Chapter 2: The Risk of Fraud and Mechanisms to Address Fraud: Regulation, Corporate Governance, and Audit

Quality

FRAUD

- Intentional act involving the use of deception that results in a material misstatement of the FS
- Intent to deceive is what distinguishes fraud from errors
- TWO TYPES:
o MISSTATEMENTS ARISING FROM MISAPPROPRIATION OF ASSETS
 Occurs when a perpetrator steals or misuses an organization’s assets
 DOMINANT FRAUD SCHEME against small businesses
 PERPETUATORS: employees
 Examples: embezzling cash receipts, stealing assets, or causing the company to pay for
goods or services that were not received
o MISSTATEMENTS ARISING FROM FRAUDULENT FINANCIAL REPORTING
 Intentional manipulation of reported financial results to misstate the economic
condition of the organization
 PERPETUATOR: seeks gain through the rise in stock price and the commensurate
increase in personal wealth or uses the fraudulent financial reporting to “help” the
organization to avoid bankruptcy or to avoid some other negative financial outcome
 THREE COMMON WAYS:
 Manipulation, falsification, or alteration of accounting records or supporting
documents
 Misrepresentation or omission of events, transactions, or other significant
information
 Intentional misapplication of accounting principles
- FRAUD TRIANGLE:
o By Don Cressey (more than 30 years ago)
o THREE ELEMENTS:

o
o FRAUD RISK FACTORS/ RED FLAGS- factors associated with these elements
 Incentive to commit fraud (reason)
 Incentives or pressures to commit fraud on each engagement, including the
most likely areas in which fraud might take place
 Include the ff:
o Management compensation schemes
o Other financial pressures for either improved earnings or an improved
balance sheet
o Debt covenants
o Pending retirement or stock option expirations
o Personal wealth tied to either financial results or survival of the
company
o Greed
 Incentives relating to asset misappropriation include:
 o Personal factors (financial considerations)
o Pressure from family, friends or culture to live a more lavish lifestyle
than one’s personal earnings
o Addictions to gambling or drugs
 Opportunity to commit and conceal fraud
 Either there is a lack of controls or the complexities associated with a
transaction re such that the perpetrator assesses the risk of being caught as
low
 Include the following:
o Significant related-party transactions
o A company’s industry position
o Management’s inconsistency involving subjective judgments
regarding assets or accounting estimates
o Simple transactions that are made complex through an unusual
recording process
o Complex or difficult to understand transactions, such as financial
derivatives or special-purpose entities
o Ineffective monitoring of management by the board, either because
the board of directors is not independent or effective, or because
there is a domineering manager
o Complex or unstable organizational structure
o Weak or nonexistent internal controls
 Rationalization- the mindset of the fraudster to justify committing the fraud
 A crucial component
 Involves a person reconciling unlawful or unethical behavior
 ASSET MISAPPROPRIATION: personal rationalizations often revolve around
mistreatment by the company or a sense of entitlement

PROFESSIONAL SKEPTICISM

- According to Center for Audit Quality (CAQ): “Skepticism involves the validation of information through
probing questions, the critical assessment of evidence, and attention to inconsistencies.
- Skepticism is not an end in itself and is not meant to encourage a hostile atmosphere or
micromanagement;
- it is an essential element of the professional objectivity required of all participants in the financial
reporting supply chain. Skepticism throughout the supply chain increases not only the likelihood that
fraud will be detected, but also the perception that fraud will be detected, which reduces the risk that
fraud will be attempted.
- International auditing standards: Professional skepticism is an attitude that includes a questioning mind
and a critical assessment of audit evidence
- The key elements to successfully exercising professional skepticism include obtaining strong evidence and
analyzing that evidence through critical assessment, attention to inconsistencies, and asking probing
(often open-ended) questions.

EXAMPLES OF RECENT FRAUDULENT FINANCIAL REPORTING

 Enron (2001)
 Worldcom (2002)
 Parmalat (2003)
 HealthSouth (2003)
 Dell (2005)
 Koss Corp. (2009)
  Olympus (2011)
 Longtop Financial Technologies (2011)

IMPLICATIONS FOR EXTERNAL AUDITORS

● The auditor should be aware of the pressure that analyst following and earnings expectations create for
top management

● If there are potential problems with revenue, the auditor cannot complete the audit until there is
sufficient time to examine major year-end transactions

● The auditor must understand complex transactions to determine their economic substance and the
parties that have economic obligations

● The auditor must clearly understand and analyze weaknesses in an organization’s internal controls in
order to determine where and how a fraud may take place

● The auditor must develop audit procedures to address specific opportunities for fraud to take place

COMMONLY CITED MOTIVATIONS FOR FRAUD

● Need to meet internal or external earnings expectations

● Attempt to conceal the company’s deteriorating financial condition

● Need to increase the stock price

● Need to bolster financial performance for pending equity or debt financing

● Desire to increase management compensation based on financial results

ENRON (failures):

1. Management Accountability- management was not virtually accountable to anyone as long as the
company showed dramatic stock increases justified by earnings growth. Compensation was based on
stock price and stock price was based on a good story and fictitious members.
2. Corporate Governance- conflict of interest
3. Accounting Rules- accounting became more rule-oriented and complex. It allowed practitioners to take
obscure pronouncements. It is looked as a tool to earn more money, not as a mechanism to portray
economic reality.
4. The Financial Analyst Community- they did not have tools to appropriately value many of the emerging
companies. They relied too much on “earnings guidance” by management
5. Banking and Investment Banking- financial institutions were rewarded
6. The External Auditing Profession and Arthur Andersen- they performed internal and external audit

Overview of the Auditor’s Fraud-Related Responsibilities and Users’ Expectations

- The Center for Audit Quality views fraud-related responsibilities as the key means to improve the
external auditor’s contribution to society and to gain respect for the auditing profession.
- Three ways to mitigate the risk of fraudulent financial reporting (CAQ):
o Acknowledge that there needs to exist a strong, highly ethical tone at the top of an organization
that permeates the corporate culture, including an effective fraud risk management program.
o Continually exercise professional skepticism (a questioning mindset that strengthens
professional objectivity, in evaluating and/or preparing financial reports)
o Strong communication among those involved is critical

The Sarbanes-Oxley Act of 2002 as a Regulatory Response to Fraud

 ● Financial scandals and associated stock market declines in the early 2000s
● Bad ethical decisions
● Weak corporate governance
● Low audit quality
● Insufficient auditor independence
● Response to Enron bankruptcy and collapse of Arthur Andersen
● Sarbanes-Oxley only applies to publicly traded companies

Sarbanes-Oxley Act of 2002

- Applies to publicly traded companies, not privately held organizations

- Many sections were written to respond to various abuses of the financial reporting process in the late
1990s and early 2000s
- Many provisions affect auditors and auditing profession to increase audit quality.
- Many sections significantly enhance the penalties for criminal wrongdoing that affects the securities
markets, individual shareholders, and the general public.
- Also known as “Public Company Accounting Reform and Investor Protection Act” and “Corporate and
Auditing Accountability, Responsibility, and Transparency Act”
- created the legislation to help protect shareholders, employees and the public from accounting errors
and fraudulent financial practices.
- ought to both improve the reliability of the public companies' financial reporting as well as restore
investor confidence in the wake of high-profile cases of corporate crime.

Corporate Governance

- A process by which the owners (stockholders) and creditors of an organization exert control and require
accountability for the resources entrusted to the organization
- The owners elect the BOARD OF DIRECTORS to provide oversight of the organization’s activities and
accountability to stakeholders
- BOARD OF DIRECTORS and AUDIT COMMITTEE- expected to protect the stockholders’ rights and ensure
that controls exist to prevent and detect fraud
- STAKEHOLDERS- include anyone who is influenced, either directly or indirectly, by the actions of a
company.

Responsibility and Accountability

● Governance demands accountability back through the system to the owners and other stakeholders
● Stakeholders include anyone who is affected, either directly or indirectly, by the actions of a
company
 ● Management and the board have responsibilities to
● Act within the laws of society
● Meet various requirements of creditors and employees and other stakeholders
● Corporate governance mosaic refers to the complementary roles and specific responsibilities of the
parties
● No one party is completely responsible

PRINCIPLES OF EFFECTIVE CORPORATE GOVERNANCE

- In 2010, New York Stock Exchange (NYSE) issued a report identifying key core governance principles (in
response to the financial crisis of 2008 and 2009)
- The principles include:

o Long-term sustainable growth in shareholder value for the corporation

o Successful management of the company
 Including creation of a culture of performance with integrity and ethical behavior
o Integration with the company’s business strategy
 Not viewed as simply a compliance obligation
o Transparency
 Regular efforts to ensure that they have sound disclosure policies and practices
o Independence and objectivity
 Balance in the appointment of independent and non-independent directors
 Appropriate range and mix of expertise, diversity, and knowledge on the board
 - The NYSE has mandated certain corporate governance guidelines that registrants must follow:

- Effective governance: companies with effective governance are less likely to experience fraud and
therefore less risky to audit.

Nominating/Corporate Governance Committee

- Composed entirely of independent directors

- Written charter
- Annual performance evaluation

Compensation Committee

- Composed entirely of independent directors

- Writer charter, which must include (at a minimum) the responsibility to:
 o Review and approve corporate goals relevant to CEO compensation
o Make recommendations to the board about non-CEO compensation and incentive-based
compensation plans
o Product a report on executive compensation
- Annual performance evaluation

Responsibilities of Audit Committees:

- MINIMUM OF 3 INDEPENDENT MEMBERS

- Written charter
- Audit committee report
- Annual performance evaluation
- Directly responsible for the appointment, compensation and oversight of the work of registered
accounting firms
- Must be independent
- Must establish whistleblowing mechanisms within the company
- Must have the authority to engage their own independent counsel
- Companies must provide adequate funding for audit committees
- SPECIFIC RESPONSIBILITIES:
 Obtaining each year a report by the external auditor
 The report should address the company’s internal control procedures, any
quality control or regulatory problems, and any relationships that might
threaten the independence of the external auditor
 Discussing the company’s FS with the management and the external auditor
 Discussing in its meetings the company’s earnings press releases, as well as financial
information and earnings guidance provided to analysts
 Discussing in its meetings policies with respect to risk assessment and risk management
 Meeting separately with management, internal auditors, and external auditors on a
periodic basis
 Reviewing with the external auditor any audit problems or difficulties that they have
had with management
 Setting clear hiring policies for employees or former employees of the external auditors
 Reporting regularly to the BODs
- Has the authority to
o hire and fire the head of the internal audit function
o Set budget for the internal audit activity
o Review the internal audit plan
o Discuss all significant internal audit results
- Other responsibilities include:
o Performing or supervising special investigations
o Reviewing policies on sensitive payments
o Coordinate period reviews of compliance with company policies such as corporate governance
policies