Accounting Horizons

Vol. 17, No. 4

December 2003
pp. 315-327

The Effects of Internal Audit Structure

on Perceived Financial Statement
Fraud Prevention
Kevin L. James
SYNOPSIS: This study examines whether internal audit reporting structure and internal
audit sourcing arrangement affect financial statement users’ perceptions of ability of the
internal audit function to prevent financial statement fraud. A survey of lending officers
finds that in-house internal audit departments that report to senior management are
perceived as less able to provide protection against fraudulent reporting compared to in-
house departments that report solely to the board of directors’ audit committee. This
finding is particularly important in light of the SEC’s recent consideration of whether the
audit committee should be directly responsible for oversight of the internal auditor.
This study does not find a difference in users’ perceptions of financial statement
fraud prevention between outsourced internal audit teams and in-house internal audit
departments when both report to the audit committee. Results suggest that increases in
perceived audit expertise may occur with outsourcing, but such increases may not
significantly enhance user confidence in the internal audit function because users per-
ceive outsourced teams to have less in-depth knowledge of the company than in-house
internal audit departments.
Keywords: internal audit; reporting structure; outsourcing; fraudulent financial reporting.
Data Availability: Data used in this study are available from the author upon request.

INTRODUCTION

I
n the wake of recent corporate failures, many reforms were undertaken to restore user confi-
dence, including the Sarbanes-Oxley Act of 2002 and the resulting SEC rules to implement its
provisions. The New York Stock Exchange (NYSE), American Stock Exchange (AMEX), and
NASDAQ also proposed new corporate governance rules (NYSE 2003; AMEX 2003; NASDAQ
2003). While these enacted and proposed reforms focus mainly on the responsibilities of the inde-
pendent auditor and the audit committee, the reforms also recognize the role of the internal auditor in
restoring user confidence. For example, newly proposed NYSE rules require all listed companies to
have an internal audit function. Furthermore, the SEC recently considered whether it should regulate
the relationship between the internal auditor and the audit committee (SEC 2003). This study
examines two dimensions of that relationship: reporting structure and sourcing arrangement.

Kevin L. James is an Assistant Professor at Middle Tennessee State University.

I acknowledge the contributions of my dissertation committee to this research: Keith G. Stanga (chair), Susan Ayers, Joseph
Carcello, Michael Johnson, and David Sylwester. This paper has also benefited from the helpful comments of Robert J.
Ramsay, Arnold Schneider, Terry Ward, and two anonymous reviewers. Funding by The University of Tennessee at
Knoxville College of Business Administration is greatly appreciated.
Submitted: February 2003
Accepted: April 2003
Corresponding author: Kevin L. James
Email: kjames@mtsu.edu

315
316 James

With respect to reporting structure, many in-house internal audit departments report primarily to
senior management that has sole responsibility for hiring and firing the chief internal auditor. SEC
members expressed the need for the internal auditor to have open access to the audit committee.
Although former chief accountant Robert Herdman (2002) stated that the audit committee must be
given “direct, unfettered, independent access” to the internal auditor, reporting to management may
hinder such access. In proposing rules to implement the Sarbanes-Oxley Act, the SEC requested
public comment on whether the audit committee should be made directly responsible for the appoint-
ment, compensation, retention, and oversight of the internal auditor. The SEC chose not to impose
this restriction after reviewing public comment (SEC 2003), but the potential effects of this structure
warrant further study. This study examines whether different reporting structures lead to perceived
differences in the level of fraud protection provided by the internal audit function.
Sourcing arrangement is also a key factor that distinguishes internal audit functions. Much
controversy surrounds internal audit outsourcing in recent years. As a result, the Sarbanes-Oxley Act
now prohibits outsourcing the internal audit to the company’s financial statement auditor, while it
allows outsourcing the internal audit to a different firm. The current study examines how outsourcing
to a Big 5 firm under both conditions impacts users’ perceptions of the internal audit function.
Results of this study indicate that users perceive internal audit departments that report to senior
management as less able to provide protection against fraudulent reporting compared to (1) in-house
departments that report solely to the audit committee and (2) outsourced internal audit teams that
report to the audit committee. Thus, this study highlights the importance of the perceived objectivity
of the internal audit function and suggests that adopting strong reporting structures strengthens user
confidence. This study does not find a difference in users’ perceptions of financial statement fraud
prevention between outsourced internal audit teams and in-house internal audit departments when
both report to the audit committee. Thus, there is no evidence that outsourcing leads to a difference
in perceived financial statement fraud prevention.

PRIOR RESEARCH
Recent research on internal audit reporting focuses on the effect of audit committee composition
rather than internal audit’s reporting structure. Scarbrough et al. (1998) and Raghunandan et al.
(2001) find a positive association between independence among audit committee members, the
review of internal audit results, and frequency of meetings with the chief internal auditor.1 The
current study extends this research stream by examining the effect of reporting structure.
With respect to internal audit outsourcing, Lowe et al. (1999) examine the effect of outsourcing
on lenders’ perceptions of external auditor independence, financial statement reliability, and loan
decisions. They find that perceived external auditor independence is not adversely affected when
outsourcing is (1) to an external auditor that uses different personnel on each engagement or (2) to an
auditor other than the financial statement auditor. Moreover, Lowe et al. (1999) report the highest
levels of perceived external auditor independence, financial statement reliability, and loan accep-
tance when the client outsources the internal audit function to its external auditor that uses different
personnel on each engagement.
Swanger and Chewning (2001) examine the effect of outsourcing on financial analysts’ percep-
tions of auditor independence. They find lower perceptions of external auditor independence when
fully outsourcing the internal audit to the financial statement auditor compared to being performed
in-house. They also report higher perceptions of external auditor independence when (1) a firm other
than the external audit firm performs the internal audit, and (2) when the external audit firm performs
the internal audit but does not use the same personnel on both audits.
Prior studies therefore examine the effect of outsourcing on users’ perceptions of the external
auditor without specifically considering the internal audit function. This study extends this line of

1
The environment surrounding audit committees changed in recent years due to SEC initiatives. Prior research noted here
uses data from periods before many of these initiatives. Thus, the potential effects of these initiatives should be consid-
ered when assessing the implications of prior research.

Accounting Horizons, December 2003

The Effects of Internal Audit Structure on Perceived Financial Statement Fraud Prevention 317

research by examining how outsourcing affects users’ perceptions of the internal audit function,
particularly whether users perceive the internal audit function to be more or less effective at prevent-
ing fraudulent reporting when outsourcing occurs. Also, the nature of the task differs from prior
research designs that asked participants to make a business decision and assess overall reliability.
The current survey instrument incorporates potential fraud and asks participants to assess the likeli-
hood that financial statement misstatement will be averted.
For users to perceive effective protection from fraudulent reporting, they must believe that fraud
is deterred or that any attempted fraud is detected and reported. Thus, I divide perceived financial
statement fraud protection provided by the internal audit function into three areas—deterrence,
detection, and reporting—and examine the effect on each.

DEVELOPMENT OF RESEARCH QUESTIONS

The Effect of Reporting Structure
Internal audit departments often report the results of their audit work to senior management
instead of the audit committee. Furthermore, because senior management often makes internal audit
personnel decisions, an internal auditor must risk his/her job and career to report offenses by senior
managers. The National Commission on Fraudulent Financial Reporting (1992) recognized this
hazard when it recommended that the selection and dismissal of the director of internal audit occur
only with the board of directors’ or audit committee’s concurrence. Yet, McHugh and Raghunandan
(1994) report the results of a survey in which 62 percent of companies allowed senior management to
fire the chief internal auditor without any input from the audit committee. Of the remaining 38
percent of companies, only 13 percent placed sole responsibility for firing decisions with the
audit committee. Similarly, Scarbrough et al.’s (1998) survey of Canadian companies found that
only 8 percent of companies placed firing authority solely with the audit committee. In that survey,
42 percent of companies allowed a member of senior management to fire the chief internal auditor.
The negative effects of managers’ firing authority on willingness to report negative information
emerge in the concerns internal auditors repeatedly express. Chadwick (1995) reports an interview in
which 12 chief internal auditors of major publicly held companies were asked whether they would
report any of several offenses by senior management, such as restricting exposure of evidence from
an audit and restricting information flow to the audit committee. All respondents said they would not
report the incidents because they would probably be fired and never find another job as a senior
internal audit official. Kalbers (1992) reports similar concerns from a survey of chief internal
auditors in which many respondents cited career concerns behind their reluctance to report problems
to the audit committee.
The problem of internal auditor reluctance to report problems to the audit committee appears to
be exacerbated by restrictions on access to the audit committee. In Kalbers’ (1992) study, 31 percent
of respondents stated that they had not met privately with the audit committee in the previous year.
Similarly, Scarbrough et al. (1998) report that 24 percent of companies surveyed had no private
access to the audit committee. Finally, McHugh and Raghunandan (1994) find that where hiring/
firing authority resides with someone other than the audit committee, the person responsible for
these decisions is always present at internal auditor meetings with the audit committee in 65 percent
of the companies surveyed. Such restricted access likely hinders open reporting of problems by the
internal auditor.
Evidence suggests that the reporting structure of internal audit affects the perceived likelihood
of a fraud being reported. Perceived likelihood of fraud detection may also be affected because
reporting to senior management allows management to restrict the scope of audit procedures performed.
Finally, the likelihood of fraud deterrence depends on the likelihood of fraud being detected and
reported when it occurs. In other words, if users perceive an internal audit department as unlikely to
detect or report a fraud, it will not be seen as an effective deterrent to fraud. Therefore, an effect on

Accounting Horizons, December 2003

318 James

either likelihood of fraud detection or reporting may lead to an effect on the likelihood of fraud
deterrence. Accordingly, the first research question is:
RQ1: Is the internal audit function perceived as more likely to deter [RQ1a], detect
[RQ1b], and/or report [RQ1c] financial statement fraud when it is performed by an
in-house internal audit department that reports to the audit committee than when it is
performed by an in-house internal audit department that reports to senior
management?

The Effect of Sourcing Arrangement

The largest audit firms have long shared a prestigious reputation as high-quality independent
auditors. Psychology researchers find that when an evaluator has a positive overall impression of a
person or entity based on performance on one or more dimensions, the resulting halo effect causes
the person or entity to be evaluated highly on new criteria. In other words, evaluators apply a
simplifying heuristic that rates new attributes according to a global effect rather than discriminating
carefully between each attribute and evaluating each attribute independently (Nathan and Tippins
1990; Leuthesser et al. 1995). Thus, it is reasonable to expect that financial statement users, who
view large audit firms as high-quality independent external auditors, will also evaluate them highly
as internal auditors. Several studies on internal audit outsourcing note beliefs consistent with this
argument among firms that choose to outsource. Many companies believe that having an outside
accounting firm perform their internal audits enhances both the quality and the image of the internal
audit function (Kusel et al. 1997; Petravick 1997). In addition, I asked participants in a post-test
question to my survey of lending officers whether they perceived more or less competence and
objectivity in a Big 5 firm performing the internal audit function compared to an in-house internal
audit department. Sixty percent perceived greater competence in a Big 5 firm, with 36 percent more
perceiving equal competence. Eighty-nine percent perceived a Big 5 firm as more objective, with the
remaining 11 percent perceiving equal objectivity.
However, the perception that external auditors are less familiar with the organization may offset
greater perceived competence and objectivity. During pretesting of my survey, participants pre-
sented conflicting ideas about whether an outsourced internal audit function can prevent fraudulent
reporting more effectively than an insourced internal audit department. Although they perceived
greater competence and objectivity, participants generally perceived outsourced internal audit teams
as having limited contact with the company, only scheduling and performing outsourced work at the
client company during certain times in the year. These participants believed that this limited contact
indicates outsourced teams have less in-depth knowledge of the company and infrequent physical
presence at the company, which diminishes their ability to prevent fraud. Below, I formulate research
questions to gain insight into the effect of sourcing arrangement. To isolate this effect, I hold
reporting structure constant by comparing outsourced internal audit teams and internal audit depart-
ments that both report to the audit committee.
Users’ perceptions of the outsourced internal auditor’s familiarity with the company may be
heightened when the internal auditing firm also performs the external financial statement audit.
Furthermore, Lowe et al. (1999) note that firms that perform both functions are perceived as having
greater incentives to protect their economic interests due to the increased quasi-rents from perform-
ing both. Thus, perceived likelihood of deterrence, detection, and/or reporting may differ based on
whether outsourcing is to the financial statement auditor or a different firm. These research questions
relate to outsourcing to the financial statement auditor and outsourcing to a different firm:
RQ2: Is the internal audit function perceived as more likely to deter [RQ2a], detect
[RQ2b], and/or report [RQ2c] financial statement fraud when it is outsourced to the
company’s Big 5 financial statement auditor that reports to the audit committee than
when it is performed by an in-house internal audit department that reports to the
audit committee?

Accounting Horizons, December 2003

The Effects of Internal Audit Structure on Perceived Financial Statement Fraud Prevention 319

RQ3: Is the internal audit function perceived as more likely to deter [RQ3a], detect
[RQ3b], and/or report [RQ3c] financial statement fraud when it is outsourced to a
different Big 5 firm that reports to the audit committee than when it is performed by
an in-house internal audit department that reports to the audit committee?
This study uses “Big 5 firm” exclusively in its survey and case materials and does not test for a
“Big 5/non-Big 5” effect. References to Big 5 firms should be viewed in this context, and “differ-
ences” do not relate to Big 5 versus non-Big 5.

RESEARCH DESIGN
Variables
This study is a survey of lending officers that applies a between-subjects design that randomly
assigns different groups of participants to receive different versions of the survey instrument. Each
version contained a different internal audit arrangement. The first research question compares two
insourcing arrangements. In the first arrangement, the director of the insourced internal audit depart-
ment reports to senior management: “Insourced—Report to Senior Management.” Senior manage-
ment also has authority to hire and fire the internal audit director, and the internal audit director has
no private meetings with the audit committee, consistent with evidence from McHugh and
Raghunandan (1994) noted earlier. In the second insourced arrangement, the internal audit director
reports to the audit committee, and the audit committee has sole responsibility for hiring and firing
the internal audit director: “Insourced—Report to Audit Committee.” Also, the internal audit direc-
tor meets privately with the audit committee.
Research Questions 2 and 3 compare the Insourced—Report to Audit Committee arrangement
to an outsourced Big 5 internal auditor that (1) also performs the financial statement audit and (2) a
different Big 5 firm, respectively. Per discussion with Big 5 partners and managers, an outsourced
team that reports to senior management, can be fired by senior management without audit committee
consent, and has no private meetings with the audit committee, is not likely to be found in practice.
Therefore, to be practically relevant, outsourcing firms in this study report to an audit committee that
has hiring and firing authority, and the auditor meets privately with the audit committee.
The study analyzes respondents’ views on these three dependent variables:
• the perceived likelihood of fraud deterrence;
• the perceived likelihood of fraud detection; and
• the perceived likelihood of fraud reporting.
The scale used to measure each variable solicits a likelihood response from zero percent (no
protection) to 100 percent (complete protection).

Subjects
Subjects for the current study are bank loan officers. Most accounting studies with bank loan
officers as subjects use a broad class of commercial lenders. However, many commercial lenders
work solely with small companies reporting up to $50 million in revenues. Typically non-public,
these companies have no internal audit function. Based on discussions with Institute of Internal
Auditors officials, a company generally reaches at least $100 million in revenue before developing a
small-to-moderate-sized internal audit department. The company in the survey used here is a public
company that generates over $150 million in revenue. To provide valid results, I sought to obtain a
subject pool comprised of lenders familiar with public companies that operate at a similar revenue
level. Such lenders are most likely to be familiar with companies that have internal audit functions
and are most likely to be knowledgeable about the critical elements of this experiment. I targeted
bankers who lend to public companies with over $100 million in revenues to develop the subject
pool for this study.

Accounting Horizons, December 2003

320 James

Survey Procedures
To target the subject pool selected above, I solicited participation from bankers in charge of
groups that lend to companies with over $100 million in revenues. These bankers coordinated the
study at their local offices. Each coordinator asked corporate lenders under his/her authority to
participate in the study and requested enough survey instruments to accommodate the number of
lenders in his/her group. Ultimately, I developed a subject pool representing 16 offices from seven
banks in seven U.S. cities.
I mailed 98 survey instruments including 25 Insourced—Report to Senior Management, 24
Insourced—Report to Audit Committee, 24 Outsourced—Same Firm, and 25 Outsourced—Differ-
ent Firm instruments. Sixty-three usable responses came back representing a response rate of 64.3
percent.2 Table 1 summarizes the demographic information for usable responses.3

TABLE 1
Demographic Information on Study Participants
Insourced– Insourced–
Report to Report to Outsourced–
Senior Audit Outsourced– Different Total
Management Committee Same Firm Firm Sample
Number of Subjects 14 16 14 19 63
Age (in years) 46.5 43.1 41.1 40.0 42.4
Lending Experience 18.4 16.5 14.1 13.4 15.5
(in years)
Banking Experience 20.6 19.8 16.6 15.0 17.8
(in years)
Percentage of Job 86.1% 80.9% 81.4% 84.5% 83.3%
Devoted to Loans
Self-Perceived 4.8 5.1 5.6 5.0 5.1
Knowledge of
Internal Auditinga
Self- Perceived 5.6 5.7 6.4 5.9 5.9
Knowledge of
External Auditinga
Job Title:
Vice President 72% 87% 65% 66% 72%
Managing Director — 13 14 11 10
Loan Officer 21 0 14 17 13
Credit Analyst 7 0 7 6 5
100 100 100 100 100

a
Measured on a scale anchored on 0 = “Not Knowledgeable at All” and “7 = Extremely Knowledgeable.”

2
After respondents answered the primary survey questions, I asked questions to check whether they attended to the part of
the scenario that was altered between versions of the survey. The reported response rate and results exclude eight
respondents who missed this check.
3
To test for the possibility of demographic differences between the groups receiving the four scenarios, I analyzed
demographic data using ANOVA to test continuous data and Chi-square analysis for noncontinuous data. Results
indicate no significant differences at the .05 alpha level.

Accounting Horizons, December 2003

The Effects of Internal Audit Structure on Perceived Financial Statement Fraud Prevention 321

Survey Instrument
Each subject was asked to read and respond to a single survey instrument containing selected
financial data and a narrative description of the history and current standing of a company. Adapted
from a case previously used by Knapp (1991), the Insourced—Report to Senior Management ver-
sion of the instrument used here appears in the Appendix. The section labeled “The Internal Audit
Function” differed among the four versions of the survey. The instrument provides third-quarter
amounts for the most recent financial statement data. Because these quarterly data are not audited
externally, subjects using quarterly data must depend more on the reliability provided by the internal
control system and the internal audit function than on additional assurance provided by the external
audit. Therefore, use of quarterly amounts aids in isolating the perceived effect of the internal audit
function on financial statement reliability.
Statement on Auditing Standards No. 99 states that fraud generally involves the pressure or
incentive to commit a fraud and the perceived opportunity to commit the fraud (AICPA 2002). The
survey instrument features a client with an incentive to commit fraud by concealing obsolete inven-
tory. Thus, subjects must respond to the perceived opportunity to commit the fraud—the deterrence
value of the company’s controls—and their confidence that the fraud will be detected and reported if
it is committed.
I pretested the survey instrument using five loan officers from the local office of a large national
bank. The banking experience of these lenders ranged from three to 25 years, with an average of 17
years. After each lender completed the survey, I asked about the realism and clarity of the survey as
well as the sufficiency of the information provided relative to the judgments s/he had to make. I made
minor changes to the survey instrument based on pretest results.

RESULTS
I apply analysis of variance (ANOVA) statistics to each dependent variable to test for any
significant differences between the groups of respondents. ANOVA results that appear in Table 2
indicate no significant differences between the four groups for perceived likelihood of fraud detec-
tion (F = .70, p = .556). Results indicate significant differences in perceived likelihood of fraud
deterrence (F = 4.87, p = .004) and perceived likelihood of fraud reporting (F = 3.65, p = .017)
across the four scenarios, but this initial test does not indicate which groups differ significantly. To
identify which groups differ from one another, I use Duncan multiple comparison tests to detect
differences between all possible pairs of means. The significant differences section in Table 2
reports which groups differ significantly and the direction of that difference. Below I describe how
these results relate to the research questions.
Research Question 1 asks whether an internal audit department that reports to the audit commit-
tee will be perceived as more likely to deter [RQ1a], detect [RQ1b], and/or report [RQ1c] financial
statement fraud than an internal audit department that reports to senior management. Because likeli-
hood of fraud detection indicates no significant differences as noted above, results do not support
RQ1b.4 Duncan tests indicate that respondents perceive the Insourced—Report to Audit Committee
arrangement as more likely to deter fraud and to report detected fraud than the Insourced—Report to
Senior Management arrangement (I-AC > I-SM). Thus, results support RQ1a and RQ1c.5
Although no research question compared the Insourced—Report to Senior Management condition
to outsourced arrangements, it is worth noting that participants perceive a greater likelihood of fraud

4
Note the sizable difference in mean likelihood responses for the I-SM and I-AC arrangements (39 percent versus 51
percent) is in the expected direction. Lack of significance may be due to small sample size.
5
I also measured each dependent variable on a five-point categorical scale ranging from “Not Likely” to “Extremely
Likely.” I analyzed these responses with contingency tables using the Cochran-Mantel-Haenszel Chi-square statistic to
account for the ordinality of the dependent variable and because it is effective when some cell counts are zero (Hosmer
and Lemeshow 1989; Agresti 1996). For all research questions, the results were consistent with ANOVA results.

Accounting Horizons, December 2003

322 James

TABLE 2
Means and Analysis of Variance Results for
Perceived Financial Statement Fraud Protection
Treatment Means a
(Standard Deviations)

Perceived Perceived Perceived

Likelihood of Likelihood of Likelihood of
Deterrence Detection Reporting
Insourced—Report to 37.00 38.93 62.14
senior management (25.79) (30.70) (31.05)
(I-SM)b
Insourced—Report to 59.69 50.94 82.81
audit committee (I-AC)b,c,d (24.32) (28.64) (21.60)
Outsourced—same firm 67.14 50.71 83.21
(O-SF)c (18.47) (28.34) (14.22)
Outsourced—different firm 61.84 52.11 84.89
(O-DF)d (22.00) (26.42) (17.31)
F-values 4.87 .70 3.65
p-values .004 .556 .017
Significant Differencese I-AC > I-SM None I-AC > I-SM
O-SF > I-SM O-SF > I-SM
O-DF > I-SM O-DF > I-SM

a
Variables are measured on a likelihood scale ranging from 0 percent to 100 percent.
b
Indicates groups compared in response to research question 1.
c
Indicates groups compared in response to research question 2.
d
Indicates groups compared in response to research question 3.
e
Shows where significant differences occur based on Duncan multiple comparison tests. Differences are significant at a
.05 level.

deterrence and a greater likelihood of fraud reporting when the internal audit is outsourced and
reports to the audit committee than with the Insourced—Report to Senior Management arrangement
(O-SF > I-SM, O-DF > I-SM). This result holds true whether the outsourcing firm also performs the
financial statement audit or is a different firm.
Research Questions 2 and 3 ask whether sourcing arrangement will affect the perceived likelihood
of fraud deterrence, detection, and/or reporting with outsourcing to the financial statement auditor
and outsourcing to a different firm. Results indicate no significant differences for either condition.
Thus, participants perceive greater competence and objectivity among outsourced firms, as noted in
post-test results, which should lead to differential perceptions of fraud protection. However, it
appears that perceptions of an outsourced internal audit team with limited presence inside the company
led participants to perceive no increase in an outsourced team’s ability to provide fraud protection.

SUMMARY, IMPLICATIONS, AND LIMITATIONS

Summary of Findings
This study examines whether internal audit-reporting structure and sourcing arrangement affect
users’ perceptions of their protection from financial statement fraud. Tests provide evidence that
internal audit departments that report to the audit committee are perceived as more able to deter
financial statement fraud and more likely to report detected fraud than internal audit departments that
report to senior management. Thus, internal audit reporting structure appears to affect user perceptions.
This study does not find evidence that outsourcing to the financial statement auditor or to a
different Big 5 firm affects users’ perceptions of financial statement fraud protection provided by the

Accounting Horizons, December 2003

The Effects of Internal Audit Structure on Perceived Financial Statement Fraud Prevention 323

internal audit function. Findings of this study are consistent with Lowe et al. (1999) and Swanger and
Chewning (2001) that detect no effect on external auditor independence or perceived financial
statement reliability from outsourcing to a different firm. These studies also conclude there is no
impairment in financial statement reliability with outsourcing to the financial statement auditor and
impairment of external auditor independence only when the same staff performs both engagements, a
condition not included in the current study. Overall, their findings suggest that users ultimately see
insourcing as very similar to outsourcing as to factors that affect financial statement reliability,
unless outsourcing is to the same firm without staff separation. Findings of this study suggest that
another critical factor affecting user perceptions is the reporting structure of the internal audit
function.

Implications
A finding that users perceive greater financial statement fraud protection when the internal audit
function reports to the audit committee than when it reports to senior management is relevant to the
current reporting debates. The SEC recently considered whether the audit committee should be made
directly responsible for the appointment, compensation, retention, and oversight of the internal
auditor. Although the SEC chose not to regulate these matters at this time, findings of this study
suggest that the SEC’s concept enhances user confidence that financial statements are without fraud.
These findings should be considered in future discussions on this issue. In the absence of mandated
reporting to the audit committee, this study suggests that mandatory reporting on the audit committee’s
interaction with internal auditing benefits users as it appears to affect users’ perceptions of the
likelihood that financial reports are free from fraud.
Furthermore, users must have confidence that a company’s financial reporting is reliable for that
company to have access to capital markets at a low cost of capital. Findings of this study suggest that
internal auditor reporting to senior management reduces users’ confidence in the internal auditor’s
ability to prevent fraudulent financial reporting. Companies should consider this finding when choosing
a reporting structure for internal audit and may decide to voluntarily describe in their annual reports
and SEC filings their strong internal audit reporting structures. Such voluntary disclosures are
especially important to companies with an acute need to signal the reliability of their financial
reporting. Companies with high levels of agency conflict6 or previous occurrences of fraud could
benefit from telling users about the improved processes being implemented.
The lack of evidence supporting enhanced user confidence resulting from outsourcing the
internal audit function may be important to company managers. As noted above, many company
managers believe that outsourcing to a Big 5 firm will enhance the perceived quality of their
company’s internal audit function. This study provides a preliminary indication that the increases in
perceived audit expertise likely to accompany outsourcing do not lead to enhanced user confidence
in the internal audit function because outsourcing firms have limited contact with the company.
Further research is needed to understand this relationship more fully.

Limitations
As with any study of this kind, the realism of the survey instrument is limited. In a real bank
lending decision, loan officers have access to more information and form opinions and make deci-
sions over a longer period of time. However, this study employs appropriate procedures for measur-
ing the general perceptions of loan officers toward different internal audit structures. In addition,
steps taken to ensure an appropriate sample led to a small sample size. Although it is more difficult to
achieve statistical differences with small samples, this study finds significant results.
Finally, this study examines one user group and one fraud scenario. It is possible that results will
differ with other user groups and/or scenarios. Also, this study did not examine other feasible
sourcing arrangements. Future research may extend the results of this research by examining the
perceptions of users toward arrangements such as partial outsourcing and cosourcing.

6
Such conflict includes situations such as large stock option plans or threatened job security that may provide senior
management greater incentive to not disclose true economic conditions.

Accounting Horizons, December 2003

324 James

APPENDIX
SAMPLE SURVEY INSTRUMENT
ROGERS CORPORATION CASE
COMPANY BACKGROUND
Rogers Corporation wholesales household goods, principally small kitchen appliances, to retail-chain outlets.
Rogers is publicly traded over the counter and was incorporated in your state in 1983. The company is also
headquartered in your state. Currently, it manufactures 60 percent of the goods it sells and purchases the
remainder from outside firms. The company is now negotiating to acquire a large supplier, a move that would
increase its production capacity by 15 percent.
In September 1998, Rogers borrowed $16 million from a syndicate of banks, one of them being yours, at
an interest rate of prime plus one point. The debt matures in five equal, annual installments beginning in
September 2000. You are performing a follow-up review of this outstanding loan on September 1, 1999.
Your bank receives annual and quarterly financial statements from Rogers. The selected annual data from
1995–1998 shown below are taken from annual statements audited by a Big 5 public accounting firm. The
most recent amounts (thru 9/30/99) are third quarter projections submitted by management to assist you
in your review pending release of actual third quarter amounts. Third quarter data will not be subjected to an
external financial statement audit.
Rogers Corporation has retained an investment banker to develop plans to issue $40 million in subordi-
nated debentures in early 2000 to finance further acquisitions as well as to repay the outstanding bank notes.
Rogers’ management is pleased with the firm’s 1999 financial performance, projecting a continuing increase
in sales and net income. The firm’s backlog of orders has risen 30 percent over the past 12 months and man-
agement expects the company to be able to sustain strong sales growth in the coming years.

ROGERS CORPORATION
SELECTED FINANCIAL DATA
For Fiscal Year ended December 31
(In thousands, except per-share data)
Year Ended December 31,
Through 9/30/99* 1998 1997 1996 1995
Net sales $ 137,576 $ 146,135 $ 86,382 $ 81,450 $ 66,976
Gross profit 63,161 69,999 37,827 38,466 25,704
Gross margin % 45.9% 47.9% 43.8% 47.2% 38.4%
Operating income 4,044 4,296 4,010 5,027 4,156
Net income 1,702 2,116 1,452 1,363 960
Earnings per share .19 .24 .16 .15 .20
Common shares (#) 9,058 9,004 8,932 8,810 4,804

As of December 31,
Through 9/30/99* 1998 1997 1996 1995
Working capital $ 58,680 $ 51,557 $ 32,940 $ 31,293 $ 20,196
Total assets 131,503 122,629 96,107 90,396 55,169
Long-term debt 36,254 36,837 18,714 20,267 11,776
Stockholders’ equity 67,995 67,135 64,476 61,475 33,485
Debt to equity ratio .93 .83 .49 .47 .65

*Unaudited projections by management.

Accounting Horizons, December 2003

The Effects of Internal Audit Structure on Perceived Financial Statement Fraud Prevention 325

THE INTERNAL CONTROL ENVIRONMENT

The Board of Directors
Rogers Corporation maintains a ten-member board of directors with the Chief Executive Officer serving as
chairman of the board. Rogers’ board of directors also includes its Chief Operating Officer and the
company’s chief attorney. The remaining board members are men and women with extensive business experi-
ence (an average of 20 years) who have no other relation to the company.
Rogers Corporation maintains an audit committee that meets quarterly and is responsible for assuring that
management fulfills its responsibilities in the preparation of financial statements. In discharging its duties, the
audit committee reviews the activities of both the internal audit function and the external financial statement
audit. All members of the audit committee are independent, outside directors who have no other relation to
the company. The audit committee has four members including one certified public accountant.
The Internal Audit Function
Rogers Corporation maintains an internal audit department that performs all of its internal audit work.
Responsibilities of the internal audit department include examining the adequacy of the company’s systems,
processes, and procedures and recommending improvements. Management decides which recommendations
will be implemented. The following features detail the internal audit department’s position in the organization:
• The internal audit director reports the results of all internal audit work directly to Rogers’ senior manage-
ment, which includes the CEO, the CFO, and other company officers.
• Rogers’ senior management has sole responsibility for the hiring and firing of the internal audit director and
his staff.
• The internal audit director meets with the audit committee quarterly. The CEO and CFO of Rogers Corpora-
tion are present at all of these meetings.
The internal audit department has performed various reviews and audits on the company’s systems
throughout the year. The department is scheduled to continue its work by performing audit procedures on the
purchasing and inventory systems beginning September 15. Over the past several years, the internal audit has
revealed no major deficiencies in basic internal control procedures (i.e., segregation of duties, authorization
and verification procedures, etc.). Only minor adjustments to account balances have been made as a result of
past internal audits.

ADDITIONAL INFORMATION
In the second quarter, Rogers hastily changed the engineering specifications for three related products in
response to an unexpected change in consumer preferences. Due to drastic declines in shipments of these
products in the third quarter, management has determined that the inventory manufactured prior to these
changes cannot be sold above cost. Management has determined that the value of this obsolete inventory has
been permanently impaired, and that the inventory write-down required by generally accepted accounting
principles would materially reduce the firm’s profit. (As of today, management estimates an after-tax effect of
$441,000, which is 25.9 percent of projected 3rd quarter net income and 18.4 percent of estimated annual
net income.) The inventory adjustment concerns senior management because they want to continue to show a
positive earnings trend. The required adjustment to inventory would threaten the company’s fifth consecutive
year of earnings growth. (Management estimates fiscal year 1999 net income will be $1,962,000 after the
write-down, compared to net income of $2,116,000 in 1998.) Management especially wants to show growth
in earnings to encourage greater demand for the upcoming sale of debentures. Although management has a
responsibility to report the obsolete inventory in the third quarter 1999 financial statements, management
would prefer delaying the adjustment until fiscal year 2000 when earnings growth is expected to be great
enough to absorb its impact.
The affected inventory components and related records are scattered randomly throughout the firm’s ware-
houses and computerized inventory records. The affected items involve approximately 5 percent of the re-
corded value of the inventory and 4 percent of the 400 inventory components used in the manufacturing
processes of the company.

Accounting Horizons, December 2003

326 James

QUESTIONNAIRE
Part I: About the Rogers Corporation Case

Given the above information, please answer the following three questions. First, please respond using
whole numbers (not fractions) that range from 0% to 100%. Then, please respond using the word
categories provided:
1. (a.) In your view, what is the probability that the presence of the existing internal audit function will
deter senior management from attempting to delay reporting of the obsolete inventory by not report-
ing the required write-down in the 3rd quarter, 1999 financial statements?
___________%
(b.) Please circle the category that best indicates the likelihood that the presence of the existing internal
audit function will deter senior management from attempting to delay reporting of the obsolete
inventory by not reporting the required write-down in the 3rd quarter, 1999 financial statements.

Not Slightly Moderately Very Extremely

Likely Likely Likely Likely Likely
2. Assume senior management does not record the write-down for the obsolete inventory and does not
report the existence of the obsolete inventory to the internal audit department.
(a.) In your view, what is the probability that the internal audit department will detect the obsolete
inventory when performing internal audit procedures?
___________%

(b.) Please circle the category that best indicates the likelihood that the internal audit department will
detect the obsolete inventory when performing internal audit procedures.
Not Slightly Moderately Very Extremely
Likely Likely Likely Likely Likely
3. Assume that senior management attempts to conceal the obsolete inventory, but that it is detected
during the internal audit process. Also, assume that senior management refuses to record the write-
down of the obsolete inventory in fiscal year 1999 (the current year) financial statements.
(a.) In your view, what is the probability that the internal audit director will report to the audit committee
that a material obsolete inventory write-down is required in the 1999 (current year) financial state-
ments?
___________%

(b.) Please circle the category that best indicates the likelihood that the internal audit director will report
to the audit committee that a material obsolete inventory write-down is required in the 1999 (current
year) financial statements.
Not Slightly Moderately Very Extremely
Likely Likely Likely Likely Likely

Accounting Horizons, December 2003

The Effects of Internal Audit Structure on Perceived Financial Statement Fraud Prevention 327

REFERENCES
Agresti, A. 1996. An Introduction to Categorical Data Analysis. New York, NY: John Wiley & Sons.
American Institute of Certified Public Accountants (AICPA). 2002. Consideration of Fraud in a Financial
Statement Audit. Statement on Auditing Standards No. 99. New York, NY: AICPA.
American Stock Exchange (AMEX). 2003. Enhanced corporate governance—Text of proposal rule changes.
Available at: http://www.amex.com.
Chadwick, W. 1995. Tough questions, tougher answers. Internal Auditor (December): 63–65.
Herdman, R. 2002. Making audit committees more effective. Speech given at the Tulane Corporate Law
Institute, New Orleans, LA, March 7. Available at: http://www.sec.gov/news/speech/spch543.htm.
Hosmer, D. W., and S. L. Lemeshow. 1989. Applied Logistic Regression. New York, NY: John Wiley & Sons.
Kalbers, L. 1992. Audit committees and internal auditors. Internal Auditor (December): 37–44.
Knapp, M. C. 1991. Factors that audit committee members use as surrogates for audit quality. Auditing: A
Journal of Practice & Theory (Spring): 35–52.
Kusel, J., R. Schull, and T. Oxner. 1996. What audit directors disclose about outsourcing. Available at: http://
www.theiia.org/iia/index.cfm?doc_id=117.
Leuthesser, L., C. Kohli, and K. Harich. 1995. Brand equity: The halo effect measure. European Journal of
Marketing 29 (4): 57–66.
Lowe, D. J., M. A. Geiger, and K. J. Pany. 1999. The effects of internal audit outsourcing on perceived external
auditor independence. Auditing: A Journal of Practice & Theory 18: (Supplement): 7–26.
McHugh, J., and K. Raghunandan. 1994. Hiring and firing the chief internal auditor. Internal Auditor (Au-
gust): 34–39.
NASDAQ. 2003. Report regarding NASDAQ corporate governance. Available at: http://www.nasdaqnews.com.
Nathan, B., and N. Tippins. 1990. The consequences of halo “error” in performance ratings: A field study of the
moderating effect of halo on test validation results. Journal of Applied Psychology (June): 290–296.
National Commission on Fraudulent Financial Reporting. 1992. Internal Control—Integrated Framework.
Jersey City, NJ: Committee of Sponsoring Organizations of the Treadway Commission.
New York Stock Exchange (NYSE). 2003. Amendment No. 1 to Corporate Governance Rule Filing. Available
at: http://www.nyse.com/pdfs/amend1-04-09-03.pdf.
Petravick, S. 1997. Internal auditor outsourcing: Who and why? Internal Auditing (Winter): 16–21.
Raghunandan, K., W. J. Read, and D. V. Rama. 2001. Audit committee composition, “gray directors,” and
interaction with internal auditing. Accounting Horizons (June): 105–118.
Scarbrough, D. P., D. Rama, and K. Raghunandan. 1998. Audit committee composition and interaction with
internal auditing: Canadian evidence. Accounting Horizons (March): 51–62.
Securities and Exchange Commission (SEC). 2003. Standards Relating to Listed Company Audit Committees.
Release No. 33-8220; File No. S7-02-03. Washington, D.C.: Government Printing Office.
Swanger, S. L., and E. G. Chewning. 2001. The effect of internal audit outsourcing on financial analysts’
perceptions of external auditor independence. Auditing: A Journal of Practice and Theory 20 (Septem-
ber): 115–129.

Accounting Horizons, December 2003