Auditors' Responsibilities Regarding Fraud

Major scandals that have affected the accounting profession in recent times have usually been as a result of fraud. Therefore, in order to maintain confidence in the profession it is important for auditors and directors to understand their role in the prevention and detection of fraud.

ISA 240 the Auditor's Responsibilities Relating to Fraud in an Audit of Financial Statements recognises that misstatement in the financial statements can arise from either fraud or error. The distinguishing factor is whether the underlying action that resulted in the misstatement was intentional or unintentional.

It is important to note that fraud is a criminal activity. It is not the role of an auditor to determine whether fraud has actually occurred. That is the responsibility of a country's legal system. Auditors must be aware of the impact of both fraud and error on the accuracy of the financial statements.

Fraud can be further split into two types:

• fraudulent financial reporting - deliberately misstating the accounts to make the company look better/worse than it actually is
• misappropriation of assets - the theft of the company's assets such as cash or inventory.

The external auditor's responsibilities

The external auditor is responsible for obtaining reasonable assurance that the financial statements, taken as a whole, are free from material misstatement, whether caused by fraud or error. Therefore, the external auditor has some responsibility for considering the risk of material misstatement due to fraud.

In order to achieve this auditors must maintain an attitude of professional scepticism. This means that the auditor must recognise the possibility that a material misstatement due to fraud could occur, regardless of the auditor's prior experience of the client's integrity and honesty.

ISA 315 Identifying and Assessing the Risks of Material Misstatement Through Understanding the Entity and Its Environment goes further than this general concept and requires that engagement teams discuss the susceptibility of their clients to fraud. The engagement team should also obtain information for use in identifying the risk of fraud when performing risk assessment procedures.

To be able to make such an assessment auditors must identify, through enquiry, how management assesses and responds to the risk of fraud. The auditor must also enquire of management, internal auditors and those charged with governance if they are aware of any actual or suspected fraudulent activity.

Despite these requirements, owing to the inherent limitations of an audit, there is an unavoidable risk that some material misstatements may not be detected, even when the audit is planned and performed in accordance with ISAs. The risks in respect of fraud are higher than those for error because fraud may involve sophisticated and carefully organised schemes designed to conceal it.

Reporting fraud

If the auditor identifies a fraud they should communicate the matter on a timely basis to the appropriate level of management (i.e. those with the primary responsibility for prevention and detection of fraud). If the suspected fraud involves management the auditor shall communicate such matters to those charged with governance. If the auditor has doubts about the integrity of those charged with governance they should seek legal advice regarding an appropriate course of action.

In addition to these responsibilities the auditor must also consider whether they have a responsibility to report the occurrence of a suspicion to a party outside the entity. Whilst the auditor does have an ethical duty to maintain confidentiality, it is likely that any legal responsibility will take precedent. In these circumstances it is advisable to seek legal advice.

Directors' responsibilities

The directors have a primary responsibility for the prevention and detection of fraud. By implementing an effective system of internal control they should reduce the possibility of undetected fraud occurring to a minimum.

The directors should be aware of the potential for fraud and this should feature as an element of their risk assessment and corporate governance procedures. The audit committee should review these procedures to ensure that they are in place and working effectively. This will normally be done in conjunction with the internal auditors.

Internal auditors may be given an assignment:

• to assess the likelihood of fraud, or if a fraud has been discovered,
• to assess its consequences and
• to make recommendations for prevention in the future.

Audit procedures

As well as adopting an attitude of professional scepticism the auditor is required to perform the following procedures in light of the risk of fraud:

• Discussion amongst the engagement team regarding the susceptibility of the client to fraud;
• Consider the risk of fraud when documenting and testing internal controls;
• Enquiring of management how they: assess the risk of fraud; and identify and respond to the risks of fraud;
• Enquiring of management whether they have any knowledge of actual or suspected frauds;
• Enquiring of internal audit whether they have any knowledge of actual or suspected frauds;
• Enquiring of those charged with governance how they exercise oversight of management's process for identifying and responding to the risk of fraud; and
• Enquiring of those charged with governance whether they have any knowledge of actual or suspected frauds;

Rating :	Ratings & Comments  (Click the stars to rate the page)

Tags:	fraud;professional scepticism;Internal audit