AUDITORS RESPONSIBILITY
The fair presentation of financial statements in accordance with the applicable financial reporting
standards is the responsibility of the client’s management. The auditor’s responsibility is to design the
audit to provide reasonable assurance of the detecting material misstatements in the financial
statements. These misstatements may emanate from
1. Error
2. Fraud, and
3. Noncompliance with laws and regulations




ERROR
The term “error” refers to unintentional misstatements in the financial statements, including
the omission of an amount or a disclosure, such as.
Mathematical or clerical mistakes in the underlying records and accounting data
An incorrect accounting estimate arising from oversight or misinterpretation of facts
Mistakes in the application of accounting policies

FRAUD
Fraud refers to intentional act by one or more individuals among management, those charged
with governance, employees, or third parties involving the use of deception to obtain unjust or
illegal advantage. Although fraud is broad legal concept, the auditor id primarily concerned with
fraudulent acts that cause a material misstatement in the financial statements.
TYPES OF FRAUD
There are two types of fraud that are relevant to the financial statement audit. Misstatement s resulting
from fraudulent financial reporting and misstatements resulting from misappropriation of assets.
1. Fraudulent financial reporting- involves intentional misstatements or omissions of amounts of
disclosures in the financial statements to deceive financial statement users. This type of fraud is
also known as management fraud because it usually involves members of management or those
charged with governance. This may involve.
 Manipulation, falsification or alteration of records or documents
 Misrepresentation in or intentional omission of the effects of transactions from records
of documents.
 Recording of transactions without substance
 Intentional misapplication of accounting policies
2. Misappropriation of assets or employee fraud- involves theft of an entity’s asset committed by
the entity’s employees. This may include
 Embezzling receipts
 Stealing entity’s assets such as cash, marketable securities, and inventory
 Lapping of accounts receivable
This type of fraud is often accompanied by false or misleading records or documents in order to conceal
the fact that the assets are missing.
Fraud involves motivation to commit it and a perceived opportunity to do so. For example, an
employee might be motivated to steal company’s assets because this employee lives beyond his means,
also a member of management may be forced to manipulate the financial statements in order to meet
an overly optimistic projection. A perceived opportunity to commit fraud may exist when there is no
proper segregation of duties among employees or when management believes that internal control can
easily be circumvented
The primary factor that distinguishes fraud from error is whether the underlying cause of misstatement
in the financial statements is intentional or unintentional. Although the auditor may be able to
identify opportunities for fraud to be perpetrated, it is often difficult, if not impossible, for the auditor to
determine intent, particularly in matters involving management judgement, such as accounting
estimates and the appropriate application of accounting principles. Consequently, the auditor’s
responsibility for the detection of fraud and error is essentially the same.
Responsibility of management and those charged with governance
The responsibility for the prevention and detection of fraud and error rests with both management and
those charged with the governance of the entity. In this regard, PSA 240 requires.


Management to establish a control environment and to implement internal control policies and
procedures designated to ensure, among others, the detection and prevention of fraud and
error.
Individual charged with governance of an entity to ensure the integrity of an entity’s accounting
and financial reporting systems and that appropriate controls are in place.
Auditor’s responsibility
Although the annual audit of financial statements may act as deterrent to fraud and error, the auditor is
not and cannot be held responsible for the prevention of fraud an error. The auditor’s responsibility is to
design the audit to obtain reasonable assurance that the financial statements are free from material
misstatements, whether caused by error or fraud
PLANNING PHASE
1. When planning an audit, the auditor should make inquiries of management about the
possibility of misstatements due to fraud and error, such inquiries may include
 Management’s assessment of risks due to fraud
 Controls established to address the risks
 Any material error or fraud that has affected the entity or suspected fraud that the
entity is investigating.
The auditor’s inquiries of management may provide useful information concerning the risk of material
misstatements in the financial statements resulting from employee fraud. However, such inquiries are
unlikely to provide useful information regarding the risk of material misstatements in the financial
statements resulting from management fraud. Accordingly, the auditor should also inquire of those
individual in charge of governance to seek their views on the adequacy of accounting and internal
control systems in place, the risk of fraud and error, and integrity of management.
2. The auditor should asses the risk that the fraud or error may cause the financial statements
to contain material misstatements. In this regard PSA 240 requires the auditor to specifically
“Asses the risk of material misstatements due to fraud and consider that assessment in
designing the audit procedures to be performed”
The fact that fraud is usually concealed can make it very difficult to detect. Nevertheless
using the auditor’s knowledge of the business, the auditor may identify events or conditions
that provide an opportunity, a motive or a means to commit fraud or indicate that fraud
may already have occurred. Such events or conditions are referred to as “fraud risk factors”
Fraud risk factors do not necessarily indicate the existence of fraud, however, they often
have been present in circumstances where frauds have occurred. Examples of fraud risk
factors taken from PSA 240 are set out at the end of this chapter
Judgements about the increased risk of material misstatements due to fraud may influence
the auditor’s professional judgements in the following ways.




The auditor may approach the audit with a heightened level of professional
skepticism
The auditor’s ability to asses control risk at less than high level may be reduced and
the auditor should be sensitive to the ability of the management to override
controls.
The audit team may be selected in ways that ensure that the knowledge, skill, and
ability of personnel assigned significant responsibilities are commensurate with the
auditor’s assessment of risk.
The auditor may decide to consider management selection and application of
significant accounting policies particularly those related to income determination
and asset valuation.
TESTING PHASE
3. During the course of the audit, the auditor may encounter the circumstances that may
indicate the possibility of fraud or error. For example, there are discrepancies found in the
accounting records, conflicting or missing documents or lack of cooperation from
management. In these circumstances, the auditor should perform procedures necessary to
determine whether material misstatements exists.
4. After identifying material misstatements in the financial statements, the auditor should
consider whether such a misstatement resulted from fraud or an error. This is important
because errors will only result to an adjustment of financial statement but fraud may have
other implications on an audit.
If the auditor believes that the misstatement is, or may be the result of fraud, but the effect
on the financial statements is not material, the auditor should
 Refer the matter to the appropriate level of management at least one level above
those involved, and
 Be satisfied that, given the position of the likely perpetrator, the fraud has no other
implications for other aspects of the audit or that those implications have been
adequately considered.
However if the auditor detects a material fraud or has been unable to evaluate whether the effect on
financial statement is material or immaterial, the auditor should
 Consider implications for other aspects of the audit particularly the reliability of management
representations.
 Discuss the matter and the approach to further investigation with an appropriate level of that is
at least one level above those involved.
 Attempt to obtain evidence to determine whether a material fraud in fact exists and, if so, their
effect, and
 Suggest that the client consult with legal counsel about questions of law.
COMPLETION PHASE
5. The auditor should obtain a written representation from the client’s management that
 It acknowledges its responsibility for the implementation and operations of accounting and
internal control systems that are designated to prevent and detect fraud and error
 It believes the effects of those uncorrected financial statement misstatements aggregated by
the auditor during the audit are immaterial, both individually and in the aggregate to the
financial statements taken as a whole. A summary of such items should be included in or
attached to the written representation.
 It has disclosed to the auditor all significant facts relating to any frauds or suspected frauds
known to the management that may have affected the entity; and
 It has disclosed to the auditor the results of its assessment of the risk that the financial
statements may be materially misstated as a result to fraud.
CONSIDER THE EFFECT ON THE AUDITOR’S REPORT
6. When the auditor believes that material error or fraud exist, he should request the
management to revise the financial statements otherwise, the auditor will express a
qualified or adverse opinion.
7. If the auditor is unable to evaluate the effect of fraud on the financial statements because of
a limitation on the scope of the auditor’s examination, the auditor should either qualify or
disclaim his opinion on the financial statements
Because of the inherent limitations of an audit there is unavoidable risk that the material misstatements
in the financial statements resulting from fraud and error may not be detected. Therefore, the
subsequent discovery of material misstatement in the financial statements resulting from fraud or error
does not, in and of itself, indicate that the auditor has failed to adhere to the basic principles and
essential procedures of an audit.
The risk of not detecting a material misstatement resulting from fraud is higher than the risk of not
detecting misstatements resulting from error. This is due to the fact that fraud may involve
sophisticated and organized schemes designated to conceal it, such as forgery, deliberate failure to
record transactions, or intentional misrepresentation being made to the auditor. Hence, audit
procedures that are effective for detecting material errors may be ineffective for detecting material
fraud, especially those concealed through collusion.
Furthermore, the risk of the auditor not detecting a material misstatement resulting from management
fraud is greater than for employee fraud, because those charged with governance and management are
often in a position that assumes their integrity and enables them to override the formally established
control procedures. Certain levels of management may be in position to override control procedures
designed to prevent similar frauds by other employees, for example, by directing subordinates to record
transactions incorrectly or to conceal them. Given its position of authority within an entity, management
has the ability to either direct employees to do something or solicit their help to assist management in
carrying out a fraud, with or without the employees’ knowledge.
NONCOMPLIANCE WITH LAWS AND REGULATIONS
Noncompliance refers to acts of omission or commission y the entity being audited, either intentional or
unintentional, which are contrary to the prevailing laws or regulations. Such acts include transactions
entered into by, or in the name of, the entity or on its behalf by its management or employees. Common
examples include



Tax evasion
Violation of environmental protection laws
Inside trading of securities
Management’s responsibility
Management’s responsibility to ensure that the entity’s operations is conducted in accordance with the
laws and regulations. The responsibility for the prevention and detection of noncompliance rests with
management (PSA 250)
The following policies and procedures, among others, may assist management in discharging its
responsibilities for the prevention and detection of noncompliance







Monitoring legal requirements and ensuring that operating procedures are designed to meet
these requirements.
Instituting and operating appropriate systems of internal control
Developing, publicizing and following a Code of Conduct.
Ensuring employees are properly trained and understand the Code of Conduct.
Monitoring compliance with the Code of Conduct and acting appropriately to discipline
employees who fail to comply with it.
Engaging legal advisors to assist in monitoring legal requirements.
Maintaining a register of significant laws with which the entity has to comply within its particular
industry and a record of complaints.
In larger entities, these policies and procedures may be supplemented by assigning appropriate
responsibilities to an internal audit function an audit committee.
Auditor’s Responsibility
An audit cannot be expected to detect noncompliance with all laws and regulations. Nevertheless, the
auditor should recognized that noncompliance by the entity with laws and regulations may materially
affect the financial statements.
PLANNING PHASE
1. In order to plan the audit, the auditor should obtain a general understanding of the legal and
regulatory framework. Applicable to the entity and the industry and how the entity is complying
with that framework.
To obtain the general understanding of laws and regulations the auditor would ordinarily.




Use the existing knowledge of the entity’s industry and business.
inquire of management concerning the entity’s policies and procedures regarding
compliance with the laws and regulations
Inquire of the management as to the laws or regulations that may be expected to have a
fundamental effect on the operations of the entity.
Discuss with management the policies or procedures adopted for identifying, evaluating
and accounting for litigation claims and assessments.

Discuss the legal and regulatory framework with auditors of subsidiaries in other
countries (for example, if the subsidiary is required to adhere to the securities
regulations of the parent company)
2. After obtaining the general understanding the auditor should design procedures to help
identifying instances of noncompliance with those laws and regulations where noncompliance
should be considered when preparing financial statements, such as;
 inquiring of management as to whether the entity as in compliance with such laws and
regulations
 Inspecting correspondence with the relevant licensing or regulatory authorities.
3. The auditor should also design audit procedures to obtain sufficient appropriate audit evidence
about compliance with those laws and regulations generally recognized by the auditor to have
effect in the determination of material amounts and disclosures in financial statements.
TESTING PHASE
4. When the auditor becomes aware of information concerning a possible instance of
noncompliance, the auditor should obtain an understanding of the nature of the act and the
circumstances in which It has occurred and sufficient other information to evaluate the possible
effect on the financial statements. When evaluating the possible effect on the financial
statements, the auditor considers:
 The potential financial consequences, such as fines, penalties, damages, threat of
expropriation of assets, enforced discontinuation of operations and litigation.
 Whether the potential financial consequences require disclosure
 Whether the potential financial consequences are so serious as to call into question the
fair presentation given by the financial statements.
5. When the auditor believes there may be noncompliance, the auditor should document the
findings, discuss them with management, and consider the implication on other aspects of the
audit.
COMPLETION PHASE
6. The auditor should obtain written representations that management has disclosed to the
auditor all known actual or possible noncompliance with laws and regulations that could
materially affect the financial statements.
CONSIDER THE EFFECT ON THE AUDITOR’S REPORT
7. When the auditor believes that there is noncompliance with laws and regulations that materially
affects the financial statements, he should request the management to revise the financial
statements. Otherwise, a qualified or adverse opinion will be issued.
8. F a scope limitation has precluded the auditor from obtaining sufficient appropriate evidence to
evaluate the effect of noncompliance with laws and regulations, the auditor should express a
qualified opinion or a disclaimer of opinion.
an audit is subject to the unavoidable risk that some material misstatement in the financial
statements will not be detected, even though the audit is properly planned and performed in
accordance with PSAs. His risk is higher with regard to material misstatements resulting from
noncompliance with laws and regulations because.


There are many laws and regulations relating principally to the operating aspects of the
entity that typically do not have a material effect on the financial statements and are not
captured by the accounting and internal control systems. Auditors are primarily concern
with the noncompliance that will have a direct and material effect in the financial
statements. Hence, auditors do not normally design audit procedures to detect
noncompliance that will not directly affect the fair presentation of the financial statements
unless the results of other procedures that were applied cause the auditor to suspect that a
material indirect effect noncompliance may have occurred.
Noncompliance ma involve conduct designed to conceal it, such as a collusion, forgery,
deliberate failure to record transactions, senior management override control or intentional
misrepresentations being made by the auditor.
Examples of risk factors relating to misstatements resulting from fraud
The fraud risk factors identified below are examples of such factors typically faced by auditors in a broad
range of situations. However, the fraud risk factors listed below are only examples; not all of these
factors are likely to be present in all audits, nor is the list necessarily complete. Furthermore, the auditor
exercises professional judgement when considering fraud risk factors individually or in combination and
whether there are specific controls that mitigate the risk.
Fraud risk factors relating to misstatements resulting from fraudulent financial reporting
Fraud risk factors relate to misstatements resulting from fraudulent financial reporting may be grouped
in the following three categories;
1. Management’s characteristics and influence over the control environment
2. Industry conditions
3. Operating characteristics and financial stability.
For each of these three categories, examples of fraud risk factors relating to misstatements arising from
fraudulent financial reporting are set out below.
1. Fraud risk factors relating to management’s characteristics and influence over the control
environment
These fraud risk factors pertain to management’s abilities, pressures, style, and attitude relating
to internal control and the financial reporting process.

There is motivation for management to engage in fraudulent financial reporting.
Specific indicators might include the following
-
-
-
a significant portion of management’s compensation is represented by bonuses,
stock options or other incentives, the value of which is contingent upon the entity
achieving unduly aggressive targets for operating results, financial position or cash
flow
there is excessive interest by management in maintaining or increasing the entity’s
stock price or earnings trend through the use of unusually aggressive accounting
practices
Management commits to analysts, creditors and other third parties to achieving
what appear to be unduly aggressive or clearly unrealistic forecasts.
Management has an interest in pursuing inappropriate means to minimize reported
earnings for ta motivated reasons.

There is a failure by management to display and communicate an appropriate attitude
regarding internal control and the financial reporting process. Specific indicators might
include the following.
- Management does not effectively communicate and support the entity’s values or
ethics, or management communicates inappropriate values or ethics.
- Management is dominated by a single person or a small group without
compensating controls such as effective oversight by those charged with
governance.
- Management does not monitor significant controls adequately
- Management fails to correct known material weaknesses in internal control on a
timely basis
- Management sets unduly aggressive financial targets and expectations for operating
personnel.
- Management display a significant disregard for regulatory authorities
- Management continues to employ ineffective accounting information technology or
internal auditing staff.

Non-financial management participates excessively in, or is preoccupied with the
selection of accounting principles or the determination of significant estimated.

There is a high turnover of management, counsel or board members

There is a strained relationship between management and the current or predecessor
auditor. Specific indicators might include the following
-
Frequent disputes with the current or predecessor auditor on accounting, auditing
or reporting matters.
Unreasonable demands on the auditor, including unreasonable time constraints
regarding the completion of the audit or the issuance of the auditor’s report.
-


Formal or informal restrictions on the auditor that inappropriately limit the auditor’s
access to people or information, or limit the auditor’s ability to communicate
effectively with those charged with governance.
- Domineering management behavior in dealing with the auditor, especially involving
attempts to influence the scope of the auditor’s work
There is a history of securities law violations, or claims against the entity or its management
alleging fraud or violations of securities laws.
The corporate governance structure is weak or ineffective, which may be evidenced by, for
example:
A lack of member who are independent of management
Little attention being paid to financial reporting matters and to the accounting and internal
control system by those charged with governance,
2. Fraud risk factors relating to industry conditions.
Those fraud risk factors involve the economic and regulatory environment in which the entity
operates.

New accounting, statutory or regulatory requirements that could impair the financial
stability or profitability of the entity.
 A high degree of competition or market saturation accompanied by declining margins
 A declining industry with increasing business failures and significant declines in
customer demand.
 Rapid changes in the industry, such as high vulnerability to rapidly changing technology
or rapid product obsolescence
3. Fraud risk factors relating to operating characteristics and financial stability
These fraud risk factors pertain to the nature and complexity of the entity and its transactions,
the entity’s financial condition, and its profitability.



Inability to generate cash flows from operations while reporting earnings and earnings
growth.
Significant pressure to obtain additional capital necessary to stay competitive,
considering the financial position of the entity (including a need for funds to finance
major research and development or capital expenditures)
Assets, liabilities, revenues or expenses based on significant estimates that involve
usually subjective judgments or uncertainties, or that are subject to potential significant
change in the near term in a manner that may have a financially disruptive effect on the
entity ( for example, the ultimate collectibility of receivables, the timing revenue
recognition, the realizability of financial instruments based on highly subjective
valuation of collateral or difficult-to-asses repayment sources, or a significant deferral
of costs)

Significant related party transactions which are not in the ordinary course of business

Significant related party transactions which are not audited or are audited by another
firm

Significant, unusual or highly complex transactions (especially those close to year-end)
that pose difficult questions concerning substance over form.

Significant bank accounts or subsidiary or branch operation in tax-have jurisdiction for
which there appears to be no clear business justification.

An overly complex organizational structure involving numerous or unusual legal entities,
managerial lines of authority or contractual arrangements without apparent business
purpose.

Difficulty in determining the organization or person (or persons) controlling the entity.

Unusually rapid growth or profitability, especially compared with that of other
companies in the same industry

Especially high vulnerability to changes in interest rates

Unusually high dependence on debt, a marginal ability to meet debt repayment
requirements, or debt covenants that are difficult to maintain

Unrealistically aggressive sales or profitability incentive programs

A threat of imminent bankruptcy, foreclosure or hostile takeover

Adverse consequences on significant pending transactions (such as a business
combination or contract award) if poor financial results are reported

A poor or deteriorating financial position when management has personally guaranteed
significant debts of the entity.
Fraud risk factors relating to misstatements resulting from misappropriation of assets
Fraud risk factors that relate to misstatements resulting from misappropriation of assets may be
grouped in the following two categories
1. Susceptibility of assets to misappropriation
2. Controls
For each of these two categories example of fraud risk factors that relate to misstatements resulting
from misappropriation of assets ae set out below. The extent of the auditor’s consideration of the fraud
risk factors in category 2 is influenced by the degree to which fraud risk factor in category 1 are present
1. Fraud risk factor relating to susceptibility of assets to misappropriation
These fraud risk factor pertain to the nature of an entity’s assets and the degree to which they
are subject to the




Large amounts of cash on hand processed
Inventory characteristics, such as small sixe combined with high value and high demand
Easily convertible assets, such as bearer bonds, diamonds or computer chips
Fixed asset characteristics, such as small size combined with marketability and lack of
ownership identification
2. Fraud risk factors relating to controls
These fraud risk factors involve the lack of controls designed to prevent or detect
misappropriation of assets








Lack of appropriate management oversight (for example, inadequate supervision or
inadequate monitoring of remote locations)
Lack of procedures to screen job applicants for positions where employees have access
to assets susceptible to misappropriation
Inadequate record keeping for assets susceptible to misappropriation
Lack of appropriate segregation of duties or independent checks
Lack of an appropriate system of authorization and approval of transaction (for example
in purchasing)
Poor physical safeguards over cash, investments inventory or fixed assets
Lack of timely and appropriate documentation for transaction (for example, credits for
merchandise returns)
Lack of mandatory vacations for employees performing key control functions