case 6

Chapter5PowerPointslides-1.pptx

Home >Business & Finance homework help >Accounting homework help >case 6

Fraud in Financial Statements and Auditor Responsibilities

Chapter 05

© 2023 McGraw Hill, LLC. All rights reserved. Authorized only for instructor use in the classroom. No reproduction or further distribution permitted without the prior written consent of McGraw Hill, LLC.

Because learning changes everything.®

Learning Objectives

L O 5-1: Distinguish between audit requirements for errors, fraud, and illegal acts.

L O 5-2: Explain the components of the Fraud Triangle and how they are integrated into A U-C 240.

L O 5-3: Describe fraud risk assessment procedures and red flags which might indicate that an individual may be committing fraud, or susceptible to it.

L O 5-4: Describe the responsibilities of the External Auditor, Board of Directors, and Company Management in regard to internal controls over financial reporting (I C F R).

L O 5-5: Explain the standards for audit reports.

Ethics Insight

The P C A O B has expressed significant concern over audit quality.

Audit Quality relies on Integrity, Objectivity, Professional Skepticism, Due Care and Independence.

Concerns found in:

Auditing of internal control over financial reporting.

Assessing and responding to risks of material misstatements.

Performing audit sampling procedures.

Auditing of estimates.

Auditing fair value measurements and disclosures.

P C A O B Recommendations for Auditors

Recommendation	Description	Result
Interactive meetings/coaching workshops	Engagement Team, often tied to audit milestones	Identifying how financials might be materially misstated Identifying risks of material misstatement
Early involvement of engagement quality reviewer (E Q R)	From audit planning stage forward	May result in in early identification of potential or actual audit challenges
Narrative descriptions of quality control	Firms created narratives of their quality control process or prepared process flow maps of them	Used to monitor engagement performance and enhance the audit effectiveness
Increased partner involvement in planning of audit tests and controls	Engagement team leadership held planning meetings with whole engagement team	Discussions and robust risk assessment procedures improve staff ability to analyze effectiveness of controls
Use of firm specialists during audit planning to assist in risk assessment	Early involvement of specialists during audit planning stage	Enhances the ability of auditors to more effectively identify and assess risks of material misstatement
Implementing coaching programs and refining audit tools for specific audit areas	Targeting areas where the firms have had audit deficiencies in the past	Noted improvement in the auditing of estimates at firms that implemented these programs

Chapter Roadmap Consider the following questions as you read the chapter

What are the auditor’s responsibilities to assess the risks of material misstatement of the financial statements, whether due to error or fraud?

What is the fraud triangle and how does it help to identify red flags that are indicators fraud may exist?

What are the most common causes of financial statement fraud and how can internal controls over financial reporting and the audit firms’ quality controls keep them in check?

What information is communicated by the audit report?

Learning Objective 1

Distinguish between audit requirements for errors, fraud, and illegal acts.

Fraud in Financial Statements

The primary responsibility for the prevention and detection of fraud rests with both those charged with governance of the entity and management.

An auditor conducting an audit in accordance with generally accepted auditing standards is responsible for obtaining reasonable assurance that the financial statements as a whole are free from material misstatements, whether by fraud or error.

An unavoidable risk exists that some material misstatements of the financial statements may not be detected, even though the audit was conducted in accordance with G A A S.

When the financial statements are materially misstated, the auditor should not give an unmodified or unqualified opinion but should modify the opinion as either qualified or adverse opinion.

Fraudulent Financial Reporting

Involves either intentional misstatements or omissions of amounts or disclosures in order to deceive financial statement users.

Deception – manipulation, falsification or alteration of accounting records or supporting documents.

Misrepresentation in, or intentional omission from, events, transactions, or other significant information.

Intentional misapplication of accounting principles.

Nature and Causes of Misstatements

Deception such as manipulation, falsification, or altering of accounting records.

Misrepresentation of a financial statement disclosure that is not presented in conformity with G A A P or is intentionally omitted.

Intentional misapplication of accounting principles relating to measurement, recognition, classification, presentation or disclosure.

Error, Fraud, and Illegal Acts

Error

Unintentional mistakes in math, application of G A A P, or omission of information.

Fraud

Deliberate decision made to deceive others through.

Fraudulent financial reporting.

Misappropriation of assets.

Illegal Acts

Violations of laws or regulations.

Bribery.

Exhibit 5.1 Auditors Responsibility to Detect Errors, Illegal Acts and Fraud

	Responsible for Detection for Material	Responsible for Detection for Immaterial	Required to Communicate Findings for Material	Required to Communicate Findings for Immaterial
Errors	Yes	No	Yes (audit committee)	No
Illegal acts	Yes (direct effect)	No	Yes (audit committee)	Yes (one level above)
Fraud	Yes	No	Yes (audit committee)	Yes (by low-level employee, to one level above) (by management-level employee, to audit committee)

Private Securities Litigation Reform Act (P S L R A)

Additional requirements upon public companies and their auditors when:

The illegal act has a material effect on financial statements.

Senior management and the board have not taken appropriate remedial action.

Failure to take remedial action may warrant departure from a standard audit report (or resignation of auditors).

When illegal act has material effect on the financial statements.

Auditors must report act to the client.

Client must inform Board of Directors which has one day to inform the S E C.

If client does not inform the S E C.

Auditors must furnish the report to the S E C within one day.

Or resign from the engagement within one day.

Ethical obligation of confidentiality is waived.

Learning Objective 2

Explain the components of the Fraud Triangle and how they are integrated into A U-C 240.

Questions for Consideration

What is the fraud triangle and how does it identify red flag indicators of fraud?

What are the auditor’s responsibilities to detect and report fraud?

What is the role of internal controls and risk assessment in preventing and detecting fraud?

What information is communicated by the audit report?

The Fraud Triangle 1

Integrated into A U-C Section 240: Consideration for Fraud in a Financial Statement Audit.

Three conditions are generally present when fraud occurs:

Incentives/Pressures to Commit Fraud.

Opportunity.

Rationalization/Justification.

The Fraud Triangle 2

Exhibit 5-2

The Fraud Triangle 3

Incentives/Pressures to Commit Fraud.

Financial stability or profitability is threatened.

Excessive pressure for management to meet the requirements or expectations of third parties.

Self-serving incentives such as bonuses or promotion.

Personal financial situation of management or those charged with governance is threatened by the entity’s financial performance.

Financial Stability or Profitability is Threatened by Economic, Industry, or Entity Operating Conditions

Potential Red Flags to Look for:

High degree of competition or market saturation, accompanied by declining margins.

High vulnerability to rapid changes, such as changes in technology, product obsolescence, or interest rates.

Significant declines in customer demand and increasing business failures in either the industry or overall economy.

Operating losses suggesting going concern issues.

Recurring negative cash flows from operations while reporting earnings growth.

Rapid growth or unusual profitability, especially compared to that of other companies in the same industry.

Excessive Pressure for Management to Meet the Requirements or Expectations of Third Parties

Potential Red Flags to Look for:

Aggressive or unrealistic profitability or trend level expectations (whether internally or externally generated).

Need to obtain additional debt or equity financing to stay competitive.

Challenges meeting exchange listing requirements or debt repayment/debt covenants.

Perceived or real adverse effects of reporting poor financial results on significant pending transactions.

Pressure for management to meet the expectations of legislative or oversight bodies.

Personal Financial Situation of Management or Those Charged with Governance is Threatened by the Entity’s Financial Performance

Potential Red Flags to Look for:

Significant financial interests in the entity.

Significant portions of their compensation (for example, bonuses, stock options, and earn-out arrangements) tied to achieving aggressive targets for stock price, operating results, financial position, or cash flow.

Personal guarantees of debts of the entity.

The Fraud Triangle 4

Opportunities to Commit Fraud

Nature of the industry or entity’s operations.

Significant operations located or conducted across jurisdictional borders where differing business environments exist.

The monitoring of management is not effective.

The organizational structure is complex or unstable.

Internal control components are deficient.

The Nature of the Industry or the Entity’s Operations

Potential Red Flags to Look for:

Related party transactions that are also significant unusual transactions.

Significant transactions with related parties whose financial statements are not audited or are audited by another firm.

Firms to dictate terms or conditions to suppliers or customers that may result in inappropriate or non-arm’s-length transactions.

Assets, liabilities, revenues, or expenses based on significant estimates that involve subjective judgements or uncertainties.

Significant or highly complex transactions or significant unusual transactions, especially those close to period end.

Significant Operations Located or Conducted Across Jurisdictional Borders Where Differing Business Environments and Regulations Exist

Potential Red Flags to Look for:

Use of business intermediaries for which there appears to be no clear business justification.

Significant bank account or subsidiary or branch operations in tax-haven jurisdictions.

Contractual arrangements lacking a business purpose.

The Monitoring of Management is Not Effective

Potential Red Flags to Look for:

Domination of management by a single person or small group.

Oversight by those charged with governance over the financial reporting process and internal control.

The exertion of dominant influence by or over a related party.

The Organizational Structure is Complex or Unstable

Potential Red Flags to Look for:

Difficulty in determining the organization or individuals that have controlling interest in the entity.

Overly complex organizational structure involving unusual legal entities or managerial lines of authority.

High turnover of senior management, legal counsel, or those charged with governance.

Internal Control Components are Deficient

Potential Red Flags to Look for:

Inadequate monitoring of controls.

High turnover rates or employment of staff in accounting, I T, or internal audit.

Accounting and information systems that are not effective Material Internal Control Weaknesses.

The Fraud Triangle 5

Rationalizations/Attitudes to Justify Fraud.

Poor Tone at the Top.

Management Interest in Accounting.

A Strained Relationship between management and the current or predecessor Auditor.

Poor Tone at the Top

Potential Red Flags to Look for:

Poor communication, implementation, support, or enforcement of the entity's values or ethical standards by management.

Communication of inappropriate values Ineffective ethical standards.

Known history/claims of violations of securities or other laws or regulations.

Low morale among senior management.

The owner-manager makes no distinction between personal and business transactions.

Dispute between shareholders in a closely held entity.

Management Interest in Accounting

Potential Red Flags to Look for:

Nonfinancial management's excessive participation in/preoccupation with the selection of accounting policies or the determination of estimates.

Excessive interest by management in maintaining or increasing the entity's stock price or earnings trend.

Commitment to analysts, creditors, and other third parties to achieve aggressive or unrealistic forecasts.

Management trying to justify marginal or inappropriate accounting based on materiality.

Management failing to remedy known internal control deficiencies or material weaknesses.

A Strained Relationship Between Management and the Current or Predecessor Auditor

Potential Red Flags to Look for:

Frequent disputes with the current or predecessor auditor.

Unreasonable demands on the auditor regarding the completion of the audit or issuance of the auditor's report.

Restrictions on the auditor access to people or information.

Management attempting to influence audit scope.

Learning Objective 3

Describe fraud risk assessment procedures and red flags which might indicate that an individual may be committing fraud, or susceptible to it.

Fraud Risk Assessment

A U-C240 requires the auditor to evaluate risk assessment during the audit.

Evaluation of evidence about the potential client before accepting engagement.

Communication with predecessor auditor.

Reasons for firing or the reasons for no longer servicing client.

Management’s and key accounting personnel’s integrity.

Disagreement with management over accounting principles.

Make inquiries about the risks of fraud and how they are addressed.

Consider any unusual or unexpected relationships.

Consider whether one or more fraud risk factors exist.

Consider other information.

Approach each engagement with a healthy dose of skepticism.

Assessing Management: Red Flags

Is there a Dark Triad Personality Risk?

Narcissism.

Obsessed with power, prestige and vanity.

Mentally unable to see the damage they cause.

Might drive unethical decisions to seek needed praise.

Machiavellianism.

Calculating and funny.

Use charm, friendliness, self-disclosure and guilt and bullying to get what they want.

If they want to cook the books, then staff may go along.

Psychopathy.

Exude confidence, impressive and charming.

Often thought of as sociopaths and are controlling, manipulative and master liars.

Lack empathy and remorse for wrongdoing.

Learning Objective 4

Describe the responsibilities of the External Auditor, Board of Directors, and Company Management in regard to internal controls over financial reporting (I C F R).

Internal Control Over Financial Reporting (I C F R)

SOX 404 requires registered accounting firms to assess the effectiveness of internal controls.

ICFR related deficiencies include:

Testing the design of controls or effectiveness.

Application of the top-down risk-based approach.

Identifying technology risks.

Performing extensive testing of the work done by third parties in high risk areas.

Evaluating identified control deficiencies.

Internal Controls Over Financial Reporting

The risk that internal controls will not help prevent or detect a material misstatement is a critical evaluation to provide reasonable assurance.

Components of internal control under the C O S O framework.

Control environment.

Risk assessment.

Control activities.

Monitoring.

Information and communication.

Attention should be focused on areas of highest risk that a material weakness could exist in a particular area of the company’s internal control over financial reporting.

Medicis Pharmaceutical Case

Issued materially misstated financial statements from 2003 to 2007.

E&Y Audit failed to follow P C A O B standards.

Failed to follow G A A S.

Relied on management representations.

Developed alternative accounting methods.

Failed to act on its own A Q R and correct deficiencies.

Issued an unqualified opinion.

P C A O B censured E&Y and imposed $2M in penalties.

Enterprise Risk Management – Integrated Framework

Internal control enhanced with corporate governance and risk management.

Aligning risk appetite and strategy.

Enhancing risk response decisions.

Reducing operational surprises and losses.

Identifying and managing multiple and cross-enterprise risks.

Seizing opportunities.

Improving deployment of capital.

C O S O Guidance on Monitoring Internal Control Systems

Management should monitor controls to determine whether they are operating effectively and the need for redesign when risks change.

Effective monitoring involves.

Establishing a baseline for control effectiveness.

Designing and executing monitoring procedures that are based on the significance of business risks relative to the entity’s objectives.

Assessing and reporting results, including follow-up on corrective actions.

Framework adopts the position that management should determine its risk appetite and align it with strategic objectives.

E R M seems to place emphasis in the wrong areas by focusing on risk appetite.

Emphasis needed on the ethical dimensions of making strategic decisions.

Audit Committee Responsibilities for Fraud Risk Assessment

Audit Committee should.

Evaluate management’s identification of fraud risks.

Implementation of antifraud measures.

Creation of the appropriate tone at the top.

Active oversight by the audit committee can help reinforce management’s commitment to create a culture with “zero tolerance” for fraud.

Audit committee’s evaluation and oversight can serve as a deterrent to senior management engaging in fraudulent activity.

Audit committee should encourage management to provide a mechanism for employees to report concerns about unethical behavior, suspected fraud, or violations of ethical codes or policies.

Auditor’s Communication with Those Charged with Governance

A U-C 240 requires communication by auditors of evidence of fraud to appropriate level of management, even inconsequential or minor misappropriation.

Fraud that causes a material misstatement should be reported directly to those charged with governance.

Good governance principles suggest that.

The auditor has access to the audit committee as necessary.

The chair of the audit committee meet with the auditor periodically.

The audit committee meets with the auditor without management at least annually.

Auditors should communicate about accounting estimates.

Nature of significant assumptions/degree of subjectivity/relative materiality.

Communicate to management/those charged with governance risks due to fraud that have continuing control implications.

Management Representations and Financial Statement Certifications

Management responsible for preventing and detecting fraud.

Management can override internal controls and create deceptive accounting.

Management representation letters from C E O, C F O, and other appropriate officers (Section 302 of S O X).

Provides access to all known information bearing on fair presentation of financial statements.

Confirms that management has performed an assessment of effectiveness of internal control over financial reporting.

Concludes that effective internal controls have been maintained.

Discloses any deficiencies in the design or operation of internal controls.

Learning Objective 5

Explain the standards for audit reports.

Audit Reports and Auditing Standards

Since 19 26, the New York Stock Exchange has required an auditor’s report.

The Securities Exchange Act of 19 34 requires all public companies to have an independent auditor’s report in annual financial statements.

The P C A O B oversees public companies’ audits since S O X in 2002.

The A I C P A Auditing Standards Board (A S B) oversees the audits of nonpublic companies.

Independent auditors express or disclaim an opinion on whether an entity’s financial statements and related disclosures are presented in accordance with G A A P.

P C A O B AS 1301 Communications with Audit Committee

Audit Committee should be aware of situations that may effect the audit.

Significant accounting policies and practices.

Critical accounting policies and practices.

Critical accounting estimates.

Significant unusual transactions.

Quality of the company’s financial reporting.

Disagreements with management.

Significant difficulties encountered during the audit.

P C A O B AS 3101 When Auditor Expresses and Unqualified Opinion

P C A O B rules for communicating Critical Audit Matters.

Auditor’s assessment of risks of misstatement.

The degree of auditor judgment.

The nature and timing of unusual transactions.

The degree of auditor subjectivity in applying audit procedures.

The nature and extent of audit effort to address the matter.

The nature of the audit evidence obtained.

Unmodified or Unqualified Audit Opinions

Financial statements “present fairly”

Financial position.

Results of operations.

Cash flows.

Stockholders’ Equity.

Optional additional paragraph.

Emphasis-of-matter.

Going concern.

Consistent application of accounting principles.

Litigation uncertainty.

Other-matter.

Supplemental information.

Modified or Qualified Audit Opinions

Modifies the audit when.

Based upon evidence financial statements are materially misstated, or.

Unable to obtain sufficient appropriate evidence.

Qualified.

Concludes misstatements, individually or in the aggregate, are material but not pervasive to the financial statements, or.

Unable to obtain sufficient appropriate audit evidence; possible effect on financial statements could be material but not pervasive.

Adverse.

Concludes that misstatements, individually or in the aggregate, are material and pervasive.

Basis for Modifications.

Separate paragraph describes matter giving rise to modification.

Placed immediately before the opinion paragraph.

Titled “Basis for (Qualified, Adverse, Disclaimer) Opinion”.

Disclaimer/Withdrawal from the Engagement

Disclaimer.

Unable to gather sufficient evidence to warrant the expression of an opinion on the statements as a whole.

Withdrawal.

If significant conflict exists with management or the auditor decides that management cannot be trusted, then a withdrawal may be justified.

Trust issues are a matter of ethics.

The auditor must consider whether the breakdown between management and the auditor has advanced to the point that any and all information provided by the client is suspect.

Withdrawal triggers the filing of the S E C’s 8-K form by management.

Limitations of the Audit Report Reasonable Assurance

Reasonable Assurance.

Due care.

Relation of independence and client relationships.

Not an absolute guarantee.

Followed G A A S, gathering sufficient competent evidential matter.

Failure to follow G A A S: allegation of negligence.

Limitations of the Audit Report Materiality

Magnitude of an omission or misstatement of accounting information that the judgment of reasonable person relying on the information would have been changed or influenced by the omission or misstatement.

Judging Materiality.

Staff Accounting Bulletin (S A B 99) may not rely solely on a quantitative threshold as a “rule of thumb”.

5% is a common materiality test.

S E C wants qualitative matters to be considered as well.

Unintended consequence of materiality is that it is subject to manipulation.

Limitations of the Audit Report Present Fairly

Auditor’s assessment of fair presentation depends on whether:

Accounting principles used have general acceptance.

Accounting principles are appropriate.

Financial statements are informative.

Information presented is classified and summarized in a reasonable manner.

Financial statements reflect the underlying transactions and events in a manner that is consistent with materiality and reflects economic substance.

Generally Accepted Auditing Standards (G A A S) 1

Auditing standards provide a measure of audit quality and the objectives to be achieved in an audit.

Auditing standards differ from auditing procedures because the procedures are steps taken by the auditor during the course of the audit to comply with G A A S.

The application of auditing standards entails making judgments with regard to the nature of audit evidence, sufficiency, competency, and reliability.

Materiality considerations are important to assess whether the audit opinion should be modified.

Generally Accepted Auditing Standards (G A A S) 2

General Standards.

Adequate technical training and proficiency.

Independence in mental attitude.

Due care in the performance of the audit and preparation of the report.

Standards of Field Work.

Adequately plan the audit work and supervise assistants.

Obtain a sufficient understanding of internal control to adequately plan the audit and determine the nature, timing, and extent of tests to be performed.

Gather sufficient competent evidential matter to provide a basis for an opinion.

Standards of Reporting.

The statements have been in conformity with G A A P.

Accounting principles have been consistently applied.

Adequate informative disclosures have been made.

Expression of an opinion on statements taken as a whole, or indication that an opinion cannot be expressed.

Auditing Evidence

Consideration of the competency and sufficiency of evidence.

Management representations are not a substitute for application of proper audit procedures.

Audit risk and materiality considered together.

Determination of nature, timing and extent of procedures.

Evaluation of results of procedures.

Assess risks of material misstatements due to fraud.

Application of professional skepticism.

Audit procedures – specific acts performed to gather evidence about specific assertions.

Professional Skepticism

An important role in gathering audit evidence and evaluating usefulness.

Auditor should exercise professional judgment and skepticism.

Determining the nature, timing, and extent of audit procedures.

Determining the sufficiency, competency, and relevancy of evidence.

Evaluating management’s judgments and estimates.

Considering fraud in the audit.

Determining the conclusions based on the audit evidence obtained.

A state of mind and requires documentation to provide evidence that the audit was planned and performed in accordance with G A A S.

Document the thought process, alternative views considered, judgments made, audit evidence gathered, and support for final conclusion.

Document challenges to management’s views and assumptions.

Document the basis for unusual, one-time transactions and related business rationale.

Include a complete and comprehensive record of discussions with management.

Document assessments of the reliability of the source of documents.

Document professional skepticism in significant matters.

Concluding Thoughts

Financial statement fraud threatens the foundation of the financial reporting process and jeopardizes the integrity of the auditing function.

Auditors need to be more diligent in looking for signs that fraud exists.

Aggressive judgments by management, such as those in the Medicis Pharmaceutical creates challenges for auditors.

As the audit profession evolves and embraces the use of machine-based learning systems, the profession needs to stay vigilant and be aware that these systems require our expertise, professional judgement and ethics.

High deficiency rates found in P C A O B inspection reports indicate auditors are not meeting their obligations to the public.

case 6

image2.png

image1.png