Red Flags in Accounting
THE BLACKWELL ENCYCLOPEDIC DICTIONARY OF ACCOUNTING, A. Rashad Abdel-Khalik, ed., pp. 245-247, Blackwell Publishers Limited, 1997
6 Pages Posted: 25 Aug 2008 Last revised: 21 Feb 2018
Date Written: July 24, 2008
This paper predates the Sarbanes-Oxley Act of 2002 (Section 704: Study of Enforcement Actions) by five years. Red flags in accounting refer to a set of diagnostic checks to determine the riskiness of a client or a registrant filing financial statements with the SEC. The importance of red flags in auditing has been highlighted by the U.S. National Commission on Fraudulent Financial Reporting and Sarbanes-Oxley Act of 2002. A report published by the American Institute of Certified Public Accountants noted,"In 36 percent of the cases against independent public accountants by the Securities and Exchange Commission (SEC), the auditor failed to recognize or pursue with sufficient skepticism certain warning signs or 'red flags' that existed at the time the audit was conducted" (AICPA 1987, p.113). Although individual auditing firms have developed their own sets of proprietary red flags, there are at least two authoritative sources of red flags. The AICPA Statement of Auditing Standards (SAS) No. 53 (1988) is (was) the most recent pronouncement on the issue. The US SEC through its Accounting and Auditing Enforcement Releases (AAERs) also has suggested red flags it considers in determining the targets of its enforcement actions.
Box 1 (please see the full text) summarizes the red flags mentioned explicitly in SAS 53. Even the subset of 33 red flags mentioned in SAS 53 imposes severe constraints on information processing limits of a decision maker. SAS 53 is also reticent as to the weights to be assigned to the individual risk factors in an audit judgment.
Research addressing unresolved issues related to red flags fall into two categories: archival survey analysis and behavioral modeling. Archival survey analysis checks the correspondence between red flags mentioned in the authoritative sources against the case data available either from the auditors' archives or those of the SEC. Research results show correspondence between the SAS 53 red flags and those mentioned in AAERs and indicate that dominated decisions, weak internal control, dishonest management, and personality anomalies are primary predictors of management frauds and defalcations. However, research results also show that the use of red flags may not be efficacious as a decision aid.
Red flags literature is an aggregation of potentially important but largely untested predictors of client (registrant) risks. Although individual auditing firms and the SEC have been using the subsets of these red flags for their own decision making purposes, published scientific evidence regarding their efficacy is scarce. Much of the current evidence is based on case-based reasoning. While the internal validity of case-based reasoning is not an issue, the generalizability of case based red flags remains an empirical question. Users of red flags are appropriately justified in being cautious until empirical evidence regarding their efficacy is widely documented. Finally, the increase in computerized fraud in financial reporting brings an added dimension of complexity to raise doubts about the efficacy of traditional red flags. While the issue of deception in an evolutionary information processing context is still in its infancy, it is plausible that revolutionary changes in information processing technology will heighten the obsolescence of traditional accounting red flags.
Keywords: Red flags, Management fraud, AICPA, SAS#53, SEC, Sarbanes-Oxley Act of 2002, Auditing, Assurance, AICPA, Accounting and Auditing Enforcement Releases (AAER), Regulation
JEL Classification: G1, G2, G3, G10, G30, G38,K2, L51, M4, M40, M41, M49, N20, P16
Suggested Citation: Suggested Citation