SuperTutor
$15/per page/Negotiable
The world’s Largest Sharp Brain Virtual Experts Marketplace Just a click Away
Levels Tought:
Elementary,Middle School,High School,College,University,PHD
| Teaching Since: | Apr 2017 |
| Last Sign in: | 331 Weeks Ago, 4 Days Ago |
| Questions Answered: | 12843 |
| Tutorials Posted: | 12834 |
MBA, Ph.D in Management
Harvard university
Feb-1997 - Aug-2003
Professor
Strayer University
Jan-2007 - Present
Advanced Auditing
Summer 2017
NextCard
Lecture Notes
NOTE: When answering the questions in the test on NextCard, the information contained in the
readings that have been assigned for NextCard control; that is, if anything I say during this
lecture or anything contained in these lecture notes conflicts with what you encounter in the
readings assigned for this case, you should rely on the readings when answering the test
questions. (The reason for this statement is simple: For the lecture, I will sometimes draw on
sources that are not listed in the reading list for this topic; I have found that dates, names, and
dollar amounts can vary among media sources. Therefore, to increase the likelihood that you do
well on the tests, I will confine answers to those found in the reading material, including the text,
assigned for this case.)
I. Background
NextCard, Inc. was one of the first issuers of credit cards online, and the first to offer almost
instantaneous online approval (in 30 seconds or less). Its headquarters was located in San
Francisco, California and also had offices in Livermore, California and in Phoenix,
California. NextCard capitalized its fully-owned bank, NextBank by engaging in an IPO that
also served to provide it with operating capital for NextCard.
NextCard, Inc. was begun during the Internet boom of the late 1990s. A husband and wife
team, Jeremy and Molly Lent, founded the company in 1996 as Internet Access Financial
Corporation. Later, in 1997, the name was changed to NextCard. During the early 1990s,
Jeremy Lent had served as CFO for Providian Financial Corporation, a company that had
extensively used direct mail marketing methods "to identify and recruit customers who made
extensive use of credit cards." Jeremy Lent left Providian and founded NextCard largely
because he thought he could adapt this marketing strategy to the Internet. Lent’s business plan was based on two assumptions:
1. The Internet could be used to reduce a key metric in the credit card industry: the average
acquisition cost of a new customer. Lent’s objective was to reduce it to a level below the
level of the average acquisition cost of traditional "brick-and-mortar" competitors, and
2. NextCard would have significantly lower bad debt losses than traditional credit card issuers.
The basis for this assumption was marketing research that had found that Internet users were
generally more affluent and, thus, better credit risks, than other individuals.
Because of these assumptions, NextCard, Inc. offered credit cards at interest rates that were lower
than those of its competitors.
NextCard issued MasterCard and Visa cards under its own name, and co-branded cards with
entities such as Amazon.com. NextCard also issued secured credit cards that were secured by
deposits of customers. 1 One way NextCard found customers was to advertise online. NextCard was buying a lot of
online advertising in the late 1990s and early 2000s and was paying high fees to do so. Its
website was often one of the top 50 financial websites according to Money magazine and, by
2000, attracted more online 'hits' than any other website in the financial services industry.
In late 1998, NextCard obtained $38 million in capital from a syndicate of investors who had
previously invested in such companies as America Online, Yahoo!, and Amazon. Part of the
money was used to establish its bank, NextBank, and part of the funds were used to advertise
online, an activity on which NextCard planned to double its expenditures.
The company went public in 1999. Not long after its initial public offering (IPO), the Internet
'bubble' in the stock market burst. This created much difficulty for NextCard (and thousands of
other struggling Internet companies) to obtain capital in the debt and equity markets.
In addition, NextCard’s assumptions also proved to be wrong: the acquisition cost per-customer
was higher than expected because II. Internet users tended to ignore NextCard's online ads (which were very costly), and The customers were high credit risks who were looking for a “lender of last resort.”
The Accounting problems NextCard had lost money every quarter since it began. The pressure to report a profit caused
it to significantly understate its bad debt expense on the income statement and, accordingly,
the allowance for doubtful accounts on the balance sheet. In late 2001, the Office of the Comptroller of the Currency (OCC) and the Federal Deposit
Insurance Corporation (FDIC) investigated NextCard's accounting records and operating
policies and procedures. It announced that NextCard was under-capitalized and forced
NextCard to significantly increase its allowance for bad debts and, thus, bad debt expense. NextCard increased the balance of its allowances to $71.6 million for the third quarter of
2001 (it had been $31 million in the third quarter of the previous year). Its third quarter 2001
loss was $53.1 million, up from a $20.2 million loss incurred in the 2000 third quarter.
In 2001, it wrote off $37.1 million of loans as uncollectible compared with $6.4 million in the
previous year. Unwilling to admit that its assumptions were incorrect NextCard asserted that the company
had been a victim of "fraud losses" (officers said that NextCard was a victim of hackers and
2 other Internet miscreants) but that the OCC and FDIC required it to classify these losses as
"credit losses". In other words, the company was trying to call its losses “fraud” instead of
calling them what they were: bad debt losses from issuing credit cards to people with very
poor credit. (Note: The problem is not us, it’s “them”.) So, NextCard:
1. Failed to provide for an adequate Allowance for Doubtful Accounts,
2. Mischaracterized bad debt expense as “fraud losses”, and
3. Overstated the gains reported on the securitization of its credit card receivables. As a result, NextCard’s reported earnings for the years 1999 and 2000 and the first two
quarters of 2001 were materially misstated. NextCard investors filed a class-action lawsuit charging that management had engaged in
insider trading and hiding the true financial condition of the company. In reaction to the OCC and FDIC requirement, NextCard's stock price fell 84% (from $5.35
to $.87) on a single day on October 32, 2001 and, in February 2002, the customer accounts
were taken over by the FDIC.1 The FDIC sold 200,000 accounts for $126 million to Merrick
Bank, of Utah, (who began to charge these customers higher interest rates and fees) and tried
unsuccessfully to sell the remaining 800,000 accounts. The 800,000 accounts were closed,
meaning that the cards could no longer be used for new purchases or cash withdrawals and
the cardholders would be required to pay the balances owed. The FDIC estimated that
closing these accounts would cost between $300 and $400 million. In July 2001, it was
working with two credit card banks to agree to allow these NextCard customers to transfer
their balances to new cards. In November 2002, NextCard filed for bankruptcy under Chapter 11 (reorganization) and, in
August 2003, changed that filing to a Chapter 7 (liquidation). At that time, it had liabilities of
nearly $470 million and realizable assets of approximately $20 million. 1 Interestingly, Providian Financial Corp. announced in October 2001 that it was getting out of the
Internet credit card business.
3 In September 2004, the SEC filed fraud charges and insider trading charges against five
former NextCard executives, including Jeremy Lent and CEO John Hashman. The charges
asserted that the executives provided false financial information to the public and planned to
sell their stock before the falsified information was discovered. The complaint stated that
CEO Hashman left handwritten notes in November 2000 that indicated the company should
engage in “accounting gimmickry” for two to three quarters. In 2005 the SEC dismissed its
fraud charges against Jeremy Lent (most likely because he had implored other officers not to
sell their stock) and by 2006 the regulatory and shareholder suits against the former NextCard
executives were settled.
In September 2005, the SEC, pursuant to Section 12 of the 1934 Act, revoked the registration
of each class of NextCard’s securities. III. Problems with the auditors
a. Ethics violations: SEC Release No. 48542 and Accounting and Auditing Enforcement
Release (AAER) No. 1871, dated September 25, 2003 indicate possible violations of the
AICPA Code of Professional Conduct. Specifically, Sections ET 51-54 and 56 (now in
ET section 0.300)2 are mentioned as providing additional professional standards for
auditors.
i. ET 51 (now ET 0.300.010): Preamble. Indicates that “The Principles call for an
unswerving commitment to honorable behavior, even at the sacrifice of personal
advantage.”
ii. ET 52 (now ET 0.300.020): Responsibilities. “In carrying out their
responsibilities as professionals, members should exercise sensitive professional
and moral judgments in all their activities.”
iii. ET 53 (now ET 0.300.030): The Public Interest. “Members should accept the
obligation to act in a way that will serve the public interest, honor the public
trust, and demonstrate commitment to professionalism.”
iv. ET 54 (now ET 0.300.040): Integrity. “To maintain and broaden public
confidence, members should perform all professional responsibilities with the
highest sense of integrity”
v. ET 56 (now ET 0.300.060): Due Care. “A member should observe the
profession's technical and ethical standards, strive continually to improve
competence and the quality of services, and discharge professional responsibility
to the best of the member's ability.”
b. Lack of due professional care:
Recall that if one member of a public accounting firm is a member of the AICPA, all
members must comply with the standards promulgated by the Institute.
AU-C 200, Overall Objectives of the Independent Auditor and the Conduct of an Audit in
Accordance With Generally Accepted Auditing Standards of the AICPA auditing standards: 2 The ACIPA Code of Professional Conduct has been re-codified; the new numbering system became
effective on December 15, 2014.
4 .A19 Due care requires the auditor to discharge professional responsibilities with competence
and to have the appropriate capabilities to perform the audit and enable an appropriate
auditor's report to be issued.
Part of this standard addresses “professional skepticism”:
Professional skepticism. An attitude that includes a questioning mind, being alert to
conditions that may indicate possible misstatement due to fraud or error, and a critical
assessment of audit evidence.
.17 The auditor should plan and perform an audit with professional skepticism,
recognizing that circumstances may exist that cause the financial statements to be
materially misstated.
.A22 Professional skepticism includes being alert to the following, for example,
• Audit evidence that contradicts other audit evidence obtained.
• Information that brings into question the reliability of documents and responses to
inquiries to be used as audit evidence.
• Conditions that may indicate possible fraud.
• Circumstances that suggest the need for audit procedures in addition to those required
by GAAS.
.A23 Maintaining professional skepticism throughout the audit is necessary if the auditor
is, for example, to reduce the risks of
• overlooking unusual circumstances.
• over-generalizing when drawing conclusions from audit observations.
• using inappropriate assumptions in determining the nature, timing, and extent of the
audit procedures and evaluating the results thereof.
.A24 Professional skepticism is necessary to the critical assessment of audit evidence.
This includes questioning contradictory audit evidence and the reliability of documents
and responses to inquiries and other information obtained from management and those
charged with governance. It also includes consideration of the sufficiency and
appropriateness of audit evidence obtained in light of the circumstances; for example, in
the case when fraud risk factors exist and a single document, of a nature that is
susceptible to fraud, is the sole supporting evidence for a material financial statement
amount.
.A25 The auditor may accept records and documents as genuine unless the auditor has
reason to believe the contrary. Nevertheless, the auditor is required to consider the
reliability of information to be used as audit evidence. In cases of doubt about the
reliability of information or indications of possible fraud (for example, if conditions
identified during the audit cause the auditor to believe that a document may not be
authentic or that terms in a document may have been falsified), GAAS require that the
auditor investigate further and determine what modifications or additions to audit
procedures are necessary to resolve the matter.
.A26 The auditor neither assumes that management is dishonest nor assumes
unquestioned honesty. The auditor cannot be expected to disregard past experience of the
honesty and integrity of the entity's management and those charged with governance.
Nevertheless, a belief that management and those charged with governance are honest
5 and have integrity does not relieve the auditor of the need to maintain professional
skepticism or allow the auditor to be satisfied with less than persuasive audit evidence
when obtaining reasonable assurance.
According to AU-C Section 700, Forming an Opinion and Reporting on Financial Statements,
of the AICPA auditing standards:
.03 Section 705, Modifications to the Opinion in the Independent Auditor's Report, and
section 706, Emphasis-of-Matter Paragraphs and Other-Matter Paragraphs in the
Independent Auditor's Report, address how the form and content of the auditor's report
are affected when the auditor expresses a modified opinion (a qualified opinion, an
adverse opinion, or a disclaimer of opinion) or includes an emphasis-of-matter paragraph
or other-matter paragraph in the auditor's report.
.19 The auditor should express an unmodified opinion when the auditor concludes that
the financial statements are presented fairly, in all material respects, in accordance with
the applicable financial reporting framework.
.20 The auditor should modify the opinion in the auditor's report, in accordance with
section 705, if the auditor
a. concludes that, based on the audit evidence obtained, the financial statements
as a whole are materially misstated or
b. is unable to obtain sufficient appropriate audit evidence to conclude that the
financial statements as a whole are free from material misstatement.
.21 If the auditor concludes that the financial statements do not achieve fair presentation,
the auditor should discuss the matter with management and, depending on how the matter
is resolved, should determine whether it is necessary to modify the opinion in the
auditor's report in accordance with section 705.
.A15 Rule 203, Accounting Principles, of the AICPA Code of Professional
Conduct (now found in ET section 1.320) states the following
A member shall not (1) express an opinion or state affirmatively that the financial
statements or other financial data of any entity are presented in conformity with generally
accepted accounting principles or (2) state that he or she is not aware of any material
modifications that should be made to such statements or data in order for them to be in
conformity with generally accepted accounting principles, if such statements or data
contain any departure from an accounting principle promulgated by bodies designated by
Council to establish such principles that has a material effect on the statements or data
taken as a whole.
If, however, the statements or data contain such a departure and the member can
demonstrate that due to unusual circumstances the financial statements or data would
otherwise have been misleading, the member can comply with the rule by describing the
departure, its approximate effects, if practicable, and the reasons why compliance with
the principle would result in a misleading statement.
If lead auditor (partner-in-charge) Thomas Trauger (sometimes called “Robert
Trauger” in the popular media) had properly performed an audit, he would have
6 insisted that NextCard increase its Allowance for Doubtful Accounts or issued a adverse
opinion because the financial statements were not prepared in accordance with
generally accepted accounting principles. Trauger and his underlings, Oliver Flanagan and Michael Mullen, altered (by adding and
deleting information) audit work-papers and electronic timestamps in order to avoid liability
for giving NextCard a clean audit opinion in 2000. Furthermore, Trauger told Flanagan to
destroy any documents and files that would provide an “audit trail” of the alterations (at about
this time, auditors of Enron were shredding documents). One of the auditors, Oliver Flanagan, saved a computer disk containing evidence of the edits
and turned it over to the federal authorities. But even then, the SEC wasn’t sure that it knew
completely what the original audit workpapers really looked like. According to AU-C Section 230, Audit Documentation, of the AICPA auditing standards:
.17 After the documentation completion date, the auditor should not delete or discard
audit documentation of any nature before the end of the specified retention period. Such
retention period, however, should not be shorter than five years from the report release
date.
.A27 Firms are required to establish policies and procedures for the retention of
engagement documentation. Statutes, regulations, or the audit firm's quality control
policies may specify a retention period longer than five years.
(Note: SEC Release No. 48542 and Accounting and Auditing Enforcement Release (AAER)
No. 1871, dated September 25, 2003 says paragraph 339.08, which is a reference to the AU
standards before they were recodified as AU-C standards.) These auditing sections now pertain only to private (i.e., non-publicly-held) companies. For
publicly-held companies, this information is contained in AS No. 3, Audit Documentation,
issued by the Public Company Accounting Oversight Board (PCAOB). c. Lack of adequate documentation: Auditing Standard (AS) no. 3: Audit Documentation.
i. Objective of AS No. 3: To improve audit quality and increase public confidence
in the quality of auditing (PCAOB, 2004; A8, AS no. 3).
ii. Overview of standard: This standard specifies the general requirements of audit
documentation; it does not replace specific requirements contained in other
PCAOB standards. It requires registered public accounting firms to prepare
and maintain, for at least seven years, audit documentation in sufficient
detail to support the conclusions reached in the auditor's report. The
7 iii. iv.
v. vi.
vii. standard also requires the principal auditor to obtain certain audit documentation
—prior to the audit report release date—from any auditor who, even though not
named in the audit report, performed part of the audit work used by the principal
auditor.
Audit documentation is defined as the “written record of the basis for the
auditor’s conclusions that provides the support for the auditor’s representations”
whether or not these representations can be found in the auditor’s report (AS no.
3, par. 1).
Audit documentation includes the record of planning and performance of the
audit, procedures performed, the evidence obtained, and the conclusions reached
by the auditor.
Audit documentation should contain enough detail that an experienced auditor—
who has had no prior connection to the audit—can clearly understand the purpose
of the work papers, its source, and the conclusions reached. This auditor should
be able to
1. Understand the nature, timing, extent, and results of procedures
performed, evidence obtained, and conclusions, and
2. Determine who performed the work, the date the work was performed,
and the person who reviewed the work and the date the review was
performed.
Audit documentation should also include information that contradicts the
auditor’s final conclusions and the auditor’s response to this information.
If, after the documentation completion date (not more than 45 days after the
report release date), the auditor becomes aware that certain procedures might not
have been performed, evidence might not have been obtained, or the conclusions
reached might not have been appropriate, the auditor must investigate to
determine whether, in fact, the audit was deficient. The auditor does this by
obtaining evidence. Oral explanation alone is not sufficient.
1. If the proper work was performed and appropriate conclusions reached,
but the documentation was not appropriate, the auditor should add to the
documentation, the date the information was added, his/her name, and
the reason for adding it.
2. If the auditor cannot determine whether adequate work was performed or
whether appropriate conclusions were reached, the auditor must—
according to AU-C Section 585 (AICPA, 2013a) —assess (by, for
example, reviewing the working papers and discussing the matter with
engagement personnel) the importance of any omitted procedures and, if
he/she believes performance of these procedures is necessary to support
the opinion previously given (and if there are persons believed to be
relying on the audit report), apply the procedures.
If, after applying any omitted procedures the auditor thinks is necessary,
the auditor believes an opinion that differs from the opinion previously
issued is appropriate, the auditor should—according to AU-C 560
(AICPA, 2013b )—advise the client to disclose the information to anyone
known to be relying on the financial statements and audit report. If
practicable, the revised financial statements and audit report should be
issued as quickly as possible. AU-C 560 also addresses the situation in
which the client refuses to notify those relying on the financial
statements and report.
8 viii. Audit documentation that involves inspecting documents or confirmations, tests
of details, tests of controls, and walkthroughs should include either the
identification of the items selected or the source and the selection criteria used.
ix. Some documentation, e.g., relating to firm independence, client acceptance and
retention, may be kept in a central depository for the firm. If this occurs, the
audit documentation must contain a reference to the central depository. Audit
documentation of work performed by other auditors must be accessible by the
office issuing the audit report.
x. Significant findings or issues, responses to these findings or issues, and
conclusions reached on these matters must be documented. Significant findings
or issues are substantive matters that are important with respect to procedures
performed, evidence obtained, and conclusions reached. These include:
1. Significant matters (e.g., accounting for complex or unusual transactions,
accounting estimates, and uncertainties and assumptions that underlie
these matters) that involve the selection, application, and consistency of
accounting principles.
2. Results of auditing procedures that indicate a need for modification of
the audit program, such as the presence of material misstatements and
material weaknesses in internal control.
3. Audit adjustments (defined in this standard as the correction of a
misstatement that should be proposed by the auditor) that could,
individually or in combination with other misstatements, have a material
effect on the financial statements.
4. Disagreements among engagement team members (or others consulted)
about final conclusions or significant accounting or auditing issues.
5. Circumstances that cause significant problems in applying audit
procedures.
6. Significant changes in the assessed level of audit risk for particular areas
and the auditor’s response to these changes in risk.
7. Any issues that could result in modification to the audit report (e.g.,
going concern).
xi. Audit documentation should be organized well enough so that a clear link is
provided to significant findings and issues.
xii. Examples of audit documentation include
1. Memoranda,
2. Confirmations,
3. Correspondence,
4. Schedules,
5. Audit programs, and
6. Representation letters.
xiii. Retention period for audit documentation is seven years from the report
release date (date the auditor grants permission to use the report in
connection with a company’s financial statements) unless a longer time is
specified by law (e.g., other federal laws, state law). If a report is not issued,
then the documentation must be retained for seven years from the date field work
is substantially completed. If the auditor did not complete the engagement, the
retention period is seven years from the date the engagement ceased.
xiv. Audit documentation should:
1. Show that the engagement complied with PCAOB standards,
2. Support the auditor’s conclusions concerning all r...
Attachments:
-----------