The Auditor’s Responsibilities

Relating to Fraud in an Audit

PSA 240
Intended Learning Outcomes
After the presentation, you should be able to:
• Understand the characteristics of fraud
• Understand the responsibilities of an auditor relating to fraud in an audit
• Understand how to identify and assess risk of material misstatements due to fraud
Characteristics of Fraud
Misstatements in the financial statements can arise from either fraud
or error. The distinguishing factor between fraud and error is whether
the underlying action that results in the misstatement of the financial
statements is intentional or unintentional.
Although fraud is ordinarily concealed, certain conditions (e.g., missing
documents) may suggest the possibility of fraud.
Two types of intentional misstatements are relevant to the auditor
• Misstatements resulting from fraudulent financial reporting
• Misstatements resulting from misappropriation of assets
Management’s Involvement
Management has unique ability to perpetrate fraud because it can
directly or indirectly manipulate accounting records and present
fraudulent financial information; it may
• Override controls
• Direct or solicit employees to carry out fraud
Fraud Risk Triangle
Three conditions are generally present when
fraud occurs:
• Incentive/pressure – a reason to commit fraud
• Opportunity – circumstances exists
• Attitude/rationalization – those involved are
able to justify/rationalize committing a
fraudulent act
Fraud Risk Factors – Fraudulent Financial Reporting
Management characteristics
• Management does not display and communicate an appropriate
attitude regarding internal control and the financial reporting
process
• Management’s compensation is based on unreasonable targets
for operating results or financial position
• Management tries to increase the stock price by using
aggressive accounting practices
• Senior management or board members turn over rapidly
Fraud Risk Factors – Fraudulent Financial Reporting
Industry conditions
• The client is in a declining industry with frequent business
failures
• The industry experiences rapidly changing customer demand,
technology or product obsolescence
• A high degree of competition or market saturation causes or
accompanies declining margins
Fraud Risk Factors – Fraudulent Financial Reporting
Operating characteristics and financial stability
• The client is under significant pressure to obtain needed capital
for major research or capital expenditures
• The client is threatened with imminent bankruptcy or foreclosure
• The client has reported earnings growth, but cannot generate
cash flows from operations
Fraud Risk Factors – Misappropriation of Assets
Susceptibility of Assets to Misappropriation
• Large amounts of cash are processed
• Inventory consists of small high value items

Employee Relationship or Pressures

• Dissatisfied employees have access to assets
• Employees exhibit a lifestyle that is beyond their means
• Employee behavior changes in unusual and unexplained ways
Fraud Risk Factors – Misappropriation of Assets
Controls
• Management fails to provide adequate oversight
• Job applicants are inadequately screened
• The accounting system is in disarray
Responsibilities
The primary responsibility for the prevention and detection of fraud
rests with both those charged with governance of the entity and
management.
An auditor conducting an audit in accordance with PSAs is
responsible for obtaining reasonable assurance that the financial
statements taken as a whole are free from material misstatement,
whether caused by fraud or error.
Auditors do not make legal determination whether fraud has
occurred. The auditor is interested in acts that result in a material
misstatement of the financial statements.
Objectives
The objectives of the auditor are:
• To identify and assess the risks of material misstatement of the
financial statements due to fraud;
• To obtain sufficient appropriate audit evidence about the
assessed risks of material misstatement due to fraud, through
designing and implementing appropriate responses; and
• To respond appropriately to identified or suspected fraud.
Professional Skepticism
An audit should be conducted with a mindset that recognizes the
possibility of material misstatement due to fraud, even if
• Past experience with the client has not revealed fraud, and
• Regardless of the auditor’s belief about management’s honesty
and integrity
An auditor should not be satisfied with less than persuasive
evidence because of a belief that management is honest.
Discussion Among Engagement Team
Prior to or in conjunction with obtaining information to identify
risks of fraud, the audit team should discuss the potential for a
material misstatement due to fraud including
• Brainstorming among team members
• Emphasizing the importance of maintaining the proper state of
mind regarding the potential for material misstatement due to
fraud
Obtaining the Information Needed
1. Make inquiries of management and others within the entity
• Does it have knowledge of fraud or suspected fraud
• Have there been allegations of fraud or suspected fraud
• Its understanding of fraud risks
• Programs and controls established to mitigate fraud risks

2. Make inquiries with those charged with governance

• How they exercise oversight of management’s processes for
identifying and responding to the risks of fraud
Obtaining the Information Needed
3. Considering the results of analytical procedures performed
during audit planning
• When unexpected results occur, consider the risk of material
misstatement due to fraud.

4. Considering fraud risk factors

• The auditor shall evaluate whether the information obtained
from the other risk assessment procedures and related activities
performed indicates that one or more fraud risk factors are
present.
5. Considering other information
Identification and Assessment of RMM Due to Fraud

The auditor shall identify and assess the risks of material

misstatement due to fraud at the financial statement level, and at the
assertion level for classes of transactions, account balances and
disclosures.
The auditor shall treat those assessed risks of material misstatement
due to fraud as significant risks and accordingly, to the extent not
already done so, the auditor shall obtain an understanding of the
entity’s related controls, including control activities, relevant to such
risks.
Attributes of the RMM
The auditor should consider the following attributes of the risk of material
misstatements due to fraud to identify whether and how the risk is relevant to audit
• Type – whether it involves fraudulent financial reporting or misappropriation of
assets
• Significance – whether it is of a magnitude that could lead to result in a possible
material misstatement of the financial statements
• Likelihood – the likelihood that it will result in a material misstatement in the
financial statements
• Pervasiveness – whether the potential risk is pervasive to the financial statements
as a whole or especially related to a particular assertion, account or class of
transactions
Responses to the Assessed Risks
Overall responses
• Assign personnel with more experience and have more
supervision
• Evaluate whether the selection and application of accounting
policies by the entity may be indicative of fraudulent financial
reporting resulting from management’s effort to manage
earnings
• Incorporate an element of unpredictability in the selection of the
nature, timing and extent of audit procedures
Responses to the Assessed Risks
Audit Procedures Responsive to Assessed Risks of Material
Misstatement Due to Fraud at the Assertion Level
General types of responses:
• Nature – more reliable evidence or additional corroborative
information
• Timing – perform at or near end of reporting period, but apply
substantive procedures to transactions occurring throughout the
year
• Extent – increase sample sizes, perform more detailed analytical
procedures
Responses to the Assessed Risks
Audit Procedures Responsive to Risks Related to Management
Override of Control
• Test the appropriateness of journal entries recorded in the
general ledger and other adjustments made in the preparation
of the financial statements.
• Review accounting estimates for biases and evaluate whether the
circumstances producing the bias
• Evaluate whether the business rationale (or the lack thereof) of
the transactions suggests that they may have been entered into
to engage in fraudulent financial reporting or to conceal
misappropriation of assets.
Evaluating Audit Evidence
The auditor shall evaluate whether analytical procedures that are
performed when forming an overall conclusion as to whether the
financial statements as a whole are consistent with the auditor’s
understanding of the entity and its environment indicate a
previously unrecognized risk of material misstatement due to fraud.
When the auditor identifies a misstatement, the auditor shall
evaluate whether such a misstatement is indicative of fraud.
Evaluating Audit Evidence
If the auditor identifies a misstatement, whether material or not,
and the auditor has reason to believe that it is or may be the result
of fraud and that management (in particular, senior management)
is involved, the auditor shall reevaluate the assessment of the risks
of material misstatement due to fraud and its resulting impact on
the nature, timing and extent of audit procedures to respond to the
assessed risks.
When the auditor confirms that, or is unable to conclude whether,
the financial statements are materially misstated as a result of fraud
the auditor shall evaluate the implications for the audit.
Communicating About Fraud to Management
Communicating About Fraud to Management
• If the auditor has identified a fraud or has obtained information that indicates that a fraud
may exist, the auditor shall communicate these matters on a timely basis to the
appropriate level of management in order to inform those with primary responsibility for
the prevention and detection of fraud of matters relevant to their responsibilities.
Communications to Regulatory and Enforcement Authorities
• If the auditor has identified or suspects a fraud, the auditor shall determine whether there
is a responsibility to report the occurrence or suspicion to a party outside the entity.
• Although the auditor’s professional duty to maintain the confidentiality of client
information may preclude such reporting, the auditor’s legal responsibilities may override
the duty of confidentiality in some circumstances.
Thank You For Listening J