Why auditors fail to detect frauds
Dipak Mondal April 26, 2019
In the event of corporate scandals such as PNB (Punjab National Bank) scam or the IL&FS (Infrastructure Leasing & Financial Services) default, auditors -- apart from promoters and directors -- are the ones inviting maximum ire from the government, investors and regulators.
Auditors contend detecting a fraud is beyond the scope of their work in most of cases. They believe there is a mismatch in expectations between what they do as auditors and what market/stakeholders expect them to do.
To understand an auditor's perspective, we spoke to Jamil Khatri, partner, BSR&Co, an associate company of KPMG. He explains the expectation mismatch.
"We interact with management and the audit committees closely and they generally understand (our limited scope). However, as you go to the wider stakeholder group, whether it is the government, media or investors, the expectation gap increases," he says.
He further cites three major reasons behind this expectation gap. "First, a lot of investors want the comfort of forward-looking information, while we provide the backward-looking information. So, we may spend thousands of hours to certify what the as-of position is, but people want to know if the risk factors are correctly disclosed. Now, that is not our responsibility in the current framework," says Jamil.
The second reason for the mismatch is what they audit themselves. He explains: "An analyst with an investment house would value, say, a construction company, on the order backlog. We do not audit order backlog. It is not part of the financial statement, so we cannot audit it. Again, in the retail industry, for example, people look at the same store sales growth. We have nothing to do with same store sales. We don't audit it, we don't certify it."
According to him, a lot of information that the market relies on is not subject to audit, but people don't always understand this.
On the question of why auditors do not detect fraud, he says, audit by its very nature is not forensic; it is about doing a set of things based on samples after testing internal controls that the company has set up.
"Now, if the promoter or management overrides controls, those won't work. Effectively, the auditor in many cases relies on management control and if those go wrong given the nature of the audit, which is sample based (you cannot audit everything), it is impossible to detect any wrongdoings," says Jamil.
He says such frauds can be detected by forensic audits and if someone wants them to do forensic audit, they will do it, but the cost will go up 10 times.
There is hope, however, as technology provides a solution by making audits much more detailed and effective. Use of technology such as artificial intelligence, data analytics and machine learning could minimise 'gaps' due to sample-based auditing.
"Earlier if we had to audit purchases of a manufacturing company, we would pick a sample of the purchase invoices to see if entries are genuine and goods were indeed bought and recorded. Now with technology, we can audit 100 per cent of invoices. This will address the expectation gap."
Artificial intelligence can be used to improve audits. Right now, auditors rely mostly on what the company tells. But, AI can use the information available publicly, whether it is the government data or information from social media, etc, to enable auditors to validate some of the information given by the company.