Overview of Auditing for
Fraud
"It takes 20 years to build a reputation and five minutes to ruin it. If you think about
that, you'll do things differently."
Warren Buffet
-
1-2
An Abundance of Frauds
1-3
Why Fraud is a Costly Business
Problem
Fraud Robs Income
Fraud Losses Reduce Net Income $ for $
If Profit Margin is 10%, Revenues Must
Increase by 10 Times the Losses to Recover
the Affect on Net Income


Losses……. $100 Million
Revenue….$1 Billion
1-4
Fraud Cost….Two Examples
General Motors




$436 Million Fraud
Profit Margin = 10%
$4.36 Billion in
Revenues Needed
At $20,000 per Car,
218,000 Cars
Bank





$100 Million Fraud
Profit Margin = 10 %
$1 Billion in Revenues
Needed
At $100 per year per
Checking Account,
10 Million New Accounts
1-5
General Profile of White Collar Criminals








Older (30+ years)
75% Male, 25% Female
Stable Financial Position
Above Average Education
Less Likely to Have a Criminal Record
Good Psychological Health
Position of Trust
Detailed Knowledge of Accounting Systems
and its Weaknesses
Second COSO Report
Major Characteristics of Companies Having
Perpetrated Fraud









Smaller companies - under $200 million in revenues
Board of directors dominated by management
Audit committees non-existent or inactive
Overstated revenues and corresponding assets
Most revenue frauds involved premature recognition or
fictitious revenues
No internal audit department
Perpetrated over relatively long-terms (average period 2 years)
Companies were in loss situations or near break-even prior to
the fraud
CEO and /or CFO involved in 83% of the cases
Fraud & Auditor Responsibilities
"The detection of material fraud is a reasonable
expectation of users of audited financial statements.
Society needs and expects assurance that financial
information has not been materially misstated because of
fraud. Unless an independent audit can provide this
assurance, it has little if any value to society”
Public Companies Accounting Oversight Board
Overview of Auditors’ and Other
Professionals’ Responsibilities
1-8
External Auditors (CPAs)
SAS 99: Consideration of Fraud in a Financial Statement Audit


SAS 54:
Design audit to provide reasonable assurance of detecting fraud that could have a material
effect on the financial statements.
Perform fraud-related procedures
Illegal Acts --- Focused primarily is on direct-effect illegal acts
SAS 114: “The Auditor’s Communication with Those Charged with Governance”
Other Professional’s Responsibilities
Internal Auditors (CIAs)

Internal auditors support management's efforts to establish a culture that embraces ethics,
honesty, and integrity. They assist management with the evaluation of internal controls used
to detect or mitigate fraud, evaluate the organization's assessment of fraud risk, and are
involved in any fraud investigations.
Governmental Auditors

Focus on laws and regulations (compliance), design audit to detect abuse and illegal acts,
report to the appropriate authority
Certified Fraud Examiners (CFEs)

Assignments begin with predication (probable cause)
3-8
1-9
Errors and Illegal Acts
Errors --- unintentional misstatements or omissions of amounts
or disclosures in financial statements
Direct-Effect Illegal Acts --- violations of laws or government
regulations by the company or its management or employees
that produce direct and material effects on dollar amounts in
financial statements.
Far Removed Illegal Acts --- violations of laws and regulations
that are far removed from financial statement effects (for
example, violations relating to insider securities trading,
occupational health and safety, food and drug administration,
environmental protection, and equal employment
opportunity).
1-10
Auditor Responsibility for Detecting Errors,
Frauds, and Illegal Acts
Auditor Responsible for
Detection?
Must Communicate Findings?
Material
Immaterial
Material
Immaterial
Errors
Yes
No
Yes
(Audit Committee)
No
Fraud
Yes
No
Yes
(Audit Committee)
Yes
(One Level Above)
Illegal
Acts
Yes
(Direct Effect)
No
Yes
(Audit Committee)
Yes
(One Level Above)
1-11
Defining Fraud
Four Elements:
Material False Statement
Knowledge the Statement was False
Reliance on the Statement by Victim
Damages
Categories of Fraud
Defalcations
Fraudulent Financial Reporting
Defalcation
Employee takes assets from the organization for personal
gain
ACFE Classification:

Corruption

Asset Misappropriation
Note: Defalcation may create misleading financial
statements if stolen assets are reported on the
statements
1-14
Definitions Related to
Employee Fraud
White Collar Crime --- fraud perpetrated by people who work in offices and steal with a
pencil or a computer terminal in contrast to violent street crime.
Employee Fraud --- use of fraudulent means to take money or other property from an
employer. It consists of three phases: (1) the fraudulent act, (2) the conversion of
the money or property to the fraudster's use and (3) the cover-up.
Embezzlement --- employees' or nonemployees' wrongfully taking money or property
entrusted to their care, custody, and control, often accompanied by false accounting
entries and other forms of lying and cover-up.
Larceny --- simple theft of an employers property that is not entrusted to an employee's
care, custody or control.
1-15
Red Flags: Employee Fraud
o
o
o
o
o
o
o
o
o
Missing Documents.
Alterations on Documents.
Photocopied Documents.
Second Endorsements on
Checks.
Unusual Endorsements.
Old Outstanding Checks.
Unexplained Adjustments to
Accounts Receivable and
Inventory Balances.
Unusual Patterns in Deposits in
Transit.
General Ledgers do not
Balance.
o
o
o
o
o
o
o
o
o
o
Cash Shortages and Overages.
Excessive Voids and Credit
Memos.
Customer Complaints.
Common Names or Addresses
for Refunds.
Increased Past Due Receivables.
Inventory Shortages.
Increased Scrap.
Duplicate Payments.
Employees Cannot be Found.
Dormant Accounts that have
Become Active.
Cash Misappropriation Schemes
Larceny--- stealing cash after it has been recorded on the
books
Skimming--- stealing cash before it is recorded on the
books
Fraudulent Disbursements
 Billing-- set up false vendors and pay for fictitious
goods
 Payroll-- add fictitious employees to payroll
 Expense Reimbursement-- submit overstated
reimbursement requests
 Check Tampering-- alter check, e.g. change payee
or amount
Fraudulent Financial Reporting
Intentional Manipulation of Financial Statements
Manipulation, falsification, or alteration of accounting
records or supporting documents
Misrepresentation or omission of events, transactions, or
significant information
Intentional misapplication of accounting principles
Most common types are
Overstate assets and understate expenses
Overstate revenues and assets
Understate liabilities
Patterns of Financial Reporting
Frauds
Complex Revenue Recognition Schemes
Incorrect Billings to the Government
Holding the Books Open
Accelerated Revenue Recognition
Capitalizing Expenses
1-19
Financial Statement Frauds
Revenue/Accounts Receivable Frauds (Global
Crossing, Quest, ZZZZ Best)
Inventory/Cost of Goods Sold Frauds (PharMor)
Understating Liability/Expense Frauds (Enron)
Overstating Asset Frauds (WorldCom)
Overall Misrepresentation (Bre-X Minerals)
To Do Revenue-Related Transactions
and Frauds
Transaction
Accounts Involved
Fraud Schemes
1. Estimate all
uncollectible accounts
receivable
2. Sell goods and/or
services to customers
Bad debt expense,
allowance for doubtful
accounts
Accounts receivable,
revenues (e.g. sales
revenue)
1. Understate allowance for doubtful accounts,
thus overstating receivables
4. Write off receivables
as uncollectible
Allowance for doubtful
accounts, accounts
receivable
7. Not write off uncollectible receivables
8. Write off uncollectible receivables in a later
period
5. Collect cash after
discount period
Cash, accounts
receivable
6. Collect cash within
discount period
Cash, sales discounts,
accounts receivable
9. Record bank transfers as cash received from
customers
10. Manipulate cash received from related
parties
11. Not recognize discounts given to customers
3. Accept returned
goods from customers
2. Record fictitious sales (related parties, sham
sales, sales with conditions, consignment sales,
etc.)
3. Recognize revenues too early (improper
cutoff, percentage of completion, etc.)
4. Overstate real sales (alter contracts, inflate
amounts, etc.)
Sales returns, accounts 5. Not record returned goods from customers
receivable
6. Record returned goods after the end of the
period
1-20
To Do Inventory/Cost of Goods Sold
Frauds
Transaction
Accounts Involved
Fraud Schem es
1. Purchase inventory
Inventory, accounts payable 1. Under-record purchase
2. Record purchases too late
3. Not record purchases
2. Return merchandise to
Accounts payable, inventory 4. Overstate returns
supplier
5. Record returns in an earlier period (cutoff problem)
3. Pay vendor w ithin discount Accounts payable, inventory, 6. Overstate discounts
period
cash
7. Not reduce inventory cost
4. Pay vendor w ithout discountAccounts payable, cash
Considered in another chapter
5. Inventory is sold; cost of Cost of goods sold, inventory 8. Record at too low an amount
goods sold is recognized
9. Not record cost of goods sold nor reduce inventory
6. Inventory becomes obsoleteLoss on w rite-dow n of
10. Not w rite off or w rite dow n obsolete inventory
inventory, inventory
7. Inventory quantities are
Inventory shrinkage, inventory11. Over-estimate inventory (use incorrect ratios, etc.)
estimated
8. Inventory quantities are
Inventory shrinkage, inventory12. Over-count inventory (double counting, etc.)
counted
9. Inventory cost is determinedInventory, cost of goods sold 13. Incorrect costs are used
14. Incorrect extensions are made
15. Record fictitious inventory
1-21
1-22
Understating Liability Frauds






Not recording accounts payable
Not recording accrued liabilities
Recording unearned revenues as earned
Not recording warranty or service liabilities
Not recording loans or keep liabilities off the
books
Not recording contingent liabilities
1-23
Asset Overstatement Frauds






Overstatement of current assets (e.g. marketable
securities)
Overstating pension assets
Capitalizing as assets amounts that should be
expensed
Failing to record depreciation/amortization
expense
Overstating assets through mergers and
acquisitions
Overstating inventory and receivables
1-24
Disclosure Frauds
1. Overall misrepresentations about the nature of the
company or its products, usually made through news
reports, interviews, annual reports, and elsewhere
2. Misrepresentations in the management discussions
and other non-financial statement sections of annual
reports, 10-Ks, 10-Qs, and other reports
3. Misrepresentations in the footnotes to the financial
statements
1-25
Concealing Asset Misappropriations
False Debits
To expenses (most common)
Expenses are not tangible (can’t be inventoried)
Expense accounts closed to zero at end of year
To assets
Commonly debit accounts receivable
Debit to asset easier to detect
Stays on books
1-26
Concealing Asset Misappropriations
Omitted Credits
Concealment technique for cash skimming
Pocket cash, no credit to sales
Out-of-Balance Conditions
Asset removed from business (debit)
No corresponding credit
Person hopes nobody notices
1-27
Concealing Asset Misappropriations
Forced Balances

Variation of out-of-balance technique

Instead of a false entry to cover loss, person
simply adds wrong, carry false totals

Used by persons with access to the books
Lessons Learned From Fraud
Cases
Need to look at economic assumptions underlying
growth
Need to assess risk factors and when the risk of fraud is
high, demand and gather stronger evidence
Computer errors should be viewed as a risk factor
Dominant clients can be a problem
Need to know what motivates management
Not assume all people are honest
When fraud risk indicators are discovered, they must be
thoroughly investigated
1-29
Reasons Auditors Fail to Detect Fraud








Not their Job
Audits too Predictable
Auditors are not Authenticators
Auditors Not Trained
Limited or No Experience
Over Reliance on Client Representations.
Lack of awareness or failure to recognize that
an observed condition may indicate a material
fraud.
Personal Relationships with Clients.
Fraud Triangle
Incentives/Pressures
Opportunities
Attitudes/Rationalization
1-31
Fraud Elements
Motivation
Opportunity
Rationalization
High
Risk
Source: W.Hillison, D. Sinason, and C. Pacini, “The Role of the Internal Auditor in Implementing SAS 82,”
Corporate Controller, July/August 1998, page 20.
6-31
1-32
Motive
Some kind of pressure a person experiences and believes
unshareable with friends and confidants

Actual or perceived need for money (Economic motive)

“Habitual criminal” who steals for the sake of stealing
(Psychotic motive)

Committing fraud for personal prestige (Egocentric motive)

Cause is morally superior, justified in making others victims
(Ideological motive)
6-32
Fraud Triangle Needs/Situational
‘Red Flags”
High Personal Debts
Lives Beyond Means
Excessive Investment Speculation
Excessive Gambling
Substance Abuse
Extra-marital Affairs
Job Frustration
Resentment of Superiors
Corporate Expectations for Performance
Fraud Triangle
Opportunity “Red Flags”
Inadequate Internal Controls
Too “cozy” with suppliers
Annual vacations or sick days not taken
Weak management or excessive turnover
Ineffective or no internal audit unit
No rotation of job duties among employees
Procedures not well understood/ always in a “crisis
mode”
Fraud Triangle
More Opportunity “Red Flags”
Poor physical safeguards over cash, investments,
inventory, or fixed assets
Large amounts of cash on hand or processed
Inventory that is small, high-value, or high in demand
Easily convertible assets (e.g. computer chips)
Fixed asset characteristics such as small size,
marketability, or lack of ownership identification
1-36
Rationalization
People do things that are contrary to their personal beliefs – outside their normal
behavior – they provide an argument to make the action seem like it is in line
with their moral and ethical beliefs.
I need it more than the other person.
I’m borrowing the money and will pay it back
Everybody does it
The company is big and will never miss it
Nobody will get hurt
I am underpaid, so this is due compensation
I need to maintain a lifestyle and image.
SAS 99, "Fraud Detection in a
Financial Statement Audit"
Requires auditors to search for risk factors related to fraud
If risk factors are present, auditor needs to modify audit to



Actively search for fraud
Require more substantive audit evidence
In some cases, assign forensic (fraud) auditors to the
engagement
Emphasizes Professional Skepticism
1-38
Considering the Risk of Fraud (SAS 99)
Staff discussion
Obtain information
needed to identify risks
Identify and
assess risks
Respond to
risk assessment
Evaluate audit
evidence
Communicate and
document
Step 1: Audit Team Brainstorming
Designed to:

Allow experienced auditors to educate less experienced auditors

Set the proper level of professional skepticism for the audit
Topics covered:

How fraud can be perpetrated and concealed

Presume fraud in revenue recognition

Incentives, opportunities, and rationalization for fraud

Industry conditions

Operating characteristics and financial stability
1-40
Step 2: Obtain Information to
Identify Risks
Inquiries




Management
Audit Committee
Internal Auditors
Others
Planning Analytical Procedures





Net income to cash flows (total accruals to total assets)
Days sales in receivables
Gross margin
Asset quality index (non current assets- p,p&e to total
assets)
Sales growth index
3-40
1-41
Step 3a: Identify Risk Factors Related
to Fraudulent Financial Reporting
Management’s Characteristics and
Influence
Industry Conditions
Operating Characteristics and Financial
Stability
Management’s Characteristics
and Influence






Motivation to engage in fraudulent reporting
A failure to display an appropriate attitude
about internal control and financial reporting.
Nonfinancial management excessive
participation in selection of accounting
principles or determination of estimates
High turnover of senior management
Strained relationship with auditor
Known history of violations
1-42
1-43
Risk Factors: Industry Conditions

Company profits lag the industry.

New requirements are passed that could impair stability or
profitability

The company’s market is saturated due to fierce competition

The company’s industry is declining

The company’s industry is changing rapidly.
3-43
1-44
Risk Factors: Operating
Characteristics








A weak internal control environment prevails.
The company is not able to generate sufficient cash flows to
ensure that it is a going concern.
There is pressure to obtain capital.
The company operates in a tax haven jurisdiction.
The company has many difficult accounting measurement and
presentation issues.
The company has significant transactions or balances that are
difficult to audit.
The company has significant and unusual related-party
transactions.
Company accounting personnel are lax or inexperienced in
their duties.
3-44
1-45
Step 3b: Assess Fraud Risks
Type
Significance
Likelihood
Pervasiveness
Assess Controls and Programs
Required Risk Assessments
Presume that improper revenue recognition is a
fraud risk.
Identify risks of management override of
controls
 Examine journal entries and other
adjustments.
 Review accounting estimates for biases.
 Evaluate business rationale for significant
unusual transactions.
1-46
Analytical Indicators of Fraud Risk
Key analytical factors the auditor should develop include:









Large revenue increase at the end of the period
Sales increasing faster than industry sales which don't seem
justified
Unusually large increase in gross margin
Large number of sales returns after year-end
Increase in number of day's sales in receivables
Increase in number of day's sales in inventory
Significant increase in debt/equity ratio
Cash flow or liquidity problems
Significant changes in non-financial performance measures
Relate Internal Control and
Fraud Risk
Internal control weaknesses are a strong indicator of fraud risk
The auditor should examine a variety of control areas including:

Corporate governance

Management control and influence

Audit committee

Corporate culture

Internal auditing

Monitoring controls

Whistle blowing

Codes of ethics

Related party transactions
1-49
Step 4: Respond to Assessed Risks
Effect on audit.
 Assignment of Personnel
 Choice of Accounting Principles
 Predictability of Auditing Procedures
 Examination of Journal Entries and other
Adjustments
 Retrospective Review of Prior Year Accounting
Estimates
 Extended procedures
1-50
Extended Procedures








Count the petty cash twice in
one day.
Investigate suppliers/vendors.
Investigate customers.
Examine endorsements on
canceled checks.
Add up the accounts receivable
summary.
Audit general journal entries.
Match payroll to life and
medical insurance deductions.
Match payroll to social security
numbers.










Match payroll with addresses.
Retrieve customer checks.
Use marked coins and currency.
Measure deposit lag time.
Examine documents.
Inquire, ask questions.
Covert surveillance.
Horizontal and vertical analysis.
Net worth analysis.
Expenditure analysis.
1-51
Step 5: Evaluate Audit Evidence
Discrepancies in the accounting records.
 Conflicting or missing evidential matter.
 Problematic or unusual relationships between
the auditor and management.
 Results from substantive of final review stage
analytical procedures.
 Vague, implausible or inconsistent responses to
inquiries.

Responding to Misstatements that
May be the Result of Fraud
When fraud is suspected,
the auditor gathers
additional information
to determine whether
fraud actually exists.
1-53
Step 6:Communicate Fraud
Matters
SAS 99—Evidence Fraud May Exist --Appropriate Level of Management
Sarbanes Oxley --- Significant Deficiencies
to Board of Directors
1-54
Step 7: Audit Documentation of
Fraud
Nature of Communications
Discussion
Results
Specific risks
Procedures
Other conditions
Reasons
Forensic Accounting
Forensic accounting is an extension of auditing, but with a number
of differences:








Detailed investigation where fraud has been identified or is
suspected
Focuses on identifying perpetrators and getting a confession
Builds support for legal action against the perpetrator
May provide litigation support such as expert testimony
Extensive use of interviews
100% examination of fraud-related documents
Reconstruction of account balances
Broader scope than auditing