audit team members have an understanding and awareness of signs of errors, frauds including direct-effect illegal acts, and indirect-effect illegal acts.. the audit be designed to respon
Trang 1CHAPTER 3
Management Fraud and Audit Risk
LEARNING OBJECTIVES
ReviewCheckpoints
Exercises, Problems and Simulations
1 Define and explain the differences among
several kinds of fraud, errors, and illegal acts
that might occur in an organization
2 Explain auditors’ responsibilities with respect
3 List and explain some conditions that can lead
to frauds
4 Explain auditors’ responsibilities with
5 Describe the conceptual audit risk model and
explain the meaning and importance of its
components in terms of professional judgment
and audit planning
7, 8, 9, 10 47, 51, 55, 58, 59
6 Define materiality and explain its relationship
7 List and describe eight general types of audit
procedures for gathering evidence
13, 14, 15, 16 44, 48, 49, 52
8 Describe the content and purpose of audit
Trang 2SOLUTIONS FOR REVIEW CHECKPOINTS
3.1 White collar crimes are frauds perpetrated by people who work in offices and steal with a pencil or
a computer terminal The contrast is violent street crime
Employee fraud is the use of fraudulent means to take money or other property from an employer
It consists of three phases: (1) the fraudulent act, (2) the conversion of the money or property to the fraudster’s use and (3) the cover-up
Embezzlement is a type of fraud involving employees or nonemployees wrongfully taking funds
or property entrusted to their care, custody, and control, often accompanied by false accounting entries and other forms of lying and cover-up
Larceny is simple theft of an employer’s property that is not entrusted to an employee’s care, custody or control
Defalcation is another name for employee fraud and embezzlement
Errors are unintentional misstatements or omissions of amounts or disclosures in financial statements
Direct-effect illegal acts are violations of laws or government regulations by the company or its management or employees that produce direct and material effects on dollar amounts in financial statements “Illegal acts” (far-removed) are violations of laws and regulations that are far
removed from financial statement effects (for example, violations relating to insider securities trading, occupational health and safety, food and drug administration, environmental protection, and equal employment opportunity)
3.2 AICPA auditing standards require that:
a audit team members have an understanding and awareness of signs of errors, frauds
(including direct-effect illegal acts), and indirect-effect illegal acts
b the audit be designed to respond to knowledge of fraud risks and provide reasonable
assurance of detecting material errors and frauds (including direct-effect illegal acts)
c audit team members should have the proper degree of professional skepticism, assuming
neither dishonesty nor unquestioned honesty of management
d for reporting, the materiality concept is different for errors, fraud, and illegal acts For
errors, the usual idea of materiality prevails; for frauds (including direct-effect and far-removed illegal acts) immateriality is expressed in terms of “clearly inconsequential.”Matters that fall below the threshold apparently can be reported to levels of management below the board of directors and audit committee More significant matters are reported
to the director level, and management involvement in frauds and illegal acts is never considered inconsequential
Trang 33.3 The seven steps specified by SAS 99: Consideration of Fraud in a Financial
Statement Audit are:
Step 1: Engagement Team Discussion (“Brain Storming”)
Step 2: Identify Information Necessary to Assess Fraud Risk FactorsStep 3: (a) Identify Risk Factors Related to Fraudulent Financial
Reporting and (b) Assess Fraud RisksStep 4: Respond to Assessed Risks
Step 5: Evaluate Audit Evidence
Step 6: Communicate Fraud Matters
3.4 Below are some other conditions and circumstances that have existed along with frauds in the
Operating Characteristics and Financial Stability
• Management has a motivation
(bonus compensation, stock
options, etc.) to engage in
fraudulent reporting.
• Management decisions are
dominated by an individual or
a small group.
• Management fails to display an
appropriate attitude about
internal control and financial
reporting.
• Managers’ attitudes are very
aggressive toward financial
• Managers and employees tend
to be evasive when responding
to auditors’ inquiries.
• Managers engage in frequent
disputes with auditors.
• Company profits lag the industry.
• New requirements are passed that could impair stability or profitability.
• The company’s market is saturated due to fierce competition.
• The company’s industry
• The company has significant transactions or balances that are difficult to audit.
• The company has significant and unusual related-party transactions.
• Company accounting personnel are lax or inexperienced in their duties.
Trang 4argue that they were altered to frame the suspect), they can lose their effectiveness for the prosecution.
Trang 53.6 a There is no difference among the categories at the awareness level
b The expectation is lower for far-removed illegal acts, where audit procedures (other than
inquiry and familiarity) are performed only when specific information indicates that possible illegal acts may have a material indirect effect on financial statements
c About the same degree of skepticism with respect to all the categories; in connection with
errors and frauds (including direct-effect illegal acts) auditors should have the proper degree of professional skepticism, assuming neither dishonesty nor unquestioned honesty
of management; in connection with far-removed illegal acts, auditors should make inquiries about management’s policies and procedures for compliance with laws and regulations and obtain written management representations concerning the absence of violations of laws and regulations
d For reporting, the materiality concept is different: (1) for errors, the usual idea of
materiality prevails, (2) for frauds (including direct-effect and far-removed illegal acts), immateriality is expressed in terms of “clearly inconsequential.” Matters that fall below the threshold can be reported to levels of management below the board of directors and audit committee More important matters go to the director level, and management involvement in frauds and illegal acts is never considered inconsequential
3.7 Audit risk is a concept applied both to the probability of issuing an inappropriate opinion and to
the probability of failing to detect material errors and frauds in a particular disclosure or account balance Audit risk is a conceptual combination of the other risks: Audit Risk = Inherent Risk x Internal Control Risk x Detection Risk
“Audit risk in an overall sense” refers to the audit taken as a whole and the probability that the auditors will issue an inappropriate opinion on financial statements Generally, this is the risk of giving the standard unqualified report when the financial statements contain material
misstatements or the report should be qualified or modified in some manner
“Audit risk applied to individual account balances” refers to the probability that auditors will fail
to discover misstatement in a particular account balance at least equal to the tolerable
misstatement assigned to the audit of that balance This version of audit risk is applied in concept
at the individual account balance level
3.8 The three components of audit risk are:
Inherent risk the probability that material errors or frauds have entered the data processing system
Internal control risk the probability that the client’s system of internal control will fail to detect material errors and frauds, provided any enter the accounting system in the first place
Detection risk the probability that audit procedures will fail to find material errors and frauds, provided any have entered the system and have not been detected or corrected by the client’s internal control system
Trang 63.9 From the Audit Risk Alert
Some of the effects of bad economic times auditors should be alert to detect in clients’ financial statements:
• Asset valuations recoverability and bases of accounting
• Inappropriate offsetting of assets and liabilities
• Changes in cost-deferral policies and the reasonableness of amortization periods
• Allowances for doubtful accounts, in general, and loan-loss allowances for financial
institutions, in particular
• Compliance with financial covenants and the necessity to obtain waivers from lending
institutions to meet current requirements
• Changes in sales practices or terms that may require a change in accounting
3.10 The nature of audit procedures refers to their effectiveness in detecting errors and fraud
Confirmation with third parties is more effective in detecting errors and fraud than verbal inquiry
The timing of audit procedures refers to when they are performed, usually at (1) interim, or at (2)
year-end However, timing may have other aspects such as surprise procedures (unannounced to client personnel) or procedures performed after the year-end
The extent of the application of procedures usually refers to the sample sizes of data examined,
such as the number of customer accounts receivable to confirm, or the number of inventory types
to count
3.11 “Material information” in accounting and auditing is “information that should be disclosed if it is
likely to influence the economic decisions of financial statement users
“Planning materiality” in an audit context is the largest amount of uncorrected dollar misstatementthat could exist in published financial statements, yet they would still fairly present the company’s financial position and results of operations in conformity with GAAP
3.12 “Vouching” relates to the examination of documents Generally, items of financial information are
selected from an account, and auditors then go backward through the bookkeeping-filing system tofind the source documentation which supports the item selected
“Tracing” essentially is the opposite direction compared to “vouching” In the process of tracing, auditors select sample items of basic source documents and proceeds forward through the
bookkeeping process to find the final recording of the accounting transactions
“Scanning” refers to the auditors scrutinizing documentation for unusual items and events
3.13 Auditors use eight general audit procedures to gather evidence: 1) inspection of records and
documents (vouching, tracing, scanning), 2) inspection of tangible assets, 3) observation, 4) inquiry, 5) confirmation, 6) recalculation, 7) reperformance, and 8) analytical procedures One or more of these procedures may be used no matter what account balance, control procedure, class of transactions, or other information is under audit
Trang 73.14 Five types of general analytical procedures:
1 Compare financial information with prior period(s)
2 Compare financial information with budgets or forecasts
3 Study predictable financial information patterns based on the entity’s experience
4 Compare financial information to industry statistics
5 Study financial information relationships to nonfinancial information
3.15 Yes, the Hylas and Ashton research brief in the chapter showed that auditors have credited
discovery of errors and frauds to analytical review procedures in 27.1% of the cases in a set of audits
3.16 Auditing standards do not require auditors to express planning materiality as a specific dollar
amount An event or amount may be material by its significance, either quantitatively or
qualitatively
3.17 An audit program is a list of the audit procedures the auditors need to perform to gather sufficient
appropriate evidence on which to base their opinion on the financial statements Auditors indicate when they have performed each procedure, and where the evidence is documented Thus, audit programs are used not only for quality control and supervision, but also as documentation that the audit team is following generally accepted auditing standards
3.18 An internal control program contains the specification of procedures for obtaining an
understanding of the client’s business and internal control and for assessing the inherent risk and the control risk related to the financial account balances and classes of transactions A substantive audit program contains the specification of substantive procedures for gathering direct evidence on
management’s assertions (i.e., existence, occurrence, completeness, cutoff, rights and obligations, valuation and allocation, accuracy, classification, and understandability) about amounts and
disclosures in the financial statements
Trang 83.19 Four “cycles” and accounts in them:
Revenue and collection cycle
Acquisition and expenditure cycle
Production and conversion cycleFinancing and investment cycle
X Income tax expense
SOLUTIONS FOR MULTIPLE-CHOICE QUESTIONS
3.20 a Incorrect Inherent risk is one component of the risk of material misstatement (the
correct answer)
b Incorrect Control risk is one component of the risk of material misstatement (the
correct answer)
c Incorrect Detection risk is the likelihood that the auditors will not detect
misstatements that may have entered the accounting system and not been detected or corrected by the client’s internal controls
d Correct This is the definition of the risk of material misstatement
3.21 a Correct The risk of material misstatement is composed of inherent risk and
control risk
Trang 93.22 a Correct Management is responsible for making the estimates in the first place,
just as management is primarily responsible for all the financial statement elements
b Incorrect Auditors need to determine the reasonableness of estimates
c Incorrect Auditors need to determine estimates are presented in conformity with
GAAP
d Incorrect Auditors need to determine whether estimates are adequately disclosed
in the financial statements
3.23 a Incorrect Independent auditors are supposed to understand the nature of errors
and frauds
b Incorrect Independent auditors are supposed to assess the risk of occurrence of
errors and frauds
c Incorrect Independent auditors are supposed to design audits to provide
reasonable assurance of detecting errors and frauds
d Correct Independent auditors are not required to report all finding of errors and
frauds to police authorities
3.24 a Incorrect This is the risk of giving an inappropriate opinion
b Incorrect This is the risk of misstatements entering the accounting system
c Incorrect This is the risk that the client’s internal control will not detect
misstatements that enter
d Correct This is the risk that auditors will not detect misstatements
3.25 a Incorrect The business situation creates inherent risk
b Incorrect Business risk is the name for the collective risk faced by a company
that engages in business It includes the probability that customers willbuy from competitors, that product lines will become obsolete, that taxes will increase, that government contracts will be lost, or that employees will go on strike
c Incorrect Control risk is a function of management’s design and operation of its
internal controls
d Correct Auditors are responsible for performing the evidence-gathering
procedures that manage and control detection risk
3.26 b Correct DR = AR/ (IRxCR) = 0.05/0.50 = 0.10
Trang 103.27 a Incorrect An audit program does not specify audit standards All the GAAS are
relevant in all audits
b Correct An audit program contains specifications of procedures the auditors
believe appropriate for the financial statements under audit
c Incorrect Documentation of the assertions under audit, the evidence obtained,
and the conclusions reached describe audit documentation, not audit programs
d Incorrect Reconciliation of the account balances in the financial statements with
the account balances in the client’s general ledger is one element of the content of audit documentation, not audit programs
3.28 a Incorrect These accounts are part of the acquisition cycle
b Incorrect These accounts are part of the conversion cycles
c Correct These accounts are part of the revenue cycle
d Incorrect These accounts are part of the financing and investment cycle
3.29 a Incorrect You won’t find an unrecorded item (completeness assertion) by looking
in the financial statement numbers
b Incorrect Starting with the potentially unrecorded items is an audit for the
completeness assertion, not the existence assertion
c Correct You can find evidence of existence of recorded amounts by selecting
from the recorded amounts (general ledger) and going back to the supporting original transaction documents
d Incorrect Selecting from the supporting original transaction documents and going
to the general ledger is an audit for the completeness assertion, not the existence assertion
3.30 a Incorrect While solving for DR works mathematically, you will find that IR (not
given in the problem) has to be greater than 100%, therefore the solution is not possible (Very tricky!)
b Incorrect If control risk rises, detection risk should decrease
c Correct This solution is both mathematically and practically correct
d Incorrect If control risk rises, detection risk should decrease
3.31 a Incorrect This is a type of “overall response”, not a “specific procedural
response.”
b Incorrect Auditors ought to direct specific procedures toward the area where the
suspicion lies
c Correct This is a specific procedural response mentioned in SAS 99.
d Incorrect This is an overall response, not a “specific procedural response.”3.32 a Correct The objective is to perform a quality audit and keep audit risk low
b Incorrect Control risk = 0 is generally not warranted
c Incorrect Inherent risk = 0 is generally not warranted
d Incorrect 40% audit risk is too high
Trang 113.33 a Incorrect Confirmation of accounts receivable are selected from recorded
amounts and thus give no chance for selection of unrecorded amounts; responses do not produce evidence of probability of collection
b Incorrect Confirmation yields some evidence of rights (ownership); responses do
not produce evidence of probability of collection
c Correct Confirmations produce evidence of existence in debtors’ admission of
their debts as well as some evidence of rights (ownership);
d Incorrect Confirmations produce evidence about existence, but not completeness.3.34 a Incorrect The accounting is credit sales, debit receivables, not inventory
b Incorrect The accounting is credit sales, debit receivables, not cost of goods sold
c Incorrect The accounting is credit sales, debit receivables, not bad debt expense
d Correct The accounting is (fictitious) credit sales, debit (fictitious) receivables.3.35 a Incorrect Falsification of documents is characteristic, but management fraud does
not involve stealing money from an employer
b Correct Management fraud is victimization of investors through the use of
materially misleading financial statements
c Incorrect Management fraud principally involves misleading financial statements
which might or might not involve illegal acts committed by management to evade laws and regulations
d Incorrect Conversion of stolen inventory to cash deposited in a falsified bank
account describes an employee fraud
3.36 a Incorrect Reporting clearly inconsequential illegal acts to the board of directors
is not required
b Correct Once informed, the board of directors has the first responsibility to
report to the SEC If the board does not report these items to the SEC, the law then requires the auditors to do so
c Incorrect Auditors are not required to report clearly inconsequential illegal acts
to the board (Reporting to management, however, is appropriate.)
d Incorrect Audit firm resignation is not required However, if the audit firm
withdraws and the board does not report the item to the SEC, the law requires the auditors to report to the SEC, just as though there had been
no resignation
3.37 a Incorrect Materiality may be qualitative rather than quantitative
b Incorrect Materiality may be quantitative rather than qualitative
c Incorrect AICPA guidelines are silent as to materiality judgments
d Correct Materiality is a matter of professional judgment
3.38 a Incorrect The audit team would be concerned if key factors are not consistent
with prior periods
b Incorrect The audit team would be concerned if key assumptions are not similar
to industry guidelines
c Incorrect The audit team would be least concerned about measurements that are
objective and not susceptible to bias
d Correct Evidence of a systematic bias, whether aggressive or conservative
would be of most concern to the audit team
Trang 123.39 a Incorrect Extended procedures would be used if supporting documents are not
produced when requested
b Correct If the client made several large adjustments at year-end (a red flag),
extended procedures would be considered necessary to ensure that fraud was not taking place
c Incorrect Unless the previous CFO left the company under suspicious
circumstances, extended procedures would probably not be considered necessary
d Incorrect Due to the immateriality of petty cash funds, the audit team would
probably not use extended procedures under these circumstances 3.40 c Correct An audit committee is composed of members of a company’s board of
directors who are not involved in the day-to-day operations of the company
3.41 a Incorrect While the audit team may recommend remedial actions to the audit
committee, the audit team’s first concern is the effect of the illegal act
on the financial statements
b Correct The audit team’s first concern is the effect of the illegal act on the
financial statements
c Incorrect While the audit team may consider whether to contact law enforcement
officials, the audit team’s first concern is the effect of the illegal act on the financial statements
d Incorrect While the audit team should determine whether other similar acts may
have occurred, the audit team’s first concern is the effect of the illegal act on the financial statements
3.42 a Incorrect The responsibility for detecting direct-effect illegal acts exactly
parallels the responsibility for errors and fraud
b Incorrect The audit team must design their tests to detect all material illegal acts
that directly affect the financial statements.
c Correct The audit team must design their tests to obtain reasonable assurance
that all illegal acts with direct material statement effects are detected
d Incorrect The audit team must design their tests to detect all material illegal acts
that directly affect the financial statements
SOLUTIONS FOR EXERCISES, PROBLEMS AND SIMULATIONS
3.43 Risk of Misstatement in Various Accounts
a Inventory understatements may occur from counting and pricing errors
Fixed asset understatements may result from failure to capitalize costs (expensing them instead) or from erroneous depreciation calculations
Liability understatement and expense understatement appear to be quite common, as these misstatements result in improved perceptions of financial condition and profitability
b Asset understatements can result from accounting errors, misapplication of accounting
principles, and measurement errors (such as undercounting the inventory) A company might be motivated by tax evasion to understated assets and income
Trang 13c Estimated liabilities might be measured large for conservatism The company might over
accrue expenses in order to reduce taxable income A fraud might be imbedded in false payables to false vendors
d The data indicate that income overstatement occurs most frequently Apparently the cause
is usually understatement of expenses (e.g accrued expenses) or overstatement of revenues
Trang 143.44 General Audit Procedures and Financial Statement Assertions
1a Inspection of records
or documents (vouching)
Occurrence1b Inspection of records
1c Inspection of records
or documents (scanning) Raises questions that may be relevant to all assertions, but may not produce actual
“evidence.” Since it is performed on recorded amounts, it works best for Existence or occurrence, Valuation and allocation, Rights and obligations, and Presentation and disclosure
When applied to source documents, it might work for the completeness assertion
ExistenceOccurrenceValuation and allocationRights and obligationsCompletenessAccuracy Classification
Existence Rights (Ownership)Completeness (sometimes)
5 Inquiry All assertions; however, responses typically
yield more assertions, in turn subject to audit with corroborating evidence
All assertions; however, responses typically yield moreassertions, in turn subject to audit with corroborating evidence
Valuation
8 Analytical procedures Existence or occurrence
Valuation Completeness
ExistenceOccurrenceCompleteness
Trang 153.45 Errors and Frauds
Students can probably think of many examples for each of the cases This solution does not purport to be exhaustive
a Overstate an asset, understate another asset
Hold cash receipts journal open past the year end (cutoff date) and record additional cash receipts occurring after year end, reducing accounts receivable
b Overstate an asset, overstate stockholder equity
Record appraised value of property, plant, and equipment, with a corresponding credit to
a capital account
c Overstate an asset, overstate revenue
(1) Hold the sales journal open past the year end (cutoff date) and record too much sales revenue and cash or accounts receivable (2) Record fictitious sales and accounts receivable
d Overstate an asset, understate an expense
(1) Capitalize maintenance expense, making the asset amount higher than warranted and the expense amount lower Subsequent depreciation would reverse this misstatement, but the first effect would be to overstate the asset and understate the expense (2) Record an expenditure as a prepaid expense instead of a current expense
e Overstate a liability, overstate an expense
Accrue too much liability for expenses not yet paid, such as wages, rent, interest, product warranties, etc
f Understate an asset, overstate an expense
(1) Calculate too much depreciation expense on assets (2) Classify expenditures as current expenses when they should be classified as prepaid expenses
g Understate a liability, understate an expense
Fail to accrue liabilities for expenses not yet paid, such as wages, rent, interest, product warranties, etc