Financial Services Industry

Industry: Email Alert RSS Feed

Taking a bite outta fraud - Fraud Standards - Statement on Auditing Standards 99: Consideration of Fraud in a Financial Statement Audit

California CPA, Jan-Feb, 2003

Among the lessons learned over the past year, one that has long concerned CPAs was again highlighted: the expectation gap between what the public believes the auditor's responsibility for detecting fraud should be and the actual responsibility.

To support CPAs in this new and often confusing environment, the AICPA has launched an Anti-Fraud and Corporate Responsibility Program to rebuild investor confidence in capital markets and re-establish audited financial statements as a clear picture window into corporate America.

NEW FRAUD AUDIT STANDARD

The cornerstone of the program is the new audit standard, Statement on Auditing Standards 99: Consideration of Fraud in a Financial Statement Audit.

Most PopularCBS MoneyWatch.com Articles

Although the new standard has the same name as its predecessor, it is more far-reaching than SAS 82 in that SAS 99 provides U.S. auditors expanded guidance for detecting material fraud and will result in a substantial change in auditor performance.

The standard includes four key provisions:

* Increased Emphasis on Professional Skepticism. Putting aside any prior beliefs as to management's honesty, members of the audit team must exchange ideas or brainstorm how fraud could occur.

These discussions are intended to identify fraud risks and should be conducted while keeping in mind the characteristics that are present when frauds occur: incentives, opportunities and ability to rationalize.

Throughout the audit, the engagement team should think about and explore the question, "If someone wanted to perpetrate a fraud, how would it be done?" From these discussions, the engagement team should be in a better position to design audit tests responsive to the risks of fraud.

* Discussions with Management. The engagement team is expected to inquire of management and others in the organization as to the risk of fraud and whether they are aware of any frauds. The auditors should make a point of talking to employees in and outside management.

Giving employees and others the opportunity to "blow the whistle" may encourage someone to step forward. It also might help deter others from committing fraud if they are concerned that a co-worker will report their actions.

* Unpredictable Audit Tests. During an audit, the engagement team should test areas, locations and accounts that otherwise might not be tested. The team should design tests that would be unpredictable and unexpected by the client.

* Responding to Management Override of Controls. Because management is often in a position to override controls to commit financial-statement fraud, the standard includes procedures to test for management override of controls on every audit. These include:

* Examining journal entries and other adjustments for evidence of possible material misstatement due to fraud.

* Reviewing accounting estimates for biases that could result in material misstatement due to fraud.

* Evaluating the business rationale for significant unusual transactions.

Additionally, SAS 99 requires the auditor to assess the risks of material misstatement due to fraud throughout the audit and to evaluate--at the completion of the audit--whether the accumulated results of auditing procedures and other observations affect the assessment.

It also requires the auditor to consider whether identified misstatements may be indicative of fraud and, if so, directs the auditor to evaluate their implications.

Other areas that are covered include how to communicate about fraud to management, the audit committee and others, as well as documenting the auditors' consideration of fraud.

SAS 99 is effective for audits of financial statements done on or after Dec. 15, 2002. For more on SAS 99, visit www.aicpa.org/members/div/auditstd/riasai/sas99.asp.> FIGHTING FRAUD FROM THE INSIDE OUT

While the new fraud standard supports CPAs in their efforts to detect material fraud, another document issued by the AICPA and a number of professional organizations also helps businesses combat fraud. "Management Antifraud Programs and Controls: Guidance to Help Prevent, Deter and Detect Fraud" identifies three measures an organization can take to prevent, deter and detect fraud:

* Creating a culture of honesty and high ethics. Directors, officers and other senior financial officers set the tone for ethical behavior within any organization. As members of the management team, these people are capable and empowered to ensure that all stakeholders' interests are appropriately balanced, protected and preserved.

* Evaluating anti-fraud processes and controls. Neither fraudulent financial reporting nor misappropriation of assets can occur without the opportunity to commit and conceal such an act.

Organizations should reduce fraud opportunities by identifying and measuring fraud risks; taking steps to mitigate identified risks; and implementing and monitoring effective internal controls.

* Developing an oversight process. To prevent or deter fraud, an organization should have an appropriate oversight function in place. The audit committee should evaluate management's identification of fraud risks, implementation of anti-fraud measures and creation of the right ethical tone for the company. The committee also should make sure that senior management, particularly the CEO, has anti-fraud measures in place to protect investors, employees and other stakeholders.
 

BNET TalkbackShare your ideas and expertise on this topic

Please add your comment:
  1. You are currently: a Guest |
  4.  

Basic HTML tags that work in comments are: bold (<b></b>), italic (<i></i>), underline (<u></u>), and hyperlink (<a href></a)

advertisement
advertisement
  • Click Here
  • Click Here
  • Click Here
advertisement
Click Here

Content provided in partnership with Thompson Gale

Presented by American Express