Pipara & Co LLP

The Auditor’s Responsibilities Relating to Fraud in an Audit of Financial Statements

Introduction

Scope of this SA
  1. This Standard on Auditing (SA) deals with the auditor’s responsibilities relating to fraud in an audit of financial statements. Specifically, it expands on how SA 315, “Identifying and Assessing the Risks of Material Misstatement Through Understanding the Entity and Its Environment,” and SA 330, “The Auditor’s Responses to Assessed Risks,” are to be applied in relation to risks of material misstatement due to fraud.
Characteristics of Fraud
  1. Misstatements in the financial statements can arise from either fraud or error. The distinguishing factor between fraud and error is whether the underlying action that results in the misstatement of the financial statements is intentional or unintentional.
  2. Although fraud is a broad legal concept, for the purposes of the SAs, the auditor is concerned with fraud that causes a material misstatement in the financial statements. Two types of intentional misstatements are relevant to the auditor– misstatements resulting from fraudulent financial reporting and misstatements resulting from misappropriation of assets. Although the auditor may suspect or, in rare cases, identify the occurrence of fraud, the auditor does not make legal determinations of whether fraud has actually occurred. (Ref: Para. A1-A6)
Responsibility for the Prevention and Detection of Fraud

The primary responsibility for the prevention and detection of fraud rests with both those charged with governance of the entity and management. It is important that management, with the oversight of those charged with governance, place a strong emphasis on fraud prevention, which may reduce opportunities for fraud to take place, and fraud deterrence, which could persuade individuals not to commit fraud because of the likelihood of detection and punishment. This involves a commitment to creating a culture of honesty and ethical behavior which can be reinforced by an active oversight by those charged with governance. In exercising oversight responsibility, those charged with governance consider the potential for override of controls or other inappropriate influence over the financial reporting process, such as efforts by management to manage earnings in order to influence the perceptions of analysts as to the entity’s performance and profitability.

Responsibilities of the Auditor
  1. An auditor conducting an audit in accordance with SAs is responsible for obtaining reasonable assurance that the financial statements taken as a whole are free from material misstatement, whether caused by fraud or error. Owing to the inherent limitations of an audit, there is an unavoidable risk that some material misstatements of the financial statements may not be detected, even though the audit is properly planned and performed in accordance with the SAs.1
  1. As described in SA 2002, the potential effects of inherent limitations are particularly significant in the case of misstatement resulting from fraud. The risk of not detecting a material misstatement resulting from fraud is higher than the risk of not detecting one resulting from error. This is because fraud may involve sophisticated and carefully organized schemes designed to conceal it, such as forgery, deliberate failure to record transactions, or intentional misrepresentations being made to the auditor. Such attempts at concealment may be even more difficult to detect when accompanied by collusion. Collusion may cause the auditor to believe that audit evidence is persuasive when it is, in fact, false. The auditor’s ability to detect a fraud depends on factors such as the skillfulness of the perpetrator, the frequency and extent of manipulation, the degree of collusion involved, the relative size of individual amounts manipulated, and the seniority of those individuals involved. While the auditor may be able to identify potential opportunities for fraud to be perpetrated, it is difficult for the auditor to determine whether misstatements in judgment areas such as accounting estimates are caused by fraud or error.
  2. Furthermore, the risk of the auditor not detecting a material misstatement resulting from management fraud is greater than for employee fraud, because management is frequently in a position to directly or indirectly manipulate accounting records, present fraudulent financial information or override control procedures designed to prevent similar frauds by other employees.
  3. When obtaining reasonable assurance, the auditor is responsible for maintaining professional skepticism throughout the audit, considering the potential for management override of controls and recognizing the fact that audit procedures that are effective for detecting error may not be effective in detecting fraud. The requirements in this SA are designed to assist the auditor in identifying and assessing the risks of material misstatement due to fraud and in designing procedures to detect such misstatement.
Effective Date
  1. This SA is effective for audits of financial statements for periods beginning on or after 1st April, 2009.
Objectives
  1. The objectives of the auditor are:
  1. To identify and assess the risks of material misstatement in the financial statements due to fraud;
  2. To obtain sufficient appropriate audit evidence about the assessed risks of material misstatement due to fraud, through designing and implementing appropriate responses; and
  3. To respond appropriately to identified or suspected fraud.
Definition
  1. For purposes of the SAs, the following terms have the meanings attributed below:
  1. Fraud – An intentional act by one or more individuals among management, those charged with governance, employees, or third parties, involving the use of deception to obtain an unjust or illegal advantage.

Fraud risk factors – Events or conditions that indicate an incentive or pressure to commit fraud or provide an opportunity to commit fraud.

Requirements
Professional Skepticism
  1. In accordance with SA 2003, the auditor shall maintain professional skepticism throughout the audit, recognizing the possibility that a material misstatement due to fraud could exist, notwithstanding the auditor’s past experience of the honesty and integrity of the entity’s management and those charged with governance. (Ref: Para. A7- A8)
  2. Unless the auditor has reason to believe the contrary, the auditor may accept records and documents as genuine. If conditions identified during the audit cause the auditor to believe that a document may not be authentic or that terms in a document have been modified but not disclosed to the auditor, the auditor shall investigate further. (Ref: Para. A9)
  3. Where responses to inquiries of management or those charged with governance are inconsistent, the auditor shall investigate the inconsistencies.
Discussion Among the Engagement Team
  1. SA 315 requires a discussion among the engagement team members and 3 SA 200, paragraph 15. a determination by the engagement partner of matters which are to be communicated to those team members not involved in the discussion4. This discussion shall place particular emphasis on how and where the entity’s financial statements may be susceptible to material misstatement due to fraud, including how fraud might occur. The discussion shall occur notwithstanding the engagement team members’ beliefs that management and those charged with governance are honest and have integrity. (Ref: Para. A10-A11)
Risk Assessment Procedures and Related Activities

When performing risk assessment procedures and related activities to obtain an understanding of the entity and its environment, including the entity’s internal control, required by SA 3155, the auditor shall perform the procedures in paragraphs 17-24 to obtain information for use in identifying the risks of material misstatement due to fraud.

Management and Others within the Entity
  1. The auditor shall make inquiries of management regarding:
  1. Management’s assessment of the risk that the financial statements may be materially misstated due to fraud, including the nature, extent and frequency of such assessments; (Ref: Para. A12-A13)
  2. Management’s process for identifying and responding to the risks of fraud in the entity, including any specific risks of fraud that management has identified or that have been brought to its attention, or classes of transactions, account balances, or disclosures for which a risk of fraud is likely to exist; (Ref: Para. A14)
  3. Management’s communication, if any, to those charged with governance regarding its processes for identifying and responding to the risks of fraud in the entity; and
  4. Management’s communication, if any, to employees regarding its views on business practices and ethical behavior.
  1. The auditor shall make inquiries of management, and others within the entity as appropriate, to determine whether they have knowledge of any actual, suspected or alleged fraud affecting the entity. (Ref: Para. A15-A17)
  2. For those entities that have an internal audit function, the auditor shall make inquiries of internal audit to determine whether it has knowledge of any actual, suspected or alleged fraud affecting the entity, and to obtain its views about the risks of fraud. (Ref: Para. A18)
4 SA 315, paragraph 10. 5 SA 315, paragraphs 5-24.
Those Charged with Governance
  1. Unless all of those charged with governance are involved in managing the entity6, the auditor shall obtain an understanding of how those charged with governance exercise oversight of management’s processes for identifying and responding to the risks of fraud in the entity and the internal control that management has established to mitigate these risks. (Ref: Para. A19-A21)
  2. The auditor shall make inquiries of those charged with governance to determine whether they have knowledge of any actual, suspected or alleged fraud affecting the entity. These inquiries are made in part to corroborate the responses to the inquiries of management.
Unusual or Unexpected Relationships Identified
  1. The auditor shall evaluate whether unusual or unexpected relationships that have been identified in performing analytical procedures, including those related to revenue accounts, may indicate risks of material misstatement due to fraud.
Other Information
  1. The auditor shall consider whether other information obtained by the auditor indicates risks of material misstatement due to fraud. (Ref: Para. A22)
Evaluation of Fraud Risk Factors
  1. The auditor shall evaluate whether the information obtained from the other risk assessment procedures and related activities performed indicates that one or more fraud risk factors are present. While fraud risk factors may not necessarily indicate the existence of fraud, they have often been present in circumstances where frauds have occurred and therefore may indicate risks of material misstatement due to fraud. (Ref: Para. A23-A27)
Please select any one region