College of Accountancy

CONSIDERATION OF FRAUD, ERROR, AND NON-COMPLIANCE WITH LAWS

AND REGULATIONS
Contents:
1. Characteristics of Fraud
2. Types of Fraud
3. Responsibility for the Prevention and Detection of Fraud
4. Auditor’s Consideration of Fraud
5. Withdrawing from Engagement Because of Fraud
6. Non-compliance with Laws and Regulations
7. Responsibility for Compliance with Laws and Regulations
8. Auditor’s Consideration of Laws and Regulations
9. Difficulty in Detecting Non-compliance

1. Characteristics of Fraud
Misstatements in the financial statements can arise from either fraud or error. The
distinguishing factor between fraud and error is whether the underlying action that results in the
misstatement of the financial statements is intentional or unintentional.
Fraud is an intentional act by one or more individuals among management, those charged
with governance, employees, or third parties, involving the use of deception to obtain an unjust
or illegal advantage. On the other hand, error is an unintentional misstatement or omission of
amounts or disclosures in the financial statements.
Fraud Terms
a. Embezzlement (defalcation) – involves theft of fund placed in one’s trust or care.
b. Larceny – involves theft of personal property.
c. Forgery – act of forging or producing a copy of a document, signature, etc.
d. Bribery – persuading someone to act in one’s favor illegally by a gift.
e. Extortion (blackmail) – obtaining something (e.g., money) through force or threats.
f. Conspiracy (collusion or connivance) – agreement between two or more people to
commit a crime.
g. Earnings management – use of accounting to enhance financial performance.
h. Income smoothing – a form of earnings management in which revenues and expenses are
shifted between periods to reduce fluctuations in earnings.

2. Types of Fraud
Although fraud is a broad legal concept, the auditor is concerned with fraud that causes a
material misstatement in the financial statements. Two types of intentional misstatements are
relevant to the auditor – misstatements resulting from fraudulent financial reporting and
misstatements resulting from misappropriation of assets. Although the auditor may suspect or, in
rare cases, identify the occurrence of fraud, the auditor does not make legal determinations of
whether fraud has actually occurred.
Fraudulent Financial Reporting
Fraudulent financial reporting involves intentional misstatements including omissions of
amounts or disclosures in financial statements to deceive financial statement users. It can be
caused by the efforts of management to manage earnings in order to deceive financial statement
users by influencing their perceptions as to the entity’s performance and profitability. Such
earnings management may start out with small actions or inappropriate adjustment of
assumptions and changes in judgments by management. Pressures and incentives may lead these
actions to increase to the extent that they result in fraudulent financial reporting. Such a situation
could occur when, due to pressures to meet market expectations or a desire to maximize

Instructor: Orlando L. Ananey Page 1 of 8

 College of Accountancy

compensation based on performance, management intentionally takes positions that lead to

fraudulent financial reporting by materially misstating the financial statements. In some entities,
management may be motivated to reduce earnings by a material amount to minimize tax or to
inflate earnings to secure bank financing.
Fraudulent financial reporting may be accomplished by the following:
• Manipulation, falsification (including forgery), or alteration of accounting records or
supporting documentation from which the financial statements are prepared.
• Misrepresentation in, or intentional omission from, the financial statements of events,
transactions or other significant information.
• Intentional misapplication of accounting principles relating to amounts, classification,
manner of presentation, or disclosure.
Fraudulent financial reporting often involves management override of controls that
otherwise may appear to be operating effectively. Fraud can be committed by management
overriding controls using such techniques as:
• Recording fictitious journal entries, particularly close to the end of an accounting period,
to manipulate operating results or achieve other objectives.
• Inappropriately adjusting assumptions and changing judgments used to estimate account
balances.
• Omitting, advancing or delaying recognition in the financial statements of events and
transactions that have occurred during the reporting period.
• Concealing, or not disclosing, facts that could affect the amounts recorded in the financial
statements.
• Engaging in complex transactions that are structured to misrepresent the financial
position or financial performance of the entity.
• Altering records and terms related to significant and unusual transactions.
Misappropriation of Assets
Misappropriation of assets involves the theft of an entity’s assets and is often perpetrated
by employees in relatively small and immaterial amounts. However, it can also involve
management who are usually more able to disguise or conceal misappropriations in ways that are
difficult to detect. Misappropriation of assets can be accomplished in a variety of ways
including:
• Embezzling receipts (for example, misappropriating collections on accounts receivable or
diverting receipts in respect of written-off accounts to personal bank accounts).
• Stealing physical assets or intellectual property (for example, stealing inventory for
personal use or for sale, stealing scrap for resale, colluding with a competitor by
disclosing technological data in return for payment).
• Causing an entity to pay for goods and services not received (for example, payments to
fictitious vendors, kickbacks paid by vendors to the entity’s purchasing agents in return
for inflating prices, payments to fictitious employees).
• Using an entity’s assets for personal use (for example, using the entity’s assets as
collateral for a personal loan or a loan to a related party).
Misappropriation of assets is often accompanied by false or misleading records or
documents in order to conceal the fact that the assets are missing or have been pledged without
proper authorization.

Instructor: Orlando L. Ananey Page 2 of 8

 College of Accountancy

3. Responsibility for the Prevention and Detection of Fraud

Management and Those Charge with Governance
The primary responsibility for the prevention and detection of fraud rests with both those
charged with governance of the entity and management. It is important that management, with
the oversight of those charged with governance, place a strong emphasis on fraud prevention,
which may reduce opportunities for fraud to take place, and fraud deterrence, which could
persuade individuals not to commit fraud because of the likelihood of detection and punishment.
This involves a commitment to creating a culture of honesty and ethical behavior which can be
reinforced by an active oversight by those charged with governance. In exercising oversight
responsibility, those charged with governance consider the potential for override of controls or
other inappropriate influence over the financial reporting process, such as efforts by management
to manage earnings in order to influence the perceptions of analysts as to the entity’s
performance and profitability.
Auditor
An auditor conducting an audit in accordance with PSAs is responsible for obtaining
reasonable assurance that the financial statements taken as a whole are free from material
misstatement, whether caused by fraud or error. Owing to the inherent limitations of an audit,
there is an unavoidable risk that some material misstatements of the financial statements will not
be detected, even though the audit is properly planned and performed in accordance with the
PSAs.
The risk of not detecting a material misstatement resulting from fraud is higher than the
risk of not detecting one resulting from error. This is because fraud may involve sophisticated
and carefully organized schemes designed to conceal it, such as forgery, deliberate failure to
record transactions, or intentional misrepresentations being made to the auditor. Such attempts at
concealment may be even more difficult to detect when accompanied by collusion. Collusion
may cause the auditor to believe that audit evidence is persuasive when it is, in fact, false. The
auditor’s ability to detect a fraud depends on factors such as the skillfulness of the perpetrator,
the frequency and extent of manipulation, the degree of collusion involved, the relative size of
individual amounts manipulated, and the seniority of those individuals involved. While the
auditor may be able to identify potential opportunities for fraud to be perpetrated, it is difficult
for the auditor to determine whether misstatements in judgment areas such as accounting
estimates are caused by fraud or error.
Furthermore, the risk of the auditor not detecting a material misstatement resulting from
management fraud is greater than for employee fraud, because management is frequently in a
position to directly or indirectly manipulate accounting records, present fraudulent financial
information or override control procedures designed to prevent similar frauds by other
employees.
When obtaining reasonable assurance, the auditor is responsible for maintaining an
attitude of professional skepticism throughout the audit, considering the potential for
management override of controls and recognizing the fact that audit procedures that are effective
for detecting error may not be effective in detecting fraud. The requirements in this PSA are
designed to assist the auditor in identifying and assessing the risks of material misstatement due
to fraud and in designing procedures to detect such misstatement.

Instructor: Orlando L. Ananey Page 3 of 8

 College of Accountancy

4. Auditor’s Consideration of Fraud

Summary:
Risk Assessment Risk Response Conclusion and Reporting
Perform risk assessment Perform overall responses to Perform concluding analytical
procedures. fraud. procedures.

Perform discussion Perform intensive Obtain written representations.

among the engagement procedures for specific
team (brainstorming) risks. Evaluate audit evidence obtained.

Identify and assess risks On all audits, consider the Communicate audit results about
of material misstatements possibility of management fraud to management and those
due to fraud by override of controls on charged with governance.
considering: adjusting journal entries,
a. Fraud risk factors accounting estimates, and Document consideration of fraud;
and fraud unusual transactions. and, if improper revenue
triangle; and recognition not considered a risk,
b. Internal controls describe why.
that address the
identified risks
Auditor should always apply professional judgement and professional skepticism.
Identifying and Assessing the Risks of Material Misstatements due to Fraud
The auditor shall evaluate whether the information obtained from risk assessment
procedures indicates that one or more fraud risk factors are present. Fraud risk factors refer to
events or conditions that indicate an incentive or pressure to commit fraud provide an
opportunity to commit fraud. They are referred to as “fraud triangle” because when all three
conditions are present, it is highly likely that fraud has occurred or may be occurring.
The Fraud Triangle

Opportunity

Incentive or Pressure
Incentive or pressure to commit fraudulent financial reporting may exist when
management is under pressure, from sources outside or inside the entity, to achieve an
expected (and perhaps unrealistic) earnings target or financial outcome – particularly
since the consequences to management for failing to meet financial goals can be
significant. Similarly, individuals may have an incentive to misappropriate assets, for
example, because the individuals are living beyond their means.

Instructor: Orlando L. Ananey Page 4 of 8

 College of Accountancy

Opportunity
A perceived opportunity to commit fraud may exist when an individual believes
internal control can be overridden, for example, because the individual is in a position of
trust or has knowledge of specific weaknesses in internal control.
Attitudes or Rationalization
Individuals may be able to rationalize committing a fraudulent act. Some
individuals possess an attitude, character or set of ethical values that allow them
knowingly and intentionally to commit a dishonest act. However, even otherwise honest
individuals can commit fraud in an environment that imposes sufficient pressure on them.
Risk Responses Relating to Fraud
Overall Response: FS Level ROMM
a. Heighten professional skepticism;
b. Assign people with specialized skills/knowledge, such as information technology;
c. Develop specific procedures to identify the existence of fraud; and
d. Incorporate an element of unpredictability in selecting the nature, timing and extent of
audit procedures.
Specific Responses to Potential Fraud Risks: Assertion Level ROMM
a. Change the nature, timing and extent of procedures to address the risk, such as:
- Obtain more reliable and relevant audit evidence or additional corroborative
information to support management’s assertions,
- Perform a physical observation or inspection of certain assets,
- Observe inventory counts on an unannounced basis, and
- Perform further review of inventory records to identify unusual items, unexpected
amounts, and other items for follow-up procedures.
b. Perform further work to evaluate the reasonableness of management’s estimates and the
underlying judgements and assumptions.
c. Increase sample sizes or perform substantive audit procedures at more detailed level.
d. Use computer-assisted audit techniques (CAATs). For example,
- Gather more evidence about data contained in significant accounts,
- Perform more expensive testing of electronic transactions and files,
- Select sample transactions from key electronic files,
- Sort transactions with specific characteristics, and
- Test an entire population instead of a sample.
e. Request additional information in external confirmations.
f. Change the timing of substantive procedures from interim date to one near the period
end.

Conclusions and Reporting Relating to Fraud

Written Representations
The auditor shall obtain written representations from management and, where
appropriate, those charge with governance that they:
a. Acknowledge their responsibility for internal control to prevent and detect fraud;
b. Have disclosed to auditor the results of their assessment of risks of material
misstatements due to fraud;

Instructor: Orlando L. Ananey Page 5 of 8

 College of Accountancy

c. Have disclosed to auditor their knowledge of fraud, or suspected fraud, involving

management, employees who have significant roles in internal control; or others where
the fraud could have a material effect on the financial statements; and
d. Have disclosed to auditor their knowledge of any allegations of fraud, or suspected fraud,
affecting the financial statements communicated by employees, former employees,
analysts, regulators or others.
Communication of Misstatements Resulting from Fraud or Error
a. Communication with Management
- The communication is made even if the matter might be considered inconsequential
(for example, a minor defalcation by an employee at a low level in the entity’s
organization). The determination whom to communicate is a matter of professional
judgement which normally is at least one level above the person involved.
b. Communication with Those Charged with Governance
- Due to the nature and sensitivity of fraud involving senior management, or fraud that
results in a material misstatement in the financial statements, the auditor reports such
matters on a timely basis and may consider it necessary to also report such matters in
writing. In some cases, the auditor may consider it appropriate to communicate fraud
involving employee other than management that does not result in material
misstatement.
c. Communication with Regulatory and Enforcement Authorities
- The auditor’s professional duty to maintain confidentiality of client information may
preclude reporting fraud to a party outside. However, in certain circumstances, the
duty of confidentiality may be overridden by regulatory requirements, statute, the law
or courts of law. For example, under a BSP requirement, the auditor of financial
institution has a statutory duty to report the occurrence of fraud to the BSP. Also,
under SEC requirement, the auditor has a duty to report material audit findings, such
as those involving fraud or error, in those cases where management and those charge
with governance fail to report those findings to the SEC within the prescribed period.

5. Withdrawing from Engagement Because of Fraud

Examples of exceptional circumstances that may arise that may bring into question the
auditor’s ability to continue performing the audit include:
• The entity takes no appropriate action about fraud, even if not material to financial
statements;
• The risks of material misstatements due to fraud and the result of audit tests indicate a
significant risk of material and pervasive fraud; or
• Significant concern about the competence or integrity of management or those charge
with governance.
The auditor may seek legal advice when deciding whether to withdraw from an engagement.
6. Non-compliance with Laws and Regulations
Laws and regulations applicable to the entity constitutes the legal and regulatory
framework in which it operates. Non-compliance refers to acts of omission or commission,
intentional or unintentional, committed by the entity, or by those charge with governance, by
management or by other individuals working for or under the direction of the entity, which are
contrary to the prevailing laws or regulations. Non-compliance does not include personal
misconduct unrelated to the business activities of the entity. Non-compliance could include tax
evasions, illegal labor practices, insider trading, bribing officials, environmental laws violation,
check fraud, illegal price fixing, money laundering, etc.

Instructor: Orlando L. Ananey Page 6 of 8

 College of Accountancy

Laws and regulations can have direct or indirect effect on the financial statements. Laws
and regulations that have direct effect on financial statements results in amounts and disclosures
reported on the financial statements. For example: tax laws and pension laws. On the other hand,
laws and regulations that have indirect effect on the financial statements are not reported in the
financial statements since they are primarily operational in nature. However, non-compliance
may result in fines, litigation or other consequences for the entity that may have a material effect
on the financial statements. For example: labor laws, environmental protection laws, health laws,
operating license, regulatory solvency requirements.
7. Responsibility for Compliance with Laws and Regulations
The responsibility for the compliance, including prevention and detection of non-
compliance with laws and regulations rests with the management and those charged with
governance. The management, with oversight of those charged with governance, must institute
actions aimed to address risks of non-compliance with laws and regulations. These could
include:
• Maintaining a register of significant laws, and a record of any complaints received;
• Monitoring legal requirements and designing procedures/internal controls to ensure
compliance with these requirements;
• Engaging legal advisors to assist in monitoring legal requirements; and
• Developing, publicizing, implementing, and following a code of conduct.

8. Auditor’s Consideration of Laws and Regulations

Summary:
Risk Assessment Risk Response Conclusion and Reporting
Obtain general For laws and regulation with direct Obtain written
understanding of: effect: representations that all
1. Legal and 1. Read minutes, documents, known instances of non-
regulatory correspondence, etc.; compliance with laws and
framework 2. Inquire of management and legal regulations have been
2. Entity’s counsel about litigation and disclosed to auditor.
compliance claims; and
3. Perform test of details Form an appropriate opinion.
Identify and assess
risks of material For laws and regulations with indirect Determine whether to report
misstatements due to effect: non-compliance with laws
non-compliance with 1. Inquire of management and those and regulations to an outside
laws and regulations charged with governance about authority.
compliance; and
2. Inspect correspondence with Document results and
regulatory authorities findings, such as:
1. Copies of relevant
If identified or suspected non- records or documents;
compliance with laws and regulations: and
1. Understand the nature and 2. Minutes of discussions
circumstances to evaluate possible with management, those
effect on financial statements. charge with governance,
2. Discuss with management and or other parties outside
those charged with governance on the entity.
a timely basis.
3. May obtain legal advice.
4. Evaluate other audit implications.

Instructor: Orlando L. Ananey Page 7 of 8

 College of Accountancy

The auditor’s considerations of laws and regulations are:

• Obtaining sufficient appropriate audit evidence regarding compliance with laws and
regulations that have direct effect on the financial statements
• Limited undertaking of specified audit procedures to help identify con-compliance with
laws and regulation that have indirect effect on the financial statements; and
• Responding appropriately to instances of non-compliance with laws and regulations

9. Difficulty in Detecting Non-compliance

During the audit, the auditor shall remain alert to the possibility that other audit
procedures applied may bring instances of non-compliance with laws and regulations to auditor’s
attention. However, non-detection of material misstatements with non-compliance with laws and
regulations are greater, because:
- Operational in nature and not captured in financial statements;
- Concealed (e.g., collusion, forgery); and
- Matter of legal determination by a court of law.
As a result, generally, the further removed non-compliance is from the financial
statements, the less likely the auditor will recognize the non-compliance.

Instructor: Orlando L. Ananey Page 8 of 8