Audit Chapter 10
Auditors are required to make inquiries of individuals in the company when gathering info to assess fraud risk. Identify those with whom the auditor must make inquiries.
Auditing standards require the audit team to conduct discussions to share insights from more experienced audit team members and to "brainstorm" ideas that address the following: 1. How and where they believe the entity's financial statements might be susceptible to material misstatement due to fraud. This should include consideration of known external and internal factors affecting the entity that might create an incentive or pressure for management to commit fraud. provide the opportunity for fraud to be perpetrated. indicate a culture or environment that enables management to rationalize fraudulent acts. 10-3 Copyright © 2017 Pearson Education, Inc. 10-5 (continued) 2. How management could perpetrate and conceal fraudulent financial reporting. 3. How assets of the entity could be misappropriated. 4. How the auditor might respond to the susceptibility of material misstatements due to fraud.
Define fraudulent financial reporting and give 2 examples that illustrate fraudulent financial reporting
Fraudulent financial reporting is an intentional misstatement or omission of amounts or disclosures with the intent to deceive users. Two examples of fraudulent financial reporting are accelerating the timing of recording sales revenue to increase reported sales and earnings, and recording expenses as fixed assets to increase earnings.
Discuss the importance of the control environment or "setting the tone at the top," in establishing a culture of honesty and integrity in a company.
Management and the board of directors are responsible for setting the "tone at the top" for ethical behavior in the company. It is important for management to behave with honesty and integrity because this reinforces the importance of these values to employees throughout the organization
Distinguish management's responsibility from the audit committee's responsibility for designing and implementing antifraud programs and controls within a company.
Management has primary responsibility to design and implement antifraud programs and controls to prevent, deter, and detect fraud. The audit committee has primary responsibility to oversee the organization's financial reporting and internal control processes and to provide oversight of management's fraud risk assessment process and antifraud programs and controls.
Define misappropriation of assets and give 2 examples of misappropriation of assets
Misappropriation of assets is fraud that involves theft of an entity's assets. Two examples are an accounts payable clerk issuing payments to a fictitious company controlled by the clerk, and a sales clerk failing to record a sale and pocketing the cash receipts.
The 2 components of professional skepticism are a questioning mindset and a critical assessment of the audit evidence. How do these components help an auditor distinguish an unintentional misstatement from an international (fraudulent) misstatement?
Professional skepticism suggests the auditor should neither assume that management is dishonest, nor assume unquestioned honesty, and an auditor should remain professionally skeptical throughout the entire audit process. A questioning mind will encourage the auditor to gather more persuasive evidence to corroborate management responses, which would help the auditor distinguish intentional from unintentional misstatements. Critically assessing the evidence means the auditor evaluates each piece of evidence separately, but also evaluates all of the evidence gathered as a whole. For example, if all of management's estimates are biased in the direction of increasing net income, the auditor would be more likely to conclude the misstatements are intentional.
What do auditing standards require the auditor to consider when assessing the risk of material misstatements in revenue?
Revenue and related accounts receivable and cash accounts are especially susceptible to manipulation and theft. Research finds that a majority of financial statement fraud instances involve revenues and accounts receivable. As a result of the frequency of financial reporting frauds involving revenue recognition, auditing standards require the auditor to presume fraud risk is present in revenue recognition in all audits. In light of this presumption, auditors should evaluate the types of revenue and revenue transactions, and the assertions related to these transactions, which may increase fraud risk.
. What sources are used by the auditor to gather information to assess fraud risk
Sources used to gather information about fraud risks include: Information obtained from communications among audit team members about their knowledge of the company and its industry, including how and where the company might be susceptible to material misstatements due to fraud. Responses to auditor inquiries of management about their views of the risks of fraud and about existing programs and controls to address specific identified fraud risks. Specific risk factors for fraudulent financial reporting and misappropriations of assets. Analytical procedures results obtained during planning that indicate possible implausible or unexpected analytical relationships. Knowledge obtained through other procedures such as client acceptance and retention decisions, interim review of financial statements, and consideration of inherent or control risks.
Describe the types of overall responses by auditors to address fraud risk.
The auditor can choose among several overall responses to increased fraud risk. The auditor may begin by first discussing the auditor's findings about fraud risk with management to obtain management's views of the potential for fraud and the existing controls designed to prevent or detect misstatements. The auditor should consider whether antifraud programs and controls mitigate the identified risks of material misstatement due to fraud. If the risk of material misstatement due to fraud is increased, the auditor may decide to assign more experienced personnel to the engagement, including fraud specialists, and greater emphasis may be placed on the importance of increased professional skepticism. The auditor may place greater emphasis on management's choice of accounting principles with special attention given to those that involve subjective measurements or complex transactions. Auditing standards also require auditors to incorporate unpredictability in the audit strategy
Describe the purpose of corporate codes of conduct and identify 3 examples of items addressed in a typical code of conduct.
The corporate code of conduct establishes the "tone at the top" of the importance of honesty and integrity and can also provide more specific guidance about permitted and prohibited behavior. Examples of items typically addressed in a code of conduct include expectations of general employee conduct, restrictions on conflicts of interest, and limitations on relationships with clients and suppliers.
Earnings management
deliberate actions taken by management to meet earnings objectives
Identify 3 verbal and 3 nonverbal cues that may be observed when making inquiries of an individual who is being deceitful
When making inquiries of a deceitful individual, three examples of verbal cues are frequent rephrasing of the question, filler terms such as "well" or "to tell the truth," and forgetfulness or acknowledgements of nervousness. Three examples of nonverbal cues by the individual are creating physical barriers by blocking their mouth, leaning away from the auditor, and signs of stress such as sweating or fidgeting.
You have identified a suspected fraud involving the company's controller. What must you do in response to this discovery? How might this discovery affect you report on internal control when auditing a public company?
When the auditor suspects that fraud may be present, auditing standards require the auditor to obtain additional evidence to determine whether material fraud has occurred. Auditing standards also require the auditor to consider the implications for other aspects of the audit. When the auditor determines that fraud may be present, auditing standards require the auditor to discuss the matter and audit approach for further investigation with an appropriate level of management that is at least one level above those involved, and with senior management and the audit committee, even if the matter might be considered inconsequential. For public company auditors, the discovery of fraud of any magnitude by senior management is at least a significant deficiency and may be a material weakness in internal control over financial reporting. This includes fraud by senior management that results in even immaterial misstatements. If the public company auditor decides the fraud is a material weakness, the auditor's report on internal control over financial reporting will contain an adverse opinion
Give examples of risk factors for fraudulent financial reporting for each of the 3 fraud conditions: incentives/pressures, opportunities, and attitudes/rationalization
The following are examples of risk factors for fraudulent financial reporting for each of the three fraud conditions: Incentives/Pressures - The company is under pressure to meet debt covenants or obtain additional financing. Opportunities - Ineffective oversight of financial reporting by the board of directors allows management to exercise discretion over reporting. Attitudes/Rationalization - Management is overly aggressive. For example, the company may issue aggressive earnings forecasts, or make extensive acquisitions using company stock.
What should the audit team consider in its planning discussion about fraud risks?
The following are examples of risk factors for misappropriation of assets for each of the three fraud conditions: Incentives/Pressures - The individual is unable to meet personal financial obligations. Opportunities - There is insufficient segregation of duties that allows the individual to handle cash receipts and related accounting records. Attitudes/Rationalization - Management has disregarded the inadequate separation of duties that allows the potential theft of cash receipts.
You go through the drive-through window of a fast food restaurant and notice a sign that reads, "your meal is free if we fail to give you a receipt." Why would the restaurant post this sign?
The handling of cash by individuals operating cash registers is particularly susceptible to theft. The notice "your meal is free if we fail to give you a receipt" is designed to ensure that every customer is given a receipt and all sales are entered into the register to establish accountability for the sale.
What are 3 ways auditors respond to fraud risks?
The three auditor responses to fraud are: (1) change the overall conduct of the audit to respond to identified fraud risks; (2) design and perform audit procedures to address identified risks; and (3) perform procedures to address the risk of management override of controls.
. What are the 3 conditions of fraud often referred to as the "fraud triangle"?
The three conditions of fraud referred to as the "fraud triangle" are (1) Incentives/Pressures; (2) Opportunities; and (3) Attitudes/Rationalization. Incentives/Pressures are incentives of management or other employees to commit fraud. Opportunities are circumstances that allow management or employees to commit fraud. Attitudes/Rationalization are indications that an attitude, character, or set of ethical values exist that allow management or employees to commit a dishonest act or they are in an environment that imposes sufficient pressure that causes them to rationalize committing a dishonest act.
Name the 3 categories of inquiry and describe the purpose of each when used by an auditor to obtain additional info about a suspected fraud.
The three types of inquiry are informational, assessment, and interrogative. Auditors use informational inquiry to obtain information about facts and details that the auditor does not have. For example, if the auditor suspects financial statement fraud involving improper revenue recognition, the auditor may inquire of management as to revenue recognition policies. The auditor uses assessment inquiry to corroborate or contradict prior information. In the previous example, the auditor may attempt to corroborate the information obtained from management by making assessment inquiries of individuals in accounts receivable and shipping. Interrogative inquiry is used to determine if the interviewee is being deceptive or purposefully omitting disclosure of key knowledge of facts, events, or circumstances. For example, a senior member of the audit team might make interrogative inquiries of management or other personnel about key elements of the fraud where earlier responses were contradictory or evasive.
Describe the 3 main techniques used to manipulate revenue
Three main techniques used to manipulate revenue include: (1) recording of fictitious revenue; (2) premature revenue recognition including techniques such as bill-and-hold sales and channel stuffing; and (3) manipulation of adjustments to revenue such as sales returns and allowance and other contra accounts.
Vertical analysis
analysis in which financial statement numbers are converted to percentages of a base; also called common-size financial statements
Horizontal analysis
analysis of percentage changes in financial statement numbers compared to the previous period
What 3 auditor actions are required to address the potential for management override of controls?
auditors are required to take three actions to address potential management override of controls: (1) examine journal entries and other adjustments for evidence of possible misstatements due to fraud; (2) review accounting estimates for biases; and (3) evaluate the business rationale for significant unusual transactions.
Describe the types of info that should be included in the auditor's working papers as evidence of the auditor's fraud assessment procedures.
diting standards require that auditors document the following matters related to the auditor's consideration of material misstatements due to fraud: • Significant decisions made during the discussion among engagement team personnel in planning the audit about the susceptibility of the entity's financial statements to material fraud, including how and when the discussion occurred and who participated. • Procedures performed to obtain information necessary to identify and assess the risks of material fraud. • Specific risks of material fraud that were identified at both the overall financial statement level and the assertion level and a description of the auditor's responses to those risks. • Reasons supporting a conclusion that there is not a significant risk of material improper revenue recognition. • Results of the procedures performed to address the risk of management override of controls. • Other conditions and analytical relationships indicating that additional auditing procedures or other responses were required, and the actions taken by the auditor. • The nature of communications about fraud made to management, the audit committee, or others.
Fraud risk factors
entity factors that increase the risk of fraud
Income smoothing
form of earnings management in which revenues and expenses are shifted between periods to reduce fluctuations in earnings
Assessment inquiry
inquiry to corroborate or contradict prior information obtained
Informational inquiry
inquiry to obtain information about facts and details the auditor does not have
Interrogative inquiry
inquiry used to determine if the interviewee is being deceptive or purposefully omitting disclosure of key knowledge of facts, events, or circumstances
Premature revenue recognition
recognition of revenue before accounting standards requirements for recording revenue have been met
Fraud triangle
represents the three conditions of fraud; incentives/pressures, opportunities, and attitudes/rationalization
