CPAs’ Perceptions of the Impact of SAS 99

By Donald C. Marczewski and Michael D. Akers

E-mail Story Print Story

Comparison of SAS 82 and SAS 99

SAS 99 was issued in November 2002; it superseded SAS 82, issued in 1997. SAS 82 attempted to address shortcomings of the audit process and audit quality (as reported by Jakubowski, Broce, Stone, and Conner in the February 2002 CPA Journal), and SAS 99 was issued for similar reasons. Whether SAS 99 actually expands an auditor’s role in detecting fraud or merely reorganizes SAS 82 has been a matter of debate. Is there increased substance and responsibility attached to the new standard, or is it just a restatement of SAS 82 aimed at convincing public critics that increased efforts to detect fraud are taking place?

The most notable change is that SAS 99 takes a more proactive approach to the prevention and deterrence of fraud, while SAS 82 and its predecessors focused on detection. Both standards also focused on responding to and documenting fraud that affects the financial statements. A critical comparison of SAS 82 and SAS 99, following the analysis of Michael Ramos (“Auditors’ Responsibility for Fraud Detection,” Journal of Accountancy, January 2003) reveals the differences shown in Exhibit 1.

Survey

A questionnaire was designed to examine the items in Exhibit 1 as well as auditors’ perception of the following issues found in SAS 99:

• Changes in auditor responsibilities
• Changes in audit procedures
• Increases in auditor liability
• Increased fraud risk factors
• Changes in auditor or client interaction
• Changes in clients’ and the public’s attitude
• Collusion and management override of controls
• Documentation changes
• Whether the auditor must more actively search for signs of fraud.

The questionnaire was sent to a random sample of 300 Wisconsin CPAs selected from the membership of the Wisconsin Institute of CPAs, which included 150 partners and 150 managers from Wisconsin public accounting firms. The response rate was 35%, with an almost equal balance of partners and managers.

Respondents were asked to rate each of the 29 statements in the questionnaire on a scale from 1 to 5, with 1 representing that the respondent strongly agreed with the statement, while 5 represented that the respondent strongly disagreed. If any significant differences existed between the responses provided by the partners and by the managers, a statistical t-test was conducted for each question. The results were grouped and presented in the following five categories: auditor responsibility; client interaction and public opinion; fraud risk factors and audit effectiveness; workpaper documentation; and audit procedures.

Auditor responsibility. The findings show (Exhibit 2) that partners and managers agree that SAS 99 will have an impact on auditor responsibility or on third parties’ perceptions of auditor responsibility. The respondents also agree that auditors will likely face more litigation and will be held to a higher standard in court. This may indicate that auditors should not create unreasonable expectations in the investing public and other third parties. The data also indicate that, despite the perceived increase in responsibility, there has been no apparent change in the assignment of audit personnel, although other steps may have been taken to address the increased responsibility.

Client interaction and public opinion. The results with respect to client interaction (Exhibit 3) indicate that there have been changes to how auditors interact with audit clients regarding fraud risk and procedures to identify fraud. Specifically, those surveyed indicated that there is more discussion with the audit committee and that there is more tension in interactions with the client’s personnel. Respondents were neutral regarding SAS 99’s effectiveness in addressing the public’s opinion of the profession and of audited financial statements.

Fraud risk and audit effectiveness. The results on fraud risk and audit effectiveness (Exhibit 4) indicate that respondents are neutral on whether there is increased fraud risk since the issuance of SAS 99. Although SAS 99 directly and implicitly states that auditors should increase their focus on fraud risk factors, the findings imply that the respondents don’t anticipate that SAS 99 will substantially affect audit effectiveness.

Workpaper documentation. The results regarding workpaper documentation (Exhibit 5) show that respondents have increased documentation of procedures regarding fraud detection. SAS 99 mandates increased documentation in certain areas; discussions among members of audit teams, including the mandatory brainstorming session on fraud risk factors for the entity; and documentation of new procedures mandated by SAS 99. Similarly, the aforementioned study by Specht and Sandlin also found that auditors would increase documentation under SAS 99 and, furthermore, thought that increased workpaper documentation of fraud issues would aid a plaintiff in litigation.

Audit procedures. The biggest changes made by SAS 99 affect the implementation of auditing procedures to detect fraud (Exhibit 6). The findings show that there is a moderately increased focus on detecting fraud during the audit, and that the procedures required by SAS 99 are effective. The respondents also moderately agreed that there have been changes in testing, most notably in the area of substantive tests, and that unpredictability in testing has increased. Respondents are indifferent, however, as to whether more unusual transactions are actually uncovered in an audit. The results were neutral with regard to whether there were more frequent or more thorough reviews of prior-year accounting estimates and whether there was an increased use of specialists. Respondents moderately agreed that the review of prior-year accounting estimates revealed increased manipulation by client management.

Once again, these results are consistent with Specht and Sandlin. There was no significant difference in auditor performance in most areas, with the exception of client inquiries (especially the personnel to which they were directed) and discussion among members of the audit team.

Partners indicated a stronger awareness than managers that SAS 99 has prompted auditors to focus on, and subsequently uncover more, unusual transactions.

Increased Responsibility

Overall, the study results indicate that partners have a more positive assessment about SAS 99’s effect on auditors’ perceived responsibility to detect fraud in a financial statement audit than managers do. Both partners and managers, however, perceive that overall audit responsibility has increased, along with accountability and liability exposure. The overall assessment indicates that the changes to audit procedures due to SAS 99 will moderately increase the effectiveness of audits, but may not increase the public’s confidence in audits.