550 likes | 1.25k Views
ACCT 4240 - Auditing. Fraud Awareness Auditing. Brief History. 1900s -- Fraud detection was a primary objective of the audit 1940s -- Detection of fraud considered to be a “responsibility not assumed.”
E N D
ACCT 4240 - Auditing Fraud Awareness Auditing
Brief History • 1900s -- Fraud detection was a primary objective of the audit • 1940s -- Detection of fraud considered to be a “responsibility not assumed.” • 1960s -- Auditor acknowledged responsibility for detecting fraud that would normally be uncovered by an examination performed in accordance with GAAS. • 1980s -- Auditor had responsibility to search for fraud that may have a material affect on the financial statements. • 1997 -- SAS No. 82; 2002 – SAS No. 99 Video (VIDEO)
Types of Fraud Financial Statement Fraud Misrepresentation of material facts Misappropriation of assets Management Fraud Concealment of material facts Illegal Acts Bribery Conflict of Interest FRAUD Embezzlement of money or property Breach of fiduciary duty Employee Fraud Theft of trade secrets of intellectual property Illegal acts
Why People Commit Fraud Studies show that employees are likely to commit fraud when four conditions exist: • PRESSING FINANCIAL NEED • OPPORTUNITY • REASONABLE JUSTIFICATION • LACK OF MORAL PRINCIPLES
Embezzlement Formula MOTIVE + OPPORTUNITY + RATIONALIZATION = CRIME [FRAUD]
Profile of Fraud Perpetrators The fraud perpetrator is more likely to be an ordinary member of the community: intelligent, respected, never suspected of dishonesty, NOT YOUR TYPICAL CRIMINAL TYPE. • MORE LIKELY TO BE: • A woman • Married • Church member • Older • Heavier • Have children • Have a higher education • Never been arrested • Have high self-esteem • High achiever • LESS LIKELY TO BE: • Divorced • Alcoholic • Tattooed
Two Basic Types of Fraud • Occupational fraud – fraud against the company, usually involving misappropriation of assets • Financial statement fraud – fraud to enhance the company to the detriment of outsiders
Financial Statement Fraud: Prevention and Detection • Review in Journal of Accountancy,December 2002, pp. 89−90: • “Financial Statement Fraud is a good reference for understanding some of the current corporate financial statement problems in making sure that financial statements are correct.” • Review in Internal Auditing May/June 2002, • p. 46−47: • “This professional reference is highly recommended reading for all internal auditors and should be included in all internal auditing libraries and used in internal auditing training programs. This book should hit the bestseller lists rather quickly.” by Zabihollah Rezaee, published by John Wiley & Sons, March 2002
Financial Statement Fraud • Definition – Deliberate misstatements or omissions of amounts or disclosures of financial statement to deceive financial statement users, particularly investors and creditors. • Financial statement fraud has become daily press reports challenging the corporate responsibility and integrity of major companies such as Lucent, Xerox, Rite-Aid, Waste Management, Microstrategy, KnowledgeWare, Sunbeam, Cendent, and ZZZ Best.
Cooks Recipes EndResults FSF = Crime Incentives Monitoring Five interactive factors that may explain and justify the occurrence of financial statement fraud
Why do people commit fraud? Financial Statement Fraud Formula Cooks + Recipes + Incentives + Monitoring (lack of) + End Results = CRIME
Financial Statements: Errors, Frauds and Illegal Acts • Errors are unintentional misstatements or omissions of amounts or disclosures in financial statements. • Management Fraud is intentional misstatements or omissions of amounts or disclosures in financial statements. • Direct-effect illegal acts are violations of laws or government regulations by the company or its management or employees that produce direct and material effects on dollar amounts in financial statements. • "Illegal acts" (far‑removed) are violations of laws and regulations that are far removed from financial statement effects (for example, violations relating to insider securities trading, occupational health and safety, food and drug administration, environmental protection, and equal employment opportunity).
Auditor and Investigator Responsibilities • External Auditors (CPAs) • SAS 99: Consideration of Fraud in a Financial Statement Audit • Design audit to provide reasonable assurance of detecting fraud that could have a material effect on the financial statements. • Perform fraud-related procedures • SAS 54: Illegal Acts • Focused primarily is on direct-effect illegal acts • SAS 61: Communication with Audit Committees • Internal Auditors (CIAs) • SIAS 3: Deterrence, Detection, Investigation, and Reporting of Fraud • Governmental Auditors • Focus on laws and regulations (compliance), design audit to detect abuse and illegal acts, report to the appropriate authority • Certified Fraud Examiners (CFEs) • Assignments begin with predication (probable cause)
Auditor’s Responsibility for Detecting Fraud • GAAS makes NO DISTINCTION between the auditor’s responsibilities for searching for errors or for fraud • Per SAS No. 99, auditors must specifically assess the risk of material misstatement due to fraud
Assessing the Risk of Fraud • Pressure or incentive to commit the fraud • Direct financial gain, such as misappropriation of assets or retaining job • Indirect financial gain, such as increase in stock price • Perceived opportunity to commit the fraud • Can fraud be perpetrated without detection?
Fraudulent Financial Reporting Risk Factors • Management’s characteristics and influence over the control environment • Management’s abilities, pressures, style, and attitude relating to internal control and the financial reporting process • Industry conditions • Operating characteristics and financial stability • Nature and complexity of the entity and its transactions, financial condition, and profitability
Misappropriation of Assets Risk Factors • Susceptibility of assets to misappropriation • Employee relationships or pressures • Deficiencies in internal control
Auditor Responses to Fraud • The matter should be brought to the attention of the appropriate level of management • Fraud involving senior management and fraud that causes a material misstatement should be reported to the audit committee
Auditor Responses to Fraud • Auditor may have to disclose to outside parties • To comply with legal and regulatory requirements • To a successor auditor • In response to a subpoena • To a governmental funding agency
Illegal Acts • Direct effect on financial statements (e.g. tax fraud) • Design audit to detect • Inform appropriate level of management
Illegal Acts • Indirect effect on financial statements (e.g. FDA) • Evaluate adequacy of disclosure • If management refuses to account properly for results of illegal act, auditor may issue qualified or adverse opinion • If management refuses to allow investigation of illegal act, auditor may issue disclaimer or withdraw from audit
Industries Most Affected by Fraud • Financial services • Insurance • Health care • Manufacturing • State or local government • Higher education • Not-for-profit
Most Costly Types of Fraud • Medical/Insurance claims fraud • False financial statements • Credit card fraud • Check fraud • Inventory theft
How Were Frauds Discovered? • Notification by employees (58%) • Internal controls (51%) • Internal auditor review (43%) • Notification by customer (41%) • By accident (37%) • External auditor review (4%)
Red Flags • Personal financial pressure • Vices (drugs, alcohol or gambling) • Extravagant lifestyles • Real or imagined grievances against company • Related parties • Increased stress • Internal pressures
How Frauds Occurred • Poor internal controls • Management override of internal controls • Collusion between employees and third parties • Collusion between employees or management • Lack of control over management • Poor or nonexistent corporate ethics policy
Top Audit Deficiencies • Insufficient competent evidence, particularly for asset valuation and ownership • Accepted management assumptions for account balance estimates • Accepted management responses without challenge • Incorrectly applied or interpreted GAAP
Top Audit Deficiencies • Inadequate planning • Failed to prepare an audit program • Used standardized program • Assumed controls were adequate • Used inquiry as only form of evidence • Improper accounts receivable confirmations • Failed to recognize key related parties • Over-reliance on internal controls
Reasons Auditors Fail to Detect Fraud • Over reliance on client representations. • Lack of awareness or failure to recognize that an observed condition may indicate a material fraud. • Lack of experience. • Personal relationships with clients.
Exhibit 3.2Considering the Risk of Fraud (SAS 99) • Gather information to identify risks. • Identify risks. • Assess risks taking into account entity’s programs and controls. • Respond to results of assessment. Step 1: Staff discussion Step 2: Identify information necessary to assess fraud risk factors Step 3: a. Identify and b. Assess fraud risk factors Step 4: Respond to risk assessment Step 5: Evaluate audit evidence Step 6: Communicate fraud matters Step 7: Document
SAS No. 99 • Effective in 2003 • Increased Emphasis on Professional Skepticism • Members of the audit team must exchange ideas or brainstorm how frauds could occur • "If someone wanted to perpetrate a fraud, how would it be done?"
SAS No. 99 • Required discussions with Management about: • Its knowledge of fraud or suspected fraud • Its awareness of any allegations of fraudulent financial reporting • Its understanding about the risks of fraud in the entity • Programs and controls established to mitigate specific fraud risks
SAS No. 99 • Required discussions with Management about: • For entities with multiple locations • The nature and extent of monitoring of operating locations or business segments • Whether there are particular operating locations or business segments for which a risk of fraud may be more likely to exist • Whether and how it communicates to employees its views on business practices and ethical behavior
SAS No. 99 • Auditors should make a point of talking to employees in and outside management • Give employees and others the opportunity to "blow the whistle“ • May help deter others from committing fraud
SAS No. 99 • Unpredictable Audit Tests • Respond to Management Override of Controls
SAS No. 99 The Fraud Triangle Rationalization Incentives/ Pressures Opportunities
The Fraud Triangle • Incentives/Pressures • 95 percent of all fraud cases involve either: • Financial pressures • Vice-related pressures, including drug or alcohol addiction • Expensive romantic relationships • Need to maintain a particular lifestyle • Medical problems
The Fraud Triangle • Rationalization is the reconciliation of what we are doing with what our conscience tells us we should do. • "I was only borrowing it; I planned to return it after things improved"
The Fraud Triangle • Opportunity • Easiest to control of the three components • Most frequently achieved with internal controls • Segregation of duties • Authorizations • Independent checks • Physical safeguards • Adequate documents and records
The Fraud Triangle • Auditors are to broaden the range of information they use to assess the risks of material misstatement due to fraud, beyond the fraud risk factors provided in SAS No. 82 • Auditors are to consider management’s programs and controls to address risks
The Fraud Triangle • Auditors are to develop an appropriate response for each fraud risk identified • Examine journal entries and other adjustments • Review accounting estimates for bias • Evaluate the business rationale for significant unusual transactions
Evaluate Control Environment Tests of Controls Audit Risk X Inherent Risk Control Risk X Detection Risk = Errors Errors Analytical Procedures Errors Misappropriation of Assets Misappropriation of Assets Misappropriation of Assets Tests of Details Financial Statement Fraud Financial Statement Fraud Financial Statement Fraud Forensic Procedures Evaluate Controls Over Assets Management Integrity Evaluate Top Management Controls R2 R1 Incentive/ Pressure Opportunity Incentive/ Pressure Fraud Risk Factors Attitude/ Rationalization Fraud Risk Factors Opportunity Fraud Risk Factors
Responsible for Detection? Must Communicate Findings? Material Immaterial Material Immaterial Errors Yes No Yes (Audit Committee) No Fraud Yes No Yes (Audit Committee) Yes (One level above) Illegal Acts Yes (Direct Effect) No Yes (Audit Committee) Yes (One level above) Exhibit 3.3Auditor Responsibility for Detecting Errors, Fraud, and Illegal Acts
Inherent Risk: General Categories of Errors and Frauds • Invalid transactions are recorded. • Valid transactions are omitted from the accounts. • Unauthorized transactions are executed and recorded. • Transaction amounts are inaccurate. • Transactions are classified in the wrong accounts. • Transaction accounting and posting is incorrect. • Transactions are recorded in the wrong period.
Fraud Techniques • Payments to fictitious vendors • Embezzlement by employees • Create false financial statements (ZZZZBest)
Discussion • Enron • Worldcom • Xerox • Lernout Hauspie • HealthSouth • Parmalat • AOL • Fannie Mae • Global Crossing • Qwest
Financial Statement Frauds • http://www.veoh.com/tag.html?tag=gary+zeune&numResults=20&title=Tag%3A+gary+zeune&type=v • http://www.veoh.com/videos/v14992548FMpkGtt