Chapter 5

Legal Liability
 Presentation Outline

I. Preliminary Legal Concepts

II. Common Law and the Auditor
III. Statutory Law and the Auditor
IV. Professions Response to Legal Liability
V. Protecting Individual CPAs from Legal
Liability
 I. Preliminary Legal Concepts

A. Distinguishing Between Failures and

Audit Risk
B. The Expectations Gap
C. The Prudent Person Concept
D. CPA Liability
 A. Distinguishing Between Failures and
Audit Risk
Business failure occurs when a business is unable
to repay its lenders or meet the expectations of
investors because of economic or business
conditions.
Audit risk represents the risk that the auditor will
conclude that the financial statements are fairly
stated when in fact they are materially misstated.
Audit failure occurs when the auditor issues an
erroneous audit opinion as a result of failing to
comply with GAAS.
 B. The Expectations Gap

Many financial statement users believe that

auditors guarantee the accuracy of financial
statements, and some even believe that an auditor
guarantees the financial viability of the clients
business.
Most auditors believe that the conduct of an audit
in accordance with GAAS is all that can be
expected of auditors.
In most cases, courts continue to support the
auditors view.
C. The Prudent Person Concept

A person offering service is understood as holding

themselves out to the public as possessing the
degree of skill commonly possessed by others in
the same employment, and if the pretentions are
unfounded, commits a species of fraud upon every
person who employs them.
A person is liable for negligence, bad faith, or
dishonesty, but not for losses resulting from pure
errors of judgment.
 D. CPA Liability
Joint and Several Liability Separate and Proportionate
The assessment against a Liability
defendant for the full loss The assessment against a
suffered by the plaintiff, defendant caused by the
defendants negligence. For
regardless to which other example, if 30% of plaintiff
parties shared in the loss is due to misstated
wrongdoing. financials an accountant
would only be held liable for
the 30%.
For lawsuits in state courts, state law determines which approach to
damages applies. When lawsuits are brought under federal
securities laws, the separate and proportionate approach will apply
except in cases where it can be shown that the CPA knew or
participated in the fraud.
II. Common Law and the Auditor

A. Common Law Defined

B. Sources of Auditor Liability to Clients
Under Common Law
C. Common Law Burden of Proof
D. Auditor Liabilities to Third Parties
E. Auditor Defenses Under Common Law
 A. Common Law Defined

Common law refers to unwritten or case-made

law that evolves from prior or precedent cases.
It is state dependent meaning that different laws
can be applied under common law in different
states.
B. Sources of Auditor Liability
To Clients Under Common Law
Suit in Contract is based on privity and the
auditors alleged breach of the agreement
(usually the engagement letter). This source
does not apply to third parties (nonclients).

Suit in tort is based on negligence, gross

negligence, or fraud.
B1. The Meaning of Negligence

Negligence is a failure of a CPA to use due

professional care. It is also known by the
names simple negligence and ordinary
negligence.
 B2. The Meaning of Gross
Negligence
1. The CPA made a representation about a material
fact with lack of reasonable support.
2. The purpose of the representation was to induce
reliance by another.
3. The representation was relied on by the client or
third party.
4. The reliance caused damages to the client or third
party.
 B3. The Meaning of Fraud
Fraud contains the following items:
1. False representation
2. Knowledge of a wrong and acting with the
intent to deceive
3. The intent to induce reliance
4. Justifiable reliance
5. Resulting damages
 B4. A Comparison of Terms
Negligence v. Gross Gross Negligence v.
Negligence Fraud
Difference is a matter of Fraud is different from
degree. Negligence is gross negligence in
failure to exercise due that there is an intent
care. Gross to deceive.
negligence is a
reckless departure
from the standard of
due care.
C. Common Law Burden of Proof
In order to hold the auditor liable for
substandard auditing, the client must prove:
1. The CPA has a duty of care to the client.

2. The CPA has breached the duty of care.

3. The client suffered damages.

4. The damages were caused by the CPAs breach of

the duty of care.
 D1. Auditor Liability to Third Parties
(Nonclients) Traditional Rulings

Ultramares Corporation v. Touche

decided in 1931 in New York.
The Ultramares doctrine holds that ordinary negligence is
insufficient for liability to third parties because of lack of
privity of contract between the third party and the auditor,
unless the third party is a primary beneficiary. However,
liability to more general third parties will exist if the the third
plaintiff can establish gross negligence or fraud. Many courts
have broadened the Ultramares doctrine by introducing the
concept of a forseen user. Three views have emerged
regarding the concept of forseen users.
 D2. Views on Auditor Liability to Third Parties
Credit Alliance
(1) Auditor must know and intend that the work product be used by
the plaintiff third party for a specific purpose. (2) The knowledge
and intent must be evidenced by the auditors conduct.
Restatement of Torts Rule
Forseen users must be members of a reasonably limited and
identifiable group of users that have relied on the CPAs work, such
as creditors, even though those persons were not specifically known
to the CPA at the time the work was done.
Forseeable Users
Any users that the auditor should have reasonably been able to
forsee as being likely users of financial statements have the same
rights as those with privity of contract.
Current movement is away from the forseeable users approach.
There may be some movement toward the Credit Alliance ruling.
 E. Auditor Defenses Under
Common Law
CPA may use the following defenses under common
law:

1. There was a lack of duty to perform the service.

2. The engagement was performed using reasonable
care and skill, and in accordance with GAAS.
3. There is no connection between the clients loss
and the CPAs actions.
4. The client was contributively negligent. Note that
is defense is not viable against third party plaintiffs
since they are not in a position to misstate the
financial statements.
III. Statutory Law and the Auditor

A. Statutory Law Defined

B. The Sarbanes-Oxley Act
C. Liability to Third Parties (Nonclients)
Under the Securities Acts
D. Criminal Procedures and Defenses
 A. Statutory Law Defined

Statutory law refers to written law as

established by federal or state legislative
bodies.
B. The Sarbanes-Oxley Act

The Sarbanes-Oxley Act

provides for fines and
imprisonment of up to
20 years for altering or
destroying documents
to impede an official
investigation. (See
Figure 5-9 on page
122)
 C. Liability to Third Parties
(Nonclients) Under the Securities Acts
The Securities Acts signficantly extended the CPAs
liability to third parties beyond the bounds of common
law.
Securities Act of 1933 (1933 Act) regulates the initial
offering and sale of securities through the mails and
other forms of interstate commerce. Only protects
original purchaser of securities.

Securities Exchange Act of 1934 (1934 Act) deals

primarily with trading in previously issued securities.
 C1. Plaintiffs Burden of Proof
Under the 1933 Act - Section 11

1. The security was part of the offering of shares

covered by the registration statement.
2. The registration statement was false or misleading
or omitted material information that should have
been included.
C2. Auditor Defenses under the
1933 Act - Section 11
Third-party users do not have the burden of proof
that they relied on the financial statements or that
the auditor was negligent or fraudulent in doing
the audit. The auditor has the burden of
demonstrating as a defense that:
An adequate audit was conducted in the
circumstances or
all or a portion of the plaintiffs loss was caused
by factors other than the misleading financial
statements.
 C3. Plaintiffs Burden of Proof
Under the 1934 Act Rule 10b-5
1. The materiality of the alleged false, misleading, or
omitted statement.
2. The CPAs knowledge of the statement. Although
not the current trend, earlier cases considered poor
judgment to be equivalent to knowledge.
3. The plaintiffs reliance on the statements.
4. Actual damages sustained as a result of such
reliance.
 C4. Auditor Defenses under the
1934 Act Rule 10b-5
1. CPAs conduct does not include scienter. Scienter
is a mental state embracing intent to deceive,
manipulate or defraud.
2. The engagement was performed using reasonable
care and skill, and in accordance with GAAS.
3. There was a lack of duty to perform the service.
4. There is no connection between the clients loss
and the CPAs actions.
 D. Criminal Procedures and Defenses
1. In a criminal action, the U.S. Justice Department or
the state attorney general files suit as the plaintiff.

2. Plaintiff does not need to establish damages, only

that a statute has been violated.
3. Plaintiff must establish beyond a reasonable doubt
that the auditor knew they were acting criminally.

4. Primary defense is good faith meaning that the

audit complied with GAAP and GAAS, and there
was no willful knowledge of criminal acts.
IV. Professions Response to Legal
Liability
Auditing research in
regard to errors, fraud, and
auditor independence.
Standard setting to meet
changing needs.
Peer review to identify
deficiencies in meeting
standards.
Oppose unwarranted
lawsuits.
Lobby for changes in laws
to protect accountants.
 V. Protecting Individual CPAs from Legal
Liability

Deal only with clients

possessing integrity.
Understand the clients
business.
Document the work
properly.
Exercise professional
skepticism.
 The Legal Environment of the
Auditor
Illegal Client Acts

Common law

Negligence
Gross
negligence
Statutory law
Fraud
Securities laws
Criminal liability