Part 2: It’s all about expectations, What is fraud in audit?
Part 3: Responsibility towards fraud, ISA 240 Objectives
Part 4: Assessing risk of fraud
Part 5: Responses to assessed risk, Evaluation of evidence obtained
Part 6: Auditor’s inability to continue engagement, Written representation
Part 7: Communication with those charged with governance, Communication to regulatory authorities, Documenting fraud
3 Responsibility towards fraud
3.1 Entity
Primarily it is the responsibility of both management and those charged with governance. Management under the supervision of those charged with governance works to prevent fraud by eradicating possibilities of fraud by creating an entity-wide culture of strong ethics and honesty.
Supervision by management includes keeping close eye on management overriding controls or in any way controlling the financial reporting process for their own personal benefits.
3.2 Auditor
Auditor’s responsibility is to express an opinion on the financial statements for which he is required to obtain reasonable assurance. Reasonable assurance means that in order to express an opinion that financial statements are giving true and fair view he must be reasonably sure that financial statements are free from material misstatements due to fraud or error.
3.2.1 Why reasonable assurance? – Revisited
In ISA 200 we understood that auditor cannot provide absolute assurance because of inherent limitations of audit and thus he is restricted to provide reasonable assurance.
That alternatively means that there might be some material misstatements that go undetected even if audit is properly planned and executed. And under fraudulent activities the risk of not detecting misstatement is higher than the risk of not detecting error.
Reason is, as discussed above, activities involving fraud are followed by cover up activities and misinformation that legitimize the existence of fraud. And thus makes it hard to detect it. This becomes even more difficult if fraud involves management (management fraud) as opposed to employee (employee fraud) because they are able to circumvent control activities, design and change policies and reporting process and collusion. For example, employees are offered to buy vehicles at book value. To buy vehicles at cheaper rate from organization, directors may increase depreciation rate to reduce book value.
4 Objectives of ISA 240
Auditor is required to:
- Identify and assess the risks of material misstatements due to fraud
- Design further audit procedures to obtain sufficient appropriate audit evidence against assessed risk
- Design appropriate responses to detected or suspected fraud