of Group Financial Statements (Including the Work of Component Auditors)
Note
1 1 See “Definitions of Terms” section.
5 AU-C 240 Consideration of Fraud in a Financial Statement Audit
Objectives of AU-C Section 240
Description and Characteristics of Fraud
Responsibilities of the Auditor
Engagement Team Discussion about Fraud (Brainstorming)
Obtaining Information Needed to Identify Fraud Risks
Responding to the Results of the Assessment
Communication about Possible Fraud to Management and Those Charged with Governance
Antifraud Programs and Controls
SCOPE
AU-C 240 focuses on the auditor’s responsibility for fraud in a financial statement audit. AU-C 240 complements and expands on guidance in AU-C 315 and 330 regarding risks of material misstatements. (AU-C 240.01)
DEFINITIONS OF TERMS
Source: AU-C 240.11. For definitions related to this standard, see Appendix A, “Definitions of Terms”: Fraud, Fraud risk factors.
OBJECTIVES OF AU-C SECTION 240
The objectives of the auditor under AU-C Section 240 are to:
1 Identify and assess the risks of material misstatement of the financial statements due to fraud;
2 Obtain sufficient appropriate audit evidence regarding the assessed risks of material misstatement due to fraud, through designing and implementing appropriate responses; and
3 Respond appropriately to fraud or suspected fraud identified during the audit.
(AU-C 240.10)
REQUIREMENTS
Description and Characteristics of Fraud
Although fraud is a broad legal concept, the auditor’s interest specifically relates to fraudulent acts that cause a material misstatement of financial statements. Two types of misstatements are relevant to the auditor’s consideration in a financial statement audit.
1 Misstatements arising from fraudulent financial reporting
2 Misstatements arising from misappropriation of assets
(AU-C 240.02–.03)
Fraudulent financial reporting does not need to involve a grand plan or conspiracy. Management may rationalize that a misstatement is appropriate because it is an aggressive interpretation of accounting rules, or that it is a temporary misstatement that will be corrected later.
Fraudulent financial reporting and misappropriation of assets differ in that fraudulent financial reporting is committed, usually by management, to deceive financial statement users, whereas misappropriation of assets is committed against an entity, most often by employees.
Fraud Risk Factors. Fraud generally involves the following three conditions:
1 A pressure or an incentive to commit fraud
2 A perceived opportunity to do so
3 Rationalization of the fraud by the individual(s) committing it
(AU-C 240.A1)
However, not all three conditions must be observed to conclude that there is an identified risk. It is particularly difficult to observe that the correct environment for rationalizing fraud is present.
Although fraud usually is concealed, the presence of risk factors or other conditions may alert the auditor to its possible existence.
The auditor should be aware that the presence of each of the three conditions may vary, and is influenced by factors such as the size, complexity, and ownership of the entity. These three conditions usually are present for both types of fraud.
The Typical Fraudster
KPMG released a study of 750 fraudsters in 81 countries, “Global Profile of a Fraudster: Technology Enables and Weak Controls Fuel the Fraud,”1 regarding characteristics of people who commit fraud: They
are often experienced employees in a position to collude with people inside and outside the entity.
usually hold management or senior positions.
do not have a prior history of criminal activity.
are highly respected.
appear trustworthy.
are predominantly male between the ages of 36 and 55
Most (61%) fraudsters are employed by the entity.
In