SAS 99: Consideration of Fraud in a Financial Statement Audit

advertisement
SAS 99: Consideration of Fraud
in a Financial Statement Audit
Overall Requirement
An audit should be planned and performed
to obtain reasonable assurance about
whether the financial statements are free
of material misstatements, whether
caused by error or fraud.
An audit requires due professional care,
which in turn requires that the auditor
exercise professional skepticism.
Causes of Misstatements
Causes
Errors
Fraud
Fraudulent
Financial
Reporting
Misappropriation
of Assets
Two Types of Fraud Considered in
an Audit
• Fraudulent financial reporting (“cooking
the books”)--examples
– Falsification of accounting records
– Omissions of transactions
• Misappropriation of assets--examples:
– Theft of assets
– Fraudulent expenditures
Professional Skepticism
• An attitude that includes a questioning mind and
a critical assessment of audit evidence
• The engagement should be conducted
recognizing possibility of material misstatement
due to fraud
• An auditor should not be satisfied with less than
persuasive evidence
Terminology Simplification
To simplify the display, we will abbreviate the
term used in the standard “risk of material
misstatement due to fraud” as follows:
Risk of material
misstatement
due to fraud
=
Risk of fraud
Fraud Conditions (“Fraud Triangle”)
Incentive
(Pressure)
Opportunity
Rationalization
(Attitude)
Steps involved in Considering the
Risk of Fraud
1.
2.
3.
4.
5.
6.
7.
8.
Staff discussion
Obtain information needed to identify risks
Identify risks
Assess identified risks
Respond to results of assessment
Evaluate audit evidence
Communicate about fraud
Document consideration of fraud
Step 1—Staff Discussion of the
Risk of Fraud
• Brainstorm
• Consider how and where financial
statements might be susceptible to fraud
• Exercise professional skepticism
Step 2—Obtain information needed
to identify risk of fraud
• Inquiries of management, the audit
committee, internal auditors and others
• Consider results of analytical procedures
• Consider fraud risk factors
• Consider other information
Step 3—Identify Risks that may
Result in Fraud and Consider
• Type of risk
• Significance of risk (magnitude)
• Likelihood of Risk
• Pervasiveness of risk
Step 4—Assess the identified risks
after considering programs and
controls
• Consider understanding of internal control
• Evaluate whether programs and controls
address the identified risks
• Assess risks taking into account this
evaluation
Step 5—Respond to Results of the
Assessment
As risk increases
• Overall responses
– More experienced staff
– More attention to accounting policies
– Less predictable procedures
• Specific responses
– Consider need to increase evidence by
altering the nature, timing and extent of audit
procedures
Step 5—Respond to Results of the
Assessment (concluded)
• On all audits, the auditor should consider
the possibility of management override of
controls and examine:
– Adjusting journal entries
– Accounting estimates
– Unusual significant transactions
Step 6—Evaluate Audit Evidence
• Assess risk of fraud throughout the audit
• Evaluate analytical procedures performed
as substantive tests and at overall review
stage
• Evaluate risk of fraud near completion of
fieldwork
• Respond to misstatements
Step 7—Communicate about Fraud
• Communicate
– All fraud to an appropriate level of
management
– All management fraud to audit committee
– All material fraud to management and audit
committee
• Determine if reportable conditions related
to internal control have been identified;
communicate them to the audit committee
Document Consideration of Fraud
• Document steps 1 -7
–
–
–
–
Staff discussion
Information used to identify risk of fraud
Fraud risks identified
Assessed risks after considering programs and
controls
– Results of assessment of fraud risk
– Evaluation of audit evidence
– Communications requirements
• If improper revenue recognition was not
considered a risk, why it wasn’t
Question Number 1
What type of assurance is an audit
planned and performed to obtain?
Question Number 2
What is professional skepticism?
Question Number 3
What are the two types of fraud
addressed in an audit? Provide
an example of each.
Question Number 4
What 3 conditions are ordinarily
present when individuals commit
fraud?
Question Number 5
In what area are analytical
procedures required while
planning the audit?
Question Number 6
What is “management override?”
Question Number 7
What are the required audit
procedures in response to the
possibility of management
override?
Question Number 8
What responsibility does an auditor
have for communicating fraud to
management and the audit
committee?
Download