Auditors' new procedures for detecting fraud; ED's proposed changes address fraudulent financial statements.EXECUTIVE SUMMARY * THE ASB ASB Asbestos ASB Arbeiter Samariter Bund (German medical help organisation) ASB Anti-Social Behaviour ASB Accounting Standards Board (UK FRC) ASB Aarhus School of Business ISSUED AN EXPOSURE DRAFT designed to expand audit procedures to address material financial statement fraud. Comments on the proposed changes are due by May 31, 2002. * THE ED EMPHASIZES CONSIDERING A CLIENT'S susceptibility susceptibility the state of being susceptible. Refers usually to infectious disease but may be to physical factors such as wetting or to psychological factors such as harassment. to fraud, regardless of the auditor's past experience with the entity or prior beliefs about management's honesty and integrity. And it requires * AUDIT TEAMS TO DISCUSS during the planning stage the potential for material misstatements due to fraud. * AUDITORS TO QUERY MANAGEMENT about its views of the risks of fraud in the entity and its knowledge of any known or suspected fraud. * AUDITORS TO BROADEN THE RANGE of information they use to assess the risks of material misstatement mis·state tr.v. mis·stat·ed, mis·stat·ing, mis·states To state wrongly or falsely. mis·state  ment n. due to fraud, beyond the fraud risk
factors provided in SAS (1) (SAS Institute Inc., Cary, NC, www.sas.com) A software company that specializes in data warehousing and decision support software based on the SAS System. Founded in 1976, SAS is one of the world's largest privately held software companies. See SAS System. no. 82.
* AUDITORS TO CONSIDER MANAGEMENT'S PROGRAMS and controls to address risks and determine whether such programs and controls will mitigate mit·i·gate v. To moderate in force or intensity. mit  i·gation n. or exacerbate the identified risks.
* AUDITORS TO DEVELOP AN APPROPRIATE RESPONSE for each fraud risk identified. Planned procedures should consider the risk of management override An arrangement whereby commissions are made by sales managers based upon the sales made by their subordinate sales representatives. A term found in an agreement between a real estate agent and a property owner whereby the agent keeps the right to receive a commission for the sale of of controls: They include auditors' examining journal entries and other adjustments, reviewing accounting estimates for bias and evaluating the business rationale for significant unusual transactions. We face a crisis of confidence in our financial reporting system. An increasing number of restatements and fraud allegations, often in conjunction with large business failures, contributes to concerns about the quality of financial statements. Thus, preventing and detecting material financial statement fraud are a focus for investors, regulators, management and auditors. The AICPA AICPA See American Institute of Certified Public Accountants (AICPA). auditing standards board In the United States, the Auditing Standards Board (ASB) is the senior technical committee designated by the American Institute of Certified Public Accountants (AICPA) to issue auditing, attestation, and quality control statements, standards and guidance to certified public (ASB) took a significant step toward addressing this problem by issuing an exposure draft of a proposed Statement on Auditing Standards, Consideration of Fraud in a Financial Statement Audit, which would supersede To obliterate, replace, make void, or useless. Supersede means to take the place of, as by reason of superior worth or right. A recently enacted statute that repeals an older law is said to supersede the prior legislation. SAS no. 82. The ED does not change any of the auditor's current responsibilities for fraud in a financial statement audit. However, it introduces new concepts, requirements and guidance to assist auditors in meeting those responsibilities. In applying the proposed guidance, auditors would plan and perform every audit with a questioning mind, recognizing the possibility that a material misstatement due to fraud could be present, regardless of past experience with the entity or prior beliefs about management's honesty and integrity. Auditors would continue to be responsible for planning and performing the audit to obtain reasonable assurance that financial statements are free of material misstatements due to fraud--whether arising from fraudulent The description of a willful act commenced with the Specific Intent to deceive or cheat, in order to cause some financial detriment to another and to engender personal financial gain. financial reporting or asset misappropriation misappropriation n. the intentional, illegal use of the property or funds of another person for one's own use or other unauthorized purpose, particularly by a public official, a trustee of a trust, an executor or administrator of a dead person's estate, or by any . This article discusses some of the more significant changes from SAS no. 82 and the potential effects on audits so that practitioners may express their opinions on these proposals to before the end of the ED's comment period on May 31, 2002. NEW CONTEXT FOR CONSIDERING RISKS To provide a richer understanding of the environment in which fraud is likely to occur, the ED expands the description of fraud and its characteristics. It describes three conditions generally present when fraud occurs--incentive/pressure, opportunity and attitude/rationalization (see "The Fraud Triangle" page 63). Input from forensic experts, academics and others consistently showed that evaluation of information about fraud was enhanced when auditors considered it in the context of these three conditions. TEAM DISCUSSION AND PROFESSIONAL SKEPTICISM skepticism (skĕp`tĭsĭzəm) [Gr.,=to reflect], philosophic position holding that the possibility of knowledge is limited either because of the limitations of the mind or because of the inaccessibility of its object. To increase awareness and sensitivity to fraud, and to enhance the fraud-risk-assessment process, the ED requires audit team members to discuss during the planning stage the potential for material misstatements due to fraud. The more experienced team members should share their insights, and all the members should exchange ideas about how and where the entity's financial statements might be susceptible to material misstatements due to fraud. Despite allegations in some recent high-profile cases, material frauds still are relatively rare in relation to all financial statement audits. In fact, most auditors never will encounter a material fraud during their careers. Most auditors assess their clients' honesty and integrity through rigorous client acceptance and continuance The adjournment or postponement of an action pending in a court to a later date of the same or another session of the court, granted by a court in response to a motion made by a party to a lawsuit. procedures, which might lead them to assume without question their clients are honest. In light of this, the ED emphasizes the importance of maintaining the proper mindset mind·set or mind-set n. 1. A fixed mental attitude or disposition that predetermines a person's responses to and interpretations of situations. 2. An inclination or a habit. throughout the audit regarding the potential for fraud. Consequently, the audit team's discussion would acknowledge fraud can occur in any entity and be perpetrated by anyone. EXPANDED INQUIRIES Forensic experts know inquiry is a highly effective tool in fraud investigations and that people who are reluctant to volunteer information about known or suspected fraud will more likely do so when asked directly. The ED requires auditors to query management on its views of the risks of fraud in the entity and knowledge of any known or suspected fraud (see "Required Inquiries of Management"). It also says auditors should query others--for example, individuals outside the entity's accounting or financial reporting areas or employees with varying levels of authority. This requirement is not intended to be onerous--the nature and extent of these inquiries would be based on the auditor's professional judgment and generally directed to employees with whom the auditor comes into contact during the course of the audit (see "`Why Ask?' You Ask," JofA, Sep.01, page 88). EXPANDED SCOPE FOR ASSESSING FRAUD RISKS The ED emphasizes obtaining a broader range of information to serve as the foundation for an assessment that goes beyond considering the fraud risk factors provided in SAS no. 82. The various sources of information--the audit team discussion, inquiries of management and others, consideration of fraud risk factors, the results of planning analytical procedures Analytical Procedures is one of financial audit skill which help an auditor understand the client's business and changes in the business, to identify potential risk areas and to plan other audit procedures. , information from the client acceptance or continuance process and from reviews of interim financial statements--all feed into the auditor's evaluation of fraud risks. The auditor uses the information to consider the type of risk that may exist (for example, fraudulent financial reporting or misappropriation of assets), the significance or magnitude of that risk, the likelihood it will result in a material misstatement in the financial statements and the pervasiveness of the risk (that is, whether it relates to the financial statements as a whole or to a particular account or assertion). Thus, the assessment process identifies "risks" of material misstatements due to fraud auditors should consider in developing their responses. RISKS RELATED TO REVENUE RECOGNITION Revenue recognition issues have been at the center of numerous instances of fraudulent financial reporting and continue to be the number-one reason for restating financial statements. To address this problem, the ED says auditors ordinarily or·di·nar·i·ly adv. 1. As a general rule; usually: ordinarily home by six. 2. In the commonplace or usual manner: ordinarily dressed pedestrians on the street. will identify a risk of material misstatement due to fraud relating to relating to relate prep → concernant relating to relate prep → bezüglich +gen, mit Bezug auf +acc revenue recognition. Analytical procedures would be required during planning to help identify unusual or unexpected relationships involving revenue or related accounts. The ED also provides expanded guidance to help auditors make sure planned audit procedures for revenue accounts and assertions are appropriate given the identified fraud risks. EVALUATE PROGRAMS AND CONTROLS When the auditor identifies risks of material misstatements due to fraud, the ED requires that he or she consider management's programs and controls to address those risks. They might include broader programs or specific controls designed to prevent, deter or detect fraud. As in SAS no. 82, the auditor would consider whether such programs and controls will mitigate or exacerbate those identified risks. However, in a change from SAS no. 82, the auditor would evaluate whether these programs and controls have been suitably designed and placed in operation. The auditor's ultimate assessment of the risks of material misstatement due to fraud would take this evaluation into account. AUDITOR'S RESPONSE The ED requires the auditor to develop an appropriate response for each fraud risk identified and includes more extensive guidance and examples on how to do so. The auditor's responses, which are influenced by the nature and significance of the risks identified and the evaluation of the entity's programs and controls, might have an overall effect on how the audit is conducted (for example, additional persons with specialized spe·cial·ize v. spe·cial·ized, spe·cial·iz·ing, spe·cial·iz·es v.intr. 1. To pursue a special activity, occupation, or field of study. 2. skills or knowledge may be assigned) or might involve changing the nature, timing or extent of auditing procedures for specific accounts or assertions. The response typically also will involve performing certain procedures to address the risk of management override of controls. Management is in a unique position to perpetrate per·pe·trate tr.v. per·pe·trat·ed, per·pe·trat·ing, per·pe·trates To be responsible for; commit: perpetrate a crime; perpetrate a practical joke. fraud because it can override established controls that would appear to be operating effectively. This risk exists in virtually all audits and can occur in a number of unpredictable ways. Currently, the auditor's planned procedures in response to inherent and control risks and the auditor's assessment of the risk of material fraud consider, at least implicitly, the risk of management override. The ED, however, requires auditors of public companies to perform certain procedures to further address this risk. These procedures, which generally would apply also for audits of nonpublic companies, except in some limited circumstances as discussed in the ED, include Examining journal entries and other adjustments. Several instances of fraudulent financial reporting involved the manipulation of the financial statements through unauthorized journal entries or other so-called top-side adjustments. Many auditors already may review unusual or "nonstandard non·stan·dard adj. 1. Varying from or not adhering to the standard: nonstandard lengths of board. 2. " journal entries. However, the ED places more emphasis on the auditor's understanding of the entity's financial reporting process, including automated au·to·mate v. au·to·mat·ed, au·to·mat·ing, au·to·mates v.tr. 1. To convert to automatic operation: automate a factory. 2. and manual procedures used to prepare financial statements and related disclosures, and how misstatements may occur. This understanding, already required by SAS no. 94, The Effect of Information Technology on the Auditor's Consideration of Internal Controls in a Financial Statement Audit provides a basis for determining the nature, timing and extent of testing of journal entries and other adjustments for evidence of possible material misstatement due to fraud. This testing would be a matter of professional judgment and would be based on the auditor's assessment of the fraud risks, whether effective controls have been implemented over one or more aspects of the financial reporting process, the nature of the financial reporting process and the evidence that can be examined (for example, the extent of manual vs. electronic evidence) and the nature and complexity of the accounts. Reviewing accounting estimates for bias. Fraudulent financial reporting often is accomplished through intentional in·ten·tion·al adj. 1. Done deliberately; intended: an intentional slight. See Synonyms at voluntary. 2. Having to do with intention. misstatement of accounting estimates. Existing auditing standards already require the auditor to consider the potential for management bias when reviewing significant estimates. In addition, the ED requires the auditor to perform a retrospective review retrospective review, a posttreatment assessment of services on a case-by-case or aggregate basis after the services have been performed. of significant prior-year estimates for any potential bias that might signal inappropriate earnings management (for example, recorded estimates clustered at one end of an acceptable range in the prior year and at the other end of an acceptable range in the current year). Evaluating the business rationale for significant unusual transactions. The use of complex business structures and sophisticated transactions, especially transactions involving special purpose entities or related parties, has been making headlines recently. Although the auditor typically gains an understanding of significant transactions, the ED places a greater focus on understanding the underlying business rationale for significant unusual transactions. In this context, unusual transactions are those that come to the auditor's attention that are outside the normal course of business for the company or that otherwise appear unusual. THE EFFECT ON AUDITS The ASB believes the expanded requirements and guidance provided in the ED, if adopted, would substantially change auditor performance and thereby improve the likelihood that auditors will detect material misstatements due to fraud in a financial statement audit. The ED should improve the audit engagement team's overall awareness of the possibility of fraud and motivate all team members to think about how and where material fraud might occur. This should lead auditors to be more alert for indications of potential material fraud and to carefully consider whether planned audit procedures appropriately respond to identified fraud risks, including the risk of management override of controls. An increased focus on professional skepticism in gathering and evaluating audit evidence also should lead auditors to further challenge evidence that doesn't make sense and to obtain additional corroboration of management's explanations or representations concerning material matters. WHAT ELSE IS NEEDED? The new and strengthened requirements of the ED alone will not guarantee that auditors will detect all material misstatements due to fraud. Fraud often is difficult to detect because it involves concealment Concealment See also Refuge. Ali Baba 40 thieves concealed in oil jars. [Arab. Lit.: Arabian Nights] ark of bulrushes Moses hidden in basket to escape infanticide. [O.T. through falsification falsification /fal·si·fi·ca·tion/ (fawl?si-fi-ka´shun) lying. retrospective falsification unconscious distortion of past experiences to conform to present emotional needs. of documents or collusion An agreement between two or more people to defraud a person of his or her rights or to obtain something that is prohibited by law. A secret arrangement wherein two or more people whose legal interests seemingly conflict conspire to commit Fraud . Clearly, the ED is a significant positive step, incorporating the substance of a great majority of the specific recommendations of the Panel on Audit Effectiveness relating to fraud. The ED addresses the auditor's effectiveness in detecting material misstatements due to fraud, but broader efforts are needed that focus on the roles of management, the audit committee, regulators and others in addressing this important issue. Although it is important to improve the likelihood auditors will detect material financial statement fraud, a greater emphasis also is needed on management's responsibility for fraud prevention, deterrence deterrence Military strategy whereby one power uses the threat of reprisal to preclude an attack from an adversary. The term largely refers to the basic strategy of the nuclear powers and the major alliance systems. and detection. INVITATION TO COMMENT The auditor's role in detecting material fraud in a financial statement audit has never been under such scrutiny or been the subject of such controversy. We strongly encourage auditors and others to consider the changes the ED proposes and to provide the ASB with comments and feedback. The ED is available on the AICPA Web site at www.aicpa.org. The Fraud Triangle Incentive/Pressure Incentives or pressures on management or other employees to materially misstate mis·state tr.v. mis·stat·ed, mis·stat·ing, mis·states To state wrongly or falsely. mis·state ment n. the financial statements.
Example. Financial stability or profitability is threatened by economic, industry or entity operating conditions as indicated by significant declines in customer demand and increasing business failures in either the industry or overall economy. Opportunity Circumstances that provide an opportunity to carry out a material misstatement in the financial statements. Example. The nature of the industry or the entity's operations provide opportunities to engage in fraudulent financial reporting due to assets, liabilities, revenues or expenses based on significant estimates that involve subjective judgements or uncertainties that are difficult to corroborate To support or enhance the believability of a fact or assertion by the presentation of additional information that confirms the truthfulness of the item. The testimony of a witness is corroborated if subsequent evidence, such as a coroner's report or the testimony of other . Attitude/Rationalization An attitude, character or set of ethical values that allows one or more individuals to knowingly and intentionally in·ten·tion·al adj. 1. Done deliberately; intended: an intentional slight. See Synonyms at voluntary. 2. Having to do with intention. commit a dishonest act, or a situation in which individuals are able to rationalize ra·tion·al·ize v. 1. To make rational. 2. To devise self-satisfying but false or inconsistent reasons for one's behavior, especially as an unconscious defense mechanism through which irrational acts or feelings are made to appear committing a dishonest act (e.g., the environment imposes sufficient pressure on them to meet certain goals or targets). Example. There is a practice by management of committing to analysts, creditors and other third parties to achieve overly aggressive or unrealistic forecasts. Source: Occupational Fraud and Abuse, by Joseph T. Wells, CPA (Computer Press Association, Landing, NJ) An earlier membership organization founded in 1983 that promoted excellence in computer journalism. Its annual awards honored outstanding examples in print, broadcast and electronic media. The CPA disbanded in 2000. , CFE CFE Conventional Forces in Europe (treaty) CFE Cash Flow to Equity (finance/accounting) CFE Comisión Federal de Electricidad (México) CFE Certified Fraud Examiner . Obsidian obsidian (ŏbsĭd`ēən), a volcanic glass, homogeneous in texture and having a low water content, with a vitreous luster and a conchoidal fracture. Publishing Co., 1997. Reprinted with permission. Required inquiries of management. The proposed standard requires auditors to ask management about * Its knowledge of fraud or suspected fraud. * Its awareness of any allegations of fraudulent financial reporting. * Its understanding about the risks of fraud in the entity. * Programs and controls established to mitigate specific fraud risks or broader programs to prevent, deter or detect fraud and how it monitors such programs and controls. * For entities with multiple locations, the nature and extent of monitoring of operating locations or business segments and whether there are particular operating locations or business segments for which a risk of fraud may be more likely to exist. * Whether and how it communicates to employees its views on business practices and ethical behavior. DANIEL D. MONTGOMERY, CPA, is a partner with Ernst & Young's national professional practice department in Cleveland. His e-mail address See Internet address. e-mail address - electronic mail address is daniel.montgomery@ey.com. MARK S. BEASLEY, CPA, PhD, is associate professor of accounting at North Carolina State University History
|
|
||||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion