ASSESSING

AND RESPONDING
TO FRAUD RISKS
CHAPTER 10

Copyright 2017 Pearson Education, Ltd. 10-1

 CHAPTER 10 LEARNING OBJECTIVES

10-1 Define fraud and distinguish between fraudulent financial

reporting and misappropriation of assets.
10-2 Describe the fraud triangle and identify conditions for
fraud.
10-3 Understand the auditors responsibility for assessing the
risk
of fraud and detecting material misstatements due to
fraud.
10-4 Identify corporate governance and other control
environment
factors that reduce fraud risks.

Copyright 2017 Pearson Education, Ltd. 10-2

 CHAPTER 10 LEARNING OBJECTIVES (CONT.)

10-5 Develop responses to identified fraud risk.

10-6 Recognize specific fraud risk areas and develop procedures to
detect fraud.
10-7 Understand interview techniques and other activities after
fraud
is suspected.
10-8 Describe information about the fraud risk assessment that
must
be documented in the working papers.

Copyright 2017 Pearson Education, Ltd. 10-3

 OBJECTIVE 10-1
Define fraud and distinguish
between fraudulent financial
reporting and
misappropriation
of assets.

Copyright 2017 Pearson Education, Ltd. 10-4

 TYPES OF FRAUD
Fraudulent Financial ReportingAn intentional
misstatement or omission of amounts or disclosures with the
intent to deceive users.
Most cases involve an attempt to overstate income, but can
also understate income.
Earnings management involves fraud to meet earnings
goals.
Income smoothing is a form of earnings management that
shifts income from year to year to reduce fluctuations.

Misappropriation of AssetsFraud that involves theft of an

entitys assets. Normally perpetrated by lower level
employees, but can involve upper management.

Copyright 2017 Pearson Education, Ltd. 10-5

 OBJECTIVE 10-2
Describe the fraud triangle
and identify conditions for
fraud.

Copyright 2017 Pearson Education, Ltd. 10-6

 CONDITIONS FOR FRAUD
Three conditions for fraud are referred to as the fraud triangle:
1. Incentives/PressuresManagement or other employees have
incentives or pressures to commit fraud.
2. OpportunitiesCircumstances provide opportunities for
management or employees to commit fraud.
3. Attitudes/RationalizationAn attitude, character, or set of
ethical values exists that allows management or employees to
commit a dishonest act, or they are in an environment that
imposes sufficient pressure that causes them to rationalize
committing a dishonest act.

The fraud triangle is illustrated in Figure 10-1.

Risk factors for fraudulent financial reporting are shown in
Table 10-1.

Copyright 2017 Pearson Education, Ltd. 10-7

Copyright 2017 Pearson Education, Ltd. 10-8
Copyright 2017 Pearson Education, Ltd. 10-9
 CONDITIONS FOR FRAUD (CONT.)

Commonly cited fraud risk conditions are shown in Figure 10-2.

The characteristics of fraud perpetrators are detailed in Figure
10-3.

Risk Factors for Misappropriation of Assets The same three

conditions apply to misappropriation of assts.
However, in assessing risk factors, greater emphasis is placed
on individual incentives and opportunities for theft.
Examples of fraud risk factors for each of the three conditions
for misappropriation of assets are provided in Table 10-2.

Copyright 2017 Pearson Education, Ltd. 10-10

Copyright 2017 Pearson Education, Ltd. 10-11
Copyright 2017 Pearson Education, Ltd. 10-12
Copyright 2017 Pearson Education, Ltd. 10-13
 OBJECTIVE 10-3
Understand the auditors
responsibility for assessing
the risk of fraud and
detecting material
misstatements due to fraud.

Copyright 2017 Pearson Education, Ltd. 10-14

 ASSESSING THE RISK OF FRAUD

Professional SkepticismAuditing standards

require that the audit be planned and performed
with an attitude of professional skepticism.
This involves two components:
Questioning mind
Critical evaluation of audit evidence

Copyright 2017 Pearson Education, Ltd. 10-15

 ASSESSING THE RISK OF FRAUD (CONT.)

Sources of Information to Assess Fraud Risks (Figure 10-4)

1. Communication Among Audit Team
1. How and where the entitys financial statements might be susceptible to
material misstatement due to fraud.
2. How management could perpetrate and conceal fraudulent financial
reporting.
3. How anyone might misappropriate assets of the entity
4. How the auditor might respond to the susceptibility of material
misstatements due to fraud.
2. Inquiries of Management
3. Risk Factors
4. Analytical ProceduresSee horizontal analysis in Figure 10-5.
5. Other Information

Copyright 2017 Pearson Education, Ltd. 10-16

Copyright 2017 Pearson Education, Ltd. 10-17
Copyright 2017 Pearson Education, Ltd. 10-18
 ASSESSING THE RISK OF FRAUD (CONT.)

Identified Risks of Material Misstatement Due to Fraud

Auditors evaluate all of the sources of information to assess the
risk of material misstatement due to fraud as part of audit
planning.
This assessment continues throughout the audit because the
auditor may learn new information while performing audit
procedures.
Auditing standards require that the auditor presume there is a risk
of fraud in revenue recognition. If the auditor concludes that this
assumption does not apply, it must be documented in the working
papers.

Copyright 2017 Pearson Education, Ltd. 10-19

 OBJECTIVE 10-4
Identify corporate
governance and other control
environment factors
that reduce fraud risks.

Copyright 2017 Pearson Education, Ltd. 10-20

 CORPORATE GOVERNANCE OVERSIGHT TO
REDUCE FRAUD RISKS

Management is responsible for implementing

corporate governance and control procedures to
minimize the risk of fraud, through a combination
of prevention, deterrence, and detection measures.
The AICPA identifies three elements to prevent, deter,
and detect fraud:
1. Culture of honesty and high ethics
2. Managements responsibility to evaluate risks of fraud
3. Audit committee oversight

Copyright 2017 Pearson Education, Ltd. 10-21

 CORPORATE GOVERNANCE OVERSIGHT TO
REDUCE FRAUD RISKS (CONT.)
Culture of Honesty and High Ethics
The most effective way to prevent and deter fraud is to implement
antifraud programs and controls that are based on core values
embraced by the company.
Setting the Tone at the Top: Honesty and integrity by management
reinforces honesty and integrity by employees. Table 10-3 shows
contents of an effective code of conduct.
Creating a Positive Workplace Environment: Wrongdoing occurs less
frequently when employees have positive feelings about their
employer than when they feel abused, threatened, or ignored.
Hiring and Promoting Appropriate Employees: To prevent fraud,
companies implement screening policies and promote employees who
are trustworthy.

Copyright 2017 Pearson Education, Ltd. 10-22

Copyright 2017 Pearson Education, Ltd. 10-23
 CORPORATE GOVERNANCE OVERSIGHT TO
REDUCE FRAUD RISKS (CONT.)

Culture of Honesty and High Ethics (Cont.)

Training: New employees should be trained about the
companys expectations of employees ethical behavior.
Fraud awareness training should also be included.
Confirmation: Employees should periodically confirm their
responsibilities for complying with the code of conduct.
Discipline: Employees must know that they will be held
accountable for failure to follow the code of conduct.
Enforcement of violations of the code sends the message
that compliance with the code is expected.

Copyright 2017 Pearson Education, Ltd. 10-24

 CORPORATE GOVERNANCE OVERSIGHT TO
REDUCE FRAUD RISKS (CONT.)

Managements Responsibility to Evaluate Risks of Fraud

Identifying and Measuring Fraud Risks: Effective fraud
oversight begins with management recognition that fraud is
possible and almost any employee is capable of it. Figure 10-6
reflects the percentage reduction in losses from fraud due to
these antifraud controls.
Mitigating Fraud Risks: Management is responsible for
implementing controls to mitigate fraud risks.
Monitoring Fraud Prevention Programs and Controls:
Management should periodically evaluate antifraud programs
and ensure controls are effective. Internal audit plays a key
role in monitoring.

Copyright 2017 Pearson Education, Ltd. 10-25

Copyright 2017 Pearson Education, Ltd. 10-26
 CORPORATE GOVERNANCE OVERSIGHT TO
REDUCE FRAUD RISKS (CONT.)

Audit Committee Oversight

The audit committee has primary responsibility to oversee the
organizations financial reporting and internal control process.
The audit committee is a deterrent to fraud by senior management
by:
Direct reporting of key findings by internal auditors to the audit
committee
Periodic reports by ethics officers about whistleblowing
Other reports about lack of ethical behavior or suspected fraud
The responsibility of the audit committee for mitigating fraud is shown in
Figure 10-7.

Copyright 2017 Pearson Education, Ltd. 10-27

Copyright 2017 Pearson Education, Ltd. 10-28
 OBJECTIVE 10-5
Develop responses to
identified fraud risk.

Copyright 2017 Pearson Education, Ltd. 10-29

 RESPONDING TO THE RISK OF FRAUD

When an auditor identifies risks of material misstatements

due to fraud, the auditor develops responses at three
levels:
Overall ResponsesAssign more experienced personnel to
the audit or bring in a fraud specialist
Responses at the Assertion LevelChanging the nature,
timing, and extent of audit procedures
Responses Related to Management Override:
Examine journal entries and other adjustments for evidence
of possible misstatements due to fraud.
Review accounting estimates for biases.
Evaluate the business rationale for significant unusual
transactions.

Copyright 2017 Pearson Education, Ltd. 10-30

 RESPONDING TO THE RISK OF FRAUD (CONT.)

Update Risk Assessment ProcessThe auditors assessment of risk of

material misstatement due to fraud is ongoing throughout the audit.
The auditor should be alert for the following conditions during the audit:
Discrepancies in the accounting records
Conflicting or missing audit evidence
Problematic or unusual relationships between the auditor and management
Results from substantive or final review stage analytical procedures that
indicate a previously unrecognized fraud risk
Responses to inquiries made throughout the audit that are vague or
implausible or that produce evidence that is inconsistent with other
information

Copyright 2017 Pearson Education, Ltd. 10-31

 OBJECTIVE 10-6
Recognize specific fraud risk
areas and develop
procedures
to detect fraud.

Copyright 2017 Pearson Education, Ltd. 10-32

 SPECIFIC FRAUD RISK AREAS

Revenue and Accounts Receivable Fraud Risks The

Committee of Sponsoring Organizations (COSO) found that
more than half of financial statement frauds involve revenue
and accounts receivable, and related cash.
Three main types of revenue manipulation are:
1. Fictitious revenues
2. Premature revenue recognition
3. Manipulation of adjustments to revenue

Warning Signs of Revenue FraudTwo of the most useful are:

. Analytical procedures
. Documentary discrepancies

Copyright 2017 Pearson Education, Ltd. 10-33

 SPECIFIC FRAUD RISK AREAS (CONT.)

Revenue and Accounts Receivable Fraud Risks (cont.)

Misappropriation of Receipts Involving RevenueRarely as material as fraudulent
financial reporting, but is costly because it is a direct loss of assets (cash). Usually
involve one of the following:
Failure to Record a SaleOne of the most difficult types of fraud to
detect.
Theft of Cash Receipts After a Sale Is RecordedTo hide the theft, the
perpetrator must reduce the customers account in one of three ways:
1. Record a sales return or allowance.
2. Write off the customers account.
3. Apply the payment from another customer to the customers account.

Warning Signs of Misappropriation of Revenues and Cash ReceiptsAnalytical

procedures and comparisons are helpful. An example of the effects of fictitious
receivables on accounting ratios are shown in Table 10-4.

Copyright 2017 Pearson Education, Ltd. 10-34

Copyright 2017 Pearson Education, Ltd. 10-35
 SPECIFIC FRAUD RISK AREAS (CONT.)
Inventory Fraud RisksFictitious inventory has been at the
center of several major cases of fraudulent financial reporting.
Auditors are required to verify the existence of physical
inventories, but audit testing is done on a sample basis.
If inventory is stored in several locations, it is relatively easy
for the client to move inventory to the sample testing site.
Warning Signs of Inventory FraudAnalytical procedures,
especially gross profit margin percentage and inventory
turnover, are effective.
The effects of fictitious inventory on inventory turnover based
on the Crazy Eddie case are shown in Table 10-5.

Copyright 2017 Pearson Education, Ltd. 10-36

Copyright 2017 Pearson Education, Ltd. 10-37
 SPECIFIC FRAUD RISK AREAS (CONT.)
Purchases and Accounts Payable Fraud Risks Companies may
deliberately attempt to understate accounts payable and overstate income.

Misappropriation in the Acquisition and Payment Cycle The most

common fraud in the acquisition area is for payments to be issued to
fictitious vendors and depositing the cash in fictitious accounts.

Other Areas of Fraud Risk

Fixed AssetsCompanies may capitalize repairs to increase the amount
of assets on the balance sheet.
Intangible AssetsThe values of intangible assets, especially goodwill,
are based on estimates and are susceptible to manipulation.
Payroll ExpenseRarely an area for fraudulent financial reporting, but
often an area of misappropriation by payment to fictitious employees or
overstatement of payroll hours.

Copyright 2017 Pearson Education, Ltd. 10-38

 OBJECTIVE 10-7
Understand interview
techniques and other
activities after
fraud is suspected.

Copyright 2017 Pearson Education, Ltd. 10-39

RESPONSIBILITIES WHEN FRAUD IS SUSPECTED

Frauds are often detected by

Anonymous tips
Management review,
Internal audit, or by accident.
Common fraud detection methods are illustrated in Figure 10-8.
Auditors continually evaluate the evidence gathered for
indication of material misstatement due to fraud throughout the
duration of the audit.
When fraud is suspected, the auditor gathers additional
information to determine whether fraud actually exists.

Copyright 2017 Pearson Education, Ltd. 10-40

Copyright 2017 Pearson Education, Ltd. 10-41
 RESPONSIBILITIES WHEN FRAUD IS
SUSPECTED (CONT.)
When fraud is suspected, the auditor may use inquiry
to determine whether fraud actually exists.
Use of InquiryInquiry is an effective method of
gathering more information and may take the
following forms:
Informational inquiry
Assessment inquiry
Interrogative inquiry

Copyright 2017 Pearson Education, Ltd. 10-42

 RESPONSIBILITIES WHEN FRAUD IS
SUSPECTED (CONT.)

For inquiry to be effective, the auditor must be

skilled in:
Evaluating responses to inquiry
Listening techniques
Observing behavioral cues:
Verbal cues are outlined in Table 10-6.
Nonverbal cues are outlined in Table 10-7.

Copyright 2017 Pearson Education, Ltd. 10-43

Copyright 2017 Pearson Education, Ltd. 10-44
Copyright 2017 Pearson Education, Ltd. 10-45
 RESPONSIBILITIES WHEN FRAUD IS
SUSPECTED (CONT.)

Other Responsibilities When Fraud Is Suspected

Besides inquiry, the auditor may use any of the following
procedures to determine whether fraud actually exists:
Audit software analysis
Expanded substantive testing
Consider other audit implications

Copyright 2017 Pearson Education, Ltd. 10-46

 OBJECTIVE 10-8
Describe information about the
fraud risk assessment that
must be documented in the
working papers.

Copyright 2017 Pearson Education, Ltd. 10-47

 DOCUMENTING THE FRAUD ASSESSMENT

Auditors must document the following matters related

to consideration of material misstatements due to
fraud:
Significant decisions made during the discussion among
engagement team in planning the audit
Procedures performed to obtain information necessary
to identify and assess the risks of material fraud
Specific risks of material fraud that were identified at
both the overall financial statement level and the
assertion level and the auditors response to those risks
Reasons supporting a conclusion that there is not a
significant risk of material improper revenue recognition

Copyright 2017 Pearson Education, Ltd. 10-48

 DOCUMENTING THE FRAUD ASSESSMENT
(CONT.)
Auditors must document the following matters related to
consideration of material misstatements due to fraud
(cont.):
Results of procedures performed to address the risk of
management override of controls
Other conditions and analytical relationships indicating that
additional auditing procedures or other responses were
required, and the actions taken by the auditor in response
The nature of communications about fraud made to
management, the audit committee, or others

Copyright 2017 Pearson Education, Ltd. 10-49