This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
The beginning of the 21st century has witnessed the meltdown of the giant company - WorldCom, together with its auditor - Arthur Andersen, casting spotlight on the re-examination of the reliability and assurance delivered by financial audit. (Scharff, 2005) On July 21, 2002, the telecommunications company WorldCom, with overstatements of $7 billion in its tax income and written-down of $82 billion of assets, filed for Chapter 11 bankruptcy protection. (Kaplan & Kiron, 2007) Shareholders and other stakeholders of the company suffered from substantial losses after the fall of the giant, which was thought to be "too big to fall". People were left wondering what caused the collapse and who was accountable for this. Regulators, standard setters, and audit agencies were questioning why traditional financial audit failed to detect and unveil the accounting frauds and providing assurance for shareholders, potential investors and other stakeholders as expected. As a significant and indispensable part of financial control and one of the most fundamental devices to provide assurance, financial audit is called into question. People were haunted with a question in mind and started wondering: 'Why does financial audit fail to provide the assurance as expected?'
Financial audit (or external audit) refers to 'corporate financial audits conducted on the financial statements of an organisation by an outside party - a registered public accounting firm or a qualified individual auditor.' (Mennicken & Power, 2012) In light of the urgency and importance to find out why financial audit failed to provide assurance, this essay will make a critical analysis of the limitations of financial audit and the different notions of assurance by different groups of people.
The essay is constructed into two parts. The first part will examine the reason why assurance provided by financial audit is limited from theoretical perspectives in terms of expectations gap and the audit risk model. Then a deeper analysis will be made through discussions about different ideas of what assurance should be delivered by financial audit from the perspectives of audit standards, auditors and the public. In the second part, theoretical limitations of financial audit examined in the first part will be empirically analysed in the case of WorldCom and its auditor Arthur Andersen. Drivers of the audit failure at WorldCom will also be examined. At last, the essay will conclude that it cannot be denied that audit failures are to a large extent caused by malpractice of financial auditors. However, the external auditors are not the only group of people to be blamed. Due to the limitations of financial audit and various notions of assurance, financial audit cannot be adapted to all the demands for assurance. Accountability and significance of other sources of assurance, such as internal audit and management, should not be ignored. Financial auditing should be combined with other governance mechanisms to provide assurance. (Mennicken & Power, 2012)
Theoretical Examinations of Limitations of Assurance Provided by Financial Audit
2.1 The Expectations Gap
Financial auditors are expected to provide certain type and amount of assurance to meet the needs of both auditing standards and different groups of financial statement users. However, the different interpretations and expectations of the type and amount of assurance that audit should provide created a gap between the audit service providers and audit service buyers. (Mahadevaswamy, 2008)
The term 'audit expectations gap' was first introduced by Liggio as the difference in interpretations of expected performance between independent auditor and financial statement users. (Saeidi, 2012) The definition given by Liggio is very simple and general. More specific and detailed definitions and notions of audit expectations gap sprouted after Liggio. According to Gray and Manson(2011), the expectations gap is 'used to describe differences between the expectations of those who rely upon audit reports concerning what auditors do and what they are perceived to do'. Humphrey et al. (2011) defined the expectations gap as '[â€¦ ] a representation of the feeling that auditors are performing in a manner at variance with the beliefs and desires of those for whose benefit the audit is being carried out.' In Humphrey's definition, financial statement users and audit report users are not the only groups of people who benefit from auditing. Other groups of people, for instance, taxpayers who are very unlikely to make decisions based on financial statements and audit reports, may require audit assurance as well, especially in the case of public sectors. So Humphrey covered a wider range of demanders for audit assurance than Liggio and Gray and Manson did. Later, Porter divided audit expectations gap into two sub-categories, namely the reasonable gap, and performance gap.(Porter, 2012) Reasonable gap refers to the gap between 'what the public expects the auditors to achieve and what they can reasonably be expected to accomplish'.(Porter, 2012) The reasonable gap usually arises from the excessive and unrealistic expectations from the public, who require more assurance than audit can provide in practical terms.(Gray & Manson, 2011) The performance gap, defined as the gap between 'what the public can reasonably expect auditors to accomplish and what they are perceived to achieve', is caused by the failure of auditors to undertake auditing practices to a decent and adequate extent. (Gray & Manson, 2011)
According to Power (1997), the rise of the expectations gap is due to the conflict views of the public and the auditor on what audit should deliver. The public regard the audit function as 'the detection of fraud'; while the auditors claim that they are supposed to deliver professional opinion or a 'true and fair view' on financial statements.(Power, 1997) This conflict stems from the obscurity of what audit should deliver, and what kind and amount of assurance audit should provide. There is no consistent and explicit conception of what 'good' audit is.(Power, 1997) To be more specifically, we will look at the causes of the two components of expectations gap, namely reasonable gap and performance gap, respectively.
According to Sikka et al. (1998), the reasonable gap is resulted in the clash between supply and demand of auditing services. Audit service providers are trying to minimise obligations imposed on them, while in contrast, audit service buyers require auditors to deliver a high quality of practice to maximise the amount of assurance that such practice can provide.(Sikka, 1998) Auditors are accountable for providing a minimum regulated level of 'reasonable assurance' required by the standards. However, this kind of assurance required by the auditing standards is far from what is expected by the users. A survey carried out by Humphrey et al. (1993) suggests that the audit expectations gap exist in varies aspects of the function of audit and performance of auditors. Different views on the responsibility and function of audit practices were demonstrated in the survey, including auditors' role in fraud detection, auditors' responsibilities to third parties, balance sheet valuations, independence of audit and so forth. (Humphrey et al., 1993) However, the survey implies that the expectations gap is neither due to the bias of audit services' buyers towards auditors, nor caused by public's unrealistic expectations of the outcome of audit services. (Humphrey et al., 1993) It is different interpretations of the nature of audit functions and varies expectations of the outcome of audit practices that lead to the reasonable gap. When the fraud of a firm is uncovered, auditors are always the first group of people to be blamed by the public. (McHugh & Rowe, 1996) However, in fact, external auditors are not the only group of people responsible for fraud detection and assurance provision, and they can not work alone to achieve it. Besides external auditors, internal auditors, board of directors, CEO and other groups of people are also accountable for providing assurance to the public. (Power, 2005) So the reasonable gap is to a large extent due to public's excessive demand out of auditors, and negligence of the duty of other assurance providers.
Another element of the expectations gap - the performance gap, can be subdivided into deficient standards, which refers to 'a gap between what can reasonably be expected of auditors and auditors' existing duties as defined by law and professional promulgations', and deficient performance, which is defined as 'a gap between the expected standard of performance of auditors' existing duties and auditors' perceived performance, as expected and perceived by the public'. (Gray & Manson, 2011) Portor et al. (2012) argue that what leads to deficient standard is the additional cost arose by performance of extra responsibility that exceeds the benefits to society. The deficient standard in this case seems to be economically rational for standard setters and auditors. The deficient performance is caused by lack of competence and lack of practitioner independence. (Gray & Manson, 2011) Again, trade off is involved in the cost-assurance choice of whether to invest more in competence and independence of auditors at a higher cost or not. (Power, 1997)
From the discussions above, we can see that what is expected by the financial statement users and the public, what is required by the auditing standards, and what is delivered in auditing practices are decoupled. Expectations can be narrowed down through endeavours, but obviously can never be eliminated. (Ojo, 2007) It is not practical to reconcile different notions and ideas of financial audit assurance among various groups of people.
2.2 The Audit Risk Model
Audit risk model is a primary tool for auditors to make audit decisions on selection method, the amount and type of samples to detect, and the level of risk tolerance in audit practices. Audit risk consists of inherent risk, control risk and detection risk. (Arens, 2000) We will take a closer look at the three elements one by one.
Inherent risk is the auditor's judgement of the likelihood of material misstatements, ignoring internal control. (Arens, 2000) Inherent risk can be used as a guide for auditors to predict where misstatements are more likely to occur in the financial statements. In this way, auditors can decide where more evidences should be collected. (Law, 2008) Control risk is the auditor's assessment of how likely internal control systems fail to detect the misstatements in financial statements that exceeds an acceptable amount. (Arens, 2000)
The combination of inherent risk and control risk can represent the tolerance of misstatement after taking internal control into consideration. (Arens, 2000) In most cases, inherent risk is determined by the nature of the industry and the kind of work and transactions a company is engaged in. Control risk depends largely on the internal control within the organisation. Due to these features of inherent risk and control risks, they can only be evaluated or estimated, but can never be controlled by external auditors.
Detection risk is the only element that can be controlled by financial auditors. It is composed of sampling risk, the risk caused by not testing the entire population, and non-sampling risk, the risk of not uncovering the exceptions in the sample. (Arens, 2000)
Detection risk can be controlled in two ways: adjusting sample size and improving sampling method. (Arens, 2000) A higher degree of assurance can be achieved by a bigger size of sampling. A sample size of the entire population means zero sampling risk. However, this is impossible to achieve since it is technically difficult to collect all the information and irrational to spend too much time and money on checking all the materials. The effectiveness of sampling method depends largely on auditors' professional judgement. But no matter how professional and experienced the auditor is, not sampling method is perfect. Similarly, Power (1997) argues that in order to obtain sufficient audit evidence to enable auditors to give an opinion on the financial statements, auditors have to trade-off between operational scope (i.e. number of transactions tested) and operational depth (i.e. the method of test performed on selected transactions). (Power, 1997) Seeing that the amount of resource allocated to auditing activities is limited, a bigger sample size means to be less detailed in testing process and vice versa. (Power, 1997)
In order to achieve a higher level of assurance, the auditor should make efforts to decrease detection risk to a lowest level. According to Arens (2000), there are two ways to achieve this. One approach is to recruit more experienced professions to engage in the audit process. Another solution is to make more effort and review more carefully than usual. Both of the approaches are expensive and sometimes impractical to implement. When the increase in cost outweighs the benefit, it is irrational for the auditor and auditee alike to achieve a higher level of assurance. Taking cost-effective factors into consideration, a very high level of assurance is expensive, worthless and sometimes impossible to achieve.
2.3 Assurance Provided in Compliance with the Auditing Standards
2.3.1 The Auditing Standards' View
'International Standards on Auditing (ISA) requires the auditor to obtain reasonable assurance about whether the financial statements as a whole are free from material misstatement, whether due to fraud or error.' (IAASB, 2012)
The auditing standards indicate that financial auditors are expected to provide an authorised professional opinion in order to make assurance of the quality and faithfulness of financial statements. (IAASB, 2012) Reasonable amount and type of assurance should be provided by auditors to ensure that financial statements can be used as a genuine and proper representation of the entity's financial position, performance and sustainability by different groups of people for decision-making. (McHugh & Rowe, 1996)
Although reasonable assurance is required by the standard, no explicit explanations of what amount and type of assurance is defined as reasonable assurance are provided. The vague expression and lack of further explanation lead to divergence in the interpretations of 'reasonable assurance', which posed the problem of expectations gap between the compliance-based type and amount of assurance, the assurance provided in audit practice, and assurance required by the public and different groups of financial statement users.
The amount of assurance required by auditing standards is merely on a minimum regulatory level. (Gray & Manson, 2011) This level of assurance is set by the regulators with both a cost-effective consideration and a concern for self-protection from litigation. A very high level of standard will lead to excessive amount of resources being allocated to auditing activates, which is neither rational nor cost-effective. If the auditors are required by the standards to provide more assurance and control the audit risk to a minimum level, they have to collect a substantial amount of evidences and make more endeavours in the auditing process, which will increase the costs. However, the effort may not ameliorate the outcome accordingly. If the increase in costs outweighs the increased level of assurance, audit service buyers will be reluctant to pay for such expensive auditing services. As a minimum regulatory level of requirement, level of assurance required by the auditing standard is too expensive to be high. In addition, if the International Auditing and Assurance Standards Board (IAASB) gives an explicit and detailed explanation or criteria for 'reasonable standard', it may lose the right for final explanation and be exposed to litigation risks. So the vague expression of 'reasonable assurance' somehow protects the auditing standard setters from litigation, seeing that they reserve the final explanation and have a greater flexibility in defining the standards' view of what type and amount of assurance is reasonable.
2.3.2 Reasonable Assurance versus Absolute Assurance
According to IAASB (2012), 'Reasonable assurance is a high level of assurance. It is obtained when the auditor has obtained sufficient appropriate audit evidence to reduce audit risk to an acceptably low level.'
First of all, it is indicated in the auditing standard that the provision of reasonable assurance is based on sufficient appropriate audit evidence. However, the standard does not tell us what type and amount of audit evidence is sufficient and appropriate. The sampling size and method, and the trade-off between operational scope and depth are to a large extent dependent on the auditors' professional judgement and require a high level of capability to achieve. (Power, 1997) Secondly, cost-effectiveness and other factors should also be taken into consideration when collecting audit evidences. Absolute assurance can never be achieved due to these limitations. In addition, IAASB's statement of 'acceptably low level' is ambiguous as well. It is the auditor who decides whether the audit risk is of an 'acceptably low level', not the public and financial statement users. Again, it is largely based on the auditors' professional judgement. Besides, as discussed earlier, the level of audit risk tolerance is different between different groups of people.
In addition, the standard also stated that an absolute level of assurance is unrealistic and not expected to be achieved. 'However, reasonable assurance is not an absolute level of assurance, because there are inherent limitations of an audit which result in most of the audit evidence on which the auditor draws conclusions and bases the auditor's opinion being persuasive rather than conclusive.' (IAASB, 2012)
The standard demonstrated that auditors cannot provide an absolute guarantee and assurance of the validity of financial statements due to inherent limitations. (Arens, 2000) Auditors' opinion and judgement on the financial statements are based on the audit evidences sampled. The detection risk of not covering the misstatements is inevitable. (Arens, 2000) Especially in the case of accounting fraud, misstatements are intentionally hidden, making it even more difficult to be detected by auditors by normal audit processes. (Arens, 2000) Furthermore, not all the audit risks are under the control of auditors. Auditors are not accountable for inherent and control risks. The only controllable element of audit risk for auditors is detection risk. Therefore, auditors cannot provide absolute assurance due to the uncontrollable risks inherent in the auditee itself. At last, a very high level of assurance is too expensive and sometimes economically irrational to achieve, when the benefit financial statement users get exceeds the cost.
2.4 Other Notions of Assurance
In the Oxford English Dictionary (OED), there are three relevant definitions of assurance in the context of financial auditing.
I.1.a. 'A promise or engagement making a thing certain; a formal engagement, pledge, or guarantee.'
I.3. 'A positive declaration intended to give confidence.'
II.8.a. 'Subjective certainty; being certain as to a fact, certitude; confidence, trust.' (Simpson & Weiner, 1989)
The auditing standards' view of reasonable assurance fits the definitions of I.1.a and I.3. The objective of auditing is to give confidence to financial statement users in terms of the authenticity of financial statements. The auditing process is a certain kind of 'formal engagement' since auditors are supposed to check whether the financial statements are true and fair. To be more precise, auditors are supposed to give opinions of whether the transactions in the financial statement are based on facts and whether the preparations of financial statements comply with accounting standards. (Gray & Manson, 2011) However, different from the definition in OED, audit assurance is not always given through a positive declaration. When auditors detect fraud or improperness in financial statements, reasonable assurance and confidence can also be given through a negative view (i.e. qualified opinion, disclaimer opinion or adverse opinion).
In comparison, the public and financial statement users' view about reasonable assurance tends to fit the definition II.8.a. Their confidence of financial statements is built on the trust in auditors, who act as the agents to test and verify the faithfulness of financial statements on behalf of the public. Nevertheless, the users' trust and expectations can be blind and unrealistic. The auditor of a company is usually chosen by a small group of people, in most cases, the board of directors. (Arens, 2000) Shareholders and other groups of financial statement users do not know much about whether the auditors are capable and experienced. So whether the auditor is independent, professional and trustworthy can be questionable. Apart from that, the public's expectation of auditors to be 'certain as to a fact' (Simpson & Weiner, 1989), or in other words, to detect fraud is more than to provide guarantee on financial statements. So the public have a different view on what assurance should be provided by audit.
By examining the different definitions of 'assurance' in the OED, we can see that there are different interpretations of what assurance should be delivered by auditors and auditing practices between the audit standards and the public. The auditing standards require auditors to provide assurance by giving true and fair views on the faithful representation of financial statements. While the public's demand for assurance is not confined to the faithful representation of financial statements. The different scopes of assurance defined by the public, auditors and standard setters lead to the gap of expectations.
An Empirical Analyses of Limitations of Assurance Provided by Financial Audit - the Failure of WorldCom
The fall of WorldCom and its auditor Arthur Andersen destabilised the financial markets and undermined the trust and confidence in financial reporting in the United States. (Coffee, 2006) As one of the largest and most iconic audit failures in history, it calls for studies on the reasons and drivers of the fall. (Coffee, 2006) In the following part of the essay, we will examine the theoretical explanations discussed earlier in the case of audit failure at WorldCom and Arthur Andersen. Other empirical drivers of audit failure will also be discussed.
3.1 A Brief Overview of the Financial Audit Failure in WorldCom
WorldCom, one of the largest telecommunications company in the United States, filed for Chapter 11 bankruptcy protection on July 21, 2002. (Kaplan & Kiron, 2007) Its independent auditor, one of the Big 5 audit firms, Arthur Andersen, collapsed following the fall of WorldCom.
From top to bottom, WorldCom was immersed in an irrational craze for revenue and Expense-to-Revenue Ratio, which were two key indicators of a company's market value. Everyone in the organisation tried or forced to achieve the ambitious and unrealistic goal of being 'the No.1 stock on Wall Street' by any kind of means. WorldCom deliberately overstated its income and miscalculated the expense-to-revenue ratio mainly by two means: improper accrual releases and expense capitalisation. (Kaplan & Kiron, 2007)
Arthur Andersen, the independent external auditor of WorldCom from 1990 to 2002, failed to reveal the accounting fraud. (Kaplan & Kiron, 2007) The causes of the audit failure of Arthur Andersen were quite complex. There was a large gap of information asymmetry between WorldCom and Arthur Andersen. On one hand, WorldCom restricted Arthur Andersen's access to a large number of significant evidences, and provided false information to Arthur Andersen. On the other hand, Arthur Andersen committed malpractice at WorldCom. (Coffee, 2006) It did not adjust its auditing method and engagement properly through time and in different situations, and had never reported the restrictions of access to vital information and communications with the auditee. (Coffee, 2006)
WorldCom subsequently overstated its income by more than $7 billion and wrote down more than 75% of its assets. (Kaplan & Kiron, 2007) Finally, the game was brought to an end by the whistle blowing of WorldCom's internal auditor, shocked the whole capital market and astonished the whole society.
3.2 Expectations Gap in the Case of WorldCom
In the case of WorldCom, the major supplier of assurance is the independent external auditor, Arthur Andersen. The main users of the financial statements and assurance demanders are composed of WorldCom's shareholders, creditors, board of directors, business partners, employees, customers, existing and potential investors and so forth. In accordance with the notion and definition of expectations gap discussed earlier in this essay, the expectations gap in this case is the differences of expectations between WorldCom's financial statement users' and assurance demanders' expectations of assurance that Arthur Andersen should deliver and assurance actually delivered by Arthur Andersen.
As one of the major telecommunications service provider with a great number of customers including the Department of Defence and many other government sectors, WorldCom was an organisation whose financial statements were of great importance. A great deal of assurance was required. In this context, the reasonable gap may rise because of financial statement users' unrealistic expectations for Arthur Andersen to provide a very high level of assurance, seeing that the audit failure of such a giant firm can become a disaster for the whole industry, even the whole economy. Another reason could be that the public demanded too much out of Arthur Andersen, and neglected the internal management system of WorldCom and other assurance providers.
Another important element of the expectations gap in this case was the performance gap caused by both deficient standards and deficient performance.
First of all, laws, regulations and standards ignored the importance of regulating and controlling the conflicts between consulting and auditing services. It was the audit firms' responsibility to keep away from any kind of work where auditors might make management decisions for the auditee. (Squires et al., 2003) Consulting services posed great threats to the independence of the auditor. However, there was no applicable rule to restrict the same firm to provide audit and non-audit services to the same organisation at the same time, although SEC noticed the threats on the independence of audit by consulting services. (Squires et al., 2003) Arthur Andersen was among the first firms providing consulting services, which was quite profitable, even more profitable than its traditional audit services. (Squires et al., 2003) After consulting took over auditing as the main source of income for the firm, it became a standard strategy to bundle audit with consulting services at Arthur Andersen. (Squires et al., 2003) Although Arthur Andersen noticed the conflict of interests between consulting and auditing services, it still decided to take the risk of keeping the consulting services because of the substantial potential revenue generated by consulting. In the case of WorldCom, conflict between consulting and auditing was a big incentive for Arthur Andersen to perform malpractice in auditing. It was quite dubious whether the audit failure was more of Arthur Andersen's failure to detect abnormalities due to WorldCom's deception, or Arthur Andersen's unwillingness to detect and report the accounting fraud at WorldCom. The lack of relevant rules and deficient standard played a key role in facilitating the dereliction of auditing.
In addition, deficient performance was another key element of the performance gap in the case of WorldCom. To start with, although WorldCom had been defined as a 'high-risk' client, Arthur Andersen still audited WorldCom as a 'moderate-risk' client without adjusting its audit approach accordingly. (Kaplan & Kiron, 2007) Furthermore, in spite of the denied access to WorldCom's general ledger, Arthur Andersen was still willing to rely on the managers' explanations without questioning. (Hamilton & Alicia, 2006) Arthur Andersen failed to perform a proper degree of audit scepticism. During a long period of time, Arthur Andersen seemed not to make an endeavour in its auditing work. It had never reported to the audit committee of restricted access to important information and personnel, and still gave an opinion of 'fair' in WorldCom's audit report of compliance with requests or information. (Kaplan & Kiron, 2007) Apart from the conflicts between audit and consulting services, which has already been discussed, there are several incentives regarding Arthur Andersen's deficient performance. In fact, Arthur Andersen had quite a cosy relationship with WorldCom. (Hamilton & Alicia, 2006) In other words, the social distance between Arthur Andersen and WorldCom was not far enough to guarantee the independence of the auditor. (Power, 2005) As one of the biggest clients of Arthur Andersen, WorldCom paid high fees for both audit and consulting services. (Hamilton & Alicia, 2006) Arthur Andersen's compromise in auditing practices may result in its unwillingness of losing such a big client and source of income. (Hamilton & Alicia, 2006)
To sum up, the audit failure at WorldCom was to a large extent due to the deficient standard and deficient performance. The assurance provided by Arthur Andersen did not meet the requirements by auditing standards, needless to say the requirements by financial statement users and the public.
3.3 Audit Risk in the Case of WorldCom
In this part, we will take a look at the inherent risk, control risk and detection risk at WorldCom respectively.
To start with, the inherent risk of WorldCom is quite high considering the following aspects. Firstly, the complexity of WorldCom is quite high as a result of expansion of the enterprise by mergers and acquisitions. (Kaplan & Kiron, 2007) Secondly, the conditions of whole industry deteriorate since 2000 as a result of fierce competition and reduced demand after the dot-com bubble collapse. (Kaplan & Kiron, 2007) Besides, WorldCom was forced to reduce price for telecommunication services in order to match with the trend in the whole industry and to catch up in the price competition. (Kaplan & Kiron, 2007) Moreover, managers were under pressures to modify the financial statement. They had great incentives to modify the expense-to-revenue ratio, one of the key performance indicators, in order to achieve the goal of being the No. 1 stock on Wall Street. (Kaplan & Kiron, 2007)
In regard to the control risk, WorldCom's board of director did not have an active participation in the internal control processes. It was the CEO who took charge of board meetings and set agendas. (Kaplan & Kiron, 2007) The Board of directors and Audit Committee, who were neither familiar with nor involved in the controlling process of internal financial practices, failed to monitor the CEO and the operation of the firm. The improper use of funds by the CEO was not noticed by the boards and Compensation Committee. The culture and structure of internal control within WorldCom were quite weak. Senior accounting managers were given the access to general ledgers and were able to make significant adjustments against opinions of the operating and financial managers from different business units. (Kaplan & Kiron, 2007) In addition, there were no explicit mechanisms for 'whistle blowers' to report the misbehaviour of senior managers.
Because of lack of information and restricted access of communication, Arthur Andersen did not make a proper estimation of inherent risk and control risk at WorldCom. This led to a higher level of acceptable audit risk or a lower level of assurance than planned and expected.
In addition, Arthur Andersen did not take measures to reduce its detection risk at WorldCom. It just assumed information provided by managers claimed were valid without sampling sufficient evidences to verify these information. (Kaplan & Kiron, 2007) Apart from that, Arthur Andersen mainly focused on misstatements in the financial statements caused by errors, not deliberate misrepresentation. (Kaplan & Kiron, 2007) It treated WorldCom as a moderate-risk client in the auditing practices after rating it as a high risk client. Instead of maintain a necessary amount of audit scepticism and professionalism, Arthur Andersen had never reported its restrictions to core information and personnel to the audit committee.
3.4 Drivers of the Financial Audit Failure at Arthur Andersen
The failure to provide sufficient assurance at WorldCom was analysed from theoretical perspectives of expectations gap and audit risks above. The following part of the essay will throw a light on the drivers of these failures from empirical perspectives. Two of the most significant drivers are the undue influence of financial incentives and the failure of reputational incentives, which will be examined respectively.
3.4.1 Undue Influence of Financial Incentives
Undue influence of the financial incentives is a key factor that caused the audit failure at Arthur Andersen.
After the 1980s, as the growth of auditing income became flattened, the competition between audit firms became increasingly fierce. (Squires, 2003) Arthur Andersen and other audit firms alike were under great pressure to expand the range of services in order to catch up in this competition and maintain the revenue growth. Driven by pressure of competition and financial incentives, Arthur Andersen adopted a sales culture, which not only increased the level of acceptable risks substantially, but made the conflict of interests between audit and consulting even more intense. (Squires, 2003) After consulting services took over the traditional audit services and became the main source of income for Arthur Andersen, Andersen applied a strategy to bundle audit with consulting services, in order to make more profits out of the combination of services. (Squires, 2003) Despite the fact that everyone in the industry and the SEC noticed the erosion of auditor's independence and other risks posted by conflicts between audit and non-audit services, (Squires, 2003) there were no explicit and applicable regulations to prevent the combination of these services.
WorldCom was a 'highly coveted' client, (Kaplan & Kiron, 2007) and had a long-term 'cosy' relationship with Arthur Andersen. (Hamilton & Alicia, 2006) Arthur Andersen would suffer from great financial lost if losing a client as WorldCom. Due to the fear of losing such a valuable client, Arthur Andersen was reluctant to insist in financial statements adjustments when engaging significantly in consulting services for WorldCom. (Tackett, Wolf, & Claypool, 2004)
Driven by the undue influences of financial incentives, Arthur Andersen's deficient performance in its auditing works contributed to the audit failure at WorldCom.
3.4.2 Failure of Reputational Incentives
According to Coffee (2006), reputational capital plays a significant role in restricting auditor's behaviour. Reputational capital is vital for audit agents, because if they lost their reputation, their opinions on financial statements will not be regarded as true and fair or authorised. The audit opinion of such auditors will become useless for financial statement users. Thus, no one will buy the services provided by the auditor any more. (Coffee, 2006) Although auditors are paid by their client firm on a private contracting basis, they have to maintain a large degree of independence in order to gain the trust of financial statement users. (Coffee, 2006) Such reputational capital will be depreciated by performing wrongdoing in audit practices. It is irrational for auditors to acquiesce in accounting fraud of the auditee, seeing the risk of litigation and fear of reputational lost. (Coffee, 2006)
However, auditor is 'an economic agent in his/her own right'. (Mennicken & Power, 2012) In the case of WorldCom, the mechanism of seeking reputational capital failed to work, because Arthur Andersen was remunerated by WorldCom and became economically dependent. (Power, 2005) As in the case of WorldCom, financial incentives provided by non-audit services outweigh the fear of losing reputational capital. Instead of being engaged in auditing activities, Arthur Andersen focused on consulting services, which was much more profitable. (Coffee, 2006) The decline in the value of reputational capital resulted in less willingness and efforts for the auditors to protect it. The failure of restrictions posed by reputational considerations, the larger income generated by non-audit services, together with the lack of exposure to litigation eroded the quality of audit work at Arthur Andersen. (Coffee, 2006)
By examining the theoretical perspectives of limitations of financial audit in the case of WorldCom, we can conclude that the audit failure was to a large extent due to the malpractice of the external auditor, Arthur Andersen, who failed to provide assurance driven by financial and other incentives. However, financial auditors should not be the only target to be blamed, because assurance can be provided by external audit is quite limited. Financial audit cannot be adapted to the variety of demands for assurance. Apart from deficient performance of external auditors, deficient standard and reasonable expectations gap also contributed to the expectations gap. In addition, detection risk is the only element of audit risks can be controlled by the auditor. The internal control and other governance mechanisms of an enterprise are also responsible for mitigating audit risks and providing assurance.
The essay made an analysis of limitations of assurance can be provided by financial audit by focusing on a financial auditor's perspective. Improvements can be made by focusing on a wider range of sources of assurance and the interactions and conflicts between these sources.