20 Years Later, WorldCom Is Still a Watershed Event for Internal Audit

I recall exactly where I was when I heard the dreadful news that WorldCom had admitted to inflating its earnings by $3.8 billion. It was June 25, 2002, and The IIA was gathered in Washington DC for its annual international conference. It was a scaled-back event in the wake of the 2001 terrorist attacks in New York and Washington, but there was still a lot of excitement in the air. One of the topics on everyone’s mind was the aftermath of the Enron financial reporting fraud scandal, which had broken the previous fall. Investors remained on edge, and Congress was seemingly stalled on legislation to address fraudulent financial reporting. 

On the afternoon of June 25th, everything changed. Out of nowhere came a brief but seismic press release from WorldCom announcing that, “As the result of an internal audit of the company’s capital expenditure accounting, it was determined that certain transfers… were not made in accordance with generally accepted accounting principles.” The fallout from the press release was swift and predictable. The already beleaguered WorldCom stock plunged, and the NASDAQ suspended trading when shares hit 9 cents. Meanwhile, the SEC and law enforcement authorities sprung into action, launching investigations that would lead to the prosecution and conviction of several WorldCom executives.

For me, the most stunning revelation in WorldCom’s press release wasn’t that an extraordinary fraud had been committed. After all, the world was witnessing an epidemic of financial reporting frauds at the time. I was most impressed by the fact that the company’s internal auditors had been the ones to “blow the whistle.” It was at the time (and remains today) a watershed event for the internal audit profession. It was proof that a courageously led internal audit department reporting functionally to an audit committee could hold those who would commit the largest corporate fraud in history accountable.

While the WorldCom press release may have taken the world by surprise, the internal audit that led to it had been ongoing for almost a month. In late May, WorldCom CAE Cynthia Cooper and her team had launched an audit of the company’s capital expenditures. They quickly stumbled onto an asset account simply titled “prepaid capacity.” Initially perplexed by the origins and purpose of an account no one had heard of, the audit team later discovered that the account was being used to capitalize expenses for telecom network infrastructure for which demand never materialized. 

In Cynthia’s iconic book The Journey of a Corporate Whistleblower: Extraordinary Circumstances, she recounts the harrowing experience of leading an audit that many of the company’s key executives — including the CFO — wanted stopped. She recounts having to direct her staff to undertake audit work under cover of darkness, and operating in an environment where it would have been easy to fear not only for her job, but also for her safety.

Cynthia’s courageous journey culminated when she presented the results of the audit to WorldCom’s audit committee chairman, who was reluctant to call an audit committee meeting. Finally, in exasperation, Cynthia threatened that if an audit committee meeting was not called, “I’m going to get on the phone and call one myself.” After being told she couldn’t do that, Cynthia responded, “I can and I will.” 

Cynthia was reluctant to bring attention to the outstanding courage she displayed. But Time Magazine certainly wasn’t – naming her one of its Persons of the Year for 2002. In acknowledging Cynthia and two other female”corporate whistleblowers,” Time stated:

“They were people who did right just by doing their jobs rightly — which means ferociously, with eyes open and with the bravery the rest of us always hope we have and may never know if we do. Their lives may not have been at stake, but Watkins, Rowley and Cooper put pretty much everything else on the line. Their jobs, their health, their privacy, their sanity — they risked all of them to bring us badly needed word of trouble inside crucial institutions.”

Cynthia Cooper eventually became a friend of mine, and she even authored the foreword to my first book, Lessons Learned on the Audit Trail. Cooper and her WorldCom colleagues led what is arguably the most consequential internal audit ever undertaken. Sure, the audit exposed a $3.8 billion financial reporting fraud that brought down WorldCom —  but even more impactful were the seismic events that followed. The Sarbanes-Oxley Act (SOX), which had been stalled in the Senate, was quickly ratified three weeks later by a vote of 97-0. The legislation infused new life into an internal audit profession that had been in search of identity for more than a decade. The growth the American profession experienced from 2003 to 2008 was unparalleled in its history. While all of these developments might have occurred eventually, the WorldCom capital expenditures audit certainly played a critical factor.

I would like to conclude by reiterating my longstanding position that Cynthia’s book, Extraordinary Circumstances, should be required reading for every new Chief Audit Executive! The book is aptly titled, and few of us will ever be called upon to demonstrate the same level of courage and integrity that Cynthia and her team did — but if we could not, then we are in the wrong profession.