Fraud and the Financial Statement Audit: Auditor Responsibilities

• Chapter 1 - Introduction and Overview of SAS No. 99
  • Learning Objectives
  • Introduction
  • Review Questions
  • How SAS No. 99 Changed Audit Practice
    • Your Responsibilities for Detecting Fraud
    • The Fraud Triangle
    • Professional Skepticism
    • Fraud Risk Assessment Process
    • Review Questions
  • Information-Gathering Phase
    • Audit Team Communications
    • Inquiries of Entity Personnel
    • Analytical Procedures
    • Considering Fraud Risk Factors
    • Other Information
    • Review Questions
  • Considering Programs and Controls and Assessing Fraud Risks
    • Developing an Audit Response
    • How Should SAS No. 99 Change Audit Practice?
    • Audit Requirements and Their Implications
    • Review Questions
  • Organization of the Course
  • Summary
    • Questions to Consider
• Chapter 2 - Professional Skepticism
  • Learning Objectives
  • Introduction
  • The Importance of Attitude
    • The Attitude Found It
    • Attitude Is a Filter
    • Review Questions
  • Lessons from Psychology
    • Assumptions Allow Us to Self-Select What We See
    • We Construct Reality
    • Habituation and Categories
    • Recap
    • Review Questions
  • Implications for Auditors
    • The Value of Brainstorming
    • Applied Professional Skepticism
    • Implementation Tips
    • Review Questions
  • Summary
  • Questions to Consider
• Chapter 3 - Common Frauds
  • Learning Objectives
  • Introduction
  • Misappropriation of Assets
    • Accounts Receivable
    • Inventory
    • Purchasing and Payroll
    • Cash
    • Computer Schemes
    • Review Questions
  • Fraudulent Financial Reporting
    • Revenue Recognition
    • Inventory
    • Overvalued Assets
    • Underreported Liabilities
    • Review Questions
  • Summary
• Chapter 4 - Characteristics of Fraud
  • Learning Objectives
  • Introduction
  • Misappropriation of Assets vs. Fraudulent Financial Reporting
  • The Fraud Triangle
  • Other Characteristics of Fraud
    • Review Questions
  • Summary
• Chapter 5 - Brainstorming
  • Learning Objectives
  • Introduction
  • Objectives of the Brainstorming Session
  • Continuous Communication
  • Suggestions for an Effective Brainstorming Session
    • Structuring the Session
    • The Brainstorming Process
    • Rules of Engagement
    • Review Questions
  • Summary
• Chapter 6 - Effective Inquiries Relating to Fraud
  • Learning Objectives
  • Introduction
  • The Interview
    • Your Role as Interviewer
    • Starting the Interview
    • Structuring Questions
    • Signs of Deception
    • Concluding the Interview
    • Review Questions
  • Summary
• Chapter 7 - Audit Approach and Procedures
  • Learning Objectives
  • Introduction
  • Introduction and Overview
    • Auditor’s Overall Responsibility for Fraud Detection
    • An Integrated Approach
    • An Iterative Process
    • Review Questions
  • Obtaining Information to Identify the Risks of Material Misstatement Due to Fraud
    • Inquiries
    • Review Questions
  • Planning Analytical Procedures
    • Fraud Risk Factors
    • Other Information
  • Identifying and Assessing Fraud Risks
    • Build a Fraud Triangle
    • Pervasive or Specific
    • Accounting Estimates and Soft Information
    • Attributes of Risk
    • Required Risk Assessments
    • Evaluating the Entity’s Programs and Controls
    • Review Questions
  • Responding to the Assessed Risks
    • Overall Responses
    • Procedures to Address Specific Accounts or Classes of Transactions
    • Addressing the Risk of Management Override
  • Evaluating Audit Evidence
    • Misstatements That May Be the Result of Fraud
  • Communication about Fraud Matters
  • Documentation
    • Review Questions
  • Summary
• Chapter 8 - Latest Developments
• Appendix A - SAS No. 99, Consideration of Fraud in a Financial Statement Audit (AU Section 316)
• Appendix B - AICPA Practice Aid Series – Fraud Detection in a GAAS Audit (Excerpts Only – Chapters 5 and 6 and Appendix A)
  • Chapter 5 – Responding to the Risk of Improper Revenue Recognition
  • Chapter 6 – Auditing Accounting Estimates
  • Appendix A – Industry-Specific Conditions That May Indicate the Presence of Fraud

731816

Chapter 1 - Introduction and Overview of SAS No. 99

Learning Objectives

After completing this chapter, you should be

• Familiar with major requirements relating to an auditor’s responsibilities for detecting material misstatements due to fraud during a GAAS audit.

• Able to identify ways in which SAS No. 99 changes existing audit practice.

• Familiar with the organization of the remainder of the course.

Introduction

Background and Overview of SAS No. 99

The accounting profession was under fire. Throughout the long, hot summer, newspapers were filled with new details of a corporate accounting scandal. One of the largest, most respected companies in the United States had been caught inflating earnings and assets through blatant manipulation of the accounting rules. Thousands of investors and employees had suffered. Congressional hearings were called to examine and understand the fraud, and everyone asked, “Where were the auditors?” The accounting profession was under immense political pressure from reform-minded lawmakers, and the negative publicity surrounding the perceived audit failure cast all CPAs in the most unfavorable light.

Sound familiar? The year was 1938.

The corporate accounting scandal was McKesson-Robbins, in which the company inflated assets and earnings by $19 million through the reporting of nonexistent inventory and fictitious sales. In the wake of the scandal, the auditing profession responded by setting the first formal standards for auditing procedures, including guidance on the auditor’s responsibilities for detecting fraud.

In the years since McKesson-Robbins, the business world has been rocked by even bigger corporate frauds, and each time the profession has come under criticism – some of which is justified and some of which is not. Once again we have witnessed the quick, spectacular failure of some of this country’s largest companies, amid a series of indictments, arrests, and allegations of financial fraud. As CPAs, we find ourselves in the uncomfortable position of having to defend our work and our credibility. We are now at the beginning of the post-Enron world. In the summer of 2002, the Sarbanes-Oxley Act was signed into law, and by all accounts it has the potential to dramatically change the auditing profession. SAS No. 99, Consideration of Fraud in a Financial Statement Audit, was the first major audit standard to be released after the passage of Sarbanes-Oxley. No one ever intended these events to converge like this, but they did – a new fraud standard delivered in the midst of endless revelations of corporate malfeasance. The timing is fortuitous because this standard provides us with an excellent opportunity to repair some of the recent damage to our reputation – one auditor, one engagement at a time.

SAS No. 99 has the potential to significantly improve audit quality, not just in detecting fraud, but also in detecting all material misstatements and improving the quality of the financial reporting process. This is why.

Integrity of the Standards-Setting Process

High-quality processes lead to high-quality results. Suppose you are building a house and you want it to be beautiful and functional and stand the test of time. Everything you do – from the drafting of the plans to the selection of materials and on through the actual construction itself – must be designed to produce that type of quality. Because of that direct relationship between process and product, we can judge the quality of a finished product before it is used by looking at the quality of the process. Thinking of buying a home but having questions about its quality? Examine the quality of the building process.

Auditors would have been skeptical if SAS No. 99 had been the product of a hasty process designed solely as a response to the criticism the profession has received in the wake of highprofile business failures.

For that reason, it is important to recognize that SAS No. 99 was not a knee-jerk reaction to recent events. This standard was four years in the making. It is the product of a thoughtful, thorough, and open standards-setting process that constantly seeks to improve audit quality. The standard incorporates

• Results of academic research on how auditors implemented previous standards on fraud and how those standards might be improved.

• Recommendations of the Public Oversight Board’s Panel on Audit Effectiveness, who conducted their own detailed study on audit effectiveness.

• Comments from over 50 groups and individuals representing a wide variety of stakeholders in the financial reporting process.

Because of the care exercised in the development of the standard, it is a high-quality standard that is likely to improve the ability of auditors to respond effectively to the potential for fraud.

Audit Smarter

If you are familiar with the previous auditing standard on fraud, you know that a cornerstone of that standard was a list of “fraud risk factors,” which, though they do not necessarily indicate the existence of fraud, often have been observed when frauds have occurred. This list of fraud risk factors was intended to help auditors discover indicators of fraud while performing their engagements. In practice, this list usually was reduced to a checklist that auditors completed and included in their workpapers.

The academic research that examined the implementation of the previous standard resulted in several key findings:

• Auditors did a good job of identifying indicators of fraud. However, once those indicators were identified, they did a relatively poor job of responding appropriately to the perceived risk of fraud.

• Auditors who rely exclusively on checklists to identify fraud risk factors are less effective than those who supplement checklists with other procedures.

SAS No. 99 is extremely comprehensive and touches on many elements of the audit process. It cannot be reduced to a checklist or form. The effective implementation of SAS No. 99 requires auditors to audit smarter and think when they audit. Engagement teams who implement the standard by obtaining an updated version of a generic audit program will be doing themselves and their clients an injustice. The effective implementation of SAS No. 99 will force you to rethink how you plan and perform your audits.

Standard Will Result in Better Audits, Not Just Fraud Detection

As an example of the ways in which SAS No. 99 will result in better audits, consider the effectiveness of analytical procedures. If you attend a training session on improving the effectiveness of analytical procedures, one sure-fire way for the instructor to get a laugh (and make an important point) is to describe some of the analytical review comments he or she has read on workpapers over the years. “Revenues increased because the client sold more.” Or “Change in account balance from prior year is reasonable per discussion with controller.”

What makes these types of comments scary is that they illustrate how an otherwise effective audit procedure can be rendered ineffective. And analytical procedures are just one of several areas where the performance of audit procedures is less than optimal. To reduce audit risk to an acceptable level, others on the engagement team must revisit the audit area and do additional work, which makes the engagement less efficient.

731816