1 / 28


SAS 99 Statement on Auditing Standards Consideration of Fraud in a Financial Statement Audit Internal Accounting Control Program. Goals. What is SAS 99 about? Why is it important? Consideration of internal controls to prevent fraudulent activity. SAS 99.

Télécharger la présentation


An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.


Presentation Transcript

  1. SAS 99Statement on Auditing StandardsConsideration of Fraud in a Financial Statement AuditInternal Accounting Control Program

  2. Goals • What is SAS 99 about? • Why is it important? • Consideration of internal controls to prevent fraudulent activity.

  3. SAS 99 • Effective for audits of financial statements for periods beginning on or after December 15, 2002. • Supersedes SAS No. 82 • The auditor has a responsibility to plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement, whether caused by error or fraud. • Fraud defined: an intentional act that results in a material misstatement in financial statements that are the subject of an audit. [AICPA-Codification of Auditing Standards]

  4. Why a New Standard • Re-emphasize the role of entity management and boards in preventing and detecting fraud

  5. SAS 99 • Why should I want to become familiar with the content of Statement on Auditing Standards (SAS 99)? • How would you feel if fraud were discovered in an area under your responsibility and that fraud had been going on for years? • How do you think others would perceive things? • Fraud can never be completely eliminated, steps can be taken toward detecting it in a timely manner. • Becoming familiar with the risk factors listed in SAS 99 will place employees in a better position to recognize situations that are associated with the commission of fraudulent acts.

  6. Ethics at Work • 76% of employees in business have observed a high level of illegal or unethical conduct at work in the past 12 months • 49% of employees in business have observed misconduct that, if revealed, would cause their firms to “significantly lose public trust” • KPMG 2000 Organizational Integrity Survey

  7. SAS 99 Impact on the Auditor • No change in the auditor’s responsibility to detect material fraud in financial statement audits • No change in the auditor’s required communication of evidence of fraud • Significant changes in required auditing procedures and documentation in a financial statement audit

  8. The SAS Says • It’s management’s responsibility to: • Set the proper tone • Create and maintain a culture of honesty and ethical behavior • Establish appropriate controls

  9. Ethics and Leadership • Leadership is the ability to see around corners • Leadership is the ability to see the problem before others • Leadership is the ability to fix the problem before it becomes a headline

  10. SAS 99 • Two types of misstatements are relevant to the auditors consideration: • Misstatements arising from fraudulent financial reporting • Misstatements arising from misappropriation of assets.

  11. SAS 99 • IACP Primary Objectives • Safeguarding the state’s assets • Providing reliable financial information

  12. SAS 99 • Fraudulent financial reporting may be accomplished by: • Manipulation, falsification, or alteration of accounting records, supporting documents from which financial statements are prepared • Misrepresentation in or intentional omission of significant information on financial statements • Intentional misapplication of accounting principles relating to amounts, classification, manner of presentation, or disclosure

  13. SAS 99 • Misappropriation of assets: • Embezzling cash, theft of inventory/assets • Causing an entity to pay for goods or services not received • False or misleading records and documents

  14. SAS 99 • Three conditions generally are present when fraud occurs • Motive • Opportunity • Rationalization • See Handout

  15. The Fraud Triangle Motive Opportunity Rationalization

  16. What can be done to help control fraud? • Clear written policies and procedures • Maintain documentation • Asset security • Internal control system • Tone at the top

  17. SAS 99 • SAS requires auditor to have “professional skepticism” • A questioning attitude and a critical assessment of audit evidence • Fraud may be present regardless of the auditor’s belief about management’s honesty and integrity

  18. SAS 99 • Internal Controls-help to prevent/detect fraudulent activity • Management/employees may have the capability to override or circumvent controls • Collusion

  19. SAS 99 • Auditors need to obtain information about the entity to identify the risks of material misstatement due to fraud. • Make inquiries of management and others within the entity to obtain their views about the risks of fraud and how they are addressed.

  20. SAS 99 • Auditors should inquire of management about: • Knowledge of any fraud or suspected fraud • Any allegations about fraud • Risks of fraud in the entity • Programs and controls that mitigate these risks • Monitoring of operation locations and business segments; and any location or segments that might have higher fraud risk • If and how management communicates its views on business practices and ethics • Any fraud-related reports it has made to the audit committee

  21. SAS 99 • For those with an internal audit function, auditor should inquire appropriate internal audit personnel about: • Their views about the risks of fraud • And knowledge of fraud or suspected fraud • Any fraud-related work they have done • The adequacy of management’s responses to any fraud-related findings

  22. SAS 99 • Others within the organization the auditor may want to talk to include: • Employees with varying levels of authority • Personnel with whom the auditor comes into contact with during the course of the audit • Operating personnel not directly involved in the financial reporting process • Employees involved in initiating, recording, or processing complex or unusual transactions • In-house legal counsel

  23. SAS 99 • Why are such inquiries important? • Fraud is often uncovered through information received in response to inquiries • Employee’s opportunity to convey information to the auditor that may not have been communicated • Auditor has a different perspective within the organization

  24. Overview of the Fraud Audit Process Brainstorming Documenting Obtaining Risk Info. On-Going Process Throughout the Audit Communicating Identifying Risks Assessing Risks Evaluating Evidence Responding to Risks

  25. Audit Process • Brainstorming • Audit planning • How and where the financial statements might be susceptible to fraud or what’s here to steal • Emphasize importance of proper state of mind (professional skepticism) during the audit • Include risk of management override of controls • Should continue throughout the audit • Obtaining Risk Info. • Inquiries of management and others about fraud risk and their response to the risk • Direct knowledge • Allegations of fraud by others • Programs and controls established to mitigate the specific risks of fraud identified

  26. Audit Process • Identifying Fraud Risks • Professional judgment required • Think in terms of incentive/pressures, opportunities, and rationalization • Risk attributes to consider: • Type of risk: reporting or misappropriation • Significance of the risk – could it be material • Assessing Fraud Risks • Professional Judgment • Evaluation of entity’s programs and controls that address fraud risks • Responding to Risks • Alter the overall way the audit is conducted • Change the nature, timing, or extent of audit procedures

  27. Audit Process • Evaluating Evidence • Evidence of fraudulent activity • Communicating • Whenever “evidence of fraud” is found, it should be brought to the attention of the appropriate level of management • Even if the matter is inconsequential • Documenting • Good documentation of results is vital

  28. Case Study Review

More Related