The Auditor and Fraud

Download as pdf or txt
Download as pdf or txt
You are on page 1of 2

IN PRACTICE BY

The Auditor and Fraud Emer Kelly

The Auditor and Fraud


As Auditors where do our responsibilities for the detection of Fraud start
and end? Emer Kelly guides us through the requirements of ISA 240

The risk of fraud in Irish organisations Relating to Fraud in an Audit of Financial


whether small or large, privately or publicly Statements. This standard looks at the role
funded, increased during the financial of the auditor with regard to misstatements
crisis as businesses and employees arising from both fraud and error. Emer Kelly is Quality
faced ever increasing pressures to post Assurance Manager at
stronger results. The impact of fraud on It is important to note that the primary CPA Ireland and  conducts
financial statements can be extensive - responsibility for the prevention and quality assurance reviews
manipulation of sales figures, unrecorded detection of fraud rests with those charged throughout Ireland. In her
liabilities or over-zealous valuations of with governance and management. role she has also lectured
assets can seriously distort the true and on auditing, accounting
fair view of financial statements. However the auditor has a secondary and company law matters.
responsibility and is responsible for
While this may sound like the narrative of obtaining reasonable assurance that the
scandalous business headlines, fraud can financial statements taken as a whole are
be found in all business types and sizes, free from material misstatement whether
from the corner shop to those entities with caused by fraud or error.
complex revenue recognition policies. Fraud
can come in all guises, from employee fraud ISA 240 requires the auditor to plan and
and cyber crime to financial statement fraud. perform the statutory audit with a view to
ensuring that reasonable assurance can be
Fraud may involve sophisticated and given that the financial statements show a
carefully organized schemes designed true and fair view.
to conceal it, such as forgery, deliberate
failure to record transactions, or intentional It is essential that the auditor is focused
misrepresentations being made to the and robust in their design of tests
auditor. Such attempts at concealment regardless of the size and nature of the
may be even more difficult to detect when client and the audit file must clearly
accompanied by collusion. document this focus.

Two types of intentional misstatements The Financial Reporting Council published in


in the financial statements are relevant January 2014 a thematic review in relation
to the auditor – misstatements resulting to “Fraud risks and laws and regulations”. The
from fraudulent financial reporting scope of the project, conducted by the audit
and misstatements resulting from quality review team, was to review the audit
misappropriation of assets and audit tests methodology, guidance and training provided
should be designed to take both into account. by the six largest audit firms in the United
Kingdom to staff in respect of fraud risks and
The role of the auditor consideration of laws and regulation. The
following key messages were identified by the
So where does this leave the role of the Financial Reporting Council and lessons can
statutory auditor and very importantly be drawn from this for audit firms of all sizes;
how should the auditor respond when
faced with the uncovering of fraud in an a. An increased focus to be placed upon
organisation? identifying fraud risk factors and the
risks of material misstatement in both
No longer the mere watchdog, the role of planning and conduct of the engagement
the auditor to be vigilant to the possibility b. Tailoring of assessment of fraud
of fraud is clearly set out in ISA 240 (UK risks and audit procedures to the
and Ireland), The Auditor’s Responsibilities circumstances of the audited entity

 Continued on Page 39

ACCOUNTANCY PLUS. ISSUE 01. MARCH 2016 90 YEARS OF CPA 39


IN PRACTICE BY
The Auditor and Fraud Emer Kelly

 Continued from Page 39

c. Fraud risks should always be identified as The auditor will consider how susceptible the Written Representations
significant risks, resulting from this the financial statements are to misstatement The auditor must ensure that the letter
auditor should evaluate the design and due to fraud and will design their tests of representation includes a number of
implementation of the entity’s internal accordingly. Knowledge of the client from representations regarding fraud, including;
controls to detect and prevent fraud, previous years and the assessment of the
where such risks are identified controls operated by the entity will inform • The acknowledgment by management
d. Auditors should exercise greater how these tests will be designed. of their responsibility for the design,
professional scepticism in identifying and implementation and maintenance of a
addressing fraud risks For example in the audit of a client with system of internal control to prevent and
charitable status tests may be designed to detect fraud.
Professional Scepticism take account of: • Confirmation that they have disclosed to
the auditor their knowledge of fraud or
The auditor is responsible for maintaining • Widespread branches or operations suspected fraud involving management,
professional scepticism throughout • Reliance on volunteers and staff with employees and others.
the audit, considering the potential for limited management or supervision and • Confirmation that they have disclosed
management override of controls and lack of segregation and rotation of duties their knowledge of any allegations of
recognizing the fact that audit procedures • Informal controls around the finance fraud or suspected fraud.
that are effective for detecting error may function
not be effective in detecting fraud. • High level of transactions in cash Communication of Findings
• Unpredictable patterns of receipts
The requirement to maintain professional Where the auditor has identified a fraud
scepticism should be highlighted with the Design of Tests or has obtained information that indicates
engagement team and documented in the that a fraud may exist, the auditor must
engagement team meeting memorandum. Tests identified may serve a dual purpose communicate these matters on a timely basis
This is essential to the training culture –they may prove an audit assertion and to the appropriate level of management.
within the firm. may also give some comfort over the
susceptibility of the entity to fraud. The audit The auditor must be mindful of the offence
ISA 240 - Objectives file should set out clearly both objectives. of tipping off under S.49 of the Criminal
Justice (Money Laundering and Terrorist
The objectives of the auditor are: Such tests could include for the example Financing) Act 2010 as amended by the
already given of a client with charitable status: Criminal Justice Act 2013.
a. To identify and assess the risks of
material misstatement of the financial • Request a copy of returned paid cheques Reporting Obligations
statements due to fraud; • Test appropriateness of journal entries
b. To obtain sufficient appropriate audit recorded and other adjustments made The auditor must consider very carefully
evidence regarding the assessed risks • Confirming specific terms of contract the myriad of reporting responsibilities
of material misstatement due to fraud, especially with related parties. that exist where a fraud is uncovered.
through designing and implementing • Obtain employment contracts and match The following legislation provides many
appropriate responses; and gross pay to payslips. complexities to be considered by the auditor.
c. To respond appropriately to fraud or
suspected fraud identified during the audit. It is advisable to incorporate unpredictability • Companies Act 2014 – requirement to
testing into audit tests – include some low report Category 1 and 2 offences to the
The consideration of fraud should cover the value items in all samples chosen. Director of Corporate Reporting.
following types: • Criminal Justice (Money Laundering and
Revenue Recognition Terrorist Financing) Act 2010 to 2013
• Fraudulent financial reporting • Criminal Justice Act 2011
• Misappropriation of assets When identifying and assessing the risks • Criminal Justice (Theft and Fraud
• Management override of controls of material misstatement due to fraud, Offences) Act 2001
the auditor shall, based on a presumption • S.1079 of the Taxes Consolidation Act
Audit Planning that there are risks of fraud in revenue 1997
recognition, evaluate which types of
The consideration and assessment of the revenue, revenue transactions or assertions In conclusion, the consideration of fraud
risks of material misstatements due to fraud give rise to such risks. Where the auditor during the course of the audit is fraught
should be woven into all stages of the audit concludes that such a presumption is not with difficulty and requires the auditor to
with the identification and designing of tests applicable the audit file must outline the carefully plan and perform the engagement.
to be laid out at the initial planning stage. reasons for that conclusion. There may be instances where legal advice
may be required by the auditor.

40 90 YEARS OF CPA ACCOUNTANCY PLUS. ISSUE 01. MARCH 2016

You might also like