Auditing solution free essay sample

Fraud is an intentional act involving the use of deception that results in a material misstatement of the financial statements. Two types of misstatements are relevant to auditors’ consideration of fraud (a) misstatements arising from misappropriation of assets and (b) misstatements arising from fraudulent financial reporting. Intent to deceive is what distinguishes fraud from errors. 2-26 Three common ways that fraudulent financial reporting can be perpetrated include: Manipulation, falsification or alteration of accounting records or supporting documents Misrepresentation or omission of events, transactions, or other significant information Intentional misapplication of accounting principles 2-27 The reporter’s statement makes sense. Asset misappropriations are much easier to accomplish in small organizations that don’t have sophisticated systems of internal control. Fraudulent financial reporting is more likely to occur in large organizations because management often has ownership of or rights to vast amounts of the company’s stock. As the stock price goes up, management’s worth also increases. However, the reporter may have the mistaken sense that financial fraud only occurs rarely in smaller businesses. That is not the case. Many smaller organizations are also motivated to misstate their financial statements in order to (a) prop up the value of the organization for potential sale, (b) obtain continuing financing from a bank or other financial institution, or (c) to present a picture of an organization that is healthy when it may be susceptible to not remaining a going concern. Finally, smaller organizations may conduct a fraud of a different sort, i. e. misstating earnings by understating revenue or masking owner distributions as expenses. This is often done to minimize taxes. It would also be a mistake to think that asset misappropriations do not happen in larger organizations. Whenever controls are weak, there is an opportunity for asset misappropriation. When the opportunity is coupled with motivation and a belief that the fraud could be covered up, some of those opportunities will result in asset misappropriation. 2-28 a. A Ponzi scheme occurs when the deposits of current investors are used to pay returns on the deposits of previous investors; no real investment is happening. b. The key elements of the Bernie Madoff fraud include: Fabricated â€Å"gains† of almost $65 billion Defrauded thousands of investors Took advantage of his high profile investment leader status to establish trust in his victims Accomplished the scheme by keeping all the fraudulent transactions off the real financial statements of the company Employed a CPA who conducted a sham audit Led to the PCAOB now having oversight of the audits of SEC-registered brokers and dealers c. The Bernie Madoff fraud is primarily a case of asset misappropriation. However, it is important to note that asset misappropriation then led Madoff to commit fraudulent financial reporting to hide the asset misappropriation. 2-29 a. Management perpetrated the fraud by filling inside containers with water in the larger containers filled with oil. Further, they transferred the oil from tank to tank in the order in which they knew the auditors would proceed through the location. b. The goal was to overstate inventory assets, thereby understanding cost of goods sold and overstating income. c. The Great Salad Oil Swindle is primarily a case of fraudulent financial reporting. 2-30 Incentives relate to the rationale for the fraud, e. g. , need for money, desire to enhance stock price. Opportunities relate to the ability of the fraudster to actually accomplish the fraud, e. g. , through weak internal controls. Rationalization is the psychological process of justifying the fraud. 2-31 The fraud triangle recognizes that when these three factors appear together the likelihood of fraud increases. For example, an individual needs to have an opportunity to commit the fraud, such as a weakness in internal controls. Second, there must be some pressure or incentive to conduct the fraud, e. g. there is a real or perceived economic problem. Third, the perpetrator must be able to rationalize, or somehow justify his/her otherwise unacceptable behavior. Therefore, if one of the three elements is not present, fraud can still be perpetrated, but it is less likely. 2-32 Factors, or red flags, that would be strong indicators of opportunity to commit fraud include: inadequate segregation of duties, opportunities for management override, absence of monitoring controls, complex organizational structure, unauthorized access to physical assets, inadequate reconciliations of key accounts, especially bank accounts, access to cash that it not supervised or reconciled by someone else. 2-33 The ability to rationalize is important. Unless fraudsters are outright criminals, they will often be able to come up with an excuse for their behavior. â€Å"Accounting rules don’t specifically disallow it† or â€Å"the company owes me† are potential rationales. Other common rationalizations include: Financial pressures for either improved earnings or improved balance sheet Personal factors, including the personal need for assets Debt covenants Personal wealth tied to either financial results or survival of the company Unfair financial treatment (perceived) in relationship to other company employees â€Å"It is only temporary†, or â€Å"it’s a loan from the company† â€Å"I deserve it† â€Å"The company is so big they won’t miss it† â€Å" The company is unethical† â€Å"The company comes by its profits in a way that exploits people†. 2-34 a. incentive b. incentive c. opportunity d. incentive e. rationalization f. opportunity 2-35 Refer to Exhibit 2. 3 for brief descriptions. a. Enron: fraudulent financial reporting b. WorldCom: fraudulent financial reporting c. Parmalat: fraudulent financial reporting d. HealthSouth: fraudulent financial reporting e. Dell: fraudulent financial reporting f. Koss Corporation: asset misappropriation g. Olympus: fraudulent financial reporting h. Longtop Financial Technologies: fraudulent financial reporting 2-36 a. Professional skepticism is an attitude that includes a questioning mind and a critical assessment of audit evidence; requires an ongoing questioning of whether the information and audit evidence obtained suggests that a material misstatement due to fraud may exist. b. Professional skepticism is necessary to detecting fraud because without it the external auditor will be easily convinced of alternative explanations to the fraud that management will provide to conceal the fraud. c. The key behaviors necessary to successfully exercise professional skepticism include validating information through probing questions, critically assessing evidence, and paying attention to inconsistencies. d. It is difficult to exercise professional skepticism in practice for a variety of reasons including, the nature tendency to trust people (especially client personnel with whom you have worked), lack of repeated exposure to fraud, many repeated exposures to situations that do NOT involve fraud. e. Personal characteristics and behaviors that might make you skeptical about an individual include some of the following: Providing inaccurate or conflicting evidence Interacting in a difficult or unhelpful manner Acting in an untrustworthy fashion Engaging in conspicuous consumption of material possessions beyond the level to which their salary would normally make that lifestyle possible. Publicly available evidence exists that might help you assess whether an individual warrants increased skepticism. Information can include: tax liens, credit scores, and legal filings. 2-37 a. If a company has good products, it would be expected that it should have comparable profitability with other industry participants. The fact that it does not have that profitability, coupled with a weakness in internal controls over disbursements, should lead the auditor to embrace the idea that there is an opportunity for a disbursements fraud and that such a fraud could be hurting the reported profitability of the company. b. The company is doing better than its competitors and it appears to have achieved these better results through cost control. While cost control might be a valid explanation, the auditor should consider other potential explanations such as inappropriately capitalizing expenses, inappropriately recognizing revenue, etc. c. The company would appear to be using ‘window dressing’ in order to bypass debt covenants. It is doing so by sharply discounting current sales. These actions are not necessarily fraudulent, but they may be created to portray a misleading picture of the current economic health of the organization. d. This brief description mirrors that of the Koss case where the CFO was very intimidating, not a CPA, and possessed limited accounting experience. The company did not increase profit during her tenure. The external auditor should consider these factors to suggest a heightened risk of fraud. 2-38 Some of the key findings of the COSO study included: The amount and incidence of fraud remains high. The median size of company perpetrating the fraud rose tenfold to $100 million during the 1998-2007 period. There was heavy involvement in the fraud by the CEO and/or CFO. The most common fraud involved revenue recognition. Many of the fraud companies changed auditors. The majority of the frauds took place at companies that were listed on the Over-The-Counter (OTC) market rather than those listed on the NYSE or NASDAQ. 2-39 a. The various failures and environmental characteristics during the time of the Enron fraud include: Weak management accountability. Weak corporate governance. Accounting became more rule-oriented and complex. The financial analyst community was unduly influenced by management pressure. Bankers were unduly influenced by management pressure. Arthur Andersen was unduly influenced by management pressure, especially since consulting revenues at Enron were very high. b. In terms of the fraud triangle, Incentives: management was very concerned about managing stock prices through keeping debt off the balance sheet; the underlying business model of the company was not working; the company had strayed too far away from its â€Å"utility† roots and employees were taking significant risks in the financial markets that did not yield expected profits, thereby creating strong incentives for top management to conduct the fraud. Opportunity: corporate governance and external auditor accountability were lacking. Rationalization: although not discussed in the text specifically, there have been speculations in the press that management thought they were smarter than everyone else and that they were very confident that they could get away with the fraud. It is difficult to know the internal rationalizations of top management. 2-40 Auditing standards historically have reflected a belief that it is not reasonable for auditors to detect cleverly implemented frauds. However, it is increasingly clear that the general public, as reflected in the orientation of the PCAOB, expects that auditors have a responsibility to detect and report on material frauds. Professional auditing standards do require the auditor to plan and perform an audit that will detect material misstatements resulting from fraud. As part of that requirement, auditors will begin an audit with a brainstorming session that focuses on how and where fraud could occur within the organization. Auditors also need to communicate with the audit committee and management about the risks of fraud and how they are addressed. The auditor should then plan the audit to be responsive to an organization’s susceptibility to fraud. 2-41 The three ways in which individuals involved in the financial reporting process, including the external auditor, can mitigate the risk of fraudulent financial reporting include: Acknowledging that there needs to exist a strong, highly ethical tone at the top of an organization that permeates the corporate culture, including an effective fraud risk management program. Continually exercising professional skepticism, a questioning mindset that strengthens professional objectivity, in evaluating and/or preparing financial reports. Remember that strong communication among those involved in the financial reporting process is critical. Will these actions be effective? This should promote a lively debate among students if this question is discussed in class. Some will argue that frauds happen no matter what, so these types of actions will be futile. Others will be more optimistic, arguing that these actions, if consistently applied, could help to mitigate fraud risk. 2-42 a. The financial literacy, integrity, and reputation of Board members enhance credibility of the regulation and oversight of the auditing profession. Inspections by the PCAOB act as a highly visible enforcement mechanism, hopefully leading to higher quality audits. Further, information that is learned through the inspection process can be used as a basis for modifying and enhancing auditing standards. b. These sections improve auditor independence by separating consulting and auditing by the same audit firm. The partner rotation requirement ensures that a â€Å"fresh set of eyes† will be responsible for oversight on the engagement. c. The â€Å"cooling off† period helps to avoid conflicts of interest between top members of the engagement team and the client. By requiring a cooling off period, an auditor will not be unduly influenced (or appear to be unduly influenced) by the possibility of high-level employment with the client. d. Audit committees clearly serve the role of the â€Å"client† of the auditor. They act as surrogates for the shareholders who are the actual audit client. They act as the liaison between management and the external auditor. By being independent they gain credibility and ensure that the external auditor can rely on them to perform their governance role. By requiring that audit committees can hire their own attorneys and by ensuring that they have adequate monetary resources the external auditor has confidence that they will act as truly independent monitors of management. e. The certification requirements help address the risk of fraud by forcing the CEO and CFO to take internal controls and high quality financial reporting seriously. By forcing them to sign, they will likely require individuals below them to provide assurance that those departments or organizational units are each committed to internal controls and high quality financial reporting as well. Of course, a signature is just a signature! So, the likelihood that a CFO who is committing fraud will certify falsely is probably 100%. Thus, this mechanism is not without practical flaws. f. It addresses off-balance sheet transactions and special purpose entities, which were the main mechanisms used to conduct the Enron fraud. g. A strong internal control system is critical to preventing fraud. These sections of Sarbanes-Oxley Act mandate the disclosure of weak internal controls, thereby providing a strong motivation to managers to ensure that controls are effective. By requiring external auditor assurance on management’s assessment, financial statement users can believe in management’s assertions about controls. h. One member of the audit committee needs to be a financial expert to ensure that there is the knowledge necessary on the audit committee to critically evaluate management’s financial reporting and internal control choices. Without that knowledge, the committee may be unduly influenced by management’s preferences. i. It imposes strict penalties for destroying documents, which is what caused the downfall of Andersen. 2-43 No, nonpublic organizations are not required to abide by the Sarbanes-Oxley Act. However, many organizations view these requirements as â€Å"best practice† and so nonpublic organizations sometimes adhere to certain requirements of the Sarbanes-Oxley Act voluntarily. 2-44 The major parties involved in corporate governance, and their role/activities are as follows: Party Overview of Responsibilities Stockholders Broad Role: Provide effective oversight through election of board members, through approval of major initiatives (such as buying or selling stock), and through annual reports on management compensation from the board Board of Directors Broad Role: The major representatives of stockholders; they ensure that the organization is run according to the organizations charter and that there is proper accountability. Specific activities include: †¢Selecting management †¢Reviewing management performance and determining compensation †¢Declaring dividends †¢Approving major changes, such as mergers †¢Approving corporate strategy †¢Overseeing accountability activities Management Broad Role: Manage the organization effectively; provide accurate and timely accountability to shareholders and other stakeholders Specific activities include: †¢Formulating strategy and risk management †¢Implementing effective internal controls †¢Developing financial and other reports to meet public, stakeholder, and regulatory requirements †¢Managing and reviewing operations †¢Implementing an effective ethical environment Audit Committees of the Board of Directors Broad Role: Provide oversight of the internal and external audit function and over the process of preparing the annual financial statements and public reports on internal control Specific activities include: †¢Selecting the external audit firm †¢Approving any nonaudit work performed by the audit firm †¢Selecting and/or approving the appointment of the Chief Audit Executive (Internal Auditor) †¢Reviewing and approving the scope and budget of the internal audit function †¢Discussing audit findings with internal and external auditors, and advising the board (and management) on specific actions that should be taken Regulatory Organizations: SEC, AICPA, FASB, PCAOB, IAASB Broad Role: Set accounting and auditing standards dictating underlying financial reporting and auditing concepts; set the expectations of audit quality and accounting quality Specific activities include: †¢Establishing accounting principles †¢Establishing auditing standards †¢Interpreting previously issued standards Enforcing adherence to relevant standards and rules for public companies and their auditors 2-45 These principles include the following: The boards fundamental objective should be to build long-term sustainable growth in shareholder value for the corporation. Successful corporate governance depends upon successful management of the company, as management has the primary responsibility for creating a culture of performance with integrity and ethical behavior. Effective corporate governance should be integrated with the companys business strategy and not viewed as simply a compliance obligation. Transparency is a critical element of effective corporate governance, and companies should make regular efforts to ensure that they have sound disclosure policies and practices. Independence and objectivity are necessary attributes of board members; however, companies must also strike the right balance in the appointment of independent and non-independent directors to ensure an appropriate range and mix of expertise, diversity, and knowledge on the board. 2-46 a. Independent directors are more likely to stand up to management and report fraud than those directors that are not independent. b. Holding meetings without management present enables a frank and open discussion, including enabling board members with concerns about potential fraud or weak management to alert other board members to express those concerns. c. By having a nominating/corporate governance committee composed of independent directors, the organization is more likely to attract high quality board members that are not unduly influenced by management. And by having a corporate governance committee, this important element of control achieves prominence in the organization and acts as a deterrent to fraud. d. Having a written charter and an annual performance evaluation ensures that the committee responsibilities are appropriate, and that the responsibilities are actually accomplished (or shareholders are alerted if they are not accomplished). Accomplishing such activities acts as a deterrent to fraud. e. By having an independent compensation committee, top management will be less able to inappropriately influence compensation decisions for themselves. f. Having a written charter and an annual performance evaluation ensures that the committee responsibilities are appropriate, and that the responsibilities are actually accomplished (or shareholders are alerted if they are not accomplished). Accomplishing such activities acts as a deterrent to fraud. g. This requirement ensures an adequate size and independence of the audit committee, which acts to strengthen governance and deter fraud. h. Having a written charter and an annual performance evaluation ensures that the committee responsibilities are appropriate, and that the responsibilities are actually accomplished (or shareholders are alerted if they are not accomplished). Accomplishing such activities acts as a deterrent to fraud. i. These requirements encourage a high quality set of corporate governance behaviors, which taken together act as a deterrent to fraud. j. By making the ethics issue a prominent disclosure, it encourages management and other individuals within the organization to take it more seriously. It acts to encourage a high quality â€Å"tone at the top†. k. By requiring this disclosure, users of the financial statements can evaluate for themselves whether the foreign companies’ governance is adequate, or gain an appreciation for governance differences. This knowledge encourages companies to adopt corporate governance mechanisms that they otherwise may not, thereby affecting the control environment and the opportunity for fraud. It also helps users know where deficiencies may exist, making them more skeptical. l. It attempts to ensure that the top-level executives place the appropriate importance on corporate governance and that they would be required to disclose if their company is not compliant, which would alert users to heightened fraud risk. m. An internal audit function is important to the control environment. Having that oversight internally improves internal control, thereby deterring fraud. 2-47 a. This requirement forces audit committees to take internal controls seriously, and to consider any potential independence impairments for the external auditor. Both internal controls and high quality external auditing are critical for the prevention and/or detection of fraud. b. This requires the audit committee to be engaged and informed about financial accounting at the company; being engaged and informed enhances the ability of the audit committee to detect fraud. c. Analyst interactions and the pressure to meet their expectations provide incentives for fraud. By requiring that the audit committee discuss the earnings release process, audit committees have more control over what and how management engages with analysts, and that control should assist in deterring fraud. d. Understanding risk assessment and risk management should alert the audit committee to weaknesses therein, thereby encouraging positive change, which should thereby deter fraud. e. Meeting separately with these groups encourages frank conversations about concerns, and such communication is key to deterring or detecting fraud. f. By understanding the nature of any problems that the external auditor is having with management, the audit committee gets a good sense of potential management aggressiveness, and the sources of disagreement between the auditor and management. In addition, this requirement gives the external auditor someone to turn to in reporting fraud on the part of management. g. By setting hiring policies regarding employees of the external audit firm, the audit committee can ensure that management is not exerting undue influence over the members of the audit team by possibly promising them employment at the company. h. By reporting regularly to the board of directors, the audit committee is put in a position of power in the organization, thereby giving them the clout necessary to oversee management and deter fraud. 2-48 a. The audit committee must be comprised of â€Å"outside† independent directors, one of whom must be a financial expert. The audit committee now has the authority to hire and fire the external auditor, and will therefore serve as the auditor’s primary contact, especially for accounting and audit related issues. In addition, at many organizations the audit committee sets the scope for and hires internal auditors. They would also review the work of both internal and external auditors. b. The audit committee certainly takes on much more responsibility with the new regulation. They will now be much more informed about the audit function and financial reporting processes within their company. The auditor must report all significant problems to the audit committee. For auditors, the reporting relationship should reinforce the need to keep the third-party users in mind in dealing with reporting choices. c. The audit committee is basically in a position of mediator, but not problem solver. One member must be a financial expert, but all members must be well versed in the field. This financial knowledge can help the audit committee to understand the disagreement. Ultimately, the company would like to receive an unqualified audit opinion. If the external auditor believes a certain accounting treatment to be wrong, they do not have to give an unqualified opinion. The audit committee’s responsibility is to assist in resolution of the dispute so that financial reporting is accurate. Skills of audit committee members that would assist in this type of situation include interpersonal skills, negotiation skills, and communication skills 2-49 Factors Explain Your Reasoning and the Implications of Poor Governance a. The company is in the financial services sector and has a large number of consumer loans, including mortgages, outstanding. This is not necessarily poor governance. However, the auditor needs to determine the amount of risk that is inherent in the current loan portfolio and whether the risk could have been managed through better risk management by the organization. The lack of good risk management by the organization increases the risk that the financial statements will be misstated because of the difficulty of estimating the allowance for loan losses. b. The CEO’s and CFO’s compensation is based on three components: (a) base salary, (b) bonus based on growth in assets and profits, and (c) significant stock options. This is a rather common compensation package and, by itself, is not necessarily poor corporate governance. However, in combination with other things, the use of ‘significant stock options’ may create an incentive for management to potentially manage reported earnings in order to boost the price of the company’s stock. The auditor can determine if it is poor corporate governance by determining the extent that other safeguards are in place to protect the company. c. The audit committee meets semi-annually. It is chaired by a retired CFO who knows the company well because she had served as the CFO of a division of the firm before retirement. The other two members are local community members – one is the President of the Chamber of Commerce and the other is a retired executive from a successful local manufacturing firm. This is a strong indicator of poor corporate governance. If the audit committee meets only twice a year, it is unlikely that it is devoting appropriate amounts of time to its oversight function, including reports from both internal and external audit. There is another problem in that the chair of the audit committee was previously employed by the company and would not meet the definition of an independent director. Finally, the other two audit committee members may not have adequate financial experience. This is an example of poor governance because (1) it signals that the organization has not made a commitment to independent oversight by the audit committee, (2) the lack of financial expertise means that the auditor does not have someone independent that they can discuss controversial accounting or audit issues that arise during the course of the audit. If there is a disagreement with management, the audit committee does not have the expertise to make independent judgments on whether the auditor or management has the appropriate view of the accounting or audit issues. d. The company has an internal auditor who reports directly to the CFO, and makes an annual report to the audit committee. The good news is that the organization has an internal audit function. However, the reporting relationship is not ideal. Further, the bad news is that a staff of one isn’t necessarily as large or as diverse as it needs to be to cover the major risks of the organization. e. The CEO is a dominating personality – not unusual in this environment. He has been on the job for 6 months and has decreed that he is streamlining the organization to reduce costs and centralize authority (most of it in him). A dominant CEO is not especially unusual, but the centralization of power in the CEO is a risk that many aspects of governance, as well as internal control could be overridden. The centralization of power in the CEO is a risk that many aspects of governance, as well as internal control could be overridden, which of course increases the risk of fraud and the risk faced by the external auditor. f. The Company has a loan committee. It meets quarterly to approve, on an ex-post basis all loans that are over $300 million (top 5% for this institution). There are a couple of elements in this statement that yield great risk to the audit and to the organization, and that are indicative of poor governance. First, the loan committee only meets quarterly. Economic conditions change more rapidly than once a quarter, and thus the review is not timely. Second, the only loans reviewed are (a) large loans that (b) have already been made. Thus, the loan committee does not act as a control or a check on management or the organization. The risk is that many more loans than would be expected could be delinquent, and need to be written down. g. The previous auditor has resigned because of a dispute regarding the accounting treatment and fair value assessment of some of the loans. This is a very high risk indicator that is indicative of poor governance. The auditor would look extremely bad if the previous auditor resigned over a valuation issue and the new auditor failed to adequately address the same issue. Second, this is a risk factor because the organization shows that it is willing to get rid of auditors with whom they do not agree. This is a problem of auditor independence and coincides with the above identification of the weakness of the audit committee. Contemporary and Historical Cases 2-50 a. Management at Koss may have placed a high level of trust in Sachdeva because they knew her for a long period of time and she did not exhibit behaviors that caused concern. Further, management at the company was reportedly quite relaxed in its approach to monitoring and control. These behaviors led to a lack of professional skepticism on the part of management. b. Grant Thornton was obligated to uncover the fraud in the sense that they ignored red flags (weakening financial condition, poor internal control and monitoring) that should have alerted them to problems in the company. Grant Thornton experienced an audit failure because they issued unqualified audit opinions on materially misstated financial statements. c. Sachdeva’s lavish lifestyle should have raised suspicions because her level of conspicuous consumption far exceeded her apparent ability to pay given her relatively modest salary. However, her lifestyle may have been explained away or ignored because of her husband’s prominent medical pr