Chapter 10: Assessing and Responding to Fraud Risks

Types of Fraud

Misstatements in the financial statements can arise from error or fraud.

What is the key factor that distinguishes error from fraud?

Fraud is defined an intentional misstatement of financial statements.

Types of Fraud

Fraudulent Financial Reporting and Misappropriation of Assets

Fraudulent Financial Reporting

• Some misstatements understate income.

• Management wants to reduce income taxes.

• Management wants to smooth earnings by creating “cookie jar” reserves. For example, management:

–Overstates the allowance for doubtful accounts in the current period.

–Reverses the provision in a future period.

Some misstatements involve inadequate disclosure, for example:

–Enron – inadequate disclosure of related party transactions

–E.F. Hutton – inadequate description of liability account

Misappropriation of Assets

Misappropriation of assets is theft of the entity’s assets.

Who typically commits misappropriation of assets? Management or Employees?

Are the amounts material or immaterial?

Are there examples of misappropriation of assets by management?

Yes. CEO of Tyco embezzled $100M

Conditions for Fraud

• Incentives or pressures

• Opportunities

• Rationalization or justification.

figure 10-1

Conditions for Fraud

• Incentives or pressures. Management or employees have an incentive or a pressure to commit fraud.

• Opportunities. Management or employees have an opportunity to commit fraud.

• Rationalization or justification. Management or employees have an attitude, character, or set of ethical values that allows them to commit or justify the fraud.

Conditions for Fraud exist for

both fraudulent financial reporting and misappropriation of assets.

The risk factors that are associated with the conditions differ for fraudulent financial reporting and misappropriation of assets.

Fraudulent Financial Reporting Conditions and Risk Factors

Incentive or pressure

• Meet earnings expectation

• Meet earnings benchmarks such as prior year earnings

• Comply with debt covenants

• Achieve a bonus target based on earnings

• Inflate stock prices

Fraudulent Financial Reporting Conditions and Risk Factors

Opportunities

• Significant accounting estimates involving subjective judgments

• Significant related party transactions

• Deficient internal controls

• Complex organization structure

• Ineffective oversight of financial reporting by the board of directors or audit committee

Fraudulent Financial Reporting Conditions and Risk Factors

Attitude or Rationalization

• Significant disregard for financial reporting process.

• Overly optimistic earnings forecasts.

• Overly concerned about meeting analysts’ forecasts.

• Sense of superiority by management

Misappropriation of Assets Conditions and Risk Factors

Incentives or Pressures

• Financial pressures (excessive debt, drug or gambling problems)

• Adverse relationships between management and employees (layoffs, compensation or promotion inconsistent with expectations)

Misappropriation of Assets Conditions and Risk Factors

Opportunities

• Cash on hand, inventory items (small, valuable, high demand).

• Inadequate internal controls. For example, lack of controls over payments to vendors or payroll systems allows employees to create fictitious vendors and employees and bill the company for service or time.

Misappropriation of Assets Conditions and Risk Factors

Attitude or Rationalization

• Management attitude toward controls and ethical conduct may allow employees to rationalize theft of assets. For example, employees cheat on time reports or reimbursement reports.

• Rationalization. I will pay it back vs. I earned it (stole).

Assessing the Risk

Auditors are required to assess the risk of material misstatement due to fraud.

What are the five sources of information used to assess fraud risk?

–Discussion among the engagement team

–Inquiries of management and others

–Analytical procedures

–Fraud risk factors

–Other information

Engagement Team Discussion

Auditing standards require the audit team to have a discussion about fraud.

Who is required to participate in this discussion?

• Engagement partner

• key members of the audit team

What is the purpose of the discussion?

• it allows senior members of the team to share their insights

• it allows all members to brainstorm ideas (planning stage) about fraud

The discussion is often referred to as a

brainstorming session

What items are the team members required to discuss?

Financial statements.

Where are the entity’s financial statements most susceptible to material misstatements from fraud?

How are the entity’s financial statements most susceptible to material misstatements from fraud?

What items are the team members required to discuss?

–Management. How management could perpetrate and conceal fraud.

–Employees. How employees could misappropriate the entity’s assets.

What items are the team members required to discuss?

–Auditor. How the auditor might respond to the susceptibility of the financial statements to misstatements due to fraud.

The discussion will likely take place with the discussion about where the entity’s financial statements are subject to misstatements other than fraud.

True (do them at the same time)

The engagement team should set aside beliefs about the honesty and integrity of management and those charged with governance.

True

The engagement team should be reminded about the importance of maintaining professional skepticism regarding the potential for material misstatement due to fraud throughout the audit.

true

Inquiries of management

What is management’s process for assessing fraud risks?

What is the nature of fraud risks identified by management?

Have any controls been implemented to address those risks?

Has management reported any information about fraud risks and related controls to the audit committee or others charged with governance?

Does management have knowledge of any fraud or suspected fraud within the company?

Inquiries of Audit Committee

• What are the audit committee’s views about the risks of fraud?

• Does the audit committee have knowledge of any fraud or suspected fraud?

Inquiries of Internal Audit

What are internal audit’s views about the risks of fraud?

Has internal audit performed any procedures to identify or detect fraud?

Does internal audit have knowledge of any fraud or suspected fraud?

Inquiries of Others

The auditor should make inquiries of others within the entity whose duties lie outside of the normal reporting lines for financial reporting about fraud or suspected fraud.

What are examples of others?

Risk Factors

Auditing standards require the auditor to consider whether risk factors indicate an:

–Incentive or pressure to commit fraud

–Opportunity to commit fraud

–Ability to rationalize or justify the fraud

Does the existence of fraud risk factors mean that fraud exists

No?

Does the existence of fraud risk factors mean that there is an increased risk of fraud?

yes?

Analytical Procedures

The auditor is required to perform analytical procedures in the planning and review stages of the engagement.

What are examples of analytical procedures?

Ratio Analysis

Horizontal Analysis

Vertical Analysis

The Auditor is required to perform analytical procedure on

Revenue accounts

The objective is to identify, unusual or unexpected relationships involving revenue accounts that may identify fraudulent financial reporting

Analytical Procedure Examples

–The auditor compares sales volume based on recorded revenue with actual production capacity

–The auditor reviews monthly sales in the general ledger

–The auditor reviews monthly sales by product line

Other Analytical Information

The auditor should consider other information when assessing the risk of fraud

ex:

–Information from the client acceptance and continuance process.

–Information from other engagements such as the review of quarterly financial statements

–Information considered in assessing inherent risks and control risks

Identified Risks of Material Misstatements Due to Fraud

Auditors should evaluate all sources of information to assess the risks of misstatement due to fraud as part of audit planning.

Auditors assess fraud risk at both the

–financial statement level

–assertion level for classes of transactions and balances, including related disclosures

Auditors should presume that there is a risk of fraud in revenue recognition.

–Premature recognition of revenue transactions

–Recording fictitious revenues

If the auditor concludes that there is no fraud risk in revenue recognition, the auditor must document that conclusion.

When the auditor concludes that there is a risk of material misstatement due to fraud, the auditor should treat those risks as significant risks and

–Obtain an understanding of related controls

–Determine if the controls are properly designed and have been implemented

–Perform substantive procedures, including tests of details