Auditor Consideration
Although fraud is a broad legal concept, the auditor’s interest specifically relates to fraudulent acts that cause material misstatements of financial statements.
- Misstatements arising from Fraudulent Financial Reporting
- Misstatements arising from Misappropriation of Assets.
Fraudulent Financial Reporting
Fraudulent Financial Reporting is
committed, usually by management, to deceive financial statement users and may be accomplished by:
- Manipulation, falsification, or alteration of accounting records or supporting documents from which financial statements are prepared
- Misrepresentation in or intentional omission from the financial statements of events, transactions, or other significant information
- Misapplication (intentional) of accounting principles relating to amounts, classification, manner of presentation, or disclosure
Misappropriation of Assets
Misappropriation of assets is committed
against an entity, most often by employees
Misappropriation of assets involves the theft of assets that result in the financial statements not being presented in conformity with GAAP.
Misappropriation of assets includes acts such as embezzling receipts, stealing assets, or causing
an entity to pay for goods or services that have not been received
Three Conditions Present for Fraud
- Incentive - Management or other employees have pressure or incentive to commit fraud.
- Opportunity - A perceived opportunity to commit fraud exists.
- Rationalization - Those involved in the fraudulent act are able to rationalize committing the fraud.
Absolute assurance is not attainable and thus even a properly planned and performed audit may not detect a material misstatement resulting from fraud.
Due Professional Care
Due Professional Care requires the auditor to exercise professional skepticism.
Professional skepticism is an attitude that includes a questioning mind and a critical assessment of audit evidence
Documenting Fraud Risk Discussions
- how and where team members believe the entity’s financial statements might be susceptible to material misstatement due to fraud,
- how management could perpetrate and conceal fraud
- how assets of the entity could be misappropriated.
- emphasizing the importance of maintaining a proper state of mind throughout the audit regarding the potential for material misstatement due to fraud.
- include consideration of the known external and internal factors affecting the entity that might create incentives, opportunities, and rationalization to commit fraud.
- emphasize the need to maintain a questioning mind and to exercise professional skepticism in gathering and evaluating evidence throughout the audit.
- include a discussion of the risk of management override of controls.
- include how the auditor might respond to the susceptibility of the entity’s financial statements to material misstatement due to fraud
Documenting Management Inquires
The auditor should inquire of management about the following:
- Whether management has knowledge of any fraud or suspected fraud affecting the entity
- Whether management is aware of allegations of fraud or suspected fraud affecting the entity
- Management’s understanding about the risks of fraud in the entity, including any specific fraud risks the entity has identified or account balances or classes of transactions for which a risk of fraud may be likely to exist
- Programs and controls the entity has established to mitigate specific fraud risks the entity has identified, or that
- otherwise help to prevent, deter, and detect fraud, and how management monitors those programs and controls
- For an entity with multiple locations:
- (1) the nature and extent of monitoring of operating locations or business segments, and
- (2) whether there are particular operating locations or business segments for which a risk of fraud may be mor likely to exist
- Whether and how management communicates to employees its views on business practices and ethical behavior
- If applicable, whether management has reported to those charged with governance on how the entity’s internal control serves to prevent, deter, or detect material misstatements due to fraud
Audit Committee Inquiries
The auditor should obtain an understanding about how the audit committee exercises oversight of mitigating fraud risks.
- directly ask those charged with governance their views of fraud and if they have any knowledge of fraud or suspected fraud.
- ask the internal auditors (if applicable):
- if they have any knowledge of fraud or suspected fraud,
- their views on the risk of fraud,
- if they have performed any procedures to detect or deter fraud
- if management has satisfactorily responded to the findings from any of these procedures.
Other Inquiry
Auditors should inquire of others within the entity about the existence of fraud
- Employees interviewed should be of varying levels of authority and include operating personnel not directly involved in the financial reporting process
- In-house legal counsel
Identifying and Assessing Fraud Risks
- The auditor is required to specifically assess the risk of material misstatement of the financial statements due to fraud and to consider that assessment in designing audit procedures to be performed.
- An identified risk of misstatement that, quantitatively, would not normally be considered a material risk could still be considered significant due to the fact that the circumstances surrounding the risk involve implications of fraud.
Incentives to Perpetrate Fraud
Incentives to perpetrate fraud could include:
- pressure for management to meet profitability requirements (which could lead to intentionally misstated financialstatements)
- employees with personal financial difficulties (which may push an employee to steal cash or inventory).
Opportunities to Commit Fraud
Opportunities to commit fraud could include:
- assets, liabilities, revenues, or expenses based on significant estimates involving subjective judgments that are difficult to corroborate (which could provide an opportunity for manipulation of numbers), or
- inadequate segregation of duties or independent checks (which could provide an opening for individuals to steal and cover it up).
Rationalizations
Rationalizations to allow justification of fraud could include:
- practice of management regularly committing to creditors or other third parties to achieve aggressive or unrealistic forecasts (which may drive the thought that fraud is the only way to accomplish these goals)
- behavior indicating that employees are dissatisfied with how they are treated by the company (which could lead to an attitude that the company deserves what it gets or that the company owes the employee this money).
Revenue Recognition
Material misstatements due to fraudulent financial reporting often result from an overstatement or understatement of revenues. Therefore, the auditor should ordinarily presume that there is a risk of material misstatement due to fraud relating to revenue recognition
Management Overide
Even if specific risks of material misstatement due to fraud are not identified by the auditor, there is a possibility that management override of controls could occur, and accordingly, the auditor should address that risk apart from any conclusions regarding the existence of more specifically identifiable risks
Additional Conditions
Conditions may be identified that could indicate increased risks of material misstatement due to fraud, such as the following:
- Discrepancies in the accounting records
- Conflicting or missing audit evidence
- Problematic or unusual relationships between the auditor and management
FRAUD AND ILLEGAL ACTS
Management’s responsibility to FIND and PREVENT
FRAUD AND ILLEGAL ACTS
Auditor’s Responsibility:
- ASSESS THE RISK that such things will lead to material misstatements.
- Design the audit to provide reasonable assurance against Material Misstatements caused by:
- Fraud
- Illegal acts that directly affect the F/S
- If illegal (and not fraud), auditor should seek to understand the situation and whether it affects the Financial Statements
- Material errors
- Report all management fraud to Audit Committee
- Minor fraud by low-level employees? Don’t report to Audit Committee report to management
- Minor fraud by management?
- Report to Audit Committee
- Required Inquiries and Procedures
- Management inquiries
- Analytical Procedures
- Discussions with audit personnel about
- Fraud leading to material misstatement
Fraud
Fraud is Intentional (Misappropriation)
- Born out of (RIO)
- Rationalization
- Incentive
- Opportunity
Fraud Red Flags
Current audit procedures may need to be reconsidered
if red flags exist:
- Management compensation tied to stock
- Aggressive financial forecasting
- Former auditor disagreed with Management
- Records not available for audit
Fraud Risk Factor
Has been observed in similar situations:
- Large sums of cash on hand
- Earnings growth without cash flow
*
Auditor Actions to Fraud Risk Factor
- Strives to make audit engagement procedures less patterned and predictable
- Re-evaluates management’s application of accounting procedures
- Finds and assigns audit personnel with relevant skills in this area
Fraud Risk Documentation
- Any fraud risks identified that could lead to material misstatement
- Audit procedures performed to assess risks
- Nature of communication made to audit committee and company management
- Disclosure to third parties regarding fraud not normally the auditor’s responsibility
- Fraud by management should normally be reported to Audit Committee, not SEC
Fraud Conditions
- Incentive or Pressure
- Opportunity
- Rationalization
-
Internal Control - Concepts and Stds89
-
Internal Control - Trans Cycles6
-
Audit Evidence - Concepts Standards14
-
Audit Reports25
-
ENGAGEMENT ACCEPTANCE39
-
OTHER PLANNING MATTERS27
-
Internal Auditors5
-
MATERIALITY12
-
AUDIT RISK28
-
FRAUD24
-
RISK ASSESSMENT PROCEDURES14
-
GAAS15
-
Materiality5
-
SARBANES-OXLEY ACT OF 20023
-
Other Services23
-
Audit Documentation16
-
Opinions4
-
Analytical Procedures3
-
Auditing & IT33
-
Evidence and Risk30
-
Sampling28
-
Substantive Procedures3
-
Standards4
