Impact on pre-and post-sarbanes oxley users’ perceptions by incorporating the auditor’s fraud detection responsibility into the auditor’s internal control report

Abstract

The Department of the Treasury’s Advisory Committee on the Auditing Profession ( Advisory Committee, 2008) has recommended that the Public Company Accounting Oversight Board (PCAOB) clarify the auditor’s role in detecting fraud in the auditor’s report. The PCAOB replaced Auditing Standard No. 2 (AS2) with Auditing Standard No. 5 (AS5) but did not clarify the auditor’s fraud detection responsibility in the auditor’s report covering internal control and/or the financial statements. The focus of this study is to evaluate (i) whether the PCAOB mandated auditor’s internal control report (ICR) format with a ‘limitations’ paragraph meets users’ expectations, (ii) whether users’ prefer an ICR incorporating auditor’s fraud detection responsibility, and (iii) whether users’ expectations have changed over time. Results based on analyses of data from prior studies indicate that in pre-and post-SOX time frames, an ICR format without a limitations paragraph and clarifying the auditor’s role for fraud detection best met users’ expectations from an audit, consistent with the Advisory Committee’s recommendation. Users’ perceptions of potential auditor liability associated with ICR formats have changed significantly over time. Pre-SOX users perceived reduced auditor liability associated with an ICR that contained a limitations paragraph, but post-SOX users perceive similar potential auditor liability with all ICR formats.