Auditing Fraud Risk Factors - Essay Example

Assessment of Fraud Risk Name: Institution: Instructor: Module: 28TH APRIL, 2009 Audit Risk Factors Introduction In auditing, risk is the potential for loss for an enterprise due to error, fraud, inefficiency, failure to comply with legal requirements and other actions that bring disrespect for the organization. Risk assessment is usually carried out in an organization by the auditor to indentify the risks. Risk assessment is the process estimating a situation that can lead to risk for all the units audited. It involves putting attention to audit risk areas and allocate the scarce resources to the areas. It also involves prioritizing key audit decisions usually frequency, intensity and timing. For a good risk assessment, the auditor is required to use a systematic approach to identify the units in the financial statements, the possible risk factors in the units and ways of preventing audit risk in the organization (Duta et al 1998, pp. 224). The development of audit risk factors Audit risk is the risk that the auditor may unintentionally fail to adjust his opinion concerning financial statements that may be materially misstated. Audit risk is divided into inherent risk, control risk and detection risk. These risks are usually brought up by certain audit factors that have emerged with time (Mock 2001). Audit risk factors were realized the time when there was increased awareness of the possibility of fraud. There was a possibility of material fraud when conducting a financial statement audit. The (AICPA 1997) was issued to enable auditors recognize various factors that lead to fraud in organizations. Audit risk factors have developed through the use of various models of determining audit risk in organizations. In the process of assessing risk, auditors are able to capture various factors in the financial statements that lead to fraud. The factors that were realized involved factors that lead to susceptibility of assets, misappropriation and controls. The identification of risk factors requires the auditor to modify the audit procedures. This ensures that further research is done on deterrence and detection. According to Wells (1997) easy recognition of risk factors requires the auditor to broaden the information that is used to assess the risks of material misstatement due to fraud. Audit risk factors are present in the conditions that lead to fraud in financial statements. Conditions of the fraud triangle The fraud triangle describes three conditions that presents the time when fraud can occur. These conditions include an incentive or pressure that provides a reason to commit fraud. The existence of a situation with which fraud can be perpetrated where there are weaknesses in the internal control system. The third condition is the existence of an attitude that enables the person to decrease the fraud. The fraud triangle explains in the perspective of construction of fraud on individual level. This involves areas of localized instances of cash or other asset appropriation by employees. The wide fraud in an organization occurs when the three conditions are configured in a way that can enable and foster manipulation and then fail to prevent compliance failure (Turner et al 2002). The fraud triangle uses the four element fraud diamond which is a process which considers incentive opportunity, rationalization and capability. The condition of incentive is a situation whereby a person wants or has the need to commit fraud. The opportunity describes that there is a weakness in the system that the right person could exploit to engage in fraud. Rationalization involves the time when a person feels that, one is fully convinced that the fraudulent behaviour is worthy the risks. The capability condition gives the person the character of having the ability to turn the fraud opportunity to reality. Conditions of Audit risk factors Auditors are required to be aware of the relationship that exists between inherent and conditions that can be reported in the financial statements. This is one way of establishing the effect of their elements in audit work. Conditions that can be reported in the organization may be concerned with insufficient control structure design, poor control structure operation and other controls related deficiencies. These conditions usually affect the elements of the control structure which includes the control environment, accounting systems and control procedures (Dutta et al 1998, p. 232). Inherent risks are those risks that may occur in spite of existence of internal controls. Auditors should take note of the existence of items that are susceptible of reportable conditions and inherent risk factors that have major effects on the audit risk model and policies. The conditions that affect audit risk factors include; incentives and pressure, opportunities as well as attitudes and rationalizations. As explained in the audit risk factors the three conditions are usually present when material misstatements occur due to fraud. Incentives and pressures The AICPA (1984) supports that, incentives and pressures threaten the financial stability or the profitability of the organization in the economic industry. This is mostly indicated by significant declines in customer demand and increasing business failure of the organization. There may be operating losses that impose a threat of bankruptcy ion the organization. There are excessive pressures that exist for management to meet the requirements or the expectations of the customers. This may be due to various reasons such as profitability level expectations of investment analysts, organizational investors, major creditors, or other external parties. Pressures may come from the need of obtaining an additional debt or equity financing by the organization to enable it to stay competitive. There may be available information that indicates the possibility of management being threatened by the financial performance of the organization. This situation may arise due to factors such as financial interests that may be important to the entity or the existence of personal guarantees of the entity’s debts. Another condition may be the availability of pressures on the management or the operating personnel to meet financial targets that have been set by the board of directors. Opportunities The nature of the industry in which the entity operates provides a big opportunity for the organization to engage in fraudulent financial reporting. This may arise due to the existence of related party transactions that are not correspond to the ordinary course of business. The entity may be in a position where it dominates a whole industry operating with transactions that are not at arms length with its customers. The organization may have based its assets, liabilities, revenues or expenses on significant estimates that call for subjective judgments that are difficult to confirm. The problem of ineffective monitoring of management may be present. This may be brought by one person or a single group dominating the whole management where there are no compensation controls. There may be ineffective board of directors or an audit committee that oversees the financial reporting process and the internal process control. The organization structure may also be unstable where there are difficulties in determining the individuals who control interest in the entity (Srivastava et al 1996, p.174). Attitudes and rationalizations The entity may exhibit risk factors that are reflective of the attitudes of the members of the management or employees that may give justifications of practicing fraudulent financial reporting that may not be disposed by the auditor. An auditor who comes across such information should use for the identification of risks that may lead to material misstatement arising from fraudulent financial reporting. Shafer et al (1998, p.69) the following factors may be identified by the auditor and may indicate a risk factor. The entity may have ineffective communication, implementation, support, or enforcement of the entity's values. Ethical standards may not be kept by the management or there is inappropriate communication of values and ethical standards. The management might be more interested in the maintenance of the entity's stock price or earnings trend. Audit risk factors also demonstrate conditions that may impose the management to get involved with misstatements that come from misappropriation of assets. The audit risk factors can be classified according to the three conditions that are present when fraud exists (Mancino 1997, p. 33). Incentives and pressures Incentives and pressures are conditions that are affected by personal financial obligations that may pressure the management or the employees to access cash or other assets that are vulnerable to theft hence misappropriating those assets. In addition, undesirable relationships between the employees and the entity may be present in the organization where they can access cash or other assets that may be vulnerable to theft. This situation may impose employees to misappropriate those assets (Mock et al 2001). Opportunities The possibility of misappropriating assets may be imposed by certain circumstances. Management or employees may get opportunities that can tempt them to misappropriate assets. The existence of large amounts of cash on hand or processed cash may impose the management o misappropriate the assets. The organization may be having inventory items that are small in size and are of high value. Turner et al (2002) argues that there may be availability of assets that are easily convertible. In addition, the inadequacy of internal controls over the assets may increase the possibility of misappropriating the assets. This may be due to inadequate separation of duties or independent checks. It may also be due to inadequate record keeping. Attitudes and rationalizations This involves the attitudes and rationalizations that permit employees to justify misappropriation of assets. It is very difficult for the auditor to recognize such attitudes and rationalizations. In case the auditor comes across such attitudes and rationalizations then it is good to consider such information when identifying material misstatements that come form misappropriation of assets. The legal aspect of audit risk factors According to Riahi-Belkaoui et al (2000, pp. 33-37) it is a requirement by law for auditors to take into consideration, the risk factors that exist in the financial statements to establish fraud. In fact, legal auditing forms five percent of the whole auditing process. The auditor is required to use an approach that can transform the revenue generating potential of the legal department. In his audit process the auditor can employ steps that can be used to evaluate the legal function of the audit. The law requires that the audit team should be as small as possible to encourage the identification of audit risk factors. This will ensure that the root causes of inefficiencies in the legal department that may lead to poor performance are identified. The lawyer on the audit team should be able to breakdown the barriers in the audit. The lawyer and the auditor should be able to identify risky areas in the financial statements. In addition, auditing the legal function should be done every year to identify and reduce the risk factors that may lead to fraud. The impact of the new standards for risk assessment in financial statements It is true that people may commit fraud intentionally and the new standards are set out to deal with such circumstances of material misstatements in the financial statements. The new standards have led to more comprehensive audits since accounting firms usually seek to better understand the procedures that shape financial reporting and identify potential areas of risk. This procedures help in the prevention of material misstatement in the financial statements. The new standards have led to more thorough inspection of reports for organizations when performing audit on financial statements (Shafer et al 1988, p. 82). The new standards help in performing a better risk assessment to identify areas where material errors or fraud are more likely to occur in the financial statements. They require an audit to the whole business and not just the books and this ensures that there is prevention of material misstatement in the financial statements. They provide guidance concerning the assessment of risks by the auditor of material misstatement. They require a non-issuer financial statement audit, design and performing audit procedures that are tailored in addressing the assessed risks. The new standards require the auditor to plan and design first the audit procedures for the organization to be reviewed. This ensures that the auditor is familiar with the environment with which he is working. With the use of new standards the auditor is able to get more information on business risks, objectives and overall performance. They will spend more time in examining the internal controls and observing so\me of the procedures and controls. They will be able to request for information and documentation which is not provided in the previous audits. They will also be able to identify the type of internal controls that are used by the organization to protect its integrity. The new standards are of benefit in the long run and they help in preventing material misstatements in the financial statements (Montgomery et al, 2002, pp.63-66). Conclusions In conclusion, risk assessment is a very important step in auditing. The auditor is required to identify the areas to be audited then establish the risk factors in the unit. Auditors have had many problems in the establishment of the risk factors that in various conditions that lead to fraud. There has been release of new standards that give effective results of audit hence preventing any material misstatement of financial statements. The law has also played a big role in the regulation of auditing with the aim of maintaining financial statements free from fraud. Now the auditors are able to establish complex area in the audit areas that were not easy to be identified before. References American Institute of Certified Public Accountants (AICPA) 1984, Audit Risk and Materiality in Conducting an Audit. New York, NY: AICPA. Dutta, SK, Harrison, K & Srivastava, RP 1998, The Audit Risk Model Under the Risk of Fraud, In Applications of Fuzzy Sets & The Theory of Evidence to Accounting II, Jai Press Inc, Vol. 7, pp.221-244. Mancino, J 1997, The Auditor and Fraud, The Journal of Accountancy, Vol.193 pp. 32-37. Mock, TJ &. Turne, JL 2001, An Archival Study of Audit Fraud Risk Assessments Following the Issuance of SAS No. 82. Montgomery, DM, Menelaides, BS & Palmrose, Z 2002, Auditors’ New Procedures for Detecting Fraud, Journal of Accountancy, pp. 63-66. Riahi-Belkaoui, A. and. Picu, R 2000, Understanding Fraud in the Accounting Environnent, Managérial Finance, Vol.26 (11), pp.33-41. Shafer, GP, Shenoy, P & Srivastava, RP 1988, Auditor's Assistant, A knowledge Engineering tool for audit decisions, University of Kansas, pp. 61-84. Srivastava, RP, Dutta, SK & Johns. R 1996, An Expert System Approach to Audit Planning and Evaluation in the Belief-Function Framework, International Journal of Intelligent Systems in Accounting, Finance and Management, Vol. 5 (3), PP.165-183. Turner, JL, Mock, TJ & Srivastava, RP 2002, A Conceptual Framework and Case Studies on Audit Planning and Evaluation Given the Potential for Fraud. Wells, JT 1997, Occupational Fraud and Abuse, Obsidian Publishing Co. Austin. Read More