managing and assessing the risk of fraudulent financial statements
DESCRIPTION
Managing and assessing the risk of fraudulant financial statementsTRANSCRIPT
Managing and Assessing the Risk ofFraudulent Financial Statements
Presented by:
W. James Lloyd, CPA/ABV/CFF, CFE, ASA
And
Doug Arnold, CPA, CFE, CMA, CBA, CFSA
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 2
Agenda
• Overview of Fraud
• ACFE’s Report to the Nation
• Types of Financial Statement Frauds
• Managing the Risk of Fraud
• Auditor’s Responsibility to Detect Fraud
• Overview of SAS No. 99
39th Virginia Accounting and Auditing ConferenceSeptember 28 - 29, 2009
Incomplete Work ProductPage 3
There are two types of companies
Those that have been defrauded
And those that don’t know it…yet.1
1 Association of Certified Fraud Examiners
Fraud Defined
• Fraud is defined in Black’s Law Dictionary as:
– A knowing misrepresentation of the truth or concealment of a material fact to induce another to act to his or her detriment. A misrepresentation made recklessly without belief in its truth to induce another person to act. A tort arising from a knowing misrepresentation made to induce another to act to his or her detriment.
– Could also be defined as – the improper conversion of another’s assets to one’s own benefit.
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009
Essential Elements of Fraud
• Intentional material false statements or willful omission of a material fact
• Knowledge by the perpetrator that the statements or omissions are false and misleading
• Intent for the misrepresentation to be acted upon
• Reliance by the victim
• Damages to the victim
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 6
• Defined as “The use of one’s occupation for personal enrichment through the deliberate misuse or misapplication of the employing organization’s resources or assets”
• Can be as simple as stealing supplies or as complex as sophisticated financial statement frauds
Occupational Fraud
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 7
The Fraud Triangle
Management or other employees have an incentive or are under pressure
Circumstances exist – ineffective or absent control, or management
ability to override controls – that provide opportunity
Culture or environment enables management or other employees to
rationalize committing fraud
Rationale Opportunity
Incentive
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 8
Three Major Categories of Fraud
• All occupational frauds fall into one of three major categories:
– Asset misappropriations
– Corruption
– Fraudulent financial statements
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 9
ACFE’s 2008 Report to the NationOn Occupational Fraud & Abuse
• Approximately 7% of revenue is lost each year due to fraud
• Median loss from the 2008 study was $175,000
• Median loss for companies with less than 100 employees was $200,000
• 25% of the cases had losses of at least $1M
• Typical length of time between when the fraud started until it was detected was 2 years
ACFE’s Report to the Nation (Continued)
Initial Detection of Occupational Frauds
46%
19%
20%
23%
9%3%
Employee Tip
Internal Audit
Accident
Internal Controls
External Audit
Notified by Police
Respondents were asked how the frauds they investigated were initially discovered.
The sum of the percentages exceeds 100% because some cases involve more than one type of fraudThe sum of the percentages exceeds 100% because some cases involve more than one type of fraud
Perpetrator’s Profile
• Higher income and education = greater loss
• Highest median losses related to employees with 6-10 years of tenure
$261,000 for 6-10 years vs. $50,000 for <1 year
• Median loss for males was $250,000 vs. $110,000 for females
• More education means higher losses
$550,000 for postgraduate vs. $100,000 for high school
• Ages 51-60 represented the highest median loss
$500,000 for 51-60 vs. $25,000 for <26
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 11
Fraud Hotlines
• Median loss for organizations with fraud hotlines was $100,000 as opposed to $250,000 for firms without hotlines
• Median number of months until detection was 16 for organizations with hotlines as opposed to 24 without hotlines
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 12
Internal Audits
• Median loss for organizations with an internal audit department was $118,000 as opposed to $250,000 without internal audit
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 13
External Audits
• Median loss for organizations with external audits was $150,000 as opposed to $250,000 without external audits
• Median number of months in public companies until detection was 18 for organizations with external audits as opposed to 27 without
• Most common anti-fraud control, but no evidence found that they are particularly effective at detecting fraud
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 14
Small Organizations Suffered Disproportionately Large Losses
38%
20%
23%
19%
0% 10% 20% 30% 40% 50%
Percent of Cases
<100
100-999
1,000-9,999
10,000+
Nu
mb
er o
f E
mp
loy
ees
Percent of Cases Based on Size of Victim Organization
2008
Source: Association of Certified Fraud Examiners 2008 Report to the Nation
Small Organizations Suffered Disproportionately Large Losses
$200,000
$176,000
$116,000
$147,000
$- $50,000 $100,000 $150,000
Median Loss
<100
100-999
1,000-9,999
10,000+
Nu
mb
er o
f E
mp
loye
es
Median Loss Based on Size of Victim Organization
2008
Source: Association of Certified Fraud Examiners 2008 Report to the Nation
Distribution of Dollar Losses
2%7%
17%11%
28%10%
25%
0% 5% 10% 15% 20% 25% 30% 35%
Percent of Cases
1-999
10,000-49,000
100,000-499,999
1,000,000 and up
Dol
lar
Los
s R
ange
Distribution of Dollar Losses
2008
Source: Association of Certified Fraud Examiners 2008 Report to the Nation
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 18
Median Loss by Method of Fraud
$- $400 $800 $1,200 $1,600 $2,000
Median Loss (in thousands)
AssetMisappropriation
Corruption
FraudulentStatements
Cat
egor
y
All Occupational Frauds
Fraudulent StatementsCorruption
Asset Misappropriation
Source: Association of Certified Fraud Examiners 2008 Report to the Nation
How Cash is Misappropriated
• Fraudsters use eight common methods to steal cash from their employers
• Methods involving incoming receipts:
– Skimming and cash larceny
• Methods involving outgoing disbursements:
– Billing schemes, expense reimbursements, check tampering, payroll, and cash register disbursements
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 19
Asset Misappropriations Involving Incoming Receipts
• Skimming – cash stolen before it is recorded
– Example: employee accepts payment from a customer but does not record the sale
– Median loss: $80,000
• Cash Larceny – cash is stolen after it has been recorded
– Example: employee steals cash and checks from the daily receipts before being deposited into the bank
– Median loss: $75,000
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 20
Asset Misappropriations - Outgoing Disbursements
• Billing schemes – example: employee creates a shell company and bills employer for nonexistent services (Median loss: $100,000)
• Expense reimbursements – example: employee files fraudulent expense reports (Median loss: $25,000)
• Check tampering – example: employee steals blank company checks, makes them payable to himself or an accomplice (Median loss: $138,000)
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 21
Asset Misappropriations - Outgoing Disbursements
• Payroll schemes – example: employee claims overtime for hours not worked
– Median loss: $49,000
• Register disbursements – example: employee fraudulently voids a sale in the cash register and steals the cash
– Median loss: $25,000
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 22
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 23
Corruption Related Frauds
• Conflicts of interest – example: employee owns an undisclosed interest in a supplier and negotiates a contract between his employer and the supplier
• Bribery – example: employee accepts a payment from a vendor for confidential information about a competitor’s bid on a project
• Illegal gratuities – example: employee accepts a free vacation from a vendor after negotiating a contract for his employer
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 24
Financial Statement Frauds
• Generally committed by upper management to make the company’s earnings and/or financial condition appear better than actual
• Typical reasons include:
– Lure investors or creditors
– Receive performance based compensation
– Keep stock price high for acquisitions
– Debt covenants
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 25
Victims of FinancialStatement Frauds
• Victims of financial statement fraud normally include:
– Investors
– Creditors
– Employees
– Customers
– Suppliers
– External CPAs!
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 26
The Cost of FinancialStatement Fraud
• Financial statement frauds can have a devastating impact on the organization and its employees
• For publicly-traded companies – market capitalizations will decline substantially overnight
• For public and private companies – debt and equity financing options will evaporate and existing loans could be called
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 27
The Cost of FinancialStatement Fraud (Continued)
• Individuals who invested in the company (including employees) could lose substantial amounts of their investment and/or retirement accounts
• Employees may lose their jobs and benefits – such as health insurance
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 28
Fraudulent Financial Statements
• Financial statement frauds normally involve one or more of the following:
– Fictitious revenues
– Concealed liabilities and expenses
– Improper asset valuations
– Improper disclosures
– Timing differences
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 29
Fictitious Revenues
• Fictitious revenues involve recording revenue that did not actually occur
• Can involve either fake or legitimate customers
• Example:
– Legitimate customer is invoiced for goods that are never shipped. An entry is made in the subsequent accounting period to reverse the transaction.
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 30
Fictitious Revenues (Continued)
• Red Flags:
– Too little cash collected from the revenues being reported
– Unusual journal entries
– Unexplained items on bank and other reconciliations
– Customers that have not been through the normal customer approval process
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 31
Concealed Liabilitiesand Expenses
• Understating liabilities and expenses is one of the most common ways companies manipulate their financial statements
• It is generally easier to not record an expense than to falsify revenues
• Concealed liabilities and expenses can be difficult to detect because there is generally no audit trail to follow
• Examples:
– Omitting legitimate accounts payable
– Capitalizing inappropriate expenses
– Failure to disclose warranty costs and liabilities
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 32
Concealed Liabilitiesand Expenses (Continued)
• Red Flags:
– Recurring negative cash flows from operations while reporting positive earnings and growth
– Unusual increase in gross margin or margins in excess of industry peers
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 33
Improper Asset Valuations
• Generally involve overstated:
– Inventory
– Accounts receivable
– Fixed assets
– Intangible assets
• Red Flags:
– Asset values based on estimates that involve subjective judgment
– Allowances for bad debts and/or obsolete inventory are shrinking in percentage terms and/or out of line with industry peers
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 34
Improper Disclosures
• Improper disclosures generally involve one or more of the following:
– Liability omissions
– Subsequent events
– Management fraud
– Related party transactions
– Accounting methods and/or changes in methods
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 35
Timing Differences
• Recognizing revenues and/or expenses in the wrong period are generally the most common forms of financial statement fraud
• Red Flags:
– Unusual growth in the number of days’ sales in receivables
– Unusual decline in the number of days’ purchases in accounts payable
What To Look For –Red Flags
• Large checks written to cash (or large number of smaller checks)
• Unusual cash transfers
• Transactions not consistent with the entity’s business
• Unusual related party transactions
• Bank accounts not reconciled timely
• Out of balance subsidiary ledgers
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009
What To Look For – Red Flags
• Pressure from investors or lenders to achieve a certain level of profitability and/or financial condition
• Standard of living is unusual relative to known financial resources
• Disorganized operations
• Poor internal controls – easy for management to override
• Unusual and/or unsupported journal entries39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009
What To Look For – Red Flags
• High dependence on a relatively small number of customers or suppliers
• Impressive financial results in a poor economy and/or with poor industry performance
• Unusually consistent financial performance and growth
• Disconnect between cash and profitability
• Growing days in AR – higher than industry average
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 39
Tools and Techniques
• Techniques used to analyze financial statements and underlying transactions:
– Vertical analysis
– Horizontal analysis
– Benchmark analysis
• Operating ratios
• Financial ratios
– Data mining
FRAUD PREVENTION
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 40
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 41
Managing the Risk of Fraud
• Effective ways that organizations can reduce the risk of becoming a fraud victim:
– Create a positive workplace
– Develop a Code of Conduct
– Follow sensible personnel procedures
– Utilize sound internal controls
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 42
Create a positive workplace
• Management must set the tone at the top by creating a culture of no tolerance for fraud or other inappropriate behavior
– To be effective, top management must conduct themselves in the same manner as they expect employees to act
• Establish open lines of communication
– Help employees should feel like an important part of the organization
Create a positive workplace
• Provide positive feedback
– Acknowledge employees for ethical behavior
• Compensate employees fairly
– Employees who feel underpaid are more inclined to participate in fraudulent activity
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 43
Develop a Code of Conduct
• A code of conduct can be an effective tool for communicating the organization’s intolerance for fraud and other inappropriate behavior. To be an effective fraud risk tool, it should:
– Be in writing and communicated to all employees
– Clearly establish a reporting structure
• Employees need to know who they can/should talk to if they have a problem or suspect inappropriate activity
• Fraud Hotline
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 44
Code of Conduct
• Consistently punish violators
• Management must send a clear message that fraudulent behavior will not be tolerated
• Acknowledged by employees and reinforced on a regular basis
– Employees should acknowledge reading and agree to adhere to it – in writing
– Review and re-acknowledge on an regular basis (i.e. annual reviews)
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 45
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 46
Personnel Procedures
• Establish and follow good hiring and promotion guidelines
– Always check references
• Require employees to use vacation time
– It is difficult to cover up a trail of fraudulent activity while on vacation
• Conduct exit interviews
– Good way to learn about possible fraud or other misconduct
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 47
Internal Controls
• Identify high risk areas
• Determine where material misstatements could occur
• Implement appropriate controls to mitigate the risks
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 48
Fraud Hotlines
• A tip reporting system, such as a fraud hotline, can substantially reduce the risk of fraud
– Must protect confidentiality of the caller
– Eliminate concerns about retaliation
• Options include:
– Internally answered
– External service
– Web based
Financial Statement Fraudfrom an Auditor’s Perspective
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 50
Auditor’s Responsibility to Detect Fraud: A Brief History
• Statement on Auditing Procedure No.1, Extensions of Auditing Procedure (1930’s):– The auditor is not expected to find all defalcations,
although the discovery of defalcations frequently results.
– The SEC was created and a requirement for “independent” audits implemented.
• Statement on Auditing Procedure No. 30, Responsibilities and Functions of the Independent Auditor in the Examination of Financial Statements (1960’s):– The audit is not primarily or specifically designed and
cannot be relied upon to disclose defalcations and other similar irregularities, although their discovery may result.
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 51
Auditor’s Responsibility to Detect Fraud: A Brief History (Continued)
• Statement on Auditing Standards No.16, The Independent Auditor’s Responsibility for the Detection of Errors or Irregularities (late 1970’s):
– The auditor has the responsibility, within the inherent limitations of the auditing process, to plan his examination to search for errors and irregularities.
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 52
Lincoln Savings& Loan (1987)
• Nature of the Fraud
– Charles Keating (CEO) and his family misappropriated approximately $1.1 billion from the S&L by:
• Using government insured deposits to invest in risky bonds and schemes
• Recording fictitious revenue from real estate deals with the Keating-controlled parent company
• Related Problems
– Keating paid himself and his family over $34 million in salaries and sales of stock
• $1.5 million of which was paid in gifts and contributions to U.S. Senators in order to influence banking regulations (the “Keating 5”)
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 53
Lincoln Savings &Loan (1987) (Continued)
• Symptoms
– CEO had been sanctioned by the SEC and signed a consent decree to never again be involved in the management of a financial institution
– 4 out of 8 company officers of the S&L’s parent company were Keating and his relatives
– Questionable relationships and agreements with related parties
– Questionable timing of investment purchases
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 54
Lincoln Savings &Loan (1987) (Continued)
• What Auditor Could Have Done
– Understand management background
– Investigate related parties and related party transactions
– Review the timing for significant investment purchases for patterns (monthly investment statements, interim financial statements, journal entries)
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 55
Auditor’s Responsibility to Detect Fraud: SAS No. 53
• Statement on Auditing Standards No. 53, The Auditor’s Responsibility to Detect and Report Errors and Irregularities (1988):
– The auditor is responsible for designing the audit to provide reasonable assurance of detecting material errors and irregularities
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 56
PharMor (1992)
• Nature of the Fraud
– Overstated inventory:
• Moved between stores so it could be counted more than once
• Increased value of inventory without support
– Determined where auditor inventory counts would be done in advance, and did not alter the records at these stores
– CFO and CEO (Monus) were convicted of embezzlement
• $10 million was moved from Phar-Mor to the World Basketball League, founded by Monus
– Prosecutors estimated that the total loss to all investors exceeded $1 billion.
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 57
PharMor (1992) (Continued)
• Symptoms
– Rapid growth
– Entity heavily controlled by Monus
– Cash flow questions
– Unpaid vendors
– Unrelated vendors (World Basketball League, travel agency of World Basketball League, etc.)
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 58
PharMor (1992) (Continued)
• What Auditor Could Have Done
– Incorporate unpredictability for inventory counts
– Address cash flow issues
– Review vendor listings and agings
– Address management override risk:
• Review application of accounting principles
• Segregation of duties issues
• Review journal entries
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 59
Auditor’s Responsibility toDetect Fraud: SAS No. 82
• Statement on Auditing Standards No.82, Consideration of Fraud in a Financial Statement Audit (1997):
– Addressed fraud specifically – not “errors” or “irregularities”
– Lessened the “expectation gap” between auditors and users
– Provided specific guidance for planning, evaluating internal controls, exercising due professional care, and gathering evidentiary matter
– Still based upon reasonable rather than absolute assurance
– Established that responsibilities extended throughout the audit – not only at planning
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 60
Independent Auditor’s Responsibility
• “The auditor has a responsibility to plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement, whether caused by error or fraud.” (SAS No. 82)
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 61
Enron (2001)
• Nature of the Fraud
– Used related party “special purpose entities” to hide significant losses and debt and enter risky derivative transactions, mostly at quarter and year end
– Phantom profits from these entities increased Enron’s stock price
• Related Problems
– Before the issuance of FIN 46R, these entities were not consolidated
– Enron officers, including CEO Skilling, unloaded approximately $1 billion in Enron stock as the business began to fail, while employees holding stock in the company through its retirement plan were not permitted to sell
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 62
Enron (2001) (Continued)
• Symptoms
– Seven key executives left the company between August 2000 and August 2001
– Rapid change from a pipeline transportation and distribution company to a wholesale company trading in gas and other derivatives, including weather derivatives
– October 15, 2001 earnings release did not include any balance sheet or cash flow information, or a write off of $1.2 billion in equity
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 63
Enron (2001) (Continued)
• Symptoms (Continued)
– Executive arrogance:
• Banner in lobby changed from “THE WORLD’S LEADING ENERGY COMPANY” to “THE WORLD’S LEADING COMPANY”
– Continued earnings growth without positive cash flows
– Significant competition among employees
• Employees reported being fearful of going to the restroom and leaving their computers unattended
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 64
Enron (2001) (Continued)
• Symptoms (Continued)
– Aggressive earnings targets and management bonuses based on meeting these targets
– Excessive interest in stock price
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 65
Enron (2001) (Continued)
• What Auditor Could Have Done
– Make sense of a complex financial situation
– Question executive arrogance
– Increase skepticism as the market began to question the entity’s stock price
– Examine cash flows
– Further assess internal controls over derivative trading – the largest and riskiest part of Enron’s business
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 66
SAS No. 99 Overview
• Issued in 2002
• Did not change auditor’s responsibility as outlined under SAS No. 82
• Did not change management’s responsibility to establish controls to prevent and detect fraud
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 67
SAS No. 99 Requirements
• Higher level of professional skepticism
“…a material misstatement due to fraud could be present, regardless of any past experience with the entity and regardless of the auditor’s belief about management’s honesty and integrity” (SAS No. 99, paragraph 13)
• Engagement team brainstorming session
• Specific response to the risk of management’s override of controls (fictitious journal entries)
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 68
SAS No. 99 Requirements (Continued)
• Specific response to the risk of revenue manipulation
• Gather and consider much more information to assess fraud risk through the consideration of fraud symptoms
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 69
Recognition ofFraud Symptoms
• Analytical symptoms
– Changes within the financial statements that do not make sense when compared to an expectation
– Example: PharMor cash flows
• Accounting and documentary symptoms
– Missing or unavailable information
– Overly complex transactions with little or no accounting guidance
– Example: Enron’s use of special purpose entities and complex derivatives
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 70
Recognition ofFraud Symptoms (Continued)
• Control symptoms
– Weak or inactive audit committee
– Excessive executive power
– Examples: Keating, Monus, Skilling
• Behavioral, verbal or lifestyle symptoms
– Earnings incentives
– Competition among employees
– Example: Enron’s arrogance and employee competition
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 71
Recognition ofFraud Symptoms (Continued)
• Tips and complaints symptoms
– Use of regulatory, whistle-blower or other reporting mechanisms
– Market analyst questions
– Examples: Keating’s SEC sanction and Enron’s questionable earnings announcement
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 72
How to Follow Up on Fraud Symptoms
• Exercise a higher level of professional skepticism
• Assignment of personnel to the engagement with higher skill level
• Further consideration of management’s selection and application of accounting principles
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 73
How to Follow Up on Fraud Symptoms (Continued)
• Assess control risk below the maximum, conduct additional tests of controls or maybe not rely on controls
• Consider a change in the nature, timing or extent of audit tests (unpredictability)
39th Annual Virginia Accounting and Auditing ConferenceSeptember 28-29, 2009 Page 74
Other Standards Resultingfrom Fraud Concerns
• Professional standards issued subsequent to SAS No. 99 impacting the auditor’s assessment, documentation, or communication as it relates to fraud:
– SAS No:
• 105• 106• 107• 108• 109• 110• 111• 112• 113• 114
QUESTIONS?