In this article, we provide a practitioner summary of our paper “Error or Fraud? The Effect of Omissions on Management’s Fraud Strategies and Auditors’ Evaluations of Identified Misstatements” (Hamilton and Smith 2021). In that study, we investigated (1) whether managers employ an “omission strategy” to reduce the perceived intentionality of their fraudulent misstatements and (2) whether auditors are prone to believe that such omissions are unintentional. We found that managers choose to perpetrate fraud by omitting transactions from the financial statements and by omitting critical information from supporting documents, rather than using more active forms of fraud (e.g., providing false information). We also found that auditors are less skeptical of misstatements when they involve omission, as opposed to more active forms of misrepresentation. Overall, our study identifies a concerning pattern, wherein the method of fraud chosen by managers—omission—is unlikely to be judged as intentional by auditors.
Although independent auditors are explicitly charged with detecting material misstatements, “whether caused by error or fraud” (Public Company Accounting Oversight Board (PCAOB) 2002a, 2), it is important that they differentiate between these two causes of an identified misstatement, as doing so impacts the performance of the audit. Accordingly, auditing standards require that auditors “evaluate whether identified misstatements might be indicative of fraud” (Public Company Accounting Oversight Board (PCAOB) 2010a, 20). The auditing standards identify only one key difference between a mistake and a fraudulent act: the underlying intent of management when taking the action that led to the misstatement (Public Company Accounting Oversight Board (PCAOB) 2002b, 5). If auditors suspect that management intended to misstate the financial statements, auditing standards require a more rigorous response, including re-evaluating management integrity, fraud risk, the effectiveness of controls, and the need for additional audit procedures (PCAOB 2010a, 20–22).
Although it is important for auditors to recognize when an identified misstatement was caused intentionally, their ability to do so may be hampered if managers perpetrate fraud in ways that appear unintentional on the surface. There are two general ways that fraudulent financial reporting can be achieved: “misrepresentation in or intentional omission from the financial statements” (PCAOB 2002b, 6). Said another way, fraud can be perpetrated via action (e.g., recording a transaction inappropriately) or inaction (e.g., omitting a necessary transaction). Research from psychology suggests that individuals prefer inaction (i.e., omission) to achieve their misdeeds (e.g., Ritov and Baron 1999; Baron and Ritov 2004; DeScioli, Christner, and Kurzban 2011). In fact, inaction/omission is sometimes used strategically to conceal the unethical nature of one’s behavior—referred to as an “omission strategy” (DeScioli et al. 2011)—because omissions tend to appear unintentional to others (i.e., an “omission bias,” Spranca, Minsk, and Baron 1991). In contrast to this apparent preference for omission, available data on fraud indicate that fraudulent financial reporting typically is active in nature (e.g., recording fictitious revenues, falsifying documents) (e.g., Dechow, Ge, Larson, and Sloan 2011; Beasley, Carcello, Hermanson, and Neal 2010). To understand this apparent conflict, our study examines whether managers do, in fact, use an “omission strategy” to perpetrate fraud. Further, we examine whether auditors are inclined to dismiss misstatements involving omission as mere errors, because they appear unintentional on the surface, consistent with the “omission bias.” If this is the case, then it may suggest that our understanding of fraud is incomplete—specifically, corporate managers may be perpetrating fraud via inaction/omission, but this form of fraud may be especially likely to remain undiagnosed, due to the innocuous appearance of omissions.
To examine our predictions, we conducted experiments with experienced financial reporting managers and independent auditors.1 We provided both groups of participants with similar case materials, but presented them from two different perspectives. Managers were presented with a hypothetical scenario, in which they were asked to consider how fraud could be most effectively perpetrated and concealed from the auditors. Specifically, manager participants received options for perpetrating fraud that either involved omission or a more active form of misrepresentation. Auditor participants received these same scenarios, but presented in the form of an identified misstatement. This dual-study design allowed us to examine how the fraud strategies preferred by managers are viewed by auditors, if they are detected in the form of an identified misstatement.
Consistent with psychology theory and our predictions, we found that managers chose to use an “omission strategy” to perpetrate fraud. Specifically, managers chose to omit an expense transaction, as opposed to recording a sales transaction inappropriately. They also chose to perpetrate the fraud by omitting important information from a supporting document, as opposed to providing information that misrepresented the nature of the transaction. Importantly, when auditors were asked to evaluate an identified misstatement characterized by omission or a more active form of misrepresentation, we found that auditors were less skeptical of misstatements that involved omission. Overall, the results of our study suggest that a dangerous intersection may exist where the strategy employed by financial reporting managers to perpetrate fraud—namely, omission—is subsequently being judged as an innocent mistake by auditors who fall prey to an omission bias.
II. THE EXPERIMENTS
Research Methodology—Manager Experiment
In our first experiment, 58 corporate managers with an average of nine years of financial reporting experience (ranging from 1 to 30 years) participated in a two-stage case study. In the first stage, the managers learned about a hypothetical company—Blaze Jewelers Corporation (“Blaze”)—that was just over $1 million short of analysts’ earnings expectations at year-end. Participants learned that Blaze’s Corporate Controller had identified two transactions that had occurred just before year-end that could be “slightly manipulated” so that the company would meet its earnings target. Specifically, the Controller could inflate current-period earnings by omitting an expense transaction from the financial statements or by recording a sales transaction prematurely (i.e., “misrecording” revenue). We asked manager participants which of the two options the Controller would be more likely to choose if he did not want the auditors to know that he had intentionally manipulated earnings.
In stage two, the managers were told to assume that the Controller had selected one of the two options for overstating earnings (either omitting an expense or misrecording revenue). To carry out the fraud, the Controller in our experiment instructs a Vice President (VP) to manipulate information communicated to the accounting department within a source document to ensure that the transaction was processed incorrectly. The choices available to the VP for manipulating information within the document included (1) omitting relevant information about the transaction, and (2) providing inaccurate information that misrepresented the nature of the transaction. See Appendix A for examples of what the documentation would look like if the VP chose to omit or provide inaccurate information. Participants finished the study by answering questions regarding which method the VP would be more likely to choose.
Results of the Manager Experiment
Results of the manager experiment are shown in Figure 1. Overall, we found that financial reporting managers consistently chose omission when attempting to perpetrate and conceal fraud from the auditors. More specifically, we asked manager participants whether the Corporate Controller was likely to manipulate earnings by omitting an expense transaction or by misrecording revenue. Participants responded using an 11-point scale with the omitted expense on one end (labeled 0) and the misrecorded revenue on the other end (labeled 10). Responses below the scale midpoint of 5 (i.e., responses closer to 0) indicated a response of “omitting an expense,” whereas responses above 5 indicated “misrecording a revenue.” When we asked managers which method of fraud the Controller would likely choose, the average response was 3.12 (see Figure 1, Panel A), which is significantly below the midpoint of 5 (p < 0.001), indicating a strong preference for omitting an expense transaction. We also asked managers additional questions to understand why they preferred to omit an expense rather than misrecord revenue (i.e., their strategic considerations). When asked which method of fraud is more likely to be detected by the auditors, the mean response was 6.78, which is significantly above the scale midpoint of 5 (p < 0.001), indicating a response of “misrecording a revenue.” Managers also believed that if the fraudulent misstatement were detected by the auditors, a misrecorded revenue was more likely to be viewed as intentional (mean = 6.31) and suspicious (mean = 6.50) (i.e., both means are significantly above 5, p < 0.001). Managers also indicated a belief that it is more unethical to misrecord a revenue than to omit an expense (mean of 6.31 is significantly above 5, p < 0.001). When asked which method of fraud would be easier to explain away, the average response was 4.21, which is significantly below 5 (p = 0.035), indicating a strong belief that an omitted expense would be easier to explain away than a misrecorded revenue.
We also asked participants how a source document should be altered to ensure that the transaction in question was recorded incorrectly by the accounting department. Specifically, managers could choose to omit relevant information from the document or provide information that misrepresented the nature of the transaction. We collected participants’ responses on 11-point scales with “omitting information” on one end (labeled 0) and “misrepresenting information” on the other end (labeled 10). Results are shown in Figure 1, Panel B. When we asked managers their preferred method for manipulating documentation, the average response was 1.36, which is significantly below the scale midpoint of 5 (p < 0.001), indicating a strong preference for omitting information. We also found that some of the reasons why managers preferred to omit (versus misrepresent) information included the belief that misrepresenting information was more likely to be detected by the auditors (mean = 6.71), was more likely to be viewed as intentional (mean = 8.28) and suspicious (mean = 7.97), and would leave behind more evidence (mean = 8.53) (all means are significantly above 5, p < 0.001). Managers also believed that it was more unethical to misrepresent information than to omit it (mean of 7.47 is significantly above 5, p < 0.001). Furthermore, managers overwhelmingly believed that omitting information from the document would be easier to explain away (mean of 1.79 is significantly below 5, p < 0.001).
Research Methodology—Auditor Experiment
Given the findings from our first experiment, which suggest that managers prefer to perpetrate fraud via omission, our second experiment seeks to understand how auditors might perceive such fraud attempts if they are detected in the form of an identified misstatement.
Our second experiment involved 108 practicing auditors with an average of 6.8 years of audit experience (ranging from 2 to 37 years). The auditors in our study received case materials that were similar to those provided to the manager participants, but the auditors were told to assume they were part of the team assigned to Blaze’s year-end audit engagement. The case informed the participants that a misstatement had been identified by the audit team, and it was their responsibility to obtain an understanding of how it occurred and to determine whether additional actions were needed. The misstatement fell below all quantitative materiality thresholds; however, its correction would cause the company to miss its earnings target. We varied the nature of the misstatement, so participants either learned about an omitted expense or a misrecorded revenue. Importantly, these misstatements were the same two methods available to manager participants in our first experiment. By presenting them to auditors as identified misstatements, we are able to examine how managers’ fraud strategies are evaluated by auditors, once detected.
After learning about the identified misstatement, auditors received a supporting document related to the misstated transaction (i.e., a piece of audit evidence) that contained an informational inaccuracy. We varied the nature of this informational inaccuracy so that auditors received a document that either omitted relevant information about the transaction or that included information that misrepresented certain details about the transaction. Once again, these were the same methods available to managers for manipulating documentation in our first experiment (see Appendix A). By providing the resulting documentation to auditor participants, we are able to examine how auditors judge such manipulations in practice. After reading about the misstatement and viewing the related audit evidence, we asked participants whether they believed the misstatement had been caused intentionally by client management. Auditors provided these judgments on a scale from 0 (“Very Unlikely”) to 10 (“Very Likely”) (i.e., higher values indicated greater skepticism of the misstatement).
Results of the Auditor Experiment
Results of the auditor experiment are presented in Figure 2. As predicted, we found that auditors were significantly less likely to believe an identified misstatement had been caused intentionally when it involved an omitted expense (mean = 6.03) compared to a misrecorded revenue (mean = 6.94) (p = 0.010).2 We also found that auditors were significantly less likely to believe that a supporting document had been intentionally manipulated when it omitted relevant information (mean = 6.12), as opposed to it containing inaccurate information that misrepresented the true nature of the transaction (mean = 6.85) (p = 0.039).
We also asked auditors how likely they were to take various actions in response to the identified misstatement. Consistent with our previous results, we found that auditors were significantly less likely to pursue additional evidence when a transaction had been omitted (mean = 7.98) versus misrecorded (mean = 8.94) (p = 0.011) and less likely to report the misstatement as suspicious to their supervisor (means of 8.34 versus 9.18 for the omitted and misrecorded transactions, respectively, p = 0.016). Auditors were also somewhat less likely to pursue additional evidence when important information had been omitted from a source document (mean = 8.11) versus misrepresented (mean = 8.75) (p = 0.062). Overall, our results suggest that auditors are less skeptical of an identified misstatement when it involves omission versus a more active misrepresentation.
III. SUMMARY AND IMPLICATIONS FOR PRACTICE
The results of our study suggest that our current understanding of fraud may be incomplete. Although most detected frauds involve active manipulations, our study suggests that there may be an additional subset of frauds that involve omission, which are not being detected because they appear unintentional on the surface. Our results further suggest that auditors may be insufficiently skeptical of misstatements involving omission, which is troubling, given that we find omission to be the method of choice for managers who want to perpetrate fraud while avoiding detection.
Accordingly, we believe that our study has important implications for audit practitioners, firms, and standard setters. For instance, audit firms should make auditors aware (e.g., through education and training) of managers’ general preference to perpetrate fraud via omission, as opposed to more active forms of manipulation. When auditors identify a misstatement that involves omission, they should be careful not to conclude prematurely that the misstatement was due to an unintentional error. If management had an incentive to overstate earnings and an opportunity to do so (via omission), the misstatement may warrant further scrutiny by the audit team. Interestingly, our results suggest that fraudulent omissions may be easier to rationalize, as the managers in our study believed omissions were less unethical compared to more active forms of fraud. Given that we find managers perceive omissions (1) as providing a greater opportunity to conceal fraud from the auditor (e.g., less likely to be detected, easier to explain away), and (2) as easier to rationalize, our study suggests that omissions may give rise to elevated fraud risk. By understanding the types of fraud schemes preferred by managers (e.g., omission-based fraud schemes), audit firms can design specific procedures to uncover these types of frauds. For instance, auditors could increase their testing of the completeness assertion to identify omitted transactions. Although it may be difficult for auditors to “prove” that a single omitted transaction was intentional, additional investigation could uncover a pattern of omissions that may provide stronger evidence in support of fraud.
Although our study focused on how auditors perceive and respond to omissions, it is possible that others, including jurors and regulators, may also be susceptible to the omission bias. Interestingly, auditing standards currently require auditors to presume that a risk of fraud exists regarding improper revenue recognition (AS 2110.68, Public Company Accounting Oversight Board (PCAOB) 2010b), but no such presumption is required regarding omitted expenses. This emphasis on fraud perpetrated via improper revenue recognition may further enforce auditors’ tendency to view omitted expenses with less skepticism than misrecorded revenues. Because our study suggests that the frequency with which managers perpetrate fraud via omission may be greater than previously thought,3 standard setters may want to consider broadening the auditing standards to include a greater consideration of omission-based fraud schemes.
Options for Manipulating a Source Document: Omitting or Misrepresenting Information
Panel A: Omitting Relevant Information from the Document
Panel B: Providing Inaccurate Information (i.e., Misrepresenting Information)
Our study was approved by the appropriate Institutional Review Board (IRB) for studies involving human participants.
It is possible that the auditors in our study were less skeptical of the omitted expense transaction (versus the misrecorded revenue) because it involved an expense, and not because it involved omission/inaction. To examine this possibility further, we conducted an additional experiment with auditors. We found that when we presented auditors with a revenue-related misstatement that either involved a misrecorded sale or an omitted sales return, auditors were less skeptical of the omitted transaction (i.e., the omitted sales return), providing additional support for our hypothesis that auditors are less skeptical of omissions compared to more active forms of misrepresentation.
Consistent with this idea, data show that a large proportion of restatements (upward of 75 percent) involve expenses, many of which were improperly omitted from the financial statements (Scholz 2008). Although only a small subset of restatements are identified as fraudulent in nature, our study suggests that there may be additional detected misstatements—namely, omitted expenses—that have been misclassified as errors due to the innocuous appearance of omissions.