Being a Seminar Paper
Members of ICAN (Institute of Chartered Accountants of Nigeria) Lagos Mainland District Society (LMDS)
on Saturday, 31st August, 2013
Senator Ihenyen, LLB, (Benin) BL
In the early 90s, we had witnessed the collapse of some financial institutions in Nigeria. Interestingly, this negative development was in spite of the massive profits being publicly declared by the companies. And most recently, in the post-consolidation era in the banking sector, we have also seen these practices repeat themselves, with the attendant loss usually suffered by the stakeholders. These stakeholders include the company, the shareholders and third parties who may have relied on such financial statements to make financial and investment decisions.
Therefore, the roles that auditors play cannot be over-emphasised as far as the financial health of companies and institutions are concerned. Of course, the auditing firms have had to suffer more public criticism and professional humiliation whenever the books of accounts of a company are called to question. There is a crucial nexus between the professional integrity of auditors and the safeguard of the interests of stakeholders.
It is for this reason that there have been deep-rooted global concerns by members of the public and governments about the roles and liabilities of auditors in the auditing of the books of accounts of companies and corporations. And the law as an instrument of social engineering continues to seek stronger statutory framework towards providing effective and efficient regulations. This has been basically through statutory provisions.
To start with, let’s consider some of these roles and liabilities.
Appointment of Auditors
We need not labour ourselves, I believe, about how an auditor is appointed. A special resolution passed at an Annual General Meeting of a company is sufficient. And only Accountants who are licensed by either the Institute of Chartered Accountants of Nigeria (“ICAN”) or members of the Association of National Accountants of Nigeria (“ANAN”) are qualified to be auditors as provided in the Companies & Allied Matters Act, 1990 (“CAMA”). Section 357 and 358 provide for these, wherein the latter section recognises the ICAN Act (Institute of Chartered Accountants of Nigeria) as having effect in this respect.
To ensure the independence of auditors, section 358 further states persons who are disqualified from being appointed as auditors of a company.
Roles of Auditors
You may also choose to call it responsibilities, duties, obligations or functions of auditors.
According to O. I. Wale-Awe, in his work Auditor’s Laibility to Third Parties in Nigeria (Published in UNAD International Journal of Accounting Vol 2, No 1, 2003 pp1-5), an auditor owes his client both explicit and implicit duties.
Categorised under explicit duties are those duties derived from the specific and express terms of his engagement. Such may be contained in his letter of engagement, the Article and Memorandum of Association of the client, and statute (CAMA 1990, SEC rules, Tax Laws, etc).
On the other hand are implicit duties. As the term suggests, they are not express but implied duties. In other words, from common law, implied duties denote the situation where the principle of negligence with the duty of care applies.
Let’s take a closer look at one of the main categories of the explicit duties: the statutes, specifically the Companies & Allied Matters Act, 1990 (“CAMA”). By section 360 of the CAMA, the primary functions of an Auditor of a company are to audit the financial statements of the company and form an opinion as to whether:
(a) proper accounting records have been kept by the company and,
(b) the company’s balance sheet and profit and loss account are in agreement with the accounting records and returns.
The auditor is also required to consider whether the information given in the director’s report for the year for which the accounts are prepared is consistent with those accounts and state so accordingly.
Other functions of an Auditor include:
(a) making a report to the company and its shareholders and qualifying its report where necessary;
(b) investigation of and request for supply of information omitted from the company’s financial statement supplied to the Auditor for the audit by the company to ensuring that the audit is carried out in due compliance with regulations.
Apart from statutory provisions, the judicial decision in RE: London & General Bank (No. 2)  Ch.D 673 @ 683 is also useful in this regard. Here, the court stated:
“It is the duty of an Auditor to bear on the work he had to perform that skill, care and caution which a reasonably competent, careful, and cautious Auditor would use. What are reasonable skill, care and caution must depend on the particular circumstances of each case. An Auditor…is not bound to do more than exercise reasonable care and skill in making inquiries…He is not an insurer; he does not guarantee that the books do correctly show the true position of the company’s affairs;…He must be honest – i.e., he must not certify what he does not believe to be true and he must take reasonable care and skill before he believes that what he certifies is true…Where there is nothing to excite suspicion very little inquiring will be reasonably sufficient…Where suspicion is aroused, more care is obviously necessary; but still, an Auditor is not bound to exercise more than reasonable care and skill, even in a case of suspicion…”
It is therefore clear from the above that what the law contemplates is that the role of an Auditor is investigatory.
Liabilities of Auditors
Having discussed some of the major roles and duties of an auditor, we can now conveniently look at the liabilities of an auditor.
An auditor is not infallible. He is human. This is why the law cannot hold him responsible for pure errors of judgment. However, the law requires of him to exercise all due diligence and skills that a reasonable Auditor will deem necessary in the performance of his statutory duties.
This is because by law, he shares a special fiduciary relationship with the company for which he is rendering his professional service. Being a professional giving his opinion upon which his clients have placed reliance, he is required to apply adequate skill with reasonable care and diligence. This is because he shall be held liable for acts resulting from his negligence, bad faith or dishonesty.
This principle has been statutorily provided for in section 368 of the CAMA. It provides that:
(1) A company’s auditor shall in the performance of his duties, exercise all such care, diligence and skill as is reasonably necessary in each particular circumstance.
(2) Where a company suffers loss or damage as a result of the failure of its auditor to discharge the fiduciary duty imposed on him by subsection (1) of this section, the auditor shall be liable for negligence and the directors may institute an action for negligence against him in the court.
(3) If the directors fail to institute an action against the auditor under subsection (2) of this section, any member may do so after the expiration of thirty days notice to the company of his intention to institute and action.
The above statutory provisions are clear and succinct. Similarly, the general principle of negligence under the common law has been made to apply to statutorily appointed Auditors. The operative element is the presence of a fiduciary duty. Any negligence on the part of an auditor, being a breach of the legal duty to take care, shall result in his liability to the person(s) who suffer(s) any consequent damage.
Types of Liabilities
Increasingly, clients are suing their auditors for alleged failure to carry out their duties with reasonable expediency. This is to be expected. Clients rely on their auditors to detect errors and irregularities, if any, in audited financial statements. Whether by failing to deliver financial statements or tax assessments before the deadline, or for alleged errors in the tax returns and financial statements they prepare, auditors can be sued by clients whose financial interest may have been affected premised on such reliance.
Taken from a proper perspective, the liabilities of the auditor can be seen to be of two kinds: liability under common law and liability under statute. Common law involves civil liabilities such as breach of contract and the tort of misfeasance against a client, and liability to third parties.
Under statutes, we have criminal liabilities as provided by legislation such as CAMA 1990, the Criminal Code (applicable in the Southern states in Nigeria) or the Criminal Procedure Code (applicable in the Northern states in Nigeria) and under the various tax laws with penal provisions. Also, liability under statute can arise from the provisions of CAMA, SEC (Securities and Exchange Commission) rules, and the Investments and Securities Act (ISA) 2007.
Misfeasance, being an aspect of civil liability, is the improper performance of some lawful act. Where there exist facts to this effect, a company is entitled in law to file a court action against the Auditor. Damages may be awarded against the auditor.
Under the statutes, an Auditor may also be criminally liable where he, in his report to a company makes a statement, which is false, knowing that the statement is false. Where established, CAMA provides that such an Auditor is liable on conviction, by a High Court of Justice, to Two (2) years imprisonment or, alternatively, on conviction by lower court such as a Magistrate Court, to a fine of N1,000 (One Thousand Naira) or Four (4) months imprisonment or both.
The Rising Incidence of Auditor’s Liability to Third Parties
Provision of Section 368 did not recognise third parties
Although section 368 of the CAMA provides that where an auditor fails to exercise the required duty of care, diligence and skill and such results in loss or damage suffered by the company, it is the directors that may institute an action for negligence. It is only when the directors fail to do so that any member may institute an action after the expiration of 30 days.
From the provision above, it is clear that only the company who has a binding contract with the auditor can sue him, not any other party.
Where then lies the safeguard of the interest of third parties, who may also have suffered determinable losses as a result of their reliance on the auditor’s skills?
The Landmark Decision in Donoghue v. Stevenson: the Principle of Negligence and the Duty of Care
Interestingly, today, a greater percentage of litigation is now instituted by third parties, strangers to the contract between the company and the auditor. There are some celebrated cases outside our jurisdiction such as those of Baring (UK) and Enron (USA).
Without any privity of contract, such third parties include potential investors, customers, government institutions like tax authorities and suppliers.
The question is on what legal principle can such action by third parties be based in the absence of a contractual relationship with the auditor? The celebrated case of Donoghue v. Stevenson  All ER Rep 1;  AC 562; House of Lords provides a logical and legal premise upon which third parties can rely. In this English case, the court awarded damages against the manufacturer of a ginger beer bottle (not against the vendor) which content contained a decomposed snail taken by a lady. Although there was no privity of contract between the manufacturer and the lady, the court held that the defendant did owe the plaintiff or any other unknown person who happens to consume the ginger beer a duty of care and had breached that duty.
In relation to auditor’s liability to third parties, it used to be the case that in the absence of a contract, unless fraud is alleged, an auditor was not liable to damages in favour of third parties; the presence of negligence or otherwise being immaterial. See Chandler v. Crane Christmas & Co. 2 KB 164;  1 All ER 426, where the Court of Appeal held that auditors who had negligently prepared a set of draft accounts on which investors had relied without any contractual relationship were not liable.
The tide changed, flowing from the sound reasoning in Donoghue v. Stevenson, and probably the important dissenting judgment of Denning LJ who had argued for a duty of care for negligent statements in the Chandler case, the House of Lords in the latter case of Hedley Byrne & Co Ltd. v. Heller & Partners  2 All ER 575 held in favour of auditor’s liability to third parties.
The Protection of Auditors through Certain Requirements for Liability to Arise
However, to avoid a situation where auditors would have to suffer for every financial misfortune of investors, the courts have not been unconcerned, otherwise auditors risk becoming the easy black sheep in the financial industry. From the cases generally, there have been certain qualifications aimed at helping to determine what constitutes liability to third parties such as:
(1) The auditor has been proven to be negligent;
(2) Financial loss has been suffered;
(3) There is a direct causal relationship between the financial loss suffered and the auditor’s negligence;
(4) There is or are no other traceable cause(s) apart from the proven negligence of the auditor; and
(5) The auditor had knowledge or ought to have had knowledge that the document prepared and issued by him was to be relied upon in that particular context.
The Circumstances of Each Case is Important in Determining Liability
Having stated the above qualifications, it must be pointed out here that the determination of an auditor’s liability cannot be done with mathematical exactitude. Perhaps, Lord Hodson was making the same point in the case of Hedley Byrne & Co Ltd v. Heller & Partners Ltd  AC 465 when he said at p. 514:
“I do not think it is possible to catalogue the special features which must be found to exist before the duty of care will arise in a given case.”
Similarly, Lord Devlin said, at pp. 529-530:
“I do not think it possible to formulate with exactitude all the conditions under which the law will in a specific case imply a voluntary undertaking any more than it is possible to formulate those in which the law will imply a contract.”
I also agree with their Lordships.
Recent Limitations to the Scope of Auditor’s Liability to Third Parties
Interestingly however, in the recent case of Caparo Industries Plc v. Dickman & Others  2 AC 605, the courts have tended to move towards a more exact conclusion.
The decisions in both the lower courts and the House of Lords in this case were that auditors are not liable to shareholders who base investment decisions on accounts prepared for stewardship purposes. The case in effect limited the scope of auditors’ liability to third parties.
Therefore, the provision of information by auditors of a company was not intended to help shareholders, or any third party for that matter, make decisions as to future investment in the company, but as contemplated by statutes were meant to enable shareholders exercise their class rights in general meetings.
Lord Bridge, in analysing the particular facts of the case based upon principle of proximity, said, inter alia, that there could not be a duty owed in respect of “liability in an indeterminate amount for an indeterminate time to an indeterminate class” (Ultramares Corp v Touche,  174 N.E. 441 at 441 per Cardozo C.J. New York Court of Appeals).
Applying those principles, the defendants owed no duty of care to potential investors in the company who might acquire shares in the company on the basis of the audited accounts. Where any loss is suffered by a company or member of the particular company as a result of the proven negligence of the auditor, the right of action given to such company or member is reasonably sufficient. To avoid the clumsy situation where auditors would become easy scapegoats in the hands of strangers, this current position of the law may have found it more convenient to see third parties as being on a frolic of their own.
How Can an Auditor Defend Himself Against Liabilities Upon Litigation?
To be sure, if every auditor had been complying strictly to standards and regulations, ensuring quality control, avoiding too much reliance on client’s and third parties’ representation, obtaining legal advice to help make letters of engagements clearer or draft disclaimer statements and taking indemnity insurance, there would have been little need for the question above. But of course, “to err is human”, they say, and to raise defences, legal (if I may add).
The law is sometimes like the “Nigerian God” we often come across in the obituaries: it gives and takes. The following are possible defences that an auditor may rely on upon a potential or real suit:
(1). Absence of duty of care where there is no fiduciary relationship.
(2). That auditing standards and best practices of the profession have been complied with and applied in the preparation of audit. E.g. GAAS (Generally Accepted Auditing Standards).
(3). Show as much as you can that the alleged negligence had nothing to do with the ascertainable loss suffered. Once you are able to show a lack of causal connection, there can be no liability on this basis.
(4). The auditor can point accusing fingers at the client, citing contributory negligence. Once you can show that such negligence by the company affected your own professional judgment, your negligence becomes extinguished.
In conclusion, there is no doubt that auditors have very important roles and responsibilities to play in ensuring the safeguard of the interests of stakeholders. By complying with professional standards and regulations, most of his liabilities both under common law and statutes, civil or criminal, would be significantly reduced, if not completely avoided. Lindley L.J.’s words in RE: London & General Bank, earlier cited, would perhaps greatly serve as a useful emphasis here, when he stated at the same page that the business of an auditor:
“…is to ascertain and state the true financial position of the company at the time of the audit…But he does not discharge his duty by doing this without inquiring and without taking any trouble to see that the books themselves show the company’s true position. He must take due care to asertain that they do so. An auditor, however, is not bound to do more than exercise reasonable care and skill in making inquiries and investigations. He is not an insurer; he does not guarantee that the books do correctly show the true position of the company’s affairs; he does not even guarantee that his balance sheet is accurate according to the books of the company. If he did, he would be responsible for the error on his part, even if he were himself deceived without any want of reasonable care on his part, say, by fraudulent concealment of a book from him…he must be honest, i.e. he must take reasonable care and skill before he believes that what he certifies is true”.
As the financial sector continually expands with the
growth of the economy in Nigeria today, and Foreign Direct Investments (FDI) gradually results in the need for improved corporate governance in our companies and compliance with the principles of financial responsibility and transparency in our public sector, the auditor, perhaps more than ever before, has a major role to play in helping to protect the lawful financial interests of the Nigerian stakeholder.
Bhadmus, Y. H., Y. H. Bhadmus on Corporate Law and Practice, Chenglo, Enugu, 2009
Companies and Allied matters Act, Laws of the Federation of Nigeria (LFN) 2004
O. I. Wale-Awe, Auditor’s Laibility to Third Parties in Nigeria, published in UNAD International Journal of Accounting Vol 2, No 1, 2003 pp1-5.
RE: London & General Bank (No. 2)  Ch.D 673 @ 683
Donoghue v. Stevenson  All ER Rep 1;  AC 562
Chandler v. Crane Christmas & Co.  2 KB 164;  1 All ER 426,
Hedley Byrne & Co Ltd. v. Heller & Partners  2 All ER 575 p. 514, and pp. 529-530:
Caparo Industries Plc v. Dickman & Others  2 AC 605
Ultramares Corp v Touche,  174 N.E. 441 at 441 per Cardozo C.J. New York Court of Appeals)