Comprehensive Case A.

1 - Enron

I. Technical Audit Guidance

To maximize the knowledge acquired by students, this book has been designed to be read in
conjunction with the post-Sarbanes-Oxleytechnical audit guidance. All of the PCAOB Auditing
Standards that are referenced in this book are available for free at:
http://www.pcaobus.org/Standards/index.aspx.

In addition, the AU Sections that are referenced in this book are available for free at:
http://www.pcaobus.org/Standards/Interim Standards/Auditing Standards/index.aspx. Finally, a
sununary of the provisions of the Sarbanes-Oxley Act of 2002 is available for free at:
http://thecaq.aicpa.org/Resources/Sarbanes+Oxley/Summary+of+the+Provisions+of +the+Sarba
n es-Oxley+Act+of+2002.htm.

II . Case Questions - Answer Key

1. What is auditor independence, and what is its significance to the audit profession? What is the difference

between independence in appearance and independence in fact?

The second general standard of generally accepted auditing standards (GAAS) is, "In

all matters relating to the assignment, an independence in mental attitude is to be maintained

by the auditor or auditors." If the auditor is not independent, the financial statements are

considered unaudited for all practical purposes. In case where the SEC has found that a CPA

firm was not independent, it has required that the financial statements be re-audited by another

firm. A lack of independencecan result in disciplinary action by regulators and/or professional

organizations and litigation by those who relied on the financial statements (e.g., clients and

investors). The profession, as a whole, depends on the value of independence in that the

auditor's opinion on the financial statements loses its value if the auditor is not considered to

be substantially independent from the management of the fim1.

A1ticle IV of the AICPA' s ProfessionalCode of Conduct requires that "a member in

public practice should be independent in fact and appearance when providing auditing and other
Attestation services." To be independent in fact, an auditor must have integrity, a character of

intellectual honesty and candor; and objectivity, a state of mind of judicial impaiiiality that

recognizes an obligation of fairness to management and owners of a client, creditors,

prospective owners or creditors, and other stakeholders. To be independent in appearance, the

auditor must not have any obligations or interests (in the client, its management, or its owners)

that could cause others to believe the auditor is biased with respect to the client, its management,

or its owners. Even if the auditor does not have any direct or indirect financial interest or

obligation with the client in fact, they must assure that no part of their behavior or actions appear

to affect their independence in the opinion of the public. When behavior seems to affect

independence it has a similar effect on public opinion as a breach of independence in fact.

The facts of the case reveal numerous issues that suggest that Andersen's independence

may have been compromised. For example, Emon was one of Andersen's biggest audit clients.

It paid Arthur Andersen $46.8 million in fees for auditing, business consulting, and tax work for

the fiscal year ended August 31, 1999; $58 million in 2000; and more than $50 million in 2001.

At Andersen, the compensation of partners depended on their ability to cross-sell other services

to its audit clients. More than half of the fees for Enron were charged for non-audit services. By

2001, Duncan was earning more than $1 million a year. The size of the fees would likely have

made it hard for Duncan and his fellow auditors to challenge Emon's management team on

difficult accounting issues.

In addition, the substantial amount of non-audit work completed by Andersen provided

incentivesto work as an advocate on behalf of Enron. For example, Arthur Andersen boasted

about the closeness of their relationship in a promotional video. " We basically do the same types
of things...We' re flying to kinda cross lines and trying to, you know, become more of just a

business person here at Emon," said one accountant.

In addition, Since 1993 Andersen had perfonned Emon's internal audit function in

addition to performing the audit on its financial statements. Performing both the internal and

external auditing functions meant that Andersen was auditing its own work and thus would not

be unbiased. In addition, more than eighty former Arthur Andersen accountants were working at

Enron. Several were in senior executive positions, including Jeffrey McMahon, who served in

the positions of treasurer and president; and vice president Sherron Watkins; and chief

accounting officer Richard Causey.

Article IV of the AICPA Code of Conduct (Objectivity and Independence) states: " A

member in public practice should be independent in fact and appearance when providing

auditing and other attestation se1vices." Close relationships might affect independence in

appearance, even if independence in fact is maintained. Clearly there was cause for concern at

Emon. Causey was good friends with Andersen's global engagement partner, David Duncan. In

fact, their fam ilies had even gone on vacations together. Andersen employees often attended

Enron-sponsored events and office parties. The nature of Causey and Duncan's close

relationship violated the AICPA Code of Conduct's requirements for independence in

appearance.

2. Refer to Section 201 of SARBOX. Identify the services provided by Arthur Andersen that are no

longer allowed to be performed. Do you believe that Section 201 is needed? Why or why not?

Section 201 says that it shall be unlawful for a registered public accounting firm to provide

any non-audit service to an issuer contemporaneously with the audit, including: (1) bookkeeping
or other services related to the accounting records or financial statements of the audit client; (2)

financial infonnation systems design and implementation; (3) appraisal or valuation services,

fairness opinions, or contribution-in-kind reports; (4) actuarial services; (5) internal audit

outsourcing services; (6) management functions or human resources; (7) broker or dealer,

investmentadviser, or investment banking services; (8) legal services and expert services

umelated to the audit; (9) any other service that the Board determines, by regulation, is

impennissible.

Arthur Andersen provided services to Enron that would be prohibited today by SOX

Section 201. "More than half of that amount (more than $50 million) was for fees that were

charged for nonaudit services ... $27 million for consulting and other se1vices, such as internal

audit se1vices." Andersen had been providing internal audit se1vices to Emon for eight years.

The nonaudit services that Andersen provided were encouraged by the structure of partner

compensation.

Importantly, the bill allows an accotmting fom to "engage in any non-audit service,

including tax services," that is not listed above, only if the activity is pre-approved by the audit

committee of the issuer. The audit committee is required to disclose to investorsin its periodic

filings its decision to pre-approve non-audit services.

Most observers now agree that Section 201 was needed. The rise of non-audit se1vices

has been a conunon trend in the public accounting profession. In 1993, 31% of the fees in the

industry came from consulting. By 1999, that number had jumped to 51%. In fact, the AICPA

released a publication in 1999 titled " Make Audits Pay: Leveraging the Audit Into Consulting

Se1vices." The book advised the auditor to think of himself as a " businessadvisor." It did note
that conflicts could arise from perfom1ing the role of business advisor (which was a client

advocate) and the auditor (which had to be independent). It advised erring on the side of looking

out for the public interest. Other striking examples include KPMG, which billed Motorola $3.9

million for auditing and $62.3 million for other services; Ernst & Young, which billed Sprint

Corp. $2.5 million for auditing and $63.8 million for other services; and

PricewaterhouseCoopers, which billed AT&T $7.9 million for auditing and $48.4 million for

other services.

3. Refer to Sections 203 and 206 of SARBOX. How would these sections of the law have impacted the

Enron audit? Do you believe that these sections rewere needed? Why or why not?

Section 203 says that the lead audit or coordinating partner and the reviewing partner must

rotate off of the audit every 5 years. Section 206 says that the CEO, Controller, CFO, Chief

Accounting Officer or person in an equivalent position cannot have been employed by the

company's audit fom during the 1-year period ("the cooling off period) proceeding the audit.

Section 203 could have impacted the Enron audit. Lead partner for the Enron engagement, David

Duncan had fonned a close personal relationship with Emon's Chief Accounting Officer,

Richard Causey. " ... and their families had even gone on vacations together." The nature of this

close relationship put Duncan in a position that he might not be able to challenge management. A

key point to raise in this response is that David Duncan would not have been the lead audit

partner after 5 years of service because of the establishment of Section 203. It is important to

point out that the relationship that develops among professionals is intenupted by regulation to

help insure independence.

Section 206 requires a "one year cooling off period" for former Andersen employees to

accept a position as CEO, CFO, Controller, or Chief Accounting Officer. "Causey was
responsible for recruiting many Andersen alumni to work at Enron. Over the years, Emon hired

at least 86 Andersen accountants. Several were in senior executive positions." Section 206 of

SOX would have prevented some of these hirings before the cooling off period had expired.

Since both of these laws help to insure independence in appearance and in fact, most

students are likely to agree that they were needed. Both Section 203 and Section 206 would have

impacted the Emon engagement.

4. Refer to Section 301 of SARBOX. Do you believe that S ection 301 is important to maintaining

independence between the audito1· and the client? Why or why not?

Section 301 of SARBOX requires that the "audit committee of an issuer shall be directly

responsible for the appointment, compensation, and oversight of the work of any registered

public accounting fom employed by that issuer." As a result, the relationship between the audit

fim1 and the CFO and/or Controller at an audit client has changed dramatically. In the past, it

may have been difficult for an auditor to challenge the CFO and/or the Controller on difficult

accounting issues because the auditor knew that these individuals had the authority to fire the

audit firm from the job. At a minimum, this was a major tlu·eat to independence in appearance.

Now, the auditor reports directly to the audit committee. As a result, the independence between

the auditor and client has improved.

5. Consider the principles, assumptions, and constraints of Generally Accepted Accounting Principles

(GAAP). Define the revenue recognition principle and explain why it is important to users of financial

statements.

The revenue recognition principle of GAAP states tl1at revenue must be both earned and

realized before it is recognized and is supported by the FASB Statement of Financial Concepts

No. 5. In addition, the amount of the sale needs to be fixed and detem1inable. Also, the
recognition of revenue is dependent on an assumption that the cash will be collected from the

customer in a timely manner. Other points that should be made to students are that the buyer

needs to assume the risks and rewards of ownership of the product (i.e., the risk of damage

or physical loss). In addition, for certain types of sales, the SEC has established specific and

exacting criteria that must be followed in the revenue recognition process.

In the case of Enron, the manner in which MTM accounting was applied to its trading

business was suspect. That is, by recognizing the present value of the stream of future

inflows under the entire contract as revenues and recognizing the present value of future

costs under the entire contract as expenses. Of course, this violated the revenue recognition

principle because Emon hadn't performed tmder the contract at the time it recognized

revenues.

6. Consider the Sithe Energies contract described in the case. Does the accounting for this contract provide

an example of how Enron violated the revenue recognition principle? Why or why not? Please be

specific.

According to GAAP, in order for revenue to be recognized, it must have been earned by the

company. In the present contex,t Enron used MTM accounting to allow for the recognition of

the present value of the stream of future inflows as revenues on its contract with Sithe Energies.

However, the application of MTM (in this context) clearly violates the revenue recognition

requirements under GAAP. Consider that Enron recognized revenue from the Sithe contract

before the Sithe plant had even begun its own operations. As a result, Enron had not done its

part in fulfilling its contract obligations. Thus, revenue on this contract was not yet earned and

should not have been recognized.

7. Consult Paragraph 2 and Paragraph AS (in Appendix A) of PCAOB Auditing Standard No. 5. Based on

the case information, do you believe that Enron had established an effective system of internal control

over financial reporting related to the contract revenue recorded in its financial statements? Why or why

not?

According to paragraph #2 of Auditing Standard #5, "effectiveinternal control over financial

reporting provides reasonable assurance regarding the reliability of financial reporting and the

preparation of financial statement for external purposes. If one or more material weaknesses

exist, the company's internal control over financial repo1ting cannot be considered effective." In

the Appendix of Auditing Standard #5, paragraph #AS provides more specifics about the

definition of an internal control system.

According to that paragraph, such a system is "a process designed by, or under the

supervision of, the company's principal executive and principal financial officers, or persons

perforn1ing similar functions, and effected by the company's board of directors, management,

and other personnel, to provide reasonable assurance regarding the reliability of financial

reporting and the preparation of financial statements for external purposes in accordance with

GAAP and includes those policies and procedures that - (1) Pertain to the maintenance of

records that, in reasonable detail, accurately and fairly reflect the transactions and dispositions of

the assets of the company; (2) Provide reasonable assurance that transactions are recorded as

necessary to penn it preparation of financial statements in accordance with generally accepted

accounting principles, and that receipts and expenditures of the company are being made only in

accordance with authorizations of management and directors of the company; and (3) Provide

reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use,

or disposition of the company's assets that could have a material effect on the financial

statements."
 Enron did not have an effective system of internal control over financial reporting related to

contract revenue recorded in its financial statements. Stated simply, Emon's internal control

system does not provide reasonable assurance that revenue was being recorded fairly, and in

accordance with GAAP. Consider the valuation assertion. An example of a control procedure

that would help to prevent a material misstatement related to the valuation assertion related to

revenue would be to require an independent valuation finn to be responsible for valuing all

material contracts. When considering the discretion of an independent 3rd party upon an

estimate, the estimate can be considered more reliable and competent. Although this valuation

procedure can be costly to the client, the reliability of the estimate is far more valuable to users

that are dependent upon an unbiased and objective MTM estimate. An example of a control

procedure designed to detect a material misstatement related to the valuation assertion about

revenue would be to have the internal audit department perforn1 independent recalculations of

the valuation of material contracts. In such a situation, the internal audit department would be

responsible for evaluating (independent of management) the subjective components of the MTM

valuation to determine if the valuation is reasonable, reliable, and has competent evidence to

support the valuation. For example, an interest rate used in the calculation of an MTM valuation

must be supported by market infonnation that supports the use of a particular interest rate.

8. Consult Paragraphs .21-.22 of AU Section 326. As an auditor, what type of evidence would you want

to examine to determine whether Enron was inappropriately recording revenue from the Sithe

Energies contract?

According to paragraph #21 of AU Section 326, "To be competent, evidence, regardless of

its forn1, must be both valid and relevant." Indeed, "the validity of evidential matter is so

dependent on the circumstances under which it 1s obtained that generalizations about the
reliability of various kinds of evidence are subject to impo1iant exceptions ." So, the

competence of audit evidence refers to the quality of the evidence gathered for a financial

statement assertion about a financial statement account balance and/or an economic

transaction(s). And, as indicated in the standard, there are two aspects to evidence quality that

are most important: relevance and reliability. The relevance of audit evidence specifically relates

to whether the evidence gathered actually relates to the financial statement asse1i ion being

tested. That is, will the evidence allow the auditor to reach conclusions related to that financial

statement assertion?

The reliability of the evidence specifically relates to whether the evidence gathered can trnly

be relied upon as providing a true indication about the financial statement assertion being tested.

There are a number of factors that should influence an auditor's conclusions about reliability, the

most important of which is the source (e.g., is it from a third party?) of the audit evidence.

According to paragraph #22 of AU Section 326, "The amount and kinds of evidential matter

required to support an infom1ed opinion are matters for the auditor to detennine in the exercise

of his or her professional judgment after a careful study of the circumstances in the particular

case." So, the sufficiency of audit evidence refers directly to the quantity of the audit evidence

gathered about a financial statement asse1i ion. All things being equal, the greater the risk of

material misstatement related to the financial statement assertion, the more audit evidence will

be gathered by the auditor.

Recall that Enron employed MTM accounting on an agreement that Enron reached to supply

Sithe Energies with 195 million cubic feet of gas per day for 20 years for a plant that Sithe was

going to build in New York. The estimated value of the gas to be supplied was $3.5 to $4 billion.

At the moment the contract was signed, the present value of the stream of future inflows under

the contract was recognized as revenues and the present value of the expected costs of fulfilling
the contract were expensed. In order to determine whether Emon was properly accounting for

the contract, the auditor would need to gather competent and sufficient evidence related to the

contract.

In testing the contract, the auditor would have to gather sufficient and competent evidence to

ascertain how much work was completed under the contract. According to GAAP, revenue must

be earned and realized in order to be recorded. The bottom line is that inquiry of management,

without corroboration, would not be enough to conclude on the appropriateness of revenue

recognition practices. While interviews of management may be an appropriate first step in the

evidence gathering process, the interviews cannot serve as the basis for an auditor's conclusion.

Students must always remember that the auditor must consider the source of the evidence when

evaluating the competence of evidence. And, given the elevated inherent risk for this

transaction, the competence of evidential matter relied upon would be even more important.

Stated simply, the auditor would have to examine documentary evidence that convinced the

auditor that revenue should be recognized.

9. Explain why an accounting and auditing research function (like Andersen's PSG) is important in the

operations of a CPA firm. What role does the function play in completing the audit?

In order to mitigate their risk of an audit failure, CPA firms must implement their own

system of internal controls to ensure that professional standards (and their own standards) of

audit quality are being met. Stated simply, a fim1 must have assurance that the work being

completed by its audit professionals is being completed in accordance with professional

standards set forth by the firm.

The accounting and auditing research ftmction (like Andersen's PSG) is an instrumental part

of a finn 's quality assurance process. Typically, the group is comprised of a CPA firm's leading
techn ical experts on accounting, auditing and industry-specific professional standards. Thus, if

an engagement paitner (like Andersen' s David Duncan) encounters a difficult technical issue,

he/she has the necessary technical support that may be necessary to reach the con-ect conclusion

in the field.

10. Consult Section 103 of SARBOX. Do you believe that the engagement leader of an audit (like David

Duncan on the Enron audit) should have the authority to overrule the opinions and recommendations of

the accounting and auditing research function (like the PSG)? Why or why not?

According to Section I03 of SOX, the "PCAOB shall: I) register public accounting fom s; 2)

establish, or adopt, by mle, " auditing, quality control, ethics, independence, and other standards

relating to the preparation of audit reports for issuers; 3) conduct inspections of accounting firms;

4) conduct investigations and disciplinary proceedings, and impose appropriate sanctions; 5)

perfom1 such other duties or functions as necessary or appropriate; 6) enforce compliance with

the Act, the rules of the Board, professional standards, and the securities laws relating to the

preparation and issuance of audit reports and the obligations and liabilities of accountants with

respect thereto; 7) set the budget and manage the operations of the Board and the staff of the

Board."

In essence, this section of SOX provides for government regulation of the audit profession

and it represents one of most dramatic changes mandated by the new law. Indeed, this section

requires the PCAOB to perform detailed inspections of the audit process employed by each audit

fim1. In addition, PCAOB inspectors have the authority to review the audit work completed at

any publicly traded corporations. Considering that the audit profession has relied solely on peer

evaluation for decades, this represents a dramatic change.

 Considering these sweeping changes, there is no way that an engagement partner should

be allowed to ovenu le the firm's technical experts on an accounting or auditing matter. The

role of the technical experts is to provide information needed to make a correct decision on

a technical or complex matter. By the ve1y nature of the expert's role, they are used at a

time when the auditing professionals do not have the knowledge to make a correct decision.

To ovenule the expert would defeat the objective of the technical experts entirely.

In addition, in the post-Sarbanes environment, it is not likely that the PCAOB would agree

that the engagement paiiner on a particular audit should have the authority to ovenule the firm's

auditing and accounting research group. The bottom line is that since the function is in place to

insure a quality audit, it is likely that a PCAOB inspector would note this as an egregious

violation of a fim1 quality control procedure and may even issue some type of sanction against

the finn.

11. After Carl Bass was removed from the Enron account, he indicated to his boss that he did not believe

Enron should have known about internal discussions regarding accounting and auditing issues. Do

you agree with Bass's position? Why or why not?

In general, it is hard not to agree with Carl Bass's position that Emon should not have known

about the internal discussions regarding accounting and auditing treatments. There are a number

of different points that can be made to support this view. They include:

• The firm has an obligation to maintain independence and objectivity per the
requirements of Rule 102 of the AICPA Code of Conduct. In order to maintain
independence and objectivity, the firm should have a policy that prevents this type of
communication with the client about the treatment of complex accounting or auditing
transactions. Collaboration with the client on these types of issues is comparable to
asking " their opinion", which of course would be a violation of independence
standards.
 • It is absolutely not acceptable to allow the client to know about any internal
discussions related to a complex accounting and/or auditing issue. The firm's
position needs to be unified to the client in all cases. If employees of Enron knew
about such conversations, they may be able to understand the " thinking" behind
certain audit procedures and perhaps take actions to circumvent other audit
procedures that might be considered by the audit firn1. Additionally, sharing this
internal information violates independence in appearance.

12. Consult Section 203 of SARBOX. Do you believe that this provision of the law goes far enough? That is,

do you believe the audit firm itself (and not just the partner) should have to rotate off an audit

engagement every five years? Why or why not?

According to Section 203, the lead audit or coordinating partner and the reviewing partner

must rotate off of the audit every 5 years. Again, it is hard not to agree that some type of auditor

rotation should be required. However, there may be differences in opinion on whether this

provision goes far enough. Some thoughts raised by students may include:

• The current provision is sufficient to maintain independence. There is no need to rotate

the entire firm from the audit. Doing so would be too costly to both CPA finns and audit
clients. If the entire audit finn was required to rotate off, the tradeoff is that the new CPA
firn1 would not have the benefit of the experience and knowledge gained by the staff on
prior audits. Previous knowledge proves beneficial for analytical procedures and during
substantive testing. As a result, the overall cost of perforn1ing the audit would increase.

• The current provision is not enough. Instead, Section 203 of SOX should require that the
audit firn1 should rotate off the engagement every five years. The fact is that the longer a
finn is involved with a client, the greater the chance that the film's objectivity will
become compromised as evidenced by the relationship between Andersen and Enron.

13. Consult Paragraph 9 of PCAOB AuditingStandard No. 5. Based on your understanding of inherent

risk assessment and the case information, identify three specific factors about Enron's business model

in the late 1990s that might cause you to elevate inherent risk at Enron.

At the entity and at the financial statement assertion level, inherent risk refers to the exposure

or susceptibility of an assertion within an entity's financial statements to a material misstatement,

without regard to the system of internal controls. A detailed understanding of an audit client's

business model, including their products and se1vices is an essential part of an auditor' s inherent

risk assessment process at both the entity level and the financial statement assertion level.

Inherent risk assessment guides the auditor to allocating resources towards testing specific

accounts as well as what planning what substantive tests will be employed during testing.

Paragraph#9 of PCAOB Auditing Standard No. 5 relates to the planning of the audit of

internal control over financial reporting. Specifically, the paragraph says that such audit should

be properly planned and assistants, if any, are to be properly supervised. The paragraph then

goes on to explicitly identify matters that will impact the auditor's procedures. Several of the

relevant factors include: 1) Matters affecting the industry in which the company operates, such as

financial reporting practices, economic conditions, laws and regulations, and technological

changes; 2) Matters relating to the company's business, including its organization, operating

characteristics, and capital strncture; 3) Legal or regulatory matters of which the company is

aware; and 4) The relative complexity of the company' s operations.

Importantly, the factors that are likely to impact the audit of internal control over financial

reporting mirror the factors that are likely to impact the assessment of inherent risk in a financial

statement audit. This is a key learning point for this question. In the 1980s, while employing an

asset heavy strategy, Enron was a relatively simple enterprise, with a straight forward business

model. As such, the inherent risk assessment is likely to have been much lower in the 1980s than

in the late 1990s. In the late 1990s, there were a number of factors that would result in a higher

inherent risk assessment by the independent auditor, including:

• Significant changes to its industry enviromnent due to the government's decision to

de-regulate their industry. Specifically, the government decided to allow the market
 forces of supply and demand to dictate prices and volumes sold (previously the
government had dictated the price pipeline companies paid for gas and the price they
could charge their customers). This represents a significant change for the market and
the business practices employed by Enron. Dramatic changes in the industry
environment increase inherent risk in a client.

• Since Enron was now contracting with other pipeline companies to get their gas to
certain customer (e.g., Brooklyn Union), Enron was assuming added risks related to
the transpo1iation of the gas. Enron' s assumption of additional operational risk
increases the overall inherent risk level for Enron.

• Enron entered into many long tern1 contracts with their clients. Because the tenns of
the contract (e.g. price) was purely speculative, Enron was assuming additional risk
that the future price of their products (e.g. gas) would rise above the contract price.
The nature of many of their long-tern1 contracts was now riskier because prices
could rise to a level that would make the contract unprofitable.

• Enron became regularly involved with the trading and financing of nah1ral gas
contracts. The accounting for such contracts is complex. In addition, the natural gas
contracts it devised were quite complex and variable, depending on different pricing,
capacity, and transportation parameters. Complex business transactions require
complex accounting. As a result, inherent risk increases for complex transactions
because it requires the independent auditor to possess complex technical knowledge
regarding the appropriate accounting for the transaction.

• Enron decided to apply its "trading model" to other commodity markets, including
electricity, paper and chemicals. Due to the fact that these conunodity markets were
a new focus for Emon, there is risk associated with the possibility that the "trading
models" would not be fundamentally appropriate for the other commodity markets.

• Enron undertook international projects involving the construction and management of

energy facilities outside the United States- in the United Kingdom, Eastern Europe,
Africa, the Middle East, India, China, and Central and South America. When a
company employs a globalization strategy, they assume an increased inherent risk
associated with the reliance upon foreign economies, exchange rates, as well as a
number of potential political and cultural barriers.

• Enron began using mark to market (MTM) accounting for its trading business. Enron
was the first company outside the financial services industry to use MTM accounting.
MTM accounting involves a series of subjective valuations that require management
discretion.

• Emon also began establishing several "special purpose entities," which were formed
to accomplish specific tasks, such as building gas pipelines. An SPE could be utilized
by a company hoping to achieve certain accounting purposes, such as hiding debt or
certain assets.
14. Consult Paragraphs .03-.06 of AU Section 311. Comment on how your understanding of the inherent

risks identified at Enron (in Question 13) would influence the nature, timing, and extent of your audit

work at Enron.

According to paragraph #5 of AU Section 311 " In planning the audit, the auditor should

consider the nature, extent, and timing of work to be perfom1ed and should prepare a written

audit program (or set of written audit programs) for every audit. The audit program should set

forth in reasonable detail the audit procedures that the auditor believes are necessary to

accomplish the objectives of the audit. The fonn of the audit program and the extent of its detail

will vary with the circumstances. In developing the program, the auditor should be guided by the

results of the planning considerations and procedures. As the audit progresses, changed

conditions may make it necessary to modify planned audit procedures." As a general rule, the

lower the risk of material misstatement, the less audit attention is needed during the audit. It

therefore follows that the higher the risk of material misstatement; the more audit attention is

needed during the audit. Although this is somewhat obvious, it is a basic point that needs to be

driven home to students.

Clearly the nature, timing and extent of audit work should change as a result of the auditor's

risk assessment. Specifically, "if the risk is lower, the persuasiveness of the evidence that the

auditor needs to obtain also decreases." On the other hand, as the risk increases, the

persuasiveness of the evidence that the auditor needs to obtain also increases. Regarding the

timing of testing for controls, "as the risk associated with the control being tested decreases, the

testing may be perfom1ed farther from the as-of date; on the other hand, as the risk associated

with the control increases, the testing should be performed closer to the as-of date." Finally,

regarding extent of testing for controls, "as the risk associated with a control decreases, the
extensiveness of the auditor's testing should decrease; as the risk associated with a control

increases, the extensiveness of the auditor's testing also should increase."

In addition, Paragraph#46 of PCAOB Auditing Standard No. 5 also provides some relevant

guidance for this question. Specifically, the paragraph states that "the evidence necessary to

persuade the auditor that the control is effective depends upon the risk associated with the

control." Specifically, if the risk is lower, the evidence needed to persuade the auditor about its

effectiveness decreases. On the other hand, as the risk increases, the evidence needed to

persuade the auditor will clearly increase.

15. Consult Paragraphs 28- 30 of PCAOB Auditing Standard No. 5. Next, consider how the change in

industry regulation and Enron's resulting strategy shift would impact your inherent risk assessment

for the relevant assertions about revenue. Finally, idenity the most relevant assertion for revenue

before and after Enron's resulting strategy shift and briefly explain why.

Among other matters, paragraphs #28-30 of PCAOB Auditing Standard No. 5 focuses the

auditor's attention on the impo1tance of identifying each of the relevant financial statement

asse1tions related to significant accounts and disclosures. Indeed, the identification of relevant

assertions is a critical component of the audit of internal control over financial reporting.

Specifically, according to Paragraph # 28, "relevant assertions are those financial statement

assertions that have a reasonable possibility of containing a misstatement that would cause the

financial statements to be materially misstated." In paragraph #30, auditors might "dete1mine

the likely sources of potential misstatements by asking himself or herself " what could go

wrong?" within a given significant account or disclosure." It is clear that certain financial

statement asse1tions are "more" relevant than others for a paiticular set of financial statements.
 When Emon shifted from the "asset heavy" strategy to the "asset light" strategy, Emon

essentially was operating in a "new" industry because it faced an entirely new business

environment, with new industry regulations. As a result, the likelihood that a material

misstatement could occur has increased due to the possibility of Enron (or Andersen) not fully

understanding all aspects of the new regulated industry environment and the relevant accounting

guidance. This change in business environment and a necessary understanding of the related

aspects of a new industry represents an increase in inherent risk that material misstatement could

occur.

For the Revenue account, among others, there are two relevant assertions that stand out.

Specifically, the resulting strategy change at Enron would significantlyincrease inherent risk

assessment related to the Valuation or Allocation assertion for revenue recognized on contracts

when using mark-to-market accounting. That is, given the number of estimates used when

determining the specific amount of revenue to be recognized, inherent risk would be elevated. In

addition, the inherent risk related to the Occurrence assertion would also be elevated since it is

not entirely clear whether the revenue related to such contracts should have been recognized

under GAAP. In addition, the Existence or Occurrence assertion related to revenue recognized

from international subsidiaries and/or SPEs would also be elevated. The implementationof

several international subsidiaries and/or SPEs increases the likelihood that revenue fraud

tlu·ough related party transactions could occur. As such, an elevation of the level of inherent risk

occurs.
16. Consult Paragraphs .14-.16 of AU Section 316. How might a revenue recognition fraud occur under

Enron's strategy in the late 1990s. Identify an internal control procedure that would prevent, detect,

or deter such a fraudulent scheme?

According to paragraph #14 of AU Section 316, on each audit engagement " members of the

audit team should discuss the potential for material misstatement due to fraud." According to

paragraph #15 of AU Section 316, this discussion "should include a consideration of the known

external and internal factors affecting the entity that might (a) create incentives/pressures for

management and others to co1mnit fraud, (b) provide the opportunity for fraud to be

perpetrated, and (c) indicate a culture or environment that enables management to rationalize

committing fraud." Of course, these three factors are commonly refened to as the "fraud

triangle". The first condition (incentives/pressure)recognizes that an employee or a manager of a

company is likely to either have incentives in place (e.g., bonus compensation) or be under

significant pressure to achieve meet specific estimates, forecasts, or expectations. The second

condition (opportunity) recognizes that in order for a fraud to be perpetrated, the internal control

environment must provide an opportunity for an employee or a manager of a company to

commit a fraudulent act. Finally, the third condition (rationalization) recognizes that for an

employee or a manager of a company to perpetrate a fraud, the individual (or individuals) must

possess an "attitude" that allows them to rationalize that they are knowingly committing a crime.

Clearly, there are a number of allowable answers to this question. The absolute key is that

students show that they have tried to " brainstorm" about how a fraud might occur at Enron. As

long as this has been demonstrated, we recommend that credit be awarded for this question.

Importantly, this question is also designed to help the students understand the

differences between preventive controls and detective controls and the importance of

each in a well-
functioning internal control system. The absolute key to answering this part of the question is to

focus on a relevant financial statement assertion. That is, in the post-Sarbanesenvironment,

students must be able to identify a control procedure that would prevent specific misstatements

from occurring related to specific assertions.

For example, one control procedure that could be designed to prevent a fraud related to the

valuation or allocation assertion related to revenue would be to have an appropriate manager

approve all relevant assumptions used to estimate the amount of revenue to record related to a

particular contract. In addition, another possible revenue fraud would involve side agreements

within related party transactions. As Enron began to implement international subsidiaries and/or

SPEs, there is an increased likelihood that not all revenue transactions were completed as an

"arm's length transaction." As such, a prevention control would be to implement control

activities such as documentation and appropriate approvals for all related party transactions.

This would help ensure proper disclosure in the financial statements.

17. Consult Paragraphs .07-.08 of AU Section 316. Based on your understanding of fraud risk assessment,

what three conditions are likely to be present when fraud occurs (the fraud triangle)? Based on the

information provided in the case, which of these three conditions appears to have been the most prevalent

at Enron, and why?

According to paragraph #7 of AU Section 316, "Three conditions generally are present

when fraud occurs. First, management or other employees have an incentive or are under

press ure , which provides a reason to commit fraud. Second, circumstances exist- for

example, the absence of controls, ineffectivecontrols, or the ability of management to override

controls- that provide an opportunity for a fraud to be perpetrated. Third, those involved are

able to rationalize committing a fraudulent act. Some individuals possess an attit ude ,

character, or set
of ethical values that allow them to knowingly and intentionally commit a dishonest act.

However, even otherwise honest individuals can commit fraud in an environment that imposes

sufficient pressure on them. The greater the incentive or pressure, the more likely an individual

will be able to rationalize the acceptability of committing fraud."

The tlu·ee conditions that are likely to be present comprise what is commonly referred to

as the "fraud triangle". The first condition (incentives/pressure) recognizes that an employee

or a manager of a company is likely to either have incentives in place (e.g., bonus

compensation) or be under significant pressure to achieve meet specific estimates, forecasts,

or expectations. The second condition (opportunity) recognizes that in order for a fraud to be

perpetrated, the internal control environment must provide an opportunity for an employee

or a manager of a company to commit a fraudulent act. In order to have an opportunity to

commit fraud, there must be a weakness in the operating effectiveness of a control or a non-

existent control. Finally, the third condition (rationalization) recognizes that for an

employee or a manager of a company to perpetrate a fraud, the individual (or individuals)

must possess an "attitude" that allows them to rationalize that they are knowingly

committing a crime.

For Enron, as evidenced by the case inforn1ation, the incentives and pressure was the most

prevalent factor. For example, executives had incentive to achieve high revenue growth because

their salary and bonus levels were directly linked to reported revenues. In addition, they also had

incentive to achieve high revenues and earnings targets because of the shares of stock they held.

That is, Enron made significant use of stock options as a means to provide incentives for its

executives to achieve growth. Indeed, as of December 31, 2000, Enron dedicated 96 million of

its outstanding shares (almost 13 percent of its common shares outstanding) to stock option

plans. When a senior manager holds a quantity of stock options, it is in their personal best
interest to see the value of the share go up even if it means overstating income fraudulently. This

is precisely the type of condition that may lead to a fraud.

18. Consult Paragraph 25 of PCAOB Auditing Standard No. 5. Define what is meant by control environment.

Why is the control environment so important to effective internal control over financial reporting at an

audit client like Enron?

Paragraph #25 of Auditing Standard No. 5 outlines the auditor's responsibilities to

understand the control environment. Indeed, " becauseof its importance to effective internal

control over financial reporting, the auditor must evaluate the control environment at the

company." The control environment is influenced heavily by a company's management team

and is therefore often refened to as "the tone at the top". With respect to the control

environment, the absolute key for management is to try and impact the attitudes towards internal

controls throughout the organization by setting the proper example for the organization to

follow.

According to paragraph #25, "As part of evaluating the control enviromnent, the auditor

should assess -

• Whether management's philosophy and operating style promote effective internal control

over financial reporting;

• Whether sound integrity and ethical values, paiticularly of top management, are developed

and understood; and

• Whether the Board or audit committee understands and exercises oversight

responsibility over financial reporting and internal control.

The control enviromnent has a "pervasive" effect on the reliability of financial repo1ting at

Enron and all audit clients because it impacts ALL other components of an organization's

internal control system. The lack of an appropriate control environment sends a message to all
employees that management does not believe internal controls are important for efficiency and

effectiveness of financial reporting.

While it is difficult to glean inforn1ation that would allow for a complete evaluation of the

integrity of Emon's management, their competence, their leadership style, or their perceived

honesty from the case materials, students should point out that Emon' s compensation philosophy

(as an example of the company's human resource process) should raise concern about their

control environment. " At Emon, executives had incentives to achieve high-revenue growth

because their salaiy increases and cash bonus amounts were linked to repo1ted revenue. " This

policy sends a message to employees that above all it is important to meet financial

expectations.

In fact, the Enron case provides a terrific context to illustrate that an organization's

compensation policy can be used as a mechanism to foster an excellent control environment.

"One Emon employee said, ' At the time, it was a great tool... When we started the ranking

process, we were trying to week out the lower 5 or 6 percent of the company."' This control

intends to strip Enron of employees who are not adding value to their business processes.

However, it does not appear that Enron has taken advantage of this opportunity. The nature of

the ranking system established a cutthroat control environment where everyone fought for

themselves and did whatever they could to meet or exceed the financial expectations placed upon

them. Overall, by the end of class discussion, it should be clear that a proper control

environment importance provides a platfonn or a foundation for the entire internal control

system.
19. Consult Paragraphs 21-22 of PCAOB Auditing Standard No. 5. Comment on how your understanding

of Enron's control environment and other entity-level controls would help you implement a top-down

approach to an internal control audit at Enron.

According to paragraph #21 of PCAOB Auditing Standard No. 5, "The auditor should use a

top-down approach to the audit of internal control over financial reporting to select the controls

to test. A top-down approach begins at the financial statement level and with the auditor's

understanding of the overall risks to internal control over financial reporting. The auditor then

focuses on entity-level controls and works down to significant accounts and disclosures and their

relevant assertions. This approach directs the auditor's attention to accounts, disclosures, and

assertions that present a reasonable possibility of material misstatement to the financial

statements and related disclosures".

In paragraph #22, the PCAOB states that the "auditor must test those entity-level controls

that are important to the auditor's conclusion about whether the company has effective internal

control over financial reporting. The auditor's evaluation of entity-level controls can result in

increasingor decreasing the testing that the auditor otherwise would have performed on other

controls." The absolute goal of this process is to help the auditor focus on those controls that

really matter in supporting the goal of reliable financial reporting.

While it is difficult to glean information that would allow for a complete evaluation of

Emon's control environment and entity level controls, the case does provide enough detail to

conclude that the integrity of Enron's management, their leadership style, and their compensation

philosophy should raise concern about their control environment and perhaps other entity level

controls. Overall, by the end of class discussion, it should be clear that a proper functioning
control environment and strong entity level controls provide a foundation for the entire internal

control system.

20. Consult Paragraph 69 of PCAOB Auditing Standard No. 5 and Sections 204 and 301 of SARBOX. What

is the role of the audit committee in the financial reporting process? Do you believe that an audit

committee can be effective in providing oversight of a management team like Enron's?

It is important to note that paragraph #69 of Auditing Standard No. 5 explicitly notes that

"ineffective oversight of the company's external financial reporting and internal control over

financial reporting by the company's audit committee" is an indicator of a material weakness in

internal control over financial reporting. This of course has elevated the importance of the audit

committee. In addition, the audit committee plays an important role as a liaison with a

company's auditor. According to Section 301 of SOX, the "audit committee of an issuer shall be

directly responsible for the appointment, compensation, and oversight of the work of any

registered public accounting firm employed by that issuer." Moreover, according to Section 204,

the auditing fom must report all "critical accounting policies and practices" and " all alternative

treatments of financial infonnation within [GAAP] that have been discussed with management"

as well as the " ramifications of the use of such alternative disclosures and treatments, and the

treatment prefen ed" by the auditing fom. This is an impo1tant component of the oversight role

played by the audit committee.

For Enron, the audit committee can absolutely be effective in helping to insure fair and

accurate financial reporting. Specifically, the audit co1mnittee can help to insure that an

organization's tone at the top is properly established. In addition, an audit committee can

have important input into the compensation policies at an audit client. That is, the audit

co1mnittee can help insure that an organization is not providing extra incentives to

managers (via their

compensation policies) to co1mnit a fraudu lent act. When compensation wages and bonuses are

tied to the financial perfom1ance of the company, there is strong motivation to commit a

fraudulent act in order to "earn" a personal compensation incentive. Or, they can help to include

perfom1ance measures for fair and reliable financial reporting in the compensation structure for

individuals responsible for financial reporting.

21. Consult Sections 302 and 305 and Title IX of SARBOX. Do you believe that these new provisions

could help deter fraudulent financial reporting by an upper management group? Why or why not?

According to section 302 of SOX, in the post-Sarbanes audit environment, the CEO and CFO

of each issuer must now prepare a statement to accompany the audit report to certify the

"appropriateness of the financial statements and disclosures contained in the periodic report, and

that those financial statements and disclosures fairly present, in all material respects, the

operations and financial condition of the issuer." If a CEO or CFO violates this section, he/she

can be held criminally liable. Essentially this statement holds the CEO and the CFO personally

liable for the assertions that they have made within the financial statements. And, under Title IX

of SOX, the maximum penalty for filing false financial statements with the SEC "for willful and

knowing violations" are " a fine of not more than $5,000,000 and/or imprisonment ofup to 20

years." This is an absolutely critical point that must be made to answer this question. The

bottom line is that crime does not pay! Imprisonment and financial penalties have been

established to deter an upper management group from conunitting fraudulent activity.

A further illustration of the point that crime really does not pay can be found in Section 305

of SOX. According to Section 305, if a company is ultimately required to restate their financial

statement with the SEC due to "material noncompliance" with financial reporting rule, the CEO

and CFO are now required to "reimburse the issuer for any bonus or other incentive-based or
equity-based compensation received during the twelve months following the issuance or filing of

the noncompliant document and any profits realized from the sale of securities of the issuer"

during that period."

Given the changes brought upon by SOX, these new provisions are likely to deter fraudulent

behavior. Stated simply, the penalties are severe and if it is found that such an upper manager

did profit from a fraudulent act, the law now provides a clear mechanism to get the money

back; not only to repay the financial benefit but also to incur punitive penalties as well,

amounting to financial penalty and jail time.

22. Consult the key provisions of Emerging Issues Task Force (EITF) 90-15. How did Enron's Chewco SPE

fail to meet the outside equity requirement for nonconsolidation? Did Enron meet the control

requirement for nonconsolidation?

According to EITF 90-15, in order for Enron to not consolidate an SPE, there must be an

independentowner of the SPE with at least a 3% ownership interest, and that interest must

remain at risk throughout the transaction. Importantly, the independent owner must also

exercise control of the SPE.

In the Chewco SPE situation, the "outside" owners that comprised the necessary 3%

ownership interest were not truly independent from Enron. Specifically, in substance,

Michael Kopper, an Enron employee who repo1ted to Andrew Fastow (Enron' s CFO), was

in control of the entity, even though the partnership agreement provided some limits on the

general part ner ' s ability to manage the partnership's affairs. As a result, Enron did not meet

the control requirement for non-consolidation because they did not have an independent

owner exercise control over the SPE. Instead, Enron put one of its own people, Michael

Kopper, who had been reporting to a top Enron manager, as manager of Chewco.
 In addition, while the majority of the 3% interest came from an entity called Big River

Funding LLC (whose sole member was an entity called Little River Funding LLC), most of

this money was provided by Barclays Bank ($11.4 Million) in the fonn of "equity loans" to

Big River and Little River. And since Barclays Bank required Big River and Little River to

establish cash reserve accounts of $6.6 million that were fully pledged to secure repayment

of the $11.4 million, there was never really 3% at risk throughout the transaction. This

violates EITF 90-15 because the independent owner (who was not really independent) did

not maintain a 3% owner that was at risk throughout the transaction. As a result, Chewco

did not meet the independent ownership requirement for nonconsolidation, nor did Enron

meet the "control" requirement for nonconsolidation.

23. Based on your understanding of the audit evidence, did Arthur Andersen rely on sufficient and

competent audit evidence in its audit of the Chewco transaction? Why or why not?

The competence of audit evidence refers to the quality of the evidence gathered for a

financial statement assertion about a financial statement account balance and/or an economic

transaction(s). There are two aspects to evidence quality that are most important: relevance

and reliability. The relevance of audit evidence specifically relates to whether the evidence

gathered actually relates to the financial statement assertion being tested. That is, will the

evidence allow the auditor to reach conclusions related to that particular financial statement

assertion?

The reliability of the evidence specifically relates to whether the evidence gathered can

trnly be relied upon as providing a tlue indication about the financial statement assertion

being tested. There are a number of factors that should influence an auditor' s conclusions
about reliability, the most important of which is probably the source (e.g., is it from an

independent3rd party?) of the audit evidence.

The sufficiency of audit evidence refers directly to the quantity of the audit evidence

gathered about a financial statement assertion. All things being equal, the greater the risk of

material misstatement related to the financial statement assertion, the more audit evidence

will be gathered by the auditor. An auditor must obtain sufficient audit evidence that they are

able to gain comfort over the assertion with the financial statements.

On the Chewco transaction, Anderson did not obtain sufficient and competent audit

evidence when examining the Chewco transaction. For example, Andersen requested that

Emon provide documents relating to Chewco's fo1mation and strncture. Given Emon's

ownership of JEDI and its involvement with Chewco transaction, this was absolutely

essential. However, Emon told Andersen that it did not have these documents and could not

obtain them because Chewco was a third party with its own legal counsel and ownership

independent ofEmon. The fact is that Jedi's ownership in Chewco and Enron's ownership in

JEDI meant that Andersen needed to review this evidence. Thus, Enron's response that they

did not have these documents was inadequate and Andersen should have demanded to

examine this information. In fact, Andersen should have threatened to disclaim their opinion

without such evidence based on the scope restriction.

In addition, the evidence that Andersen did rely on for the Chewco transaction was not

competent. While Andersen did receive a confinnation regarding the loan agreement from a

Chewco representative, the reliability of the body of evidence should have been questioned

as the majority represented internal documents including:

 • Minutes ofEmon's ExecutiveCommittee of the Board of Directors approving
the transaction;

• The $132 million loan agreement between JED I and Chewco;

• Emon's guarantee agreement of a $240 million from Barclays to Chewco

• An amended JEDI partnership agreement

• A representation letter from Emon and a representation letter from JEDI, each of
which stated that related party transactions had been disclosed and that all
financial records and related data had been made available to Andersen.

It is important to understand internally developed documents are not nearly as competent as a

confirmation from an independent3rd party. External evidence is significantly more competent

than internal documents. The auditor must consider the nature of the source from which the

evidence is derived.

24. Consult Section 401 of SARBOX. How would Section 401 apply on the Enron audit? Do you think

Section 401 would have improved the presentation of Enron's financial statements? Why or why not?

Section 401 of SOX explicitly requires that each set of financial statements (and related

disclosures) that is required to be prepared in accordance with GAAP, shall disclose all

material off-balance sheet transactions" and "other relationships" with "unconsolidated

entities" that may have a material cuITent or future effect on the financial condition of the

issuer." It is abundantly clear that the inclusion of this section of SOX was based on

restatement ofEmon's financial statements due to its SPE relationships,namely the Chewco

entity.
 There is no doubt that Section 401 of SOX would have dramatically improved the

presentation of Emon's financial statements. Consider that when the Chewco transaction was

reviewed in October/November 2001, Enron and Andersen concluded that Chewco was an SPE

without sufficient outside equity and that it should have been consolidated into Emon's financial

statements. The retroactive consolidation of Chewco and the investment partnership in which

Chewco was a limited partner had a largely material impact on the financial statements of

Enron. The retroactive consolidation in the restatements decreased Emon 's repo1ted net income

by $28 million (out of $105 million total) in 1997, by $133 million (out of $703 million total) in

1998, by $153 million (out of $893 million total) in 1999, by and by $91 million (out of $979

million total) in 2000. The restatement also increased Emon 's repo1ted debt by $711 million in

1997, by

$561 million in 1998, by $685 million in 1999, and by $628 million in 2000.

25. Consult Paragraphs .03-.08 of AUSection 326. Identify at least one relevantfinancial statement

assertion about the financial statementaccounts related to the Chewco transaction. Provide

adequatesupport for your answer.

For the Chewco transaction, there are at least two relevant assertions that the auditor should

identify when auditing internal control over financial reporting. First, is the completeness

asse1tion related to Emon 's long term liabilities? Clearly, there were significant long term

liabilities that were "hidden" off the balance sheet and on the balance sheet of a non-consolidated

SPE. The Chewco entity should have been properly consolidated within the financial statements

of Enron, as a result the reported long tern1 liabilities were understated. Second is the

presentation and disclosure assertion related to disclosure of the Chewco special purpose entity?

There was not proper disclosure of the related party Chewco, as it did not meet the control

requirement nor the independent ownership requirement of the EITF 90-15.

26. Consider the role of the Enron employee who was responsible for applying MTM accounting

rules to electric power contracts, like the Eli Lilly contract. Assuming the employee knew that

the use of MTM accounting was beyond the scope of the SEC approval parameters, do you

believe that the employee had a responsibility to report the behavior to the audit committee?

Why or why not?

Clearly, there are a number of allowable answers to this question. The absolute key is for a

student to try and justify his or her position. Consider the following acceptable sample answer

from a student:

Yes, I do believe that the employee had a responsibility to report the use of MTM accounting

beyond the scope of SEC approval to the audit committee. The employee should have realized

that while the short term benefits of taking this action may seem promising on the surface, the

long term effects will ultimately be harmful. In my opinion, such an employee should follow a

constant maxim. Their maxim in this example should have been not to apply the MTM

accounting rnles to any transaction that was beyond the scope of SEC approval. If it was applied

and they knew about the action, they should have reported the action to the audit committee.