This article lays down the ideal approach to be followed by Auditors for identification of fraud and assessment of its Impact on making an opinion on the financial statements audited. Specifically, how SA 315 & SA 330 can be applied to fulfil the objective of this standard is also touched upon in this write.
SA 240 deals with the auditor’s responsibilities towards frauds in the financial statement audits. It explains how the material misstatements in the financials due to fraud can be identified, assessed and appropriate procedures to detect can be implemented.
Auditor’s objectives with respect to the financial statements misstatements are as follows:
Management – For the purposes of this SA, references to “management” should be read hereafter as “management and, where appropriate, those charged with governance”.
Fraud Risk Factors – Events or conditions that indicate an incentive or pressure to commit fraud or provide an opportunity to commit fraud Eg: Grant of significant bonus when profit targets are not met for a year or Presence of Significant bank accounts in tax-haven countries.
Financial statement misstatements arise from either fraud or error. The difference between fraud and error is that the underlying action in the former is intentional. The auditor can suspect or identify but does not make legal determinations of whether the fraud has actually occurred.
Following are the Auditor’s responsibilities here:
No, Management has the Primary responsibility for the prevention and detection of fraud and not the auditor. Management should take all necessary steps for fraud prevention and deterrence through implementing policies and controls.
Following are the Risk assessment procedures to be followed:
1. To obtain information which is used for risk identification, auditors shall:
2. Auditor to inquire the management, internal audit team and those charged with governance whether any instance of actual or alleged fraud has occurred in the past and obtain their respective views on the risk of fraud.
3. Consider whether any other information obtained indicates the risk of fraud.
4. Evaluate any fraud risk factors are present form the information obtained from the assessment.
5. Identify Unusual or unexpected relationship while performing analytical procedure and evaluate them to assess the risk of material misstatement due to fraud
6. Presume that there will be risks in revenue recognition based on that evaluate transactions
Response to the Assessed Risk of Material Misstatement Due to Fraud Per SA 330, the auditor to determine overall responses to address the assessed risk through:
Audit Procedure Responsive to Risk Related to Management Overrides of Control : In order to mitigate the risk of management override of controls, auditor to design and perform the following Audit procedures:
Auditor to follow these with respect to audit evidence
If the fraudulent misstatement encounters auditor from continuing the audit, then the auditor shall withdraw from the audit if appropriate and report to the person who made audit appointment.
With regard to SA 240 which list the auditor’s responsibility related to a fraudulent financial statement, reference to Satyam Computer which came to light in 2008 is a good case to analyse. In this case, even cash balances on the financials were not real and income was inflated at a very high rate. If the audit procedures along with professional judgment were properly followed, the manipulated financial statements could have been identified at a much earlier stage. The lesson from this case is the importance to adhere to auditing standards and guidelines.
Effective date: SA 240 is applicable for Audits of financial statements for the period beginning on or after April 1, 2009.