Monday, October 15, 2018

Finance Professor Exposes "Deeds of Darkness"

A recent article in Bloomberg Businessweek highlighted the work of UT-Austin finance professor John Griffin, and his work in exposing the Bitcoin—Tether cryptocurrency connection. He found that when “Bitcoin fell to certain levels, purchases using Tether would flood in to stabilize prices” and this “fit a pattern consistent with someone, or a group of people, trying to manipulate Bitcoin prices.” Griffin also published a paper last year alleging a favorite benchmark of volatility in the finance industry, the XIV, was rigged. His work has drawn an “eager readership” among watchdogs, including the Department of Justice and the Commodity Futures Trading Commission.

Chinese Spies Infiltrate almost 30 U.S. Companies

On October 4th, Bloomberg published an article detailing how Chinese spies placed microchips on motherboards produced for Super Micro Computer Inc., one of the biggest supplies of motherboards in the world.  Supermicro products are used by large tech companies such as Amazon and Apple. These microchips allow the servers they have been inserted into to be accessed remotely by those that put them there, and gather all the information they want. According to the article, "one government official says China’s goal was long-term access to high-value corporate secrets and sensitive government networks. No consumer data is known to have been stolen.”   A link to the full article is provided below.

Wednesday, October 3, 2018

NY Times Investigation digs into possible President Trump tax fraud

On October 2nd, the New York Times published a recent investigation into the President's taxes in the 1990s. The investigation states that "President Trump participated in dubious tax schemes during the 1990s, including instances of outright fraud, that greatly increased the fortune he received from his parents..." The investigation also concludes that, contrary to the President's claim that he is a "self-made billionaire," Trump owes his fortune to his father, who repeatedly bailed his son out of failed businesses. The article alleges that the President and his family engaged in tax fraud to avoid inheritance taxes as the father of the president passed his fortune on to his posterity. 

Links to a summary article and the full investigation are included below.

Wednesday, January 31, 2018

Auditors and Fraud: Interview with Going Concern

Mark was recently interviewed by Going Concern about auditors' responsibilities to detect fraud. Here are a few highlights:

Tuesday, January 2, 2018

PWC Held Responsible for Not Detecting Fraud

The Wall Street Journal published an article explaining that PricewaterhouseCoopers (PWC) was held responsible for failing to detect fraud in their independent audits of Colonial Bank. Colonial Bank collapsed in 2009 and, according to the Tampa Bay Times, was the sixth largest bank failure in history. The articles estimate that PWC may be responsible for damages totaling hundreds of millions of dollars.

This is an interesting case because the audit firm has had some individuals claim, in court, that auditors are not responsible to detect fraud. The court rejected this claim and said auditors who don't design audits to detect fraud are not following their own auditing standards. Here are some details from the FDIC order related to the case:

“While there are numerous auditing standards that are implicated in this case,...the overarching standard that governed the PWC audits is that: “[t]he auditor has a responsibility to plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatements, whether caused by error or fraud.” AU § 110.02; AU § 316. PCAOB Auditing Standard No. 2 states that “[a]lthough not absolute assurance, reasonable assurance is nevertheless a high level of assurance.” Id. at ¶ 17. To that end, a PCAOB 2007 release clarified that “[t]he auditor should, therefore, assess risks and apply procedures directed specifically to the detection of a material, fraudulent misstatement of the financial statements." (emphasis added). The Engagement Letters between PWC and CBG acknowledged this responsibility by stating that PWC would “design [the] audits to obtain reasonable, but not absolute, assurance of detecting errors or fraud.” See, e.g., A4 at 3. Indeed, Mr. Westbrook, one of the PWC audit partners, testified at trial that PWC had a duty to design audit procedures to detect fraud. Tr. 817:25-818:7 (Westbrook). He further testified that if PWC failed to design its audit procedures to detect fraud, it would be a violation of PCAOB standards. Tr. 822: 19-22 (Westbrook). 

However, PWC voiced a very different tune just a few years ago with respect to another lawsuit that stemmed from this fraud. TBW’s bankruptcy trustee also filed suit against PWC, alleging that PWC breached its duties when it failed to detect the fraud. That lawsuit proceeded to trial in August 2016 before it settled mid-trial. As part of that lawsuit, many of the same PWC engagement partners, audit managers, and audit staff who are involved in this case gave deposition testimony under oath in the TBW trustee’s case. During that testimony, these individuals repeatedly admitted that PWC did not design its audits to detect fraud. For instance, Mr. Westbrook testified that PWC “audits are not designed to detect fraud.” Tr. 358:6-7 (Westbrook) (quoting Westbrook TBW Dep. at 23:7-12). Likewise, Mr. Jackson, the PWC engagement partner, testified that “I would point out that our audit procedures were not designed to detect fraud.” Tr. 1027:1-10 (TBW Dep. at 31:17-20). Similarly, Wes Kelly, PWC’s audit manager for the 2003-2005 and 2008 CBG audits, testified that PWC “did not design audit procedures to detect fraud.” W. Kelly TBW Dep. 45:608 (Ex. P3120). Finally, Mr. Rivers, a PWC audit associate assigned to the CBG audit, testified that PWC had no obligation to look for fraud. Rivers TBW Dep. at 66:17-23. 

At trial, PWC attempted to explain away this testimony by arguing that these individuals simply meant that PWC was not a guarantor against the possibility of material fraud because the auditing standards recognize that “even a properly planned and performed audit may not detect a material misstatement resulting from fraud.” Ex. A400 at 7-8 (AU § 316.12); Tr. 821:25-822:24 (Westbrook stating that in order to provide a guarantee against fraud, auditors would “need a lot more tools like lie detector tests and subpoena power and guns and badges and all those kinds of things.”). This Court does not find this explanation credible, nor is it consistent with the previous testimony from the TBW trustee’s lawsuit. This Court heard Mr. Westbrook and Mr. Rivers testify for hours and is convinced that these gentlemen are more than capable of saying what they mean. If they had intended to say that PWC audits were not a guarantee against the possibility of material fraud, they would have testified accordingly. However, that was not their testimony. Instead, they clearly stated that PWC had no duty to detect fraud and did not design its audits to detect fraud. The Court concludes that PWC did not design its audits to detect fraud and PWC’s failure to do so constitutes a violation of the auditing standards. 

What I find interesting is that practicing auditors admitted that they don’t design their audits to detect fraud even though auditing standards clearly say that auditors are responsible to provide reasonable assurance that there are no material misstatements due to (error or) fraud. Over the past decade, including as recently as 2016, I’ve asked several audiences of auditors to answer the following true-false question: “Auditors have the responsibility to provide reasonable assurance that there are no material misstatements due to fraud.” These auditors range from staff to partners and, on average, about 50% incorrectly answer false. This is pretty disheartening to me...

Unfortunately, my experience suggests that most auditors don’t put in a lot of effort to detect material fraud. Fraud may be discussed briefly in the required brainstorming session but then quickly forgotten as the audit team gets focused on ticking and tying and trying to get some sleep during busy season. 

There are many things that auditors could do but, unfortunately, it's rare to find an auditor who is thinking beyond what they did last year. If I were king for a day, I would require auditors to do interviews with lower level people in an organization with the goal of discovering aggressive accounting or business practices. Combining interviews with strategic reasoning would potentially help auditors provide the reasonable assurance they are responsible for. For example, if strategic reasoning leads the auditors to believe revenue recognition and shipping cutoff is ripe for financial reporting fraud, auditors trained in interviewing could meet with shipping / warehouse personnel about the end of the year. Well designed questions could reveal information that could help identify control weaknesses and potential fraud. 

In any case, this case and other experiences with auditors reminds me of the 1980s when auditors put it in their engagement letters that they weren’t responsible for providing assurance for fraud. Back then, and now, the courts don’t appear to share that view. In the end, both the auditing profession and audit users end up suffering when auditors are weak in fulfilling this responsibility.