Accountant`s Responsibility to Detect Fraud in Audit, Non

Report
Accountant’s Responsibility to
Detect Fraud in Audit, Non-Audit
and Tax Engagements
Presentation To:
Main Line Association For Continuing Education
Presentation By:
Leon A. LaRosa, Jr., CPA, CFE, CFF, MST
Member
September 18, 2014
Objectives of Session
1.
Improve Client Service
2.
Clarify Understanding of the CPA’s Client Expectations
3.
Clarify Understanding of the CPA’s Professional
Responsibilities
4.
Develop a Better Understanding of the Fraud Environment
5.
Provide Practical and Economic Fraud Prevention Strategies
6.
Improve Client Service
Occupational Fraud and Abuse
 $3.7 Trillion Problem
 $154 K Per Scheme – Companies With Under 100 Employees
 5.4% Detected by External Audit - < 100 Employees
 1.9% Detected by External Audit - > 100 Employees
 34.2% Detected by Tip - < 100 Employees
 45.2% Detected by Tip - > 100 Employees
 Typical Scheme – 30-32 months
Most Common Frauds
 Employees Fraudulently Writing Company Checks
 Revenue Skimming
 Processing Fraudulent Invoices
 Misuse of Company Credit Cards
 Payroll
 Financial Statement
The Perfect Storm
Company downsizing is
weakening Internal controls segregation of duties
Company budgets are decreasing
– do the same work with less people
Internal Controls
Increased pressure
and decreased
controls people
may explore more
ways to commit
fraud
Layoffs increasing
Declining stock prices
Credit crisis
Internal/External
Pressure
Source: Association of Certified Fraud Examiners
Opportunity to
Commit Fraud
Standard of Care
“Degree of care, skill or competence exercised by
reasonably competent members of the profession
under the circumstances.”
MEASUREMENT APPROACH
Compliance with Rule 201 of the AICPA Code of
Professional Conduct
2. Conformity with Professional Standards
3. What another competent accountants would have
done in the circumstances.
1.
RULE 201:
AICPA Code of Professional Conduct
Professional Competence –
Undertake only those professional services that the member or the
member’s firm can reasonably expect to be completed with
professional competence.
Due Professional Care –
Exercise due professional care in the performance of professional
services.
Planning and Supervision –
Adequately plan and supervise the performance of professional
services.
Sufficient Relevant Data –
Obtain sufficient relevant data to afford a reasonable basis for
conclusions or recommendations in relation to ANY professional
service performed.
Corporate Governance
Responsibilities:
BOARD OF DIRECTORS
Select, regularly evaluate, and, if necessary, replace the
CEO; determine management compensation; and review
succession planning.
2. Review, and, where appropriate, approve the major
strategies and financial and other objectives and plans for
the corporation.
3. Advise Management on significant issues facing the
corporation.
4. Oversee processes for evaluating the adequacy of
internal controls, risk management, financial
reporting, and compliance, and satisfy itself as to
the adequacy of such processes.
5. Nominate directors and ensure that the structure and
practices of the board provide for sound corporate
governance.
1.
Responsibilities:
MANAGEMENT
1.
2.
3.
4.
5.
6.
Design and implement programs and controls to
prevent, detect, and deter fraud
Ensure that the company complies with applicable laws
and regulations
Safeguard assets
Establish and maintain sound accounting information
systems in compliance with GAAP or other
comprehensive bases of accounting.
Use appropriate and reasonable accounting estimates
Ensure that financial statements are free from material
misstatements cause by errors or fraud.
Responsibilities:
AUDITORS
1.
2.
3.
4.
5.
6.
7.
8.
Plan and perform the audit to obtain reasonable assurance
whether the financial statements are free of material
misstatement whether caused by error or fraud.
Be knowledgeable of the red flags of fraud.
Consider the opportunities and motivations for the
occurrence of fraud.
Conduct discussions among engagement personnel
regarding the risks of material misstatements due to fraud
Assess the engagement and control environment risks
factors that may result in a material misstatement due to
fraud.
Assess management’s response regarding the risk of fraud.
Document the auditor’s consideration of fraud.
Communicate to senior management, the audit committee
or others, whether the auditor has determined there is
evidence that fraud may exist.
CPA Responsibilities:
REVIEW
•
Possess a level of knowledge of the accounting
principles and practices of the industry in which the
entity operates.
•
Possess a general understanding of the entity’s
organization and operating characteristics to include
knowledge of the entity’s production, distribution, and
compensation methods, types of products and services,
operating locations, and material transactions with
related parties.
•
Perform inquiry and analytical procedures.
CPA Responsibilities:
REVIEW
•
Obtain a representation letter signed by the chief executive
officer and chief financial officer.
•
Obtain additional or revised information or perform
additional procedures when the accountant becomes
aware that information supplied by the entity is
incorrect, incomplete or otherwise unsatisfactory to
achieve limited assurance that there are no material
modifications that should be made to the financial
statements in order for the statements to be in
conformity with generally accepted accounting
principles (GAAP).
CPA Responsibilities:
REVIEW
•
SSARS-12 states that the accountant is not required to plan a review engagement
specifically to discover fraudulent financial statements.
•
Does NOT relieve an accountant of responsibility if incorrect, incomplete, or
otherwise unsatisfactory information comes to his/her attention during the
engagement.
•
The accountant is required to establish an understanding with the client,
preferably in writing, which includes a statement that the accountant
will inform the appropriate level of management of any fraud or illegal
acts that come to his/her attention.
•
The accountant need not report any matters regarding illegal acts that may have
occurred that are clearly inconsequential.
•
The accountant is required to report all matters involving fraud.
CPA Responsibilities:
COMPILATION
•
Possess a level of knowledge of the accounting principles and practices of the
industry in which the entity operates.
•
Possess a general understanding of the nature of the entity’s business
transactions, the form of its accounting records, the stated qualifications of its
accounting personnel, the accounting basis on which the financial statements
are to be presented, and the form and content of the financial statements.
•
Obtain additional or revised information when the accountant
becomes aware that information supplied by the entity is incorrect,
incomplete, or otherwise unsatisfactory for the purpose of
compiling financial statements.
•
Read the compiled financial statements to assure they are appropriate in form
and free from obvious material errors.
CPA Responsibilities:
COMPILATION
•
SSARS-12 states that the accountant is not required to plan a compilation
engagement specifically to discover fraudulent financial statements.
•
Does NOT relieve an accountant of responsibility if incorrect, incomplete, or
otherwise unsatisfactory information comes to his/her attention during the
engagement.
•
The accountant is required to establish an understanding with the client,
preferably in writing, which includes a statement that the accountant will inform
the appropriate level of management of any fraud or illegal acts that come to
his/her attention.
•
The accountant need not report any matters regarding illegal acts that may have
occurred that are clearly inconsequential.
•
The accountant is required to report all matters involving fraud.
CPA Responsibilities:
TAX PREPARATION
•
May in good faith rely, without verification, on information furnished by the
taxpayer or by third parties.
•
May not ignore the implications of information furnished and
should make reasonable inquiries if the information furnished
appears to be incorrect, incomplete, or inconsistent either on its
face or on the basis of other facts known.
•
Should refer to the taxpayer’s returns for one or more prior years whenever
feasible.
•
Must exercise due diligence in preparing or assisting in the preparation of,
approving, and filing tax returns, documents, affidavits, and other papers
relating to Internal Revenue Service matters (Treasury Department Circular
No. 230).
Professional Skepticism
Professional Skepticism
Professional Skepticism
How We Lose Skepticism
How We Can Get It Back
Personal Relationship
We have a personal relationship with the client, who
has never lied to us before. To question the client’s
integrity seems like a violation of the friendship.
Make it clear the investigation and corroboration is
part of your engagement. It is nothing personal –
professional audit standards require evidence.
Past History
We Rationalize: No one at this client has tried to
commit fraud before, why should things be different
now?
Things Change: Changes in personal circumstances
may provide incentive; changes in controls may
provide opportunities. The past is not audit evidence
for the current period.
Lack of Experience
It is rare that independent auditors experience a
fraud at one of their clients. For this reason, we can
“let our guard down” and fail to see the red flags.
Become familiar with the most common frauds in
your client’s industry, how they are concealed, and
the signs that they have occurred.
Limited Interactions
Most of our inquiries are made of the accounting
personnel, who only reinforce our assumptions.
Get Outside the accounting department. Talk to
operational personnel; get a different point of view
that challenges your assumptions.
Fraud Triangle
Opportunities
 Lack of Controls that Prevent and/or Detect
Fraudulent Behavior
 Loose Controls (No Separation of Duties)
 Lax Controls (Unenforced)
 Inability to Judge Quality of Performance
 Failure to Discipline Fraud Perpetrators
 Lack of Access to Information
 Ignorance, Apathy, and Incapacity
 Lack of an Audit Trail
 No Documentation of Systems, Procedures or
Policies
Motivations/Pressures/Needs
 Economic Need or Greed
 Living Beyond One’s Means
 Desire for Social Acceptance
 High Bills or Personal Debt
 Poor Credit
 Personal Financial Losses
 Gambling and/or Drug Additions
 Failing Marriages/Multiple Partners
 Unexpected Financial Needs
 Failing Health Needs
Rationalizations
 The Rewards Outweigh the Risks of Apprehension







and Punishment
Stealing is Easier Than Working
Nobody Will Get Hurt
It’s For a Good Purpose
We’ll Fix the Books as Soon as We Get Over This
Financial Difficulty
Everybody’s Doing it
I’m Just Borrowing, Not Stealing
I’m Not Stealing, the Money is Owed to Me
Fraud – Employee Red Flags
1. Changes in behavior
11. Wheeler-dealer attitude
2. Changes in lifestyle
12. Addiction problems
3. Irritability, suspiciousness or
Defensiveness
13. Control issues/unwillingness to
share duties
4. Instability in life
Circumstances
14. Refusal to take vacations
5. Excessive family or peer
pressure for success
15. Unusually close association with
vendor or customer
6. Unexpected financial needs
16. Excessive pressure from within
organization
7. Past legal problems
17. Complaining about lack of
authority
8. Divorce or family problems
18.Complaining about inadequate
pay
9. Living beyond one’s means
19. Past employment – related
problems
10.Poor credit
20.Anticipating future layoff
The Non – Profit High Risk Environment
1.
Enhanced credibility and trust by virtue of being a
nonprofit.
6.
Frequently have an all-volunteer Board of
Directors with little or no financial oversight
expertise.
2.
Motivated by their mission and, not necessarily by
making a profit.
7.
Typically have non-reciprocal transactions, such as
charitable contributions, which are easier to steal
than other sources of revenue where there is
consideration exchanged.
8.
3.
Often place excessive control in their founder,
executive director or substantial contributor.
Often have large amounts of cash flow from
donations, fundraisers, etc.
4.
Often allocate limited resources to accounting,
internal controls and financial oversight.
9.
Often lack benchmarks or typical ratio analysis as
a means of monitoring performance.
5.
Often have many volunteers working in the
organization who are privy to confidential
information.
10. Highly susceptible to the effects of negative
publicity and, therefore, reluctant to report, or
even discuss fraud, when it occurs.
The Fraud Environment
Variable
High Fraud Potential
Low Fraud Potential
Management Style
Autocratic
Participative
Management Orientation
Low Trust
Power Driven
High Trust
Achievement Driven
Distribution of Authority
Centralized
Decentralized
Planning
Short Range
Long Range
Performance
Quantitatively ; shortterm basis
Quantitatively and
Qualitatively; long-term
basis
Business Focus
Profit
Customer
Management Strategy
Crisis
Objectives
Reporting
By Routine
By Exception
Policies and Rules
Rigid and Inflexible;
strongly enforced
Reasonable; fairly enforced
The Fraud Environment
Variable
High Fraud Potential
Low Fraud Potential
Primary Management
Concern
Capital Assets
Human, then Capital
Reward System
Punitive, Penurious,
Politically Administered
Generous, Reinforcing,
Fairly Administered
Feedback on Performance
Critical, Negative
Positive, Stroking
Interaction Mode
Issues are Repressed
Issues are Addressed
Payoffs for Good Behavior
Monetary
Promotion, Recognition
Business Ethics
Ambivalent; rides the
tide
Clearly Defined; regularly
followed
Internal Relationships
Competitive; hostile
Competitive; supportive
Values and Beliefs
Economic; self-centered
Social; group-centered
Success Formula
Works Harder
Works Smarter
Human Resources
Burnout, High Turnover
Low Turnover, Satisfaction
The Fraud Environment
Variable
High Fraud Potential
Low Fraud Potential
Company Loyalty
Low
High
Major Financial Concern
Cash Flow Shortage
Opportunities for New
Investment
Growth Pattern
Sporadic
Consistent
Relationship with
Competitors
Hostile
Professional
Innovativeness
Reactive, Follower
Proactive, Leader
CEO Characteristics
Self-interested,
Insensitive
Professional, Respected,
Thoughtful
Systems and Controls
Bureaucratic,
Regimented, Inflexible
Collegial, Systematic,
Horizontal
Internal Communication
Formal, Written, Stiff
Informal, Clear, Candid
Peer Relationships
Hostile, Aggressive
Cooperative, Friendly
Stages of a Troubled Company
Early Stage
Mid Stage
Late Stage
Stagnating/Declining Unit
Sales Volume
Continued Decline in Sales
Production and Distribution
Schedules Missed Repeatedly
Increasing Inventory Levels
Significant Increases in
Inventory
Widespread Customer
Complaints
Declining Operating Margins
Operating Loses
Problems Collecting Accounts
Receivable
Aging Payables
Vendors Reluctant to
Provide Credit
Vendors Requiring COD
Less Operating Cash
Low Liquidity
Negative Cash and Capital
Increased Borrowing
Difficulty Making Debt
Service Payments
Creditors Threatening to Call
Loans or Seize Collateral
Interest Rising faster than
Sales
Difficulty Meeting NET
Payroll
Late or No Payroll Tax
Deposits
Declining Morale
Increasing Turnover
Turnover High/Morale Low
Employee Embezzlement Examples
Embezzlement
Business
Annual
Revenues
Amount
Period
$2M
$580K
2 ½ Yrs
General Contractor
$10M
$963K
4 ½ Yrs
Catalogue Co.
$15M
$760K
6 Yrs
Architecture Firm
$8M
$900K
2 ½ Yrs
Oil Distributor
$6M
$600K
2 Yrs
$300K
$37K
1 ½ Yrs
Law Firm
Senior Center
Fraud Prevention Strategies
Clearly Communicate Behavior Expected Of Employees
2. Be Alert To Changes In Employee Attitude, Behavior, And Lifestyle
3. Perform Background Checks On All Employees
4. Require Uninterrupted Vacations And Rotation Of Responsibilities
For All Employees
5. Limit Number Of Authorized Check Signers
6. Account For Sequences
7. Establish Budget And Monitor Actual Results Monthly
8. Obtain Fidelity Bond Coverage
9. Don’t Limit Focus To Financial Fraud
10. Set The Example For High Ethical Standards
11. Owner/Chief Executive Approval For Any changes To Master Files
1.
Anti-Fraud Best Practices
Whistleblower Hotline
“A key defense against management override of internal
controls is a process for anonymous submission of
suspected wrongdoing…Various forms of fraud are
detected 40 percent of the time by tips which [makes] this
the leading method of detecting fraud.”
Whistleblower Hotline
Advantages
1.
Minimizes the fear of retaliation by either informal peer groups or
supervisors.
2.
Earlier detection is the best way to limit the loss. Fraud losses are
generally 50% less when detected through a hotline tip.
3.
Can be used to early report discrimination or harassment claims.
4.
Interactive communication generates significantly more information
than a one-way communication.
5.
An outside complaint mechanism provides a second means of
handling issues not previously addressed by those close to the
problem.
Anti-Fraud Best Practices
Code of Business Ethics and Conduct
1.
Guide to acceptable and appropriate behavior
Employees – Vendors – Customers.
2. Expectation of full compliance within the letter and
spirit of the rules presented.
3. Guide to disciplinary action for violators.
4. Not a substitute for common sense.
Code of Business Ethics and Conduct
Contents
1.
Fair competition
9.
Expense reimbursement
2.
Compliance with laws and
regulations
10.
Company credit cards
3.
Conflicts of interest
11.
Software and computers
4.
Gifts and entertainment
12.
Political contributions
5.
Outside employment
13.
Conduct on company business
6.
Relationships with suppliers and
customers
14.
Violation reporting
7.
Confidential information and
privacy of communication
15.
Discipline
8.
Cash and bank accounts
16.
Annual representations in
writing of no known violations

similar documents