Management and the board of directors are responsible for setting the “tone at the top” for ethical

behaviour in
the company. It is vitally important for management to behave with honesty and integrity because this
reinforces the importance of these values to employees throughout the organization.

Management has primary responsibility to design and implement antifraud programs and controls to prevent,
deter, and detect fraud. The audit committee has primary responsibility to oversee the organization’s
financial reporting and internal control processes and to provide oversight of management’s fraud risk
assessment process and antifraud programs and controls.

There are two items which need to be differentiated early. These items are fraudulent financial reporting
and misappropriation of assets.

Fraudulent financial reporting is an intentional misstatement or omission of amounts or disclosures with

the intent to deceive users, while misappropriation of assets is fraud that involves theft of an entity’s
assets.

Frauds involving financial reporting are usually larger than frauds involving misappropriation of assets,
usually involve top management, and do not directly involve theft of company assets.

Revenue and Accounts Receivable Fraud

The main points under this heading should be gathered as:

(a) Fictitious revenues This would seem self-explanatory to me….

(b) Premature revenue recognition This is where reporting entities recognise revenue before accounting
requirements for such recognition have been met.

(c) Manipulation of adjustments to revenues

(d) Misappropriation of revenue receipts

i. Failure to record a sale The sale is simply not recorded and the cash stolen.

ii. Theft of cash receipts after a sale is recorded This fraud is more difficult to conceal than i
above. Of course, one would appreciate this from seminar activities. I am not giving anyone
any ideas I hope!

The so-called fraud triangle describes the necessary factors which need to be present before a fraud will
occur. The three aspects of the triangle are:

1) Incentives/Pressures
(2)Opportunities and
(3)Attitudes/Rationalization.

Incentives/Pressures are incentives of management or other employees to commit fraud.

Opportunities are circumstances that allow management or employees to commit fraud.

Attitudes/Rationalization are indications that an attitude, character, or set of ethical values exist that allow
management or employees to commit a dishonest act or they are in an environment that imposes sufficient
pressure that causes them to rationalize committing a dishonest act.
Auditors use several sources to gather information about fraud risks, including:

1
 Information obtained from communications among audit team members about their knowledge
of the company and its industry; including how and where the company might be susceptible to
material misstatements due to fraud.

Responses to auditor inquiries of management about their views of the risks of fraud and about
existing programs and controls to address specific identified fraud risks.

Specific risk factors for fraudulent financial reporting and misappropriations of assets.

Analytical procedures results obtained during planning that indicate possible implausible or
unexpected analytical relationships.

Knowledge obtained through other procedures such as client acceptance and retention
decisions, interim review of financial statements, and consideration of inherent or control risks.

Auditors must inquire whether management has knowledge of any fraud or suspected fraud within the
company. Auditors are also required to inquire of the audit committee about its views of the risks of fraud
and whether the audit committee has knowledge of any fraud or suspected fraud.

Where the entity has an internal audit function, the auditor should inquire about internal audit’s views of
fraud risks and whether they have performed any procedures to identify or detect fraud during the year.
There are also further requirements that the auditor make inquiries of others within the entity whose duties
lie outside the normal financial reporting lines of responsibility about the existence or suspicion of fraud.

Auditor’s response

The three auditor responses to fraud are: (1) change the overall conduct of the audit to respond to identified
fraud risks; (2) design and perform audit procedures to address identified risks; and (3) perform procedures
to address the risk of management override of controls.

There are three types of inquiry technique depending on the situation. These are

(a) Informational,
(b) Assessment
(c) Interrogative.

Auditors use informational inquiry to obtain information about facts and details that the auditor does not
have.

The auditor uses assessment inquiry to corroborate or contradict prior information.

Interrogative inquiry is used to determine if the interviewee is being deceptive or purposefully

omitting disclosure of key knowledge of facts, events, or circumstances.

Of course these techniques are a complete waste of time unless the auditor evaluates the response(s) to
his enquiries. The auditor must observe behavioural cues – both verbal and non-verbal cues – and
employ appropriate listening techniques in order to properly evaluate the information he has received.

Auditors use several sources to gather information about fraud risks, including (but not limited to)
the following:

2
 (a) Information obtained from communications among audit team members about their
knowledge of the company and its industry, including how and where the company might
be susceptible to material misstatements due to fraud.

(b) Responses to auditor inquiries of management about their views of the risks of fraud and
about existing programs and controls to address specific identified fraud risks.

(c) Specific risk factors for fraudulent financial reporting and misappropriations of assets.

(d) Analytical procedures results obtained during planning that indicate possible implausible or
unexpected analytical relationships.

(e) Knowledge obtained through other procedures such as client acceptance and retention
decisions, interim review of financial statements, and consideration of inherent or control
risks.

THIS DISCLAIMER MUST N OT BE REMOVED FROM THE NOTES SUPPLIED. These notes are
not an implicit or explicit statement about what is expected to be the total knowledge required to be
successful in the course. N either are they indicators of questions or issues to be examined during the
course. The use of these materials in any way apart from lecture notes in support of the lecture
presentation is done entirely at the risk of the user and the preparer of these notes does not accept any
responsibility for unfortunate or unintended consequences to any user for using these materials in
unapproved ways.