publications

 ON BALANCE • FREQUENCY • THE BRIDGECPA2B ACCOUNTING FOR THE FUTURE 

 

(taken from the Jan/Feb 2006 issue of On Balance magazine)

Studying the impact
of SAS 99

 By Karen Kerber, CPA

SAS 99 was designed to give auditors additional guidance on detecting fraud that is material to the financial statements. Auditors must perform and document additional non-financial procedures to gain a thorough understanding of the potential for fraud, both material and immaterial. The need for planning has been intensified because of this standard.

As part of the planning process, the new standard requires interviews of management and other non-financial and non-management personnel to obtain their views on the risks of fraud and potential areas where fraud may have taken place. In selecting interviewees, the auditor must consider individuals from lower-level accounting positions, operations, internal auditors and internal legal staff.

The standard has emphasized the auditor’s need to improve communication skills. A vital part of conducting interviews and discovering fraud comes from the ability of the CPA to ask questions, gauge responses and consider the implications of not asking questions. Although the benefits of asking questions should be obvious, some CPAs are reluctant to ask questions about fraud because they believe it will offend people or it could lead to legal trouble, or they don’t think people will answer such questions truthfully. 

An auditor should never be reluctant to ask questions about fraud, regardless of the person’s position in the organization. If the auditor explains the nature of and reasons for the inquiry, almost no one will be offended when asked about fraud. Through the process of diligent inquiry, two important objectives are met. First, the auditor fulfills the obligation to be proactive in detecting fraud. Second, and just as important, the auditor sends the message that he is actively looking for fraud.

Today’s auditor is more likely to get into legal trouble by not asking questions. In a courtroom, a jury is likely to be unsympathetic to the notion that a CPA avoided the tough questions.

The interview process combined with increased skepticism helps to identify fraud risk factors. Assessment of the identified fraud risks will help determine in what areas material misstatement due to fraud may have occurred, the types and timing of fraud most likely to have occurred, and how any fraudulent activity could be concealed. 

In response to this process, the auditor must review the audit strategy and procedures to determine if they are adequate in response to the identified fraud risks and the search for potential fraud. The responses need to be documented and should address the following:

  • Overall effect on how the audit is conducted. An audit program should be tailored to the client. It is not a fill-in-the-blank process.
  • Effect on the nature, timing and extent of specific auditing procedures. If we always do what we’ve always done, we’ll always get what we’ve always had.
  • Fraudulent activity related to management override of controls
  • Fraudulent activity related to revenue recognition
  • Performance of unpredictable audit procedures
  • Materiality isn’t just quantitative, it is also qualitative
  • Any red flags of fraud must be pursued
  • All interviews should be in writing.

Recent events, new legislation and new professional guidance have increased client expectations with respect to the auditor’s responsibility to detect fraud. Consequently, the judgment exercised by an auditor who is confronted with potential fraud is critical. The standards note that even a properly planned and performed audit may not detect a material misstatement, so the auditor must address client expectations with effective communication. Management must understand the nature and limitations of the audit and its responsibilities with respect to financial statements and fraud.

Following the guidance in SAS 99 demonstrates fraud detection procedures. One thing is clear, when fraud or potential fraud goes undiscovered by auditors, regardless of how immaterial the effect on the financial statements, there is a potential for legal action.

Auditors should be wary of falling into the “expectation gap,” the primary cause of malpractice liability. It occurs when someone thinks SAS 99 is the maximum level of work required.

Judges and juries have said that audit standards are the minimum level of acceptable performance. Documenting SAS 99 procedures is not a guarantee that an auditor will not be the target of a lawsuit, but it is a defense.

Karen K. Kerber, CPA is a partner at Kerber, Rose & Associates SC in Shawano.

 

 return to previous page