Litigation Services
Our Team
Careers & Culture
Contact Us


Audit Committee Under a Microscope: Responding to Fraud Allegations

By David P. Hoffman

If any corporate board members—especially those sitting on audit committees—need a reminder of their responsibilities when it comes to watching for fraud, the name Rudolph Peselman should be burned into their memories forever. As readers of this publication likely know, Peselman was an outside director and chair- man of the audit committee for now-defunct Chancellor Corp. He also was the first outside director to be subject to SEC action while not actively involved in a misdeed.

The commission found that Peselman “failed to do what was necessary to educate himself on the question of whether his company’s accounting for an acquisition was proper, even though he knew there was an accounting dis- pute,” according to a speech by SEC Chairman Christopher Cox at the 2006 Corporate Directors Forum at the University of San Diego. (The full text of the speech is available on the Web at www.sec.gov/news/speech/spch013106cc.htm) The SEC claimed he ignored “clear warning signs that financial improprieties were ongoing” and signed “a number of false financial state- ments.” As a result, Peselman was subject to SEC charges, which have since been settled, leaving Peselman under permanent injunction and forever prohibited from serving as a cor- porate director.

In that same speech, Cox noted that the SEC is particularly focused on ensuring that cor- porate directors fulfill their “key role” of pro- tecting investors: “We bring actions whenever we find that a director fails to live up to his or her role as guardian of the shareholders’ interests,” he said.

Committee Members’ Responsibilities
The question in the minds of many corporate directors, particularly members of audit com- mittees or special committees of the board, is how to make sure they do all they can to fulfill that responsibility. Of particular concern is prompt and appropriate response to allegations of financial impropriety.

In a survey of corporate directors and officers conducted last year by Ernst & Young, 28 per- cent of the respondents said that audit com- mittees do not have sufficient financial literacy.

The requirement of the Sarbanes-Oxley Act of 2002 that at least one audit committee member must have a financial background is helpful on that front. Additionally, Section 301(m) (5) of Sarbanes-Oxley provides that an audit com- mittee must have the authority to hire any “advisers as it determines necessary to carry out its duties.” So, should information come to the board about a potential—or definite— problem, the committee can hire others from outside to help them get a handle on the issue.

Other guidance offered within the same sec- tion of the Sarbanes-Oxley Act requires that each audit committee establish procedures to receive, retain, and act upon complaints about accounting, internal controls, or auditing matters. This includes an anonymous reporting proce- dure for concerned employees.

In the Ernst &Young survey mentioned above, nearly 45 percent of respondents reported that their companies have been involved in securities class action litigation, an investigatory probe, or a restatement within the prior five years. That would indicate that knowing how to respond to allegations of wrongdoing is central to any audit committee member’s responsibility.

Finding Issues of Concern
The audit committee must have processes in place for employees or others to report problems or other areas of concern to them. For this reason, as well as expectations of accounting firms and corporate officers, issues may come to the committee’s attention in a variety of ways.

Employees may report perceived wrongdoing to the board through anonymous tip lines or letters. Corporate management has a responsibility to report to the board or audit committee on any issues discovered through internal controls mechanisms, and outside auditors have a duty to report on any red flags raised in the course of the financial statement audit.

In addition to these internal means of discovering areas of concern, an anonymous letter may allege wrong- doing, or the audit committee may learn of an issue through an informal request or even a formal subpoena from the SEC to provide information. Additionally, share- holders may bring a derivative action on behalf of the company, prompting the board to examine the merits and potentially take up the cause on the company’s behalf. Regardless of how a matter comes to the board’s or the audit committee’s attention, the audit committee’s must assess the allegations and take appropriate steps to address them in a timely fashion.

Appropriate Action
Based on our experience with audit committees dealing with fraud allegations, one size does not fit all companies or even all stakeholders within one company when addressing allegations of wrongdoing. However, every inquiry starts at a common point.

The first step is to analyze the matter and determine the source and credibility of the allegation. How was the matter uncovered? Was it spotted through the course of internal controls? What level of management is alleged to be involved?

The answers to these questions may well determine whether an investigation is warranted and, if so, to what degree. For example, if a payroll clerk is found to have stolen a few thousand dollars, the audit committee may determine whether it is satisfied with having management investigate, whether the CFO has isolated and quantified the loss, whether proper actions were taken against the individual, and whether any control deficiencies have been fixed. If the committee is satisfied, further action may not be necessary.

On the other hand, in the event of a more serious inci- dent, such as an anonymous claim that senior management is “cooking the books” and a preliminary review by the audit committee that suggests that there may be some merit to the allegation, more vigorous action would be required—and quickly. Depending on the allegations, the board may even want to designate a special committee to look into the claims if, for instance, one or more audit committee member does not have full independence from the matter.

Either way, the audit committee may wish to consider engaging independent outside counsel, possibly even a law firm that had performed no other work for the com- pany or that has no ties to the individuals under suspicion. Secondarily, the committee may well ask the outside counsel to hire forensic accountants to assist with the financial details of the investigation. The skill sets available in law firms and accounting firms are quite complementary in such a serious endeavor.

If the audit committee does choose to hire outside counsel and/or forensic accountants, independence is an important consideration. If the firms involved can show they are fully independent of the company and those involved in the claims, their findings will likely bear more credibility with any and all outside entities that may become involved.

Once the audit committee has determined that an investigation is necessary and identified the parties to con- duct it, the next order of business is to determine the inquiry’s scope. In doing so, the committee and its advisers may want to keep in mind the exact issue they want to consider and where they want to look. Given that there are many types of accounting or financial irregularities, the committee may not want to waste time and money looking into all possible problems and losing focus on the matter at hand. For example, misappropriation of funds and inappropriate treatment of revenue recognition are two very different issues requiring different channels of investigation.

Of course, the audit committee may want to consider building sufficient flexibility into the investigation’s scope so that if, in the course of the planned investigation, evidence is found of other possible accounting problems, the scope can be adjusted accordingly. If new issues arise, the committee and its counsel would likely want to con- sider the findings and determine whether they should be a part of the investigation.

Keep Auditors in the Loop
Based on our recent experience, the committee typically will want to advise its outside auditors of the investigation and its scope early on. Informing the auditors sooner rather than later, and ensuring they are comfortable with the scope, progress, findings, and recommendations of the investigation, can prove valuable later when it comes time for the company to issue its quarterly or annual financial statements. For the auditors to issue a favorable opinion, they must accept that the company has thor- oughly investigated the accounting issues, addressed any shortcomings in the internal controls, made thorough findings and observations regarding integrity of man- agement, and taken any necessary action on that front.

When involving the independent auditors, the com- mittee may want to consider defining the ground rules at the outset. What access will each side have to the other’s work papers? What kind of status updates will take place and how often? Do both sides agree to the work plan for the investigation and the type of report that will come of it?

In our experience, many external audit teams choose to run a “shadow” investigation alongside the audit com- mittee investigation to independently determine whether the audit committee’s findings, actions, and recommen- dations are appropriate.

The committee will want to seek the advice of its legal counsel to determine when and how to involve outside stakeholders, including auditors, regulators, shareholders, and the public. The details of informing those parties— and whether such information is necessary at all—will vary according to the details of the matter at hand.

Once the investigation is complete, the audit com- mittee and its advisers will need to decide how to report their findings and recommendations. This, again, will depend on the details involved and whether outside reg- ulators or courts are involved. Regulators, courts, and, sometimes, outside auditors may request a written report. Unfortunately, there is no rule of thumb here, but it is a matter for discussion and a decision from the committee will be necessary.

The report may cover a wide range of issues, analysis, and evidence. It should include a detailed explanation of the allegation and the scope of the resulting investigation, a list of the individuals interviewed and the memos recounting those interviews, and all data and information sources. The report also may include an assessment of internal control weaknesses and the audit committee’s recommended remediation, and any personnel actions or management reforms necessary based on the findings.

The period over which this all takes place can vary considerably, again depending upon the facts and circumstances. Those listed on the NASDAQ and facing a potential delisting must work under a very aggressive 90-day deadline. Other exchanges and associations are less strict about their time lines.

Depending on the nature of the allegations and the number of people involved in the suspected fraud, we have seen investigations last anywhere from three or four weeks to a year.

An Opportunity for Change
Regardless of the time it takes to complete a thorough investigation, the audit committee must be prepared for the changes that may well be required in its aftermath. In our experience, often companies will implement per- sonnel changes as a result of a fraud investigation and the organizational chart must be adjusted. The chain of reporting related to financial matters may be modified, as may corporate operations.

In addition to the process changes that may be nec- essary, the company may need to restate its prior finan- cial statements issued during the period of the fraud, if the amounts involved turn out to be material. Moreover, depending upon the facts in the case, the SEC may take action as well.

We at Ernst & Young have been involved in a multitude of audit committee investigations, and those investiga- tions have had varied results. Of course, the goal of a company facing allegations of fraud is to assess whatever problems have materialized, find the causes, correct them, and move on as a healthy company. Prompt, appropriate action on the part of the audit committee can go a long way toward making that goal a reality.

Home | Litigation Services | Experience | Our Team | Careers & Culture | Library | Contact Us
© 2019 Acuitas - All rights reserved