Managing Your Firm’s Risk

IMGCAP(1)]Arthur Andersen’s shredding of documents relating to the Enron audit may be the poster child for what not to do when it comes to document retention policies.

As a result of the premature shredding of documents relating to the Enron audit — the infamous energy company whose deceptive accounting practices destroyed more than $11 billion in shareholder value — Arthur Andersen was convicted of obstruction of justice and prohibited from further auditing American clients by the Securities and Exchange Commission. The Enron scandal drastically reduced Arthur Andersen’s credibility internationally, ultimately forcing the accounting firm to dissolve.

How does an accounting firm avoid this fate? A few preventative maintenance and risk management measures can help protect an accounting firm in the event of a corporate scandal.

1) Do not adopt principles that ultimately render financial statements misleading. A company’s financial statements are useless if they are misleading. According to the American Institute of CPAs, it is generally assumed that adherence to officially established accounting principles results in financial statements that are not misleading. However, AICPA Rule 203.02 states that because there are certain instances in which “the literal application of pronouncements on accounting principles would have the effect of rendering financial statements misleading…the proper accounting treatment is that which will render the financial statements not misleading.” In general, GAAP should be employed during audits, but rigid adherence should not be maintained when doing so would distort the true meaning of the financial statements.

2) Implement an Explicit Documentation, Document Retention and Destruction Policy. The Rules of the New York State Board of Regents, Section 29.10, require accountants to prepare their work product in such a fashion that another accountant or auditor, who is unrelated to the project, can understand how specific results were achieved. Thus, an auditor reviewing an audit should not have to engage in guesswork or make any speculations as to how the auditing accountant performed the audit. Everything should be laid out plainly for a “reviewer with relevant knowledge and experience.”

Arthur Andersen encountered trouble not only because it did not retain its auditing documents, but because it consciously destroyed important documents. Section 29.10 requires that accounting firms have a written policy regarding the retention of their work product. This policy must explicitly recite the authorization process for the destruction of work product, and at what time the work product may be destroyed. The Securities and Exchange Commission, through its adoption of Section 802 of the Sarbanes-Oxley Act, mandates that firms retain relevant documents containing conclusions regarding, and analyses of, audited financial statements.

Not only is this the law, it is sound policy for an accounting firm to have an unambiguous file retention policy. If an accounting firm performed an audit to the applicable standards, the auditing documentation will reflect that. This documentation can be available to any federal investigative authorities, and generally displays the appropriateness of an audit.

Although retaining work product verifies the basis for the audit, not all items necessarily need to be retained under a document retention policy. For example, certain irrelevant documents might be dispensed with, including duplicates of documents, insignificant voice mail messages, completed to-do lists, certain review notes, and superseded drafts of memoranda, financial statements or regulatory filings. However, if a firm becomes aware that a legal or disciplinary action might be taken, or is pending, with regard to any regulatory investigation, the firm should immediately suspend the destruction of any documents. This is true regardless of the firm’s file retention policy.

A retention policy regarding work product is key to risk management. Further, specific destruction of irrelevant documents, pursuant to a document retention policy, may be appropriate; however, the firm should first check with its local laws and legal counsel, as appropriate.

3) Avoid conflicts of interest. An accounting firm that performs audits must be independent. For example, New York’s Regents Rule Section 29.10 prohibits a firm from sharing income from an audit with an officer or affiliated executive board member of the corporation that’s being audited. Sharing income with a member of the board of a corporation your firm is auditing raises the appearance that the accounting firm is being improperly influenced in its audit. Additionally, if a partner at the accounting firm has or had a direct or indirect financial interest in the corporation that’s being audited for the specified time period, independence has been compromised. Examples of such financial interests would include the partner being a principal stockholder in the enterprise or sitting on the board of directors.

Moreover, accounting firms acting as auditors are required to and should keep their clients’ information confidential. That means that the revelation of “personally identifiable facts, data or information obtained in a professional capacity without the prior consent of the client” is specifically prohibited. Breaching your client’s confidentiality is unprofessional, as defined by the Regents Rules, Section 29.10.

Eliminating all risk is impossible. However, with careful planning, risk management, adherence to state and federal laws, and professional standards, risk exposure can be better managed.

Thomas Cronmiller, a partner with the law firm of Hiscock & Barclay, is an experienced trial lawyer who has tried a variety of cases to verdict. He has also handled appeals in both federal and state courts. His practice focuses on products liability, complex personal injury, commercial litigation and professional liability litigation, including medical malpractice, accounting malpractice and directors and officers liability. He is the practice group leader for the Torts & Insurance Primary Practice Group and serves as chair of the Torts & Products Liability Defense Practice Area.

For reprint and licensing requests for this article, click here.
MORE FROM ACCOUNTING TODAY