CHAPTER 3

CHAPTER 3

Management Fraud and Audit Risk

LEARNING OBJECTIVESReview CheckpointsExercises, Problems

and Simulations

1. Define and explain the differences among several kinds of fraud, errors, and illegal acts that might occur in an organization.

143

2. Explain auditors responsibilities with respect to detecting and reporting fraud.

2, 345, 53, 56, 57, 60

3. List and explain some conditions that can lead to frauds.

4, 546, 50

4. Explain auditors responsibilities with respect to illegal acts.

661

5. Describe the conceptual audit risk model and explain the meaning and importance of its components in terms of professional judgment and audit planning.

7, 8, 9, 1047, 51, 55, 58, 59

6. Define materiality and explain its relationship to the audit risk model.

11, 12

7. Describe the content and purpose of audit programs.

13, 14, 1554

8. List and describe eight general types of audit procedures for gathering evidence.

16, 17, 18, 1944, 48, 49

9. Discuss the effectiveness of various audit procedures.

20, 2152

SOLUTIONS FOR REVIEW CHECKPOINTS3.1White collar crime is the frauds perpetrated by people who work in offices and steal with a pencil or a computer terminal. The contrast is violent street crime.

Employee fraud is the use of fraudulent means to take money or other property from an employer. It consists of three phases: (1) the fraudulent act, (2) the conversion of the money or property to the fraudster's use and (3) the cover-up.

Embezzlement is a type of fraud involving employees' or nonemployees' wrongfully taking money or property entrusted to their care, custody, and control, often accompanied by false accounting entries and other forms of lying and cover-up.

Larceny is simple theft of an employers property that is not entrusted to an employee's care, custody or control.

Defalcation is another name for employee fraud and embezzlement.

Errors are unintentional misstatements or omissions of amounts or disclosures in financial statements.

Direct-effect illegal acts are violations of laws or government regulations by the company or its management or employees that produce direct and material effects on dollar amounts in financial statements. "Illegal acts" (farremoved) are violations of laws and regulations that are far removed from financial statement effects (for example, violations relating to insider securities trading, occupational health and safety, food and drug administration, environmental protection, and equal employment opportunity).

3.2AICPA auditing standards require:

a.understanding and awareness of signs of errors, frauds (including directeffect illegal acts), and illegal acts (far removed).

b.design the audit to respond to knowledge of fraud risks and provide reasonable assurance of detecting material errors and frauds (including directeffect illegal acts).

c.auditors should have the proper degree of professional skepticism, assuming neither dishonesty nor unquestioned honesty of management.

d.for reporting, the materiality concept is different: (1) for errors, the usual idea of materiality prevails, (2) for frauds (including directeffect and farremoved illegal acts) immateriality is expressed in terms of "clearly inconsequential." Matters that fall below the threshold apparently can be reported to levels of management below the board of directors and audit committee. More important matters go to the director level, and management involvement in frauds and illegal acts is never considered inconsequential.

3.3 The seven steps specified by SAS 99: Consideration of Fraud in a Financial Statement Audit are:

Step 1: Discussion Among Engagement Personnel

Step 2: Obtain Information to Identify Risks

Step 3: (a) Identify Risk Factors Related to Fraudulent Financial Reporting and (b) Assess Fraud Risks

Step 4: Respond to Assessed Risks

Step 5: Evaluate Audit Evidence

Step 6: Communicate Fraud Matters

Step 7: Document

3.4Below are some other conditions and circumstances that have existed along with frauds in the past:

A weak internal control environment prevails.

Management decisions are dominated by an individual or a small group.

Managers attitudes are very aggressive toward financial reporting.

Managers place too much emphasis on earnings projections.

Company profit lags the industry.

Company is decentralized without much monitoring.

Auditors have doubt about whether the company can continue as a going concern.

Company has many difficult accounting measurement and presentation issues.

Company has significant transactions or balances that are difficult to audit.

Company has significant and unusual related-party transactions.

Managers and employees tend to be evasive when responding to auditors inquiries.

Managers engage in frequent disputes with auditors.

Company accounting personnel are lax or inexperienced in their duties.

3.5Auditors should know how to preserve the chain of custody of evidence. The chain of custody is the crucial link of the evidence to the suspect, called the "relevance" of evidence by attorneys and judges. If documents are lost, mutilated, coffeesoaked, compromised (so a defense attorney can argue that they were altered to frame the suspect), they can lose their effectiveness for the prosecution.

3.6a.There is no difference among the categories at the awareness level.

b.The expectation is lower for farremoved illegal acts, where audit procedures (other than inquiry and familiarity) are performed only when specific information indicates that possible illegal acts may have a material indirect effect on financial statements.

c.About the same degree of skepticism with respect to all the categories; in connection with errors and frauds (including directeffect illegal acts) auditors should have the proper degree of professional skepticism, assuming neither dishonesty nor unquestioned honesty of management; in connection with farremoved illegal acts, auditors should make inquiries about management's policies and procedures for compliance with laws and regulations and obtain written management representations concerning the absence of violations of laws and regulations.

d.for reporting, the materiality concept is different: (1) for errors, the usual idea of materiality prevails, (2) for frauds (including directeffect and farremoved illegal acts) immateriality is expressed in terms of "clearly inconsequential." Matters that fall below the threshold apparently can be reported to levels of management below the board of directors and audit committee. More important matters go to the director level, and management involvement in frauds and illegal acts is never considered inconsequential.

3.7Audit risk is a concept applied both to the probability of giving an inappropriate opinion and to the probability of failing to discover material errors and frauds in a particular disclosure or account balance. Audit risk is a conceptual combination of the other risks: Audit Risk = Inherent Risk x Internal Control Risk x Detection Risk.

"Audit risk in an overall sense" refers to the audit taken as a whole and the probability that an auditor will give an inappropriate opinion on financial statements. Generally, this is the risk of giving the standard unqualified report when a the financial statements contain material misstatements or the report should be qualified or modified in some manner.

"Audit risk applied to individual account balances" refers to the probability that auditors will fail to discover misstatement in a particular account balance at least equal to the tolerable misstatement assigned to the audit of that balance. This version of audit risk is applied in concept at the individual account balance level.

3.8The three components of audit risk are:

Inherent riskthe probability that material errors or frauds have entered the data processing system.

Internal control riskthe probability that the client's system of internal control will fail to detect material errors and frauds, provided any enter the accounting system in the first place.

Detection riskthe probability that audit procedures will fail to find material errors and frauds, provided any have entered the system and have not been detected or corrected by the client's internal control system.

3.9From the Audit Risk Alert

Some of the effects of bad economic times auditors should be alert to detect in clients' financial statements:

Asset valuationsrecoverability and bases of accounting.

Inappropriate offsetting of assets and liabilities.

Changes in costdeferral policies and the reasonableness of amortization periods.

Allowances for doubtful accounts, in general, and loanloss allowances for financial institutions, in particular.

Compliance with financial covenants and the necessity to obtain waivers from lending institutions to meet current requirements.

Changes in sales practices or terms that may require a change in accounting.

3.10The nature of audit procedures refers to their effectiveness in detecting errors and fraud. Confirmation with third parties is more effective in detecting errors and fraud than verbal inquiry.

The timing of audit procedures refers to when they are performed, usually at (1) interim, or at (2) yearend. However, timing may have other aspects such as surprise procedures (unannounced to client personnel) or procedures performed after the yearend.

The extent of the application of procedures usually refers to the sample sizes of data examined, such as the number of customer accounts receivable to confirm, or the number of inventory types to count.

3.11"Material information" in accounting and auditing is "information that should be disclosed if it is likely to influence the economic decisions of financial statement users.

"Planning materiality" in an audit context is the largest amount of uncorrected dollar misstatement that could exist in published financial statements, yet they would still fairly present the company's financial position and results of operations in conformity with GAAP.

3.12Auditing standards do not require auditors to express planning materiality as a specific dollar amount. An event or amount may be material by its significance, either quantitatively or qualitatively.

3.13An audit program is a specification (list) of procedures designed to produce evidence directed toward achieving a particular objective. Auditors indicate when they have performed each procedure, and where the evidence is documented. Thus, audit programs are used not only for quality control and supervision, but also as documentation that the audit team is following generally accepted auditing standards.

3.14One type of audit program was called the "internal control program," and its objective is to guide the work involved in:

Obtaining an understanding of the client's business and industry.

Obtaining an understanding of management's internal control.

Assessing the inherent risk and the control risk related to the financial account balances.

The other type of audit program was called the "balanceaudit program," and its objective is to specify the substantive procedures for gathering direct evidence on the assertions (i.e. existence, completeness, valuation, rights and obligations, presentation and disclosure) about dollar amounts in the account balances.

3.15Four "cycles" and accounts in them:

Revenue and collection cycle

Acquisition and expenditure cycle

Production and conversion cycle

Financing and investment cycle

XXXXCash

XAccounts receivable

XAllowance for doubtful accounts

XSales

XSales returns

XBad debt expense

XXInventory

XFixed assets

XAccumulated depreciation

XAccounts payable

XAccrued expenses

XGeneral expense

XCost of goods sold

XXDepreciation expense

XBank loans

XLong term notes

XAccrued interest

XCapital stock

XRetained earnings

XDividends declared

XInterest expense

XIncome tax expense

3.16"Vouching" means the examination of documents. Generally, an item of financial information is selected from an account, and the auditor them goes backward through the bookkeepingfiling system to find the source documentation which supports the item selected.

"Tracing" essentially is the opposite direction compared to "vouching". In the process of tracing, the auditor selects sample items of basic source documents and proceeds forward through the bookkeeping process to find the final recording of the accounting transactions.

"Scanning" refers to the auditor's scrutinizing documentation for unusual items and events.

3.17Auditors use eight general audit procedures to gather evidence: 1) inspection of records and documents (vouching, tracing, scanning), 2) inspection of tangible assets, 3) observation, 4) inquiry, 5) confirmation, 6) recalculation, 7) reperformance, and 8) analytical procedures. One or more of these procedures may be used no matter what account balance, control procedure, class of transactions, or other information is under audit.

3.18Five types of general analytical review procedures:

1.Compare financial information with prior period(s).

2.Compare financial information with budgets or forecasts.

3.Study predictable financial information patterns based on the entity's experience.

4.Compare financial information to industry statistics.

5.Study financial information relationships to nonfinancial information.

3.19Yes, the Hylas and Ashton research brief in the chapter showed that auditors have credited discovery of errors and frauds to analytical review procedures in 27.1% of the cases in a set of audits, and another 18.5% discovery rate was attributed to "prior expectations" and "discussions."

3.20Judging from the WrightAshton data from KPMG Peat Marwick audits: the overstatements/understatements look mixed in the current assets; understatements are in the majority in the noncurrent assets; understatements appear to be in the majority in the liabilities, and; understatements appear to be in the majority in the expense accounts.

3.21Initial Event/Audit Procedures in Order of Apparent Effectiveness for Detecting Financial Statement Misstatements

1.Substantive procedures: examination of transaction amounts and descriptions, account balance details, workups to support account balances, data on various reconciliations.

2.Expectations from the prior year.

3.Analytical procedures: comparison of current unaudited balances with balances of prior years, predictions of current balances based on exogenous data, analyses of interrelationships.

4.Client inquiry.

5.Test of detail: checks for mathematical accuracy.

6.General audit procedures.

7.Accounts receivable confirmation

8.Inventory observation

SOLUTIONS FOR MULTIPLECHOICE QUESTIONS3.22a.Correct

Management is responsible for making the estimates in the first place, just as management is primarily responsible for all the financial statement elements.

b.Incorrect

Auditors need to determine the reasonableness of estimates.

c.IncorrectAuditors need to determine estimates are presented in conformity with GAAP.

d.IncorrectAuditors need to determine whether estimates are adequately disclosed in the financial statements.

3.23a.IncorrectIndependent auditors are supposed to understand the nature of errors and frauds.

b.IncorrectIndependent auditors are supposed to assess the risk of occurrence of errors and frauds.

c.IncorrectIndependent auditors are supposed to design audits to provide reasonable assurance of detecting errors and frauds.

d.Correct

Independent auditors are not required to report all finding of errors and frauds to police authorities.

3.24a.Incorrect

This is the risk of giving an inappropriate opinion.

b.Incorrect

This is the risk of misstatements entering the accounting system.

c.IncorrectThis is the risk that the client's internal control will not detect misstatements that enter.

d.Correct

This is the risk that auditors will not detect misstatements.

3.25a.Incorrect

The business situation creates inherent risk.

b.IncorrectRelative risk is a theoretical expression of relative susceptibility to misappropriation.

c.IncorrectControl risk is a function of management's design and operation of its internal controls.

d.Correct

Auditors are responsible for performing the evidencegathering procedures that manage and control detection risk.

3.26b.Correct

DR = AR/ (IRxCR) = 0.05/0.50 = 0.10

3.27a.IncorrectAn audit program does not specify audit standards. All the GAAS are relevant in all audits.

b.Correct

An audit program contains specifications of procedures the auditors believe appropriate for the financial statements under audit.

c.IncorrectDocumentation of the assertions under audit, the evidence obtained, and the conclusions reached describe audit documentation, not audit programs.

d.IncorrectReconciliation of the account balances in the financial statements with the account balances in the client's general ledger is one element of the content of audit documentation, not audit programs.3.28a.Incorrect

These accounts are part of the acquisition cycle.

b.Incorrect

These accounts are part of the conversion cycles.

c.Correct

These accounts are part of the revenue cycle.

d.Incorrect

These accounts are part of the financing and investment cycle.

3.29a.IncorrectYou won't find an unrecorded item (completeness assertion) by looking in the financial statement numbers.

b.IncorrectStarting with the potentially unrecorded items is an audit for the completeness assertion, not the existence assertion.

c.Correct

You can find evidence of existence of recorded amounts by selecting from the recorded amounts (general ledger) and going back to the supporting original transaction documents.

d.IncorrectSelecting from the supporting original transaction documents and going to the general ledger is an audit for the completeness assertion, not the existence assertion.

3.30a.IncorrectWhile solving for DR works mathematically, you will find that IR (not given in the problem) has to be greater than 100%, therefore the solution is not possible. (Very tricky!)

b. IncorrectIf control risk rises, detection risk should decrease.

c. Correct

This solution is both mathematically and practically correct.

d. IncorrectIf control risk rises, detection risk should decrease.

3.31a.Incorrect This is a type of overall response, not a specific procedural response.

b.Incorrect Auditors ought to direct specific procedures toward the area where the suspicion lies.

c.Correct This is a specific procedural response mentioned in SAS 99.

d. IncorrectThis is an overall response, not a specific procedural response.

3.32a.Correct

The objective is to perform a quality audit and keep audit risk low.

b.Incorrect

Control risk = 0 is generally not warranted.

c.Incorrect

Inherent risk = 0 is generally not warranted.

d.Incorrect40% audit risk is too high.

3.33a.IncorrectConfirmation of accounts receivable are selected from recorded amounts and thus give no chance for selection of missing amounts; responses do not produce evidence of probability of collection.

b.IncorrectSee valuation note above. Confirmation yields some evidence of rights (ownership).

c.Correct

Confirmations produce evidence of existence in debtors' admission of their debts. See rights note above.

d.IncorrectConfirmations produce evidence about existence but not so much about completeness.

3.34a.Incorrect

The accounting is credit sales, debit receivables, not inventory.

b.Incorrect

The accounting is credit sales, debit receivables, not cost of goods sold.

c.Incorrect

The accounting is credit sales, debit receivables, not bad debt expense.

d.Correct

The accounting is (fictitious) credit sales, debit (fictitious) receivables.

3.35a.IncorrectFalsification of documents is characteristic, but management fraud does not involve stealing money from an employer.

b.Correct

Management fraud is victimization of investors through the use of materially misleading financial statements.

c.IncorrectManagement fraud principally involves misleading financial statements which might or might not involve illegal acts committed by management to evade laws and regulations.

d.IncorrectConversion of stolen inventory to cash deposited in a falsified bank account describes an employee fraud.

3.36a.IncorrectReporting clearly inconsequential illegal acts to the board of directors is not required.

b.Correct

Once informed, the board of directors has the first responsibility to report to the SEC. If the board does not report, the law then requires the auditors to report.

c.IncorrectAuditors are not required to report clearly inconsequential illegal acts to the board. (Reporting to management, however, is a good idea.)

d.IncorrectResignation is not required. However, if the auditor resigns and the board does not report, the law requires the auditor to report to the SEC, just as though there had been no resignation.

3.37a.IncorrectMateriality may be qualitative rather than quantitative.

b.IncorrectMateriality may be quantitative rather than qualitative.

c.IncorrectAICPA guidelines are silent as to materiality judgments.

d. Correct

Materiality is a matter of professional judgment.

3.38a.IncorrectThe audit team would be concerned if key factors that are not consistent with prior periods.

b.IncorrectThe audit team would be concerned if key assumptions are not similar to industry guidelines.

c.IncorrectThe audit team would be least concerned about measurements that are objective and not susceptible to bias

d.Correct

Evidence of a systematic bias, whether aggressive or conservative would be of most concern to the audit team.

3.39a.IncorrectExtended procedures would be used if supporting documents are not produced when requested.

b.Correct

If the client made several large adjustments at year-end (a red flag), extended procedures would be considered necessary to ensure that fraud was not taking place.

c.IncorrectUnless the previous CFO left the company under suspicious circumstances, extended procedures would probably not be considered necessary.

d.IncorrectDue to the immateriality of petty cash funds, the audit team would probably not use extended procedures under these circumstances.

3.40c.Correct

An audit committee is composed of members of a companys board of directors who are not involved in the day-to-day operations of the company.

3.41a.IncorrectWhile the audit team may recommend remedial actions to the audit committee, the audit teams first concern is the effect of the illegal act on the financial statements.

b.Correct

The audit teams first concern is the effect of the illegal act on the financial statements.

c.IncorrectWhile the audit team may consider whether to contact law enforcement officials, the audit teams first concern is the effect of the illegal act on the financial statements.

d.IncorrectWhile the audit team should determine whether other similar acts may have occurred, the audit teams first concern is the effect of the illegal act on the financial statements.

3.42a.IncorrectThe responsibility for detecting direct-effect illegal acts exactly parallels the responsibility for errors and fraud.

b.IncorrectThe audit team must design their tests to detect all material illegal acts that directly affect the financial statements.

c.Correct

The audit team must design their tests to obtain reasonable assurance that all illegal acts with direct material statement effects are detected.

d.IncorrectThe audit team must design their tests to detect all material illegal acts that directly affect the financial statements.

SOLUTIONS FOR EXERCISES, PROBLEMS AND SIMULATIONS

3.43Risk of Misstatement in Various Accountsa.Inventory understatements may occur from counting and pricing errors.

Fixed asset understatements may result from failure to capitalize costs (expensing them instead) or from erroneous depreciation calculations.

Liability understatement and expense understatement appear to be quite common.

EXHIBIT 3.13

SUMMARY OF MISSTATEMENTS (SELECTED ACCOUNTS)Number of Misstatements

AccountOverstatementUnderstatement

Cash61063% understated!

Securities211755% overstated

Accounts receivable482269% overstated

Inventory243257% understated!

Property, plant142362% understated!

Other noncurrent112469% understated!

Accounts payable212554% understated

Accrued liabilities174070% understated

Other current liabilities101357% understated

Longterm liabilities122467% understated

Revenue323052% overstated

Cost of goods sold384554% understated

Selling expense111659% understated

Gen. & Admin expense395257% understated

NOTE: The effect of adjustments on income was that 43% of the adjustments reduced the reported income, while 28% increased the reported income. The other 29% of the adjustments were reclassifications that neither reduced nor increased income.

b.Asset understatements can result from accounting errors, misapplication of accounting principles, and measurement errors (such as undercounting the inventory). A company might be motivated by tax evasion to understated assets and income.

c.Estimated liabilities might be measured large for conservatism. The company might over accrue expenses in order to reduce taxable income. A fraud might be imbedded in false payables to false vendors.

d.The KPMG data indicate that income overstatement occurs most frequently. Apparently the cause is usually understatement of expenses (e.g. accrued expenses).

3.44General Audit Procedures and Financial Statement AssertionsAudit ProceduresAssertions

1a. Inspection of records or documents (vouching).Existence or Occurrence

1b. Inspection of records or documents (tracing).Completeness

1c. Inspection of records or documents (scanning).Raises questions that may be relevant to all assertions, but may not produce actual "evidence." Since it is performed on recorded amounts, it works best for Existence, Valuation, Rights, and Presentation/Disclosure. When applied to source documents, it might work for the completeness assertion.

2. Inspection of tangible assets.Existence, Valuation.

3. Observation.Existence, Valuation.

4. Confirmation.Existence, Rights (Ownership)

Valuation (sometimes)

Completeness (sometimes).

5. Inquiry.All assertions; however, responses typically yield more assertions, in turn subject to audit with corroborating evidence.

6. Recalculation.Existence, Valuation.

7. ReperformanceValuation

8. Analytical procedures.Existence or occurrence

Valuation

Completeness

3.45Give Examples of Errors and FraudsStudents can probably think of many examples for each of the cases. This solution does not purport to be exhaustive.

a.Overstate an asset, understate another asset

Hold cash receipts journal open past the year end (cutoff date) and record too much cash, reducing accounts receivable.

b.Overstate an asset, overstate stockholder equity

Record appraised value of property, plant, and equipment, with a corresponding credit to a capital account.

c.Overstate an asset, overstate revenue

(1) Hold the sales journal open past the year end (cutoff date) and record too much sales revenue and cash or accounts receivable. (2) Record fictitious sales and accounts receivable.

d. Overstate an asset, understate an expense

(1) Capitalize maintenance expense, making the asset amount higher than warranted and the expense amount lower. Subsequent depreciation would reverse this misstatement, but the first effect would be to overstate the asset and understate the expense. (2) Record an expenditure as a prepaid expense instead of a current expense.

e.Overstate a liability, overstate an expense

Accrue too much liability for expenses not yet paid, such as wages, rent, interest, product warranties, etc.

f.Understate an asset, overstate an expense

(1) Calculate too much depreciation expense on assets. (2) Classify expenditures as current expenses when they should be classified as prepaid expenses.

g.Understate a liability, understate an expense

Fail to accrue liabilities for expenses not yet paid, such as wages, rent, interest, product warranties, etc.

3.46Overall Analysis of Accounting Estimates

The company has fudged the write-offs toward being as small as possible, hoping to satisfy the auditors. Taken one at a time, only the uncertainty about the deferred subscription costs is large enough to break the materiality threshold. But the set of problems cannot be taken one at a time. Here is a suggested lowhigh audit estimate:

Low EstimateHigh EstimateWrite-off deferred subscription costs (1)$ 6,000,000$12,000,000

Provide allowance for bad debts (2)

$ 4,000,000$ 4,000,000

Provide for expected warranty expense (3)$ 2,000,000$ 6,000,000

Lower of cost or market inventory write-down (4)$ 5,600,000$ 5,600,000

Loss on government contract refund (5)$ 1,000,000$ 2,000,000

Total write-offs and losses

$18,600,000$29,600,000

(1)The low estimate gives benefit of doubt to survival of the business, writing off half the deferred costs as if onehalf might be written off over the next two years. The company seems to have taken the 50% probability ($6 million) and allocated half to each of the two years.

(2)The company seems ready to provide allowance for all the doubtful accounts receivable.

(3) Not much information for an auditor (such as a probability distribution).

(4)It looks like the company plans to rebuild the inventory and recover as much as it can, namely the $4,400,000 that can be realized from selling the rebuilt parts, but the lower of cost or market was figured incorrectly. The company seems to have subtracted the selling price ($8 million) from the inventory cost ($10 million) to get the $2 million write-down. The correct calculation is:

Net Realizable Value:

Selling price proceeds

$ 8,000,000

Cost to rebuild

( 2,000,000)

Cost to market and ship (20% x $8 million) ( 1,600,000)

Ceiling (net realizable value)

$ 4,400,000

Floor, Subtract "normal profit" (5% x $8 million) ( 400,000)

Floor

$ 4,000,000Replacement cost is apparently $6 million for the modern part, so the "market" for lower of cost or market is NRV = $4,400,000, and the inventory write-down is $10 million $4,400,000 = $5,600,000. Sale of the rebuilt parts will produce zero profit in subsequent period(s):

Selling price

$ 8,000,000

Inventory sold (writtendown cost)

$ 4,400,000

Rebuilding cost

2,000,000

Total cost of goods sold

(6,400,000)

Cost to market and ship

(1,600,000)Profit

0

(5)For a contingency such as this government contract dispute, GAAP suggests recognizing loss at the lower end of a range for loss, so a $1 million loss provision would satisfy GAAP.

3.46 Overall Analysis of Accounting Estimates (Continued)

Recommended Adjustment:

Management's suggestion of $11,000,000 cost/loss recognition is not sufficient. It "leaves" $7,600,000 income overstatement, even using the auditors' low estimate of $18,600,000. Even booking the low estimate "leaves" $10,000,000 unrecognized (including the government contract contingency at $1 million instead of $2 million). The minimum adjustment, given the limited information available in this problem, is below. Adequate disclosures should be made about the $6 million deferred subscription costs remaining and the prospects for the business, and about the warranty expense estimate, since these are the items that leave uncertain assets and liabilities in the financial statements.

Debit Credit

Subscription expense

$ 6,000,000

Bad debt expense

$ 4,000,000

Warranty expense

$ 2,000,000

Cost of goods sold

$ 5,600,000

Government contract loss

$ 1,000,000

Deferred subscription costs

$ 6,000,000

Allowance for doubtful accounts

$ 4,000,000

Estimated warranty liability

$ 2,000,000

Inventory

$ 5,600,000

Estimated liability on contract

$ 1,000,000

3.47Audit Risk Model

Evaluation of risk assessment conclusions with AR = IR x CR x DR as a model.

a.Paul is not justified in acting upon a belief that IR = 0. He may have seen no adjustments proposed because (1) none were material or (2) Tordik's control system has functioned well in the past and prevented/detected/corrected material errors. If IR = 0, then AR = 0 and no further audit work need be done. Conservative auditing standards and practice do not permit this level of (non)work based on this little evidence and knowledge.

b.Hill is not justified in acting upon a belief that CR = 0. She may well know that Edward's internal accounting control is exceptionally good, but (1) her review did not cover the last month of Edward's fiscal year and (2) control procedures are always subject to lapses. If CR = 0, then AR = 0 and no further audit work need be done. Conservative audit practice does not permit assessment of control risk at 0% to the exclusion of other audit procedures.

c. Insofar as audit effectiveness is concerned, Fields' decision is within the spirit of audit standards. Even if IR = 1 and CR = 1, if DR = 0.02, the AR = 0.02. This audit risk (AR) seems quite small. However, Fields' decision may result in an inefficient audit.

d. This case was deliberately left ambiguous, without putting probability numbers on the audit risks. Students will need to experiment with the model. One approach is to compare the current audit to a hypothetical last year's audit when "everything was operating smoothly." Assume:

Last Year:

AR = IR (0.50) + CR (0.20) x DR (0.20) = 0.02

Current Year:

AR = IR (1.0) + CR (1.0) x DR (0.25) = 0.25

Features of the hypothetical comparison:

1.Inherent risk is greater than last year.

2.Control risk is greater than last year.

3.The audit was done in less time, and maybe the detection risk is a little greater.

4.Audit risk appears to be very high.

3.47 Audit Risk Model (part d, Continued)

An alternative analysis is that Shad perceived higher inherent and control risk early, and he did not put any audit time into trying to assess the risks at less than 100%. He proceeded directly to performance of extensive substantive procedures and worked a lesser total number of hours, yet still performed a highquality audit by keeping AR low by keeping DR low.

3.48 Audit Procedures

Types of procedures used by auditors in general, with examples:

1a.Document Inspection (Vouching)

Find brokers' invoices and cancelled checks showing agreement with record amounts for securities investments.

1b.Document Inspection (Tracing)

Select a sample of shipping documents and trace them to sales invoices, sales journal recording and posting to general ledger.

1c.Document Inspection (Scanning)

Scan expense accounts for credit entries.

Scan payroll check lists for unusually large checks.

2.Inspection of tangible assets

Verify existence of fixed assets by locating them.

3.Observation

Observation, testcounting of client's physical inventorytaking.

4.Confirmation

Obtain accounts receivable confirmations.

Obtain attorney letter.

5.Inquiry and written representations

Inquire of client personnel about accounting events.

Complete an internal control questionnaire.

Obtain management representations.

6.Recalculation

Recompute the client's calculation of depreciation expense.

7.Reperformance

Analyze valuation of receivables by re-aging them by due date.

8.Analytical proceduresany example that fits one of these:

Compare financial information with prior periods.

Compare financial information with budgets and forecasts.

Study predictable financial information patterns (e.g., ratio analysis).

Compare financial information to industry statistics.

Study financial information in relation to nonfinancial information.

3.49Audit Confirmationsa.An audit confirmation is a written statement to the CPA from someone outside the enterprise on a fact which that person is qualified to affirm.

b.The two main characteristics a confirmation should possess are:

1.The party supplying the information requested must be knowledgeable and independent, i.e., he must have knowledge of information of interest to the auditor and he must be outside the scope of influence of the organization being audited, and

2.The auditor must obtain the information directly from the informed party.

3.50Auditing an Accounting EstimateThe audit problem is to develop a range of valuation of the inventory in order to evaluate management's estimate.

Low High

Selling price

$ 78,000$ 92,000

Advertising and shipping

expenses

7,000 5,000

Auditors' estimate of the range

for the inventory valuation$ 71,000$ 87,000

a.

Yes, an adjustment can be proposed.

Loss (or Cost of Goods Sold)

$ 12,000

Inventory

$12,000

Write down the inventory to the nearest end of the auditor's range.

b.No adjustment is necessary. The management estimate of $80,000 is within the auditors' range estimate.

3.51Risk Assessment

Refer to the question for the items 1-15. Discussion can range across many reasons.

1.Decrease overall audit risk11. Increase

2.Increase

12. Increase

3.Increase

13. No effect

4.Increase

14. Increase

5.Decrease15. Increase

6.No effect

7.Decrease

8.Increase

9.Increase

10. Decrease

3.52Potential Audit Procedure FailuresThis is a very open-ended discussion topic. Students' responses could be quite varied depending upon their experience and imagination. The best classroom strategy is to start with one of the procedures, then list the students' suggestions on the chalkboard. The discussion can become very lively!

3.53SAS 99 Reviewa. Management fraud is deliberate fraud committed by management that injures investors and creditors through materially misleading financial statements. The class of perpetrators is management; the class of victims is investors and creditors; and the instrument of perpetration is financial statements. Sometimes management fraud is called "fraudulent financial reporting,'' which was defined by the National Commission on Fraudulent Financial Reporting (1987) as "intentional or reckless conduct, whether by act or omission, that results in materially misleading financial statements."

Defalcation is another name for employee fraud, embezzlement, and larceny. Employee fraud is the use of fraudulent means to take money or other property from an employer . It usually involves falsifications of some kindfalse documents, lying, exceeding authority, or violating an employer's policies. Embezzlement is a type of fraud involving employees' or nonemployees' wrongfully taking money or property entrusted to their care, custody, and control, often accompanied by false accounting entries and other forms of lying and cover-up. Larceny is simple theftfor example, an employee taking an employer's money or property that has not been entrusted to the custody of the employee.

b.Under GAAS, auditors are responsible for assessing the risk of material misstatements due to management fraud and due to misappropriation of assets (employee fraud); consider this assessment when designing procedural responses (overall response and specific procedural response); ask management abut its understanding of fraud risk in the company; pay attention to fraud risk factors; document the risk assessment and management knowledge in the audit documentation; determine whether the company has specific control to mitigate fraud risks; consider the effectiveness of the company's prevention, detection, and deterrence programs; perform procedures to provide a reasonable assurance of detecting material misstatements due to fraud.

c.Characteristics of management fraud important for consideration: materiality of the effect on financial statements, the level of management involved, the extent and skillfulness of concealment, the relationship to control activities, the specific accounts affected.

3.53SAS 99 Review (Continued)

d.Concern-heightening factors:

Management decisions are dominated by an individual or small group.

Managers accounting attitudes are unduly aggressive.

Managers place much emphasis on meeting earnings projections.

Managements business reputation is poor.

Management has engaged in opinion shopping.

Managers are evasive responding to auditors= inquiries.

Managers engage in frequent disputes with auditors.

Managers display significant disrespect for regulatory bodies.

Company has a weak internal control environment.

Company accounting personnel are lax or inexperienced in their duties.

Company employs inexperienced managers.

Company is in a period of rapid growth.

Company profit lags the industry.

Company has going concern problems (near bankruptcy).

Company is decentralized without adequate monitoring.

Company has many difficult accounting measurement and presentation issues.

The company may be offered for sale.

The company makes acquisitions using its stock.

These next "red flags" have more to do with employee frauds (misappropriations of assets) than management fraud, but auditors are supposed to know about them:

Missing documents.

Second endorsements on checks.

Unusual endorsements.

Unexplained adjustments to inventory balances.

Unexplained adjustments to accounts receivable.

Old items in bank reconciliations.

Old outstanding checks.

Customer complaints.

Unusual patterns in deposits in transit.

Cash shortages and overages.

Excessive voids and credit memos.

Customer complaints.

Common names or addresses for refunds.

Adjustments to receivables and payables.

General ledger does not balance.

Increased past due receivables.

Inventory shortages.

Increased scrap.

Alterations on documents.

Duplicate payments.

Employees cannot be found.

Second endorsements on checks.

Documents photocopied.

Dormant accounts become active.

3.53SAS 99 Review (Continued)

e.Disclosure might be required:

1.To comply with legal and regulatory requirements (including reporting a change of auditors on SEC Form 8K, reporting control matters and disagreements according to Item 304 of SEC Regulation S-K).

2.To report to the SEC under the requirements of the Private Securities Litigation Reform Act (when illegal acts material to the financial statements are not reported to the SEC by the company's board of directors).

3.To respond to a successor auditor's inquiries (SAS 84).

4.To respond to a subpoena.

5.To communicate with a funding or other agency when required in audits of entities that receive governmental financial assistance.

3.54Internet Exercise: Audit Programs on the Internet

This is a very open-ended question. Students' responses could be quite varied depending upon their interests.

3.55Kaplan CPA Exam Simulation: Inherent RiskTo: The President of the Ferreira Company

From: Partner, Riley & Associates CPAs

As one step in performing an audit to provide reasonable assurance that financial statements are presented fairly in conformity with United States generally accepted accounting principles, the CPA must make an assessment of the inherent risk that exists within the reporting entity. Inherent risk is the possibility that a material misstatement will occur within the reporting entitys accounting system. The auditor normally assesses inherent risk early in the audit process. If inherent risk is judged to be especially high, the auditor will frequently have to compensate by decreasing detection risk (the possibility that a material misstatement will not be caught by the external auditors testing) to a level lower than anticipated so that overall audit risk is reduced to an acceptably low level. Detection is reduced by carrying out additional substantive testing or by performing substantive testing that renders a higher quality of audit evidence.

Inherent risk is assessed by steps such as (a) performing analytical procedures, (b) looking at problems found in prior audits, (c) analyzing the number of accounts that require significant estimations to be made, (d) studying the quality of the accounting systems used by the company, (e) evaluating the experience, training, and competency of the individuals working with the accounting systems, and (f) analyzing the risk associated with accounts having particularly high balances or number of transactions.

3.56Kaplan CPA Exam Simulation: SAS 99 Fraud GuidelinesAn auditor should conduct the audit with professional skepticism which includes an attitude that assumes balances are incorrect until verified by the auditor by gathering evidence.FDue professional care requires the auditor to exercise professional skepticism. Professional skepticism is an attitude that includes a questioning mind and a critical assessment of audit evidence. Standards go on to state that an auditor should neither assume that management is dishonest nor assume unquestioned honesty.

The fact that a company needs to obtain additional debt or equity financing to stay competitive may be a fraud risk factor.TThe following fraud risk factors are associated specifically with fraudulent financial reporting: Excessive pressure exists for management to meet the requirements or expectations of third parties due to the following: a) Profitability expectations of investment analysts, investors, or significant creditors. b) Company needs to obtain additional debt or equity financing to stay competitive. c) Company has marginal ability to meet debt repayment or other debt covenant requirements.

Professional skepticism should be exercised throughout the audit process.TSince evidence is gathered and evaluated throughout the audit, professional skepticism should be exercised throughout the audit process.

The three components of the fraud triangle are incentive, opportunity and fraud risk factors.

FThe three components of the fraud triangle are incentive, opportunity and rationalization.

If fraud is detected and misstatement does exist, an auditor assesses if it is material. If it is not material, the auditor tells management and has no other responsibility.

TIf fraud is detected and it is deemed to be immaterial, an auditor need only inform members of management at least one level above those involved.

If a material problem is resolved, it is not necessary for the auditor to inform the audit committee.FEven if a material problem is resolved, the audit committee of the board of directors must be informed because the issue had a significant impact on the financial reporting of the company.

When performing a financial statement audit, auditors are required to explicitly assess the risk of material misstatement due to fraud.TAU 312 and AU 316 both required that auditors specifically assess the risk of material misstatements due to fraud and consider that assessment in designing the audit procedures to be performed.

3.57Kaplan CPA Exam Simulation: Financial Statement AssuranceWhat assurance does the auditor provide that misstatements due to errors that are material to the financial statements will be detected?ReasonableAU 110 and AU 316 require the auditor to design the audit to provide reasonable assurance that material misstatements, whether caused by error or fraud, be detected.

What assurance does the auditor provide that misstatements that are material to the financial statements due to fraudulent financial reporting will be detected?ReasonableAU 110 and AU 316 require the auditor to design the audit to provide reasonable assurance that material misstatements, whether caused by error or fraud, be detected. Fraudulent financial reporting is one of the major types of fraud.

What assurance does the auditor provide that misstatements due to direct effect illegal acts that are material to the financial statements will be detected?ReasonableAU 110 requires the auditor to design the audit to provide reasonable assurance of detecting material errors, fraud and direct effect illegal acts. A direct effect illegal act is one that would have an effect on the determination of financial statement amounts.

What assurance does the auditor provide that misstatements that are material to the financial statements due to misappropriation of assets will be detected?ReasonableAU 110 and AU 316 require the auditor to design the audit to provide reasonable assurance that material misstatements, whether caused by error or fraud, be detected. Misappropriation is one of the major types of fraud.

3.58Kaplan CPA Exam Simulation: Audit RiskControl risk is the possibility that a material misstatement will occur within Hardis accounting system. FThe statement is true for inherent risk. Control risk, on the other hand, is the possibility that a material misstatement that has occurred will not be detected by the companys control system.

A CPA performing an audit has no responsibility to look for or find illegal acts that do not have a direct impact on Hardis financial statements. TThose actions are outside the scope of the audit, and in addition, they may well be hidden. However, auditors must maintain a skeptical attitude and, thus, may discover such illegal acts or situations pointing to illegal acts.

If a CPA discovers fraud that causes a material misstatement, then it must be reported by the CPA to Hardis audit committee.TThere should be an understanding between the auditor and the audit client as to the reporting of any other fraud that is uncovered, including fraud that causes an immaterial misstatement.

A CPA would increase the level of detection risk if it is found that Hardis accounting system is outdated or understaffed or operated by individuals lacking training and experience. FSuch a situation would warrant an increase in the level of inherent risk and control risk. Based on the facts, it is likely that a material misstatement will occur within the companys accounting system, and the companys control system is incapable of detecting such a material misstatement.

An example of fraudulent financial reporting would be if Hardi improperly capitalized an immaterial lease in a deliberate attempt to overstate income.

TFraudulent financial reporting does not only cover material misstatement; even immaterial amounts can be construed to be fraudulent financial reporting.

If Hardi has a management bonus based on net income, it directly suggests that a CPA should set inherent risk at maximum. FAlthough the management bonus is a strong indicator of high inherent risk, the auditor must assess the Hardi audit on an overall basis and not make a conclusion on inherent risk based simply on one piece of information.

3.59Kaplan CPA Exam Simulation: Audit RiskRidge will use statistical sampling rather than judgment sampling.Decreases audit riskDetection risk decreases whenever auditor gathers more evidence or obtains evidence of a better quality. Evidence is considered to be of a better quality if it is gathered using more sophisticated techniques (such as statistical sampling rather than judgment sampling).

This is Ridges first audit of Western.Increases audit riskThe fact that it is a first- time audit by Ridge increases the possibility that misstatements have occurred (for 2003 and for prior years) and will not be detected by Ridge. This increases the auditors assessment of inherent risk.

Reconciliation of bank statements.Decreases audit riskBased on the documentation, bank reconciliations are performed in a timely manner. This decreases audit risk. (In contrast, the lack of complete and timely reconciliations of assets represents inadequate internal control over assets which may increase the susceptibility of misappropriation of those assets and thus increase audit risk).

There are a large number of transactions within the accounts receivable general ledger control account and its subsidiary ledgers.

Increases audit riskThe existence of accounts with large balances or many transactions usually increases inherent risk due to the complexity of auditing them.

Level of turnover in the accounting department.Decreases audit riskThe clerk has been employed by Western for 12 years and the controller for ten years; therefore, two of the key employees have remained in their positions for a long time which indicates low turnover. This would generally decrease audit risk. (In contrast, a high turnover rate in the accounting department would represent a deficiency in internal accounting control and thus increase audit risk).

The accounting system is three years old.Decreases audit riskThe system is not outdated (it is only three years old) and appears to be meeting Westerns needs. The system was tested very recently (last year) by the prior auditors and found to be operating effectively. (In contrast, an outdated accounting system would increase inherent risk).

Western is the only provider of water in the three surrounding counties.

Has no impact on audit riskThe fact that Western is the only provided of water in the three surrounding counties has no impact on audit risk.

3.59Kaplan CPA Exam Simulation: Audit Risk (Continued)

The clerk handles nearly all aspects of the accounts receivable/cash receipts system.Increases audit riskBecause the clerk handles nearly all aspects of the accounts receivable/cash receipts system, there is a general lack of segregation of duties within the accounts receivable/cash receipts application. This increases control risk and audit risk.

Ridge bid on the audit of Western along with four other firms. Ridge was selected because the audit committee determined that Ridge had the best and lowest bid.

Has no impact on audit riskThe fact that Ridge was selected because it had the best and lowest bid has no impact on audit risk.

There are two new housing developments within Westerns service area, but contrary to expectations, tap-in fee income is down significantly from last year and from budget.

Increases audit riskInherent risk is increased if, during the performance of analytical procedures in the initial audit planning stages, it is discovered that client balances vary significantly from the auditors expectations.

The clerks high level of personal debt.Increases audit riskPersonal debts or other financial obligations may create pressure on management or other employees (who have access to cash or other assets susceptible to theft) to misappropriate such assets. In the case of Westerns clerk it represents a potential incentive or pressure, which is a fraud risk factor that increases audit risk.

The advanced age of the water treatment plant.Has no impact on audit risk

The advanced age of the plant has no impact on audit risk.

3.60Kaplan CPA Exam Simulation: Consideration of Fraud in a Financial Statement Audit.

The auditor has a responsibility to plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement, whether caused by error or fraud. Because of the nature of audit evidence and the characteristics of fraud, the auditor is able to obtain reasonable, but not absolute, assurance that material misstatements are detected. The auditor has no responsibility to plan and perform the audit to obtain reasonable assurance that misstatements, whether caused by errors or fraud, not material to the financial statements are detected (AU sec. 110, par. 2).3.61 Kaplan CPA Exam Simulation: Illegal Acts.

Subject: Illegal Acts F.D.A. violations

During the audit of Woodson Flavors International, we discovered that the company has several Environmental Protection Agency (E.P.A.) violations resulting in fines totaling $6,000. In accordance with U.S. GAAS, the auditor does not include audit procedures specifically intended to detect illegal acts with an indirect effect. Although, when other audit procedures uncover illegal acts, the auditor should apply the necessary procedures to determine whether an illegal act has occurred. Further testing is now necessary because the discovery of the payment to the E.P.A indicates the possibility of an indirect illegal act.

McGraw-Hill/Irwin The McGraw-Hill Companies, Inc., 2007

3-26Solutions ManualMcGraw-Hill/Irwin The McGraw-Hill Companies, Inc., 2007

Auditing and Assurance Services, Louwers et al., 2/e3-26