auditor is poorlyunderstood. This is perhapsespecially true in the case offraudulent financial reporting.The auditors responsibility forthe detection of fraud continuesto be one of the biggest contrib-utors to the expectation gap.

    In this article, we identifyissues that we believeandothers have reportedcontributeto the gap between financialstatement users beliefs andauditors processes (e.g.,McEnroe & Martens, 2001). Wediscuss these issues in the con-text of the auditors communi-cations tool, the auditorsreport. Topics covered include:

    The term expectations gap describes the differ-ence between investors ideas of a financial state-ment audit and what standards actually require.Despite many changes in auditing standards,investors still misunderstand the auditors report.

    2009 Wiley Periodicals, Inc.


    2009 Wiley Periodicals, Inc.Published online in Wiley InterScience ( 10.1002/jcaf.20547

    Bridging the Expectations GapDenise Dickins and Julia L. Higgs





    JCAF-21-1_20547.qxd 9/26/09 6:15 AM Page 51

  • what is meant by an unqualifiedopinion; what is the auditorsresponsibility for the detectionof fraud; how does an auditordetermine materiality; what ismeant by a financial statementrestatement; when does an audi-tor issue a going-concern opin-ion; what does it mean when acompany reports a materialweakness in internal control; andhow does a review of quarterlyfinancial data differ from anaudit of the annual financialstatements?


    The auditor is limited inwhat may be communicated toreaders of financial statements tohis or her report. As thereport is required to bestandardized, the auditorhas limited ability to mod-ify or to provide additionalexplanation about the con-duct of the audit or thejudgment that is part of theauditing process. Thesejudgments include anassessment of materiality,an assessment of goingconcern, a determination ofthe existence of errors and fraud,and a determination of whetherinternal control violations meetthe criteria of being materialweaknesses, among other things.The AICPA and the PCAOBcarefully vet the standard word-ing of the auditors report tocommunicate to readers whatresponsibility the auditor takesfor the audit of the financialstatements.

    Until 2002, auditing stan-dards were set by the AuditingStandards Board (ASB) of theAICPA. Standards set by theASB are called Statements ofAuditing Standards (SASs).2

    Because of the events culminatingin the signing of the Sarbanes-Oxley Act of 2002 (SOX), theprofession was deemed to beincapable of self-regulation withrespect to setting auditing stan-dards and monitoring the qualityof auditors of publicly-tradedcompanies, so the PCAOB wascreated. The PCAOBs primaryfunctions are standard settingand the registration and inspec-tion of auditors of publiclytraded companies.3 Thus, theASB now sets auditing standardsfor audits of privately held com-panies, and the PCAOB setsauditing standards for audits ofpublic companies.4 ThePCAOBs rules of auditing arecalled Auditing Standards(ASs).5 SASs 1 to 100 wereadopted by the PCAOB as

    Interim Standards; thus, auditsof privately held and publiclytraded companies are identical inmany ways. Since 2002, theASB has adopted 16 additionalSASs and the PCAOB hasadopted six ASs, some of whichmodify Interim Standards. AllASs must be approved by theSEC prior to becoming law forpublicly traded companies.6

    Auditors of privately heldcompanies generally only reporton the financial statements. AS5, An Audit of Internal ControlOver Financial Reporting ThatIs Integrated with An Audit ofFinancial Statements (PCAOB,

    2007), supersedes AS 2, AnAudit of Internal Control OverFinancial Reporting Performedin Conjunction With an Audit ofFinancial Statements (PCAOB,2004), and requires that auditorsof publicly traded companiesreport on the financial state-ments and on the effectivenessof internal control over financialreporting. Internal control overfinancial reporting is anyprocess or procedure considerednecessary to ensure that externalfinancial reports are accurate,complete, and timely. As anexample, the timely preparationand review of bank reconcilia-tions is necessary to ensure thatthe amounts reported as cash inthe financial statements are validand, hence, part of a companyssystem of internal control over

    financial reporting. On theother hand, the recruitmentof sales personnel is aprocess that likely has littledirect impact on the finan-cial statements and thereforeis not a part of a companyssystem of internal controlover financial reporting.

    These required tests ofinternal controls for largepublicly traded companiesmay magnify the expecta-

    tion gap for small public compa-nies and for privately held com-panies,7 as readers of auditreports of privately held compa-nies generally believe that audi-tors do a lot more testing ofinternal controls than is required(McEnroe & Martens, 2001).For audits where AS 5 is notmandated, the auditing standardsonly require that the auditor gainand document their understand-ing of the system of internalcontrol in order to assess the riskof material misstatement in thefinancial statements, whetherdue to error or fraud. Only if theauditor determines that it is more

    52 The Journal of Corporate Accounting & Finance / November/December 2009

    DOI 10.1002/jcaf 2009 Wiley Periodicals, Inc.

    The AICPA and the PCAOB carefullyvet the standard wording of theauditors report to communicate toreaders what responsibility the audi-tor takes for the audit of the finan-cial statements.

    JCAF-21-1_20547.qxd 9/26/09 6:15 AM Page 52

  • effective and efficient to rely oninternal controls is testing ofinternal controls required. If theauditor believes that either (1) itis more efficient to only performtests of details and analyticalreview to support his or herreport on the financial state-ments or (2) that a companyssystem of internal control is notsufficiently effective to ensurethat if material errors or fraudoccur, they will be detected in atimely manner, the auditor wouldlikely opt to place no reliance ona companys system of internalcontrol. In such instances, notesting of internal controls isrequired. Further, if the auditorconcludes the companys systemof internal control is inadequate,this conclusion is not required tobe documented or reported in theauditors report on financialstatements. The auditors reporton the financial statementsmakes no representation aboutthe quality or effectiveness ofinternal controls.


    There are four types ofreports that an auditor may issueon the financial statements:unqualified, qualified, adverse,and disclaimer. As the Securitiesand Exchange Commission (SEC)will not accept the last three typesof auditors reportswhich basi-cally say that the auditor eitherbelieves that the financial state-ments are not presented in accor-dance with generally acceptedaccounting principles (GAAP) orthe auditor was unable to com-plete all of the procedures neces-sary to be able to form an opinionabout the fairness of the financialstatementswe focus our discus-sion on the various types ofunqualified reports typicallyaccompanying financial state-ments filed with the SEC.

    The basic, unqualified reporton the financial statementsincludes three paragraphs. Thelanguage attempts to clearlycommunicate some things thathistorically have contributed tothe gap between readers offinancial statements and audi-tors. The standard unqualifiedopinion without modification ispresented in Exhibit 1. It hasthree standard paragraphs: intro-ductory, scope, and opinion.

    Introductory Paragraph

    The introductory paragraphdescribes which financial state-ments are audited (i.e., name of

    company and period covered bythe financial statements) andaffirms that the financial state-ments are the responsibility ofmanagement, while the auditorsresponsibility is the expressionof an opinion on the financialstatements. The reports emphasis on managementsresponsibility for the financialstatements is intended as areminder that management hasprimary responsibility for thedetection of error and irregulari-ties (fraud) in the financial statements.

    One of the largest sources of the expectations gap is theauditors responsibility for the

    The Journal of Corporate Accounting & Finance / November/December 2009 53

    2009 Wiley Periodicals, Inc. DOI 10.1002/jcaf

    Independent Auditors Report

    We have audited the accompanying consolidated statements of financialposition of ABC Company as of December 31, 2XXX and 2XXX, and therelated consolidated statements of operations, shareholders equity, andcash flows for each of the three years in the period ended December 31,2XXX. These financial statements are the responsibility of the Companysmanagement. Our responsibility is to express an opinion on these finan-cial statements based on our audits.

    We conducted our audits in accordance with auditing standards generallyaccepted in the United States (or standards of the PCAOB). Those standardsrequire that we plan and perform the audit to obtain reasonable assuranceabout whether the financial statements are free of material misstatement.An audit includes examining, on a test basis, evidence supporting theamounts and disclosures in the financial statements. An audit also includesassessing the accounting principles used and significant estimates made bymanagement, as well as evaluating the overall financial statement presenta-tion. We believe that our audits provide a reasonable basis for our opinion.

    In our opinion, the consolidated financial statements referred to abovepresent fairly, in all material respects, the financial position of ABC Com-pany of December 31, 2XXX and 2XXX, and the results of their opera-tions and their cash flows for each of the three years in the periodended December 31, 2XXX, in conformity with accounting principlesgenerally accepted in the United States of America.

    Exhibit 1

    JCAF-21-1_20547.qxd 9/26/09 6:15 AM Page 53

  • detection of fraud. Over theyears, the AICPA has made sev-eral attempts to bridge the expec-tation between what the publicperceives an auditors responsi-bility is for the detection of fraudand what auditors are actuallyable to do in the context of thedetection of financial statementfraud. The AICPAs most recentattempt is SAS 99 (AICPA,2002a). This standard, written inconjunction with the Associationof Certified Fraud Examiners, isunique among auditing standards.In addition to audit requirements,it has an appendix to help audi-tors identify fraud risk factorsand also has an appendix to assistmanagement in developing fraud-prevention programs.

    Under SAS 99, man-agement and those chargedwith governance areresponsible for setting theproper tone, creating andmaintaining a culture ofhonesty and high ethicalstandards, and establishingappropriate controls to pre-vent, deter, and detectfraud (paragraph 4). Audi-tors have a responsibility toplan and perform the auditto obtain reasonable assuranceabout whether the financial state-ments are free of material mis-statement whether due to error(unintentional misstatements) orfraud (intentional misrepresenta-tions) (paragraph 12). As mightbe expected, intent is often diffi-cult to prove. Nevertheless, theaudit must include audit testsdesigned to detect both. Theauditor must conclude whether ornot the financial statements arefree of material errors and fraud.

    Materiality is described inAU Section 312A (AICPA, 1983)and references the FASB Con-cepts Statement 2 (FASB, 1980)definition: the magnitude of anomission or misstatement of

    accounting information that, inthe light of surrounding circum-stances, makes it probable that thejudgment of a reasonable personrelying on the information wouldhave been changed or influencedby the omission or misstatement.AU 312A describes the qualitiesof a reasonable person that wouldbe relying on financial statementsand presumes that readers offinancial statements (1) have anappropriate knowledge of busi-ness and economic activities andaccounting and a willingness tostudy the information in thefinancial statements with anappropriate diligence; (2) under-stand that financial statements areprepared and audited to levels of

    materiality; (3) recognize theuncertainties inherent in themeasurement of amounts basedon the use of estimates, judgment,and the consideration of futureevents; and (4) make appropriateeconomic decisions on the basisof the information in the financialstatements.

    For public companies, theSEC further clarified the conceptunder Staff Accounting Bulletin(SAB) No. 99, Materiality (SEC,1999). SAB 99 requires that theauditor consider both quantitativeand qualitative factors whendetermining materiality. Thismeans that materiality judgmentsmay not solely be based onthresholds of financial data. They

    must also consider qualitativefactors such as the impact...