Fraud: Red Flags and Fraud Detection
Terms in this set (55)
fraud schemes can be committed by or against what?
by the corporation.
Against the corporation
broad categories of fraud:
ONE - fraudulent financial reporting schemes.
TWO - Misappropriation of assets most common fraud against corp
THREE - Revenues and assets obtained by fraud.
FOUR - expenditures and liabilities for an improper purpose
SAS 99 instructs auditors to focus on what two areas of fraud?
A_ fraudulent financial reporting
B- misappropriation of assets
what is corruption?
the use of official authority for private gain
aspects of corruption
A) traditional corruption involves public officials
B) private corruption - breach of fiduciary duty
C) recipients must obtain gain w/o employer's knowledge, or in contradiction to their duty
D) common mechanisms are bribes (paid) and kickbacks (received)
E) can be costly and hardest to detect
specific fraud detection techniques include:
1) analytical procedures
2) unpredictable audit tests
3) observing and inspecting
4) making inquiries
5) conducting interviews
(perform routinely during FS audit)
actions and omissions that give rise to misstatement often...
occur over an extended period
Laying foundations for detection
A understanding the enterprise and the environment in which it operates
B understanding of how the business works and procedures IN dentify business partners, understand corp culture, and org structure)
are fraud risk factors the same as fraud evidence?
no--difficulty in interpreting red flags
interpreting red flags: challenging aspects (5)
-difficult to identify and interpret
- risk not the same as fraud evidence. fraud risk factors may indicate risk of something other than fraud.
-fraud risk factors can be ambiguous and difficult to observe. has to do with state of mind and private lives
-no linear relationship between fraud risk and number of frauds
-fraud risk factors are of limited significance in isolation
to detect fraud there is a need for..
-professional skepticism in consideration of fraud risk
aspects of professional skepticism
-keeping an open mind
-developing a heightened awareness
-making critical assessment of evidence
Importance of professional skepticism
-neutral mindset in conducting audit
-probing questions about possibility of fraud
-probing management about ethical environment
SAS 99 - 3 categories of risk
-incentive and pressure (motive)
-rationalization and attitude
identifying and evaluating risk factors
-consider internal controls
-if placing reliance on a control to mitigate fraud risk, auditors should know management can override them
-identifying and evaluating fraud risk factors is a cumulative process throughout the audit
-engagement leader ensures mechanism is in place withing the audit team fro sharing info concerning fraud risk factors (so info can be brought forward and considered in a broader contexts)
Information gathering: SAS 99 suggests the key sources for the identification of fraud risk factors are:
-inquiries of management and others
-consideration of fraud risks
-other info available within about a specific company
what are the most important questions an auditor should raise with management?
-does management have knowledge of any fraud perpetrated, alleged or suspected that could result in a material misstatement of the entity's financial results?
-regardless of materiality, does management have knowledge of any fraud perpetrated, alleged or suspected?
-has management received any letter from employees or former employees, analysts, short sellers or others concerning allegations of fraud?
-what is management's understanding of the risks of fraud in the company?
what should the auditor do to follow up the previous questions?
-ask management to provide corroborative evidence for its answers to these questions or to indicate how such evidence can be obtained
Information gathering: what questions should the auditor ask the audit committee?
-what are the audit committee's views regarding the risk of fraud?
-is the audit committee aware of any fraud perpetrated, alleged or suspected?
-how does the audit committee exercise oversight over activities concerned with the risks of fraud and the programs and controls established to mitigate risks?
-what is the audit committee's assessment of management's performance in this regard?
what should the auditor do to follow up the previous questions?
seek to corroborate as the did with management
what questions should the auditor ask the internal auditors to assist the audit in assessing effectiveness and independence? (6)
-what are internal audit's view regarding the risk of fraud?
-what specific internal audit procedures have been performed to prevent, deter, and detect fraud?
-what were the results of this work?
-is internal audit aware of any instances of fraud perpetrated, alleged, or suspected?
-has management responded satisfactorily to internal audit findings throughout this year?
-have there been any limitations with respect to what internal audit can review or when or when the review can take place?
questions asked to employees of the organization will be what?
tailored to their knowledge of the organiztion
who else may the company consider interviewing?
the company's general legal counsel for more info
analytical procedures represent what?
one of the most important detection techniques
analytical procedures identify changes in...
-amounts, ratios, trends, relationships..and help identify unusual transactions
analytical procedures are used throughout the audit for 3 primary purposes
1. preliminary analytical procedures are used to develop an understanding of the company and to direct attention to high risk areas in determining the nature, timing, and extent of audit procedures
2. substantive analytical procedures are used to obtain audit evidence to evaluate account balances
3. final analytical procedures are used to asses the propriety of audit conclusions in an overall assessment of the presentation of the financial statement
how do substantive tests relate to fraud?
-analytical procedures that are performed as substantive tests may indicate a previously unrecognized risk of fraud
the more detailed the level of comparison with analytic procedures, the...
more likely unexpected relationships will surface
once the auditor has identified the changes in amounts, ratios, trends, or relationships, the next step is to...
determine whether the changes were expected and, similarly, to determine whether certain changes that were expected but did not occur
Key concepts of SAS 99 (related to analytic procedures)
-evaluation of financial information
-study of plausible relationships
-relationships among both financial and non-financial information
SAS 56 require that analytic procedures..
be used in audit planning and in the overall review stage of the audit
analytical procedures: data comparisons
-current company data vs. prior period company data
-company data vs. company budgets, forecasts, or projections
-company data vs. industry data and/or comparable company data
-company financial data vs. company operational data
-company data vs. auditor-determined expected results
-vertical, or common-size, analysis
-comparison of the detail of a total account balance with similar detail for the preceding year
-ratios and other financial relationship
assessing the potential impact of fraud risk factors: SAS 99 consideration of the attributes of fraud risk
-the type of risk
-the significance of the risk
-the likelihood of the risk
-the pervasiveness of the risk
all the previous attributes will influence what?
both the extent to which the auditor needs to take specific steps to respond to a particular risk factor and the nature of those steps
evaluating controls: SAS 99 requires...
-consideration of internal controls as the final ingredient in the assessment or identified risks of material misstatement due to fraud
what is the potential benefit of the evaluating controls?
the identification of effective controls may may provide the auditor with a reasonable basis for concluding that the likelihood of that kind of fraud is low
SAS 99 suggests a number of procedures that...
"should be performed to further address the risk of management override of controls"
evaluating controls: using the fraud triangle framework, the auditor considers whether...
-there is evidence of other fraud risk factors
-possibility that collusion is occurring at other levels of the organization
common elements of an anti-fraud program include
-code of conduct
-ethics hotline/whistleblower programs
-hiring and promotion
-audit committee oversight
-investigation and remediation
-fraud risk assessment
unpredictable audit tests: predictability of the audit approach may...
-create opportunity for a fraudster and undermine detection
unpredictability may be adopted as a strategy at what two levels?
-at a high level, the auditor may decide to visit locations or to audit areas or components of the financial statements that are not normally audited
-at a more detailed level, the auditor should be wary of being too predictable in the selection of individual transactions for detailed testing
what does SAS 99 say about unpredictability?
the auditor should incorporate an element of unpredictability in the selection from year to year
Observation and inspection: this is a standard part of any audit program that includes:
-performing or observing physical counts
Observation and Inspection: SAS example of anomalies that come to light:
-discrepancies in the accounting records
-conflicting or missing evidential matter
-problematic or unusual events between the auditor and the client
observation and inspection: when comparing sources of audit evidence, the auditor
-reviews the source document with a critical eye
-fake or altered documents have certain characteristics
observation and inspection: evidential potential red flags are...
-no in themselves conclusive evidence of fraud.
-but they do indicate existence of a specific gap, anomaly, or other problem
corruption: why is detecting bribes and kickbacks difficult?
-buried in otherwise legitimate transactions
corruption: who is usually involved in bribes and kickbacks?
-the purchasing function of the organization
corruption: what is the focus in auditing for corruption?
-focused heavily on deterrence
corruption: analytic procedures and data mining may...
-assist in detection
corruption: what do trending asset balances reveal?
-the purchase of unneeded assets, including inventory
Corruption red flags (6)
-order consistently placed with the same vendor
-cost of materials or other purchases out of line when compared with related activities
-buyers whose lifestyles appear to exceed their income levels
-procurement decisions-in favor of key suppliers-that are heavily influenced or made by managers outside the purchasing department
-restrictions in solicitation documents that tend to restrict competition
-a very short time frame for responding to bids
overall: what does SAS 99 do?
-lays out an iterative and holistic approach to the consideration of fraud in financial statement audit
-foundation for professional skepticism
go back and review slide