Chapter 20
Legal Liability
McGraw-Hill/Irwin
Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
Intro
Historical Perspective
Claims against
auditors were
relatively uncommon
before the 1970’s.
1970
Global credit crisis leads to
the Dodd-Frank Act of 2010
and increases scrutiny into
auditing profession again.
The recession of 1990-1992
led to another upsurge in
litigation against auditors.
1980
Due to a slump in the economy
in the early 1970’s and the
recession of the 1980’s, it
became more common for
auditors to be sued.
1990
2002 2010
Due to several high-profile
frauds, Congress refocused
attention on auditors in the
Sarbanes-Oxley Act of 2002.
20-2
Largest CPA firm payouts in recent class actions
Company
CPA firm
Settlement
Year filed
Cendant Corp.
Ernst & Young
$633,500,000
1998
Adelphia
Deloitte & Touche
$367,500,000
2002
Tyco International
PwC
$225,000,000
2002
Baptist Foundation of
Arizona
Arthur Andersen
Parmalat Finanziaria Deloitte & Touche
$217,000,000
$157,500,000
1999
2004
HealthSouth Corp.
Ernst & Young
$142,500,000
2002
Superior Bank FSB
Ernst & Young
$125,000,000
2002
Rite Aid Corp.
KPMG
$125,000,000
1999
Lernout & Hauspie
Speech Products
KPMG
$115,000,000
1999
Sunbeam Corp.
Arthur Andersen
$110,000,000
1998
Enron Corporation
Arthur Andersen
$105,500,000
2001
LO# 2
One way to classify law is common law vs. statutes
Two Classes of Law
Common Law
Statutory Law
Case law
developed over
time by state court
judges
Statutes enacted
by Congress,
interpreted by
federal judges
20-4
Another way to classify law: severity of outcome for auditor
Note: in most financial reporting lawsuits, auditor is one of
several defendants





Least severe: auditor not defendant
More severe: auditor defendant in private lawsuit but
avoids paying anything
Still more severe: auditor defendant in private lawsuit and
has to pay to settle it
Even more severe: auditor defendant in government
(usually the SEC) civil lawsuit
Most severe: auditor defendant in criminal prosecution (in
the US, usually the Justice Department)
Another way to classify law:
who the auditor is liable to
 The
auditor might be liable to who
engaged the auditor (usually, but not
always, the company that is audited)
 The auditor might be liable to users
(called 3rd parties) of the financial
statements.
– Here is where auditor liability is unique,
as we will learn
LO# 2
Overview
20-7
LO# 2
Overview
20-8
LO# 3
Common Law—liability to who engaged the auditor
Since there is an agreement, there can be contract
liability as well as tort liability
Requires Due
Care
Bottom line: if auditor
performs with due care
he is not liable, if not,
he is liable.
Types of Liability
to the Client
May be held liable
for breach of
contract (contract
law)
•Negligence
•Gross negligence
•Fraud
•These are all
genres of tort
law
20-9
LO# 3
Breach of Contract (liability to company that
engaged the auditor)
The contract, law, and
GAAS determine what
defines “due care.”
20-10
LO# 3
Negligence (liability to company
that engaged the auditor)
Requires Due
Care
If an engagement is
performed without due
care, the CPA may be
held liable for an
actionable tort in
negligence. Tort law –
and GAAS - defines
what is “due care.”
20-11
Common Law Negligence: liability of auditor to company LO# 3
that engaged the auditor
Company must prove, inter alia, that the
behavior of the auditor constitutes a lack of
due care. Different courts use different
language, but #1 is the easiest for the
company to prove, since it is just barely a
lack of due care. #2 is harder to prove, and
#3 is the hardest to prove.
1. Ordinary negligence or negligence
2. Gross negligence, recklessness or statutory fraud.
3. Actual fraud or knowing fraud.
20-12
LO# 3
Common Law Negligence: Client
Auditor’s
Defense
1. No duty was owed to the client.
2. The client was negligent.
3. The auditor’s work was performed in accordance with
professional standards.
4. The client suffered no loss.
5. Any loss was caused by other events.
6. The claim is invalid because the statute of limitations has
expired.
20-13
Common law liability to 3rd party users of financials


As noted above there’s only tort law liability to
3rd party users of financials (there’s no contract
so there’s no possible breach of contract)
We also noted there are 3 severity levels of bad
(less than due care) auditor behavior. #1 is
easiest for 3rd party users to prove against an
auditor, but in a traditional 3rd party “privity” or
Ultramares state, e.g. New York, if that is all that
3rd party users can prove against the auditor,
they lose and the auditor wins (not liable).
1. Ordinary negligence or negligence
2. Gross negligence, recklessness or statutory fraud.
3. Actual fraud or knowing fraud.
LO# 4
Common Law - 3rd party Ordinary Negligence / Negligence
Four approaches for 3rd Parties: Privity or
Ultramares is arguably the most important ,
because it is the original approach and it is what
New York uses. Know how to apply it. Simply
know that the other 3 approaches exist.
Privity
Near Privity
Foreseen
3rd Parties
Reasonably
Foreseeable
3rd Parties
20-15
LO# 4
Common Law—3rd Parties
Negligence
Third Party
Must Prove
1. The auditor had a duty to the plaintiff to exercise due care.
2. The auditor was worse than negligence or ordinary
negligence (i.e. committed gross negligence, recklessness,
constructive fraud, actual fraud or knowing fraud).
3. The auditor’s breach of due care was the direct cause of the
3rd party’s injury.
4. The 3rd party suffered an actual loss as a result.
20-16
LO# 4
Common Law—3rd Parties
Negligence
Auditor’s
Defense
1. Auditor’s behavior was not worse than negligence or ordinary
negligence.
2. The 3rd party was negligent.
3. The 3rd party suffered no loss.
4. Any loss was caused by other events.
5. The claim is invalid because the statute of limitations has
expired.
20-17
LO# 4
Fraud - 3rd parties
If an auditor has
acted with
knowledge and
intent to deceive a
third party, he or
she can be held
liable for fraud.
20-18
LO# 4
Fraud – 3rd parties
Third Party
Must Prove
1. A false representation by the CPA.
2. Knowledge or belief by the CPA that the representation was
false.
3. The CPA intended to induce the 3rd party to rely on the false
representation.
4. The 3rd party relied on the false representation.
5. The 3rd party suffered damages.
20-19
LO# 5
Statutory Liability
Two major federal statutes provide
sources of statutory liability for
auditors:
The Securities Act
of 1933
The Securities
Exchange Act of
1934
20-20
LO# 5
Securities Act of 1933
Only applies re an offering of securities.
Could be an IPO or could be
A secondary or other kind of offering
20-21
Securities Act of 1933 – auditor’s worst liability exposure toLO# 5
3rd parties because a) very little must be proved, b) no
privity defense allowed, and c) auditor has burden of proof
that he performed with due care (“due diligence defense”)
3rd Party Must Merely Prove
1. The 3rd party suffered losses by investing in the registered
security.
2. The audited financial statements contained a material
omission or misstatement.
20-22
Securities Exchange
Act of 1934
LO# 6
Applies to offerings plus ongoing reporting (e.g. 10K
or 10Q) by public companies.
Section 10(b) and Rule 10b-5 are the greatest source of
liability for auditors under this act.
20-23
LO# 6
Securities Exchange Act of 1934
3rd Party Must Prove
1. A material, factual misrepresentation or omission.
2. Reliance on the financial statements.
3. Damages suffered as a result of reliance on the financial
statements.
4. Scienter (gross negligence or recklessness is enough).
• If 3rd party proves auditor committed knowing fraud then auditor
faces joint/several liability instead of proportionate liability
• This means that the auditor could have to pay all the money, if
the lawsuit is lost, instead of just his proportionate share
20-24
LO# 9
SEC and PCAOB Sanctions
Suspend
Practicing
Privilege
Impose
Fines
Remedial
Measures
20-25
LO# 10
Foreign Corrupt Practices
Act (FCPA)
Passed in 1977 in response to the discovery of
bribery and other misconduct on the part of
more than 300 American companies.
An auditor may be
subject to
administrative
proceedings, civil
liability, and civil
penalties.
20-26
LO#
Criminal Liability
8 & 12
Auditors can be held criminally liable under the laws
discussed in the previous section. Criminal prosecutions
require that some form of criminal intent (mens rea) be
present.
•Criminal prosecutions of auditors are rare. In a recent
study I did of the Big 5, with 1169 lawsuits filed 2001-2008,
the auditor was criminally prosecuted in only 7:
•BAWAG (KPMG)
•Finance Credit (KPMG)
•Parmalat (Deloitte & Touche)
•American Tissue (Arthur Andersen)
•Peregrine Systems (Arthur Andersen)
•Enron (Arthur Andersen)
•NextCard (Ernst & Young)
20-27
End of Chapter 20
20-28