While fraud issues have been considered by auditors for many
decades, and while this statement is a redraft of SAS No. 99, opportunities for
perpetrating fraud using technology and other means still abound. In this first part of two articles, key
requirements of the statement will be discussed. The second part will discuss application issues
pertinent to today’s world of audits.
Considered along with material misstatement due to error,
fraud can cause misstatements from fraudulent financial reporting and from
misappropriation of assets. Management
and those charged with governance have the primary responsibility for the prevention
and detection of these frauds.
Auditor
Responsibilities
Normally, the risk of not detecting material misstatements
due to fraud is higher than not detecting misstatements due to error. This may
occur because perpetrators of fraud may use carefully designed methods of
forgery, transactions recording and misstatements. In addition, collusion among several persons
may be used to conceal the fraud. The risk of management fraud not being
detected is usually greater than employee fraud because management has a
greater opportunity to override internal controls and manipulate accounting
information.
Professional
Skepticism
Defined in the basic objectives of the Clarified Auditing
Standards, professional skepticism is:
“An
attitude that includes a questioning mind, being alert to conditions that may
indicate possible misstatement due to fraud or error, and a critical assessment
of audit evidence.”
Risk of material misstatement at the financial statement and
assertion levels will affect the degree of the auditor’s professional
skepticism. While an auditor will always
maintain professional skepticism, higher assessed levels of risk of material
misstatement should result in higher levels of professional skepticism. For example, when risk of material
misstatement is high, an auditor should request supporting documentation to
corroborate management’s responses to inquiries.
Engagement Team
Discussion
In the engagement team’s planning and brainstorming meeting,
the engagement leader (partner, sole practitioner, etc.) should facilitate a
discussion about possible misrepresentation of financial information and
misappropriation of assets. The engagement team should hold this discussion by
disregarding beliefs and knowledge of the honesty and integrity of entity
management and employees. Particularly
for recurring audits, familiarity with the honesty and integrity of reporting
entity personnel may cause an auditor’s professional skepticism to
inadvertently decrease. Complying with the specific requirements of this
statement, and a CPA firm’s quality control system, will provide safeguards to
prevent this possibility.
Some of the matters that should be discussed at the
engagement team meeting include:
·
All internal and external factors that could be
part of the “fraud triangle:”
§
Incentives and pressures to commit fraud.
§
Opportunities to perpetrate fraud.
§
Rationalizations for committing fraud.
·
Possibilities and risk of management override of
controls.
·
Circumstances that might cause management to
manage, manipulate or misstate financial information.
·
How professional skepticism should be maintained
during the audit and how team members should respond to assessed levels of risk
of material misstatement.
Fraud Risk Assessment
Procedures
Discussions with management and others included in the
auditor’s risk assessment procedures may include:
·
Management’s internal control risk assessment
and monitoring processes.
·
Management’s communication with persons charged
with governance regarding risk assessment, monitoring and any planned
corrective actions.
·
Management’s communication of business practices
and ethical behavior to employees.
·
Management’s and persons charged with governance
knowledge of alleged, suspected or actual fraud.
·
Persons charged with governance oversight of
management’s processes and internal controls for identifying and responding the
risks of fraud.
·
Results of the auditor’s analytical procedures
and any unusual or unexpected relationships that may be indicative of fraud.
Part 2 of this article will discuss further the
identification and assessment of risks of material misstatement due to fraud,
auditor’s responses, the evaluation of evidence, communications with management
and persons charged with governance and audit documentation of these issues.
My exclusive presentation of webcasts on CPE
Credit.com and self-study courses covering various applications of auditing
standards can be accessed by clicking the appropriate box on the left side of
my home page, www.cpafirmsupport.com.
Registered users on my website receive a 20% discount on CPE materials
presented by myself and numerous other authors on a variety of professional
topics. My assistance in CPA firm quality control consulting, audit planning
and peer review preparation can be obtained by sending an email using the
“Contact Us” tab on my home page.
No comments:
Post a Comment