Document

Report
Chartered Accountants Audit Conference
Evolution of the Fraud Standard
from AUS 210 to ASA 240
Marj Wessels CA
Director Professional Standards
PKF
charteredaccountants.com.au
Content
Objectives
The Enron debacle
AICPA Response
AUASB Response
Conclusion
Objectives
>
Provide background against which the current fraud
standard has developed
>
Examine the revised fraud standard issued shortly after
the Enron bankruptcy filing
>
Examine the fraud standard updated by the IAASB in
conjunction with the risk standards, and adopted by the
AUASB 15 December 2004
>
Consider the mandatory requirements of the current
legislated fraud standard
Heading Style
The Enron Debacle
Body copy
> Bullet style
The US Sneezes the World
catches Cold
Protection of Investors and the Public
Pre - Enron
US
GAAP – Generally Accepted
Accounting Principles
GAAS – Generally Accepted
Auditing Standards
SAS – Statements on
Auditing Standards & All
Professional Ethics
Australia
• AASB
• AUS
• AGS and APS
The Accounting Theory
GAAP defined as:
> a dynamic set of both broad and specific guidelines
> that companies should follow
> when measuring and reporting
> Financial information
The Old Auditing Theory
During annual audits performed by external
independent auditors checks were performed to
make sure:
> The entity following GAAP consistently
> If not, entity to show rationale why not
> Entity required to demonstrate treatment is ethical and
appropriate in their specific situation
The Old Auditing Theory Cont’d
This left the field open to interpretation
>
>
>
AICPA added stipulation of consistent application over
time.
Aim of GAAP & AICPA rules to make
financial statements as accurate and reliable as possible
What Did Enron Do?
Took existing rules and circumvented them
> Balance sheet bolstered by inflated asset values
> Dispersed liabilities to subsidiaries
> Failed to consolidate these subsidiaries
> Massive misstatement of financial statements
> Designed so that certain individuals in the company could
make money from increased investments by shareholders
>
Enron’s GAAP Strategy
Balance sheet with many intellectual assets
> Patents and trademarks were good
> Actual assets were bad & should be immaterial compared
to intangibles
> Most of the debts and tangible assets on balance sheets
of partnerships run by key officers of the entity.
>
The Outcome of Enron’s Activities
When Enron declared bankruptcy on December 2001 it had
$US 13.1 billion in debt on Enron’s books
> $US 18.1 billion in debt on subsidiaries books
> Estimated $US 20 billion more debt off balance sheet
(Zellner)
>
Perceived Failings of the Auditors AA
Perception about their independence
• Enron 2nd largest AA client
• Consulting fees earned in 2000 more than half total
fees earned
> Did not identify fraud where fraud existed
> Internal memos evidenced unresolved conflict between
auditors and audit committee
>
Perceived Failings of the Auditors AA
>
Internal AA emails expressing concern about Enron’s
accounting practices
>
Concerns overturned by the Lead Partner
>
Suspicion/ evidence that the Audit Team wrote fraudulent
memos stating that the Professional Standards Group
approved of the accounting practices.
Perceived Failings of the Auditors AA
AA had 2 major recent audit failures before
Enron:
> 1996 Waste Management
Income inflated by over $ 1billion between 1992 and
1996
1997 Sunbeam –
SEC determined – Sunbeam used Accounting tricks to
create false sales and profit.
>
AICPA Response
SAS
Standards
Effective
Impact
Example
SAS 96
January 2002
Dealt with record retention
policies and requirement for
auditor to document all
significant decisions or
judgements
Approval by auditor of
client application of
GAAP
SAS 98
Made many
revisions and
amendments to
previous
statements
Changes to GAAS
Relationship between
GAAS & Quality Control
Standards
SAS 99
Audit risk and materiality
concepts in audits
Outlines what fraud is and
reaffirms necessity to gather all
information
Revenue Recognition
recognised as a fraud
risk
Heading Style
AUASB Response
Body copy
> Bullet style
Ongoing update and refinement of
the existing Fraud Standard
Content
AUS 210 Issued January 2002
AUS 210 Issued June 2004
ASA 240 Legislated & effective 1 July
2006
Heading Style
AUS 210- Issued
Body copy
January 2002
> Bullet style
Auditor’s responsibility to consider
Fraud and Error In an Audit of a
Financial Report
AUS 210 – Issued January 2002
>
“Auditors responsibility to consider Fraud and Error In an
Audit of a Financial Report”
>
Effective 15 December 2002
>
Compatible with ISA 250
>
Replaced AUS 210 –”Irregularities, Including Fraud ,
Other Illegal Acts and Errors” – October 1995 revised
February 1999
AUS 210 – Issued January 2002
Focuses on auditor’s responsibilities with respect to fraud
and error
> Explains the distinction between fraud and error
> Primary responsibility for prevention and detection noted
to rest with both:
• Those charged with governance and
• Management
>
AUS 210 – Issued January 2002
>
AUS 218 “Consideration of Laws and Regulations in an
Audit of a Financial Report” issued to address Laws and
Regulations separately
>
AUS 210 ( 2002), focuses on Fraud and Error only
• Expanded the basic principles and essential
procedures
• Relating to risk of material misstatement
resulting from fraud and error
• In an audit of a financial report
AUS 210 – Issued January 2002
Introduced requirement for:
> Auditor Discussions with Audit Team at planning stage
> More extensive enquiries of management with respect to
fraud & error
> Fraud & error considerations to be linked to assessment
of inherent and control risk, and vice versa.
> Design of audit procedures to specifically respond to and
address identified risk of fraud & to be documented
> Consideration whether any misstatement identified
indicates fraud
AUS 210 – Issued January 2002
Management Representation Letters to include:
>
Disclosure of all facts relating to fraud or possible fraud
Managements belief that the uncorrected misstatements
> aggregated by the auditor are immaterial to the financial
statements as a whole
>
AUS 210 – Issued January 2002
Communication by the auditor to the appropriate level
of management or Governance:
> Specific matters in relation to fraud or error
> Including material misstatements due to error
> Timely communication required
> Communication to those charged with governance of
uncorrected misstatements aggregated by the auditor and
determined by management to be immaterial both:
• Individually and in
• Aggregate
AUS 210 – Issued January 2002
>
>
>
Emphasised the distinction between
• Management Fraud
• Employee fraud
Expanded the discussion of fraudulent financial reporting
Clarified the discussion of the inherent limitations of an
audit to detect fraud
AUS 210 – Issued January 2002
>
Emphasised the importance of professional scepticism
>
Alert to evidence that brings into question reliability of
management representations
>
Risk of over generalising when drawing conclusions from
audit observations
>
Risk of using faulty assumptions in determining audit
procedures and evaluating results
Distinction Between Fraud and Error
Misstatements in the financial report can
arise from fraud or error:
> Fraud – underlying action intentional
> Error – underlying action unintentional
Definition of Error Under AUS 210
>
A mistake in gathering or processing data from which the
financial report is prepared.
>
An incorrect accounting estimate arising from oversight or
misinterpretation of facts.
>
A mistake in the application of accounting principles
relating to measurement, recognition, classification,
presentation or disclosure.
Fraud for Purposes of AUS 210
>
Causes a material misstatement in the financial report
>
Intentional Act by management, those charged with
governance, employees, or third parties
>
Involves the use of deception to obtain an unjust or illegal
advantage.
Types of Fraud AUS 210
2 Types of fraud that are relevant to auditors:
> Fraudulent financial reporting
> Misappropriation of assets
Fraudulent Financial Reporting
>
Can be accomplished by: Manipulation, falsification
(including forgery), or alteration of accounting records
or supporting documentation from which the financial
report is prepared
>
Misrepresentation, or intentional omission from the
financial report of events, transactions and other
significant information
>
Intentional misapplication of accounting principle
relating to amounts, classifications, manner of
presentation, or disclosures
Management Override
>
Examples include:
• Concealing or not disclosing facts that may affect
amounts in the financial report
• Engaging in complex transactions that are structured to
misrepresent financial position or performance of the
entity
• Altering records or terms related to significant and
unusual transactions
Misappropriation of Assets
>
Involves theft of an entity’[s assets and is often
perpetrated by employees in relatively small and
immaterial amounts and is usually accompanied by false
or misleading documentation to cover up the fact that
assets are missing or have been pledged. Examples:
• Embezzling receipts
• Stealing physical assets
• Causing an entity to pay for goods and services not
received
• Using an entity’s assets for personal use
What Does Fraud Involve
>
Incentive or pressure to commit the fraud
>
Perceived opportunity to commit the fraud
>
Rationalisation of the act
AUS 210- Issued
June 2004
The Auditors Responsibility to
Consider Fraud in an Audit of a
Financial Report
AUS 210 – Issued June 2004
Effective 15 December 2004
> Built on the new Risk Standards issued in 2003
> Requires the auditor to:
>
• Be more proactive in considering the risk of fraud in an audit of a
financial report
• Focus on areas where there is a risk of material misstatement due
to fraud
• Pay attention to the risk of management fraud
• Design and perform procedures to respond to identified risks
AUS 210 – Issued June 2004
>
Requires the auditor to:
>
Perform procedure to obtain information that is used to
identify the risks of material misstatement
Identify risks at assertion level and at financial report level
Evaluate controls related to material identified risk
Determine responses to identified risk of fraud
Establishes documentation requirements
>
>
>
>
AUS 210 – Issued June 2004
>
Based on revised ISA 240 issued by the IAASB in early
2004.
ASA 240
Heading
Style
Issued April 2006
Body copy
> Bullet style
The Auditors Responsibility to
Consider Fraud in an Audit of a
Financial Report - Legislated
ASA 240 – Issued April 2006
>
Effective as a legislated standard 1 July 2006
>
Use of word ‘ shall’ instead of ‘should” in mandatory
paragraphs
>
Clarity on impact of guidance paragraphs
>
Need to consider implications of Whistle blowing
legislation
Mandatory ( Bold letter) Requirements of
ASA 240
>
Consider the risks of material misstatement in the financial
report due to fraud
>
Exercise professional scepticism
>
Hold engagement team discussions on risk of fraud
>
Communications on fraud to other team members not
involved in the team discussion
Make enquiries of management & others on existence of
fraud and risk of fraud
>
Mandatory (Bold letter) Requirements
of ASA 240
>
Enquiries of those charged with Governance on existence
& risk of fraud
>
Consideration of fraud risk factors
>
Performing analytical review
>
Obtaining and understanding internal control
>
Identifying significant risks of fraud at the assertion level
and financial report level
>
Treat Revenue recognition as a presumed significant risk
of fraud.
Mandatory (Bold letter) Requirements
of ASA 240
In determine overall response to address the risks of
material misstatement due to fraud at the financial report
level:
Consider assignment and supervision of personnel
> Consider accounting polices used
> Incorporate an element of unpredictability
>
Mandatory (Bold letter) Requirements
of ASA 240
To respond to management override of control:
>
>
>
Test appropriateness of journal entries
Review accounting estimates for biases
Understand business rationale of significant or unusual
transactions
Mandatory (Bold letter) Requirements
of ASA 240
Perform overall analytical review at or near the end of the
audit
> Consider whether misstatements identified are indicative
of fraud
> Requirement to consider implication for the audit where
fraud exists and financial report may as a result be
materially misstated
>
Mandatory (Bold letter) Requirements
of ASA 240
Management representation letters obtained
by the auditor to include acknowledgement by
management
> Responsibility for design an implementation of internal
control to prevent and detect fraud
> Disclosure of results of its assessment of risk that
financial report may be misstated due to fraud
> Disclosure of management, employee or other fraud
Mandatory (Bold letter) Requirements
of ASA 240
Communication by the auditor of existence of identified
fraud to those charged with Governance as soon as
practical
Mandatory (Bold letter) Requirements
of ASA 240
>
Considerations if auditor is unable to continue with the
engagement due to fraud
Mandatory (Bold letter) Requirements
of ASA 240
Documentation
Fraud discussions of audit Team
> Identified fraud risks at the assertion level and the
financial report level
> Overall responses to assessed risks of material
misstatement due to fraud at the financial report level
> Linkage of those procedures with assertion level risk
> Results of those the audit procedures
>
Mandatory (Bold letter) Requirements
of ASA 240
The auditor is required to document:
>
>
>
>
Fraud communications to management, those charge with
governance, regulators and others
If justified, effective rebuttal of the presumption that
revenue recognition is a significant risk of fraud
Summary Activities Under ASA 240
Planning
Map Planning to Risk of
material misstatement and
plan audit response
Respond to
Management
Override
Completion *
Reporting on
fraud
Team Fraud
Discussions
Risk of misstatement
at the Financial Report
Level
JE testing
Management rep
letters
Discussions with
management &
TCWG
Preliminary
Analytical review
Obtain
understanding of the
entity
Obtain understanding
of internal control
Risk of misstatement
at the Assertion Level
Review Accounting
Estimates for Bias
Revenue Recognition
Understand business
rationale
Overall Analytical
review
Report to management
Report to TCWG
Report to regulatory
bodies
Conclusion
Discussion
> Enquiry
> Professional Scepticism
> Understanding risk of fraud
> Revenue Recognition mandatory significant risk of fraud
> Auditor response
> Consider Management Override
> Documentation
> Communication & Reporting
>

similar documents