Chapter 3

AUDITOR'S RESPONSIBILITY

The fair presentation of the financial statements in

accordance with the applicable financial reporting
standards is the responsibility of the client's
management. The auditor's responsibility is to
design the audit to provide reasonable assurance of
detecting material misstatements in the financial
statements. These misstatements may emanate
from

1.Error,
2.F raud , and
3 . Noncompliance with Laws and
Regulations

 ERROR
The term "error" refers to unintentional
misstatements in the financial statements,
including the omission of an amount or a
disclosure, such as:
Mathematical or clerical mistakes in the
underlying records and accounting data
An incorrect accounting estimate arising
from oversight or misinterpretation of facts
 Mistake in the application of accounting
policies

 FRAUD
Fraud refers to intentional act by one or more
individuals among management, those
charged with governance, employees, or third
parties, involving the use of deception to obtain
an unjust or illegal advantage. Although fraud is a
broad legal concept, the auditor is primarily
concerned with fraudulent acts that cause a
material misstatement in the financial statements

Types of Fraud
There are two types of fraud that are relevant to
financial - statement audit. Misstatements
resulting from fraudulent - financial reporting and
misstatements resulting from misappropriation
of assets.
1. Fraudulent financial reporting
involves intentional misstatements or
omissions of amounts or disclosures in
the financial statements to deceive
financial statement users.
This type II is also known as management fraud
because it usually involves members of
management or those charged with governance.
This may involve Manipulation, falsification or
alteration of records or documents
• Misrepresentation in or intentional omission of
the effects of transactions from records or
documents
• Recording of transactions without substance
• Intentional misapplication of accounting
policies
2. Misappropriation of assets or employee
fraud involves theft of an entity's assets
committed by the entity's employees. This may
include
• Embezzling receipts
• Stealing entity's assets such as cash,
marketable securities, and inventory
• Lapping of accounts receivable
This type a fraud is often accompanied by false
or misleading records or documents in order to
conceal the fact the sets.

Fraud involves motivation to commit it and a

perceived opportunity to do so. For example, an
employee might be motivated to steal
company's assets because this employee lives
beyond his means. Also, a member of
management may be forced to manipulate the
financial statements in order to meet an overly
optimistic projection. A perceived opportunity to
commit fraud may exist when there is no proper
segregation of duties among employees or
when management believes that internal control
can be easily circumvented. The primary factor
that distinguishes fraud from error is whether the
underlying cause of misstatement in the
financial statements is intentional or
unintentional. Although the auditor may be able
to identify opportunities for fraud to be
perpetrated, it is often difficult, if not impossible,
for the auditor to determine intent, particularly in
matters involving management judgment, such
as accounting estimates and the appropriate
application of accounting principles.
Consequently, the auditor's responsibility for the
detection of fraud and error is essentially the
same.
Responsibility of management and Those
Charged with Governance
The responsibility for the prevention and
detection of fraud and error rests with both
management and those charged with the
governance of the entity.
In this regard, PSA 240 requires Management to
establish a control environment and to
implement internal control policies and
procedures designed to ensure, among others,
the detection and prevention of fraud and error.
Individuals charged with governance of an entity
to ensure the integrity of an entity's accounting
and financial reporting systems and that
appropriate controls are in place.
1.1 Auditor's Responsibility
Although the annual audit of financial
statements may act as deterrent to fraud and
error, the auditor is not and cannot be held
responsible for the prevention of fraud and error.
The auditor's responsibility is to design the audit
to obtain reasonable assurance that the financial
statements are free from material misstatement,
whether caused by error or fraud.
I. PLANNING PHASE
When planning an audit, the auditor should
make inquiries of management about the
possibility of misstatement due to fraud and
error. Such inquiries may include
• Management’s assessment of risks due to
fraud
• Controls established to address die risks
• Any material error or fraud that has affected
the entity or suspected fraud that the entity is
investigating
• The auditor's inquiries of management may
provide useful information concerning the risk of
material misstatements in the financial
statements resulting from employee fraud.
However, such inquiries are unlikely to provide
useful information regarding the risk of material
misstatements in the financial statements
resulting from management fraud. Accordingly,
the auditor should also inquire of those
individual in charge of governance to seek their
views on the adequacy of accounting and
internal control systems in place, the risk of
fraud and error, and the integrity of
management.

2. The auditor should assess the risk that fraud

or error may cause the financial statements to
contain material misstatements. In this regard,
PSA 240 requires the auditor to specifically
“address the ark of material misstatements due
to fraud and consider Mat assessment in
designing the audit procedures to be
performed."

The fact that fraud is usually concealed can

make it very difficult to detect. Nevertheless,
using the auditor's knowledge of the business,
the auditor may identify events or conditions that
provide an opportunity, a motive or a means to
commit fraud, or indicate that fraud may already
have occurred. Such events or conditions are
referred to as “fraud risk factors”.
Fraud risk factors do not necessarily indicate
the existence of fraud, however, they often have
been present in circumstances where frauds
have occurred.
 Examples of fraud risk factors taken from PSA
240 are set out at the end of this chapter.
 Judgments about the increased risk of
material misstatements due to fraud may
influence the auditor's professional
judgments in the following toys:
 The auditor may approach the audit with
a heightened level of professional
skepticism. The auditor's ability to assess
control risk at less than high level may be
reduced and the auditor should be
sensitive to the ability of the management
to override controls.
 The audit team may be selected in ways
that ensure that the knowledge, skill, and
ability of personnel assigned significant
responsibilities are (commensurate with
the auditors of risk.
 The auditor may decide to consider,
management selection and application of
significant accounting policies,
particularly those related to income
determination and asset valuation.
TESTING PHASE
3. During the course of the audit, the auditor
may encounter circumstances that may indicate
the possibility of fraud or error. For example,
there are discrepancies found in the accounting
records, conflicting or missing documents or
lack of cooperation from management. In these
circumstances, the auditor should perform
procedures necessary to determine whether
material misstatements exist.
4. After identifying material misstatement in the
financial statements, the auditor should consider
whether such a misstatement resulted from a
fraud or an error: This is important because
errors will only result to an adjustment of
financial statements but fraud may have other
implications on an audit.
If the auditor believes that the misstatement is,
or may be the result of fraud, but the effect on
the financial statements is not material, the
auditor should
• Refer the matter to the appropriate level of
management at least one level above those
involved, and

Be satisfied that, given the position of the likely

perpetrator, the fraud has no other implications
for other aspects of the audit or that those
implications have been adequately considered.
However, if the auditor detects a material fraud
or has been unable to evaluate whether the
effect on financial statement is material or
immaterial, the auditor should
• Consider implication for other aspects of the
audit particularly the reliability of management
representations.
Discuss the matter and the approach to further
investigation with an appropriate level of that is
at least one level above those involved,
Attempt to obtain evidence to determine whether
a material fraud in fact exists and, if so, their
effect, and
Suggest that the client consult with legal counsel
about questions of law.
• COMPLETION PHASE
5. The auditor should obtain a written
representation from the client's management
that
 it acknowledges its responsibility for the
implementation and operations of
accounting and internal control systems
that are designed to prevent and detect
fraud and error;
 it believes the effects of those
uncorrected financial statement
misstatements aggregated by the
auditor during the audit are immaterial,
both individually and to the aggregate,
to the financial statements taken as a
whole. A summary of such items
should be included in or attached to the
written representation;
 it has disclosed to the auditor all
significant facts relating to any frauds
or suspected frauds known to
management that may have affected
the entity; and
 it has disclosed to the auditor the
results of its assessment of the risk that
the financial statements may be
materially misstated as a result of
fraud.
CONSIDER THE EFFECT ON THE AUDTTOR
REPORT
6. When the auditor believes that material error
or fraud exists, he should request the
management to revise the financial statements.
Otherwise, the auditor skill express a qualified or
adverse opinion.
If the auditor is unable to evaluate the effect of
fraud on the financial statements because of a
limitation on the scope of the auditor's
examination, the auditor should either qualify or
disclaim his opinion on the financial statements.
Because of the inherent limitations of an audit
there is an unavoidable risk that material
misstatements at the financial statements
resulting from fraud and error may not be
detected. Therefore, the subsequent discovery
of material misstatement in the financial
statements resulting from fraud or error does
not, in and of itself, indicate that the auditor has
failed to adhere to the basic principles and
essential procedures of an audit.
The risk of not detecting a material
misstatement resulting from fraud is higher than
the risk of not detecting misstatements resulting
from error. This is due to the fact that fraud may
involve sophisticated and carefully organized
schemes designed to conceal it, such as
forgery, deliberate failure to record transactions,
or intentional misrepresentation being made to
the auditor. Hence, audit procedures that- art
effective for detecting material errors may be
ineffective for detecting material fraud,
especially those concealed through collusion.
Furthermore, the risk of the auditor not detecting
a material misstatement resulting from
management fraud is greater than for employee
fraud, because those charged with governance
and management arc often in a position that
assumes their integrity and enables them to
override the formally established control
procedures. Certain levels of management may
be in a position to override control procedures
designed to prevent similar frauds by other
employees, for example, by directing
subordinates to record transactions incorrectly
or to conceal them. Given its position of
authority within an entity, management has the
ability to either direct employees to do
something or solicit their help to assist
management in carrying out a fraud, with or
without the employees' knowledge.

NONCOMPLIANCE WITH LAWS AND

REGULATIONS

Noncompliance refers to acts of omission or

commission by the entity being audited, either
intentional or unintentional, which arc contrary to
the prevailing laws or regulations. Such acts
include transactions entered into by, or in the
name of, the entity or on its behalf by its
management or employees. Common examples
include:
• Tax evasion
• Violation of environmental protection laws
• Inside trading of securities
Management's Responsibility
It is management's responsibility to ensure that
the entity's operations are conducted in
accordance with laws and regulations. The
responsibility for the prevention and detection of
noncompliance rests with management. (ISA
250)
The following policies and procedures, among
others, may assist management in discharging
its responsibilities for the prevention and
detection of noncompliance:
• Monitoring legal requirements and ensuring
that operating procedures are designed to meet
these requirements.
• Instituting and operating appropriate systems
of internal control.
• Developing, publicizing and following a Code
of Conduct.
• Ensuring employees are properly trained and
understand the Code of Conduct.
• Monitoring compliance with the Code of
Conduct and acting appropriately to discipline
employers who to fail comply with it.
• Engaging legal advisors to assist in monitoring
legal requirements.
• Maintaining a register of significant laws with
wind, the entity has to comply within its
particular industry and a record of complaints.
In larger entities, these policies and procedures
may be supplemented by assigning appropriate
responsibilities to an internal audit function an
audit committee.
Auditors Responsibility
An audit cannot be expected to detect
noncompliance with all laws and regulations.
Nevertheless, the auditor should recognize that
noncompliance by the entity with laws and
regulations may materially affect the financial
statements.
• PLANNING PHASE
1. In order to plan the audit, the auditor
should obtain a general understanding
of the legal and regulatory framework
applicable to the entity and the industry
and how the entity is complying with
that framework. To obtain the general
understanding of laws and regulations,
the auditor would ordinarily:
 Use the existing knowledge of
the entity's industry and
business.
 Inquire of management concerning
the entity's policies and procedures
regarding compliance with Ian's
and regulations. Inquire of
management as to the laws or
regulations that may be expected
to have a fundamental effect on the
operations of the entity.
 Discuss with management the
policies or procedures adopted for
identifying, evaluating and
accounting for litigation claims and
assessments.
 Discuss the legal and regulatory,
framework with auditors of
subsidiaries in other countries (for
 example, if the subsidiary is
required to adhere to the securities
regulations of the parent company).
After obtaining the general understanding, the
auditor should design procedures to help identify
instances of noncompliance with those laws and
regulations where noncompliance should be
considered when preparing financial statements,
such as
• Inquiring of management as to whether the
entity is in compliance with such laws and
regulations.
• Inspecting correspondence with the relevant
licensing or regulatory authorities.
3. The auditor should also design audit
procedures to obtain sufficient appropriate audit
evidence about compliance with those laws and
regulations generally recognized by the auditor
to have an effect on the determination of
material amounts and disclosures in financial
statements.
• TESTING PHASE
4. When the auditor becomes aware of
information concerning a possible instance of
noncompliance, the auditor should obtain an
understanding of the nature of the act and the
circumstances in which it has occurred, and
sufficient other information to evaluate the
possible effect on the financial statements.
When evaluating the possible effect on the
financial statements, the auditor considers: The
potential financial consequences, such as fines,
penalties, damages, threat of expropriation of
assets, enforced discontinuation of operations
and litigation.
• Whether the potential financial consequences
require disclosure.
• Whether the potential financial consequences
are so serious as to call into question the fair
presentation given by the financial statements.
5. When the auditor believes there may be
noncompliance, the auditor should document
the findings, discuss them with management,
and consider the implication on other aspects of
the audit

COMPLETION PHASE
6. The auditor should obtain written
representations that management has disclosed
to the auditor all known actual or possible
noncompliance with laws and regulations that
could materially affect the financial statements
• CONSIDER THE EFFECT ON ME
AUDITOR'S REPORT
7. When the auditor believes that there is
noncompliance with laws and regulations that
materially affects the financial statements, he
 should request the management to revise the
financial statements. Otherwise, a qualified or
adverse opinion will be issued.
8. If a scope limitation has precluded the auditor
from obtaining sufficient appropriate evidence to
evaluate the effect of noncompliance with laws
and regulations, the auditor should express a
qualified opinion or a disclaimer of opinion. An
audit is subject to the unavoidable risk that
some material misstatements in the financial
statements will not be detected, even though the
audit is properly planned and performed in
accordance with PSA, This risk is higher with
regard to material misstatements resulting from
noncompliance with laws and regulations
because:
 There are many laws and regulations
relating principally to the operating
aspects of the entity that typically do not
have a material effect on the financial
statements and are not captured by the
accounting and internal control systems.
Auditors are primarily concern with the
noncompliance that will have a direct and
material effect in the financial statements.
Hence, auditors do not normally design
audit procedures to detect
noncompliance that will not directly affect
the fair presentation of the financial
statements unless the results of either
 procedures that were applied cause the
auditor to suspect that a material indirect
effect noncompliance may have
occurred.

Noncompliance may involve conduct designed

conceal it, such as collusion, forgery, deliberate
failure to record transactions, senior
management override of controls or intentional
misrepresentations being made to the auditor.
Examples of Risk Factors Relating to
Misstatements Resulting from Fraud
The fraud risk factors identified below are
examples of stilt factors typically faced by
auditors in a broad range of situations. However,
the fraud risk factors listed below are only
examples; not all of these factors are likely to be
present in all audits, nor is the list necessarily
complete. Furthermore, the auditor exercises
professional judgment when considering fraud
risk factors individually or in combination and
whether there are specific controls that mitigate
the risk.
Fraud Risk Factors Relating to
Misstatements Resulting from Fraudulent
Financial Reporting
Fraud risk factors that relate to misstatements
resulting from fraudulent financial reporting may
be grouped in the following three categories:
1. Management's Characteristics and Influence
over the Control Environment.
2. Industry Condition.
3. Operating Characteristics and Financial
Stability.

For each of these three categories, examples of

fraud risk factors relating to misstatements
arising from fraudulent financial reporting are net
out below.
1. Fraud Risk Factors Relating to
Management's Characteristics and Influence
over the Control Environment
These fraud risk factors pertain to
management's abilities, pressures, style, and
attitude relating to internal control and the
financial reporting process.
There is motivation for management to engage
in fraudulent financial reporting. Specific
indicators might include the following:
- A significant portion of management's
compensation is represented by bonuses, stock
options or other incentives, the value of which is
contingent upon the entity achieving unduly
aggressive targets for operating results, financial
position or cash flow.
- There is excessive interest by management in
maintaining or increasing the entity's stock price
or earnings trend through the use of unusually
aggressive accounting practices.
- Management commits to analysts, creditors
and other third parties to achieving what appear
to be unduly aggressive or clearly unrealistic
forecasts.
- Management has an interest in pursuing
inappropriate means to minimize reported
earnings for tax-motivated reasons.

- There is a failure by management to display

and communicate an appropriate attitude
regarding internal control and the financial
reporting process. Specific indicators might
include die following: - Management does not
effectively communicate and support the entity's
values or ethics, or management communicates
inappropriate values or ethics.
- Management is dominated by a single person
or a small group without compensating controls
such as effective oversight by those charged
with governance.
- Management does not monitor significant
controls adequately.
- Management fails to correct known material
weaknesses in internal control on a timely basis.
 - Management sets unduly aggressive financial
targets and expectations for operating
personnel.
- Management displays a significant disregard
for regulatory authorities.
- Management continues to employ ineffective
accounting, information technology or internal
auditing staff.
• Non-financial management participates
excessively in, or is preoccupied with, the
selection of accounting principles or the
determination of significant estimates.
• There is a high turnover of management,
counsel or board members.
 There is a strained relationship between
management the current or predecessor
auditor. Specific might include the
following
- Frequent disputes with the current or a
predecessor auditor on accounting, auditing or
reporting mane,
- Unreasonable demands on the auditor,
including unreasonable time constraints
regarding the completion of the audit or the
issuance of the auditor's report.
- Formal or informal restrictions on the auditor
that inappropriately limit the auditor's access to
people or information, or limit the auditor's ability
 to communicate effectively with those charged
with governance.
- Domineering management behavior in dealing
with the auditor, especially involving attempts to
influence the scope of the auditor's work.
- There is a history of securities law violations,
or claims against the entity or its management
alleging fraud or violations of securities laws.
- The corporate governance structure is weak or
ineffective, which may be evidenced by, for
example:
- A lack of members who are independent of
management.
- Little attention being paid to financial reporting
matters and to the accounting and internal
control systems by those charged with
governance.

2. Fraud Risk Factors Relating to Industry

Conditions
These fraud risk factors involve the economic and
regulator7 environment in which the entity operates.
 New accounting, statutory or
regulatory requirements that
could impair the financial
stability or profitability of the
entity.
  A high degree of competition or
market saturation, accompanied
by declining margins. A
declining industry pith
increasing business failures and
significant declines in customer
demand.
 Rapid changes in the industry,
such as high vulnerability to
rapidly changing technology or
rapid product obsolescence.
3. Fraud Risk Factors Relating to Operating
Characteristics and Financial Stability
These fraud risk factors pertain to the nature
and complexity of the entity and its transactions,
the entity's financial condition, and its
profitability.
 Inability to generate cash flows
from operations while reporting
earnings and earnings growth.
 Significant pressure to obtain
additional capital necessary to
stay competitive, considering
the financial position of the
entity (including a need for
funds to finance major research
and development or capital
expenditures).
 Assets, liabilities, revenues or
expenses based on significant
 estimates that involve unusually
subjective judgments or
uncertainties, or that are subject
to potential significant change in
the near term in a manner that
have 2 financially disruptive
effect on the entity for example,
the ultimate collectibility of
receivables, the timing of
revenue recognition, the
realizability of financial
instruments based on highly-
subjective valuation of collateral
or difficult-to-assess repayment
sources, or a significant deferral
of costs).
 Significant related party
transactions which are not in the
ordinary course of business.
 Significant related party
transactions which are not
audited or are audited by
another firm.
 Significant, unusual or highly
complex transactions
(especially those close to year-
end) that pose difficult questions
concerning substance over
form.
 Significant bank accounts or
subsidiary or branch operations
in tax-haven jurisdictions for
which there appears to be no
clear business justification.
 An overly complex
organizational structure
involving numerous or unusual
legal entities, managerial lines
of authority or contractual
arrangements without apparent
business purpose.
 Difficulty in determining the
organization or person (or
persons) controlling the entity
 Unusually rapid growth or
profitability, especially
compared with that of other
companies in the same industry.
 Especially high vulnerability to
changes in interest rates
 Unusually high dependence on
debt a marginal ability to meet
debt repayment requirements,
or debt covenants that are
difficult to maintain.

 Unrealistically aggressive sales
or profitability incentive
programs.
  A threat of imminent
bankruptcy, foreclosure or
hostile takeover.
 Adverse consequences on
significant pending transactions
(such as a business
combination or contract award)
if poor financial results are
reported. A poor or deteriorating
financial position when
management has personally
guaranteed significant debts of
the entity.
Fraud Risk Factors Relating to
Misstatements Resulting from
Misappropriation of Assets

Fraud risk factors that relate to misstatements

resulting from misappropriation of assets may
be grouped in the following two categories:
I. Susceptibility of Assets to Misappropnation.
2. Controls.
For each of these two categories, examples of a
fraud risk factors relating to misstatements
resulting from misappropriation of assets arc set
out below The extent of the auditor's
consideration of the fraud risk factors in
category 2 is influenced by the degree to which
fraud risk factors in category I are present.
1. Fraud Risk Factors Relating to
Susceptibility of Assets to
Misappropriation
These fraud risk factors pertain to the nature of
an entity's assets and the degree to which they
are subject to theft.
• Large amounts of cash on hand or
processed. Inventory characteristics, such as
small size combined with high val. and high
demand.
• Easily convertible assets, such as bearer
bonds, diamond, or computer chips.
• Fixed asset characteristics, such as small size
combined with marketability and lack of
ownership identification.
2. Fraud Risk Factors Relating to
Controls
These fraud risk factors involve the lack of
controls designed to prevent or detect
misappropriation of assets. Lack of appropriate
management oversight (for example,
inadequate supervision or inadequate
monitoring pi remote locations).
Lack of procedures to screen job applicants for
positions where employees have access to
assets susceptible to misappropriation.
• Inadequate record keeping for assets
susceptible to misappropriation.
• Lack of an appropriate segregation of duties or
independent checks.
• Lack of an appropriate system of authorization
and approval of transactions (for example, in
purchasing).
• Poor physical safeguards over cash,
investments, inventory or fixed assets.
• Lack of timely and appropriate documentation
for transactions (for example, credits for
merchandise returns).
• Lack of mandatory vacations for employees
performing key control functions.