Information Sharing during Auditors' Fraud Brainstorming: Effects of Psychological Safety and Auditor Knowledge Free

This article summarizes a study titled “Information Sharing during Auditors' Fraud Brainstorming: Effects of Psychological Safety and Auditor Knowledge” (Gissel and Johnstone 2017). We review the study's motivation, method, and results, and then extend beyond the theoretical contribution to explain three critical implications relevant to practice, particularly with respect to audit partner leadership and subordinates' behavioral responses.

Auditing standards require brainstorming to identify and calibrate risk responses to address the risks related to potential financial statement fraud in the assertions made my client management (AICPA 2002, 2012a, 2012b). An effective session should include a team environment in which all members are willing to share information to calibrate the collective assessment of fraud risk. As would seem reasonable, top engagement team leadership (i.e., partners and managers) will usually take the lead in guiding brainstorming sessions (Dennis and Johnstone 2016). However, it is important to note that staff and senior auditors likely know about important facts, issues, or insights that are known only to them from their interactions with the client (i.e., privately known, fraud-relevant information relating to corporate culture or management's tone at the top). During brainstorming, only about 55 percent of the team, on average, contributes to the discussion (Bellovary and Johnstone 2007), so if staff and senior auditors do possess valuable information, then there is a reasonable possibility they will not share it.

Subordinates should take it as their professional responsibility to share their privately known facts, issues, or insights with the team, but they may hesitate to do so because of group dynamics, despite the fact that standards of due care imply that auditors should share such information (see AICPA 2012c). Psychological safety helps explain this dilemma. Psychological safety is a “sense of being able to show and employ self without fear of negative consequences to self-image, status, or career” (Kahn 1990, 705). Audit partners and managers' behaviors may affect subordinates' perceptions of psychological safety and, thus, their willingness to share privately known facts, issues, or insights (e.g., Gold, Gronewold, and Salterio 2014; Nelson, Proell, and Randel 2016; Dennis and Johnstone 2018). When subordinates feel safe, they are reasonably more likely to express their voice by sharing ideas, information, and/or opinions (Van Dyne, Ang, and Botero 2003). When they feel unsafe, subordinates tend to adopt a phenomenon known as defensive silence (Van Dyne et al. 2003), whereby they keep their opinions to themselves for fear of retaliation or public humiliation.

Audit teams work within an unusually strict, hierarchical unit in which partners possess a great deal of knowledge, status, and authority. Supervisor-subordinate power differentials can inhibit discussion, thereby causing subordinates to exhibit a hesitance to speak up, especially when those subordinates have less task knowledge (e.g., relating to auditing standards such as SAS 99, or standards relating to high-risk areas such as the revenue cycle that develop with experience). Exploring this knowledge-based power differential, Dennis and Johnstone (2018) provide convincing evidence that when audit partners exhibit superior-quality leadership, the audit team's processes (e.g., identifying new risks) and outcomes associated with brainstorming (e.g., identifying fraud-relevant procedures) are of higher quality (especially for the lowest ranking members of the team, i.e., seniors as opposed to managers).

Given this discussion, why would an audit partner behave in a way that might threaten staff and seniors' willingness to share valuable information? We posit at least three possible reasons. First, the partner may be overworked and may want to simply “tick the box” and get the brainstorming session completed in as little time as possible. Research shows that brainstorming sessions commonly last less than 30 minutes (e.g., Brazel, Carpenter, and Jenkins 2010; Dennis and Johnstone 2016), and sometimes even last less than 15 minutes (Bellovary and Johnstone 2007). By acting in a rushed manner, the partner may convey a sense that he or she wants to move on with the audit without too much effort allocated to considering fraud risk. Second, some audit partners have negative views of staff and senior auditors, believing that they are not team players, lack a solid work ethic, and are only looking out for their own best interests (Westermann, Bedard, and Earley 2015). If staff and seniors sense this attitude from the audit partner, then they may hesitate to interact with that individual. Third, Dennis and Johnstone (2018) motivate their examination of audit partner leadership in fraud brainstorming by revealing that the audit firm that sponsored their study expressed interest in research around interventions that might improve fraud brainstorming, worrying that high-quality brainstorming is not necessarily always the case. Consistent with that firm's concern, there was significant variability in brainstorming quality—at a level nearly the same as in Brazel et al. (2010). Therefore, while it seems intuitive that an audit partner would avoid inhibiting idea sharing, there exist possible reasons, supported by prior research, why this may not always be the case.

Figure 1 depicts our expectations with respect to how we anticipate partner leadership affects subordinates' perceptions of psychological safety, which then affects brainstorming differentially depending on subordinates' task knowledge. We predict that less-knowledgeable auditors become more (less) willing to share privately known, fraud-relevant information when partner leadership engenders more (less) psychological safety. In contrast, we expect that more-knowledgeable auditors will act on their professional responsibility to share such information regardless of their feelings of psychological safety.

We developed our experimental instrument by using facts from the SEC's Auditing and Auditing Enforcement Release related to the Krispy Kreme Doughnut Corporation fraud. We employed 71 auditors (38 staff and 33 seniors) from three audit firms (one regional, one international, and one Big 4). In the experiment, these individuals learn that, in addition to eight fraud risks of which all team members are aware, they possess four privately known, fraud-relevant risks (see Table 1 for a list).¹ The full pattern of cues includes the four privately known, fraud-relevant risks, as well as four commonly known, fraud-relevant risks and four commonly known, fraud-irrelevant risks; in other words, there is a complex pattern of divergent cues that the participants must sort.² Notably, it is important to point out that the subordinates realize the team will be unaware of the relevant fraud risks necessary to calibrate its risk assessment if they choose not to share them. Participants then receive one of the two versions of the experimental psychological safety manipulation via a video of a partner leading a simulated brainstorming session. In the more (less) psychologically safe condition, the partner appears supportive (non-supportive), and develops a non-threatening (threatening) group dynamic, along with a leadership style that encourages (discourages) idea sharing.^3,4

We measure the audit staff and seniors' willingness to share their privately known, fraud-relevant risks (on an 11-point scale) before and after viewing the video, using the difference between these values as our dependent variable.⁵ We measure auditor knowledge by asking three questions about: familiarity with SAS 99 (on an 11-point scale), familiarity with revenue recognition issues (also on an 11-point scale), and months of experience. We use this multi-indicator approach to exploit and enrich the various aspects of task-relevant knowledge critical in this decision setting. We conducted the experiment using the following steps: (1) rate familiarity with SAS 99, (2) review case materials, (3) rate the participants' willingness to share 12 fraud risks, (4) view an online brainstorming leadership video, and, finally, (5) rate each participant's willingness to add the same 12 fraud risks as reinforced in the video.

Our experiment yields a variety of interesting and informative results. For example, the results reveal less-knowledgeable subordinates' change in willingness to share privately known, fraud-relevant information increases when they perceive greater psychological safety within the brainstorming team. In contrast, more-knowledgeable subordinates' change in willingness to share is insensitive to perceived psychological safety. The results in Table 2 of our study show that auditors with more knowledge in the more safe (less safe) condition have a mean increase of 0.41 (0.11) in their willingness to share privately known, fraud-relevant information. Of note, this difference is not statistically significant, which implies that the partner's leadership has neither an enhancing nor inhibiting influence on these subordinates' brainstorming contributions.

In stark contrast, auditors with less knowledge in the more-safe condition have a mean increase of 0.96, while the auditors in the less-safe condition have a mean decrease of 0.22 in their willingness to share privately known, fraud-relevant information. This difference is significant, revealing that the partner's leadership inhibits these subordinates' contributions to brainstorming. Figure 2 depicts these results; as shown, the movement in subordinates' behavior is based on the less-safe psychological safety condition, and is focused exclusively on the judgments of lower-knowledge auditors.

The study yields three critical takeaways for practice. First, audit partners need to be conscious of how they make their subordinates feel if they seek to truly foster constructive team communication. We believe that our results imply that partners can enhance audit quality by being effective leaders. Partners should know that subordinates' willingness to share privately known fraud risks during brainstorming can be seriously compromised when the partner initiates a psychologically unsafe work environment. Prior research provides evidence on considerable variation in the quality of fraud brainstorming sessions, along with variation in leadership and subordinate engagement (Brazel et al. 2010); this study is the first to explain how differences in partner leadership can affect subordinates' willingness to volunteer fraud-relevant information that might otherwise not be revealed.

Second, while it seems obvious, this study is an important reminder that junior auditors are very sensitive to the precarious position that they occupy in the firms, so audit partners need to be mindful that if they treat subordinates poorly, then those individuals will refuse to speak up even when they know they possess critical information that is relevant to fraud brainstorming quality, and ultimately audit quality. These are sensitive and vulnerable employees who are mindful of, and greatly fear, reprisals or disapproval. These results relate intimately to calls by Trotman, Bauer, and Humphreys (2015, 65) that express the view that “a key focus of future brainstorming research should be potential process gains and losses that exist with alternative methods of fraud brainstorming, including methods presently used in practice and those that could be adopted.” We offer a potentially enlightening explanation for quality variation in practice, that is, lower-knowledge subordinates are reluctant to take a risk in speaking up when they perceive downside risks to doing so based upon how the audit partner acts in leading the session.⁶ Audit firms can leverage our results to motivate enhancements in partner training and provide insights with respect to potential elements of performance evaluation when considering audit partners' leadership capabilities and potential.

Finally, more knowledgeable auditors are unaffected by the relative psychological safety engendered by the audit partner's leadership; these professionals seem to have learned the importance of speaking up as a matter of professional obligation, regardless of the perceived consequences. Audit firms and researchers might constructively seek to understand the process by which auditors develop this bold strategy, along with investigating potential performance measurement implications to such individuals when they challenge a partner with weak leadership with respect to climate and openness to the sharing of ideas as a team.