The near-impossible standard for showing auditor fraud
A couple weeks back, Dena Aubin of the Reuters tax team had a very insightful story about the risks auditors face as more countries permit some form of mass shareholder litigation. With class actions or their like now permitted in more than 20 countries, Aubin said, auditors’ structural firewall – in which national operating units are legally isolated from each other and from the parent firm – isn’t as liability-proof as it once seemed. Aubin cited Ernst & Young’s recent $118 million settlement of a Canadian class action stemming from its audits of the collapsed Chinese forestry company Sino Forest as a possible preview of what’s in store for the Big 4 accounting shops, thanks to a surge in international litigation. Their potential exposure is so large, according to Aubin, that commercial insurers no longer offer affordable liability coverage to audit firms, which have shifted to a self-insured model.
That’s outside of the United States, though. In this country, Aubin found, shareholders rarely even bother to name audit firms as defendants in class actions: Only two securities class actions filed in 2012 made claims against top audit firms. And if you want to know why, read U.S. District Judge Shira Scheindlin’s 72-page opinion Monday dismissing allegations that the Chinese unit of Deloitte Touche failed investors in its audits of the Chinese financial software firm Longtop Financial Technologies, which admitted in 2011 to cooking its books and was subsequently sued by the Securities and Exchange Commission. Scheindlin concluded that Deloitte may have been lazy, at worst, but under U.S. laws and accounting standards, the audit firm should be considered a victim of Longtop’s fraud, not an abetter of it.
What’s unusual in this case, as Scheindlin explained, is that shareholder lawyers from Grant & Eisenhofer andKessler Topaz Meltzer & Check had more evidence than plaintiffs usually get in securities class actions. The judge had previously refused to dismiss claims against Longtop’s CFO, who then had to produce millions of pages of documents and emails to shareholders. They argued in an amended complaint that evidence obtained from the CFO showed that Deloitte had red-flag warnings of Longtop’s internal control problems, misreporting of revenue and underpayment of social welfare obligations. The audit firm, plaintiffs claimed, confronted Longtop officials about some of the issues but never disclosed problems to investors. In a brief opposing dismissal of their claims, the plaintiffs said Deloitte “chose the path of least resistance” and abdicated “its corporate watchdog responsibilities.”
Deloitte’s lawyers at Sidley Austin contended that the new discovery only bolstered their arguments that the audit firm performed dutifully but was duped by its client. The CFO’s documents showed that the firm asked the proper questions and demanded answers, Deloitte said, which it wouldn’t have done if it had the requisite fraudulent intent to mislead investors.
Scheindlin agreed. To meet the standard for scienter, she said, shareholders would have had to show Deloitte’s audits were so deficient that they fell outside any acceptable bounds. It’s easy in retrospect, she said, to say that an audit firm should have followed up on one concern or another, but U.S. laws require evidence that fraud is the most plausible explanation for an auditor’s failures. As long as the auditor can offer an equally reasonable explanation for its conduct, it’s off the hook.
“Once fraud has been revealed, it is always obvious which audit procedures would have revealed the fraud earlier, and resistance to those audit procedures always appears suspicious,” Scheindlin wrote. “To suggest that every available audit procedure must be conducted, though, is unrealistic. Time and money are limited, and information comes at a price. Subject to these constraints, auditors and their clients must necessarily decide whether it is cost-effective to perform audit procedures that are not required.” In that context, the judge said, Deloitte’s decision to skip an audit procedure that may have been warranted by Longtop’s dubious behavior but was not required “leads to an inference of, at worst, laziness, but not recklessness.”
Indeed, the judge said, the more compelling inference is that Longtop deceived Deloitte along with everyone else. And that, she said, is precisely why U.S. law is so seemingly deferential to auditors. “In the final analysis, the present allegations could have been drawn from the auditing engagements of any of a thousand reputable companies,” she wrote. “Plaintiffs argue, at core, that identifying risk factors at a company ultimately discovered to be engaged in fraud should expose auditors to legal liability. But this is not the law…. Plaintiffs’ argument would vitiate (the Exchange Act) by exposing an auditor to liability when that auditor identifies risk factors at a company later found to be engaged in fraud, but fails to catch its fraud.”
Deloitte is still feeling some repercussions of its work for Longtop. The SEC filed an enforcement action against the firm in 2011, seeking documents from the Chinese branch. Deloitte has said it is barred from doing so by Chinese secrecy laws, but the SEC revived its document demands in December.
Shareholder lawyer Daniel Berger of G&E told Andrew Longstreth of Reuters that he was disappointed with Scheindlin’s ruling. He didn’t return my call for comment; nor did Deloitte counsel Gary Bendinger of Sidley.
For more of my posts, please go to Thomson Reuters News & Insight