Review your content’s performance and reach.
Become your target audience’s go-to resource for today’s hottest topics.
Understand your clients’ strategies and the most pressing issues they are facing.
Keep a step ahead of your key competitors and benchmark against them.
add to folder:
Questions? Please contact [email protected]
Paul Munter, the SEC’s Acting Chief Accountant, seems to think so. In this Statement, Munter expresses his concern that, in conducting audits, auditors are not adequately making use of the “fraud lens”—a focus on the consideration of fraud in the audit—in fulfilling their gatekeeper role. That is, auditors may not be adequately responding to fraud risks and red flags or otherwise exercising “professional skepticism.” It is critical, he said, that auditors evaluate whether the audit has surfaced information that may be indicative of fraud and “how fraud could be perpetrated or concealed by management.” Are auditors exhibiting a type of bias, focusing risk assessments on risks of error and essentially overlooking or minimizing risks of fraud? In light of Munter’s statement, companies could well find that their auditors may be doubling down on their application of professional skepticism. What’s more, some of Munter’s recommendations may prove useful for companies in establishing their own ethics environments and conducting their own fraud risk assessments.
Perhaps speaking with the current worldwide economic and political uncertainty in mind, Munter observes that “any changes to the macroeconomic and geopolitical environment in which companies operate may result in new pressures, opportunities, or rationalizations for fraud. Areas that have historically been a focus for auditors—the tone at the top of a company and the effectiveness of internal controls—appear to be key factors in either exacerbating or mitigating such pressures, opportunities, or rationalizations for fraud.” Accordingly, auditors have “a significant opportunity” to help “identify and address the precursors of financial reporting fraud.”
In his statement, Munter identifies a number of recent “shortcomings” related to fraud detection:
Munter advises that audit firms need to establish strong systems of quality controls to support auditors that may face external and internal pressures that can “distract an auditor from appropriately identifying and responding to fraud risks.” For example, audit clients may insist on tight deadlines or apply audit fee pressures; “audit firm or engagement team pressures may include resource constraints, time pressures, budgeting and firm operational metrics, evaluation systems that may inadvertently discourage skepticism among staff auditors, and achieving strong client satisfaction ratings.”
PCAOB auditing standards related to fraud risk require that auditors “set aside any prior beliefs about management’s honesty and integrity.” In distinguishing between error and fraud, intent is a “key point of distinction.” Munter advises that “when considering materiality, auditors should not assume that even small intentional misstatements in the financial statements are immaterial.” Here again, Munter cautions that auditors need to be mindful of biases, such as the mindset of “trust but verify,” which “may represent potential bias if it is anchored in the belief that management is honest and has integrity. Such a mindset may interfere with an auditor’s ability to effectively evaluate signs of fraud when evaluating misstatements or to objectively challenge evidence provided by management.”
Auditors, Munter reminds us, must exercise professional skepticism, “an attitude that includes a questioning mind and a critical assessment of audit evidence.” Skepticism means that auditors should question evidence provided by management when the timing or manner of its production raises suspicions, including “invoices for large amounts with vague descriptions, invoices with related parties with descriptions that are outside of the normal course of business, or ‘new’ evidence provided by management in the late stages of the audit to address a potentially difficult or contentious audit matter. Auditors should avoid any assumptions of honesty, be mindful of potential unconscious biases, and apply the appropriate level of professional skepticism.” In addition, “when performing analytical procedures, auditors should assess whether there are unusual or unexpected transactions or relationships that are identified that may be indicative of a previously unidentified fraud risk.” According to Munter, management “is in a unique position to perpetrate fraud, and instances of fraud often involve management override of controls, including concealment of evidence or misrepresentation of information. Auditors must remain diligent when considering and responding to this risk and remain aware of techniques used by management to circumvent existing controls.” Ultimately, auditors may need to communicate findings to management, the audit committee and the SEC.
When fraud risks have been identified, auditors may need to modify planned audit procedures. For example, specialists may need to be enlisted, such as, for example, a specialist who can “challenge and evaluate the reasonableness of management’s assumptions.” In addition, Munter cautions, auditors should be particularly alert to financial reporting areas that he identifies as “more frequently related to fraudulent schemes,” including improper revenue recognition, which is a “presumed risk of fraud,” and the intentional misstatement of accounting estimates. PCAOB AS 2401.54 provides examples of audit procedures that might be performed in response to assessed fraud risks related to revenue recognition. With regard to misstatement of accounting estimates, Munter advises that auditors “should perform a retrospective review to determine whether there are indications of possible bias in the development of accounting estimates.”
SideBar
This Spotlight Audit Committee Resource from the PCAOB offers questions that audit committees may consider asking their auditors to assess how they are responding to the financial reporting and audit risks posed by the current economic environment. With regard to fraud risk, the Resource suggests that the audit committee ask how economic factors (e.g., supply chain disruption, inflation) have influenced the auditor’s risk assessment for the current year’s audit, and whether emerging issues have influenced the nature, timing or extent of procedures the auditor plans to perform to address the risk of material misstatement due to fraud. Audit committees may also consider asking what the audit firm has done to address any recurring audit deficiencies, such as deficiencies related to revenue recognition and accounting estimates, identified by regulators or the audit firm’s internal quality monitoring. The Resource includes many other questions about risk, audit execution, quality control and other matters.
Munter recommends that audit responses should be tailored to the particular risk; auditing standards are not to be used as “an exhaustive checklist.” Auditors should also consider whether publicly available information contradicts information from management. In addition, auditors should assess the company’s control environment, including whether there is a demonstrated commitment to ethics and integrity, beyond simply the existence of a code of ethics: “For example, are employees able to anonymously share their views on the company’s tone at the top through, for example, a culture survey? How are the survey results obtained and shared with leadership?” Does the company have a whistleblower hotline, and does the culture encourage use of it? What is the company’s approach to its own fraud risk assessment? Finally, technology “may provide useful insights to assist with identifying unusual or unexpected relationships or assisting auditors in performing more robust planning analytics.”
SideBar
This 2018 KPMG paper on fraud and whistle-blowing suggests the following questions for audit committees to consider with regard to fraud risk oversight:
These questions are suggested regarding whistle-blowing:
Ultimately, Munter concludes, in performing their gatekeeping function, auditors must apply appropriate levels of professional care and professional skepticism so that they may obtain “reasonable assurance about whether financial statements are free of material misstatement, whether due to error or fraud.
add to folder:
If you would like to learn how Lexology can drive your content marketing strategy forward, please email [email protected].
© Copyright 2006 – 2022 Law Business Research