“Why Ask?” You Ask

Because it’s part of your job—and it may uncover fraud.


inancial statement frauds, the bane of the auditing profession, come in different forms. But, from studying hundreds of fraud cases, we can learn a great deal that can help CPAs in detecting these illegal acts. A vital part of discovering fraud concerns the auditor’s ability to ask questions and the implications of not asking them. Since most auditors have had no formal interview training, this article focuses on the basics: how to approach the fraud issue with your client and the types of questions to ask.

Consider the two common elements in the following cases of material fraud described in previous issues of the JofA.

“Crazy” Eddie Antar and his immediate family members owned a chain of electronics stores in the New York area and committed a $120 million financial statement fraud. The crime was discovered when some family members had a falling out and one of them revealed the scheme to authorities (see “So That’s Why It’s Called a Pyramid Scheme,” Oct.00, page 91 ).

The $500 million Phar-Mor fraud, engineered by CEO Mickey Monus, was carried out by his CFO, Pat Finn. The crime was discovered when one of the members of Phar-Mor’s board of directors received a tip from an acquaintance. The board member confronted the CFO, who immediately confessed (see “Ghost Goods: How to Spot Phantom Inventory,” Jun.01, page 33 ).

Edward Thomas, a bank president, accepted silent interests in businesses in exchange for lending the bank’s money. The bank was small and his activities were well known to the employees, who eventually informed the board of directors of Thomas’s crimes (see “… And Nothing But the Truth: Uncovering Fraudulent Disclosures,” Jul.01, page 47 ).

One common element in all three examples was that none of the employees shared important knowledge of fraud with their independent auditors. In these situations and many more, the reason was simple: The auditors hadn’t been trained to ask the right questions.

Another common element was that all those who committed these financial statement frauds were top executives. According to a 1999 COSO study, that’s a predictable pattern: The CEO orchestrates the fraud three-quarters of the time. Out of necessity, the CEO almost invariably involves the CFO too.

To detect and deter financial statement fraud, therefore, a good auditor must be prepared to ask company executives some very penetrating, although nonaccusatory, questions about the subject—a concept called “diligent inquiry.”


Asking questions is the most effective audit technique of all. Although there are no exact figures, experts claim that about 80% of all frauds are discovered through tips and complaints compared to 20% for other methods, including management oversight and audits. If that surprises you, it shouldn’t. Fraud, by its nature, is easy to conceal and difficult to detect. The methods for covering up such crimes are many and varied. But that doesn’t mean there aren’t clues when someone in an organization commits fraud. The best clues usually don’t come from the books but from the people who work with them.

In cases involving management fraud, the CEO typically directs underlings to do the dirty work. That means the CEO’s closest aides normally know if a financial statement fraud scheme is afoot. At the other end of the spectrum, an employee who embezzles from the company normally carries out the crime alone. But the embezzler then conspicuously spends money he or she doesn’t earn, and other people in the company usually are aware of it.

Although the benefits of diligent inquiry should be obvious, some CPAs are reluctant to ask questions about fraud for one of three reasons: They think it will offend people to ask them about such sensitive issues, they believe it could lead to legal trouble or they don’t think people will answer such questions truthfully.


In reality, if you do it correctly, almost no one will be offended when you ask about fraud. Be sure to explain the nature of your inquiry first. If people understand why you’re asking, they are much less likely to take offense.

It’s a fiction that you can get in legal trouble by asking questions. Everyone is entitled to ask anyone anything, provided he or she has a legitimate interest, the interview is confined to questions instead of statements and the questioning is done under reasonable and private conditions. Of course, the interview also must be voluntary.

As a practical matter, today’s auditor is more likely to get into legal trouble by not asking questions. In a courtroom where you have been accused of an audit failure, a jury is likely to be unsympathetic to the notion that you avoided the tough questions because you didn’t want to hurt anyone’s feelings. In the three examples above, the failure to get answers cost the audit firms involved collectively hundreds of millions of dollars.

It’s also a fiction that people will not answer your questions truthfully; most will. Although everyone lies about small things, the reality is a bit different when something important is at stake. People don’t want to be caught telling big lies; instead of taking that risk, they will try to avoid answering you.

This instinctive reaction is so strong that many individuals willingly confess to their own illegal conduct rather than let themselves be caught lying about it. I first learned about this phenomenon as a rookie FBI agent many years ago. At the FBI academy, my instructor singled me out of the class for a role-playing exercise. He pretended to be a bank robbery suspect, and it was my job to interview him. After a particularly thorough grilling, I sat back, satisfied—even though the suspect admitted to nothing. My instructor had a quizzical look on his face. “Joe,” he asked gently, “do you have any more questions?” I couldn’t think of a single one.

Then the instructor stood up from his seat, faced the rest of the class and in a rising voice asked, “Mr. Wells, did it ever occur to you to ask the bank robbery suspect whether or not he robbed the bank?” While my classmates doubled over with laughter, I sat there, red-faced. To be honest, it had occurred to me to ask; it just never dawned on me I would get a truthful answer. But, during three decades in the antifraud profession, I’ve witnessed many voluntary confessions. The moral of this story, which training and experience have taught me, is that it’s truly astonishing the things people will tell you—if you just ask.


Based on what we know about financial statement frauds, there are at least four people in a company whom you need to question thoroughly: the CEO, the CFO and their assistants. Document these interviews in the workpapers. Because you obviously must have management’s complete support for conducting fraud-related interviews, start at the top.

Fraud is a sensitive subject. It’s best to bring it up at the end of another discussion. For example, when you begin an audit, it’s normal to speak with the CEO about the nature and extent of the audit work. When that is out of the way and the two of you have established some rapport, it’s time to talk fraud.


Expert interviewers structure questions from the general to the specific and from easy to hard. Sensitive questions are “set up” before they are asked. Among the questions auditors should ask are the following:

As you probably are aware, CPAs today are required to assess the risk of material fraud in the audit of every company, not just yours. Therefore, we need to ask you and other employees some very specific questions about the subject. Do you understand? (Wait for an affirmative response before proceeding. If you detect resistance on his or her part, resolve it at this stage.)

Do you believe fraud is a problem for business in general? (Icebreaker.)

How do you think your company compares to others in terms of fraud? (Icebreaker. Invariably, the CEO will say his company compares favorably.)

In the past, what kinds of frauds have been committed against your company by employees or executives? (Historical information helps assess current fraud risk.)

What kinds of frauds are staff employees or management currently committing against the company?

As auditors, we are particularly concerned with material financial statement frauds, which are commonly directed by the CEO and the CFO. We, therefore, need to at least examine that possibility here. Is there any reason anybody would say you told him or her to do something that is illegal or unethical?

Sometimes top executives commit fraud because of their personal financial difficulties. Are you currently in good shape, financially?

Would you allow us to examine your personal financial statements and tax returns? (If the CEO resists furnishing this information, determine why.)

Sometimes CFOs commit fraud without the knowledge of the CEO. Do you have any reason to suspect the chief financial officer has committed fraud against the company?

Finally, I’m required to ask you one question, and it should be obvious why. Have you committed fraud against the company? (Do not apologize for asking; it’s your job.)


As you are aware, audit standards require we assess the risk of material financial statement fraud in all companies. We’ve talked to the CEO, and he is aware we will be making diligent inquiries about fraud with the company’s employees. You understand that, don’t you? (Wait for an affirmative response before proceeding.)

We know that fraud usually exists to some extent in most organizations even if the amounts are small. How do you think your company compares to others? (Icebreaker)

What kind of history does the company have with fraud in general, including defalcations and employee thefts? (This questioning should uncover a weak corporate culture.)

Of the accounts on the company’s books, which are the most vulnerable to fraud, and why? (Look for internal control deficiencies.)

During our audit, what specific areas should we examine to assure ourselves there are no major fraud problems within the company?

As you probably are aware, studies show most financial statement frauds are ordered by the CEO and carried out by the CFO. Is there any possibility someone in the company would say upper management has a motive to “cook the books?”

Has the CEO or anyone else in the company asked you to do something you thought was illegal or unethical?

Has upper management asked you to withhold information from the auditors, alter documents or make fictitious entries in the books?

In some instances, CEOs commit financial statement fraud because of personal financial difficulties. Are you aware of any situation that might motivate the CEO to commit fraud against the company?

I am required to ask you one final question. Have you committed fraud against the company? (Remember: no apologies are necessary.)


Since assistants to senior executives usually get where they are because of their loyalty, they won’t be very cooperative if they believe an auditor is “out to get the boss.” Therefore, phrase your questions carefully, and avoid any hint of an accusatory tone. Begin the interview with general questions such as the first three asked of the CEO and the CFO (listed above). Then, use the following line of inquiry:

Do you think the people you work with are essentially honest? (Look for the “tone at the top.”)

If a superior asked you to do something illegal or unethical, what would you do? (Evaluate the company’s fraud-reporting mechanisms.)

Has someone you work for asked you to do something that is illegal or unethical?

As far as you know, is the company in any kind of financial trouble that would motivate someone to misstate profits?

Are your superiors or managers in any personal financial difficulty that you’re aware of?

If someone in a position of authority wanted to commit fraud against the company, what would be the easiest way to do it?

If you become aware of illegal activity in the company, may I ask you to contact me? (This opens the door to future cooperation.)

As an auditor, you never should be reluctant to ask questions about fraud—regardless of a person’s position in the organization; after all, it’s part of your job. Through the process of diligent inquiry, you accomplish two important objectives. First, you’ve gone a long way toward fulfilling your obligation to be proactive in detecting fraud. More important, you’re getting across a consistent message: You are actively looking. Won’t that help deter fraud in the first place?

JOSEPH T. WELLS, CPA, CFE, is founder and chairman of the Association of Certified Fraud Examiners, Austin, Texas. Mr. Wells’ article “So That’s Why They Call It a Pyramid Scheme” ( JofA Oct.00, page 91) has won the Lawler Award for best article in the JofA in 2000. His e-mail address is joe@cfenet.com .


Cybersecurity threats proliferating for midsize and smaller businesses

This report details how SMBs can properly protect private information from breaches, design and implement a cybersecurity policy, and create safeguards for training and education.


Test yourself on these often confused words

The spelling checker on your word processing program can do only so much to flag problems. Your best insurance is to learn the troublesome words that trip up writers and use them correctly by the standards of formal, written English.