Chapter 5Legal Liability

Presentation Outline

I. Preliminary Legal Concepts

II. Common Law and the Auditor

III. Statutory Law and the Auditor

IV. Profession’s Response to Legal Liability

V. Protecting Individual CPAs from Legal Liability

I. Preliminary Legal Concepts

A. Distinguishing Between Failures and Audit Risk

B. The Expectations Gap

C. The Prudent Person Concept

D. CPA Liability

A. Distinguishing Between Failures and Audit Risk

Business failure occurs when a business is unable to repay its lenders or meet the expectations of

investors because of economic or business conditions.

Audit risk represents the risk that the auditor will conclude that the financial statements are fairly

stated when in fact they are materially misstated. Audit failure occurs when the auditor issues an

erroneous audit opinion as a result of failing to comply with GAAS.

B. The Expectations Gap

Many financial statement users believe that auditors guarantee the accuracy of financial

statements, and some even believe that an auditor guarantees the financial viability of the client’s

business. Most auditors believe that the conduct of an audit

in accordance with GAAS is all that can be expected of auditors.

In most cases, courts continue to support the auditor’s view.

C. The Prudent Person Concept

A person offering service is understood as holding themselves out to the public as possessing the

degree of skill commonly possessed by others in the same employment, and if the pretentions are

unfounded, commits a species of fraud upon every person who employs them.

A person is liable for negligence, bad faith, or dishonesty, but not for losses resulting from pure

errors of judgment.

D. CPA Liability

Joint and Several Liability

The assessment against a defendant for the full loss suffered by the plaintiff, regardless to which other

parties shared in the wrongdoing.

Separate and Proportionate Liability

The assessment against a defendant caused by the

defendant’s negligence. For example, if 30% of plaintiff

loss is due to misstated financials an accountant

would only be held liable for the 30%.

For lawsuits in state courts, state law determines which approach to damages applies. When lawsuits are brought under federal

securities laws, the separate and proportionate approach will apply except in cases where it can be shown that the CPA knew or

participated in the fraud.

II. Common Law and the Auditor

A. Common Law DefinedB. Sources of Auditor Liability to Clients

Under Common Law

C. Common Law Burden of Proof

E. Auditor Defenses Under Common Law

D. Auditor Liabilities to Third Parties

A. Common Law Defined

Common law refers to unwritten or case-made law that evolves from prior or precedent cases.

It is state dependent meaning that different laws can be applied under common law in

different states.

B. Sources of Auditor Liability To Clients Under Common LawSuit in Contract is based on privity and the auditors alleged breach of the agreement

(usually the engagement letter). This source does not apply to third parties (nonclients).

Suit in tort is based on negligence, gross negligence, or fraud.

B1. The Meaning of Negligence

Negligence is a failure of a CPA to use due professional care. It is also known by the

names simple negligence and ordinary negligence.

B2. The Meaning of Gross Negligence

1. The CPA made a representation about a material

fact with lack of reasonable support.

2. The purpose of the representation was to induce

reliance by another.

3. The representation was relied on by the client or

third party.

4. The reliance caused damages to the client or third

party.

B3. The Meaning of Fraud

Fraud contains the following items:

1. False representation

2. Knowledge of a wrong and acting with the intent to deceive

3. The intent to induce reliance

4. Justifiable reliance

5. Resulting damages

B4. A Comparison of Terms

Negligence v. Gross Negligence

Difference is a matter of degree. Negligence is failure to exercise due

care. Gross negligence is a

reckless departure from the standard of

due care.

Gross Negligence v. Fraud

Fraud is different from gross negligence in

that there is an intent to deceive.

C. Common Law Burden of ProofIn order to hold the auditor liable for substandard auditing, the client must prove:

1. The CPA has a duty of care to the client.

2. The CPA has breached the duty of care.

3. The client suffered damages.

4. The damages were caused by the CPA’s breach of the duty of care.

D1. Auditor Liability to Third Parties (Nonclients) – Traditional Rulings

Ultramares Corporation v. Touche

decided in 1931 in New York.

The Ultramares doctrine holds that ordinary negligence is insufficient for liability to third parties because of lack of privity of contract between the third party and the auditor, unless the third party is a primary beneficiary. However,

liability to more general third parties will exist if the the third plaintiff can establish gross negligence or fraud. Many courts have broadened the Ultramares doctrine by introducing the

concept of a forseen user. Three views have emerged regarding the concept of forseen users.

D2. Views on Auditor Liability to Third Parties

Restatement of Torts Rule

Forseen users must be members of a reasonably limited and identifiable group of users that have relied on the CPA’s work, such as creditors, even though those persons were not specifically known

to the CPA at the time the work was done.

Current movement is away from the forseeable users approach. There may be some movement toward the Credit Alliance ruling.

Credit Alliance

(1) Auditor must know and intend that the work product be used by the plaintiff third party for a specific purpose. (2) The knowledge

and intent must be evidenced by the auditor’s conduct.

Forseeable Users

Any users that the auditor should have reasonably been able to forsee as being likely users of financial statements have the same

rights as those with privity of contract.

E. Auditor Defenses Under Common Law

2. The engagement was performed using reasonable care and skill, and in accordance with GAAS.

4. The client was contributively negligent. Note that is defense is not viable against third party plaintiffs

since they are not in a position to misstate the financial statements.

3. There is no connection between the client’s loss and the CPA’s actions.

CPA may use the following defenses under common law:

1. There was a lack of duty to perform the service.

III. Statutory Law and the Auditor

A. Statutory Law Defined

C. Liability to Third Parties (Nonclients) Under the Securities Acts

D. Criminal Procedures and Defenses

B. The Sarbanes-Oxley Act

A. Statutory Law Defined

Statutory law refers to written law as established by federal or state legislative

bodies.

B. The Sarbanes-Oxley Act

The Sarbanes-Oxley Act provides for fines and imprisonment of up to 20 years for altering or destroying documents to impede an official investigation. (See Figure 5-9 on page

122)

C. Liability to Third Parties (Nonclients) Under the Securities Acts

The Securities Acts signficantly extended the CPA’s liability to third parties beyond the bounds of common law.

Securities Act of 1933 (1933 Act) regulates the initial offering and sale of securities through the mails and other forms of interstate commerce. Only protects original purchaser of securities.

Securities Exchange Act of 1934 (1934 Act) deals primarily with trading in previously issued securities.

C1. Plaintiff’s Burden of Proof Under the 1933 Act - Section 11

1. The security was part of the offering of shares covered by the registration statement.

2. The registration statement was false or misleading or omitted material information that should have been included.

C2. Auditor Defenses under the 1933 Act - Section 11

Third-party users do not have the burden of proof that they relied on the financial statements or that the auditor was negligent or fraudulent in doing

the audit. The auditor has the burden of demonstrating as a defense that:

An adequate audit was conducted in the circumstances or

all or a portion of the plaintiff’s loss was caused by factors other than the misleading financial

statements.

C3. Plaintiff’s Burden of Proof Under the 1934 Act – Rule 10b-5

1. The materiality of the alleged false, misleading, or omitted statement.

2. The CPA’s knowledge of the statement. Although not the current trend, earlier cases considered poor judgment to be equivalent to knowledge.

3. The plaintiff’s reliance on the statements.

4. Actual damages sustained as a result of such reliance.

C4. Auditor Defenses under the 1934 Act – Rule 10b-5

1. CPA’s conduct does not include scienter. Scienter is “a mental state embracing intent to deceive, manipulate or defraud.”

2. The engagement was performed using reasonable care and skill, and in accordance with GAAS.

4. There is no connection between the client’s loss and the CPA’s actions.

3. There was a lack of duty to perform the service.

D. Criminal Procedures and Defenses1. In a criminal action, the U.S. Justice Department or

the state attorney general files suit as the plaintiff.

2. Plaintiff does not need to establish damages, only that a statute has been violated.

3. Plaintiff must establish beyond a reasonable doubt that the auditor knew they were acting criminally.

4. Primary defense is “good faith” meaning that the audit complied with GAAP and GAAS, and there was no willful knowledge of criminal acts.

IV. Profession’s Response to Legal Liability

Auditing research in regard to errors, fraud, and

auditor independence. Standard setting to meet

changing needs. Peer review to identify

deficiencies in meeting standards.

Oppose unwarranted lawsuits.

Lobby for changes in laws to protect accountants.

V. Protecting Individual CPAs from Legal Liability

Deal only with clients possessing integrity. Understand the

client’s business. Document the work

properly. Exercise professional

skepticism.

The Legal Environment of the Auditor

Statutory law

Common law

Negligence

Gross negligence

FraudSecurities laws

Criminal liability

Illegal Client Acts