Chapters 14 and 15 IV. Obtaining
Substantive Evidence about Accounts, Disclosures and Assertions Chapters 8–13 and 16 III. Obtaining
Evidence about Internal Control Operating Effectiveness Chapters 8–13 and 16 II. Performing Risk
Assessment Chapters 3, 7 and 9–13 I. Making Client
Acceptance and Continuance Decisions Chapter 14
The Auditing Profession, the Risk of Fraud and Mechanisms to Address Fraud: Regulation, Corporate
Governance, and Audit Quality Chapters 1 and 2
Professional Liability and the Need for Quality Auditor Judgments and Ethical Decisions
Chapter 4
The Audit Opinion Formulation Process and A Framework for Obtaining Audit Evidence Chapters 5 and 6
V. Completing the Audit and Making Reporting Decisions
PROFESSIONAL JUDGMENT IN CONTEXT
Examples of Fraud in Organizations
Milwaukee-based Koss Corporation reported an embezzlement of funds orchestrated by its CFO of approximately $31 million over a five-year period of time when the company’s reported earnings were only $26 million. The CFO used the funds to buy personal goods, such as expensive coats, jewelry, and other personal items that were mostly kept in storage facilities. Interestingly, the CFO was neither an accountant nor a CPA; the CEO had a college degree in anthropology; most of the board members had served on the board for 20-30 years;
and the company made highly technical products that were in very competitive markets. In another recent fraud, a senior benefits executive at Hitachi America, Inc. diverted approximately $8 million from Hitachi by creating a separate bank account that included the Hitachi name, but that was controlled by him. The funds that were diverted included payments from health providers and insurance companies intended for the Hitachi’s employee benefit plans. The executive used the $8 million in the new account to purchase an expensive vacation home and a new Lexus automobile, among other items.
In addition to outright thefts, fraud can also involve inaccurate financial reporting. For example, WorldCom orchestrated its fraud, in part, by capitalizing items that should have been recorded as expenses, thereby increasing current-period income.
Charter Communications inflated revenue by selling control boxes back to its supplier and then repurchasing them later. Dell, Inc. admitted to manipulating its reported income by not accurately disclosing payments that it received from computer- chip maker Intel. The payments were in exchange for Dell’s agreement not to use chips from Intel’s rival, Advanced Micro Devices. These payments accounted for 76% of Dell’s operating income in early 2007. Dell also covered earnings shortages by dipping into reserves and claimed the seemingly strong financial results were due to high quality management and efficient operations.
Fraudulent financial reporting can also involve financial-related reports that are not a formal part of the financial statements. As an example, publicly traded oil companies are required to report changes in their proved reserves each year. A proved reserve is the discovery of an oil field in which
33
Fraud Defined
Fraud is an intentional act involving the use of deception that results in a material misstatement of the financial statements. Two types of misstate- ments are relevant to auditors’ consideration of fraud: (a) misstatements arising from misappropriation of assets, and (b) misstatements arising from fraudulent financial reporting. Intent to deceive is what distinguishes fraud from errors. Auditors routinely find financial errors in their clients’ books, but those errors arenot intentional.
Misstatements Arising From Misappropriation of Assets
Asset misappropriation occurs when a perpetrator steals or misuses an organization’s assets. Asset misappropriations are the dominant fraud scheme perpetrated against small businesses and the perpetrators are usually employees. Asset misappropriations can be accomplished in various ways, including embezzling cash receipts, stealing assets, or causing the company to pay for goods or services that were not received. Asset misappropriation commonly occurs when employees:
● Gain access to cash and manipulate accounts to cover up cash thefts
● Manipulate cash disbursements through fake companies
● Steal inventory or other assets and manipulate the financial records to cover up the fraud
An important contemporary example of asset misappropriation is the famous Madoff Ponzi scheme, which is described in Exhibit 2.1.
Misstatements Arising from Fraudulent Financial Reporting
The intentional manipulation of reported financial results to misstate the economic condition of the organization is called fraudulent financial reporting. The Auditing in Practice feature“The Great Salad Oil Swindle of 1963”is an example of fraudulent financial reporting. The perpetrator of such a fraud generally seeks gain through the rise in stock price and the commensurate increase in personal wealth. Sometimes the perpetrator does not seek direct personal gain, but instead uses the fraudulent financial reporting to “help” the organization avoid bankruptcy or to avoid some other negative financial outcome. Three common ways in which fraudulent financial reporting can take place include:
1. Manipulation, falsification, or alteration of accounting records or sup- porting documents
the company has determined it is economically feasible to extract the oil from the field at current oil prices. The amount of proved reserves are a best estimate of the millions (or billions) of barrels of crude oil that can economically be extracted from the field. During 2004, the SEC successfully brought action against Shell Oil Company, alleging that the company had falsely reported its proved reserves in an effort to make the company look more successful and to maintain the stock price. As you read through this chapter, consider the following questions:
● What are the major types of fraud? What are the major characteristics of fraud that auditors should consider? (LO 1, 2)
● To what extent should the auditor be responsible for identifying the risk of fraud, and then determining whether material fraud actually exists? How can a quality audit prevent or detect these types of frauds? (LO 4)
● How can society as a whole, and the external auditing profession in particular, act to prevent and detect fraud? (LO 4, 5, 6)
● What is corporate governance, and how can effective corporate governance prevent these types of frauds? (LO 6)
LO1 Define the various types of fraud that affect organizations.
2. Misrepresentation or omission of events, transactions, or other signifi- cant information
3. Intentional misapplication of accounting principles
The Fraud Triangle
The termfraud trianglewas introduced by career criminologist Don Cres- sey more than 30 years ago. Cressey started by identifying patterns in fraud cases, and he identified three factors that were consistently present in all frauds. Research over the past two decades has reinforced the validity of the fraud triangle.
The three elements of the fraud triangle, as shown in Exhibit 2.2, include:
● Incentive to commit fraud
● Opportunity to commit and conceal the fraud
● Rationalization—the mindset of the fraudster to justify committing the fraud
E X H I B I T 2.1 The Bernie Madoff Ponzi Scheme
A Ponzi schemeoccurs when the deposits of current investors are used to pay returns on the deposits of previous investors; no real investment is happening. A Ponzi scheme will collapse if new investors do not join, or their deposits are too small to pay an adequate return to previous investors. Ponzi schemes are based on two fundamentals: trust and greed. The trust comes from building a relationship with the potential victims. Usually, in Ponzi schemes, the per- son perpetrating the fraud has gained trust through (a) direct, observable actions by others, (b) professional or other affiliations, or (c) through personal references by others. The greed comes from the investors who see an opportunity to obtain higher than usual returns, and because the trust is there, they do not perform their normal due diligence.
Both trust and greed were prevalent in the Madoff scheme.
In March 2009, Madoff pleaded guilty to 11 federal crimes and admitted to turning his wealth management busi- ness into a massive Ponzi scheme that defrauded thousands of investors of billions of dollars. Madoff said he began the Ponzi scheme in the early 1990s. However, federal investigators believe the fraud began as early as the 1980s, and that the investment operation may never have been legitimate. The amount missing from client accounts, includ- ing fabricated gains, was almost $65 billion. On June 29, 2009, Madoff was sentenced to 150 years in prison, the maximum allowed.
Madoff built a veil of trust by running a legitimate brokerage firm, and at one time was the Chair of NASDAQ. He often appeared on CNBC talking about the securities industry. Madoff took advantage of his unique ties to the invest- ment community to encourage further investment, and he always sold the idea of an investment into his company as one of “special privilege”. He conducted the scheme by hiring individuals who were paid commissions to bring in more investors. Obviously, the scheme can only work as long as the funds brought into the scheme in future years are sufficient to continue to pay all the previous investors. Ponzi schemes always become too big and collapse.
However, until the collapse, Madoff led an extremely lavish lifestyle.
Madoff conducted the scheme by keeping all of the transactions off his formal books. He employed a CPA firm to audit the books, but the firm consisted of only one employee and there is no indication that the CPA firm ever visited Mad- off’s offices or that any real audit was actually performed. However, note that the investors never asked for such audit reports. This is where the importance of greed plays a part. The investors felt they were part of something special, and they enjoyed earning high investment returns. They trusted Madoff, so they let down their guard by not asking for typi- cal due diligence information of which an external audit is an important part.
Although not verified, a rumor (as reported on a CNBC prime-time special) alleges that Madoff chose to surrender and plead guilty because one of the investors was with the Russian mob and Madoff feared for both his life and that of his sons. Madoff is currently serving his life sentence in federal prison, and one of his sons committed suicide two years after the fraud was revealed. During the time of this fraud, the PCAOB did not require that hedge funds like Madoff’s be audited by audit firms registered with the PCAOB. Following the Madoff fraud, in July 2010 Congress gave the PCAOB oversight of the audits of SEC-registered brokers and dealers.
LO2 Define the fraud triangle and describe the three elements of the fraud triangle.
The Fraud Triangle 35
Factors associated with these elements are referred to as fraud risk fac- tors orred flags.
We illustrate the fraud triangle with a simple example from a fraud that took place in a construction company. The company did paving, sewer, and gutter work. It started small, but grew to about $30 million in annual revenue. The construction work was performed at various locations throughout Michigan and Colorado. The company often purchased supplies at the job location, which were signed for by a construction employee and forwarded to the accountant for payment. The company had one accountant, but the president of the company approved all payments and formally signed off on them. When the president retired, he was replaced by his son, who spent more time growing the paving business than on accounting. He trusted the accountant because of the work the accountant had done for his father; therefore, he spent considerably less time in reviewing and signing off on payments than his father had done.
Now let us consider how the fraud triangle worked in this case. The essence of the fraud was that the accountant prepared bogus invoices for a
E X H I B I T 2.2 The Fraud Triangle
Incentive Rationalization
Opportunity
A U D I T I N G I N P R A C T I C E
The Great Salad Oil Swindle of 1963
The Great Salad Oil Swindle was one of the first modern large-scale frauds involving financial report- ing. It was perpetrated by Allied Crude Vegetable Oil in New Jersey. The concept was simple: the com- pany could overstate its financial position by claiming that it had more inventory than it actually had.
Overstated assets provide the company the opportu- nity to understate expenses and to overstate income.
The fraud ultimately cost creditors and suppliers about
$150 million (over $1 billion in current dollars).
The fraud was fairly simple. The company stored salad oil in large tanks. It issued numerous receipts all showing that it owned a large amount of salad oil inventory. The auditor did observe part of the inventory, but did so by checking the various
tanks one after another. The company accomplished the fraud by doing the following:
● First, it filled the tanks with a large inside con- tainer of water.
● Second, it created an outer layer with salad oil, so if the auditor checked the oil from an opening on top, the auditor would find oil.
● Third, the company pumped the oil under- ground from one tank to another in anticipation of the auditor’s planned inspection route.
This is a historically relevant fraud and has practical application today, because fraud perpetra- tors continue to use inventory manipulation to commit fraud.
bogus vendor, set the account up in his name, and prepared receiving slips and purchase orders to gain approval for the payments. First, what were the incentives for the fraud? Like many similar situations, the accountant faced considerable personal financial problems, mostly associated with taking care of his elderly parents, who had unpaid medical bills. Second, because the new president no longer reviewed items for payment, theopportunity (deficiencies in controls) presented itself. Third, the rationalization was a little more com- plex. Like most frauds, the fraudster thought that it would be a one-time extra payment to get him over the difficult times, and like most frauds, when the fraud was not detected, there was a further opportunity to grow it. The other part of the rationalization was more subtle. When the new president furnished all of the vice-presidents and job supervisors with new pickup trucks, the accountant did not receive one, nor did he receive a very substan- tial bonus, as compared to the job superintendents. The accountant felt that the amount of money he was taking was no different than what the job super- intendents and vice-presidents were getting. In other words, he rationalized his actions to himself by believing that he“deserved”the payments.
If any one of these three elements of the fraud triangle were not present (medical“need,”poor internal controls, rationalization), then it is less likely that the fraud would have taken place. Thus, when the auditor starts to con- sider the likelihood of fraud—either through misappropriation of assets or through fraudulent financial reporting—the auditor should start with con- sideration of the three elements of the triangle.
Incentives or Pressures to Commit Fraud
The audit team should consider the incentives or pressures to commit fraud on each engagement, including the most likely areas in which fraud might take place. These incentives include the following for fraudulent financial reporting:
● Management compensation schemes
● Other financial pressures for either improved earnings or an improved balance sheet
● Debt covenants
● Pending retirement or stock option expirations
● Personal wealth tied to either financial results or survival of the company
● Greed—for example, the backdating of stock options was performed by individuals who already had millions of dollars of wealth through stock Incentives relating to asset misappropriation include:
● Personal factors, such as severe financial considerations
● Pressure from family, friends, or the culture to live a more lavish lifestyle than one’s personal earnings allow for
● Addictions to gambling or drugs
Opportunities to Commit Fraud
One of the most fundamental and consistent findings in fraud research is that there must be an opportunity for fraud to be committed. Although this may sound obvious—that is, “everyone has an opportunity to commit fraud”—it really conveys much more. It means not only that an opportunity exists, but either there is a lack of controls or the complexities associated with a transaction are such that the perpetrator assesses the risk of being caught as low. Some of the opportunities to commit fraud that the auditor should consider include the following:
● Significant related-party transactions
● A company’s industry position, such as the ability to dictate terms or conditions to suppliers or customers that might allow individuals to structure fraudulent transactions
The Fraud Triangle 37
● Management’s inconsistency involving subjective judgments regarding assets or accounting estimates
● Simple transactions that are made complex through an unusual record- ing process
● Complex or difficult to understand transactions, such as financial deri- vatives or special-purpose entities
● Ineffective monitoring of management by the board, either because the board of directors is not independent or effective, or because there is a domineering manager
● Complex or unstable organizational structure
● Weak or nonexistent internal controls
Rationalizing the Fraud
Rationalization is a crucial component in most frauds. Rationalization involves a person reconciling unlawful or unethical behavior, such as stealing, with the commonly accepted notions of decency and trust.
For fraudulent financial reporting, the rationalization can range from
“saving the company”to personal greed, and includes thoughts such as:
● This is a one-time thing to get us through the current crisis and survive until things get better.
● Everybody cheats on the financial statements a little; we are just playing the same game.
● We will be in violation of all of our debt covenants unless we find a way to get this debt off the financial statements.
● We need a higher stock price to acquire company XYZ, or to keep our employees through stock options, and so forth.
For asset misappropriation, personal rationalizations often revolve around mistreatment by the company or a sense of entitlement (such as,
“the company owes me!”) by the individual perpetrating the fraud. Following are some common rationalizations for asset misappropriation:
● Fraud is justified to save a family member or loved one from financial crisis.
● We will lose everything (family, home, car, and so on) if we don’t take the money.
● No help is available from outside.
● This is“borrowing,”and we intend to pay the stolen money back at some point.
● Something is owed by the company because others are treated better.
● We simply do not care about the consequences of our actions or of accepted notions of decency and trust; we are out for ourselves.
Recent History of Fraudulent Financial Reporting
We now turn to a discussion of recent frauds, their implications for external auditors, a report by the Committee of Sponsoring Organizations (COSO) on the general characteristics of major financial reporting frauds, and a detailed discussion of the Enron fraud.
Examples of Recent Frauds and Implications for External Auditors
Examples of fraudulent financial reporting in the recent past are described in Exhibit 2.3. Of course, there are many more frauds that were discovered during this time, but this is a glimpse of a few notable instances.
LO3 Describe implications for auditors of recent fraudu- lent financial reporting cases and the third COSO report on fraud.