detailed notes from meetings , emails and copies of relevant financial and performance reports .
The audit firm seeks guidance from its legal team and consults with external experts in medical technology and fraud detection to understand the implications and appropriate actions . John ensures that all actions taken align with professional auditing standards and the International Ethics Standards Board for Accountants ( IESBA ) Code of Ethics .
The audit firm decides to perform additional audit procedures , including more in-depth testing of the technology and financial transactions . An independent review by specialists in medical technology and forensic accounting is initiated to validate the findings .
The audit firm communicates its concerns and findings to Theranos ’ management and the audit committee and recommends immediate corrective actions .
Depending on the severity and the response from Theranos , the audit firm may consider disclosing the matter to regulatory authorities such as the SEC and FDA . The audit firm has a policy to protect employees who report non-compliance . John is assured of protection against any retaliation for his disclosures . He ensures that information is shared only with those who need to know , balancing the duty of confidentiality with the requirement to act in the public interest .
In this hypothetical audit , the hope is that the NOCLAR rules would cause an independent review and additional audit procedures confirming significant fraud and misrepresentation in Theranos ’ technology and financial performance .
Regulatory authorities , informed by the audit firm ’ s findings , take appropriate action against Theranos , including fines , sanctions and criminal charges against responsible executives . The audit firm issues a modified audit opinion , clearly stating the identified issues and the potential impact on financial statements . The case serves as a wake-up call for the entire industry , leading to stricter regulations and oversight in medical technology and financial reporting .
The problem with this example can be at the beginning and all the processes along the way . The client was infamous in their secrecy and were zealots in litigation against dissenters . The identification and assessment would probably fool John in the accuracy . Theranos had investors in that took blood samples and watched them go into the machine , then ate lunch and came back for the results from the machine after lunch . In the meantime , the blood was taken out and run on different machines in the basement . The right answer was given to the investors .
If John was included or had a demo like this , there would be nothing that came to his attention . In reality , Theranos did not have audited financials since the audit firms had concluded that the books and records were not ready for an audit . Not having an audit did not stop this type of fraud .
In a standard audit , John would not be a Columbo-type investigator with a notepad wandering around the company asking key questions to find out from divergent responses what the likelihood that the client is lying about the efficacy of their product . The auditor would be out of the scope of their technical expertise and would not have the time and budget to fund this type of investigation .
Example No . 2 : Wells Fargo Based on what has been reported there was a history of fraudulent account creation and a problematic culture of noncompliance with rules and regulations with the bank .
The whistleblower lines showed the issues to the client and the client defended its high number of issues by saying that they encouraged reporting . The outside auditor saw the noncompliance and made the professional judgement that Wells Fargo Bank was working on fixing the isolated problems .
The idealistic goal is that this noncompliance would have been sorted out by the auditor escalating it or refusing to complete the audit . Historically , if the auditor made a professional judgement based on management ’ s representations that it only had a minor impact , then why would the outcome be different after implementing NOCLAR ?
The management and audit committee may show the plan for sorting out the issues and the auditor consider this a normal business issue . There are no perfect businesses that have perfect compliance on all matters . The auditor is always looking at a business that is a work in process with shifting priorities and strategic challenges .
Conclusion Companies can have compliance officers and fill out checklists and answer inquiries regarding their compliance with rules and regulations . These additional procedures will increase cost and time for the company to complete and increase administrative burden for any new products or operation expansions . The cost of the audit and the time frame for reporting would increase . And the burden on the auditors may accelerate the number of CPAs retiring and deter more potential accounting candidates from the audit field .
One of the challenges with the NOCLAR interpretations is the auditor ’ s requirement to address and resolve noncompliance issues . Historically this was not clearly an auditor ’ s responsibility outside the scope of being a CPA .
Legal and regulatory compliance outside of the financial statements is outside of the auditor ’ s professional competence and would require outside experts . In addition , the auditor relies on the company for disclosure of legal and regulatory issues and the magnitude of the potential financial outcomes .
The outside auditor can test for reasonableness , but businesses fail all the time for inherent risks that they did not attend to properly or just changes in the economic environment . Having an outside financial audit does not guarantee that the business does not have fraud or other problematic issues with their products or processes . The NOCLAR interpretations burden the outside auditor with responsibilities that properly belong to the company .
Suzan Dennis , CPA is managing partner at Dennis & Dennis , LLP , CPA . You can reach her at suzanden @ aol . com . www . calcpa . org OCTOBER 2024 CALIFORNIA CPA 17