Download Comprehensive Case A.1 – Enron

Comprehensive Case A.1 – Enron
I. Technical Audit Guidance
To maximize the knowledge acquired by students, this book has been designed to be read in
conjunction with the post-Sarbanes-Oxley technical audit guidance. All of the PCAOB Auditing
Standards that are referenced in this book are available for free at:
http://www.pcaobus.org/Standards/index.aspx.
In addition, the AU Sections that are referenced in this book are available for free at:
http://www.pcaobus.org/Standards/Interim_Standards/Auditing_Standards/index.aspx. Finally, a
summary of the provisions of the Sarbanes-Oxley Act of 2002 is available for free at:
http://thecaq.aicpa.org/Resources/Sarbanes+Oxley/Summary+of+the+Provisions+of+the+Sarban
es-Oxley+Act+of+2002.htm.
II. Case Questions – Answer Key
1.
What is auditor independence, and what is its significance to the audit profession? What is the difference
between independence in appearance and independence in fact?
The second general standard of generally accepted auditing standards (GAAS) is, “In all
matters relating to the assignment, an independence in mental attitude is to be maintained by the
auditor or auditors.” If the auditor is not independent, the financial statements are considered
unaudited for all practical purposes. In case where the SEC has found that a CPA firm was not
independent, it has required that the financial statements be re-audited by another firm. A lack of
independence can result in disciplinary action by regulators and/or professional organizations
and litigation by those who relied on the financial statements (e.g., clients and investors). The
profession, as a whole, depends on the value of independence in that the auditor’s opinion on the
financial statements loses its value if the auditor is not considered to be substantially independent
from the management of the firm.
Article IV of the AICPA’s Professional Code of Conduct requires that “a member in
public practice should be independent in fact and appearance when providing auditing and other
attestation services.” To be independent in fact, an auditor must have integrity, a character of
intellectual honesty and candor; and objectivity, a state of mind of judicial impartiality that
recognizes an obligation of fairness to management and owners of a client, creditors, prospective
owners or creditors, and other stakeholders. To be independent in appearance, the auditor must
not have any obligations or interests (in the client, its management, or its owners) that could
cause others to believe the auditor is biased with respect to the client, its management, or its
owners. Even if the auditor does not have any direct or indirect financial interest or obligation
with the client in fact, they must assure that no part of their behavior or actions appear to affect
their independence in the opinion of the public. When behavior seems to affect independence it
has a similar effect on public opinion as a breach of independence in fact.
The facts of the case reveal numerous issues that suggest that Andersen's independence
may have been compromised. For example, Enron was one of Andersen’s biggest audit clients.
It paid Arthur Andersen $46.8 million in fees for auditing, business consulting, and tax work for
the fiscal year ended August 31, 1999; $58 million in 2000; and more than $50 million in 2001.
At Andersen, the compensation of partners depended on their ability to cross-sell other services
to its audit clients. More than half of the fees for Enron were charged for non-audit services. By
2001, Duncan was earning more than $1 million a year. The size of the fees would likely have
made it hard for Duncan and his fellow auditors to challenge Enron's management team on
difficult accounting issues.
In addition, the substantial amount of non-audit work completed by Andersen provided
incentives to work as an advocate on behalf of Enron. For example, Arthur Andersen boasted
about the closeness of their relationship in a promotional video. “We basically do the same types
of things…We’re trying to kinda cross lines and trying to, you know, become more of just a
business person here at Enron,” said one accountant.
In addition, Since 1993 Andersen had performed Enron’s internal audit function in
addition to performing the audit on its financial statements. Performing both the internal and
external auditing functions meant that Andersen was auditing its own work and thus would not
be unbiased. In addition, more than eighty former Arthur Andersen accountants were working at
Enron. Several were in senior executive positions, including Jeffrey McMahon, who served in
the positions of treasurer and president; and vice president Sherron Watkins; and chief
accounting officer Richard Causey.
Article IV of the AICPA Code of Conduct (Objectivity and Independence) states: “A
member in public practice should be independent in fact and appearance when providing
auditing and other attestation services.” Close relationships might affect independence in
appearance, even if independence in fact is maintained. Clearly there was cause for concern at
Enron. Causey was good friends with Andersen’s global engagement partner, David Duncan. In
fact, their families had even gone on vacations together. Andersen employees often attended
Enron-sponsored events and office parties. The nature of Causey and Duncan’s close
relationship violated the AICPA Code of Conduct’s requirements for independence in
appearance.
2.
Refer to Section 201 of SARBOX. Identify the services provided by Arthur Andersen that are no longer
allowed to be performed. Do you believe that Section 201 is needed? Why or why not?
Section 201 says that it shall be unlawful for a registered public accounting firm to provide
any non-audit service to an issuer contemporaneously with the audit, including: (1) bookkeeping
or other services related to the accounting records or financial statements of the audit client; (2)
financial information systems design and implementation; (3) appraisal or valuation services,
fairness opinions, or contribution-in-kind reports; (4) actuarial services; (5) internal audit
outsourcing services; (6) management functions or human resources; (7) broker or dealer,
investment adviser, or investment banking services; (8) legal services and expert services
unrelated to the audit; (9) any other service that the Board determines, by regulation, is
impermissible.
Arthur Andersen provided services to Enron that would be prohibited today by SOX
Section 201. “More than half of that amount (more than $50 million) was for fees that were
charged for nonaudit services… $27 million for consulting and other services, such as internal
audit services.” Andersen had been providing internal audit services to Enron for eight years.
The nonaudit services that Andersen provided were encouraged by the structure of partner
compensation.
Importantly, the bill allows an accounting firm to “engage in any non-audit service,
including tax services,” that is not listed above, only if the activity is pre-approved by the audit
committee of the issuer. The audit committee is required to disclose to investors in its periodic
filings its decision to pre-approve non-audit services.
Most observers now agree that Section 201 was needed. The rise of non-audit services
has been a common trend in the public accounting profession. In 1993, 31% of the fees in the
industry came from consulting. By 1999, that number had jumped to 51%. In fact, the AICPA
released a publication in 1999 titled “Make Audits Pay: Leveraging the Audit Into Consulting
Services.” The book advised the auditor to think of himself as a “business advisor.” It did note
that conflicts could arise from performing the role of business advisor (which was a client
advocate) and the auditor (which had to be independent). It advised erring on the side of looking
out for the public interest. Other striking examples include KPMG, which billed Motorola $3.9
million for auditing and $62.3 million for other services; Ernst & Young, which billed Sprint
Corp. $2.5 million for auditing and $63.8 million for other services; and
PricewaterhouseCoopers, which billed AT&T $7.9 million for auditing and $48.4 million for
other services.
3.
Refer to Sections 203 and 206 of SARBOX. How would these sections of the law have impacted the Enron
audit? Do you believe that these sections rewere needed? Why or why not?
Section 203 says that the lead audit or coordinating partner and the reviewing partner must
rotate off of the audit every 5 years. Section 206 says that the CEO, Controller, CFO, Chief
Accounting Officer or person in an equivalent position cannot have been employed by the
company’s audit firm during the 1-year period ("the cooling off period) proceeding the audit.
Section 203 could have impacted the Enron audit. Lead partner for the Enron engagement, David
Duncan had formed a close personal relationship with Enron’s Chief Accounting Officer,
Richard Causey. “…and their families had even gone on vacations together.” The nature of this
close relationship put Duncan in a position that he might not be able to challenge management. A
key point to raise in this response is that David Duncan would not have been the lead audit
partner after 5 years of service because of the establishment of Section 203. It is important to
point out that the relationship that develops among professionals is interrupted by regulation to
help insure independence.
Section 206 requires a “one year cooling off period” for former Andersen employees to
accept a position as CEO, CFO, Controller, or Chief Accounting Officer. “Causey was
responsible for recruiting many Andersen alumni to work at Enron. Over the years, Enron hired
at least 86 Andersen accountants. Several were in senior executive positions.” Section 206 of
SOX would have prevented some of these hirings before the cooling off period had expired.
Since both of these laws help to insure independence in appearance and in fact, most students
are likely to agree that they were needed. Both Section 203 and Section 206 would have
impacted the Enron engagement.
4.
Refer to Section 301 of SARBOX. Do you believe that Section 301 is important to maintaining
independence between the auditor and the client? Why or why not?
Section 301 of SARBOX requires that the “audit committee of an issuer shall be directly
responsible for the appointment, compensation, and oversight of the work of any registered
public accounting firm employed by that issuer.” As a result, the relationship between the audit
firm and the CFO and/or Controller at an audit client has changed dramatically. In the past, it
may have been difficult for an auditor to challenge the CFO and/or the Controller on difficult
accounting issues because the auditor knew that these individuals had the authority to fire the
audit firm from the job. At a minimum, this was a major threat to independence in appearance.
Now, the auditor reports directly to the audit committee. As a result, the independence between
the auditor and client has improved.
5. Consider the principles, assumptions, and constraints of Generally Accepted Accounting Principles
(GAAP). Define the revenue recognition principle and explain why it is important to users of financial
statements.
The revenue recognition principle of GAAP states that revenue must be both earned and
realized before it is recognized and is supported by the FASB Statement of Financial Concepts
No. 5. In addition, the amount of the sale needs to be fixed and determinable. Also, the
recognition of revenue is dependent on an assumption that the cash will be collected from the
customer in a timely manner. Other points that should be made to students are that the buyer
needs to assume the risks and rewards of ownership of the product (i.e., the risk of damage or
physical loss). In addition, for certain types of sales, the SEC has established specific and
exacting criteria that must be followed in the revenue recognition process.
In the case of Enron, the manner in which MTM accounting was applied to its trading
business was suspect. That is, by recognizing the present value of the stream of future inflows
under the entire contract as revenues and recognizing the present value of future costs under the
entire contract as expenses. Of course, this violated the revenue recognition principle because
Enron hadn’t performed under the contract at the time it recognized revenues.
6.
Consider the Sithe Energies contract described in the case. Does the accounting for this contract provide
an example of how Enron violated the revenue recognition principle? Why or why not? Please be
specific.
According to GAAP, in order for revenue to be recognized, it must have been earned by the
company. In the present context, Enron used MTM accounting to allow for the recognition of
the present value of the stream of future inflows as revenues on its contract with Sithe Energies.
However, the application of MTM (in this context) clearly violates the revenue recognition
requirements under GAAP. Consider that Enron recognized revenue from the Sithe contract
before the Sithe plant had even begun its own operations. As a result, Enron had not done its
part in fulfilling its contract obligations. Thus, revenue on this contract was not yet earned and
should not have been recognized.
7.
Consult Paragraph 2 and Paragraph A5 (in Appendix A) of PCAOB Auditing Standard No. 5. Based on
the case information, do you believe that Enron had established an effective system of internal control
over financial reporting related to the contract revenue recorded in its financial statements? Why or why
not?
According to paragraph #2 of Auditing Standard #5, “effective internal control over financial
reporting provides reasonable assurance regarding the reliability of financial reporting and the
preparation of financial statement for external purposes. If one or more material weaknesses
exist, the company's internal control over financial reporting cannot be considered effective.” In
the Appendix of Auditing Standard #5, paragraph #A5 provides more specifics about the
definition of an internal control system.
According to that paragraph, such a system is “a process designed by, or under the
supervision of, the company's principal executive and principal financial officers, or persons
performing similar functions, and effected by the company's board of directors, management,
and other personnel, to provide reasonable assurance regarding the reliability of financial
reporting and the preparation of financial statements for external purposes in accordance with
GAAP and includes those policies and procedures that – (1) Pertain to the maintenance of
records that, in reasonable detail, accurately and fairly reflect the transactions and dispositions of
the assets of the company; (2) Provide reasonable assurance that transactions are recorded as
necessary to permit preparation of financial statements in accordance with generally accepted
accounting principles, and that receipts and expenditures of the company are being made only in
accordance with authorizations of management and directors of the company; and (3) Provide
reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use,
or disposition of the company's assets that could have a material effect on the financial
statements.”
Enron did not have an effective system of internal control over financial reporting related to
contract revenue recorded in its financial statements. Stated simply, Enron’s internal control
system does not provide reasonable assurance that revenue was being recorded fairly, and in
accordance with GAAP. Consider the valuation assertion. An example of a control procedure
that would help to prevent a material misstatement related to the valuation assertion related to
revenue would be to require an independent valuation firm to be responsible for valuing all
material contracts. When considering the discretion of an independent 3rd party upon an
estimate, the estimate can be considered more reliable and competent. Although this valuation
procedure can be costly to the client, the reliability of the estimate is far more valuable to users
that are dependent upon an unbiased and objective MTM estimate. An example of a control
procedure designed to detect a material misstatement related to the valuation assertion about
revenue would be to have the internal audit department perform independent recalculations of
the valuation of material contracts. In such a situation, the internal audit department would be
responsible for evaluating (independent of management) the subjective components of the MTM
valuation to determine if the valuation is reasonable, reliable, and has competent evidence to
support the valuation. For example, an interest rate used in the calculation of an MTM valuation
must be supported by market information that supports the use of a particular interest rate.
8.
Consult Paragraphs .21-.22 of AU Section 326. As an auditor, what type of evidence would you want to
examine to determine whether Enron was inappropriately recording revenue from the Sithe Energies
contract?
According to paragraph #21 of AU Section 326, “To be competent, evidence, regardless of
its form, must be both valid and relevant.” Indeed, “the validity of evidential matter is so
dependent on the circumstances under which it is obtained that generalizations about the
reliability of various kinds of evidence are subject to important exceptions.” So, the competence
of audit evidence refers to the quality of the evidence gathered for a financial statement assertion
about a financial statement account balance and/or an economic transaction(s). And, as indicated
in the standard, there are two aspects to evidence quality that are most important: relevance and
reliability. The relevance of audit evidence specifically relates to whether the evidence gathered
actually relates to the financial statement assertion being tested. That is, will the evidence allow
the auditor to reach conclusions related to that financial statement assertion?
The reliability of the evidence specifically relates to whether the evidence gathered can truly
be relied upon as providing a true indication about the financial statement assertion being tested.
There are a number of factors that should influence an auditor’s conclusions about reliability, the
most important of which is the source (e.g., is it from a third party?) of the audit evidence.
According to paragraph #22 of AU Section 326, “The amount and kinds of evidential matter
required to support an informed opinion are matters for the auditor to determine in the exercise
of his or her professional judgment after a careful study of the circumstances in the particular
case.” So, the sufficiency of audit evidence refers directly to the quantity of the audit evidence
gathered about a financial statement assertion. All things being equal, the greater the risk of
material misstatement related to the financial statement assertion, the more audit evidence will be
gathered by the auditor.
Recall that Enron employed MTM accounting on an agreement that Enron reached to supply
Sithe Energies with 195 million cubic feet of gas per day for 20 years for a plant that Sithe was
going to build in New York. The estimated value of the gas to be supplied was $3.5 to $4 billion.
At the moment the contract was signed, the present value of the stream of future inflows under
the contract was recognized as revenues and the present value of the expected costs of fulfilling
the contract were expensed. In order to determine whether Enron was properly accounting for
the contract, the auditor would need to gather competent and sufficient evidence related to the
contract.
In testing the contract, the auditor would have to gather sufficient and competent evidence to
ascertain how much work was completed under the contract. According to GAAP, revenue must
be earned and realized in order to be recorded. The bottom line is that inquiry of management,
without corroboration, would not be enough to conclude on the appropriateness of revenue
recognition practices. While interviews of management may be an appropriate first step in the
evidence gathering process, the interviews cannot serve as the basis for an auditor’s conclusion.
Students must always remember that the auditor must consider the source of the evidence when
evaluating the competence of evidence.
And, given the elevated inherent risk for this
transaction, the competence of evidential matter relied upon would be even more important.
Stated simply, the auditor would have to examine documentary evidence that convinced the
auditor that revenue should be recognized.
9.
Explain why an accounting and auditing research function (like Andersen’s PSG) is important in the
operations of a CPA firm. What role does the function play in completing the audit?
In order to mitigate their risk of an audit failure, CPA firms must implement their own
system of internal controls to ensure that professional standards (and their own standards) of
audit quality are being met. Stated simply, a firm must have assurance that the work being
completed by its audit professionals is being completed in accordance with professional
standards set forth by the firm.
The accounting and auditing research function (like Andersen’s PSG) is an instrumental part
of a firm’s quality assurance process. Typically, the group is comprised of a CPA firm’s leading
technical experts on accounting, auditing and industry-specific professional standards. Thus, if
an engagement partner (like Andersen’s David Duncan) encounters a difficult technical issue,
he/she has the necessary technical support that may be necessary to reach the correct conclusion
in the field.
10. Consult Section 103 of SARBOX. Do you believe that the engagement leader of an audit (like David
Duncan on the Enron audit) should have the authority to overrule the opinions and recommendations of
the accounting and auditing research function (like the PSG)? Why or why not?
According to Section 103 of SOX, the “PCAOB shall: 1) register public accounting firms; 2)
establish, or adopt, by rule, “auditing, quality control, ethics, independence, and other standards
relating to the preparation of audit reports for issuers; 3) conduct inspections of accounting firms;
4) conduct investigations and disciplinary proceedings, and impose appropriate sanctions; 5)
perform such other duties or functions as necessary or appropriate; 6) enforce compliance with
the Act, the rules of the Board, professional standards, and the securities laws relating to the
preparation and issuance of audit reports and the obligations and liabilities of accountants with
respect thereto; 7) set the budget and manage the operations of the Board and the staff of the
Board.”
In essence, this section of SOX provides for government regulation of the audit profession
and it represents one of most dramatic changes mandated by the new law. Indeed, this section
requires the PCAOB to perform detailed inspections of the audit process employed by each audit
firm. In addition, PCAOB inspectors have the authority to review the audit work completed at
any publicly traded corporations. Considering that the audit profession has relied solely on peer
evaluation for decades, this represents a dramatic change.
Considering these sweeping changes, there is no way that an engagement partner should be
allowed to overrule the firm’s technical experts on an accounting or auditing matter. The role of
the technical experts is to provide information needed to make a correct decision on a technical
or complex matter. By the very nature of the expert’s role, they are used at a time when the
auditing professionals do not have the knowledge to make a correct decision. To overrule the
expert would defeat the objective of the technical experts entirely.
In addition, in the post-Sarbanes environment, it is not likely that the PCAOB would agree
that the engagement partner on a particular audit should have the authority to overrule the firm’s
auditing and accounting research group. The bottom line is that since the function is in place to
insure a quality audit, it is likely that a PCAOB inspector would note this as an egregious
violation of a firm quality control procedure and may even issue some type of sanction against
the firm.
11. After Carl Bass was removed from the Enron account, he indicated to his boss that he did not believe
Enron should have known about internal discussions regarding accounting and auditing issues. Do you
agree with Bass’s position? Why or why not?
In general, it is hard not to agree with Carl Bass’s position that Enron should not have known
about the internal discussions regarding accounting and auditing treatments. There are a number
of different points that can be made to support this view. They include:

The firm has an obligation to maintain independence and objectivity per the
requirements of Rule 102 of the AICPA Code of Conduct. In order to maintain
independence and objectivity, the firm should have a policy that prevents this type of
communication with the client about the treatment of complex accounting or auditing
transactions. Collaboration with the client on these types of issues is comparable to
asking “their opinion”, which of course would be a violation of independence
standards.

It is absolutely not acceptable to allow the client to know about any internal
discussions related to a complex accounting and/or auditing issue. The firm’s
position needs to be unified to the client in all cases. If employees of Enron knew
about such conversations, they may be able to understand the “thinking” behind
certain audit procedures and perhaps take actions to circumvent other audit
procedures that might be considered by the audit firm. Additionally, sharing this
internal information violates independence in appearance.
12. Consult Section 203 of SARBOX. Do you believe that this provision of the law goes far enough? That is,
do you believe the audit firm itself (and not just the partner) should have to rotate off an audit
engagement every five years? Why or why not?
According to Section 203, the lead audit or coordinating partner and the reviewing partner
must rotate off of the audit every 5 years. Again, it is hard not to agree that some type of auditor
rotation should be required. However, there may be differences in opinion on whether this
provision goes far enough. Some thoughts raised by students may include:

The current provision is sufficient to maintain independence. There is no need to rotate
the entire firm from the audit. Doing so would be too costly to both CPA firms and audit
clients. If the entire audit firm was required to rotate off, the tradeoff is that the new CPA
firm would not have the benefit of the experience and knowledge gained by the staff on
prior audits. Previous knowledge proves beneficial for analytical procedures and during
substantive testing. As a result, the overall cost of performing the audit would increase.

The current provision is not enough. Instead, Section 203 of SOX should require that the
audit firm should rotate off the engagement every five years. The fact is that the longer a
firm is involved with a client, the greater the chance that the firm’s objectivity will
become compromised as evidenced by the relationship between Andersen and Enron.
13. Consult Paragraph 9 of PCAOB Auditing Standard No. 5. Based on your understanding of inherent risk
assessment and the case information, identify three specific factors about Enron’s business model in the
late 1990s that might cause you to elevate inherent risk at Enron.
At the entity and at the financial statement assertion level, inherent risk refers to the exposure
or susceptibility of an assertion within an entity’s financial statements to a material misstatement,
without regard to the system of internal controls. A detailed understanding of an audit client's
business model, including their products and services is an essential part of an auditor’s inherent
risk assessment process at both the entity level and the financial statement assertion level.
Inherent risk assessment guides the auditor to allocating resources towards testing specific
accounts as well as what planning what substantive tests will be employed during testing.
Paragraph #9 of PCAOB Auditing Standard No. 5 relates to the planning of the audit of
internal control over financial reporting. Specifically, the paragraph says that such audit should
be properly planned and assistants, if any, are to be properly supervised. The paragraph then goes
on to explicitly identify matters that will impact the auditor's procedures. Several of the relevant
factors include: 1) Matters affecting the industry in which the company operates, such as
financial reporting practices, economic conditions, laws and regulations, and technological
changes; 2) Matters relating to the company’s business, including its organization, operating
characteristics, and capital structure; 3) Legal or regulatory matters of which the company is
aware; and 4) The relative complexity of the company’s operations.
Importantly, the factors that are likely to impact the audit of internal control over financial
reporting mirror the factors that are likely to impact the assessment of inherent risk in a financial
statement audit. This is a key learning point for this question. In the 1980s, while employing an
asset heavy strategy, Enron was a relatively simple enterprise, with a straight forward business
model. As such, the inherent risk assessment is likely to have been much lower in the 1980s than
in the late 1990s. In the late 1990s, there were a number of factors that would result in a higher
inherent risk assessment by the independent auditor, including:

Significant changes to its industry environment due to the government’s decision to
de-regulate their industry. Specifically, the government decided to allow the market
forces of supply and demand to dictate prices and volumes sold (previously the
government had dictated the price pipeline companies paid for gas and the price they
could charge their customers). This represents a significant change for the market and
the business practices employed by Enron. Dramatic changes in the industry
environment increase inherent risk in a client.

Since Enron was now contracting with other pipeline companies to get their gas to
certain customer (e.g., Brooklyn Union), Enron was assuming added risks related to
the transportation of the gas. Enron’s assumption of additional operational risk
increases the overall inherent risk level for Enron.

Enron entered into many long term contracts with their clients. Because the terms of
the contract (e.g. price) was purely speculative, Enron was assuming additional risk
that the future price of their products (e.g. gas) would rise above the contract price.
The nature of many of their long-term contracts was now riskier because prices could
rise to a level that would make the contract unprofitable.

Enron became regularly involved with the trading and financing of natural gas
contracts. The accounting for such contracts is complex. In addition, the natural gas
contracts it devised were quite complex and variable, depending on different pricing,
capacity, and transportation parameters. Complex business transactions require
complex accounting. As a result, inherent risk increases for complex transactions
because it requires the independent auditor to possess complex technical knowledge
regarding the appropriate accounting for the transaction.

Enron decided to apply its “trading model” to other commodity markets, including
electricity, paper and chemicals. Due to the fact that these commodity markets were a
new focus for Enron, there is risk associated with the possibility that the “trading
models” would not be fundamentally appropriate for the other commodity markets.

Enron undertook international projects involving the construction and management of
energy facilities outside the United States—in the United Kingdom, Eastern Europe,
Africa, the Middle East, India, China, and Central and South America. When a
company employs a globalization strategy, they assume an increased inherent risk
associated with the reliance upon foreign economies, exchange rates, as well as a
number of potential political and cultural barriers.

Enron began using mark to market (MTM) accounting for its trading business. Enron
was the first company outside the financial services industry to use MTM accounting.
MTM accounting involves a series of subjective valuations that require management
discretion.

Enron also began establishing several “special purpose entities,” which were formed
to accomplish specific tasks, such as building gas pipelines. An SPE could be utilized
by a company hoping to achieve certain accounting purposes, such as hiding debt or
certain assets.
14. Consult Paragraphs .03-.06 of AU Section 311. Comment on how your understanding of the inherent
risks identified at Enron (in Question 13) would influence the nature, timing, and extent of your audit
work at Enron.
According to paragraph #5 of AU Section 311 “In planning the audit, the auditor should
consider the nature, extent, and timing of work to be performed and should prepare a written
audit program (or set of written audit programs) for every audit. The audit program should set
forth in reasonable detail the audit procedures that the auditor believes are necessary to
accomplish the objectives of the audit. The form of the audit program and the extent of its detail
will vary with the circumstances. In developing the program, the auditor should be guided by the
results of the planning considerations and procedures. As the audit progresses, changed
conditions may make it necessary to modify planned audit procedures.” As a general rule, the
lower the risk of material misstatement, the less audit attention is needed during the audit. It
therefore follows that the higher the risk of material misstatement; the more audit attention is
needed during the audit. Although this is somewhat obvious, it is a basic point that needs to be
driven home to students.
Clearly the nature, timing and extent of audit work should change as a result of the auditor’s
risk assessment. Specifically, “if the risk is lower, the persuasiveness of the evidence that the
auditor needs to obtain also decreases.” On the other hand, as the risk increases, the
persuasiveness of the evidence that the auditor needs to obtain also increases. Regarding the
timing of testing for controls, “as the risk associated with the control being tested decreases, the
testing may be performed farther from the as-of date; on the other hand, as the risk associated
with the control increases, the testing should be performed closer to the as-of date.” Finally,
regarding extent of testing for controls, “as the risk associated with a control decreases, the
extensiveness of the auditor's testing should decrease; as the risk associated with a control
increases, the extensiveness of the auditor's testing also should increase.”
In addition, Paragraph #46 of PCAOB Auditing Standard No. 5 also provides some relevant
guidance for this question. Specifically, the paragraph states that “the evidence necessary to
persuade the auditor that the control is effective depends upon the risk associated with the
control.” Specifically, if the risk is lower, the evidence needed to persuade the auditor about its
effectiveness decreases. On the other hand, as the risk increases, the evidence needed to
persuade the auditor will clearly increase.
15. Consult Paragraphs 28–30 of PCAOB Auditing Standard No. 5. Next, consider how the change in
industry regulation and Enron’s resulting strategy shift would impact your inherent risk assessment for
the relevant assertions about revenue. Finally, idenity the most relevant assertion for revenue before and
after Enron’s resulting strategy shift and briefly explain why.
Among other matters, paragraphs #28-30 of PCAOB Auditing Standard No. 5 focuses the
auditor’s attention on the importance of identifying each of the relevant financial statement
assertions related to significant accounts and disclosures. Indeed, the identification of relevant
assertions is a critical component of the audit of internal control over financial reporting.
Specifically, according to Paragraph # 28, “relevant assertions are those financial statement
assertions that have a reasonable possibility of containing a misstatement that would cause the
financial statements to be materially misstated.” In paragraph #30, auditors might “determine
the likely sources of potential misstatements by asking himself or herself “what could go
wrong?” within a given significant account or disclosure.” It is clear that certain financial
statement assertions are “more” relevant than others for a particular set of financial statements.
When Enron shifted from the “asset heavy” strategy to the “asset light” strategy, Enron
essentially was operating in a “new” industry because it faced an entirely new business
environment, with new industry regulations. As a result, the likelihood that a material
misstatement could occur has increased due to the possibility of Enron (or Andersen) not fully
understanding all aspects of the new regulated industry environment and the relevant accounting
guidance. This change in business environment and a necessary understanding of the related
aspects of a new industry represents an increase in inherent risk that material misstatement could
occur.
For the Revenue account, among others, there are two relevant assertions that stand out.
Specifically, the resulting strategy change at Enron would significantly increase inherent risk
assessment related to the Valuation or Allocation assertion for revenue recognized on contracts
when using mark-to-market accounting. That is, given the number of estimates used when
determining the specific amount of revenue to be recognized, inherent risk would be elevated. In
addition, the inherent risk related to the Occurrence assertion would also be elevated since it is
not entirely clear whether the revenue related to such contracts should have been recognized
under GAAP. In addition, the Existence or Occurrence assertion related to revenue recognized
from international subsidiaries and/or SPEs would also be elevated. The implementation of
several international subsidiaries and/or SPEs increases the likelihood that revenue fraud through
related party transactions could occur. As such, an elevation of the level of inherent risk occurs.
16. Consult Paragraphs .14-.16 of AU Section 316. How might a revenue recognition fraud occur under
Enron’s strategy in the late 1990s. Identify an internal control procedure that would prevent, detect, or
deter such a fraudulent scheme?
According to paragraph #14 of AU Section 316, on each audit engagement “members of the
audit team should discuss the potential for material misstatement due to fraud.” According to
paragraph #15 of AU Section 316, this discussion “should include a consideration of the known
external and internal factors affecting the entity that might (a) create incentives/pressures for
management and others to commit fraud, (b) provide the opportunity for fraud to be perpetrated,
and (c) indicate a culture or environment that enables management to rationalize committing
fraud.” Of course, these three factors are commonly referred to as the “fraud triangle”. The first
condition (incentives/pressure) recognizes that an employee or a manager of a company is likely
to either have incentives in place (e.g., bonus compensation) or be under significant pressure to
achieve meet specific estimates, forecasts, or expectations. The second condition (opportunity)
recognizes that in order for a fraud to be perpetrated, the internal control environment must
provide an opportunity for an employee or a manager of a company to commit a fraudulent act.
Finally, the third condition (rationalization) recognizes that for an employee or a manager of a
company to perpetrate a fraud, the individual (or individuals) must possess an “attitude” that
allows them to rationalize that they are knowingly committing a crime.
Clearly, there are a number of allowable answers to this question. The absolute key is that
students show that they have tried to “brainstorm” about how a fraud might occur at Enron. As
long as this has been demonstrated, we recommend that credit be awarded for this question.
Importantly, this question is also designed to help the students understand the differences
between preventive controls and detective controls and the importance of each in a well-
functioning internal control system. The absolute key to answering this part of the question is to
focus on a relevant financial statement assertion. That is, in the post-Sarbanes environment,
students must be able to identify a control procedure that would prevent specific misstatements
from occurring related to specific assertions.
For example, one control procedure that could be designed to prevent a fraud related to the
valuation or allocation assertion related to revenue would be to have an appropriate manager
approve all relevant assumptions used to estimate the amount of revenue to record related to a
particular contract. In addition, another possible revenue fraud would involve side agreements
within related party transactions. As Enron began to implement international subsidiaries and/or
SPEs, there is an increased likelihood that not all revenue transactions were completed as an
“arm’s length transaction.” As such, a prevention control would be to implement control
activities such as documentation and appropriate approvals for all related party transactions.
This would help ensure proper disclosure in the financial statements.
17. Consult Paragraphs .07-.08 of AU Section 316. Based on your understanding of fraud risk assessment,
what three conditions are likely to be present when fraud occurs (the fraud triangle)? Based on the
information provided in the case, which of these three conditions appears to have been the most prevalent
at Enron, and why?
According to paragraph #7 of AU Section 316, “Three conditions generally are present when
fraud occurs. First, management or other employees have an incentive or are under pressure,
which provides a reason to commit fraud. Second, circumstances exist—for example, the
absence of controls, ineffective controls, or the ability of management to override controls—that
provide an opportunity for a fraud to be perpetrated. Third, those involved are able to
rationalize committing a fraudulent act. Some individuals possess an attitude, character, or set
of ethical values that allow them to knowingly and intentionally commit a dishonest act.
However, even otherwise honest individuals can commit fraud in an environment that imposes
sufficient pressure on them. The greater the incentive or pressure, the more likely an individual
will be able to rationalize the acceptability of committing fraud.”
The three conditions that are likely to be present comprise what is commonly referred to as
the “fraud triangle”. The first condition (incentives/pressure) recognizes that an employee or a
manager of a company is likely to either have incentives in place (e.g., bonus compensation) or
be under significant pressure to achieve meet specific estimates, forecasts, or expectations. The
second condition (opportunity) recognizes that in order for a fraud to be perpetrated, the internal
control environment must provide an opportunity for an employee or a manager of a company to
commit a fraudulent act. In order to have an opportunity to commit fraud, there must be a
weakness in the operating effectiveness of a control or a non-existent control. Finally, the third
condition (rationalization) recognizes that for an employee or a manager of a company to
perpetrate a fraud, the individual (or individuals) must possess an “attitude” that allows them to
rationalize that they are knowingly committing a crime.
For Enron, as evidenced by the case information, the incentives and pressure was the most
prevalent factor. For example, executives had incentive to achieve high revenue growth because
their salary and bonus levels were directly linked to reported revenues. In addition, they also had
incentive to achieve high revenues and earnings targets because of the shares of stock they held.
That is, Enron made significant use of stock options as a means to provide incentives for its
executives to achieve growth. Indeed, as of December 31, 2000, Enron dedicated 96 million of
its outstanding shares (almost 13 percent of its common shares outstanding) to stock option
plans. When a senior manager holds a quantity of stock options, it is in their personal best
interest to see the value of the share go up even if it means overstating income fraudulently. This
is precisely the type of condition that may lead to a fraud.
18. Consult Paragraph 25 of PCAOB Auditing Standard No. 5. Define what is meant by control environment.
Why is the control environment so important to effective internal control over financial reporting at an
audit client like Enron?
Paragraph #25 of Auditing Standard No. 5 outlines the auditor’s responsibilities to
understand the control environment. Indeed, “because of its importance to effective internal
control over financial reporting, the auditor must evaluate the control environment at the
company.” The control environment is influenced heavily by a company’s management team
and is therefore often referred to as “the tone at the top”. With respect to the control
environment, the absolute key for management is to try and impact the attitudes towards internal
controls throughout the organization by setting the proper example for the organization to follow.
According to paragraph #25, “As part of evaluating the control environment, the auditor
should assess –
• Whether management's philosophy and operating style promote effective internal control
over financial reporting;
• Whether sound integrity and ethical values, particularly of top management, are developed
and understood; and
• Whether the Board or audit committee understands and exercises oversight responsibility
over financial reporting and internal control.
The control environment has a “pervasive” effect on the reliability of financial reporting at
Enron and all audit clients because it impacts ALL other components of an organization’s
internal control system. The lack of an appropriate control environment sends a message to all
employees that management does not believe internal controls are important for efficiency and
effectiveness of financial reporting.
While it is difficult to glean information that would allow for a complete evaluation of the
integrity of Enron’s management, their competence, their leadership style, or their perceived
honesty from the case materials, students should point out that Enron’s compensation philosophy
(as an example of the company’s human resource process) should raise concern about their
control environment. “At Enron, executives had incentives to achieve high-revenue growth
because their salary increases and cash bonus amounts were linked to reported revenue.” This
policy sends a message to employees that above all it is important to meet financial expectations.
In fact, the Enron case provides a terrific context to illustrate that an organization’s
compensation policy can be used as a mechanism to foster an excellent control environment.
“One Enron employee said, ‘At the time, it was a great tool… When we started the ranking
process, we were trying to week out the lower 5 or 6 percent of the company.’” This control
intends to strip Enron of employees who are not adding value to their business processes.
However, it does not appear that Enron has taken advantage of this opportunity. The nature of
the ranking system established a cutthroat control environment where everyone fought for
themselves and did whatever they could to meet or exceed the financial expectations placed upon
them. Overall, by the end of class discussion, it should be clear that a proper control environment
importance provides a platform or a foundation for the entire internal control system.
19. Consult Paragraphs 21-22 of PCAOB Auditing Standard No. 5. Comment on how your understanding of
Enron’s control environment and other entity-level controls would help you implement a top-down
approach to an internal control audit at Enron.
According to paragraph #21 of PCAOB Auditing Standard No. 5, “The auditor should use a
top-down approach to the audit of internal control over financial reporting to select the controls
to test. A top-down approach begins at the financial statement level and with the auditor's
understanding of the overall risks to internal control over financial reporting. The auditor then
focuses on entity-level controls and works down to significant accounts and disclosures and their
relevant assertions. This approach directs the auditor's attention to accounts, disclosures, and
assertions that present a reasonable possibility of material misstatement to the financial
statements and related disclosures.”
In paragraph #22, the PCAOB states that the “auditor must test those entity-level controls
that are important to the auditor's conclusion about whether the company has effective internal
control over financial reporting. The auditor's evaluation of entity-level controls can result in
increasing or decreasing the testing that the auditor otherwise would have performed on other
controls.” The absolute goal of this process is to help the auditor focus on those controls that
really matter in supporting the goal of reliable financial reporting.
While it is difficult to glean information that would allow for a complete evaluation of
Enron’s control environment and entity level controls, the case does provide enough detail to
conclude that the integrity of Enron’s management, their leadership style, and their compensation
philosophy should raise concern about their control environment and perhaps other entity level
controls. Overall, by the end of class discussion, it should be clear that a proper functioning
control environment and strong entity level controls provide a foundation for the entire internal
control system.
20. Consult Paragraph 69 of PCAOB Auditing Standard No. 5 and Sections 204 and 301 of SARBOX. What
is the role of the audit committee in the financial reporting process? Do you believe that an audit
committee can be effective in providing oversight of a management team like Enron’s?
It is important to note that paragraph #69 of Auditing Standard No. 5 explicitly notes that
“ineffective oversight of the company's external financial reporting and internal control over
financial reporting by the company’s audit committee” is an indicator of a material weakness in
internal control over financial reporting. This of course has elevated the importance of the audit
committee. In addition, the audit committee plays an important role as a liaison with a
company’s auditor. According to Section 301 of SOX, the “audit committee of an issuer shall be
directly responsible for the appointment, compensation, and oversight of the work of any
registered public accounting firm employed by that issuer.” Moreover, according to Section 204,
the auditing firm must report all “critical accounting policies and practices” and “all alternative
treatments of financial information within [GAAP] that have been discussed with management”
as well as the “ramifications of the use of such alternative disclosures and treatments, and the
treatment preferred” by the auditing firm. This is an important component of the oversight role
played by the audit committee.
For Enron, the audit committee can absolutely be effective in helping to insure fair and
accurate financial reporting. Specifically, the audit committee can help to insure that an
organization’s tone at the top is properly established. In addition, an audit committee can have
important input into the compensation policies at an audit client. That is, the audit committee
can help insure that an organization is not providing extra incentives to managers (via their
compensation policies) to commit a fraudulent act. When compensation wages and bonuses are
tied to the financial performance of the company, there is strong motivation to commit a
fraudulent act in order to “earn” a personal compensation incentive. Or, they can help to include
performance measures for fair and reliable financial reporting in the compensation structure for
individuals responsible for financial reporting.
21. Consult Sections 302 and 305 and Title IX of SARBOX. Do you believe that these new provisions could
help deter fraudulent financial reporting by an upper management group? Why or why not?
According to section 302 of SOX, in the post-Sarbanes audit environment, the CEO and CFO
of each issuer must now prepare a statement to accompany the audit report to certify the
“appropriateness of the financial statements and disclosures contained in the periodic report, and
that those financial statements and disclosures fairly present, in all material respects, the
operations and financial condition of the issuer.” If a CEO or CFO violates this section, he/she
can be held criminally liable. Essentially this statement holds the CEO and the CFO personally
liable for the assertions that they have made within the financial statements. And, under Title IX
of SOX, the maximum penalty for filing false financial statements with the SEC “for willful and
knowing violations” are “a fine of not more than $5,000,000 and/or imprisonment of up to 20
years.” This is an absolutely critical point that must be made to answer this question. The
bottom line is that crime does not pay! Imprisonment and financial penalties have been
established to deter an upper management group from committing fraudulent activity.
A further illustration of the point that crime really does not pay can be found in Section 305
of SOX. According to Section 305, if a company is ultimately required to restate their financial
statement with the SEC due to "material noncompliance" with financial reporting rule, the CEO
and CFO are now required to "reimburse the issuer for any bonus or other incentive-based or
equity-based compensation received during the twelve months following the issuance or filing of
the noncompliant document and any profits realized from the sale of securities of the issuer"
during that period.”
Given the changes brought upon by SOX, these new provisions are likely to deter fraudulent
behavior. Stated simply, the penalties are severe and if it is found that such an upper manager
did profit from a fraudulent act, the law now provides a clear mechanism to get the money back;
not only to repay the financial benefit but also to incur punitive penalties as well, amounting to
financial penalty and jail time.
22. Consult the key provisions of Emerging Issues Task Force (EITF) 90-15. How did Enron’s Chewco SPE
fail to meet the outside equity requirement for nonconsolidation? Did Enron meet the control
requirement for nonconsolidation?
According to EITF 90-15, in order for Enron to not consolidate an SPE, there must be an
independent owner of the SPE with at least a 3% ownership interest, and that interest must
remain at risk throughout the transaction. Importantly, the independent owner must also
exercise control of the SPE.
In the Chewco SPE situation, the “outside” owners that comprised the necessary 3%
ownership interest were not truly independent from Enron. Specifically, in substance,
Michael Kopper, an Enron employee who reported to Andrew Fastow (Enron’s CFO), was in
control of the entity, even though the partnership agreement provided some limits on the
general partner’s ability to manage the partnership’s affairs. As a result, Enron did not meet
the control requirement for non-consolidation because they did not have an independent
owner exercise control over the SPE. Instead, Enron put one of its own people, Michael
Kopper, who had been reporting to a top Enron manager, as manager of Chewco.
In addition, while the majority of the 3% interest came from an entity called Big River
Funding LLC (whose sole member was an entity called Little River Funding LLC), most of
this money was provided by Barclays Bank ($11.4 Million) in the form of “equity loans” to
Big River and Little River. And since Barclays Bank required Big River and Little River to
establish cash reserve accounts of $6.6 million that were fully pledged to secure repayment
of the $11.4 million, there was never really 3% at risk throughout the transaction. This
violates EITF 90-15 because the independent owner (who was not really independent) did
not maintain a 3% owner that was at risk throughout the transaction. As a result, Chewco did
not meet the independent ownership requirement for nonconsolidation, nor did Enron meet
the “control” requirement for nonconsolidation.
23. Based on your understanding of the audit evidence, did Arthur Andersen rely on sufficient and
competent audit evidence in its audit of the Chewco transaction? Why or why not?
The competence of audit evidence refers to the quality of the evidence gathered for a
financial statement assertion about a financial statement account balance and/or an economic
transaction(s). There are two aspects to evidence quality that are most important: relevance
and reliability. The relevance of audit evidence specifically relates to whether the evidence
gathered actually relates to the financial statement assertion being tested. That is, will the
evidence allow the auditor to reach conclusions related to that particular financial statement
assertion?
The reliability of the evidence specifically relates to whether the evidence gathered can
truly be relied upon as providing a true indication about the financial statement assertion
being tested. There are a number of factors that should influence an auditor’s conclusions
about reliability, the most important of which is probably the source (e.g., is it from an
independent 3rd party?) of the audit evidence.
The sufficiency of audit evidence refers directly to the quantity of the audit evidence
gathered about a financial statement assertion. All things being equal, the greater the risk of
material misstatement related to the financial statement assertion, the more audit evidence
will be gathered by the auditor. An auditor must obtain sufficient audit evidence that they are
able to gain comfort over the assertion with the financial statements.
On the Chewco transaction, Anderson did not obtain sufficient and competent audit
evidence when examining the Chewco transaction. For example, Andersen requested that
Enron provide documents relating to Chewco’s formation and structure. Given Enron’s
ownership of JEDI and its involvement with Chewco transaction, this was absolutely
essential. However, Enron told Andersen that it did not have these documents and could not
obtain them because Chewco was a third party with its own legal counsel and ownership
independent of Enron. The fact is that Jedi’s ownership in Chewco and Enron’s ownership in
JEDI meant that Andersen needed to review this evidence. Thus, Enron’s response that they
did not have these documents was inadequate and Andersen should have demanded to
examine this information. In fact, Andersen should have threatened to disclaim their opinion
without such evidence based on the scope restriction.
In addition, the evidence that Andersen did rely on for the Chewco transaction was not
competent. While Andersen did receive a confirmation regarding the loan agreement from a
Chewco representative, the reliability of the body of evidence should have been questioned
as the majority represented internal documents including:

Minutes of Enron’s Executive Committee of the Board of Directors approving the
transaction;

The $132 million loan agreement between JEDI and Chewco;

Enron’s guarantee agreement of a $240 million from Barclays to Chewco

An amended JEDI partnership agreement

A representation letter from Enron and a representation letter from JEDI, each of
which stated that related party transactions had been disclosed and that all financial
records and related data had been made available to Andersen.
It is important to understand internally developed documents are not nearly as competent as a
confirmation from an independent 3rd party. External evidence is significantly more competent
than internal documents. The auditor must consider the nature of the source from which the
evidence is derived.
24. Consult Section 401 of SARBOX. How would Section 401 apply on the Enron audit? Do you think
Section 401 would have improved the presentation of Enron’s financial statements? Why or why not?
Section 401 of SOX explicitly requires that each set of financial statements (and related
disclosures) that is required to be prepared in accordance with GAAP, shall disclose all material
off-balance sheet transactions" and "other relationships" with "unconsolidated entities" that may
have a material current or future effect on the financial condition of the issuer.” It is abundantly
clear that the inclusion of this section of SOX was based on restatement of Enron’s financial
statements due to its SPE relationships, namely the Chewco entity.
There is no doubt that Section 401 of SOX would have dramatically improved the
presentation of Enron’s financial statements. Consider that when the Chewco transaction was
reviewed in October/November 2001, Enron and Andersen concluded that Chewco was an SPE
without sufficient outside equity and that it should have been consolidated into Enron’s financial
statements. The retroactive consolidation of Chewco and the investment partnership in which
Chewco was a limited partner had a largely material impact on the financial statements of Enron.
The retroactive consolidation in the restatements decreased Enron’s reported net income by $28
million (out of $105 million total) in 1997, by $133 million (out of $703 million total) in 1998,
by $153 million (out of $893 million total) in 1999, by and by $91 million (out of $979 million
total) in 2000. The restatement also increased Enron’s reported debt by $711 million in 1997, by
$561 million in 1998, by $685 million in 1999, and by $628 million in 2000.
25. Consult Paragraphs .03-.08 of AU Section 326. Identify at least one relevant financial statement
assertion about the financial statement accounts related to the Chewco transaction. Provide
adequate support for your answer.
For the Chewco transaction, there are at least two relevant assertions that the auditor should
identify when auditing internal control over financial reporting. First, is the completeness
assertion related to Enron’s long term liabilities? Clearly, there were significant long term
liabilities that were “hidden” off the balance sheet and on the balance sheet of a non-consolidated
SPE. The Chewco entity should have been properly consolidated within the financial statements
of Enron, as a result the reported long term liabilities were understated. Second is the
presentation and disclosure assertion related to disclosure of the Chewco special purpose entity?
There was not proper disclosure of the related party Chewco, as it did not meet the control
requirement nor the independent ownership requirement of the EITF 90-15.
26. Consider the role of the Enron employee who was responsible for applying MTM accounting
rules to electric power contracts, like the Eli Lilly contract. Assuming the employee knew that
the use of MTM accounting was beyond the scope of the SEC approval parameters, do you
believe that the employee had a responsibility to report the behavior to the audit committee?
Why or why not?
Clearly, there are a number of allowable answers to this question. The absolute key is for a
student to try and justify his or her position. Consider the following acceptable sample answer
from a student:
Yes, I do believe that the employee had a responsibility to report the use of MTM accounting
beyond the scope of SEC approval to the audit committee. The employee should have realized
that while the short term benefits of taking this action may seem promising on the surface, the
long term effects will ultimately be harmful. In my opinion, such an employee should follow a
constant maxim. Their maxim in this example should have been not to apply the MTM
accounting rules to any transaction that was beyond the scope of SEC approval. If it was applied
and they knew about the action, they should have reported the action to the audit committee.