Certified Public Accountants (CPAs) provide three standard levels of attest-type services for their clients. These three engagements include: 1) a compilation, 2) a review, and 3) an audit. A compilation is the least expensive service, and provides clients with the lowest level of assurance. A review is a mid-level service that will cost more and provide an incrementally higher level of assurance. An audit is the highest level of common attest-type service.
Under the standards promulgated by the American Institute of CPAs (AICPA), neither a compilation nor a review is designed or required to detect internal fraud or embezzlement. For example, the relevant review engagement standard includes the following terms:
- Management is responsible for designing, implementing, and maintaining internal control relevant to the preparation and fair presentation of the financial statements.
- Management is responsible to prevent and detect fraud.
- A review is substantially less in scope than an audit . . . A review does not contemplate obtaining an understanding of the entity’s internal control; assessing fraud risk . . .
- The engagement cannot be relied upon to disclose errors, fraud, or illegal acts. (AR § 90.04.)
The CPA’s engagement letter should, and in most instances does, include the language above. Despite the seemingly unambiguous allocation of fraud detection to the client, and not the CPA, clients are still apt to sue an accountant who performs a compilation or review and fails to detect internal fraud, embezzlement, or defalcation.
Unfortunately, an unsophisticated jury may view the CPA as the expert, and thereby assign higher expectations than those called for in the engagement letter and AICPA standards. Thus, summary judgment is the preferable tool for disposing of this type of claim.
In California, unfortunately, there is no published case directly addressing the issue. This means the defense must rely on out-of-state decisions.
Out of state courts regularly reject this type of claim. In Italia Imports v. Wiesberg & Lesk (1995) 220 A.D. 226, for example, the unambiguous language of the compilation engagement letter between plaintiff, Italia Imports, and the defendant accounting firm expressly disclaimed any duty to discover wrongdoing or defalcations. Italia Imports sued its accounting firm to recover money embezzled by its bookkeeper. The court affirmed the defendant’s summary judgment motion because the engagement letter disclaimed any duty to discover fraud. (Id. at 226).
The West Virginia case of First National Bank of Bluefield v. Crawford (1989) 182 W.Va. 107 provides an in-depth analysis of the viability of language limiting a CPA’s duty in low level attest-type services. First National recognizes there are several types of accounting audits, with differing degrees of professional investigation to be laid out in the corresponding contract’s limiting language (or “disclaimer”). (Id. at 110-111.) From here, the First National court explains, “with two general exceptions, courts have recognized the validity of such statements in weighing the accountant’s duty.” (Id. at 111.) The first exception applies when an accountant relies on a general statement to disclaim liability for acts the accountant otherwise agreed to perform. The case of Ryan v. Kanne (1969) 170 N.W.2d illustrates this exception as follows:
If, therefore, a party limits the investigation of an independent accountant . . . the accountant can note this in his report and thus limit the basis upon which an aggrieved party can obtain relief against him. It would at least indicate, as to certain items of a financial statement, that the accountant may thus escape liability for negligence if he does not certify the audit. As to other items which he agreed to and states he did investigate, but did not, we hold the lack of certification will not absolve him from liability. (Id. at 404.)
In other words, an accountant cannot use general disclaimer language to escape liability for work he agreed to perform, but an accountant also cannot be held liable for failing to perform work the parties agreed he would not perform. In seeking summary judgment based on engagement terms excluding fraud detection from the list of a CPA’s duties, the defense relies on contract language delineating the work the parties agreed the CPA would not perform. Thus, the CPA does not rely on exculpatory language to escape liability for work it agreed to perform. As a result, the first exception does not apply. The second exception to the general rule occurs when, regardless of the nature of work the accountant undertook, the CPA actually discovers a materially false matter and fails to disclose it to the client. (First National, supra citing to United States v. Natelli (1976) 425 U.S. 934.) If the CPA actually discovers a materially false matter and fails to disclose it to the client, he will not be able to avoid liability via summary judgment. This, however, is not usually the case in a defalcation matter.
In summary, an accountant typically cannot be held liable for failing to perform work the parties agreed he would not perform. Thus, out of state CPAs who performed one of the two lesser attest-type services are often entitled to summary judgment in cases alleging failure to internal detect fraud.
Application to California
While the above cases may be cited in California trial court motions, they operate as persuasive authority but are not binding on the court. In other words, California state trial judges may ignore the out of state cases cited above. As a result, a creative plaintiff’s attorney may avoid summary judgment. Until the state appellate courts publish a decision on the matter, CPAs in California may be subject to liability for failure to detect fraud even when performing low level attest-type services.
ABOUT THE AUTHOR: Mr. Felderman is a graduate of University of Iowa School of Law. He specializes in general liability, professional liability, and business litigation. Contact him at firstname.lastname@example.org.
Download Article Here: Can California Auditors be Held Liable for Failing to Detect Fraud When Performing a Review?