Fraud – ISA 240

Fraud is an intentional act by one or more individuals among management, those charged with
governance, employees or third parties, involving the use of deception to obtain an unjust or illegal
advantage.

Two types of Fraud

(1) Misappropriation of Assets

(2) Fraudulent financial reporting

NOTE: - There may be misstatement in the financial statements either due to ERROR or FRAUD.

FRAUD RISK FACTORS

Some factors which cast doubt that a person may be involved in fraud;

Fraud 1 By:- Haris Hanif

Director’s responsibilities related to FRAUD
Directors are primarily responsible for prevention and detection of fraud and responsibilities
include:-
- Implementing the effective system of control; reducing the opportunities of fraud and
increasing chances of detection of fraud (if any) and punishment to the people involved in
the fraud.
- Creating the culture of honesty, ethical behaviour.

NOTE:-
Audit committee should review these procedures to ensure they are in place and working
effectively.

Fraud and Internal Auditors

Internal auditors can help management fulfil their responsibilities in respect of fraud and error.
Typical functions the internal auditor can perform include:

• Testing the effectiveness of the internal controls at preventing and detecting fraud and error
and provide recommendations for improvements to the controls.
• Performing fraud investigations to:
– identify how the fraud was committed
– identify the extent of the fraud
– provide recommendations on how to prevent the fraud from happening again.
• Performing surprise asset counts to identify misappropriation.

The presence of an internal audit department may act as a deterrent to fraud in itself as there is a
greater chance of being discovered.

AUDITOR’S responsibilities related to FRAUD

Auditor has two responsibilities related to the fraud:-

(1) Assessment of risk of material misstatements due to fraud.

(2) Responding to the assessed risk

Fraud 2 By:- Haris Hanif

(1) Assessment of risk of material misstatements due to fraud.

Auditor should:-

- Obtain reasonable assurance that financial statements are free from material
misstatements, whether caused by error or fraud.
- Apply professional scepticism and remain alert to the possibility that fraud may take place.
- Consider the possibility of management override of controls

PROCEDURES:-

(2) Responding to the assessed risk

PROCEDURES:-

- Review journal entries to identify any manipulated figure

 Focus on unusual activity
 Any unauthorised recorded transaction
 Any adjustments made at the end of the period.

- Review the management’s estimates

 Evaluate the reasonableness of judgments and identify any bias.
 Review any retrospective adjustments reflected in the prior year.

- Review any transaction outside the normal course of the business.

Fraud Reporting
Auditor should consider to report to the fraud to the appropriate channel:-

If fraud:-

- By the staff ---------------->

- By the management ---------------->

- By the BOD ---------------->

Fraud 3 By:- Haris Hanif

Written representation:-
Written representation should be taken from management related to the fraud:-

- Acknowledgment that management is responsible for prevention and detection of fraud.

- Management has disclosed to auditor the results of management’s fraud risk assessment.
- Management has disclosed to auditor any known/suspected fraud.
- Management has disclosed to auditor any allegation of fraud affecting the financial
statements.

Exam Focused

State the auditor’s responsibility in relation to the prevention and detection of fraud.

Auditor must conduct an audit in accordance with ISA 240 The Auditor’s Responsibilities Relating to
Fraud in an Audit of Financial Statements and are responsible for obtaining reasonable assurance
that the financial statements taken as a whole are free from material misstatement, whether caused
by fraud or error.

In order to fulfil this responsibility, the auditor is required to identify and assess the risks of material
misstatement of the financial statements due to fraud.

They need to obtain sufficient appropriate audit evidence regarding the assessed risks of material
misstatement due to fraud, through designing and implementing appropriate responses. In addition,
the auditor must respond appropriately to fraud or suspected fraud identified during the audit.

When obtaining reasonable assurance, the auditor is responsible for maintaining professional
scepticism throughout the audit, considering the potential for management override of controls and
recognising the fact that audit procedures which are effective in detecting error may not be effective
in detecting fraud.

To ensure that the whole engagement team is aware of the risks and responsibilities for fraud and
error, ISAs require that a discussion is held within the team. For members not present at the
meeting, the audit engagement partner should determine which matters are to be communicated to
them.

If fraud is detected, the auditor must report this to management and those charged with
governance.

Fraud 4 By:- Haris Hanif