The history of modern auditing coincides conveniently with the history of The CPA Journal. The 1930s not only saw the NYSSCPA begin publication of what would become the Journal—it also witnessed the establishment of public company auditing, of the recognition of the central role of generally accepted accounting principles, and the beginning and slow evolution of auditing standards and the standard audit report. This article looks at the highlights of those early years within the context of later developments. It is a brief, nonauthoritative look at the more interesting events of the profession’s past. Though progress has been made over the decades, there remain unsolved problems in auditing worthy to challenge future professionals.
Just like The CPA Journal (originally titled the New York Certified Public Accountant when it was introduced in 1930), the history of modern financial auditing began to take shape in the 1930s.
In his brief, historical editorial message of February 2015, “Then and Now—A Celebration of 85 Years of The CPA Journal,” (https://bit.ly/3mFBXWL), Editor-in-Chief Richard H. Kravitz pointed out that the “most important crossroads, of course, was the enactment of the Securities Acts of 1933 and 1934, and the establishment of the Securities and Exchange Commission (SEC).” As Kravitz mentions, another landmark event near the end of that decade was the highly publicized McKesson & Robbins audit scandal, which led to an SEC investigation and inspired the 1939 issuance of the first authoritative auditing standard, Statement on Auditing Procedure (SAP) 1.
Because of the vast wealth of detailed, scholarly, and well-documented research available covering this long, rich, and complicated history, this article, of practical necessity, is not an exhaustive, academic analysis such as are several of the sources cited but rather is greatly summarized and comprises only highlights as necessary in the author’s judgment to keep it interesting and readable. Unfortunately, due to these limitations, many significant details, events, and developments were unavoidably omitted.
The Early Beginnings of Financial Auditing—Pre-1930
According to accounting historian John L. Carey, a former administrative vice president of the AICPA (known before 1957 as the American Institute of Accountants), audits were required by law in England as early as 1845 to protect shareholders from “improper actions by promoters and directors.” But there was no organized profession of accountants or auditors, no uniform auditing standards or rules, and no established training or other qualifications for auditors, and they had no professional status. Interestingly, however, auditors were required under British law to be stockholders in order to have a stake in the audit client entity, a common interest with those that they were engaged to protect, but be independent in other significant respects (The Rise of the Accounting Profession: From Technician to Professional, 1896–1936, AICPA, New York, N.Y., 1969, pp. 17–18). So prior to the 1930s, the direction and scope of auditing was solely determined at the discretion of the auditor; until the enactment of the federal securities laws, it was clearly focused primarily on the detection of fraud, a subject that continues to receive a great deal of attention.
One of the earliest and most widely used comprehensive, influential, and durable (albeit nonauthoritative) sources of “practical” guidance for U.S. auditors was Auditing Theory and Practice, by Robert H. Montgomery, first published in 1912 and later known simply as Montgomery’s Auditing (the latest version, the 13th edition, was published in 2008). Prior to 1912, however, the principal source of auditor guidance in the United States was an American edition of a work first published in 1892 by English professor Lawrence R. Dicksee, entitled Auditing: A Practical Manual for Auditors, re-edited in 1909 by Montgomery. Unprophetically (or not), Montgomery wrote in the preface to the 1905 American edition of Dicksee’s work: “It cannot be expected that any hard and fast rules will ever prevail, nor is it desirable that the personal element in an audit should be superseded by instruction prepared in advance.” So at the dawn of the 20th century, Montgomery was campaigning against rules-based auditing standards and checklist-driven audits―way ahead of his time!
The U.S. federal income tax on individuals had a rocky start during the Civil War (with the Revenue Act of 1861); it was not made permanent until 1913 when the 16th Amendment to the Constitution was ratified. A 1% tax on income of corporations went into effect in 1909. Because of the relative insignificance of the early income tax, and despite the then primitive stage of development of the auditing profession, Montgomery asserted in the 1912 preface to the first edition of his auditing text that auditing was “the most important branch of accountancy.”
At first, “even though the first income tax rates were low and collections were minimal the mere existence of an income tax affected the accounting profession almost immediately” (Ray M. Sommerfeld and John E. Easton, “The CPA’s Tax Practice Today―and How It Got That Way,” Journal of Accountancy, Centennial Issue, May 1987, AICPA, p. 169). Accordingly, in a new preface to his second edition in 1916, Montgomery recognized that the “income tax is here to stay,” and he referred to “the growing importance and complexity of the subject,” but he did not modify his earlier statement that auditing was “the most important branch of accountancy” (Auditing Theory and Practice, 2d ed., The Ronald Press).
Following the stock market crash of 1929 and the ensuing Great Depression, Congress passed the two acts of federal legislation that would change the worlds of investments and auditing forever.
Montgomery reflected back to the “formative days” of the profession when he wrote in chapter II of his early milestone work, that the primary purposes of auditing were then the detection of fraud and errors, but he asserted with great understanding for his time―20 years before the first federal securities laws―that, primarily for the benefit of investors and to a much lesser extent creditors, recent changes in user demand then required a “vastly broader and more important class of work to ascertain the actual financial condition and earnings of an enterprise” (2d ed., pp. 9–12). Despite Montgomery’s forward-looking vision, scanning through the remainder of his extensive 758-page text (which he confesses in its preface is “more of practice than of theory”), one can see that the overwhelming emphasis remained, nevertheless, on performing procedures that are intended to detect fraud, particularly employee misappropriations, rather than intentional misstatements in financial statements.
Although Montgomery dedicates several pages (2d ed., pp. 53–58) of his text to a somewhat detailed discussion of the features and importance of a satisfactory system of “internal check” (the original term for internal control), he gives little or no clue as to its effect on audit scope or reporting except to state that that a “detailed audit”—by which he meant one that covers results of operations rather than just the balance sheet—is warranted when “there is no satisfactory internal check” (2d ed., p. 48).
Noted accounting historian Stephen A. Zeff wrote: “Prior to the 1930s, no laws or regulations obliged corporations to have their financial statements audited. … By 1926, more than 90 percent of industrial companies listed on the New York [Stock] Exchange were audited, even though the Exchange did not require audited statements by newly listed companies until 1933. … [However, it] had informally encouraged companies to publish audited financial statements for some years before then.” (“How the U.S. Accounting Profession Got Where It Is Today: Part I,” Accounting Horizons, September 2003, pp. 189–205, www.ruf.rice.edu/~sazeff/PDF/Horizons,%20Part%20I%20(print).pdf)
The Enormous Impact of Federal Securities Laws
Following the stock market crash of 1929 and the ensuing Great Depression, Congress passed the two acts of federal legislation that would change the worlds of investments and auditing forever—the Securities Act of 1933 and Securities Exchange Act of 1934. This momentous legislation required all SEC registrants to have their financial statements audited by independent CPAs, thus highlighting the importance of the auditing profession and substantially increasing the demand for its services. On the negative side, it also had the effect of expanding auditors’ exposure to liability by overriding the privity of contract defense typically enjoyed by auditors in connection with users of audit reports when included in SEC filings.
The Introduction and Development of Authoritative Accounting and Auditing Standards
Despite the absence of any prior professional literature that could have been characterized collectively as “generally accepted auditing standards” (GAAS), as exist today, SAP 1 made references to “generally accepted practice” and “recommended [but did not require] that certain additional procedures regarding inventories and accounts receivable should be considered as generally accepted practice … [or if they] had not been undertaken, that fact should be disclosed in the auditors’ report or opinion [emphasis added].” It further described such common auditing practices as consisting of “the well-established custom of making test checks of accounting records and related data and, beyond that, reliance upon the system of internal check and control after investigation of its adequacy and effectiveness.” It went on to describe such common practice as “to examine a concern’s accounting records and supporting data, in certain matters to obtain outside confirmations, and to require and consider supplementary explanations and information from the management and employees, to the extent necessary to enable him to form an opinion as to whether or not the financial statements as submitted present fairly the position and the results of periodic operations.”
Despite the then absence of any authoritative body of accounting standards, SAP 1 also made early use of the terms “present fairly” and “generally accepted accounting principles” (GAAP) as its frame of reference, a notion that was obscure until 1959 when, for the first time, the AICPA’s Accounting Principles Board set out to research and develop “a fairly broad set of coordinated principles … [that] should serve as a framework for the solution of detailed problems.” The seeds of the then undefined term GAAP, however, were first planted in 1933 when a committee of the AICPA provided the New York Stock Exchange with a philosophy and a framework for listed companies, proposing a set of five fundamental principles of accounting that it regarded as “so generally accepted that they should be followed by all listed companies” (Carey, 1969, p. 177) and again in 1937/38 when the AICPA began to issue Accounting Research Bulletins whose content was deemed to constitute “substantial authoritative support,” a similarly vague and undefined term that was used concurrently by the SEC when it issued Accounting Series Release (ASR) 4 stated that the SEC would accept financial statements only if based on accounting for which there was “substantial authoritative support.” This term resurfaced again in 1964 in the first “official” AICPA definition of GAAP, which (as vaguely as ever) stated that GAAP “are those principles which have substantial authoritative support.” (See this author’s “Was GAAP Ever ‘Generally Accepted?’,” The CPA Journal, May 2015, pp. 12–13, https://bit.ly/32OyXPL.) According to Zeff, the term “generally accepted accounting principles” was first used in a 1936 AICPA paper Examination of Financial Statements by Independent Public Accountants (“The Primacy of ‘Present Fairly’ in the Auditor’s Report,” CUNY Academic Works, City University of New York, 2006, https://academicworks.cuny.edu/bb_pubs/1023).
The evolution of what was once called the “standard” audit report has been slow and cautious over the past century.
Evolution of the Audit Report
The evolution of what was once called the “standard” audit report has been slow and cautious over the past century. As Montgomery discussed in chapter XII (2d ed., pp. 242–246), in the absence of any authoritative standards, laws, or regulations, audit reports in the early 20th century were largely free-form, with content dictated solely by the auditor’s judgment and discretion. Montgomery does offer substantial guidance, however, and makes a distinction between what he calls a “certificate” (limited to a description of the audit scope followed by an opinion as to “correct” presentation with qualifications, if warranted) versus a considerably more detailed and unstructured “report,” (i.e., roughly what appears to have influenced subsequent development); these later evolved into a standard short-form and a long-form report, respectively. In 1933 and 1934, the audit reports accepted in filings with the SEC were invariably a brief, early, nonstandardized version of a short-form report merely stating that an audit was performed and concluding with an opinion. Because of the absence of any authoritative standards, there was ordinarily no reference in these early reports to GAAS, GAAP, or fair presentation.
But a nonauthoritative pamphlet issued by the AICPA in 1934, “Audits of Corporate Accounts,” recommended a standard short-form audit report that was quickly adopted widely by the profession. This led to the recommended (but not required) use of an expanded, “standard,” short-form report much like the one that, in 1974, finally was officially designated as the “standard” audit report. The new report form described in some detail the nature of the auditing procedures employed by the auditor as the basis for the audit opinion. Although it still made no reference to GAAS, it did use the term “fairly present, in accordance with accepted principles of accounting,” and added “consistently maintained” (Carey, The Rise of the Accounting Profession, V.2. To Responsibility and Authority, 1937–1969, AICPA, 1970, pp. 151–155).
In 1939, SAP 1 acknowledged the acceptability of either “a detailed report … accompanied by statements and supporting schedules … [or one] limited to a concise statement of the scope of the examination and the related opinion of the independent auditor concerning the accompanying financial statements of the client”—in other words, a long-form or short-form report (the latter it acknowledged could be called a “certificate”)—of course, still without reference to GAAS.
With 1957’s SAP No. 27, Long-Form Reports, the importance of eliminating or reducing opportunities for auditors to include vague and inconsistent language in their reports was recognized. Although not prohibited, long-form reports were effectively discouraged by cautioning auditors against certain risks deemed to be associated with them. Consequently, the use of long-form audit reports began to diminish. In 1974, SAS 2, Reports on Audited Financial Statements, effectively prohibited the issuance of a long-form audit report as a stand-alone alternative for what was previously called a “short-form” report (and formally redesignated the “standard” audit report). Its use continued to be permitted, but only as a supplement to a standard, short-form report, and it was rarely issued except when distribution was restricted to a select user or small group of users.
Major substantive changes made to the standard audit report were introduced in 1988 (SAS 58, Reports on Audited Financial Statements) as part of a group of standards collectively called the “expectation gap” standards, which attempted to better inform users of auditors’ responsibilities.
Fast Forward to the 21st Century
In addition to an explosion of technological advances in the auditing process, the 21st century has seen some significant new developments in only 20 years.
Another major auditing scandal (Enron) was uncovered at the dawn of the current century. This led FASB to issue a new accounting standard requiring consolidation of certain variable interest entities, and it hastened the demise of one of the largest audit firms and the signing of another major piece of federal legislation that rocked the auditing world―the Sarbanes-Oxley Act of 2002 (SOX). Among other things, SOX introduced several new auditor independence rules and established the Public Company Accounting Oversight Board (PCAOB). It also required the largest SEC issuers to engage its auditors to audit and report on the effectiveness of their internal control over financial reporting, thus providing the large audit firms with a significant new revenue source to partially offset the pain of additional intense regulation.
The new report form described in some detail the nature of the auditing procedures employed by the auditors as the basis for the audit opinion.
The PCAOB is a not-for-profit entity composed largely of nonauditors and controlled by the SEC. It began its statutory mission almost immediately by developing what has grown to be a new, more robust set of auditing and other professional standards and rules applicable solely to auditors practicing before the SEC, performing audits for SEC issuers or securities broker-dealers, as well as by monitoring and enforcing auditor compliance with its standards and rules through periodic vigorous inspections and public reports, and by conducting investigations often ending with disciplinary actions against auditors.
In 2011, the AICPA’s Auditing Standards Board issued its so-called “clarity standards” (applicable only for non-SEC issuers since by then, the PCAOB controlled audit reporting for SEC issuers), which again revised and expanded the then-standard audit report by introducing captioned sections intended to clarify auditors’ responsibilities and distinguish them from management’s responsibilities.
Starting next year, for periods ending on or after December 15, 2021, with early implementation optional, SAS 134 will require audit reports for non-SEC issuers to employ another new format that is designed to enhance relevance and transparency for users. Among its most significant changes are a new “Basis for Opinion” section, as well as an enhanced explanation of the auditor’s responsibilities and more information about management’s responsibilities (when prescribed by the financial reporting framework in use) to evaluate whether conditions or events raise substantial doubt about an entity’s ability to continue as a going concern. SAS 134 also provides a framework for voluntary reporting of nonstandardized “key audit matters” (similar to the PCAOB’s “critical audit matters”), which may cause audit reports for non-SEC issuers to come full circle and resemble something like the old, “long-form” format that dominated reporting in the first half of the 20th century. (For a fuller discussion of the above, see this author’s “The Audit Report Returns to Its Roots: An Historical Perspective on Critical Audit Matters,” The CPA Journal, February 2018, pp. 66–68, https://bit.ly/3iX0pAM.)
Response to a Worldwide Pandemic
In 2020, the auditing profession has been rocked by the need to respond to new and formidable health, auditing, and financial reporting risks, as well as the practical logistical issues presented to auditors and their clients by the global pandemic known as COVID-19. Those risks are discussed in considerable detail by this author in “Financial Reporting and Auditing Implications of the COVID-19 Pandemic: Some Practical Guidance” (The CPA Journal, May 2020, https://bit.ly/3gMxNss).
Unsolved Problems in Auditing
During the evolution to date of modern auditing over the past 90 years, many criticisms have been made of auditors—some of them, particularly after the widely publicized corporate fraud of Enron, have been justified. Numerous audit-related issues have arisen over the years, some closely related to such criticisms and frauds, many of which stubbornly remain the subject of debate to this day; many of these were identified and discussed in The Philosophy of Auditing, a landmark 1961 work by Robert K. Mautz and Hussein A. Sharaf and revisited by this author in “Unsolved Problems in Auditing: A Half-Century Retrospective and Update” (The CPA Journal, February 2016, pp. 25–30, https://bit.ly/35VAy8v).
Among the issues discussed and still unresolved are the following:
- Should a set of minimum procedures be required to be performed in every audit; in other words, should auditing standards be more principles-based or rules-based?
- What should be the auditor’s responsibility with regard to asset devaluations or impairments (of particular concern during the current worldwide pandemic)?
- Is performing consulting and other nonaudit or nonattest services for an audit client invariably inconsistent with independence and, therefore, incompatible with auditing?
Maybe the answers to these questions and others will become apparent one day―when we can look back on the history of the auditing world, part 2.