Unboxing The Fraud Risk Assessment
Auditing standards regularly require auditors to determine and assess material misstatements resulting from fraudulent activity within an organization. Keep reading to discover what auditors are on the lookout for when they talk to your team to evaluate potential fraud risks.
What’s On Your Auditor’s Radar?
When planning audit fieldwork, your audit team will meet to brainstorm potential company- and industry-specific risks and outline specific areas of inquiry and high-risk accounts. This meeting will set the stage for inquiries during fieldwork.
Oftentimes, the entities being audited might feel fraud-related questions are too probing and invasive. No matter how uncomfortable, these interviews must be conducted for every audit. Auditors can’t assume that fraud risks are the same as those that existed in the previous accounting period.
Read Also: How Auditors Evaluate Fraud Risks
Specific Areas Of Inquiry
Under Clarified Statement on Auditing Standards Section 240, Consideration of Fraud in a Financial Statement Audit, auditors will inquire about:
- Whether management has knowledge of any actual, suspected, or alleged fraud.
- Management’s process for identifying, responding to, and monitoring fraud risks.
- The nature, extent, and frequency of management’s assessment of fraud risks and the results of those assessments.
- Any specific fraud risks that management has identified or that have been brought to its attention.
- The classes of transactions, account balances, or disclosures for which a fraud risk is likely to exist.
- Management’s communications to those charged with governance about its process for identifying and responding to fraud risks, and to employees on its views on appropriate business practices and ethical behavior.
Fraud-related inquiries may also be made of those charged with governance, internal auditors, and others within the entity. Examples of other people that an auditor might ask about fraud risks include the chief ethics officer, in-house legal counsel, and employees involved in processing complex or unusual transactions.
Read Also: When (And When Not) To Break The Rules In Business
Examples Of Fraud Risks
Fraud risks can be broadly categorized into two types: fraudulent financial reporting and misappropriation of assets. Here are some examples:
- Fraudulent Financial Reporting: This includes risks such as management overriding controls, manipulating financial statements to meet targets, or inflating revenue figures.
- Misappropriation of Assets: This involves theft or misuse of the company’s assets, such as embezzlement, stealing inventory, or fraudulent expense reimbursements.
- Incentives/Pressures: Situations where management or employees feel pressure to meet financial targets or personal financial needs, leading to fraudulent actions.
- Opportunities: Weak internal controls, lack of oversight, or complex transactions that provide opportunities for fraud.
- Attitudes/Rationalizations: Justifying fraudulent behavior due to perceived unfair treatment, financial difficulties, or a belief that the company can absorb the loss.
Why Are Face-to-Face Meetings Essential?
Whenever possible, auditors meet in person with managers and others to discuss fraud risks. That’s because a large part of uncovering fraud involves picking up on nonverbal clues. Nuances such as an interviewee’s tone and inflection, speed of response, and body language provide important context to the spoken words.
An auditor is also trained to notice signs of stress when an interviewee responds to questions, including long pauses before answering or starting answers over. In-person interviews also provide an opportunity for immediate follow-up questions.
When a face-to-face interview isn’t possible, a video conference or phone call is the next best option because it provides many of the same advantages as meeting in person.
How Can A Business Help The Fraud Risk Assessment Process?
While an external audit doesn’t provide a guarantee against fraud, it’s a popular (and effective) anti-fraud control. You can facilitate the fraud risk assessment by anticipating the types of questions we’ll ask and the types of audit evidence we’ll need. Forthcoming, prompt responses help keep your audit on schedule and minimize unnecessary delays.
Contact the fraud risk assessment and management services team at GBQ for more information before audit fieldwork begins.
Check out these resources to learn more:
Every Control Framework Has Risk Assessments As A Key Component
The Reality Of Fraud & How To Limit Your Organization’s Exposure