Which of the following characteristics most likely would heighten an auditors concern about the risk of material misstatements in an entitys financial statements?

1

19 a. Which of the following characteristics is most likely to heighten an auditor's concern about the risk of material misstatements due to fraud in an entity's financial statements?

(1) The entity's industry is experiencing declining customer demand.

(2) Employees who handle cash receipts are not bonded.

(3) Internal auditors have direct access to the board of directors and the entity's management.

(4) The board of directors is active in overseeing the entity's financial reporting policies.

2

19 b. Which of the following circumstances is most likely to cause an auditor to increase the assessment of the risk of material misstatement of the financial statements due to fraud?

(1) Property and equipment are usually sold at a loss before being fully depreciated.

(2) Unusual discrepancies exist between the entity's records and confirmation replies.

(3) Monthly bank reconciliations usually include several in-transit items.

(4) Clerical errors are listed on a computer generated exception report.

4

19 c. Which of the following statements reflects an auditor's responsibility for detecting fraud?

(1) An auditor is responsible for detecting employee errors and simple fraud, but not for discovering fraudulent acts involving employee collusion or management override.

(2) An auditor should plan the audit to detect fraud caused by departures from GAAP.

(3) An auditor is not responsible for detecting fraud unless the application of auditing standards would result in such detection.

(4) An auditor should design the audit to provide reasonable assurance of detecting errors and fraud that are material to the financial statements.

1

20 a. When fraud risk factors are identified during an audit, the auditor's documentation should include The Risk Factors Identified

The Risk Factors ------------The Auditor's Response to
Identified ------------------The Risk Factors Identified
(1) Yes Yes
(2) Yes No
(3) No Yes
(4) No No

2

20 b. If an independent audit leading to an opinion on financial statements causes the auditor to believe that a material misstatement due to fraud exists, the auditor should first

(1) request that management investigate to determine whether fraud has actually occurred.

(2) make the investigation necessary to determine whether fraud has actually occurred.

(3) consider the implications for other aspects of the audit and discuss the matter with the appropriate levels of management.

(4) consider whether fraud was the result of a failure by employees to comply with existing controls.

3

20 c. Which of the following is least likely to suggest to an auditor that the client's management may have overridden internal control?

(1) There are numerous delays in preparing timely internal financial reports.

(2) Management does not correct internal control weaknesses that it knows about.

(3) Differences are always disclosed on a computer exception report.

(4) There have been two new controllers this year.

1

21 a. Cash receipts from sales on account have been misappropriated. Which of the following acts will conceal this embezzlement and be least likely to be detected by the auditor?

(1) Understating the sales journal

(2) Overstating the accounts receivable control account

(3) Overstating the accounts receivable subsidiary records

(4) Understating the cash receipts journal

3

21 b. An auditor discovers that a client's accounts receivable turnover is substantially lower
for the current year than for the prior year. This trend may indicate that

(1) the client recently tightened its credit-granting policies.

(2) employees have stolen inventory just before year-end.

(3) fictitious credit sales have been recorded during the year.

(4) an employee has been lapping receivables in both years.

1

21 c. Which of the following internal controls will best detect the theft of valuable items from an inventory that consists of hundreds of different items selling for $1 to $10 and a few items selling for hundreds of dollars?

(1) Maintain a perpetual inventory of only the more valuable items, with frequent periodic verification of the validity of the perpetual inventory records.

(2) Have an independent auditing firm examine and report on management's assertion about the design and operating effectiveness of the control activities relevant to inventory.

(3) Have separate warehouse space for the more valuable items, with sequentially numbered tags.

(4) Require an authorized officer's signature on all requisitions for the more valuable items.

3

22 a. While performing a preliminary assessment for a new client audit, the auditor determines that the client has had excessive growth over the past several years due to recent acquisitions and internal expansion. Through discussions with management, the auditor concludes that the company's operational staff is too lean and that internal controls in several operational functions may be currently insufficient to accommodate this rapid growth. About which of the following fraud risk factors related to the client would the auditor have the greatest concern?

(1) Rationalization/attitude

(2) Inadequate organizational structure

(3) Opportunity

(4) Incentives/pressures

3

22 b. Which one of the following is a true statement about the required fraud risk assessment discussion?

(1) The discussion about the susceptibility of the entity's financial statements to material misstatement must be held separately from the discussion about the susceptibility of the entity's financial statements to fraud.

(2) The discussion should involve all members who participate on the audit team, including the engagement partner.

(3) The discussion should include consideration of the risk of management override of controls.

(4) The fraud risk assessment discussion should occur during the overall review stage of the audit.

4

22 c. Which of the following circumstances would most likely cause an auditor to suspect that there are material misstatements in an entity's financial statements?

(1) The entity's management strictly enforces its integrity and ethical values.

(2) Monthly bank reconciliations ordinarily include several outstanding checks.

(3) Management outsources the internal audit function to another CPA firm.

(4) The auditor identifies an inappropriate valuation method that is widely applied by the entity.

Yes, Opportunities

1. Significant operations are located and conducted across international borders in jurisdictions where differing business environments and cultures exist.

Fraud Risk? Fraud Condition?

Yes, Attitudes/Rationalization

2. There are recurring attempts by management to justify marginal or inappropriate accounting on the basis of materiality.

Fraud Risk? Fraud Condition?

Yes, Opportunities

3. The company's controller works very hard, including evenings and weekends, and has not taken a vacation in two years.

Fraud Risk? Fraud Condition?

No, N/A

4. The company's board of directors includes a majority of directors who are independent of management.

Fraud Risk? Fraud Condition?

Yes, Opportunities

5. Assets and revenues are based on significant estimates that involve subjective judgments and uncertainties that are hard to corroborate.

Fraud Risk? Fraud Condition?

Yes, Incentives/Pressures

6. The company is marginally able to meet exchange listing and debt covenant requirements.

Fraud Risk? Fraud Condition?

Yes, Incentives/Pressures

7. The company's financial performance is threatened by a high degree of competition and market saturation.

Fraud Risk? Fraud Condition?

No, N/A

8. New accounting pronouncements have resulted in explanatory paragraphs for consistency for the company and other firms in the industry.

Fraud Risk? Fraud Condition?

No, N/A

9. The company has experienced low turnover in management and its internal audit function.

Fraud Risk? Fraud Condition?

exchange ideas

10-24 (OBJECTIVES Io-l, 10-2, 10-3, 10-8) Assessing the risk of fraud in a financial statement audit is a difficult audit judgment. Auditing standards require the auditor to perform several audit procedures to accumulate information to assess the risk of fraud. You are the in-charge auditor responsible for planning the financial statement audit of Spencer, Inc. Two new staff auditors are assisting you with the initial audit planning and have asked you the following questions.

Briefly summarize your response to these staff auditor questions:

a. What is the purpose of the audit team's brainstorming session?

The purpose of the audit team's brainstorming session is for the audit team to ___ ___ about how and where they believe the entity's financial statements might be susceptible to material misstatement due to fraud, how management could perpetrate and conceal fraudulent financial reporting, and how assets of the entity could be misappropriated.

key

b. Who should attend the brainstorming session and when should the session be held?

The brainstorming meeting should ordinarily involve the ___ members of the audit team, ranging from audit staff members to partners on the engagement. This meeting would include audit team members located in other offices who work on the engagement as well as audit specialists, such as tax or IT specialists who work on the audit engagement. The meeting should be held during planning so that the audit plan can be adjusted to address the identified risks, and emphasize professional skepticism throughout the engagement.

responsible

c. What is the role of the two staff auditors in the brainstorming session?

The two staff members on the engagement are just as ___ for engaging in the exchange of ideas as other members of the engagement team. While the two new staff accountants may not be familiar with engagement specifics, they do provide a fresh perspective of possible ways management might engage in fraud. More importantly, they will benefit from hearing the exchange of ideas from other members of the audit team. That should help heighten their professional skepticism as they perform the audit.

plan, perform

d. What is the auditor's responsibility under auditing standards for detecting fraud?

The auditor has a responsibility to ___ and ___ the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement, whether caused by error or fraud. Thus, the auditor's detection responsibility for fraud is no different from the auditor's detection responsibility for errors.

decisions

e. What must the auditor document in the working papers related to this brainstorming session?

Auditing standards require that the audit documentation include significant ___ made during the discussion among engagement team personnel in planning the audit about the susceptibility of the entity's financial statements to material fraud, including how and when the discussion occurred and who participated.

Fraud

1. A material sale was recorded on the last day of the year even though the goods were
not shipped until three days later.

Error or fraud?

List one or more procedures that could be implemented to prevent it from occurring on a continuing basis.

Sales invoices are not recorded until receipt of shipping document indicating that the goods have been shipped.

For each misstatement, identify evidence the auditor can use to uncover it.

For sales before and after year end, examine shipping documents to verify the sale was recorded in the proper period. Confirm accounts receivable at year-end.

Error

2. Merchandise was shipped to a customer, but no bill of lading was prepared. Because
billings are prepared from bills of lading, the customer was not billed. *

Error or fraud?

List one or more procedures that could be implemented to prevent it from occurring on a continuing basis.

No merchandise may leave the plant without the preparation of a prenumbered bill of lading.

For each misstatement, identify evidence the auditor can use to uncover it.

Trace credit entries in the perpetual inventory records to bills of lading and the sales journal. Confirm accounts receivable at year-end.

Fraud

3. The controller approved a payment to a consulting firm owned by his sister. The consulting
firm did not actually perform any services for the company.

Error or fraud?

List one or more procedures that could be implemented to prevent it from occurring on a continuing basis.

Payments should be approved by the accounts payable department only after an authorized purchase order, receiving report, and invoice have been matched.

For each misstatement, identify evidence the auditor can use to uncover it.

For a sample of cash disbursements, examine approval of the disbursement based on the matching of the purchase order, receiving report, and invoice.

Fraud

4. The shipping clerk included several additional valuable items in a shipment that were
not included in the customer's order and were not invoiced to the customer. The
shipping clerk has an arrangement with the customer to share the proceeds from
sales of the additional items shipped.

Error or fraud?

List one or more procedures that could be implemented to prevent it from occurring on a continuing basis.

Independent verification of packing slip.

For each misstatement, identify evidence the auditor can use to uncover it.

Reconcile inventory items on hand to perpetual inventory records and investigate any shortages.

Fraud

5. Cash paid on accounts receivable was stolen by the mail clerk when the mail was opened.

Error or fraud?

List one or more procedures that could be implemented to prevent it from occurring on a continuing basis.

All payments from customers should be in the form of a check payable to the company. Monthly statements should be sent to all customers.

For each misstatement, identify evidence the auditor can use to uncover it.

Trace from recorded sales transactions to cash receipts for those sales; confirm accounts receivable balances at year-end.

Error

6. A sales invoice was miscalculated by $1,000 as a result of a key-entry mistake.

Error or fraud?

List one or more procedures that could be implemented to prevent it from occurring on a continuing basis.

Internal verification of invoice preparation and posting by an independent person.

For each misstatement, identify evidence the auditor can use to uncover it.

Test clerical accuracy of sales invoices

Fraud

7. Cash paid on accounts receivable that had been prelisted by a secretary was stolen by the bookkeeper, who records cash receipts and accounts receivable. He failed to record the transactions.

Error or fraud?

List one or more procedures that could be implemented to prevent it from occurring on a continuing basis.

The prelisting of cash receipts should be compared to the postings in the accounts receivable master file and to the validated bank deposit slip.

For each misstatement, identify evidence the auditor can use to uncover it.

Trace cash received from prelisting to cash receipts journal. Confirm accounts receivable.

nonexistent

WEAKNESSES IN PROCESSES

The foreman has the ability to hire employees and enter their names into the pay system with no other approval.

LIKELY MISSTATEMENTS

___ or incompetent employees may be hired at the foreman's option.

higher

WEAKNESSES IN PROCESSES

The foreman may make changes to salary rates without approval of company management.

LIKELY MISSTATEMENTS

Employees may be paid at rates that are ___ than their skill warrants.

dishonest, unqualified

WEAKNESSES IN PROCESSES

No investigation of new employees to determine background experience and dependability is performed.

LIKELY MISSTATEMENTS

___ or ___ employees may be hired.

did not work

WEAKNESSES IN PROCESSES

No control exists over time cards and the completion thereof.

LIKELY MISSTATEMENTS

Employees may report and be paid for time that they ____ ____ ____.

not be discovered

WEAKNESSES IN PROCESSES

No review or internal verificationof the amount on the payroll checks is performed.

LIKELY MISSTATEMENTS

Misstatements made by the payroll clerks in favor of employees would likely ___ ___ ___

extra

WEAKNESSES IN PROCESSES

Payroll checks are not prenumbered or controlled by the payroll clerks.

LIKELY MISSTATEMENTS

The chief accountant could prepare, sign, and cash an ___ payroll check without detection.

misappropriation of assets

Weaknesses 1, 2, 4, 5, and 6 increase the likelihood of fraud involving ___ ___ ___. Fraud involving misappropriation of assets is relatively common for payroll, although the amounts are often not material. Fraudulent financial reporting involving payroll is less likely.

Fraudulent, receivables

1. The company engaged in channel stuffing by shipping goods to customers that had not been ordered.

a. Indicate whether the fraud involves misappropriation of assets or fraudulent financial reporting.

___ financial reporting

b. For those frauds that involve misappropriation of assets, state a control that would be effective in preventing or detecting the misappropriation.

N/A

c. For those frauds that involve fraudulent financial reporting, state an audit procedure that would be effective in detecting the fraud.

Confirm ___, including the existence of any special terms with customers.

fraudulent, aging, accounts receivable

2. The allowance for doubtful accounts was understated because the company altered
the aging of accounts receivable to reduce the number of days outstanding for delinquent
receivables.

a. Indicate whether the fraud involves misappropriation of assets or fraudulent financial reporting.

___ financial reporting

b. For those frauds that involve misappropriation of assets, state a control that would be effective in preventing or detecting the misappropriation.

N/A/

c. For those frauds that involve fraudulent financial reporting, state an audit procedure that would be effective in detecting the fraud.

Test the accuracy of the ___ by recalculating the number of days outstanding for a sample of ___ ___.

misappropriation, appropriate person

3. The accounts receivable clerk stole checks received in the mail and deposited them
in an account that he controlled. He issued credit memos to the customers in the
amount of the diverted cash receipts.

a. Indicate whether the fraud involves misappropriation of assets or fraudulent financial reporting.

___ of assets

b. For those frauds that involve misappropriation of assets, state a control that would be effective in preventing or detecting the misappropriation.

Credit memos are approved by an ___ ___ independent of accounting for sales and cash receipts

c. For those frauds that involve fraudulent financial reporting, state an audit procedure that would be effective in detecting the fraud.

N/A

fraudulent, receivables

4. The company contacted a major customer and asked them to accept a major shipment
of goods before year-end. The customer was told that they could return the
goods without penalty if they were unable to sell the goods.

a. Indicate whether the fraud involves misappropriation of assets or fraudulent financial reporting.

___ Financial Reporting

b. For those frauds that involve misappropriation of assets, state a control that would be effective in preventing or detecting the misappropriation.

N/A

c. For those frauds that involve fraudulent financial reporting, state an audit procedure that would be effective in detecting the fraud.

Confirm ___, including the existence of any special terms with customers. Examine sales returns after year-end to see if they relate to sales recorded before year-end.

misappropriation, reconcile

5. A cashier stole cash receipts that had been recorded in the cash register.

a. Indicate whether the fraud involves misappropriation of assets or fraudulent financial reporting.

___ of assets

b. For those frauds that involve misappropriation of assets, state a control that would be effective in preventing or detecting the misappropriation.

___ cash to amount recorded in the cash register

c. For those frauds that involve fraudulent financial reporting, state an audit procedure that would be effective in detecting the fraud.

N/A

fraudulent, year end

6. The company recorded "bill-and-hold sales" at year-end. Although the invoices
were recorded as sales before year-end, the goods were stored in the warehouse and
shipped after year-end.

a. Indicate whether the fraud involves misappropriation of assets or fraudulent financial reporting.

___ financial reporting

b. For those frauds that involve misappropriation of assets, state a control that would be effective in preventing or detecting the misappropriation.

N/A

c. For those frauds that involve fraudulent financial reporting, state an audit procedure that would be effective in detecting the fraud.

Confirm accounts receivable at ___ ___, including any special sales terms. Inquire about the existence of goods held for customers during inventory observation

fraudulent, receiving reports

7. The company did not record credit memos for returns received in the last month of the year. The goods received were counted as part of the company's year-end physical inventory procedures.

a. Indicate whether the fraud involves misappropriation of assets or fraudulent financial reporting.

___ Financial reporting

b. For those frauds that involve misappropriation of assets, state a control that would be effective in preventing or detecting the misappropriation.

N/A

c. For those frauds that involve fraudulent financial reporting, state an audit procedure that would be effective in detecting the fraud.

Confirm accounts receivable at year end. Obtain last ___ ___ for returned goods from receiving department and trace to credit memos.

misappropriation, receipts

8.. A cashier stole cash receipts by failing to record the sales in the cash register.

a. Indicate whether the fraud involves misappropriation of assets or fraudulent financial reporting.

___ of assets.

b. For those frauds that involve misappropriation of assets, state a control that would be effective in preventing or detecting the misappropriation.

Require that all sales be supported by ___ recorded in the cash register.

c. For those frauds that involve fraudulent financial reporting, state an audit procedure that would be effective in detecting the fraud.

N/A

fraudulent, supporting documentation

9. The CFO recorded fictitious credit sales at the end of the year without recording the
associated cost of sales and reduction in inventory.

a. Indicate whether the fraud involves misappropriation of assets or fraudulent financial reporting.

___ Financial Reporting

b. For those frauds that involve misappropriation of assets, state a control that would be effective in preventing or detecting the misappropriation.

N/A

c. For those frauds that involve fraudulent financial reporting, state an audit procedure that would be effective in detecting the fraud.

Review ___ ___, including purchase order, shipping document and invoice, for sales occurring at year-end and trace to proper recording of sales and accounts receivable, as well as cost of goods sold and inventory

240, 99

AU-C 240 "Consideration of Fraud in a Financial Statement Audit"

Contains the requirements of SAS No.122 pertaining to the auditor's responsibility relating to fraud that affects the financial statements.

This clarified auditing standard replaces SAS No. 99 and is effective for audits of financial statements for periods ending on or after December 15, 2012.

Requirements of AU-C 240 are very similar to the requirements of the original SAS No. ___.

fraud

First thing people do when ___ is discovered - people ask "Where are the auditors??

plan, perform, reasonable assurance, material misstatements

Auditor's responsibility for fraud detection in a financial statement audit (following GAAS):

The auditor conducting the audit following GAAS has a responsibility to ___ and ___ the audit to obtain ___ ___ about whether the financials are free of ___ ___ whether caused by error or fraud. Fraud is on the same level as material misstatement.

Fraudulent, Misappropriation

The 2 types of fraud relevant to the auditor:

1. ___ Financial Reporting

2. ___ of Assets

irregularities

Auditors did not used to acknowledge fraud as an issue. Would call them "___."

fraud triangle

AU-C 240 refers to the "____ ____" in several areas. Auditors must be familiar with the "fraud triangle".

professional skepticism

1. Auditors are required to maintain ___ ___ about fraud throughout the audit

key

2. Fraud Brainstorming Session(s)-

a. ___ members of the audit team, including the engagement partner, conduct a fraud brainstorming session(s).
b. Occurs in the planning stage of the audit
c. Intended to be a free-flowing exchange of ideas about how the client's financial statements may be materially misstated by fraud.
d. At least the following items should be addressed:
i. Factors that may create an incentive to commit fraud, provide the opportunity to commit fraud, or create an environment that enables individuals to easily rationalize engaging in fraud. Note these are fraud risk factors that are categorized into the three sides of the fraud triangle.
ii. Risk of management override of internal control.
iii. Circumstances that might indicate that earnings management or other types of fraudulent financial reporting are occurring.
iv. The importance of maintaining professional skepticism.
v. How the auditors should respond to the risk that the client's financial statements may be materially misstated due to fraud.

Fraud

3. ___ Risk Assessment Process- Auditors should conduct a fraud risk assessment and this risk assessment has three main parts (or stages):

I. While performing "risk assessment procedures" (that are required on all audits) to obtain an adequate understanding of the client (including its internal controls over financial reporting) the auditor should perform procedures to make him/her aware of significant fraud risk factors. The auditor should perform the following procedures during this information gathering process:
a. Have discussions with management and others (e.g. internal auditors) about fraud.
b. Obtain an understanding of how "those charged with governance" oversee management's processes for indentifying and responding to the risk of fraud.
c. Use analytics as part of the risk assessment procedures to identify relationships that may be indicative of fraud. Note that there is a presumptively mandatory requirement that these analytics include significant revenue accounts.
d. Have discussions among the audit team about fraud (fraud brainstorming and subsequent communications throughout the audit).

...

The clarified SASs have a "requirements section containing all of the presumptively mandatory and mandatory requirements of the standard.

Incentives/Pressures, Attitudes/Rationalization, Opportunities

The three components of the fraud triangle (p. 299) are:

skeptical

You have to be professionally ___. Trust but verify.

brainstorming

On every audit you are required to do a fraud ___ session. Everybody has to be present and participate.

incentive, opportunity

You expected to talk about factors that create an ___, an ___ to commit fraud. Have a conversation about the 3 sides of the fraud triangle. You expected to talk about the risk of management override of internal control.

240

Appendix A of AU-C ___ provides many examples of fraud risk factors related to fraudulent financial reporting and misappropriation of assets that are organized into the three categories of the fraud risk triangle.

definitions

Note: the ___ section of AU-C 240 defines fraud risk factors:

Events or conditions that indicate an incentive or pressure to perpetrate fraud, provide an opportunity to commit fraud, or indicate attitudes or rationalizations to justify a fraudulent action. (fraud triangle)

improper, management override

While developing their list of fraud risks, auditors are required to do two things:

1. Presume that improper revenue recognition is a fraud risk.

2.Always identify the risk of management override of controls as a fraud risk. Auditors are also required to address the possibility of management override in the design of audit procedures.

...

II. In the second stage of the fraud risk assessment process auditors consider the identified fraud risk factors and make a fraud risk assessment. In making this fraud risk assessment auditors should utilize all the information they are aware of about fraud risk factors affecting the client's financial statements as well as the effectiveness of internal controls that are designed to mitigate the risks of fraud.
a. Note that there is a presumptively mandatory requirement that the auditors list of identified fraud risk factors include the risk that fraud may exist in revenue recognition. If the auditor concludes that such a risk does not exist, the auditor must document in the audit documentation the reasons for this conclusion.
b. There is a mandatory requirement that the risk of management override of control be considered a fraud risk factor.

...

III. In the third stage of the fraud risk assessment process auditors must "respond" to the risk of fraud. The basic notion is that auditors must adjust many aspects of the audit to be responsive to the level of fraud risk. The standard describes three main types of responses to the risk of fraud.

i. Overall Responses- The auditor must have some overall responses at the financial statement level. These overall responses include:
a. Assignment of personnel and supervision.
b. An evaluation of the client's selection and application of accounting principles.
c. Incorporating an element of unpredictability in the selection and implementation of auditing procedures

Risk Assessment, three

Fraud ___ ___ Process- Auditors should conduct a fraud risk assessment that has ___ main stages:

...

ii. Audit Procedures at the Financial Statement Assertion Level- The planned auditing procedures that are used to audit individual financial statement assertions should be responsive to the risk of fraud at the assertion level

...

iii. Audit Procedures Responsive to the Risk of Management Override of Internal Control- The Standard emphasizes that the risk of management override of internal control always exists and the Standard provides examples of the types of procedures the auditor should implement to address this risk.

...

4. Note that all of the requirements described thus far exist on all audits whether or not fraud is actually found or suspected. If the auditor identifies a material or immaterial misstatement that may be due to fraud, there is a presumptively mandatory requirement that the auditor should reevaluate his/her existing fraud risk assessment and adjust the audit accordingly

...

5. Communication Requirements- The Standard has communication requirements for numerous situations including the following:

I. If the auditor has identified a fraud or thinks that a fraud may exist, he/she should communicate the matter to an appropriate level of management.
II. If the auditor has identified, or suspects, fraud involving management, employees having a significant role in internal control, or others when the fraud results in material misstatements to the financial statements, the auditor should discuss the matter with those charged with governance.
III. If the auditor has identified or suspects fraud the auditor should determine whether he/she has a responsibility to report the matter to external parties (e.g., a regulatory agency). While the AICPA Code of Professional Conduct has a confidentially provision, legal obligations may override the duty of confidentiality

...

6. Documentation- The Standard has numerous audit documentation requirements. For example, the auditor is required to document significant decisions about fraud during discussions among the audit team, the material fraud risks identified, if applicable reasons why the risk of improper revenue recognition was not considered a fraud risk factor, the auditors responses to the identified risks, and discussions with management about fraud.

...

Application and Other Explanatory Material Section of Standard

As you know, the clarified SASs have an "application and other explanatory material" section. This section provides detailed guidance and explanations to assist the auditor in accomplishing the requirements of a Standard. In this Standard the section addresses a large number of issues including:

...

1. Examples of ways in which fraudulent financial reporting and misappropriation of assets can be perpetrated by a fraudster. Note that the Standard attempts to provide a very basic education about fraud.
2. An explanation of the importance of professional skepticism.
3. A reminder that an audit rarely involves the authentication of documents and that the auditor is not expected to be expert in authentication. However, when the auditor believes that something is suspicious about a document, the Standard suggests some audit procedures that can be used to investigate.

...

3. A reminder that an audit rarely involves the authentication of documents and that the auditor is not expected to be expert in authentication. However, when the auditor believes that something is suspicious about a document, the Standard suggests some audit procedures that can be used to investigate.
4. An elaboration on why fraud discussions among members of the audit team are important and the types of things that could be discussed. The Standard recognizes that multiple discussions may be necessary and they may occur among team members in different locations.
5. An elaboration on the various risk assessment procedures that can be performed to identify fraud risk factors during audit planning. This discussion includes guidance on inquiries of management and recognizes that such inquiries might be effective in obtaining information about employees that may be misappropriating assets but rarely are these discussions with management effective in gaining strong evidence about fraudulent financial reporting,

...

6. Examples of people other than management (e.g., in-house legal counsel) that can be interviewed to corroborate or refute the assertions of management.
7. The value of obtaining an understanding with those charged with governance (e.g. an understanding of audit committee oversight may provide insights into the integrity of management).
8. Guidance on the use of analytical procedures with emphasis on analytics focusing on revenue.

...

9. Guidance on the evaluation of fraud risk factors that have been identified and a reference to Appendix A of the Standard that contains examples of fraud risk factors for fraudulent financial reporting and misappropriation of assets organized around the three sides of the fraud triangle.
10. Guidance on how the auditor should respond to the fraud risk assessment that has been made. For example: 1. As the risk of fraud increases more experienced auditors should be assigned; 2. As the risk of fraud increases the auditor should be more unpredictable (the Standard gives guidance on how to do this).
11. An elaboration on audit procedures that can be used in response to increased risk of fraud at the assertion level. Generally, the auditor should modify the nature, timing and extent of his/her procedures in response to an elevated risk of fraud. As the risk of fraud increases the nature of the audit procedures should be changed to obtain more reliable evidence. The timing of substantive procedures should be changed to put them closer to the balance sheet date. Finally, the extent of procedures should be increased with larger sample sizes. Note that Appendix B contains a list of possible audit procedures that can be used to assess the risk of material misstatement due to fraud.

...

12. Guidance on audit procedures that can be used in response to the risk of management override of internal control. For example, the auditor should exercise judgment in determining the nature, timing and extent of testing of adjusting journal entries. However, because fraudulent entries are commonly made at the end of the period the auditor is required to test adjusting entries made at the end of the period. As the risk of management override increases audit testing should increase.
13. The Standard asserts that the risk of material misstatement due to fraud cannot be reduced to an appropriate level by performing only tests of controls. So note that fraud is an area where substantive testing is required.

...

14. Guidance on the use of analytics near the end of the audit to form an overall conclusion about the risk of fraud.
15. Guidance on situations where the auditor may consider it necessary to withdraw from the engagement due to fraud (e.g., when the auditor has serious concerns about the integrity of the Board or senior management).

...

16. Guidance on communicating when the auditor has obtained evidence that fraud exists, or may exist. Note that in these situations the auditor has a communication requirement even when the fraud, or suspected fraud, is immaterial. The auditor should communicate the matter to an "appropriate level of management". The appropriate level of management is typically management at least one level above the fraudster. If the fraud involves senior management, or materially misstates the financial statements, the information should be communicated to those charged with governance. Note that auditors should also reach an agreement with those charged with governance about other matters pertaining to fraud (if any) that they want to be informed about (e.g., fraud not involving senior management).

...

17. Guidance on other matters relating to fraud that should be discussed with those charged with governance (e.g., concerns about management's implementation and/or evaluation of controls that address material fraud risk).

discussions, responding, analytics, discussions

First Stage: Find fraud risk factors during the risk assessment procedures (required on all audits) to obtain an adequate understanding of the client (including its internal controls over financial reporting)

a. Have ___ with management and others (e.g. internal auditors) about fraud.

b. Obtain an understanding of how "those charged with governance" oversee management's processes for identifying and ___ to the risk of fraud.

c. Use analytics as part of the risk assessment procedures to identify relationships that may be indicative of fraud. Note that there is a presumptively mandatory requirement that these analytics include significant revenue accounts.

d. Have discussions among the audit team about fraud (fraud brainstorming and subsequent communications throughout the audit).

anomalies

You can use analytics to find ___.

improper, override

Stage one: While developing their list of fraud risks, auditors are required to do two things:

1. Presume that ___ revenue recognition is a fraud risk.

2. Always identify the risk of management ___ of controls as a fraud risk. Auditors are also required to address the possibility of management override in the design of audit procedures.

fraud risk

___ ____factors - Auditing standards require the auditor to evaluate whether fraud risk
factors indicate incentives or pressures to perpetrate fraud, opportunities to carry out
fraud, or attitudes or rationalizations used to justify a fraudulent action.

financial statements, revenue recognition, management override

Second stage: Consider the identified fraud risk factors and make a fraud risk assessment. Should utilize all the information they are aware of about fraud risk factors affecting the client's ___ ___, as well as the effectiveness of internal controls that are designed to mitigate the risks of fraud.

a. There is a presumptively mandatory requirement that the auditors list of identified fraud risk factors include the risk that fraud may exist in ___ ___. If the auditor concludes that such a risk does not exist, the auditor must document in the audit documentation the reasons for this conclusion.

b. There is a mandatory requirement that the risk of ___ ___ of control be considered a fraud risk factor.

responde

Third stage: Auditors must "___" to the risk of fraud. The basic notion is that auditors must adjust many aspects of the audit to be responsive to the level of fraud risk. The standard describes three main types of responses to the risk of fraud.

i. Overall Responses- at the financial statement level...
a. Assignment of personnel and supervision.
b. An evaluation of the client's selection and application of accounting principles.
c. Incorporating an element of unpredictability in the selection and implementation of auditing procedures.

ii. Audit Procedures- at the Financial Statement Assertion Level...
a. The planned auditing procedures that are used to audit individual financial statement assertions should be responsive to the risk of fraud at the assertion level.

iii. Audit Procedures Responsive to the Risk of Management Override of Internal Control- the risk of management override of internal control always exists and the Standard provides examples of the types of procedures the auditor should implement to address this risk.

...

Note that Appendix A of the Standard provides many examples of fraud risk factors related to fraudulent financial reporting and misappropriation of assets that are organized into the three categories of the fraud risk triangle

governance

Corporate ___ can be use to prevent fraud.

...

Audit committee oversight. How effective are they?

...

In corporate governance, all legs of the stool have to be working.

exist

All of the requirements described thus far ___ on all audits whether or not fraud is actually found or suspected. If the auditor identifies a material or immaterial misstatement that may be due to fraud, there is a presumptively mandatory requirement that the auditor should reevaluate his/her existing fraud risk assessment and adjust the audit accordingly

...

4. Communication Requirements-
I. If the auditor has identified a fraud or thinks that a fraud may exist, he/she should communicate the matter to an appropriate level of management.
II. If the auditor has identified, or suspects, fraud involving management, employees having a significant role in internal control, or others when the fraud results in material misstatements to the financial statements, the auditor should discuss the matter with those charged with governance.
III. If the auditor has identified or suspects fraud the auditor should determine whether he/she has a responsibility to report the matter to external parties (e.g., a regulatory agency). While the AICPA Code of Professional Conduct has a confidentially provision, legal obligations may override the duty of confidentiality.

...

5. Documentation- Numerous audit documentation requirements...
a. For example, the auditor is required to document significant decisions about fraud during discussions among the audit team, the material fraud risks identified, if applicable reasons why the risk of improper revenue recognition was not considered a fraud risk factor, the auditors responses to the identified risks, and discussions with management about fraud.

...

3. Fraud Risk Assessment Process- Auditors should conduct a fraud risk assessment that has three main stages:

First Stage: Find fraud risk factors during the risk assessment procedures (required on all audits) to obtain an adequate understanding of the client (including its internal controls over financial reporting)
a. Have discussions with management and others (e.g. internal auditors) about fraud.
b. Obtain an understanding of how "those charged with governance" oversee management's processes for identifying and responding to the risk of fraud.
c. Use analytics as part of the risk assessment procedures to identify relationships that may be indicative of fraud. Note that there is a presumptively mandatory requirement that these analytics include significant revenue accounts.
d. Have discussions among the audit team about fraud (fraud brainstorming and subsequent communications throughout the audit).

...

2. Opportunities. Circumstances provide opportunities for management or employees
to commit fraud.

...

1. lncentivesl/Pressures. Management or other employees have incentives or pressures
to commit fraud.

...

3. Attitudes/Rationalization. An attitude, character, or set of ethical values exists that
allows management or employees to commit a dishonest act, or they are in an
environment that imposes sufficient pressure that causes them to rationalize
committing a dishonest act.

fictitious, premature, manipulation

Three main types of revenue maninpulations are:

1.) ___ revenues.
2.) ___ revenue recognition
3.) ___ of adjustments to revenues

understates, overstates, lowers

Fictitious inventory ___ cost of goods sold and ___ the gross margin percentage. Fictitious inventory also ___ inventory turnover ratio.

Assessment

___ inquiry—inquiry to corroborate or contradict prior information obtained

Earnings

___ management —deliberate actions taken by management to meet earnings objectives

Fraud

___ risk factors—entity factors that increase the risk of fraud

triangle

Fraud ___—represents the three conditions of fraud: incentives/pressures, opportunities, and attitudes/rationalization

Horizontal

___ analysis—analysis of percentage changes in financial statement numbers compared to the previous period

smoothing

Income ___—form of earnings management in which revenues and expenses are shifted between periods to reduce fluctuations in earnings

inquiry

Informational ___—inquiry to obtain
information about facts and details the
auditor does not have

Interrogative

___ inquiry—inquiry used
to determine if the interviewee is being
deceptive or purposefully omitting disclosure
of key knowledge of facts, events, or
circumstances

Premature

___ revenue recognition—recognition
of revenue before accounting
standards requirements for recording revenue
have been met

Vertical

___ analysis—analysis in which
financial statement numbers are converted
to percentages of a base; also called common-
size financial statements

code of conduct

Creating a culture of honesty begins with a ___ ___ ___.

...

Your audit must be responsive to the risks of fraud.

...

Overall responses, as a risk of fraud goes up, the more closely you are expected to monitor those auditors.

...

The purpose of the interrogation is to get the person to confess.

Tips

___ are the no.1 source of discovery of frauds.

Which characteristic would concern an auditor about the risk of material misstatements?

Which of the following characteristics most likely would heighten an auditor's concern about the risk of intentional manipulation of financial statements?

Which of the following circumstances most likely would cause an auditor to believe that material misstatements may exist in an entity's financial statements?

Which characteristics would concern an auditor?