Many CPAs still hold the view that there is no responsibility for an auditor to detect fraud. This is simply not the case and audit standards have only increased the auditor’s responsibilities relating to fraud over the years. The Canadian Auditing Standards (CAS) that became effective back in 2010 have an entire section devoted to the auditor’s responsibilities relating to fraud in an audit of financial statements. CAS 240 includes and provides guidance on how fraud is to be considered throughout the audit process.
The CASs require an auditor to maintain professional skepticism throughout the audit, recognizing the possibility that a material misstatement due to fraud could exist, notwithstanding the auditor's past experience of the honesty and integrity of the entity's management and those charged with governance. Furthermore, if conditions identified during the audit cause the auditor to believe that a document may not be authentic or that terms in a document have been modified but not disclosed to the auditor, the auditor shall investigate further. Additionally, where responses to inquiries of management or those charged with governance are inconsistent, the auditor shall investigate the inconsistencies.
Planning and Risk Assessment
CAS 240 provides detailed guidance on how fraud should be considered at the planning and risk assessment stages of an audit. At a high level the standard requires that fraud be considered during the following:
- During the planning discussions amoung the engagement team which is often referred to as the team planning meeting;
- When performing risk assessment procedures and related activities to obtain an understanding of the entity and its environment, including the entity’s internal control; and
- While identifying and assessing the risk of material misstatement the auditor is also required to identify and assess those risk of material misstatement due to fraud and both the financial statement level and at the assertion level for classes of transactions, accounting balances and disclosures.
CAS 240 Appendix 1 also provides a list of examples of fraud risk factors relating to misstatements arising from fraudulent financial reporting and misstatements arising from misappropriation of assets.
Responses to the Assessed Risks of Material Misstatement Due to Fraud
As fraud must be considered at the planning and risk assessment stages of an audit it must also be included in the auditor’s responses at both the financial statement and assertion levels. CAS 240.29 and CAS 240.A33 provides guidance on the auditor’s overall response to fraud:
In determining overall responses to address the assessed risks of material misstatement due to fraud at the financial statement level, the auditor shall:
Determining overall responses to address the assessed risks of material misstatement due to fraud generally includes the consideration of how the overall conduct of the audit can reflect increased professional skepticism, for example, through:
CAS 240.A37-A39 provide the following guidance with respect to determining audit procedures responsive to assessed risks of material misstatement due to fraud at the assertion level:
The auditor's responses to address the assessed risks of material misstatement due to fraud at the assertion level may include changing the nature, timing and extent of audit procedures in the following ways:
If the auditor identifies a risk of material misstatement due to fraud that affects inventory quantities, examining the entity's inventory records may help to identify locations or items that require specific attention during or after the physical inventory count. Such a review may lead to a decision to observe inventory counts at certain locations on an unannounced basis or to conduct inventory counts at all locations on the same date.
The auditor may identify a risk of material misstatement due to fraud affecting a number of accounts and assertions. These may include asset valuation, estimates relating to specific transactions (such as acquisitions, restructurings, or disposals of a segment of the business), and other significant accrued liabilities (such as pension and other post-employment benefit obligations, or environmental remediation liabilities). The risk may also relate to significant changes in assumptions relating to recurring estimates. Information gathered through obtaining an understanding of the entity and its environment may assist the auditor in evaluating the reasonableness of such management estimates and underlying judgments and assumptions. A retrospective review of similar management judgments and assumptions applied in prior periods may also provide insight about the reasonableness of judgments and assumptions supporting management estimates.
CAS 240 Appendix 2 provides a list of examples of possible audit procedures to address the assessed risks of material misstatement at the assertion level as well as specific responses to misstatements resulting from fraudulent financial reporting and misstatements due to misappropriation of assets.
Evaluation of Audit Evidence
The auditor is required, based on the audit procedures performed and the audit evidence obtained, to evaluate whether the assessments of the risks of material misstatement at the assertion level remain appropriate. This evaluation is primarily a qualitative matter based on the auditor's judgment. Such an evaluation may provide further insight about the risks of material misstatement due to fraud and whether there is a need to perform additional or different audit procedures. CAS 240 Appendix 3 contains examples of circumstances that may indicate the possibility of fraud.
Rate this Entry
Current rating: 1 yes votes, 0 no votes