Chapter 11

Fraud Auditing

 Review Questions

11-1 Fraudulent financial reporting is an intentional misstatement or omission

of amounts or disclosures with the intent to deceive users. Two examples of
fraudulent financial reporting are accelerating the timing of recording sales revenue
to increased reported sales and earnings, and recording expenses as fixed assets
to increase earnings.

11-2 Misappropriation of assets is fraud that involves theft of an entity’s assets.

Two examples are an accounts payable clerk issuing payments to a fictitious
company controlled by the clerk, and a sales clerk failing to record a sale and
pocketing the cash receipts.

11-3 Fraudulent financial reporting is an intentional misstatement or omission

of amounts or disclosures with the intent to deceive users, while misappropriation
of assets is fraud that involves theft of an entity’s assets. Frauds involving
financial reporting are usually larger than frauds involving misappropriation of
assets, usually involve top management, and do not directly involve theft of
company assets.

11-4 The three conditions of fraud referred to as the “fraud triangle” are (1)
Incentives/Pressures; (2) Opportunities; and (3) Attitudes/Rationalization. Incentives/
Pressures are incentives of management or other employees to commit fraud.
Opportunities are circumstances that allow management or employees to commit
fraud. Attitudes/Rationalization are indications that an attitude, character, or set of
ethical values exist that allow management or employees to commit a dishonest act
or they are in an environment that imposes sufficient pressure that causes them
to rationalize committing a dishonest act.

11.5 The following are example of risk factors for fraudulent financial reporting
for each of the three fraud conditions:

 Incentives/Pressures - The company is under pressure to meet debt

covenants or obtain additional financing.
 Opportunities – Ineffective oversight of financial reporting by the
board of directors allows management to exercise discretion over
reporting.
 Attitudes/Rationalization – Management is overly aggressive. For
example, the company may issue aggressive earnings forecasts, or
make extensive acquisitions using company stock.

11-1
11-6 The following are example of risk factors for misappropriation of assets
for each of the three fraud conditions:

 Incentives/Pressures - The individual is unable to meet personal

financial obligations.
 Opportunities – There is insufficient segregation of duties that allows
the individual to handle cash receipts and related accounting records.
 Attitudes/Rationalization – Management has disregarded the
inadequate separation of duties that allows the potential theft of
cash receipts.

11-7 Auditors use several sources to gather information about fraud risks,
including:

 Information obtained from communications among audit team

members about their knowledge of the company and its industry,
including how and where the company might be susceptible to
material misstatements due to fraud.
 Responses to auditor inquiries of management about their views of
the risks of fraud and about existing programs and controls to
address specific identified fraud risks.
 Specific risk factors for fraudulent financial reporting and
misappropriations of assets.
 Analytical procedures results obtained during planning that indicate
possible implausible or unexpected analytical relationships.
 Knowledge obtained through other procedures such as client
acceptance and retention decisions, interim review of financial
statements, and consideration of inherent or control risks.

11-8 SAS 99 requires the audit team to conduct discussions to share insights
from more experienced audit team members and to “brainstorm” ideas that
address the following:

1. How and where they believe the entity’s financial statements might
be susceptible to material misstatement due to fraud. This should
include consideration of known external and internal factors affecting
the entity that might

 create an incentive or pressure for management to commit

fraud.
 provide the opportunity for fraud to be perpetrated.
 indicate a culture or environment that enables management
to rationalize fraudulent acts.

11-2
11-8 (continued)

2. How management could perpetrate and conceal fraudulent financial

reporting.
3. How assets of the entity could be misappropriated.
4. How the auditor might respond to the susceptibility of material
misstatements due to fraud.

11-9 Auditors must inquire whether management has knowledge of any fraud
or suspected fraud within the company. SAS 99 also requires auditors to inquire
of the audit committee about its views of the risks of fraud and whether the audit
committee has knowledge of any fraud or suspected fraud. If the entity has an
internal audit function, the auditor should inquire about internal audit’s views of
fraud risks and whether they have performed any procedures to identify or detect
fraud during the year. SAS 99 further requires the auditor to make inquiries of
others within the entity whose duties lie outside the normal financial reporting
lines of responsibility about the existence or suspicion of fraud.

11-10 The corporate code of conduct establishes the “tone at the top” of the
importance of honesty and integrity and can also provide more specific guidance
about permitted and prohibited behavior. Examples of items typically addressed
in a code of conduct include expectations of general employee conduct,
restrictions on conflicts of interest, and limitations on relationships with clients
and suppliers.

11-11 Management and the board of directors are responsible for setting the “tone
at the top” for ethical behavior in the company. It is important for management to
behave with honesty and integrity because this reinforces the importance of
these values to employees throughout the organization.

11-12 Management has primary responsibility to design and implement antifraud

programs and controls to prevent, deter, and detect fraud. The audit committee
has primary responsibility to oversee the organization’s financial reporting and
internal control processes and to provide oversight of management’s fraud risk
assessment process and antifraud programs and controls.

11-13 The three auditor responses to fraud are: (1) change the overall conduct
of the audit to respond to identified fraud risks; (2) design and perform audit
procedures to address identified risks; and (3) perform procedures to address the
risk of management override of controls.

11-14 Auditors are required to take three actions to address potential management
override of controls: (1) examine journal entries and other adjustments for evidence
of possible misstatements due to fraud; (2) review accounting estimates for
biases; and (3) evaluate the business rationale for significant unusual transactions.

11-3
11-15 Three main techniques use to manipulate revenue include: (1) recording
of fictitious revenue; (2) premature revenue recognition including techniques
such as bill-and-hold sales and channel stuffing; and (3) manipulation of
adjustments to revenue such as sales returns and allowance and other contra
accounts.

11-16 The handling of cash by individuals operating cash registers is particularly

susceptible to theft. The notice “your meal is free if we fail to give you a receipt”
is designed to ensure that every customer is given a receipt and all sales are
entered into the register, establish accountability for the sale.

11-17 The three types of inquiry are informational, assessment, and interrogative.
Auditors use informational inquiry to obtain information about facts and details
that the auditor does not have. For example, if the auditor suspects financial
statement fraud involving improper revenue recognition, the auditor may inquire
of management as to revenue recognition policies. The auditor uses assessment
inquiry to corroborate or contradict prior information. In the previous example, the
auditor may attempt to corroborate the information obtained from management
by making assessment inquiries of individuals in accounts receivable and
shipping. Interrogative inquiry is used to determine if the interviewee is being
deceptive or purposefully omitting disclosure of key knowledge of facts, events,
or circumstances. For example, a senior member of the audit team might make
interrogative inquiries of management or other personnel about key elements of
the fraud where earlier responses were contradictory or evasive.

11-18 When making inquiries of a deceitful individual, three examples of verbal

cues are frequent rephrasing of the question, filler terms such as “well” or “to tell
the truth,” and forgetfulness or acknowledgements of nervousness. Three examples
of nonverbal cues by the individual are creating physical barriers by blocking their
mouth, leaning away from the auditor, and signs of stress such as sweating or
fidgeting.

11-19 When the auditor suspects that fraud may be present, SAS 99 requires
the auditor to obtain additional evidence to determine whether material fraud has
occurred. SAS 99 also requires the auditor to consider the implications for other
aspects of the audit. When the auditor determines that fraud may be present,
SAS 99 requires the auditor to discuss the matter and audit approach for further
investigation with an appropriate level of management that is at least one level
above those involved, and with senior management and the audit committee,
even if the matter might be considered inconsequential. For public company
auditors, the discovery of fraud of any magnitude by senior management is at
least a significant deficiency and may be a material weakness in internal control
over financial reporting. This includes fraud by senior management that results in
even immaterial misstatements. If the public company auditor decides the fraud
is a material weakness, the auditor’s report on internal control over financial
reporting will contain an adverse opinion.

11-4
■ Multiple Choice Questions From CPA Examinations
11-20 a. (3) b. (4) c. (1) d. (2)
11-21 a. (1) b. (4)
11-22 a. (1) b. (1) c. (1)

■ Discussion Questions and Problems

11-23

INFORMATION FRAUD CONDITION

Management has a strong interest in
1. employing inappropriate means to minimize Incentives/Pressures
reported earnings for tax-motivated reasons.
Assets and revenues are based on
significant estimates that involve subjective
2. Opportunities
judgments and uncertainties that are hard to
corroborate.
The company is marginally able to meet
3. exchange listing and debt covenant Incentives/Pressures
requirements.
Significant operations are located and
conducted across international borders in
4. Opportunities
jurisdictions where differing business
environments and cultures exist.
There are recurring attempts by management
5. to justify marginal or inappropriate Attitudes/Rationalization
accounting on the basis of materiality.
The company’s financial performance is
6. threatened by a high degree of competition Incentives/Pressures
and market saturation.

11-24 a. The purpose of the audit team’s brainstorming session is for the
audit team to exchange ideas about how and where they believe
the entity’s financial statements might be susceptible to material
misstatement due to fraud, how management could perpetrate and
conceal fraudulent financial reporting, and how assets of the entity
could be misappropriated.
b. The brainstorming meeting should ordinarily involve the key members
of the audit team, ranging from audit staff members to partners on
the engagement. This meeting would include audit team members

11-5
11-24 (continued)

located in other offices who work on the engagement as well as

audit specialists, such as tax or IT specialists who work on the audit
engagement.
c. The two staff members on the engagement are just as responsible
for engaging in the exchange of ideas as other members of the
engagement team. While the two new staff accountants may not be
familiar with engagement specifics, they do provide a fresh
perspective of possible ways management might engage in fraud.
More importantly, they will benefit from hearing the exchange of
ideas from other members of the audit team. That should help
heighten their professional skepticism as they perform the audit.
d. The auditor has a responsibility to plan and perform the audit to
obtain reasonable assurance about whether the financial statements
are free of material misstatement, whether caused by error or
fraud. Thus, the auditor’s detection responsibility for fraud is no
different from the auditor’s detection responsibility for errors.

11-25 a.

DEFICIENCY RECOMMENDATION
1. There is no basis for Prenumbered admission tickets should be
establishing the documentation issued upon payment of the admission fee.
of the number of paying patrons.
2. There is no segregation of One clerk (hereafter referred to as the cash
duties between persons receipts clerk) should collect admission fees
responsible for collecting and issue prenumbered tickets. The other
admission fees and persons clerk (hereafter referred to as the admission
responsible for authorizing clerk) should authorize admission upon
admission. receipt of the ticket or proof of membership.
3. An independent count of paying The admission clerk should retain a portion of
patrons is not made. the prenumbered admission ticket (admission
ticket stub).
4. There is no proof of accuracy of Admission ticket stubs should be reconciled
amounts collected by the clerks. with cash collected by the treasurer each day.
5. Cash receipts records are not The cash receipts should be recorded by the
promptly prepared. cash receipts clerk daily on a permanent
record that will serve as the first record of
accountability.
6. Cash receipts are not promptly Cash should be deposited at least once each
deposited. Cash should not be day.
left undeposited for a week.

11-6
11-25 (continued)

DEFICIENCY RECOMMENDATION
7. There is no proof of the Authenticated deposit slips should be
accuracy of amounts deposited. compared with daily cash receipts records.
Discrepancies should be promptly
investigated and resolved. In addition, the
treasurer should establish policy that includes
a review of cash receipts.
8. There is no record of the The treasurer should issue a signed receipt
internal accountability for cash. for all proceeds received from the cash
receipts clerk. These receipts should be
maintained and should be periodically checked
against cash receipts and deposit records.

b. All of the deficiencies increase the likelihood of misappropriation of

assets, by allowing individuals access to cash receipts or failing to
maintain adequate records to establish accountability for cash receipts.
c. The deficiencies have less of an effect on the likelihood of fraudulent
financial reporting than they do for misappropriation of assets. The
first four deficiencies increase the likelihood of fraudulent financial
reporting for reported revenues due to the lack of adequate records
to establish the number of patrons.
11-26 1. a. Error.
b. Internal verification of invoice preparation and posting by an
independent person.
c. Test clerical accuracy of sales invoices.
2. a. Fraud.
b. All payments from customers should be in the form of a
check payable to the company. Monthly statements should
be sent to all customers.
c. Trace from recorded sales transactions to cash receipts for
those sales; confirm accounts receivable balances at year-
end.;
3. a. Error.
b. Use of pre-numbered bills of lading that are periodically
accounted for.
c. Trace a sequence of pre-numbered bills of lading to
recorded sales transactions. Confirm accounts receivable at
year-end..
4. a. Error.
b. No merchandise may leave the plant without the preparation
of a pre-numbered bill of lading.

11-7
11-26 (continued)

c. Trace credit entries in the perpetual inventory records to

bills of lading and the sales journal.
5. a. Error.
b. Internal review and verification by an independent person.
c. Test accuracy of invoice classification.
6. a. Error.
b. Online sales are supported by shipping documents and
approved online customer orders.
c. Trace sales journal or listing entries to supporting documents
for online sales, including sales invoices, shipping
documents, sale orders, and customer orders.
7. a. Fraud
b. All payments from customers should be in the form of a
check payable to the company. Monthly statements should
be sent to all customers.
c. Trace from recorded sales transactions to cash receipts for
those sales; confirm accounts receivable balances at year-
end.
8. a. Error.
b. Sales invoices are pre-numbered, properly accounted for in
the sales journal, and a notation on the invoice is made of
entry into the sales journal.
c. Account for numerical sequence of invoices recorded in
the sales journal, watching for duplicates. Confirm
accounts receivable at year-end.

11-27 a. The auditor must conduct the audit to detect errors and fraud,
including embezzlements, that are material to the financial
statements. It is more difficult to discover embezzlements than most
types of errors, but the auditor still has significant responsibility. In
this situation, the deficiencies in internal control are such that it
should alert the auditor to the potential for fraud. The auditor of a
public company must also consider the impact of noted deficiencies
when issuing the auditor’s report on internal control over financial
reporting. When noted deficiencies are considered to be material
weaknesses, whether individually or combined with other
deficiencies, the auditor’s report must be modified to reflect the
presence of material weaknesses.
b. The following deficiencies in internal control exist:
1. The person who reconciles the bank account does not
compare payees on checks to the cash disbursements
journal.

11-8
11-27 (continued)

2. The store owner signs blank checks, thus providing no

control over expenditures.
3. No one checks invoices to determine that they are cancelled
when paid.
4. Segregation of duties is insufficient, thereby providing
inadequate checks and balances to prevent potential fraud.

c. To uncover the fraud, the auditor could perform the following

procedures:

1. Comparison of payee on checks to cash disbursements

journal.
2. Follow up all outstanding checks that did not clear the bank
during the engagement until they clear the bank. Compare
payee to cash disbursements journal

11-28 a.

DEFICIENCIES LIKELY MISSTATEMENTS

1. The foreman has the ability to hire Nonexistent or incompetent employees
employees and enter their names into may be hired at the foreman's option.
the pay system with no other approval.
2. The foreman may make changes to Employees or nonexistent employees
salary rates without approval of may be paid at rates that are higher
company management. than their skill warrants.
3. No investigation of new employees to Dishonest or unqualified employees
determine background experience and may be hired.
dependability is performed.
4. No control exists over time cards and Employees may report and be paid for
the completion thereof. time that they did not work.
5. No review or internal verification of the Misstatements made by the payroll
amount on the payroll checks is clerks in favor of employees would
performed. likely not be discovered.
6. Payroll checks are not prenumbered or The chief accountant could prepare,
controlled by the payroll clerks. sign, and cash an extra payroll check
without detection.

b. Deficiencies 1, 2, 4, 5, and 6 increase the likelihood of fraud involving

misappropriation of assets. Fraud involving misappropriation of
assets is relatively common for payroll, although the amounts are
often not material. Fraudulent financial reporting involving payroll is
less likely.

11-9
11-29 a. The auditor must conduct the audit to detect errors and fraud,
including embezzlement, that are material to the financial statements.
It is more difficult to discover embezzlements than most types of
errors, but the auditor still has significant responsibility. In this
situation, the deficiencies in internal control are such that it should
alert the auditor to the potential for fraud. On the other hand, the
fraud may be immaterial and therefore not be of major concern.
The auditor of a public company must also consider the impact of
noted deficiencies when issuing the auditor’s report on internal
control over financial reporting. When noted deficiencies are
considered to be material weaknesses, whether individually or
combined with other deficiencies, the auditor’s report must be
modified to reflect the presence of material weaknesses.

b. The following deficiencies in internal control exist:

1. The person who reconciles the bank account does not

compare payees on checks to the cash disbursements journal.
2. The president signs blank checks, thus providing no control
over expenditures.
3. No one checks invoices to determine that they are cancelled
when paid.

c. To uncover the fraud, the auditor could perform the following

procedures:

1. Comparison of payee on checks to cash disbursements

journal.
2. Follow up all outstanding checks that did not clear the bank
during the engagement until they clear the bank. Compare
payee to cash disbursements journal.

11-10
11-30 a.

a. b.
FRAUD? TYPE OF FRAUD
1. Yes Fraudulent financial reporting
2. Yes Misappropriation of assets
3. Yes Fraudulent financial reporting
4. Yes Misappropriation of assets
5. Yes Fraudulent financial reporting
6. Yes Misappropriation of assets
7. No * N/A

* Fraud involves intent. The circumstances suggest that there was no

intent on the part of Franklin to be deceptive. If the purpose of omitting
the footnote was to deceive the bank, then this case would represent
fraudulent financial reporting.

11-31 1. a. There may be unrecorded cash disbursement transactions.

b. Because the transactions relate to cash disbursements, the
cash account will be affected. The accounts payable account
may be misstated if the disbursement is the payment on an
account. If the disbursement is for the direct payment of an
expense or is related to the purchase of assets, then expense
or asset accounts will be affected. Payments on other liability
accounts would impact those liability accounts.
c. Existing transactions are recorded (completeness).

2. a. There may be fictitious accounts receivable accounts included

in the master file.
b. Accounts receivable and sales are likely to be affected by
fictitious receivables.
c. Amounts included exist (existence).

3. a. Management may have manipulated key assumptions so

that pension expense and pension liability amounts would be
lower.
b. Pension expense and pension liability accounts are likely to
be affected.
c. Amounts included are stated at the correct values (Accuracy).

11-11
11-31 (continued)

4. a. The client may have shipped and recorded large amounts of

goods close to year end to third parties who may hold the
goods on consignment or who have full rights of return.
These shipments were made to record a fictitious sale and
related receivable.
b. Accounts receivable and sales and the related costs of goods
sold and ending inventory would be affected by this activity.
c. Recorded amounts existed (occurrence).

5. a. Assets that were misappropriated may be concealed by

recording purchase transactions using non-standard, fictitious
vendor numbers.
b. Accounts payable would be overstated and the related asset
account would be increased by the unauthorized transaction.
c. Recorded amounts existed (occurrence).

6. a. Sales may be fictitiously recorded before any goods were

shipped.
b. Sales and accounts receivable.
c. Recorded amounts existed (occurrence).

■ Case

11-32 a. There are many fraud risk factors indicated in the dialogue.
Among the fraud risk factors are the following:

 Two individuals, Saul and the store manager, appear to

dominate management without any compensating controls.
 The supplier does not have any support for the transactions,
nor do they have a phone number or an address where they
can be reached. The oral confirmation by phone call could
have been an insider posing as the vendor.
 No one is getting bonuses. Even though it’s a new company,
management generally doesn’t operate without bonuses –
it’s possible they are getting incentives from other sources.
 It is a new company and new companies are always
susceptible to errors and fraud until solid controls and history
is established.
 The audit partner doesn’t seem interested in following up on
Yosef’s suspicions. He could be careless, could be involved,
or may just have a different sense of the overall picture than
Yosef.

11-12
11-32 (continued)

b. Waseem has many misconceptions regarding the consideration of

fraud in the audit of the financial statements that are contained in
the dialogue. Among Kent’s misconceptions are the following:

 Waseem is not concerned about the suspicious vendor.

 Waseem seems more interested in keeping the client than
offending the client by inquiring about the suspicious vendor.

c. SAS 99 requires that auditors document the following matters

related to the auditor’s consideration of material misstatements due
to fraud:

 The discussion among engagement team personnel in

planning the audit about the susceptibility of the entity’s
financial statements to material fraud.
 Procedures performed to obtain information necessary to
identify and assess the risks of material fraud.
 Specific risks of material fraud that were identified, and a
description of the auditor’s response to those risks.
 Reasons supporting a conclusion that there is not a
significant risk of material improper revenue recognition.
 Results of the procedures performed to address the risk of
management override of controls.
 Other conditions and analytical relationships that indicated
that additional auditing procedures or other responses were
required, and the actions taken by the auditor.
 The nature of communications about fraud made to
management, the audit committee, or others.

After fraud risks are identified and documented, the auditor should
evaluate factors that reduce fraud risk. The auditor should then
develop appropriate responses to the risk of fraud.

11-13
11-33 – ACL Problem

a. The invoice amount column totals $278,641.33.

b. There are no exceptions in the calculation of unit cost x quantity.
(Create a filter with the expression Unit_Cost * Quantity <>
Invoice_Amount.)
c. There are three items where the unit cost exceeds $100 (product #
090584072, 090585322, and 090081001). See the following printout.
(Filter used Unit Cost >100.)

Page 1 04/10/2009 14:10:33

Produced with ACL by: ACL Educational Edition - Not For Commercial Use
INV.DATE INVNO PRODNO QUANTITY VENDOR_NO INVOICE_AMT UNIT_COST
10/21/2002 87 090584072 41 11475 7125.80 173.80
10/21/2002 22 090585322 29 11837 3996.20 137.80
04/09/2002 090081001 3 10134 467.40 155.80
73 11589.40 467.40

d. The three vendors with the largest total dollars for 2002 were: vendor
#s 10025, 11475, and 12130. (Summarize by vendor number, then
Quick Sort to find the largest three.)
e. The following amounts are over $15,000: vendor #10025 for
$56,767.20, vendor #11475 for $20,386.19, and vendor #12130 for
$15,444.80. [Filter used is (VENDOR_NO = “10025” OR
VENDOR_NO = “11475” OR VENDOR_NO = “12130”) AND
INVOICE_AMOUNT > 15000.]
f. See the following printout. (Filter, then print report). Total transactions
for vendor #10134 = $22.618.62. (Edit filter to include only vendor
#10134 and use Total command)

Page 1 04/10/2009 15:45:19

Produced with ACL by: ACL Educational Edition - Not For Commercial Use
INV._DATE INV._NO PRODNO QTY VENDOR_NO INVOICE_AMOUNT UNITCOST

09/29/2002 030303343 100 10134 883.00 8.83

11/12/2002 0302303 458 10134 18883.34 41.23
04/09/2002 090081001 3 10134 467.40 155.80
09/30/2002 010551340 278 10134 1823.68 6.56
02/14/2002 052484405 115 10134 561.20 4.88
10/15/200255 060102096 286 13440 11068.20 38.70

1240 33686.82 256.00

11-14
■ Internet Problem Solution: Brainstorming About Fraud Risks

11-1 SAS No. 99 requires auditors to conduct a brainstorming session to discuss

the potential for fraud and how the auditor might respond to the risk of fraud. The
standard does not provide a great deal of guidance on how this brainstorming
session should take place. Read “A Primer for Brainstorming Fraud Risks”
[http://www.aicpa.org/pubs/jofa/dec2003/beasley.htm] by Mark Beasley and Greg
Jenkins published in the December 2003 issue of Journal of Accountancy. After
you read the article answer the following questions:

1. What are three common pitfalls that should be avoided during

brainstorming sessions?

Answer:
Common pitfalls of brainstorming include group domination, social
loafing, groupthink and groupshift. Each of these problems can
generally be avoided through adequate planning and session
facilitation.

2. What are three important techniques to improve the effectiveness of

a brainstorming session?

Answer:
The following techniques can improve the effectiveness of a
brainstorming session: assign homework to participants, establish
ground rules for everyone to follow, set the proper tone so that
everyone is comfortable, allow no criticism of ideas during the idea
generation phase, encourage participants to generate as many
ideas as possible, give credit to the group for the work, and
manage the group size and composition to maximize the session’s
effectiveness.

(Note: Internet problems address current issues using Internet sources. Because
Internet sites are subject to change, Internet problems and solutions may change. Current
information on Internet problems is available at www.pearsonglobaleditions.com/arens.)

11-15