Accounting And The Control Of Criminal Activities Accounting Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

There are some bad apples in most barrels, but should a regulatory framework just focus on them, or should it be more holistic in looking at all the apples, the good ones included? Further, what role can accountants play in examining the metaphorical apples and how well they meet the prescribed regulations? We will discuss several regulatory framework schemes and comment on how they align with existing federal regulations. Additionally, we will discuss a privately-created framework, which lacks coercive power. Finally, we will discuss how these regulations can be crafted to be most impactful and how accountants can be used to accomplish this.

Dr. Peter May, a political science professor at the University of Washington, discusses three regulatory perspectives and critiques the efficacy of them (May, 2005). The three perspectives May elaborates on, can be thought of as a continuum, with increasing government involvement: from the voluntary approach, to the cooperative approach, to the mandatory approach. Gunningham and Kagan discuss how business behavior is impacted by regulation and point out that motivation to comply is a key determinant of actual compliance (Gunningham & Kagan, 2005). They point out that currently there are two diametrically opposed views of the firm's motivation that exist. The first view is that firms are "amoral calculators" who use an economic model to determine if it is better for them to comply with regulation or face some type of sanction. The second view is that firms comply with regulation more than one would expect in light of lower "levels of formal enforcement and legal sanction in some arena," which points to some sense of duty (May, 2005, pg. 214).

Returning to May's work, the least government-regulated framework is the voluntary perspective (May, 2005). In this framework, the government acts as an information provider, in which they point out potential issues and help firms or industry associations to mitigate the issues. In this context, the government still creates the 'rules of the game,' and as such there is an implicit threat that if firms do not voluntarily comply with the regulations, the government can switch to a mandatory framework. On the opposite end of the government-involvement spectrum lies the mandatory framework. Many U.S. laws rely on this perspective, as much of the U.S. federal law is draconian and rejects a principles-based approach. In the mandatory framework, it is believed that firms will only address issues that do not directly hurt their bottom line when the government forces them to and subsequently monitors and enforces firm compliance. Neither of these frameworks alone provides a satisfactory solution to regulation, but can be used in a complementary fashion to achieve goals. When layered with the research on firm motivations to comply, policy can be deployed that is much more effective than either framework on its own. This hybrid approach can likely use accountants to ensure that firms comply.

The Sarbanes-Oxley Act of 2002 (SOX) is a prime example of mandatory regulation. Following several large accounting scandals, the Sarbanes-Oxley Act was put into law. One of the main reasons for SOX was to prevent large-scale accounting scandals from reoccurring. One of the main contributions of the act was to modify existing laws; an example is Title VIII (Corporate and Criminal Fraud), which is an amendment for Chapter 73 of Title 18 from the United States Code (Sarbanes-Oxley Act of 2002). From the same section, a person can be fined and/or imprisoned for a maximum of twenty years for the "destruction, alteration, or falsification of records in Federal investigations and bankruptcy." A second example is found within Title XI (Corporate Fraud Accounting), in which criminal penalties initially established within the Securities Exchange Act of 1934 were increased. Instead of repeating the prior act, the penalties were increased using such language as "by striking $1,000,000, or imprisoned not more than 10 years and inserting $5,000,000, or imprisoned not more than 20 years"  within Section 1106 (Sarbanes-Oxley Act of 2002). The use of such simple modifications to the severity of punishment indicates that the Securities Exchange Act of 1934 was not worthless, but rather needed more teeth. This fashion of modifying existing regulations is not isolated to just Title XI of SOX (Sarbanes-Oxley Act of 2002). It should be crystal clear that SOX is mandatory regulation in its purest: it sets out the rules that firms must follow, it includes enforcement and inspection, and it provides for harsh sanctions to ensure firms comply. The regulation focuses on how to make sure the bad apples do not rot the entire barrel, but it does nothing to motivate the good apples to voluntarily comply beyond prescribed regulation.

Kathleen Brickey, a professor of criminal jurisprudence, indicates that SOX places too much emphasis on criminal penalties when attempting to achieve the objective of preventing future crimes (Brickey, 2013). She recognizes that the Sarbanes-Oxley Act was necessary, but it will not be the last regulation attempting to control criminal fraud. Instead, Brickey emphasizes a need for either new policies or a clarification of existing policies. If executed, this request would lead to more guidance in accounting rather than more severe punishment; this appears reasonable (Brickey, 2013). More guidance would allow accountants to clearly understand what should be done rather than knowing what should not be done in order to avoid criminal consequences. However, it should be noted that guidance regarding all accounting policies is unrealistic. A potential solution to the request for more guidance in accounting rules could be a more principles-based system of regulation, such as the International Financial Reporting Standards, or clarification of inherently troublesome areas of accounting. What Professor Brickey is proposing is clearly aligned with the voluntary approach to regulation: firms need more guidance, not more threats of sanctions.

The Committee of Sponsoring Organizations (COSO) is well-known for generating a framework for internal controls. COSO relies on a purely voluntary compliance approach; that is, businesses are not required to comply with frameworks COSO publishes. With effective internal controls, management is ensuring that resources are being used effectively to achieve the organization's overall strategy. According to the COSO framework, there are five components of internal controls, three categories of objectives, and each are related to the organizational structure ("Internal Control - Integrated Framework"). The five components include the control environment, risk assessment, control activities, information and communication, and monitoring activities. The objectives include operations, reporting, and compliance. The organizational structures involve the entity level, division, operating unit, and function of the organization. By implementing the necessary controls within the framework, the organization is also attempting to provide more reliable financial reporting. With the proper internal controls implemented based on the framework, the opportunity for fraudulent activity should be minimized ("Internal Control - Integrated Framework"). However, it seems that having effective internal controls in place is insufficient.

There have been various studies to better understand financial statement fraud, including the COSO Studies, the KPMG Fraud Study, and the Wells Report, that can be investigated to better pinpoint such areas. More specifically, the COSO research includes multiple studies to better understand financial statement fraud from 1987-2007. From 1998-2007, the study found that the number of public company fraudulent financial reporting cases increased in frequency and dollar amount (Beasley, Carcello, Hermanson, & Neal, 2010). This is partially based on the multiple high-profile frauds that occurred early in the 2000's. However, the study found that the companies committing these frauds were larger in size than those found during the 1999 study; the median assets and revenues were $100 million compared to $16 million in earlier frauds (Beasley, Carcello, Hermanson, & Neal, 2010). This finding is also supported by a 2005 study conducted by Gray and Shadbegian about compliance with air pollution regulations (Gray & Shadbegian, 2005). Gray and Shadbegian found that characteristics at the plant-level are more predictive of compliance than are characteristics at the corporate-level. This finding speaks to size: the larger an organization, the more managers feel they can diffuse responsibility for implementing regulations. Returning to the results of the COSO Fraud Studies, there appeared a common trend, as noted by the SEC, that someone in upper management, usually the CEO and/or CFO, was involved in the fraud 89% of the time (Beasley, Carcello, Hermanson, & Neal, 2010). This level of executive-involvement shows an increase from previous studies, but remains consistently high. Executive-level managers are more likely to be able to bypass internal controls (Beasley, Carcello, Hermanson, & Neal, 2010). This control weakness makes it even more important for companies to perform sophisticated checks on their management during the hiring process and to continue to monitor them once they are in charge.

A major finding in the COSO Fraud Studies has been the frequency in techniques. The study has found that the most common technique used in fraud has been through improper revenue recognition (Beasley, Carcello, Hermanson, & Neal, 2010). Overstating assets or capitalizing expenses are also common techniques. In identifying these, it is possible that regulations can be tailored to limit such fraud. Again, this could be done through issuing guidelines since penalties have already been increased. The COSO Fraud Studies prove that when mandatory regulation alone is used, there can only be expected limited results, but when combined with the voluntary approach, through the government informing and helping businesses to comply with regulation, there will likely be better compliance.

A human right, which most developed nations have agreed upon, is safe working conditions; as a caveat, the governments have agreed upon this basic right, but some businesses do not agree, as evidenced through their off-shoring to take advantage of cheaper labor. The cheaper labor is afforded by two means: lower safety standards and usage of child labor. In the United States, the Fair Labor Standards Act (FLSA) protects against child labor, and the Occupational Safety and Health Act (OSHA) protects against unsafe working conditions.

OSHA was passed to protect the safety of American workers by outlining specific safety requirements that must be met within the workplace. It also established the Occupational Safety and Health Administration and gave them the power to issue safety standards, procedures, and regulations. The current penalty structure for violations of OSHA regulations includes several adjustments to the base penalty, including: reduction in penalty for good history, increase in penalty for bad history, increase in penalty for repeated violations, increase in penalty for severe violations, increase in penalty due to the gravity of the injury or illness which could result from the violation, reduction in penalty for smaller employers, reduction in penalty for good faith, minimum penalties, and a residual category that is used for administrative discretion ("OSHA Enforcement Landing Page").  OSHA's Enforcement division states that their mission is "to assure safe and healthful workplaces by setting and enforcing standards and by providing training, outreach, education, and assistance" ("OSHA Enforcement Landing Page"). This model is premised on the middle-ground Dr. May discusses, the cooperative approach; it uses elements of the voluntary approach by having the regulatory agency provide information to businesses; it uses elements of the mandatory approach by having a penalty structure and a showcase of the violations (May, 2005).

Utilizing child labor is the other mechanism through which employers may realize cheaper labor. In the past few years, child labor has been on the rise all around the world (McKenna, 2012). A study conducted identified 76 countries in which child labor was considered to be a serious risk. Although the United States was not identified as one of the countries to pose a serious risk, it was a nation that was observed in the study. The United States is considered to pose an average risk for employing child labor that would probably be in violations of the current the FLSA. The Wage and Hour Division of the Department of Labor is the agency tasked with compliance assistance with FLSA ("U.S. Department of Labor - Wage and Hour Division (WHD) - Fact Sheet."). This agency states that its commitment is to provide "clear and easy-to-access information on how to comply with federal employment laws" ("U.S. Department of Labor - Wage and Hour Division (WHD) - Fact Sheet."). As such the Wage and Hour Division is in charge of carrying out investigations of employers who are suspected of violating current child labor laws ("U.S. Department of Labor - Wage and Hour Division (WHD) - Fact Sheet."). Violations of these laws usually included a $10,000 civil penalty for each child or person for which a violation occurred. Currently, investigations are initiated by a complaining employee or by company-selection because it is part of an industry that typically violates labor laws. During the investigative process, records of payrolls will be examined and interviews may be conducted with employees. As with safety regulations under OSHA, child labor laws are enforced through a combination of mandatory enforcement by way of fines and penalties and through the voluntary approach. While the Wage and Hour Division of the Department of Labor seeks to educate employers on how to comply with federal regulation.

Now that we have discussed existing regulation, we will discuss an issue that came into existence during the recent financial meltdown in the United States: exorbitant bonuses to upper management paid with government money. There have been a number of scandals involving outrageously high upper management bonuses; one example is American International Group, Inc. (AIG). In March of 2009, AIG paid high ranking executives $165 million in bonuses. This same company turned to the aid of the federal government approximately one year earlier because it was in deep financial trouble. The federal government bailed out AIG with funds exceeding $173 billion. After receiving its first bailout portion in September of 2008, AIG paid for an expensive retreat which cost over $400,000. The retreat was a luxurious getaway for the company's employees and distributors. At the end of 2008, AIG paid out an additional $265 million in employee bonuses. In February of 2009, Congress enacted the American Recovery and Reinvestment Act; this act tightened up restrictions against the payment of employee bonuses. However, AIG tip-toed around these restrictions by stating the bonus payments were paid due to a contractual obligation that existed prior to the date the regulation was enacted (Thomas, 2009).

When the government first bailed out AIG, there were hopes that they would act responsibly to save the insurance company. However, when that failed, the government used a mandatory approach to restrict bonus payments, and AIG followed the letter of the law and was able to circumvent the mandatory regulation. This is a prime example of the inefficacy of mandatory regulation used in isolation.

Another area where there seems to be insufficient regulation or even guidance is the composition of a public company's board of directors. Under the Anglo-Saxon model, the board of directors has a duty to act in the best interest of the shareholders. Due to the lax regulations and guidance around board membership, conflicts of interest can easily arise. Conflicts of interest have a potentially harmful impact to the business environment and must be properly controlled; they arise when an individual's responsibility to an organization clashes with one's self-interest. One major category of conflict of interest is self-dealing. Self-dealing involves a member of the board of directors for Company A who also owns Company B. Company B coincidentally is a supplier to Company A. The director would be carrying out self-dealing if he influenced Company A to purchase parts from Company B (Conflict of interest policies). Another example of conflict of interest can arise when there is a dominant CEO serving as the chairman. In this case, the dominant chairman would impose his will on the other board members and make them follow his ideas. This way, the chairman could enact policies that would serve to benefit his own interest rather than benefit the shareholders. Current regulations exist stating that companies must disclose transactions, like the one described above, in a footnote entitled "Related Transactions" (Evaluating the board of directors, 2009). Current regulation does not specifically state the required board composition (Rogers, 2012). However, SOX does state that the audit committee must be made up entirely of independent board members (Horton, 2012). U.S. companies comply with regulations regarding audit committee composition and disclosure of related party transactions, but they are not bound to do more than that.

Now that we have provided examples of some current regulations and proposed frameworks and discussed them in light of different approaches to regulation, we will now discuss the firm's motivation to comply with regulations. In order to adequately discover where the accountant can fit into the control of criminal activities, and more broadly, the enforcement of regulations, we must determine what motivates businesses to comply with or evade regulations. Gunningham and Kagan's research indicates that the view that the firm only acts as an "amoral calculator" and judges its compliance decision on purely economic factors is largely inadequate (Gunningham & Kagan, 2005). Firms are also "concerned about their reputations and legitimacy" (Gunningham & Kagan, 2005, pg. 217). Dr. May also points out that attitudes toward the government, more specifically the regulatory agency tasked with enforcement, plays a role in a firm's attitude toward compliance (May, 2005). Also, a sense that competitors are being forced to follow the same rules motivates firms to comply with regulation (May, 2005). Further, Gunningham and Kagan suggest that regulation's key contribution is to "trigger and direct managerial" attention to the underlying issues that spurred such regulation (Gunningham & Kagan, 2005, pg. 217). This last observation is squarely in line with Dr. May's research findings that firms, regardless of regulatory approach, are motivated by two specific ideas. First, firms are motivated by deterrent fears; second, firms are motivated by a duty to comply (May, 2005).

There are two overarching types of deterrence that motivate firms: specific deterrence and general deterrence (May, 2005). Specific deterrence are actions aimed at individual firms. Specific deterrence is more commonly associated with the mandatory style of regulation, and is necessary when the bad apples are likely to destroy the barrel before being exposed. General deterrence is achieved by larger actions, such as public warnings that showcase violators and by publicizing the consequences of not complying with regulations. Clearly, general deterrence is more widely achieved through the voluntary compliance style of regulation.

The other motivation Dr. May identifies is the duty to comply (May, 2005). This motivation can be understood through the deontological perspective of ethics, championed by Kant (McPhail & Walters, 2009). This motivation assumes that firms believe they have a moral obligation to address specific problems, problems contemplated by regulation even. The voluntary approach relies heavily on this motivation-this is the style that will be most effective when the barrel of apples are mainly good apples and the bad apples do not pose a significant threat to all the others.

We will discuss how the accountant can serve to assist in both types of deterrence by applying this model, encompassing a hybrid of mandatory and voluntary compliance frameworks. This discussion will be in light of the regulations and proposed framework discussed in the preceding paragraphs.

We previously discussed the intention of and penalties embodied in the Sarbanes-Oxley Act; we will now discuss the outcomes for violations from a motivational perspective. Besides criminal penalties there are various consequences for fraudulent firms once discovered. Not only do employees face criminal charges and fines, but the company's reputation is damaged; this is evidenced in the stock price. After the initial news of a SOX violation, the stock price usually declines 16.7%; after news of an official investigation, either by the Securities and Exchange Commission or the Department of Justice, there is a 7.3% decrease in stock price, on average (Beasley, Carcello, Hermanson, & Neal, 2010). Also, it is not uncommon for companies to claim bankruptcy or even delist its stock after enforcement action is undertaken.

Even with various consequences, financial fraud is still occurring at increasing rates. With even larger companies committing the fraud, it is possible that the fines and terms are not significant enough. However, increasing the fines for all companies would cause more severe damage to smaller companies. A possible suggestion would mirror the reasoning behind a progressive tax: those that have the ability to pay more should be forced to pay more. The fine could be based on something comparable across firms, such as revenues or assets. This would ensure that the larger firms and smaller firms suffer a comparable consequence for non-compliance with SOX regulations.

The accounting staff at a public company needs to be knowledgeable about SOX requirements and penalties. This can be achieved in a cooperative manner with the SEC, who should make the myriad of requirements and punishments more comprehensible to businesses. It should not just be public accounting firms who really understand the intricacies of the Sarbanes-Oxley Act. However, auditors at public accounting firms are in a good position to serve as an extension of the SEC and help to educate clients about the requirements and punishments that are part of SOX. This fulfills the general deterrence function by educating businesses. Auditors, continuing in their current role, to audit businesses to see if they comply with SOX requirements, and reporting on non-compliance fulfills the specific deterrence function. The sense of moral duty to provide accurate financial information to stakeholders is something that some executives believe, and as such, are the good apples who just need more guidance in financial reporting. However, the bad apples, who do not believe they have a moral obligation to provide accurate financial information, need to be controlled by harsher punishment in the form of mandatory regulation achieved through specific deterrence action.

Earlier, we discussed labor practices and regulations, such as the Occupational Safety and Health Act and the Fair Labor Standards Act as they relate to workplace safety and child labor, respectively. The auditor currently has no duty to blow the whistle on clients who violate either of those regulations. However, the accounting staff at the businesses who violate the above regulations could be subject to legal action due to their complicity in the violations. Accountants within a company have access to most, if not all, payroll information and can use this information to detect serious violations of the FLSA. Auditors commonly take tours of the manufacturing facilities to gain a greater understanding of the business process. Therefore, the auditor is in a position to observe non-compliance with OSHA regulation and to notice child workers.

The accounting staff at a business and their auditors can fulfill both the deterrent and specific enforcement functions. OSHA and the FLSA have agencies specifically dedicated to make employers knowledgeable of requirements and the penalties associated with non-compliance. The accounting staff should be trained on what those requirements are, and when they are processing employment forms and particularly payroll information, should be on the watch for excessive hours or for violations of child labor limitations. Auditors routinely analyze payroll information, as it is one of the largest expenses for most companies. In their analysis, they could perform a deeper inquiry into who is being paid, not just the reasonableness of the aggregate total. Additionally, the auditor could be required to inspect manufacturing facilities for OSHA compliance as part of their audit over internal controls. Clearly, expanding an auditor's responsibility will result in more costly audits, but that would shift the expense of inspection and monitoring from regulatory agencies to the individual firms. To ensure auditors comply with their new responsibilities, the SEC or the Public Company Accounting Oversight Board should create standards that make it imperative for accounting firms to comply.

We previously discussed problems with excessive executive compensation being paid out of government-provided bailout money. Hopefully, that sort of direct government-funding will not be necessary again. However, if it is, the government needs to include stipulations that the money shall not be used for employee bonuses. Additionally, to ensure that specific deterrent motivation exists, there should be provisions aimed at employees, mainly management, who take large bonuses out of bailout money, such that they would be required to return the payment to the regulatory agency. When firms are not in dire financial stress where government assistance is needed, it is the prerogative of the board of directors to determine executive compensation, including their bonus package. However, in determining the bonus structure, directors should remember that in the United States, the board has a fiduciary responsibility to the shareholders.

Embodied in the board of directors' fiduciary responsibility to shareholders is an implicit assumption that to be loyal to shareholders, one must be independent from the company. As such, the SEC should mandate that the entirety of the board of directors be independent, not just the audit committee. Directors should be independent of the company, which includes having no involvement with competing companies, suppliers, or potential suppliers. No executives or high-ranking employees of the company should be allowed on the board; only people who are outsiders should be allowed to serve. The accounting staff should be tasked with monitoring the independence of the board of directors by verifying every director is independent on an annual basis. The auditor could fulfill the specific deterrence function by verifying the independence of board members during an audit and alerting the SEC or modifying their audit report to disclose the lack of director independence.

We have now examined regulations, discussed different regulatory schemes, gained insight into firm motivation for regulatory compliance, and proposed ways for auditors and accountants to control criminal and general regulatory activities. Returning to the apple metaphor which began this paper, we see that the good apples comply with voluntary regulations because they feel a duty to comply. However, the bad apples will only comply with mandatory regulations due to specific and general deterrence. Accountants and auditors can help to enforce specific and general deterrence and to promote a duty to comply. This framework should ensure that the bad apples do not ruin it for the entire barrel.