SA 240 – Auditor’s responsibility in fraudulent Financial Statements: Basic tenets revisited
Standard on Auditing, (SA) 240, one of the most authoritative text deals with the auditor’s responsibilities relating to fraud in an audit of financial statements. With the flood of opportunities to open up for auditors to audit financial statements for the period ending 31st March 2020, it is time to review the instructions contained under this SA 240. This has become essential due to emerging frauds, known or unknown enlisted on the horizon. Yes, the auditor has to abide by these instructions in details. Recollection of suitable instructions would only add values to the nobility of audit reports who form the backbone of corporate world for investment.
Major text of SA 240, as enshrined, is enclosed:
This article, to make it more realistic and easily understandable, is applying conversational style in the form of discussions. Let us participate in the discussion. The web site containing the original tenets makes the reference much easier.
For obvious reason, “A” represents an auditor and any assignment indicates an audit work. The other person is an expert on standards and a very senior chartered accountant with decades of experience. Let us join the conversation.
Auditor (A): Yes, I got an important assignment for auditing the financial statements of M/S. XYZ Ltd. for the period ending 31st March 2019. My engagement team told me that SA 240 is dealing with auditor’s responsibility in the fraudulent financial statements and it is essential to discuss the basic tenets again before starting the engagement. This would make my task easier and more reliable with additional information.
Experienced CA (CA):
Our discussion is totally based on SA- 240 produced from the web site of Institute of Chartered Accountants of India, an authority on the subject. It will consist of the nature of fraud in financial statements, material misstatement due to error or intentional fraud, intrinsically connected to your audit assignment.
Let us start with material misstatement.
Auditor: Why do we use the word fraud in the discussion particularly when I was invited by the client to do auditing of his financial statements. It is a legal requirement for various obvious reasons, which are well known to both of us.
CA: It is not the duty of an auditor to make a legal determination whether a fraud has actually occurred in the preparation of the financial statements.
But two types of intentional misstatements are relevant to you, as an auditor – misstatements resulting from fraudulent financial reporting and misstatements resulting from misappropriation of assets. Financial misstatements do occur on account of error, which is unavoidable in any assignment.
Auditor: I do not understand why the client would cause misstatement from fraudulent financial reporting?
CA: Although fraud is a broad legal concept, for the purposes of the SAs, the auditor is concerned with fraud that causes a material misstatement in the financial statements. Two types of intentional misstatements are relevant to the auditor– misstatements resulting from fraudulent financial reporting and misstatements resulting from misappropriation of assets.
Yes, the auditor may suspect or, in rare cases, identify the occurrence of fraud, but he/she does not make legal determination of whether fraud has actually occurred.
I would quote for our conversation, the following definitions from the above Standard.
“(a) Fraud – An intentional act by one or more individuals among management, those charged with governance, employees, or third parties, involving the use of deception to obtain an unjust or illegal advantage.
(b) Fraud risk factors – Events or conditions that indicate an incentive or pressure to commit fraud or provide an opportunity to commit fraud.”
Auditor: You have not yet clearly explained the characteristics of fraud. I may like to discuss the same with my audit team.
CA: Yes, history has recorded in U.S.A. or in India the characteristics of fraud, which unfortunately raises its head in auditing of financial statements at all times, unless the auditor undertakes his task in a systematic manner.
Characteristics of Fraud:
Fraud, whether fraudulent financial reporting or misappropriation of assets, involves incentive or pressure to commit fraud, a perceived opportunity to do so and some rationalization of the act.
Let me narrate some examples of risk factors relating to misstatements arising from fraudulent financial reporting.
Financial stability or profitability is threatened by economic, industry, or entity/country operating conditions, such as:
1. High degree of competition or market saturation, accompanied by declining margins.
2. High vulnerability to rapid changes, such as changes in technology, product obsolescence, or interest rates.
3. Significant declines in customer demand and increasing business failures in either the industry or overall economy. Recent drop in sales of automotive producers is to be noted.
4. Operating losses making the threat of bankruptcy, foreclosure, or hostile takeover imminent. Some giants facing IB Code 2016 are to be noted.
5. Recurring negative cash flows from operations or an inability to generate cash flows from operations while reporting earnings and earnings growth.
6. Sudden collapse of the whole economy due to Corona virus, has altered the economic balance all over the world.
Auditor: So, you expect me to look out for material misstatement as the main focus while organizing the audit?
CA: Here comes the attitude of skepticism which is defined as an attitude that neither regards the management as dishonest nor assumes it of unquestionable honesty. Do you still need some clarifications?
Auditor: It is strange you want me to doubt the management which has been giving the audit assignments for the past couple of years and I do get all types of cooperation from the management, its employees or other related stakeholders.
CA: History has recorded material misstatement as a tool to inflate the profits, understate the value of stocks/exaggerate it values, non-inclusion of the values of fixed assets in the balance sheet even though payments have been made, non- provision of statutory dues under now GST or non -deposit of TDS deducted from concerned persons etc.
Recently, very powerful people connected with jewelry, big industries under manufacturing or trading have diverted funds to foreign countries to credit many of their subsidiaries or in the individual names of directors for purchase of flats, houses or some other business, but all information hidden from tax authorities or regulatory authorities.
All activities happened under the nose of the banks, individual lenders or other lenders with genuine lending practices. I know of instances where the builders got loans diverted to the individual directors instead of constructing houses, offices or flats for which the loans were sanctioned. Bankers could have avoided the catastrophic financial disasters to their institutions by observing the normal procedural rules laid down by their institutions.
Auditors who gave their certificates too did not bother to look into the misuse of funds by keeping skepticism as the attitude.
Auditor: Do you mean to say that some of the following audit procedures are required to address the assessed risks of material misstatement due to fraud (I am quoting from appendix 2 of SA 240).
1. “Counting cash or securities at or near year-end.
2. Confirming directly with customers the account activity (including credit memo and sales return activity as well as dates payments were made) for the period under audit.
3. Analyzing recoveries of written-off accounts.
4. Analyzing inventory shortages by location or product type and comparing key inventory ratios to industry norm.
5. Reviewing supporting documentation for reductions to the perpetual inventory records.
6. Performing a computerized search of payroll records to identify duplicate addresses, employee identification or taxing authority numbers or bank accounts.
7. Reviewing personnel files for those that contain little or no evidence of activity, for example, lack of performance evaluations.
8. Analyzing sales discounts and returns for unusual patterns or trends.
9. Confirming specific terms of contracts with third parties. “
Let me get explained what should I do in case I find any financial misstatement or get a feeling of uncertainties as an auditor while undertaking the assignment.
CA: Let me explain the procedure laid down under SA 240 in case of the situation explained by you.
The auditor’s response to address the assessed risks of material mismanagement may include changing the nature of audit procedures to become unpredictable like abrupt verification of inventory at various levels personally or through experts, analyzing the journal entries thoroughly in details and confirming sales in details. Verification of fixed assets physically which are newly bought is not a bad idea.
SA 330 requires the auditor, based on the audit procedures performed and the audit evidence obtained, to evaluate whether the assessments of the risks of material misstatement at the assertion level remain appropriate. This evaluation is primarily a qualitative matter based on the auditor’s judgment.
Have you ever thought what would be your plan of action in case you feel deliberate attempts have been made to give financial statements which have been fraudulently dealt with for various reasons?
Auditor: Let me be frank with you that with skeptic attitude, I am aware that it is the management’s responsibility to prepare the financial statements and present before me proper and legal financial statements for audit purposes.
Let me presume a dire situation of fraudulent financial statements being presented to me by the entity which I learn by analytical procedures, discussion at various levels including audit committee, top management or financial controller or other KMP, then I shall formally present my report to an officer above the persons who prepared and presented the financial statements to me and inform them formally the position. Obviously, Board of Directors would be involved in this process. Paying adequate attention in terms of paras A53-A55, I may have to take legal opinion if necessary, and inform all relevant authorities including regulatory authorities like SEBI, RBI or others depending upon the exigencies of the situations that may arise.
I may recollect the steps taken recently by various CA firms that even withdrew from assignments by quoting unreliability or non-cooperation of the entities involved whose audit the firms were undertaking.
Obviously, my whole audit team would be involved in any action that I may initiate in such dire situations.
CA: Let me also include in our discussion that you may have to talk to management about its failure to establish proper internal control, adopt proper procedure not to allow regular revenue control or lack of controls to ensure their happening, and their authorizations beyond commercial and legal angles– rather, encourage fraudulent activities which may involve even criminal action by regulatory authorities.
Further Companies Act 2013 as well as RBI’s instructions to report fraud in financial statements do place additional legal responsibilities on the auditor.
Let us conclude with the fervent hope that you would successfully complete your assignments with skepticism as your attitude and observe all laid down rules and regulations.
Recently, I was invited to attend an online seminar on auditing and its fundamentals keeping in view of the massive frauds taking place at various levels of audit assignments and the failure of auditors of all hues like CA, CS or CMA or bank auditors who face the wrath of law when unmanageable fraudulent financial statements have misled the investors, creditors, suppliers, regulatory authorities and in some cases even the entities who undertook the audit procedure.
One hardly forgets the massive frauds that rocked banks, both private or public sector ones whose effects were sacking of CMDs, criminal action against KMP of the entities and in all cases, auditors were also involved in criminal procedures of regulators. Even the prestige of regulatory authorities of CA, CS or CMA have been questioned at various levels.
With the array of audit assignments to be offered by banks/corporative entities, both listed or otherwise as on 31st March 2019, basic understanding of the responsibilities of auditors in fraudulent financial statements being offered for audit has become necessary to avoid unpleasant consequences.