to the above by signing below and returning to [name of auditor, address].
Firm signature
______________________
Agreed and acknowledged:
______________________
[Name and title]
______________________
[Date]
Illustration 4. Audit Documentation Requirements in Other AU-C Sections (from AU-C 230.A30)
The following lists the main paragraphs in other AU-C sections that contain specific documentation requirements. See the related chapters in this book for additional information.
AU-C 240 CONSIDERATION OF FRAUD IN A FINANCIAL STATEMENT AUDIT
AU-C Original Pronouncements
AU-C 240 Definitions of Terms
Source: AU-C 240.11
Fraud. An intentional act by one or more individuals among management, those charged with governance, employees, or third parties, involving the use of deception that results in a misstatement in financial statements that are the subject of an audit.
Fraud risk factors. Events or conditions that indicate an incentive or pressure to perpetrate fraud, provide an opportunity to commit fraud, or indicate attitudes or rationalizations to justify a fraudulent action.
Objectives of AU-C Section 240
AU-C Section 240.10 states that the objectives of the auditor are to:
1. Identify and assess the risks of material misstatement of the financial statements due to fraud;
2. Obtain sufficient appropriate audit evidence regarding the assessed risks of material misstatement due to fraud, through designing and implementing appropriate responses; and
3. Respond appropriately to fraud or suspected fraud identified during the audit.
Requirements
Description and Characteristics of Fraud
Although fraud is a broad legal concept, the auditor's interest specifically relates to fraudulent acts that cause a material misstatement of financial statements. Two types of misstatements are relevant to the auditor's consideration in a financial statement audit.
1. Misstatements arising from fraudulent financial reporting
NOTE: Fraudulent financial reporting does not need to involve a grand plan or conspiracy. Management may rationalize that a misstatement is appropriate because it is an aggressive interpretation of accounting rules, or that it is a temporary misstatement that will be corrected later.
2. Misstatements arising from misappropriation of assets
(AU-C 240.02-.03)
Fraudulent financial reporting and misappropriation of assets differ in that fraudulent financial reporting is committed, usually by management, to deceive financial statement users, whereas misappropriation of assets is committed against an entity, most often by employees.
Fraud generally involves the following three conditions:
1. A pressure or an incentive to commit fraud
2. A perceived opportunity to do so
3. Rationalization of the fraud by the individual(s) committing it
(AU-C 240.A1)
However, not all three conditions must be observed to conclude that there is an identified risk. It is particularly difficult to observe that the correct environment for rationalizing fraud is present.
The auditor should be aware that the presence of each of the three conditions may vary, and is influenced by factors such as the size, complexity, and ownership of the entity. These three conditions usually are present for both types of fraud.
The auditor should also be alert to the fact that fraudulent financial reporting often involves the override of controls, and that management's override of controls can occur in unpredictable ways. Also, fraud may be concealed through collusion, making it particularly difficult to detect.
Although fraud usually is concealed, the presence of risk factors or other conditions may alert the auditor to its possible existence.
Basic Requirement
In every audit, the auditor is obligated to plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement, whether caused by error or by fraud. (AU-C 240.05)
Professional Skepticism
As defined in AU-C Section 200, professional skepticism is an attitude that includes a questioning mind and critical assessment of audit evidence. The auditor should conduct the entire engagement with an attitude of professional skepticism, recognizing that fraud could be present, regardless of past experience with the entity or beliefs about management's integrity. (AU-C 240.12) The auditor should not let his or her beliefs about management's integrity allow the auditor to be satisfied with any audit evidence that is less than persuasive. Finally, the auditor should continuously question whether information and evidence obtained suggest that material misstatement caused by fraud has occurred.
Engagement Team Discussion about Fraud (Brainstorming)
When planning the audit, members of the audit team should discuss where and how the financial statements may be susceptible to material misstatement caused by fraud. This discussion should include the following:
● Exchange ideas and brainstorm about where the financial statements are susceptible to fraud, how assets could be stolen, and how management might engage in fraudulent financial reporting.
● Emphasize the need to maintain the proper mindset throughout the audit regarding the potential for fraud. As previously discussed, the auditor should continually exercise professional skepticism and have a questioning mind when performing the audit and evaluating audit evidence. Engagement team members should thoroughly probe issues, acquire additional evidence when necessary, and consult with other team members and firm experts as needed.
● Consider known external and internal factors affecting the entity that might create incentives and opportunities to commit fraud, and indicate an environment that enables rationalizations for committing fraud.
● Consider indications of earnings management.
● Consider the risk that management might override controls.
● Consider how to respond to the susceptibility of the financial statements to material misstatement caused by fraud.
● For the purposes of this discussion, set aside any of the audit team's prior beliefs about management's honesty and integrity.
The
