Assurance, Governance, Fraud

By Prof Sterling Huang

 Agenda
Assurance and Audit
Corporate Governance
Fraud risk and auditors responsibility (SSA
240)
TWF Case
Audit Challenges Today
 Assurance
Two Types
1. Reasonable Assurance: the assurance providers
opinion is stated in the positive form, indicating that
the information subject to audit is materially correct
and that a high level of assurance has been achieved.
2. Limited Assurance: The Assurance providers opinion
is stated in the negative form, indicating that the
information subject to review has not been found to
be materially incorrect and that nothing has come to
their attention based on the limited scope procedures
and that less than a high level of assurance has been
achieved.
 Non-audit Assurance

1. Review
2. Compilation
3. Agreed-upon Procedures
 Review
Review of financial statement of non-public company.
A review is designed to obtain only limited assurance
that there are no material modifications that should be
made to the financial statements in order for the
statements to be in conformity with the applicable
financial reporting framework.
A review is significantly less in scope than an audit
Obtain a general understanding of the business.
Inquiries and basic analytical procedures should be
performed for each of the material account balances.
Usually involve no assessment of internal controls and no
substantive tests of details
 Review of interim Financial
Information for Audit Clients
The auditor should perform review
procedures on the interim financial reports.
The review procedures are similar to those
required above
In addition, the auditor should
Obtain written representations from
management.
Understand the clients internal controls
 Compilation
Can only be performed for non-public
organizations and involve presenting, in form
of financial statements, information that is the
representation of the responsible party
without the practitioner undertaking to
express any assurance on the statements.
No independence requirement as no
assurance is provided.
 Agreed-upon Procedures
An agreed-upon procedures engagement is one
in which a practitioner is engaged by a client to
issue a report of findings based on specific
procedures performed on subject matter
E.g.
Performance of mathematical computations
Inspection of specified documents
Does not provide an opinion
Should not agree to perform agreed-upon
procedures that are overly subjective.
 Corporate Governance
What is Corporate Governance?
A process by which the owners (stockholders) and
creditors of an organization exert control and require
accountability for the resources entrusted to the
organization.
Who are involved?
Board and committees
Shareholders, especially institutional investors/activists
Analysts
Creditors
Auditors (internal and external)
Other stakeholders such as employees
 Board of Directors
Elected by and represent shareholders
Roles: provide strategic guidance and
oversight of management.
Compositions: consists of independent
directors and executive directors
Committees: Audit, compensation and
nomination committee
 Governance Reform
Regulations after Sarbanes-Oxley
Passed in Nov 2002, effective from 2005
Majority independent board
Independent audit committee with at least one
financial expert
Independent compensation committee
Independent nomination committee
 Audit committee
Role: provide oversight of the internal and
external audit function, preparing financial
statements
Select audit firms
Reviewing and approving internal audit
Discussing audit findings with internal and external
auditors
IBM
http://www.ibm.com/investor/governance/com
mittees-of-the-board.html?subtabs=open
 Fraud Risk
SSA 240 para 11 (a)
an intentional act by one or more individuals
among management, those charged with
governance, employees, or third parties, involving
the use of deception to obtain an unjust or illegal
advantage.
Fraud Vs Error: intention
 Drivers of fraud
Drivers Explanation

Incentive or Pressure from sources outside

pressure or inside the entity to achieve
unrealistic financial results

Opportunity A perceived opportunity for an

individual to commit fraud

Rationalisation The ability or capacity that Fraud risk is high when all three
enables people to justify or elements are present.
rationalise committing fraud
 Example
Scenario
Sam, an owner-manager of a construction company, has
been offered a job to build a significant addition to a
friends house. Sam has accepted the job on the condition
that the friend pays for the work in cash and that the
company does not issue any paperwork relating to the
work. Sam believes that, as there is no physical evidence
of the construction work in the financial records, the
company does not have to declare the income received in
the annual income tax return.
Questions
Consider the three drivers of fraud
 Example
Incentive or pressure: Sam has an incentive to reduce
taxes that would otherwise be payable.
Opportunity: Sam, as the owner-manager, is able to
override the internal controls over revenue recognition
and not record the income from this service.
Rationalisation: Sam could justify this to himself as just
being work for a friend and that he is entitled to the
money, and also that it is acceptable for him not to
record the revenue from this service as he already pays
too much in taxes.
Other considerations:
Does size, complexity, ownership structure matter?
 Fraud in context of an audit
The auditor is mainly concerned with fraud that causes
a material misstatement in the financial statements.

Two types of misstatements( SSA 240 para 3 )

1. Fraudulent financial reporting: perpetrated by someone
who has a vested interest in, or who is held accountable
for, the financial performance and position of an entity
(SSA 240 para. A2).

2. Misappropriation of assets: involves the theft of an

entitys assets and is usually perpetrated by employees in
relatively small and immaterial amounts (SSA 240 para.
A5).
 Example of fraudulent financial
reporting
Fraudulent reporting
Examples
via
Early recognition of revenue
Revenue Recognition
Fictitious sales

Accounting Intentional misstatement of accounting estimates (e.g. sales

estimates return, provisions)

Transactions made outside the normal course of business

Complex, unusual or
related party Transactions involve non-consolidated related parties.
transactions E.g.disposing of unwanted liabilities or recording fictitious sales
to unconsolidated related parties
Real Life Example: Fraudulent financial
reporting
Melbourne Storm- Deloitte investigation
findings
Fact:
Means:
Discovery:
Real Life Example: Fraudulent financial
reporting
Melbourne Storm- Deloitte investigation findings
Fact: salary cap (required by NRL) breaches by the
Melbourne Storm Rugby League Football Club.
Greater financial commitment to players than reported
Means: Dual contract system. Side letters include
guarantees of payments, providing gift vouchers,
maintaining MV, rental and travel assistance to the
players via third parties (Melbourne storms recorded as
donation or consulting fees to third parties).
Discovery: Legal dispute
 Example of Misappropriation
Misappropriation via Examples
Misappropriating collections of accounts receivable
Embezzlement Diverting receipts in respect of written-off accounts to personal
bank accounts
Stealing inventory for personal use or for sale Stealing scrap for
Theft of physical resale
assets or intellectual
property Colluding with a competitor by disclosing technological data in
return for payment
Inappropriate Payments to fictitious vendors
payments for goods Kickbacks paid by vendors to the entitys purchasing agents in
and services not return for inflating prices
received Payments to fictitious employees

Inappropriate use of
Using the entitys assets as collateral for a personal loan or a loan
an entitys assets for
to a related party
personal use
 Real Life Example: Misappropriation
Elks, S 2012, Razor gang opens up Leightons
rort, The Australian
Facts:
Means:
Discovery:
 Real Life Example: Misappropriation
Elks, S 2012, Razor gang opens up Leightons
rort, The Australian
Facts: Brisbane-based manager Damian Victor
O'Carrigan, 58, was charged with fraud for allegedly
funnelling $20.7m since 2000 from Leighton into a
dummy consultancy company
Means: raise fictitious invoices for consulting fee
Discovery: Since earlier in 2012, Leighton commenced
a process of reviewing the payments made by
Leighton's various businesses, in order to identify
areas where cost savings could be made
 Responsibility for preventing and
detecting fraud
SSA 240 para 4
Management and those charged with governance have
primary responsibility for not only detecting, but also
preventing, fraud within the entity
Auditors responsibility
Obtain reasonable assurance that the financial statements
are free from material misstatement relating either to
error or fraud.
SSA 240 para. 5, due to the inherent limitations of an
audit, there is an unavoidable risk that some material
misstatements of the financial statements may not be
detected, even though the audit is properly planned and
performed
Fraud risk assessment procedures
 Audit procedure- planning phrase
Enquires of management ( SSA 240 para 17)
Process; policies; culture; communication
Problems?
Enquires of others within the entity (para A16)
E.g operation personnel, employee, vendor, legal
counsel
Enquires of the internal auditors (para 19)
Assessment, knowledge
Enquires of those charged with governance (para
A19)
Oversight function
 Internal Auditors view on Fraud
Works at one of major banks in Australia as IA
Fraud risk is a compulsory assessment
Some process to perform:
Enquiries with management on awareness, understanding,
history, processes and controls, reporting and other factors
Review of complaints register
Discussion with external/internal fraud committee
Research on typical areas of vulnerability in similar
organization or process
Specifically consider and comment upon factors which would
influence incentive, opportunity and attitude
Audit procedure- Risk response phrase
Selecting journal entries for testing (para A43)
Which journal to select? Complex transaction, end of
reporting period, unusual transactions, internal control
overriden
Review accounting estimates (para 32(b))
Evaluate management judgment for possible bias
Perform retrospective review of significant management
judgments
Introduce unpredictability- Modify timing, nature and
extent of audit
E.g use different sampling technique, some testing at year
end and some at interim review, increase sample size.
 Audit procedure- reporting phase
Carry out final analytical review
Reevaluate misstatement found during audit
Obtain management representation letter
Communicating with management, those
charged with governance, regulatory and
enforcement authorities
 Professional Skepticism
Para A7
Maintaining professional skepticism requires an
ongoing questioning of whether the information
and audit evidence obtained suggests that
material misstatement due to fraud may exist.
SSA 240 para. 13
specifically states that unless there is reason to
believe otherwise, the auditor may accept records
and documents as genuine
Seminar Discussion TWF Case
 Seminar Discussion- Audit Challenge
Read and Discuss: Tackling Todays Audit
Challenges

Q1 What are the key issues raised and key

audit challenges?
Q2 How to tackle these challenges?
 Key Issues Raised
Clients
Expectations gap between clients and auditors
SMEs lack knowledge in preparing accounts
Unhealthy mindset in going for cheapest option
Practitioners
practitioners not upgrading, keeping up with accounting standards
Spoiling the market by doing everything
Audit sign-offs far exceeds resources and capacity
Fee undercutting

Other Issues
Talent attraction and retention
Shrinking pool of available accountants
SMPs lack profile/branding
 Suggested Helping Hands
Clients
Better educate/communicate changes in
accounting standards
Practitioners
Invest in quality control process
Use ACRA Practice Monitoring Programme (PMP)
to raise standards
Non-practising accountants to provide accounting
services
 Suggested Helping Hands
Call for regulatory oversight
Require directors to attend basic accounting course
Subject directors to Continuing Professional Development
Sanction directors for not getting professional help in preparing
accounts
Sanction accountants found negligent

Others
Change mindsets narrow expectations gap
Encourage practitioners to push back jobs with untenable fees
Professional bodies (PBs) to connect SMPs with potential sources of
talent
 Online Quiz
Deadline: See course outline
The quiz contains 5 MC questions.
One attempt is allowed within the specified
time frame