INTRODUCTION

ISA 240: The Auditors Responsibilities

Related to Fraud in an Audit of Financial
Statements

Introduction

The objective of this ISA is to outline the

responsibilities
the
auditor
has
in
connection with fraud issues.

Introduction(cont.)

It is widely understood that misstatement within

a set of general purpose financial statements
can arise from either fraud or error.
Fraud: an intentional act by one or more
individuals
among
management,
TCWG,
employees, or third parties, involving the use of
deception to obtain an unjust or illegal
advantage.
Error: an unintentional misstatement in the
financial statements including the omission of an
amount or disclosure.

Introduction(cont.)
Fraud is sub-divided into two further
categories:
1. Management fraud
2. Employee fraud

The Planning Stage

Discuss fraud risk and incidence with

management and TCWG and document
this discussion.
Discuss with the engagement team
how the financial statements may be
susceptible to material misstatement
whether caused by fraud or error.
Consider whether one or more fraud
risk factors are present.

The Planning Stage (cont.)

Perform audit procedures to test the

appropriateness of journal entries, test
the risk of management override of
internal controls, review accounting
estimates and their appropriateness
and understand the business rationale
for transactions outside the normal
course of business.

The Planning Stage (cont.)

Obtain spesific representations from
management and TCWG including its
assessment of the risk of fraud.
Consider the implications under the
auditors legal and regulatory obligations.
The auditor may be able to identify potential

opportunities for fraud to be committed and they will

obtain reasonable assurance that the financial
statements taken, as a whole, are free from material
misstatement whether caused by fraud and error.

Responsibilities

The overall responsibility to prevent

and detect fraud or error lies with
management and TCWG they should
establish a control environment and
have policies and procedures in place
to safeguard the entitys assets and
ensure efficient conduct of the entitys
business.

Responsibilities (cont.)

Management and TCWG also have a

responsibility to ensure that the
internal controls adopted by them and
the policies and procedures put in
place by them also allow the entity to
prepare FS that present fairly, in all
material respects, in accordance with
their
spesific
financial
reporting
framework.

Discussion Amongst the

Engagement Team
1.

2.

How management could override the

entitys internal controls and how the
FS could potentially be misstated due
to fraud.
How the entity could manipulate the
FS for the purposes of earnings
management.

Discussion Amongst the

Engagement Team (cont.)
3.

4.

Whether there are incentives or

pressures for management or others
to commit fraud
How
management
and
TCWG
implement sufficient controls and
oversee employees who have access
to cash or other assets of the entity.

Discussion Amongst the

Engagement Team (cont.)
5.

6.

Whether management or other key

employees have had an unusual
change of lifestyle or demonstrate
unexplained behaviour
Ensuring that all members of the
engagement team maintain a degree
of professional scepticism throughout
the assignment.

Discussion Amongst the

Engagement Team (cont.)
7.

8.

Whether there are any circumstances

present that may give rise to a
presence of fraudulent activity.
Discussions about how unpredictable
audit testing can be undertaken and
the nature, timing and extent of that
testing

Discussion Amongst the

Engagement Team (cont.)
How audit procedures are selected to
respond to the risk that the FS contain
material misstatement due to fraud.
10. Discussions concerning any allegations
of fraudulent activity.
9.

It allows the engagement team to develop an

audit strategy that is directly responsive to the
risk that the FS contain a material misstatement
due to fraud.

Discussion Amongst the

Engagement Team (cont.)

Whether there are any circumstances

present that may give rise to a
presence of fraudulent activity.

Risk Assessment

ISA 315 require the auditor to obtain an

understanding of the entity and the
environment in which it operates
also includes a requirement for the
auditor to consider the risk that the FS
contain a material misstatement due to
fraud.

Risk Assessment (cont.)

auditor must ensure they discuss

with management and TCWG how they
oversight of the managements internal
controls and how these mitigate the
risk of fraud.
Discussions with management & TCWG
are not absolute.

Risk Assessment (cont.)

1.
2.

3.

Further consideration:
Consider whether one or more fraud risk
factors are present.
Perform analytical procedures to identify
whether any unusual or unexpected
trends have occured in the FS
Refer to other information that has come
to light that may indicate whether the FS
contain a material statement due to
fraud.

Types of Fraud
1.

Fraudulent financial reporting

2.

Misappropriation of assets

Audit Testing
1.

2.
3.

Unannounced visits by the auditor to

conduct inventory counts at locations
not previously visited by the auditors.
Developing
an
element
of
unpredictability in audit procedures.
Reviews of management information
for periods other than at the reporting
date & investigating any unusual
transactions or amendments.

Audit Testing (cont.)

4.
5.
6.

Performing
substantive
analytical
procedures using disaggregated data.
Seeking additional audit evidence from
sources outside of the entity.
Where other firms of auditor are used,
for example at one or more subsidiaries,
divisions or branches, discussing with
them the extent of the work necessary to
address
the
risk
of
material
misstatement due to fraud,

Audit Testing (cont.)

7.

8.

Performing Computer Assisted Audit

Techniques (CAATs) such as data
mining to test for anomalies in a
population.
Where an act of fraud has been
committed discuss with the entitys
staff the controls in place and how
they address the risk.

Audit Testing (cont.)

Performing procedures on account
reconciliation for periods other than
the reporting date.
10. Testing the integrity of computerproduced records and transactions.
9.

Communication of Fraud
Matters

Where the auditor has obtained

evidence that fraud exists, or may
exist, the auditor must bring the
matter to the attention of the
appropriate level of management as
soon as is practicable.

At least one level above the person(s) who appears to be

involved with the (suspected) fraud.
In communicating matters of fraud to TCWG the auditor
can choose between oral communicatian & written
communication.

Communication of Fraud
Matters (cont.)

There may be circumstances when the integrity or honesty

of management or TCWG is brought into doubt auditor
must obtain legal advice to assist in determining the most
appropriate course of action.
In certain jurisdictions, the auditor may have a
responsibility to communicate matters of fraud to external
regulatory bodies and in such cases auditors duty of
confidentiality may be overriden by statute an the auditor
may also consider it appropriate to obtain legal advice to
determine the most appropriate course of action in the
circumstances.