Professional Documents
Culture Documents
Fraud, Laws and Regulations (ISA 240)
Fraud, Laws and Regulations (ISA 240)
Misstatement in the financial statements can arise from either fraud or error.
The distinguishing factor is whether the underlying action that resulted in the
misstatement was intentional or unintentional. [ISA 240, 2]
Fraud
Fraud is an intentional act by one or more individuals among management,
those charged with governance, employees or third parties, involving the use
of deception to obtain an unjust or illegal advantage. [ISA 240 the Auditor’s
Responsibilities Relating to Fraud in an Audit of Financial Statements, 12a]
Fraud can be split into two types:
• Fraudulent financial reporting – deliberately misstating the financial
statements to make the company's performance or position look
better/worse than it actually is.
• Misappropriation – theft of a company’s assets such as cash or
inventory. [ISA 240, 3]
Error
An error can be defined as an unintentional misstatement in financial
statements, including the omission of amounts or disclosures, such as the
following:
• A mistake in gathering and processing data from which financial
statements are prepared.
• An incorrect accounting estimate arising from oversight or a
misinterpretation of facts.
• A mistake in the application of accounting principles relating to
measurement, recognition, classification, presentation or disclosure.
[ISA 450 Evaluation of Misstatements Identified During the Audit, A1]
Directors’ responsibilities in respect of fraud
The primary responsibility for the prevention and detection of fraud rests with
those charged with governance and the management of an entity. This is
achieved by:
• Implementing an effective system of internal control, reducing
opportunities for fraud to take place and increasing the likelihood of
detection (and punishment).
• Creating a culture of honesty, ethical behaviour, and active oversight by
those charged with governance.
The directors should be aware of the potential for fraud and this should
feature as an element of their risk assessment and corporate governance
procedures.
The audit committee should review these procedures to ensure that they are
in place and working effectively. This will normally be achieved in conjunction
with the internal auditors. [ISA 240, 4]
Internal auditors
Internal auditors can help management fulfil their responsibilities in respect of
fraud and error. Typical functions the internal auditor can perform include:
• Testing the effectiveness of the internal controls at preventing and
detecting fraud and error and provide recommendations for
improvements to the controls.
• Performing fraud investigations to:
– identify how the fraud was committed
– identify the extent of the fraud
– provide recommendations on how to prevent the fraud from happening
again.
• Performing surprise asset counts to identify misappropriation.
The presence of an internal audit department may act as a deterrent to fraud
in itself as there is a greater chance of being discovered.
External auditor's responsibilities in respect of fraud
The auditor’s role is two-fold:
• Assess the risk of material misstatement due to fraud, and
• Respond to the assessed risks.
Assessing the risk of fraud
The auditor should:
• Obtain reasonable assurance that the financial statements are free
from material misstatement, whether caused by fraud or error. [ISA
240, 5]
• Apply professional scepticism and remain alert to the possibility that
fraud could take place. [ISA 240, 8]
This means that the auditor must recognise the possibility that a material
misstatement due to fraud could occur, regardless of the auditor's prior
experience of the client's integrity and honesty.
• Consider the potential for management override of controls and
recognise that audit procedures that are effective for detecting error
may not be effective for detecting fraud. [ISA 240, 8]