ISA 240

The Auditors Responsibilities Relating to

Fraud in an Audit of Financial
Statements
(Dec 15, 2009)

Scope of ISA
-auditors responsibilities relating to fraud in FS
*expands on how ISA 315 & ISA 330 are to be
applied in relation to risk of material
misstatement due to fraud

Characteristics of Fraud
Fraud material misstatement in financial
statement.
Material intentional misstatement

fraudulent FS reporting
assets misappropriation

Responsibility for the Prevention and Detection of

Fraud
* Governance of entity and management

Auditor
1. Obtains reasonable assurance FS free from material
misstatement.
2. Difficult to detect due to collusion , forgery, not recorded
transactions, and intentional misrepresentations
3. Managers directly or indirectly manipulate accounting records.
4. Responsible for maintaining professional skepticism.

The objectives of the auditor

1. To identify and assess the risk of material
misstatement of the financial statements due
to fraud
2. To obtain sufficient appropriate audit
evidence
3. To respond appropriately to fraud or
suspected fraud identified during the audit

Definitions used in ISA, term used;

Fraud an intentional act by one or more
individuals among management, those charged
with governance, employees, or third parties,
involving the use of deception to obtain un
unjust or illegal advantage
Fraud risk factor events or conditions that
indicate an incentive or pressure to commit
fraud or provide an opportunity to commit fraud

Requirements
1. Professional skepticism
2. Discussion among the engagement team
*How & where FS may be susceptible to material misstatement
due to fraud
3. Risk assessment procedures and related activities
* Obtain understanding of the entity and its environment +
internal control
*make inquiries of management regarding:
- Managements assessment of the risk (nature, extent,
frequency)
- Managements process for identifying and responding to the
risk (specific risk, account balances, disclosures)
- Managements communication to those charged with
governance regarding its processes for identifying and
responding to the risk of fraud in the entity
- managements communication to employees regarding its
views on business practices and ethical behavior

* Make inquiries of management and others to determine

they know , suspect about fraud in entity
* Make inquiries to internal audit
* Obtain an understanding of how those charged with
governance exercise control managements processes for
identifying and responding to the risk of fraud and internal
control
* Those charged with governance know or suspect any
fraud
* Evaluate whether unusual or unexpected relationships
(analytical procedures)
* Consider other information
* Evaluate fraud risk factor

4. Identification and Assessment of the Risks of

Material Misstatement Due to Fraud
* Identify and assess the risks of material
misstatement due to fraud at FS and assertion
levels for classes of transactions, account
balances and disclosures. (ISA 315)
* Evaluate which type of revenue, revenue
transactions or assertions give rise to risks.
* Treat those assessed risks of material
misstatement due to fraud as significant risks.
Obtain understanding of the entity related
controls.

5. Responses to the Assessed Risks of Material Misstatement

Due to Fraud
* Determine overall responses to address the assessed risks
* Assign and supervise personnel, evaluate selection and
application of accounting policies by entity, incorporate and
element of unpredictability in the section of nature, timing
and extent of audit procedures
* Audit procedures responsive to assessed risks
* Audit procedures responsive to risk related to management
override of controls
- Design and perform audit procedures to test
appropriateness of journal entries & adjustments made in
the preparation of FS.
- Review accounting estimates for biases and evaluate
circumstances.
- Evaluate significant transactions

6. Evaluation of Audit Evidence

* Near end of audit, form overall conclusion,
indicate a previously unrecognized risk
* If misstatement identified, evaluate whether
such a misstatement is indicative of fraud.
* If misstatement identified, material or not.
Reason to believe that reason is fraud,
management involved. Revaluate assessment.
* If the auditor confirms that, or unable to
conclude whether, the FS are materially
misstated as a result of fraud that auditor shall
evaluate the implications for the audit

7. Auditor Unable to Continue the Engagement

Fraud or suspected fraud, ability to continue
audit questionable, auditor shall:
- Determine the professional and legal
responsibilities applicable in the circumstances
- Consider whether it is appropriate to withdraw
- If withdraw, discuss with management and
those charged with governance withdrawal
and reasons, determine professional or legal
requirement to report to the person who
made audit appointment

8. Written Representations
From management and those charged with
governance:
- They acknowledge their responsibility for design,
implementation and maintenance of internal
control to prevent and detect fraud
- They have disclosed to the auditor the results of
managements assessment of the risk that FS may
be materially misstated
- They have disclosed to the auditor their knowledge
of fraud or suspected fraud, affecting the entity
involving management, employees in internal
control and others.
- They disclosed any allegations of fraud, or
suspected fraud

9. Communication to Management and with

Those Charged with Governance
*If identified a fraud or obtained info that
indicated a fraud may exist;
communicate to management
* If auditor suspects management, employees in
internal control and others communicate to
those charged with governance.
* Communicate with those charged with
governance any other matters related to fraud
that are, in auditors judgment, relevant to their
responsibilities.

10. Communications to Regulatory and Enforcement Authorities

Determine whether there is a responsibility to report the occurrence or
suspicion to a outside the entity.
11. Documentation
*The auditor documentation of the auditors understanding of the entity
and its environment and the assessment of the risk of material
misstatement:
- The significant decisions
- The identified and assessed risks of material misstatement due to fraud
* The auditor documentation of the auditors responses to the assessed
risks of material misstatement:
- The overall responses
- The results of the audit procedures
* Documentation of communication about fraud made to management,
those charged with governance, regulators and others
* If the auditor have concluded that risk of fraud related to revenue
recognition, the auditor shall include the reasons or that conclusion.

Why Auditors Fail to Detect Fraud

ACFEs 2010 report to the nations on Occupational
Fraud and Abuse
Fraud are detected by:
37.8% - tips (somebody knows)
23.0% - internal controls
17.1%- management review
9.3% - by accident
4.2% - external audit
Failure to develop and maintain professional skepticism

LOOK FOR THINGS THAT SHOULD BE THERE BUT ARE NOT

LOOK FOR THINGS THAT ARE THERE BUT SHOULD NOT
(unusual transactions, things that surprise you, explanations
that dont make sense)
The auditors failure to take into consideration who steals..
Basically honest people
Failure to take an individuals lifestyle into consideration
43%
Over reliance on documentation
Not knowing how to ask questions
Failure to make yourself available
Failure to know when someone is lying or not
People use words to lie, but the body tells the truth

References
ISA 240
Dycus, D. (May 9, 2012). Why auditors fail to detect fraud. Retrieved from,
www.dennisdycus.com