Auditors' Fraud-Related Responsibilities Flashcards
What does IAS 240 require?
ISA 240 requires auditors to hold a discussion regarding the potential for material misstatements due to fraud.
This discussion should cover:
(1) How and where the entity’s financial statements might be susceptible to fraud
(2) How management could perpetrate and conceal fraudulent financial reporting
(3) How the entity’s assets could be misappropriated
What does the Principles for Auditor Oversight state?
It states that the auditor oversight should
(1) be performed by a body that acts and is seen to act in the public interest
(2) take place within the audit firm, by professional associates and through government regulation
(3) Involve a regular review process designed to ascertain whether audit firms adhere to quality control policies and procedures
What factors should an auditor consider when determining the relevance of certain fraud risk factors within an entity?
The size of the entity
the ownership of the entity
the complexity of the entity
What factors constrain improper conduct by management in large entities?
effective oversight by those charged with governance
an effective audit function
the existence and enforcement of a written code of conduct
What are examples of risk factors relating to the incentives for misstatements arising from fraudulent financial reporting?
Financial stability or profitability is threatened by economic, industry, or entity operating conditions.
Excessive pressure exists for management to meet the requirements or expectations of third parties.
Information available indicates that the personal financial situation of management or those charged with governance is threatened by the entity’s financial performance.
There is excessive pressure on management or operating personnel to meet financial targets established by those charged with governance, including sales or profitability incentive goals.
What does the International Standards for the Professional Practice of Internal Auditing state?
(1) internal auditors must apply the care and skill expected of a reasonably prudent and competent internal auditor
(2) due professional care does not imply infallibility
To identify the risks of material misstatement due to fraud, what procedures should an auditor take?
(1) Make inquiries of management and others to determine if they have knowledge of any actual, suspected, or alleged fraud
(2) Evaluate any unusual or unexpected relationships that have been identified in performing analytical procedures.
(3) Evaluate whether the information obtained from the risk assessment procedures and related activities indicates that one or more fraud risk factors are present.
(4) Consider whether any other information obtained by the auditor indicates risks of material misstatement due to fraud.
Why is the risk greater for not detecting employee fraud vs. management fraud?
Management is frequently in a position to directly or indirectly manipulate accounting records
present fraudulent financial information
override control procedures
Internal audit activity must evaluate risk exposures relating to what?
relating to the organization’s governance, operations, and information systems regarding all of the following
Achievement of the organization’s strategic objectives
Reliability and integrity of financial and operational information
Effectiveness and efficiency of operations
Safeguarding of assets
Compliance with laws, regulations, and contracts
Which parties are responsible for fraud detection and prevention efforts?
1 - Board of directors (responsible for effective and responsible corporate fraud governance / overseeing management’s actions
2- Audit committee ( evaluate management’s identification of fraud risks and implementation of anti-fraud measures, provide the tone at the top that fraud will not be accepted in any form, overseeing controls to prevent or detect management fraud.
Management: responsible for overseeing the activities of employees, assessing the entity’s vulnerability to fraud, and establishing and maintaining an effective internal control system at a reasonable cost.
Legal counsel: advises the organization on legal matters pertaining to fraud.
External auditors: responsibility to comply with professional standards and to plan and perform the audit of the organization’s financial statements to obtain reasonable assurance about whether the financial statements are free of material misstatements, whether caused by error or fraud.
Loss prevention manager: deals with crimes, disasters, accidents, waste, and other business risks, and he usually works closely with internal auditors to identify areas of weak internal controls within the organization.
Fraud investigators ( responsible for detecting and investigating fraud, recovering assets)
Other employees (responsibility to report suspicious activity to a hotline, the internal audit department, or management)
What is the Public Interest Oversight Board (PIOB) and what is it responsible for?
global independent oversight body that seeks to improve the quality and public-interest focus of the international auditing, education, and ethics standards
objective is to increase the confidence of investors and others that the public interest activities of IFAC are properly responsive to the public interest.
To meet this objective, the PIOB provides independent oversight of IFAC’s full standard-setting process.
