Professional Documents
Culture Documents
Fraud Related Procedure
Fraud Related Procedure
Client Period-end
[XYZ Limited] [31 December 2014]
Prepared by Date W/P reference
[XXXXXX] [XXXXX] [E1.1]
1
[Audit procedure – 1]
We have planed the formal risk assessment procedure at the kick off meeting on Nov 2014. the
following persons were present in the meeting:
Engagement Partner : XXXXX
Engagement Manager : XXXXX
Audit- in-charge : XXXX
[Audit procedure – 2]
We have reviewed client/engagement acceptance and continuance process.
Analytical procedures performed at the planning stage of the audit considering unusual or
unexpected relationship.
We have reviewed related parties and related party transaction throughout our Process Analysis
Phase of the audit.
We have discussed regarding the internal control procedure of the company.
[Audit procedure – 3]
Incentives and pressures
2
[Specific Audit Program– Fraud]
Threats to personal financial position of management and those charged with governance
Page 3
[Specific Audit Program– Fraud]
Opportunities
Page 4
[Specific Audit Program– Fraud]
Attitudes/rationalizations
Page 5
[Specific Audit Program– Fraud]
communications (COE).
Inquired for disciplinary actions regarding non-
compliance with the communicated values or Code
of Ethics.
Preoccupation with selection NP. As no new accounting policies has been adopted
of accounting policies during 2007. We also have evaluated the
appropriateness of the basis for previously selected
accounting policies and ensure that there is no non-
financial management’s excessive participation in or
preoccupation with these.
History of illegal practices NP. Because there is no known history of violations of
local laws and regulations, or claims against the entity,
its senior management, or those charged with
governance alleging fraud or violations of laws and
regulations.
Maintaining stock prices NP as there is no excessive interest by management in
maintaining or increasing the entity’s stock price or
earnings trend. However, market driven stock price of
the company is in an upward trend.
Aggressive forecast NP. As there is no practice by management of
committing to analysts, creditors, and other third parties
to achieve overly aggressive or unrealistic forecasts.
Moreover during 2014 there was no public
announcement.
Failure to correct known NP. Because we have not identified any significant
control weaknesses control weakness in previous years.
Minimizing reported earnings NP as management always employs appropriate means
for tax reasons to provide adequate amount of tax and it has no
intention to evade tax.
Low morale / lack of skills NP. As we have not found any indication of low morale
and experience among senior management whose quality did not arouse
suspicion over last few years.
Personal vs. business NP. As there is clear distinction between personal and
transactions business transactions and since inception of our audit we
have not come across any such indication in the
company.
Shareholder disputes NP as it is a DSE (Dhaka Stock Exchange) and CSE
(Chittagong Stock Exchange) listed public company
which shareholders are easily identifiable.
Inappropriate accounting and NP as there was:
restatements no attempts by management to justify marginal or
inappropriate accounting on the basis of materiality.
no failure to take appropriate action in response to
significant restatements (for example, dismissal of
key individuals involved or the installing of
appropriate controls).
no indication that a financial statement restatement
may have been due to a possible intentional
manipulation.
Management / auditor NP.
relationship strained
Page 6
[Specific Audit Program– Fraud]
Earnings management and NP. As there was no indication that management has
inaccurate estimates provided unreasonable, unreliable or inaccurate
estimates or other representations, or management has
been less than forthright.
Questions of integrity NP. As there are no issues regarding the integrity of
individuals who have significant influence over
financial reporting or are expected to sign the
representation letter.
Unduly influencing the NP. We did not come across any significant finding over
reporting findings last few years.
We considered the information that we have obtained in understanding the entity and its
environment including its internal control to determine whether any fraud risk factors are present
there.
The company has long term loan from Bank. They have also borrowed short term loans
and over draft facilities from the bank. We have reviewed loan agreement and relevant
communication with facilities providers when debt repayments are due, the entity’s
ability to make such payments and how close the entity is to breaching any covenants
attended to their borrowing. We have not identified any indication of fraud risk as the
company is able to pay their obligation.
We have reviewed the relevant communication with regulators (Register of Joint Stock
Company). Nothing came to our notice which cast doubt about fraud risk indication
cause the company always trying to comply with the local regulation as it is required by
their Code of Ethics.
We considered, how budgets are prepared, who inputs to the process and express to the
concern if aggressive financial target have been set. We also considered whether the
culture is such that failure to meet target is not tolerated or meeting target is linked to
compensation/promotion. We have not identified any fraud indication as 40% of sales
have been made against cash/PO/DD and the credit sales have been made against credit
term but the payment status of those customers are very good.
Except shareholder the term third party relates to the customers, suppliers, bankers, employees
etc. Basically customers expect quality products at reasonable price, and XYZ also does not
compromise with quality to upkeep its brand image.
Suppliers want the customers to be financially strong with stable growth, which can easily be
attributed to XYZ.
Page 7
[Specific Audit Program– Fraud]
Bankers/financers also want clients to be of stable growth and financially strong. XYZ has good
mutual relations with its banks.
Employees expect the company will give them good training, corporation exposure, and adequate
compensation package, which will boost up social status and dignity for working with XYZ.
Management is well aware of these expectations of them.
Compensation arrangement for senior management and key employees in financial reporting.
Per share was issued at Tk. XX. It is a publicly traded company which is owned by
corporate and individual. There is no share option activity.
During the year under review, no changes in senior management level took place. There
were some normal resignations, not unusual. We spoke to the Head of HR and reviewed
their personal files. The company has an internal audit department.
We have reviewed the analyst’s report and we have not found any indication regarding
fraud.
We have reviewed the communication to the Public, Analyst and Investors and we have
not found any indication regarding fraud.
Price/Earning ratio:
Not present
Upward
Page 8
[Specific Audit Program– Fraud]
N/A
N/A
[Audit procedure – 4]
We have to evaluate the suitability of the design of “broad programs” and controls to prevent, deter
and detect fraud, including whether they have been implemented.
Setting a proper tone at the top and crediting a positive work place environment:
We have evaluated the words and action of the management, whether they set a proper example
with zero tolerance for unethical behavior. We evaluate the qualities of the working environment
i.e., autocratic versus participating management style. Unreasonable budget explanation or the
financial targets fear of delivering ‘bad news’ to management etc. We evaluate the programs
initiated by the HR department designed to create a positive workplace environment, for example,
the recognition and reward system, equal employment opportunities, as well as other program and
process within the organization providing an opportunity for reporting on a confidential basis
actual or suspected working or potential violation of the Code of Ethics.
We have reviewed back ground checking conducted on the individuals are being considered for
employment. Particularly, senior management positions, periodic training of all employees about
ethical values and Code of Ethics, fraud awareness training program, fair recognition and reward
system etc.
The company has well laid down credit, procurement, HR management, fixed assets management
etc. developed by the group. There is a credit committee to monitor sales and collection. In
addition that:
We have reviewed Code of Ethics of the company relating to conflicts of interest. Code of Ethics
has been communicated and is easily accessible and used as reference source when needed.
Travel, entertainment and legal expenses: We have reviewed travel, entertainment and legal
expenses incurred during the year.
Related party transaction: We have reviewed related party transactions during the year.
Followings are the related parties:
Page 9
[Specific Audit Program– Fraud]
Personal use of company assets: We have reviewed asset utilization of the company and
ensured that all assets are used for business purposes and not for personal use.
Illegal acts: Policies and controls ensured effective compliance with laws and regulations
including regulatory compliance, for all areas that have a direct and material impact on
financial reporting.
Receiving and responding to complaints and other confidential submission of concerns about
questionable accounting and auditing matters:
XYZ is keeping with its commitment to live the values that characterize them as an
organization collaboration, leadership and integrity, reviewed its Code of Ethics (COE),
making it more relevant to employees’ day to day dealings and relationships within and
outside the organization.
The Code of Ethics process has been properly set-up, communicated and checked in
practice.
The mechanism is available for employees to report violations of law or repot
misconduct and it has been properly publicized.
The mechanism is available for external parties to raise concern or repot misconduct (i.e.
customer help lines). Policies have been established for senior management to be alerted
when serious allegation of fraud and misconduct are reported.
Proper policies have been established to investigate alleged violations of law and misconduct.
Action is taken when actual, suspected or alleged fraud is discovered (e.g. the allegation is
investigated, the person is suspended.)
The entity’s fraud risk assessment process and system and controls in place to prevent, deter or
detect fraudulent activity.
The company has proper fraud risk assessment process and this process is good enough
for identifying and responding to the risks of fraud in the entity.
Page 10
[Specific Audit Program– Fraud]
Appropriate controls have been implemented in the areas, which were identified as
posing a higher risk of fraud as well as controls over the entity’s financial reporting
process (e.g. Finance Controller’s review at local and group etc.).
The group audit committee quarterly reviews the management’s process for identifying and
responding to the risks of fraud in the entity and on the internal control that management
established to mitigate the risks.
The appropriateness of the oversight exercised by management, those charged with governance
and through internal audit activity.
The audit committee are independent of management, are aware of their oversight
responsibilities and through the knowledge and experience to perform their duties.
Audit committee meets quarterly and exercise effective oversight. Audit committee
meets privately with auditors.
Audit committee maintain a high level of interaction and involvement with senior
financial management and internal auditors, are supplied with appropriate information on
a timely basis to be able to exercise effective oversight.
Audit committee has put in place and monitors a mechanism for the receipt, retention and
treatment of complaints regarding accounting and auditing matters, both from employees
and party’s external to the company, and any special investigations is appropriately dealt
with.
Audit committee devote an acceptable amount of time to control insure and take appropriate steps
to ensure effectiveness of the tone as the top of the organization.
Discuss possible or actual policy violations and absence of controls with appropriate parties.
We discussed possible or actual policy violations or abuses of controls and how those are
dealt with. In particular, we asked whether the whistle – blowing inquired of head of HR
about any policy violation or abuses of controls that have come to their attention.
We focused the discussion on incident held during the audit period or subsequent events on
warning letters issued and on complaints letters received.
Commutation of the absence of or deficiencies in broad programs and controls.We did not
identify any deficiencies in broad program and controls related to the prevention and detection of
Page 11
[Specific Audit Program– Fraud]
a. Engagement partner
b. Engagement manager
c. Audit in-charge
For details please refer to meeting minutes and Fraud risk document for cash, investment and
revenue.
[Audit procedure – 6]
Name of interviewer: XXXXX, Engagement Manager
About knowledge of any actual, suspected or alleged fraud affecting the entity.
Page 12
[Specific Audit Program– Fraud]
About the entity and its environment including its internal control.
Management’s assessment of the risk that the financial statements may be materially misstated
due to fraud.
Management’s process for identifying and responding to the risks of fraud in the entity,
including any specific risks that management has identified balances , clauses of transactions or
disclosures for which a risk of fraud is likely to exist.
Management’s communication, if any, to those charged with governance regarding its process
for identifying and responding to the risks of fraud in the entity.
Management’s communication, if any, to employees regarding its views on business practices
and ethical behavior.
About knowledge of any actual, suspected or alleged fraud affecting the entity.
About the entity and its current market position.
Group pressure on top management to achieve the target
Top management pressure on mid level regarding the target
Management’s assessment of the risk related with sales and receivable due to fraud.
Management’s process for identifying and responding to the risks of fraud in the entity,
including any specific risks that management has identified balances, class of transactions or
disclosures for which a risk of fraud is likely to exist.
Management’s communication, if any, to those charged with governance regarding its process
for identifying and responding to the risks of fraud in the entity.
Management’s communication, if any, to employees regarding its views on business practices
and ethical behavior.
Management process regarding the recoverability of debtors outstanding since long.
Improvement of debtors’ reconciliation with challan and invoice.
Implementation of new credit policy.
Page 13
[Specific Audit Program– Fraud]
About knowledge of any actual, suspected or alleged fraud affecting the entity.
About the entity and its current position regarding procurement.
Management’s assessment of the risk related with procurement and employee turn over
Employee retention scheme
Management’s communication, if any, to those charged with governance regarding its process
for identifying and responding to the risks of fraud in the entity.
Management’s communication, if any, to employees regarding its views on business practices
and ethical behavior.
Management process regarding the recoverability of debtors outstanding since long.
Disclaimer: Dummy audit working files have been prepared and published to
improve the quality of audit documentation of member firms providing audit
services in Bangladesh. Member firms providing audit services should not
assume these dummy working files as absolute benchmark for the purpose of
preparing and keeping audit documentation. Every audit client has unique
characteristics and risks. International Standards on Auditing (ISA) also
requires to exercise engagement partner’s judgment on a number of areas in
conducting the audit of an entity. Therefore, member firms should use their
professional knowledge, skill, experiences along with these dummy working files
to keep adequate and appropriate working papers for each audit engagement.
The preparers do not assume any liability for drawing an inappropriate audit
opinion based on the working papers prepared on the basis of these dummy
working files.
Page 14