Prior to the industrial revolution we lived in a world of intuition. There was not much data being collected or collated. Audits were often conducted on a review of each transaction, as there were so few transactions to review. Auditors claimed fraud detection as one of their audit objectives well into the nineteenth century. With the proliferation of ‘big commerce’, a lot of data was being collected, but that collation was both ad hoc and expensive. By the time of the Great Depression, auditing was based on samples of representative populations rather than the collection and collation of the entire population of data itself. Auditors disclaimed any responsibility for fraud detection as a result, foisting the responsibility on management to prevent and detect fraud. With the perfection of computer technology, we are now seeing ‘big data analytics’ collect and collate data in real time. Is it coincidence that the AICPA is now acknowledging that the responsibilities and functions of independent auditors include the obligation “to plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement, whether caused by error or fraud”? With greater knowledge comes greater responsibility, including potentially legal responsibility. Will both management and the auditor be jointly responsible to third party class actions initiated by those harmed by fraud because the bank, feeder investment fund or other intermediary had all the information at their fingertips to prevent or detect a Ponzi scheme, and yet failed to use it? Have the world’s largest corporations factored this into their big data analytics programs? Probably not. Here is what they are in for.

Jan-Mar 2015 Issue

McMillan LLP