Mindanao State University

College of Business Administration and Accountancy

DEPARTMENT OF ACCOUNTANCY
Marawi City

CPA’S PROFESSIONAL AND LEGAL RESPONSIBILITIES: FRAUD, ERROR, NON-COMPLIANCE AND LEGAL LIABILITY
Accounting 151

MISSTATEMENTS DUE TO ERROR AND FRAUD  Stealing physical assets or intellectual

The fair presentation of the financial statements in property.
accordance with financial reporting standards is the  Embezzling receipts.
responsibility of the client’s management. The auditor’s  Causing an entity to pay for goods and
responsibility is to design the audit to provide reasonable services not received.
assurance of detecting material misstatements in the  Using an entity’s assets for personal use.
financial statements. These misstatements may emanate Misappropriation of assets are often accompanied
from error, fraud and non-compliance with laws and by false or misleading records or documents in
regulations. order to conceal the fact that the assets are
Error refers to unintentional misstatements in the financial missing or have been pledged without proper
statements, including the omission of an amount or authorization.
disclosure, such as:
A. Mathematical or clerical mistakes in the underlying ERROR VERSUS FRAUD
records and accounting data. The primary factor that distinguishes fraud from error is
B. An incorrect accounting estimate arising from whether the underlying cause of misstatement in the
oversight or misinterpretation of facts. financial statements is intentional or not.
C. Mistake in the application of accounting policies. Although the auditor may be able to identify opportunities
Fraud, on the other hand, refers to intentional act by one or for fraud to be perpetrated, it is often difficult, if not
more individuals among management, those charged with impossible, for the auditor to determine the intent,
governance, employees or third parties, involving the use of particularly in matters involving management judgment.
deception to obtain an unjust or illegal advantage. Consequently, the auditor’s responsibility for the detection
Although fraud is a broad legal concept, the auditor should of fraud and error is essentially the same. The auditor should
be primarily concerned with fraudulent acts that cause a also be aware of the fact that:
material misstatement in the financial statements. Fraud, A. The risk of not detecting a material misstatement
regardless of type, involves what is collectively termed as resulting from fraud is higher than the risk of not
the fraud triangle: detecting a material misstatement resulting from
A. An incentive or a pressure to commit fraud. error. This is because fraud may involve
B. A perceived opportunity to do so. sophisticated and carefully organized schemes
C. Some rationalization of the act. designed to conceal such as forgery, deliberate
failure to record transactions and intentional
Types of Fraud as to Who Perpetrates the Fraud
misrepresentations being made to the auditor.
A. Management fraud – fraud involving one or more Collusion may cause the auditor to believe that
members of management or those charged with evidence is persuasive when it is, in fact, false.
governance.
B. The risk of the auditor not detecting a material
B. Employee fraud – fraud involving only employees of misstatement resulting from management fraud is
the entity. greater than for employee fraud. This is because
In either case, there may be collusion within the management is frequently in a position to directly
entity or with third parties outside of the entity. or indirectly manipulate accounting records and
Types of Fraud Relevant to the Auditor present fraudulent financial information or override
control procedures designed to prevent similar
A. Fraudulent financial reporting – involves intentional frauds by other employees.
misstatements including omissions of amounts or
disclosures in financial statements to deceive RESPONSIBILITIES OF MANAGEMENT AND THOSE CHARGED
financial statement users. This type of fraud may be WITH GOVERNANCE
accomplished by: The primary responsibility for the prevention and detection
 Manipulation, falsification or alteration of of fraud rests with both those charged with governance of
records or documents. the entity and with management. It is important that
 Misrepresentation in or intentional omission of management, with the oversight of those charged with
the effects of transactions from records or governance, place a strong emphasis on fraud prevention
documents. which may reduce opportunities for fraud to take place
 Recording of transactions without substance. and fraud deterrence which could persuade individuals not
 Intentional misapplication of accounting to commit fraud because of likelihood of detection and
policies. punishment.
Fraudulent financial reporting often involves In exercising oversight responsibility, those charged with
management override of controls that otherwise governance consider the potential for override of controls
may appear to be operating effectively. It can be or other inappropriate influence over the financial reporting
caused by the efforts of management to manage process, such as efforts by management to manage
earnings in order to deceive financial statements earnings in order to influence the perceptions of analysts as
users by influencing their perceptions as to the to the entity’s performance and profitability.
entity’s performance and profitability.
In regards with the management and those charged with
B. Misappropriation of assets – involves the theft of an governance’s responsibility with fraud, PSA 240 requires:
entity’s assets and is often perpetrated by A. The management to establish a control
employees in small and immaterial amounts but environment and to implement internal control
can also involve management who are usually policies and procedures designed to ensure,
more able to disguise or conceal misappropriation among others, the detection and prevention of
in ways that are difficult to detect. fraud and error.
This type of fraud can be accomplished in a variety B. The individuals charged with governance of an
of ways, including but not limited to: entity to ensure the integrity of an entity’s

Prepared by: Mohammad Muariff S. Balang, CPA, First Semester, AY 2013-2014 Page|1 of 7
 accounting and financial reporting systems and Responses to Risks of Material Misstatements Due to
that appropriate controls are in place. Fraud at the Financial Statement Level:

RESPONSIBILITIES OF THE AUDITOR  The audit team may be selected in ways

An auditor conducting an audit in accordance with PSAs that ensure that the knowledge, skill and
obtain reasonable assurance that the financial statements ability of personnel assigned significant
taken as a whole are free from material misstatement, responsibilities are commensurate with the
whether caused by fraud or error. The auditor is not and auditor’s assessment of risk.
cannot be held responsible for the prevention of fraud and  The auditor may decide to consider
error. management selection and application of
significant accounting policies, particularly
When obtaining reasonable assurance, the auditor is those related to subjective measurements
responsible for maintaining an attitude of professional and complex transactions (usually relates
skepticism throughout the audit, considering the potential to income determination and asset
for management override of controls and recognizing the valuation).
fact that audit procedures that are effective for detecting  The auditor may incorporate an element of
error may not be effective in detecting fraud. unpredictability in the selection of the
Owing to the inherent limitations of an audit, there is an nature, timing and extent of audit
unavoidable risk that some material misstatements of the procedures.
financial statements will not be detected even though the Responses to Risks of Material Misstatements Due to
audit is properly planned and performed in accordance Fraud at the Assertion Level:
with PSAs. The subsequent discovery of a material
misstatement of the financial statements resulting from  The auditor’s ability to assess control risk at
fraud or error, does not, in and of itself, indicate: less than high level may be reduced. Thus,
A. A failure to obtain reasonable assurance. the auditor’s responses may include
B. Inadequate planning, performance or judgment. changing the nature, timing and extent of
C. The absence of professional competence and due the audit procedures.
care.  The auditor should be sensitive to the ability
D. A failure to comply with PSAs. of the management to override controls.
To respond to the risk of management
 PLANNING PHASE override of controls, the auditor may:
A. When planning the audit, the auditor should make a. Test the appropriateness of journal
inquiries of management about the possibility of entries recorded in the general
misstatements due to fraud and error. Such inquiries ledger and other adjustments
may include: made in the preparation of
 Management’s assessment of risks due to financial statements.
fraud. b. Review accounting estimates for
 Controls established to address the risks. biases that could result in material
 Management’s knowledge of any actual, misstatement due to fraud.
suspected or alleged fraud affecting the c. Obtain an understanding of the
entity. business rationale of significant
The auditor shall also inquire of those individuals transactions that the auditor
charged with governance to seek their views on becomes aware of that are
the adequacy of the accounting and internal outside of the normal course of
control systems in place, the risk of fraud and error business for the entity or that
and the integrity of management. appear otherwise to be unusual
given the auditor’s understanding
B. The auditor should assess the risk that fraud or error
of the entity and its environment.
may cause the financial statements to contain
material misstatements due to fraud both at the  TESTING PHASE
financial statement level, and at the assertion level C. During the course of the audit, the auditor may
for classes of transactions, account balances and encounter circumstances that may indicate the
disclosures. possibility of fraud. In these circumstances, the
In this regard, PSA 240, requires the auditor to auditor should perform procedures necessary to
specifically “assess the risk of material determine whether material misstatements exist.
misstatements due to fraud and consider that D. After identifying material misstatements in the
assessment in designing the audit procedures to be financial statements, the auditor should consider
performed.” whether such misstatement resulted from a fraud or
PSA 315 requires discussion among the engagement an error. This important because error will only result
team members and a determination by the to an adjustment in the financial statements
engagement partner of which matters are to be whereas fraud may have other implications on an
communicated to those team members not audit.
involved in the discussion. This discussion shall place If the auditor believes that the misstatement is, or
particular emphasis on how and where the entity’s may be the result of fraud, but the effect on the
financial statements may be susceptible to financial statements is not material, the auditor
material misstatement due to fraud, including how should:
fraud might occur.  Refer the matter to the appropriate level of
Though fraud is usually concealed making it management, at least one level above
difficult to detect, the auditor, using his knowledge those involved.
of the business, may identify events or conditions  Be satisfied that, given the position of the
that provide an opportunity, a motive or a means perpetrator, the fraud has no other
to commit fraud or indicate that fraud may already implications for other aspects of the audit
have occurred. Such events are referred to as or that those implications have been
fraud risk factors. adequately considered.
Fraud risk factors do not indicate the existence of However, if the auditor detects a material fraud or
fraud but they often have been present in has been unable to evaluate whether the effect
circumstances where frauds have occurred (see on the financial statements is material or
the Appendix of PSA 240 for examples). immaterial, the auditor should:

Prepared by: Mohammad Muariff S. Balang, CPA, First Semester, AY 2013-2014 Page|2 of 7
  Consider implication for other aspects of authorities, the auditor’s withdrawal
the audit particularly the reliability of from the engagement and the
management representations. reasons for the withdrawal.
 Discuss the matter and the approach for Examples of exceptional circumstances that may
further investigation with an appropriate arise and that may bring into question the auditor’s
level of that is at least one level above ability to continue performing the audit include:
those involved. Consider as well the need  The entity does not take the appropriate
to communicate the matter to those action regarding fraud that the auditor
charged with governance. considers necessary in the circumstances,
 Attempt to obtain evidence to determine even when the fraud is not material to the
whether a material fraud in fact exists and financial statements.
if so, their effect.  The auditor’s consideration of the risks of
 Suggest that the client consult with legal material misstatement due to fraud and
counsel about questions of law. the results of audit tests indicate a
 COMPLETION PHASE significant risk of material and pervasive
fraud.
E. The auditor should obtain a written representation
 The auditor has significant concern about
from the client’s management that:
the competence or integrity of
 It acknowledges its responsibility for the
management or those charged with
implementation and operations of
governance.
accounting and internal control systems
that are designed to prevent and detect  REQUIRED DOCUMENTATION
fraud and error. I. The auditor’s documentation of the understanding
 It believes the effects of those uncorrected of the entity and its environment and the
financial statement misstatements assessment of the risks of material misstatement
aggregated by the auditor during the required by PSA 315 shall include:
audit are immaterial, both individually and  The significant decisions reached during
in the aggregate, to the financial the discussion among the engagement
statements taken as a whole. A summary team regarding the susceptibility of the
of such items should be included or entity’s financial statements to material
attached to the written representations. misstatement due to fraud.
 It has disclosed to the auditor all significant  The identified and assessed risks of material
facts relating to any frauds or suspected misstatement due to fraud at the financial
frauds known to management that may statement level and at the assertion level.
have affected the entity.
 It has disclosed to the auditor results of its J. The auditor’s documentation of the responses to
assessment of the risk that the financial the assessed risks of material misstatement required
statements may be materially misstated as by PSA 330 shall include:
a result of fraud.  The overall responses to the assessed risks
of material misstatement due to fraud at
 AUDITOR’S REPORT OR WITHDRAWAL FROM ENGAGEMENT the financial statement level and the
F. When the auditor believes that material error or nature, timing and extent of audit
fraud exists, he should request the management to procedures, and the linkage of those
revise the financial statements. Otherwise, the procedures with the assessed risks of
auditor will express a qualified or adverse opinion. material misstatement due to fraud at the
G. If the auditor is unable to evaluate the effect of assertion level.
fraud on the financial statements because of a  The results of the audit procedures,
limitation on the scope of the auditor’s including those designed to address the
examination, the auditor should either qualify or risk of management override of controls.
disclaim his opinion on the financial statements.  COMMUNICATION OF IDENTIFIED ERRORS AND FRAUD
H. If, as a result of a misstatement resulting from fraud To management of misstatements – error
or suspected fraud, the auditor encounters
exceptional circumstances that bring into question K. The auditor should communicate to management
the auditor’s ability to continue performing the and to those with governance if necessary, any
audit, the auditor shall: identified material misstatements resulting from
 Determine the professional and legal error. In addition, the auditor should communicate
responsibilities applicable in the also those uncorrected misstatements aggregated
circumstances, including whether there is a by the auditor during the audit that were deemed
requirement for the auditor to report to the by management as immaterial to the financial
person or persons who made the audit statements.
appointment or, in some cases, to To management of misstatements – fraud
regulatory authorities. L. Whether the misstatements due to fraud is material
 Consider whether it is appropriate to or not, the auditor should report the same to the
withdraw from the engagement, where appropriate level of management and to those
withdrawal from the engagement is legally charged with governance. Whether fraud exists or
permitted. may exist, the auditor should report the same to the
 If the auditor withdraws, he should: appropriate level of management and those
a. Discuss with the appropriate level charged with governance. Where necessary, the
of management and those auditor should suggest that management consult
charged with governance the with legal counsel.
auditor’s withdrawal from the
engagement and the reasons for To regulatory and enforcement agencies
the withdrawal. M. As a general rule, the auditor’s professional duty to
b. Determine whether there is a maintain confidentiality of client information
professional or legal requirement ordinarily precludes reporting fraud and error to a
to report to the person or persons party outside the client entity. However, the duty of
who made the audit appointment confidentiality may be overridden by statute, the
or, in some cases, to regulatory law or courts of law.

Prepared by: Mohammad Muariff S. Balang, CPA, First Semester, AY 2013-2014 Page|3 of 7
 N. The auditor shall document communications about RESPONSIBILITIES OF THE AUDITOR
fraud made to management, those charged with An audit cannot be expected to detect non-compliance
governance, regulators and others. When the with all laws and regulations. Nevertheless, the auditor
auditor has concluded that the presumption that should recognize that non-compliance by the entity with
there is a risk of material misstatement due to fraud laws and regulations may materially affect the financial
related to revenue recognition is not applicable in statements.
the circumstances of the engagement, the auditor
 PLANNING PHASE
shall document the reasons for that conclusion.
A. As part of obtaining an understanding of the entity
MISSTATEMENTS DUE TO NON-COMPLIANCE and its environment in accordance with PSA 315
Non-compliance refers to acts of omission or commission the auditor should obtain a general understanding
by the entity being audited, either intentional or of the legal and regulatory framework applicable
unintentional, which are contrary to the prevailing laws and to the entity and the industry and how the entity is
regulations. Such acts include transactions entered into by, complying with that framework.
or in the name of, the entity or on its behalf by its
To obtain a general understanding of the laws and
management or employees. However, non-compliance
regulations, the auditor would ordinarily:
does not include personal misconduct (unrelated to the
 Use the auditor’s existing understanding of
business activities of the entity) by those charged with
the entity’s industry, regulatory and other
governance, management or employees of the entity.
external factors.
Common examples of non-compliance include tax  Inquire of management as to other laws or
evasion, violation of environmental protection laws and regulations that may be expected to have
inside trading of securities. a fundamental effect on the operations of
the entity.
FRAUD AND ERROR VERSUS NON-COMPLIANCE
 Inquire of management concerning the
The unavoidable risk that some material misstatements in
entity’s policies and procedures regarding
the financial statements will not be detected, even though
compliance with laws and regulations.
the audit is properly planned and performed in
 Discuss of management regarding the
accordance with PSAs is higher with regards to material
policies or procedures adopted for
misstatements resulting from non-compliance with laws and
identifying, evaluating and accounting for
regulations because:
litigation claims.
A. There are many laws and regulations, relating
 Discuss the legal and regulatory framework
principally to the operating aspects of an entity
with auditor of subsidiaries in other
that typically do not affect the financial statements
countries.
and are not captured by the entity’s information
systems relevant to financial reporting. B. After obtaining the general understanding, the
B. Non-compliance may involve conduct designed to auditor would then:
conceal it, such as collusion, forgery, deliberate  Design audit procedures to obtain
failure to record transactions, management sufficient appropriate audit evidence
override of controls or intentional misrepresentations about compliance with the provisions of
being made to the auditor. those laws and regulations generally
C. Whether an act constitutes non-compliance is recognized by the auditor to have a direct
ultimately a matter for legal determination by a effect on the determination of material
court of law. amounts and disclosures in the financial
statements such as tax and pension laws
RESPONSIBILITIES OF MANAGEMENT AND THOSE CHARGED and regulations.
WITH GOVERNANCE  Design audit procedures to help identify
It is the responsibility of management, with the oversight of non-compliance with those laws and
those charged with governance, to ensure that the entity’s regulations that may have a material
operations are conducted in accordance with the indirect effect on the financial statements
provisions of laws and regulations. The responsibility for the such as compliance with the terms of an
prevention and detection and non-compliance rests with operating license and compliance with
management. environmental regulations.
The following are examples of the types of policies and a. Inquiring of management and,
procedures an entity may implement to assist in the where appropriate, those charged
prevention and detection of non-compliance with laws with governance, as to whether
and regulations: the entity is in compliance with
A. Monitoring legal requirements and ensuring that such laws and regulations.
operating procedures are designed to meet these b. Inspecting correspondence, if any,
requirements. with the relevant licensing or
B. Instituting and operating appropriate systems of regulatory authorities.
internal control.
 TESTING PHASE
C. Developing, publicizing and following a code of
conduct. C. When the auditor becomes aware of information
D. Ensuring employees are properly trained and concerning a possible instance of non-compliance,
understand the code of conduct. the auditor should obtain an understanding of the
E. Monitoring compliance with the code of conduct nature of the act and the circumstances in which it
and acting appropriately to discipline employees has occurred and sufficient other information to
who fail to comply with it. evaluate the possible effects on the financial
F. Engaging legal advisors to assist in monitoring legal statements.
requirements. When evaluating the possible effect on the
G. Maintaining a register of significant laws and financial statements, the auditor should consider:
regulations with which the entity has to comply  The potential financial consequences,
within its particular industry and a record of such as fines, penalties, damages,
complaints. enforced discontinuation of operations,
However, in larger entities, these policies and procedures threat of expropriation of assets and
may be supplemented by assigning appropriate litigation.
responsibilities to an internal audit function, an audit  Whether potential financial consequences
committee or a compliance function. requires disclosure.

Prepared by: Mohammad Muariff S. Balang, CPA, First Semester, AY 2013-2014 Page|4 of 7
  Whether potential financial consequences  AUDITOR’S REPORT OR WITHDRAWAL FROM ENGAGEMENT
are so serious as to call into question the G. When the auditor believes that there is non-
fair presentation given by the financial compliance with laws and regulations that
statements. materially affects the financial statements, he
Indications of Possible Non-Compliance with Laws should request the management to revise the
and Regulations financial statements. Otherwise, a qualified or
 Investigations by regulatory organizations adverse opinion will be issued.
and government departments or payment H. If a scope limitation has precluded the auditor from
of fines or penalties. obtaining sufficient appropriate evidence to
 Payments for unspecified services or loans evaluate the effect of non-compliance with laws
to consultants, related parties, employees and regulations, the auditor should express a
or government employees. qualified opinion or a disclaimer of opinion.
 Sales commissions or agent’s fees that I. The auditor may conclude that withdrawal from
appear excessive in relation to those the engagement is necessary when the entity does
ordinarily paid by the entity or in its industry not take the remedial action that the auditor
or to the services actually received. considers necessary in circumstances, even when
 Purchasing at prices significantly above or the non-compliance is not material to the financial
below market price. statements.
 Payments for goods or services made other
 DOCUMENTATION OF IDENTIFIED NON-COMPLIANCE
than to the country from which the goods
or services originated. J. The auditor shall document identified or suspected
 Unusual payments in cash, purchases in non-compliance with laws and regulations and the
the form of cashiers’ checks payable to results of discussion with management and, where
bearer or transfers to numbered bank applicable, those charged with governance and
accounts. other parties outside the entity. The auditor’s
 Unusual transactions with companies documentation of findings regarding identified or
registered in tax havens. suspected noncompliance with laws and
 Payments without proper exchange regulations may include, for example:
control documentation.  Copies of records or documents.
 Existence of an information system which  Minutes of discussions held with
fails, whether by design or by accident, to management, those charged with
provide an adequate audit trail or governance or parties outside the entity.
sufficient evidence.
AUDITOR’S LEGAL LIABILITY AND RESPONSIBILITY
 Unauthorized transactions or improperly
Potential litigation is a major concern to auditors.
recorded transactions.
Professionals have always a duty to provide reasonable
 Adverse media comment.
level of care while performing work for those they serve.
D. When the auditor believes there may be non- Audit professionals have a responsibility under law to fulfill
compliance, the auditor should document the expressed and implied contracts with clients. They are liable
findings and discuss them with management and, to their clients for negligence and breach of contracts
where appropriate those charged with should they fail to provide the services or not exercise due
governance. care in their performance.
The auditor shall also consider the implication of When investors and creditors suffer losses from a bankrupt
the non-compliance on other aspects of the audit, entity, they look for deep pockets, those who have the
including the risk assessment and the reliability of ability to pay for their losses if ordered to do so by a court.
written representations and take appropriate Accounting firms are often considered deep pockets
action. because they are composed of a number of partners each
E. The auditor should communicate with those of whom is personally liable for the firm’s actions and carries
charged with governance matters involving non- professional liability insurance.
compliance with laws and regulations that come Lawsuits against auditors typically involve alleged
to the auditor’s attention during the course of the misstatements that the auditors did not detect in the
audit, other than when the matters are clearly financial statements. Other typical lawsuits brought by
inconsequential. If in the auditor’s judgment, the clients against CPA firms involve claims that the auditor:
non-compliance is believed to be intentional and A. Did not discover an employee defalcation as a
material, the auditor shall communicate the matter result of negligence in the conduct of the audit.
to those charged with governance as soon as B. Did not complete the audit on the agreed date.
practicable. C. Inappropriate withdrawal from an audit.
If the auditor suspects that management or those
LEGAL CONCEPTS RELATED TO AUDITOR’S LIABILITY
charged with governance are involved in non-
compliance, the auditor shall communicate the A. Due professional care.
matter to the next higher level of authority at the There is an agreement within the profession and
entity, if it exists, such as an audit committee or the courts that the auditor is not a guarantor of the
supervisory board. Where no higher authority exists, statement’s accuracy. Auditors are not infallible
or if the auditor believes that the communication and can make errors in judgment. But auditors are
may not be acted upon or is unsure as to the expected to exercise the same reasonable care
person to whom to report, the auditor shall with which others in the profession would perform in
consider the need to obtain legal advice. similar circumstances.
 COMPLETION PHASE B. Sources of responsibility.
F. The auditor should obtain from management and, The auditor’s legal responsibilities to others are
where appropriate, those charged with established either by:
governance written representations that all known  Common laws – those that have been
instances of non-compliance or suspected non- developed through court decisions rather
compliance with laws and regulations whose than government statutes.
effects should be considered when preparing  Statutory laws – those bodies of laws
financial statements have been disclosed to the passed by legislative bodies such as the
auditor. Congress.

Prepared by: Mohammad Muariff S. Balang, CPA, First Semester, AY 2013-2014 Page|5 of 7
 C. Degree of wrongdoing. expression of an opinion on financial statement
when, in fact, he has no basis for an opinion is
considered gross negligence.
C. CPA’s responsibility in tax practice.
At one end, the auditor commits no wrongdoing. The CPA as tax advisers has a primary responsibility
The auditor performed an appropriate audit and to the client to ensure that the client pays the right
issued an appropriate report. On the other end, the kind and proper amount of tax. As a tax adviser,
auditor commits fraud. The auditor issues a report the CPA may properly resolve questionable issues
on the financial statements with the intent to in favor of the client but at the same time must
deceive. Despite knowing that the financial adhere to the same standards of trust and personal
statements are misstated, the auditor did not take integrity in tax work as in all other professional
appropriate action to report the misstatements. services.
Courts have identified two other degrees of A CPA on tax engagements has a secondary
wrongdoing. Ordinary negligence or simply responsibility to the public whose interests are
negligence implies the absence of reasonable represented by the government, specifically the
care that can be expected of a person in a set of BIR. To meet this responsibility, CPAs must observe
circumstances. Auditors are guilty of negligence if the client’s declarations on tax returns they
they do not do what reasonably prudent auditors prepare. Though not required to investigate, CPA
should do in the circumstances. Auditors are guilty should not disregard any clues that cast doubt on
of gross negligence if they consistently fail to follow the accuracy of information provided by taxpayers.
or recklessly disregard standards of the profession In addition, CPAs should look into the series of
on an engagement. Gross negligence is also pronouncements, rules and regulations on tax
known as constructive fraud.
matters issued by the Department of Finance as
Courts distinguish between these four degrees of follows:
wrongdoing depending on the particular  BIR Revenue Regulation No. 3 – 90.
circumstances of the case or the pertinent legal  PAPS 1001Ph.
precedent.  Section 321 (C) of the National Internal
D. Lack of privileged communication. Revenue Code.
Generally, CPAs shall not disclose any confidential DEFENSES AVAILABLE TO AUDITORS
client information without the specific consent of Defenses against Client Suits
the client. Permission, however, is not required from
the client if working papers are subpoenaed by the A. There was no implied or expressed contract to
court. Under common law, information obtained perform the service. This is referred to as lack of
by a CPA from a client is not privileged. Information duty to perform.
is privileged if legal proceedings cannot require a B. The audit was performed using reasonable care or
person to provide the information even if there is a the lack of reasonable care did not cause the
subpoena. Confidential discussions between client damage.
and auditor cannot be withheld from courts. C. The reliance on the financial statements did not
cause the loss. This is also referred to as absence of
E. Liability for acts of others. causal connection.
The partners in a CPA firm are jointly liable for civil D. In cases in which a tort is involved, auditors in some
actions against a partner. They are also liable for jurisdiction can claim contributory negligence. This
the work of others such as their employees, other means that the client’s own actions contributed to
CPA firms engaged to do part of the work and the loss.
specialists or experts called upon to provide E. The statute of limitations on the action has expired.
technical information. Defenses against Third Party Lawsuits
LEGAL LIABILITY OF THE INDEPENDENT AUDITOR A. The preferred defense in third party lawsuits is non-
A. Auditor’s liability to his clients. negligent performance. If the audit was conducted
in accordance with GAAS, the other defenses are
A CPA is obliged to exercise due professional care
unnecessary.
during the engagement including adherence to B. A lack of duty can also be used. This defense
professional standards and ethics. Failure by the contends the lack of privity of contract which limits
CPA to exercise this degree of care may constitute the liability to the parties of a given contract. Under
negligence and breach of contracts to render privity, the auditor is not liable to third parties for
professional service. An honest error doesn’t ordinary negligence.
constitute negligence on the part of CPA so long C. The auditor may use the absence of causal
as he has exercised due professional care. connection. The third party must be able to prove
If an undetected fraud is so widespread and of that there is a close causal connection between
such magnitude as to cause the financial the auditor’s breach of the standard of due care
statements to be materially misstated, the and the damages suffered by the third party. This
argument may be advanced that the auditor’s could be construed as non-reliance on the
procedures were clearly inadequate and that the financial statements by the user.
auditor was negligent. In the event that the auditor D. The statute of limitations on the action has expired.
is found negligent, a client is entitled to recover Contributory negligence is not available in third party
any losses to which the auditor’s negligence was lawsuits because third parties are not in a position to
proximate cause. The client may also recover the contribute to misstated financial statements.
audit fee because of the auditor’s breach of
contract. MINIMIZING EXPOSURE TO LEGAL LIABILITY
In the light of auditor’s extensive exposure to obligation,
B. Auditor’s liability to third parties.
public accounting firms must take positive action to
Creditors, investors and other third parties also rely withstand the threat of legal liability. These actions include:
upon the auditor’s work when they place their A. Emphasize compliance with GAAS, the Code of
confidence in audited financial statements. Ethics for Professional Accountants and where
Independent auditors are liable to all foreseeable appropriate GAAP.
third parties for losses which are caused by the B. Avoid companies and industries in which the risk of
auditor’s fraud or gross negligence. Auditor’s litigation is high.

Prepared by: Mohammad Muariff S. Balang, CPA, First Semester, AY 2013-2014 Page|6 of 7
 C. Thoroughly investigate prospective clients. Avoid
taking on clients when there are indications of
deliberate management misrepresentation.
D. Exercise extreme care in the audit of clients in
financial difficulties.
E. Establishing and following appropriate quality
control procedures over all audit work.
F. Use engagement letters which clearly point out to
the client the scope of auditor’s services and
responsibilities on a particular engagement.
G. Conduct the audit with appropriate professional
skepticism.
H. Provide the opportunity for auditor to consult with
more experienced auditors about difficult issues.
I. Maintain adequate professional liability insurance
coverage. This is however no a common practice
in the Philippines.
J. Seek legal counsel whenever serious problem
occur.

Prepared by: Mohammad Muariff S. Balang, CPA, First Semester, AY 2013-2014 Page|7 of 7