How Getting Too Close to Clients Can Lead Accountant Malpractice Claims

Accountant malpractice claims have been a growth industry for litigators for more than two decades, thanks to increasingly strict professional standards for auditors and accountants.


And there’s no letup in sight. In fact, even in 2020, with the coronavirus wreaking havoc with the business community, regulators have continued to crack down on auditors who fail to take seriously their duties to uncover fraud or to follow the rules regarding the conduct of their relationships with clients. Regulatory action leads inevitably to accountant malpractice claims from clients.


As we have noted previously, relationships between CPAs and their clients may be very close, especially among smaller accounting firms and businesses. Yet those relationships can quickly disintegrate if the client suffers a fraud scheme that the CPA failed to uncover.  And when an accountant gets too close — and fails to adequately question the data and assumptions made by a company during the audit process — the results can be particularly devastating for a CPA firm and its individual partners.




Consider this recent action by the U.S. Public Company Accounting Oversight Board (PCAOB) against Texas-based Whitley Penn LLP. The firm and three of its partners were hit with fines and other penalties for violating PCAOB standards while conducting audits for its client United Development Funding (UDF), which specializes in real estate investments.


The PCAOB noted that one of the partners had identified a fraud risk involving a significant line of credit, but relied on UDF management’s estimates, data and assumptions without sufficiently evaluating their reasonableness. In their disciplinary report, PCAOB regulators found that the auditor “failed to perform…analysis with due professional care and, as a result, failed to obtain sufficient appropriate audit evidence to support…conclusions about the [line of credit].”


The firm and the auditors were cited by the PCAOB for failing to test the “accuracy and completeness of management-provided data” and for their failure to exercise “due professional care, including professional skepticism” in connection with the procedures they performed. In earlier audits, the accountants had neglected to appropriately respond to evidence of potentially fraudulent activity, the PCAOB said. This resulted in regulators citing the firm for “failing to maintain an adequate system of quality control, both during and after those audit failures.”


As a result, the firm was hit with stiff penalties, as were the three partners:


  • The firm was ordered to pay a $200,000 fine and to take several remedial actions.


  • One of the partners was barred from being associated with a public accounting firm for at least two years; fined $25,000; forced to limit audit activities; and required to complete 40 hours of continuing professional education.


  • Another partner received a one-year suspension from practice with a public accounting firm and was required to pay a $15,000 fine; limit audit activities; and take additional professional education courses.


  • The third partner was fined $10,000, required to complete addition professional education and restricted from audit activities for two years.




The PCAOB’s action against Whitley Penn is just one example of how an accounting firm’s failure to design their audit to detect fraud can lead to legal trouble.


Recently, I was engaged in a case where the auditors failed to detect a $4 million fraud scheme. The chief financial officer of the company had written himself personal checks from a related enterprise during a six-year period. All of the checks were for amounts of less than $10,000.


Unfortunately, the CPA firm did not catch the fraud. It also had developed a cozier-than-usual relationship with the company and the CFO. First, the CPA firm’s engagement partner had led the company’s audits for more than 15 years. This is an arrangement prohibited by the PCAOB for publicly traded companies. Partners must be rotated out of an audit arrangement on a regular basis. And the lead partner had become personally close to the CFO. They frequently dined together, and the partner regularly accepted tickets to sporting and entertainment events from the CFO.


The CFO has been indicted, has pled guilty to the fraud and now is serving time in a federal prison. And the CPA firm? It is facing significant litigation involving accountant malpractice claims.




In 1997, the accounting profession adopted the “Consideration of Fraud in a Financial Statement Audit” standard for CPAs. With that new standard, I posited in articles and at industry conferences that accounting firms would be subject to a flurry of lawsuits over failures to detect fraud. My prediction has proven true over the years. Insurers have noted that fraud claims now drive the most significant losses when it comes to accountant malpractice claims.


Unfortunately, some firms and CPAs haven’t seemed to receive the message. A number of CPAs who came to the profession before 1997 hold the mistaken belief that they are not responsible to design their audit to detect fraud. Many are relying on outdated teachings. Fraud didn’t even appear in leading accounting textbooks before 1997, and that year was the first time I recall the word being used by the American Institute of Certified Public Accountants. CPAs had been taught that it was not their duty to look for fraud – only to let their clients know if they saw or suspected any “defalcations.”


Yet failing to stay up to date on accounting standards or ignoring the ever-growing list of firms held liable for accountant malpractice claims is a highly risky proposition. The public expects auditors to detect and prevent fraud, and so do regulators and the courts. They have said that auditors have a legal responsibility to design their audits to detect fraud. Taking a company’s management at its word is not enough. In fact, if an auditor simply relies upon the word of company officials, it can face legal exposure and regulatory actions (as the examples above show). Auditors must gather corroborating evidence and diligently perform their auditing responsibilities.


If they don’t, they will almost certainly face a lawsuit. In almost all cases where a company suffers from a fraud, executives either sue their CPA or strongly consider doing so. This is true no matter what service the CPA provided, including simple compilation services.


In the end, it may be difficult to tell a client with whom a firm or CPA has developed a close relationship that fraudulent activities are suspected. But the relationship will become even more fraught if a CPA fails to do so.


To learn more about ways we can help investigate accountant malpractice claims, contact us for consultation.








Fraud Examination: Protecting Your Business from Workplace Fraud 

Despite the distractions and upheaval the Covid-19 pandemic has had on your business, be careful not to overlook another threat that could be looming around the corner — fraud in the workplace.

Occupational fraud is the misuse of one’s occupation for personal gain and includes anything from stealing office supplies to cooking the books to embezzlement fraud.  According to the Association of Certified Fraud Examiners’ (ACFE) most recent Report to the Nations on Occupational Fraud and Abuse, organizations lose an estimated 5 percent of revenues each year to occupational fraud – which translates to annual global losses of nearly $4.5 trillion. 

How can you protect your organization and avoid the necessity of conducting financial fraud investigations? The starting place for any successful fraud prevention program begins with two key elements: your organization’s ethical culture and the perception of detection.


The cornerstone of any fraud prevention effort is the ethical tone set by an organization’s leadership. Organizations that face financial fraud investigations have often failed to regularly communicate management’s anti-fraud stance or to properly train employees. 

One of the best ways to educate employees about fraud is to develop, implement and enforce a written fraud policy. Fraud awareness training can be incorporated into an employee’s orientation, annual training programs, and an annual statement acknowledging the employees’ understanding of your organizations’ anti-fraud policies. 

Common elements of a fraud policy include:

  • Fraud policy scope.  This section should clearly define the actions that constitute fraud and include language that the policy refers to all employees, including management and executives.
  • Disciplinary Action. Here, the organization should define the administrative process that will be followed if an investigation results in a recommendation for disciplinary action. 
  • Reporting procedures. Employees need to be aware of how and to whom they should report suspicious activity. Fraud reporting mechanisms, such as hotlines, must allow anonymity and confidentiality. Clarify that employees who report incidents will not suffer retaliation.  According to the ACFE’s Report to the Nations, tips are by far the most common fraud detection method. More than 40 percent of all cases reported in the 2020 edition were detected via tips — more than twice the rate of any other detection method. Employees accounted for nearly half of all tips that led to the discovery of fraud.
  • Investigation responsibilities. In this section it’s critical to identify who is assigned the responsibility to investigate alleged fraudulent incidents, and to whom those acts are reported (i.e. management, law enforcement, legal counsel).


The second element of a well-rounded fraud prevention program is to increase the perception of detection. By nature, those who are tempted to commit wrongful acts are less likely to follow through if they believe they will be caught.

An organization can implement a variety of policies and procedures that help increase this perception, depending on the size and complexity of the organization. Examples include:

  • Segregation of duties. Think of a transaction like a circle. Employees should never be in a position to complete the entire circle alone. To overcome the challenge of segregating duties in a small business, insert management into the process. Increase the perception of detection by having bank statements sent to the business owner. To be effective, open and review the statements before delivering them to the bookkeeper. 
  • Mandatory vacations. Concealment is the modus operandi of fraud.  Mandatory time off reduces the opportunity to hide wrongdoing.
  • Job rotation. The longer a person is in one position (largely unsupervised), the risk of occupational fraud likely will increase.
  • Surprise audits. Keep employees on their toes. Surprise audits, where feasible, reduce the opportunity to alter, destroy or misplace evidence of wrongdoing.

By instituting a fraud policy, fraud training and procedures to increase the perception of detection, you can decrease the likelihood that your organization falls victim to occupational fraud.

To learn more about how we can help clients detect fraud, contact us for consultation.