Main Body

Accountant’s Legal Responsibilities and Liability

Being an accountant requires a strong moral compass.  To guide professionals in ethical decision making, accountants have significant responsibilities under various ethical codes of conduct.   Accountants are part of the internal control system of our society.  Auditors serve the public interest.  Tax professionals serve their client, but only within the framework of tax law, thus ensuring compliance with the laws and values that support public services.  Management accountants and internal auditors serve their employers with objectivity and competence, while also ensuring compliance with all laws and regulations.

When investors, creditors, regulators and other stakeholders suffer losses, they often ask “where were the auditors and accountants?”  As those stakeholders seek to recover their losses, they will commonly pursue the accountants who they feel let them down.  Accountants can have significant criminal and civil liabilities.  Whenever accepting a new assignment or engagement, the professional accountant must evaluate their legal responsibilities and potential liability.


Losses and Liability can be Large

When the losses incurred are large, the resulting liability is proportionally large.  The losses incurred when there is a financial statement fraud, such as the one at Enron, can be among the largest losses in our society.  As a result, the liability for those losses can also be among the largest in our society.  The liability of independent CPAs can often exceed the malpractice liabilities of physicians, attorneys, and other professions.   The investors and creditors will typically sue everyone involved in order to obtain the maximum recovery.  This includes the company (which may be bankrupt), company executives, insurance companies, other companies perceived as aware and supporting the fraud, and the independent auditors.   Of all these parties, it is most often the auditors that pay the largest amounts in damages.

For example, in the case of Baptist Foundation of Arizona, the CPA firm of Arthur Andersen did a poor audit, but was not complicit in the fraud.  Nonetheless, Andersen suffered the greatest financial liabilities, resulting from the fraud.  Their liabilities exceeded the liabilities of those who perpetrated the fraud.

Case in Point – Baptist foundation of Arizona

The Baptist Foundation of Arizona (BFA) was established in 1948 as a non-profit organization to accomplish good social works in the name of the Arizona Southern Baptist Convention.  In the late 1980s and early 1990s, BFA solicited investments from church members, promising a healthy 10% return on investment.  The proceeds were invested in Arizona land, earning a higher rate of return.  The excess returns were used to fund programs such as low income housing, senior housing, and food banks.

The program worked effectively until the real estate collapse of the early 1990s.  Rather than admit the losses to the investors, the promoters covered the losses through a series of schemes that resulted in fraudulent financial statements.

The CPA firm of Arthur Andersen did not catch the fraud and issued “clean” opinions on the annual financial reports.  It was later determined that Arthur Andersen had not followed Generally Accepted Auditing Standards.

The consequences of the fraud were

  • Investors were defrauded of approximately $450 million
  • The two primary perpetrators, BFA’s president and legal counsel, were sentenced to 8 years and 6 years, respectively, in prison and ordered to pay restitution of $159 million each.
  • Arthur Andersen settled with investors for $217 million.


Statutory Law, Regulatory/Administrative Law, and Common Law

Statutory law includes all of the written laws passed by federal, state, and local governing bodies.  This typically includes laws adopted by the legislative branch and signed by the executive branch.  In some cases, the law provides for statutory liability.  In other cases, the law provides for criminal penalties.

Regulatory or Administrative law includes the written regulations, rules, permits, licenses, applications, and administrative hearings or rulings that are adopted by agencies or departments.  For example, in most states the legislature and executive branch enact statutory law covering the practice of accounting.  It then falls to the state’s board of accountancy to enact detailed licensing requirements, as well as regulations, rules, and enforcement actions.

Where there is no written law or regulation, the judicial system reviews cases and makes rulings that become common law.   The civil wrong that the court is asked to correct is known as a tort.  The decisions of the appellate courts and above become written precedents.    These precedents are relied on by courts making later decisions, with the goal of consistent application of common law.  Higher courts are not bound by rulings of lower courts.  When a trial court makes a decision, it will reply on precedents from higher courts.  However, an appeals court may review the rulings of the trial courts and either affirm or overturn the trial court rulings.  In turn, the Supreme Court may review the rulings of the trial courts.  Under common law, accountants may be sued for negligence, gross negligence, or fraud.

Negligence is an unintentional, wrongful act that injures another party.  The conduct of the negligent party falls below the level of conduct that would be expected of a reasonable person.  Negligence is the most common of all torts.  CPAs can be sued by not only their clients, but also by third parties who were injured.  In the case of Baptist Foundation of Arizona (BFA), the client was BFA and the investors were the injured third party.  A common basis for a negligence claim is that the CPA did not exercise due professional care.

Gross negligence is more extreme than simple negligence, in that is an act of willful, conscious, and reckless disregard for the welfare of others.

Fraud requires five elements including (1) a lie or material misstatement of fact that (2) the perpetrator knows to be untrue, (3) with the intent to deceive, and that (4) the victim relies on the erroneous statement which (5) causes the victim to suffer losses.  In some cases, one or more of the five elements is missing, but the court decides that the act still rises to the level of fraud.  This is known as constructive fraud.  There have been cases where courts have decided that gross negligence by a CPA rises to the level of constructive fraud.

Professional accountants are affected by all of these categories of laws.  It is essential that the accountant understand all of their legal responsibilities and potential liability.


Common Law Liability to Clients – Breach of Contract

A CPA is usually in a contractual relationship with a client, in which both parties have obligations to each other.  The CPA promises to provide specified services and the client agrees to pay for those services and cooperate fully.  It is best for a contract to be in writing to reduce misunderstandings and as a basis for enforcement.  However, oral contacts are legal and enforceable.  Express duties are specifically described in the contract.  Although not specifically mentioned in the contract, implied duties are generally assumed by the courts to be an essential element of the contract.  The contract between a CPA and their client is usually in writing and is referred to as an engagement letter.   The engagement letter specifies the services to be provided, time frame, fees, and other essential terms.   It is a contract and is legally binding on both parties. If one of the parties does not fully comply with their obligations under the contract, the other party may seek recovery through a court action.

In order for a client to recover damages, the client must prove all of the following:

  1. The accountant had a duty to perform the contracted tasks with appropriate professional skill, effort, and within professional standards.
  2. The accountant did not fulfill their duties.
  3. The client incurred losses.
  4. The losses incurred by the client were a result of the CPA’s failure to perform.

As a result of the breach of contract by the accountant, the client may recover the amount paid in fees and any actual damages the client incurred.  Punitive damages are not normally recovered in a breach of contract lawsuit, but punitive damages may be awarded under a tort case.


Common Law Liability to Clients – Negligence and Fraud

Negligence is an unintentional, wrongful act that injures another party and is less than the level of conduct that would be expected of an average accountant.  An accountant can be sued for negligence.  In many areas of practice, accountants must make judgments and estimates.  If these judgments and estimates turn out to be incorrect, that does not necessarily mean the accountant was negligent.   Keeping in mind that negligence does not require intent, honest differences and errors may or may not be considered by a court to be negligence.  Professional accountants should keep in mind that their judgments and estimates may be subject to litigation, and they may have to pay a client for damages.   The accountant may have to refund fees and pay actual damages if proven by the client in court.  In more egregious cases of gross negligence or fraud, the accountant may also have to pay punitive damages as punishment.


Common Law Liability to Clients and Third Parties – Compilations and Reviews

Accountants sometimes perform compilations and reviews.  A compilation is a set of financial statements prepared by an independent accountant, without audit testing.  In a review, the independent accountant performs limited verifications, but far fewer than in an audit.  It is possible that a client or third party might misconstrue an accountant’s involvement as an audit.  It is essential that there be no misunderstanding about the nature of the accountant’s services.  An engagement letter should clearly state the nature of the services, point out that no audit services are being performed, and explain how services will be different from and/or less than an audit.

Even when performing services that are not audits, the CPA has an obligation to follow up on issues that come to their attention during the compilation or review.  In the case of 1136 Tenants’ Corporation v.  Rothenberg (1971), the court found the independent accountants liable for damages.  During their regular compilations of financial statements for an apartment cooperative the accountants noted missing invoices.  Had the accountants followed up on the missing documents, they would have uncovered a $130,000 embezzlement committed by the cooperative’s managing agent.   The independent accountant performed compilation services for only 17 months at a fee of $600 per year, but the final judgment against the accounting firm was far greater.


Common Law Liability to Third Parties

We have already established that a CPA is liable to their clients for negligence.  Accountants can also be liable to third parties.  For example, assume that a CPA firm does an audit of a company.  If a bank or investor relies on the financial report, including the auditor’s opinion, can that third party seek to recover damages from the CPA firm?  Generally, yes, the third party can usually successfully sue the CPA firm.  If the third-party plaintiff can prove that the auditors were negligent or committed fraud and they relied on the financial report and incurred losses, they will be able to seek recovery from the CPA firm.

There are some limits for liability to third parties.  A commonly used precedent is the case of Ultramares v. Touch (1931).  The CPA firm of Touche, Niven, & Company was hired to audit the 1923 financial statements of Fred Stern & Co., Inc..  The financial report was released in February 1924 with a “clean” audit opinion.  Based on the certified financial statements, Ultramares made several loans to Stern.  In January, 1925, Stern filed for bankruptcy causing Ultramares to incur losses on the unpaid loans.  Ultramares then filed a lawsuit against Touche, claiming that Touche was negligent and committed fraud in issuing their audit opinion.  The trial court dismissed the fraud case, leaving only a case based on negligence.  On appeal, the court ruled that the auditors can be held liable for ordinary negligence only to any third-parties specifically named in the auditor’s report.  Since Ultramares was not named in the audit report, they were denied any recovery from Touche.

The Ultramares case limited the accountant’s damages only for simple negligence only to third parties named in the auditor’s report.   However, in some states subsequent case law has expanded this liability to extend not only to specifically-named, but also to any potential users that can be reasonably foreseen even if they are not specifically named or known.  For example, if the audit firm can reasonably foresee that the audited financial report will be used to obtain a loan, solicit the sale of stock, etc., then the CPA firm can be liable to those third parties.  This legal theory has only been adopted in a few states.  In most states, the Ultramares decision is still the standing precedent.

The Ultramares case and foreseeable user theory described above apply only to cases of simple negligence.   The courts have generally held that for gross negligence and fraud, the CPA will be liable to all third parties.


Statutory Law Liability to Third Parties under the Federal Securities Act of 1933

The Federal Securities Act of 1933 requires that any company offering securities for sale to investors must file a registration statement with the Securities and Exchange Commission.  That registration statement must include audited financial statements and other information.  The company must also provide potential investors a prospectus, with information similar to the registration statement.

Section 11 of the 1933 Act specifically makes the auditor liable for any material misstatements or omissions in the prospectus and registration statement.   If any investor in the initial offering incurs losses on the security, they can sue the offering company and the auditor.  In a lawsuit under the 1933 Act, the burden is substantially shifted from the investor to the auditor.  The investor only needs to prove that (1) there is a material misstatement or omission in the prospectus, and (2) they incurred losses on the security.  The investor does not need to prove that the auditor was negligent, nor do they have to prove that they relied on the financial report when deciding to invest.

The investor must file their suit within the statute of limitations, which is up to one year after the investor discovered the material misstatement or omission, but no later than three years after the date of the prospectus offering the security.

The auditor’s only defenses are:

  1. The auditors performed their work with “due diligence” and had a reasonable basis for their opinion,
  2. The period allowed in the statute of limitations has lapsed,
  3. The investor knew of the material misstatement or omission, or
  4. The investors’ losses were not caused by the financial statements.

The first defense above is the most commonly used defense by auditors.  The burden of proof is on the auditor to demonstrate that they used due diligence and had a reasonable basis for their opinion.  This is different from most cases, where the plaintiff has the burden of proof.


Statutory Law Liability to Third Parties under the Federal Securities Exchange Act of 1934

The Federal Securities Exchange Act of 1934 regulates

  • all national securities exchanges,
  • the securities traded on national exchanges, and
  • all securities of any company with more than $10 million in assets or more than 500 stockholders, regardless of where the securities are traded.

This is a substantial expansion over the 1933 Act, which only regulated public offerings of securities.  Even though the Act expanded regulation and investor protections, it also provides for a higher burden of proof for the investor.

The 1934 Act requires all covered companies to file audited annual reports with the Securities and Exchange Commission.  This form, known as a 10-K, is more comprehensive than the annual report to stockholders.  The 1934 Act also provides liability for investor losses against any party that knowingly makes an “untrue statement of material fact.”  This liability applies to the auditors as well as company management or any other involved party.

The burden of proof for an investor is higher than in the 1933 Act.   In the 1934 Act the investor must prove:

  1. The financial statements included false or misleading statements, or omitted information, that was material,
  2. The investor relied on the misleading financial statements,
  3. They were not aware that the financial statements were materially inaccurate,
  4. They incurred losses on the security, and
  5. Scienter, meaning that the auditor made the false or misleading statements with the intent to deceive.

Scienter is the most significant burden on the plaintiff investor.  The most significant precedent for scienter is found in the case of Ernst & Ernst v. Hochfelder (1976).  In the Hochfelder case, the investors sought recovery on the basis of negligence.  Ultimately the U.S. Supreme Court heard the case and ruled that simple negligence was not sufficient for the investors to recover their losses from the audit firm.  The court held that

“a private cause of action for damages will not lie under § 10(b) and Rule 10b-5 in the absence of any allegation of “scienter,” i.e., intent to deceive, manipulate, or defraud on the defendant’s part.”[1]

Unlike the 1933 Act, the plaintiff/investor must show that the auditor was grossly negligent or committed fraud in order to recover under the 1934 Act.


Statutory Law Liability to the Federal Government under the Private Securities Litigation Reform Act of 1995

In 1995, Congress adopted the Private Securities Litigation Reform Act of 1995 by overriding the veto of then President Clinton.    The 1995 Act modified the federal law created by the 1933 and 1934 Acts and was intended to reduce frivolous lawsuits, but also added new requirements for auditors.  In summary, the 1995 Act requires that every audit include:

  1. procedures designed to provide reasonable assurance of detecting illegal acts that would have a direct and material effect on the determination of financial statement amounts;
  2. procedures designed to identify related party transactions that are material to the financial statements or otherwise require disclosure therein; and
  3. an evaluation of whether there is substantial doubt about the ability of the issuer to continue as a going concern during the ensuing fiscal year.[2]

If the auditor becomes aware of any illegal activities, they must report the illegal activities to management and ensure that the board of directors is aware.  If the board of directors does not take action to address the illegal act, the following steps must be taken:

  1. The auditor must then determine if the illegal act is material to the financial statements and will affect the auditor’s opinion; if so, the auditor must notify the board of directors.
  2. The board of directors must notify the Securities and Exchange Commission within one business day.
  3. If the board of directors does not notify the Securities and Exchange Commission within one day the auditor must either
    1. Report the problem to the Securities and Exchange Commission, or
    2. Resign and report the problem to the Securities and Exchange Commission.

If the auditor does not comply with these requirements, the Securities and Exchange Commission may impose penalties on the audit firm of up to $500,000 for each failure and could order the audit firm to pay disgorgement, which means to return any profits from the audit.


Criminal Penalties under the 1933 and 1934 Acts

Section 24 of the Securities Act of 1933 establishes potential criminal punishments of up to $10,000 and 5 years in prison.  Section 32(a) of the Securities Exchange Act of 1934 provides criminal punishments of fines of up to $25,000,000 and 20 years in prison.  In both cases, criminal sanctions require that the false statement or omission was done “willfully” or “knowingly.”  Essentially, the word “knowingly” requires that there be fraud, rather than simple or gross negligence.  However, the case of United States v. Simon (1969), often referred to as the Continental Vending case the court made a dramatic ruling.

The auditor’s opinion in the Continental Vending case contained the standard language that the financial statements “present fairly, in accordance with generally accepted accounting principles.”  The auditors were aware that a large receivable may have been uncollectible.  The receivable was presented on the balance sheet, and the nature of the asset was presented in a footnote.  The footnote did not disclose that the receivable was based on a related-party transaction involving the president of the company and would not likely be repaid, even though the auditors were aware of this fact.  The auditors used as a defense that the footnote was in accordance with Generally Accepted Accounting Principles (GAAP).  Eight expert witnesses supported the auditor’s claim and agreed that the footnote was consistent with GAAP.  The judge determined that following GAAP was not sufficient, and that “presented fairly” was a separate statement.  The jury concluded that, although the financial statements and footnotes were consistent with GAAP, the financial statements were not presented fairly.  As a result, three of the auditors were convicted of criminal charges.  The auditors were fined and paid civil damages, but were not given any prison time.

In the Continental Vending case the auditors were guilty of gross negligence, but this was interpreted as fraud, which resulted in criminal convictions.  This landmark case was a significant warning that CPAs could be convicted on criminal charges, even if they were lacking the “intent” required of fraud.  All professional accountants should be aware of the real possibility of criminal charges should they fail to complete their work with a high degree of skill, diligence, and due professional care.


Criminal Penalties and Fines under the Internal Revenue Code

The Internal Revenue Service levies a variety of fines and criminal penalties, including:

  • Tax evasion – a felony, with penalties of up to $100,000 and five years in prison
  • Filing a fraudulent return – a felony, with penalties up to $100,000 and three years in prison
  • Not filing a required return – a misdemeanor, with penalties up to $25,000 and one year in jail
  • Not keeping records or paying estimated taxes – a misdemeanor, with penalties of up to $25,000 and one year in jail
Case in Point – Wesley Snipes, Willful Failure to File Tax Returns

According to prosecutors, actor Wesley Snipes did not file tax returns for 1999 through 2006, yet he made more than $38 million.  Snipes was following advice from tax protestor Eddie Kahn, who advised Snipes that the Federal Income Tax was unconstitutional.  Snipes’ primary defense was that he was misled by Kahn and he truly believed the tax did not apply to him, in part because he claimed to not be a U.S. citizen.  After the prosecution made their case, the defense team rested without calling any witnesses, making the assertion that the prosecution had not made its case.  The jury did not agree, finding Snipes guilty on three misdemeanor cases of failure to file tax returns for 1999, 2000, and 2001.  Snipes was sentenced to three years in addition, the IRS will be seeking recovery of all taxes, penalties, and interest.

Snipes’ advisor, Eddie Kahn, was convicted on felony charges and sentenced to ten years in prison.

Case in Point – KPMG Tax Shelter

The tax experts at KPMG, a “big four” accounting firm, designed tax shelter programs to help their wealthy clients reduce or avoid federal income taxes.  The IRS determined that this was a fraudulent tax evasion scheme.  From 1996 to 2003, clients of KPMG used this scheme to evade paying $2.5 billion in taxes on income of $11 billion.

The IRS filed criminal charges against KPMG and nine tax partners and specialists.  This was the largest criminal tax evasion case in U.S history.  If KPMG had been convicted of the felony, they would have lost their CPA licenses in all 50 states and would have been banned from auditing any public companies.  This would result in the end of KPMG, who would then join notorious Arthur Andersen in being dismantled in shame.

Faced with potential demise of their business, KPMG agreed to a civil fine of $456 million to end to criminal case, even though their total fees were only $225 million and profits were far less.  The nine employees of KPMG were prosecuted separately for their crimes.


Losing Practice Privileges

Accountants who violate statutes or regulations may lose practice privileges.  The Securities and Exchange Commission can temporarily or permanently prohibit an accountant or accounting firm from doing any work related to SEC filings.  When this happens, the firm can no longer do audits of publicly traded companies.  This would lead to the demise of any large auditing firm.  The IRS can also bar a tax specialist from representing clients before the IRS.  This would effectively end the tax career of any CPA or enrolled agent.  In most cases, when a CPA loses practice privileges from the SEC or IRS, the state board of accountancy will also suspend or revoke the CPA license of the firm or individual.

The “big five” CPA firm of Arthur Andersen was convicted of obstruction of justice for shredding documents related to the Enron audit; the conviction was a felony.  SEC rules provide that anyone convicted of a felony may not practice before the SEC.  With Andersen’s felony conviction and loss of ability to do audits of public companies, their CPA license was revoked in every state.

“Blue Sky” Laws

In addition to the federal securities laws, each state has a securities act, known as blue sky laws.  The term “blue sky” is based on the premise that the states are trying to protect investors from being sold investments which are little more than “blue sky”, or essentially having no value.   State blue sky laws generally require the registration of any securities offerings, brokers, and brokerage firms.     These laws provide states with legal authority to bring their own legal actions against violators, even though the federal government may bring an action.  Any accountant associated with a company that offers securities to the public, or is involved with the buying and selling of securities, needs to understand the laws of their state.


Questions for Research and Discussion

1. Compare the potential liability of accountants with that of other professions including pharmacists, engineers, architects, and other professions.

2. Develop arguments to support the penalty assessed upon Arthur Andersen in the case of Baptist Foundation of Arizona.

  • Develop arguments for higher or lower penalties.
  • If you were the judge in the case, how would you penalize Arthur Andersen?

3. Explain, in your own words, the similarities and differences between simple negligence, gross negligence, and fraud.

4. What was the dollar amount of the trial court judgment against the accounting firm of Max Rothenberg & Co. in the case of 1136 Tenants’ Corporation?

  • Do you feel that the judgment was fair?
  • What other implications did this case create for independent accountants?
  • What steps can accountants take to avoid liability for compilations and reviews?

5. Compare the third-party liability for accountants from the Ultramares case to the more extended “foreseeable user” theory adopted in a few states.

  • Which of these two approaches do you believe should be applied nation-wide?
    • Why?

6. In your own words, explain scienter.

  • Do you think scienter should be a burden of proof for the investor/plaintiff?
    • Why or why not?

7. In your own words, describe disgorgement.

  • What are your opinions on using disgorgement as a sanction?

8. In the Continental Vending case, the auditors were essentially convicted on fraud charges, but had only committed gross negligence.

  • Do you believe this is appropriate?
    • Why?

9. The Internal Revenue Service often chooses high profile people to prosecute.

  • Do you believe that Wesley Snipes was a villain or a victim?
  • Was his punishment appropriate?
    • Why?

10. What happened to the nine partners involved in the KPMG tax shelter case?

  • Do you feel that the outcome for KPMG and the nine employees was appropriate?

11. What company policies, practices, and techniques would you recommend that individuals and accounting firms adopt to reduce or avoid civil liabilities and criminal charges?

12. Visit the website for your state securities administrator.

  • Identify two interesting items about securities or investing
    • Summarize your findings.

  2. Section 301 of the Private Securities Litigation Reform Act of 1995


Icon for the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License

Professional Ethics for Accountants Copyright © 2019 by Anne and Rob Diamond is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License, except where otherwise noted.

Share This Book