ACCT 3109 – Auditing

The Auditor’s Responsibilities Regarding Fraud

and Mechanisms to Address Fraud: Regulation
and Corporate Governance

Chapter 2

Fall Semester, 2021/22

Dr. Sammy Fung
1
Fraud Defined
● Fraud is an intentional act involving the use of deception
that results in a misstatement of the financial statements
● Two types of misstatements are relevant to auditors’
consideration of fraud:
● Misstatements arising from misappropriation of assets
● Misstatements arising from fraudulent financial reporting
● Intent to deceive is what distinguishes fraud from errors

2
Misappropriation of Assets
● Asset misappropriation occurs when a perpetrator steals
or misuses an organization’s assets
● Asset misappropriations
● Primary fraud scheme in small businesses
● Perpetrators are usually employees
● Asset misappropriations include
● Embezzling cash receipts
● Stealing assets
● Causing the organization to pay for goods or services that the
organization did not receive

3
Fraudulent Financial Reporting
● The intentional manipulation of reported financial results
is called fraudulent financial reporting
● Motivations
● Perpetrator seeks gain through the rise in stock price and the
commensurate increase in personal wealth
● Perpetrator tries to “help” the organization avoid bankruptcy
or other negative financial outcome

4
Common Means to Accomplish Fraudulent
Financial Reporting
● Manipulation, falsification, or alteration of accounting
records or supporting documents
● Misrepresentation or omission of events, transactions, or
other significant information
● Intentional misapplication of accounting principles

5
Check Your Basic Knowledge (2-3)
2-3 What is the primary difference between fraud and error in
financial statement reporting?
a. The materiality of the misstatement.
b. The intent to deceive.
c. The level of management involved.
d. The type of transaction effected.

6
Check Your Basic Knowledge (2-4)
2-4 Which of the following examples best represents an
example of fraudulent financial reporting?
a. The transfer agent issues 40,000 shares of the company’s
stock to a friend without authorization by the board of
directors.
b. The controller of the company inappropriately records
January sales in December so that year-end results will meet
analysts’ expectations.
c. The in-house attorney receives payments from the French
government for negotiating the development of a new plant
in Paris.
d. The accounts receivable clerk covers up the theft of cash
receipts by writing off older receivables without
authorization.
7
The Fraud Triangle
● The three elements of the fraud triangle include
● An incentive to commit fraud
● The opportunity to commit and conceal the fraud
● Rationalization—the mindset of the fraudster to justify
committing the fraud

8
Incentives or Pressures to Commit Fraud
● Possible incentives for fraudulent financial reporting
include:
● Management compensation schemes
● Financial pressures for either improved earnings or an
improved balance sheet
● Debt covenants

9
Opportunities to Commit Fraud
● Lack of controls
● Complex transactions
● Significant related-party transactions
● A company’s industry position
● Management’s inconsistency involving subjective
judgments regarding assets or accounting estimates

10
Rationalizing the Fraud
● Rationalization can range from “saving the company” to
personal greed
● Examples of rationalization
● This is a one-time thing to get us through the current crisis and
survive until things get better
● Everybody cheats on the financial statements a little; we are
just playing the same game
● We will be in violation of all of our debt covenants unless we
find a way to get this debt off the financial statements
● I will lose everything (family, home, car, and so on) if I don’t
take the money

11
Bonjour fraud case
https://www.thestandard.com.hk/breaking-
news/section/3/124959/Family-of-three-jailed-for-HK$40m-Bonjour-
fraud

12
Implications for External Auditors
● The auditor should be aware of the pressure that analyst
following and earnings expectations create for top
management
● If there are potential problems with revenue, the auditor
cannot complete the audit until there is sufficient time to
examine major year-end transactions
● The auditor must understand complex transactions to
determine their economic substance and the parties that have
economic obligations
● The auditor must clearly understand and analyze weaknesses
in an organization’s internal controls in order to determine
where and how a fraud may take place
● The auditor must develop audit procedures to address specific
opportunities for fraud to take place

13
Common Motivations for Fraud
● Need to meet internal or external earnings expectations
● Attempt to conceal the company’s deteriorating financial
condition
● Need to increase the stock price
● Need to bolster financial performance for pending equity
or debt financing
● Desire to increase management compensation based on
financial results

14
Fraud: Auditors’ Responsibilities and Users’
Expectations
● Management, the audit committee, internal auditors,
external auditors and regulatory authorities need to:
● Acknowledge need for a strong, highly ethical tone at the top
of an organization that permeates the corporate culture,
including an effective fraud risk management program
● Exercise professional skepticism in evaluating and/or preparing
financial reports
● Remember that strong communication among those involved
in the financial reporting process is critical

15
Fraud-Related Requirements in Professional
Auditing Standards
● Professional auditing standards require the auditor to
plan and perform an audit that will detect material
misstatements resulting from fraud.

16
Check Your Basic Knowledge—True/False
2-13 The investing public generally recognizes that it is very
difficult for auditors to detect fraud, so investors do not
hold auditors accountable when auditors fail to detect
fraud. (T/F)
2-14 The mission of the SEC is to restore the confidence of
investors, and society generally, in the independent
auditors of companies. (T/F)

17
Check Your Basic Knowledge (2-15)
2-15 Which of the following statements is true regarding the
deterrence and detection of fraud in financial reporting?
a. Preventing and detecting fraud is the job of the external
auditor alone.
b. An effective fraud risk management program can be
expected to prevent virtually all frauds, especially those
perpetrated by top management.
c. Communication among those involved in the financial
reporting process is critical.
d. All of the above.
e. None of the above.

18
Check Your Basic Knowledge (2-16)
2-16 Which of the following statements is true?
a. Unless an independent audit can provide reasonable
assurance that financial information has not been materially
misstated because of fraud, it has little, if any, value to
society.
b. Repeated revelations of accounting scandals and audit
failures related to undetected frauds have seriously damaged
public confidence in external auditors.
c. A strong ethical tone at the top of an organization that
permeates corporate culture is essential in mitigating the risk
of fraud.
d. All of the above.
e. None of the above.

19
The Sarbanes-Oxley Act of 2002 as a Regulatory
Response to Fraud
● Financial scandals and associated stock market declines in
the early 2000s
● Bad ethical decisions
● Weak corporate governance
● Low audit quality
● Insufficient auditor independence
● Response to Enron bankruptcy and collapse of Arthur
Andersen
● Sarbanes-Oxley only applies to publicly traded companies

20
Significant Audit-Related Provisions of the Sarbanes-
Oxley Act of 2002
● Title I removes self-regulation of the auditing profession
and replaces it with independent oversight by the PCAOB
● Section 201 prevents audit firms from providing many
consulting services to audit clients
● Sections 204, 301, and 407 significantly expand the
power, responsibilities, and disclosures of corporate audit
committees
● Section 404 requires management assessment and
external audit firm attestation regarding the effectiveness
of internal control over financial reporting
● Refer to Exhibit 2.5 for a list of significant audit-related
provisions

21
Sarbanes-Oxley
TITLE I: Public Company Accounting Oversight Board
101 Establishment and administrative provisions
102 Registration with the Board
103 Auditing, quality control, and independence standards
and rules
104 Inspections of registered public accounting firms
105 Investigations and disciplinary proceedings.
106 Foreign public accounting firms
107 Commission oversight of the Board
108 Accounting standards
109 Funding

22
Sarbanes-Oxley
TITLE II: Auditor Independence
201 Services outside the scope of practice of auditors
202 Preapproval requirements
203 Audit partner rotation
204 Auditor reports to audit committees
205 Conforming amendments
206 Conflicts of interest
207 Study of mandatory rotation of registered public
accounting firms

23
Sarbanes-Oxley
TITLE III: Corporate Responsibility
301 Public company audit committees
302 Corporate responsibility for financial reports
303 Improper influence on conduct of audits

24
Sarbanes-Oxley
TITLE IV: Enhanced Financial Disclosures
401 Disclosures in periodic reports
402 Enhanced conflict of interest provisions
403 Disclosures of transactions involving management and
principal stockholders
404 Management assessment of internal controls
406 Code of ethics for senior financial officers
407 Disclosure of audit committee financial expert

25
Corporate Governance
● Corporate governance is a process by which the owners
(stockholders) and creditors of an organization exert
control and require accountability for the resources
entrusted to the organization.
● The owners elect a board of directors to provide oversight
of the organization’s activities and accountability to
stakeholders.

26
Exhibit 2.6

27
Responsibility and Accountability
● Governance demands accountability back through the
system to the owners and other stakeholders
● Stakeholders include anyone who is affected, either directly or
indirectly, by the actions of a company
● Management and the board have responsibilities to
● Act within the laws of society
● Meet various requirements of creditors and employees and
other stakeholders
● Corporate governance mosaic refers to the
complementary roles and specific responsibilities of the
parties
● No one party is completely responsible

28
Characteristics of Effective Corporate Governance
● In 2010, a commission sponsored by the NYSE issued a
report identifying key core governance principles
● The report includes both broad principles related to
boards and management, along with very specific
corporate governance guidelines

29
Broad Principles of Effective Corporate Governance
● Long-term sustainable growth in shareholder value for the
corporation
● Successful management of the company
● Including creation of a culture of performance with integrity and ethical
behavior
● Integration with the company’s business strategy
● Not viewed as simply a compliance obligation
● Transparency
● Regular efforts to ensure that they have sound disclosure policies and
practices
● Independence and objectivity
● Balance in the appointment of independent and non-independent
directors
● Appropriate range and mix of expertise, diversity, and knowledge on the
board

30
NYSE Corporate Governance Guidelines
● Boards need to consist of a majority of independent directors
● Boards need to hold regular executive sessions of independent directors
without management present
● Companies must adopt and disclose corporate governance guidelines
addressing director qualification standards, director responsibilities,
director access to management and independent advisors, director
compensation, director continuing education, management succession,
and an annual performance evaluation of the board
● Companies must adopt and disclose a code of business conduct and ethics
for directors, officers, and employees
● Foreign companies must disclose how their corporate governance practices
differ from those followed by domestic companies
● CEOs must provide an annual certification of compliance with corporate
governance standards
● Companies must have an internal audit function, whether housed
internally or outsourced

31
NYSE Corporate Governance Guidelines Related to a
Nominating/Corporate Governance Committee
● Boards must have a nominating/corporate governance
committee composed entirely of independent directors
● This committee must have a written charter that
addresses the committee’s purpose and responsibilities
● An annual performance evaluation of the committee is
required

32
NYSE Corporate Governance Guidelines Related to a
Compensation Committee
● Boards must have a compensation committee composed
entirely of independent directors
● The compensation committee must have a written
charter that addresses the committee’s purpose and
responsibilities, which must include (at a minimum) the
responsibility to:
● Review and approve corporate goals relevant to CEO
compensation
● Make recommendations to the board about non-CEO
compensation and incentive-based compensation plans
● Produce a report on executive compensation
● An annual performance evaluation of the committee is
required
33
NYSE Corporate Governance Guidelines Related to
an Audit Committee
● Boards must have an audit committee with a minimum of
three independent members
● The audit committee must have a written charter that
addresses the committee’s purpose and responsibilities
● The committee must produce an audit committee report
● An annual performance evaluation of the committee is
required

34
Responsibilities of Audit Committees
● Section 301 of the Sarbanes-Oxley Act outlines the
responsibilities of audit committee members for publicly
traded companies
● Responsible for the appointment, compensation, and
oversight of the work of audit firms
● Must be independent
● Must establish whistle-blowing mechanisms
● Must have the authority to engage their own
independent counsel
● Must provide adequate funding for audit committees

35
Specific Responsibilities of Audit Committees
Mandated by the NYSE
● Obtaining an annual report by the external auditor that addresses the
company’s internal control procedures, any quality-control or regulatory
problems, and any relationships that might threaten the independence of
the external auditor
● Discussing the company’s financial statements with management and the
external auditor
● Discussing in its meetings the company’s earnings press releases, as well as
financial information and earnings guidance provided to analysts
● Discussing in its meetings policies with respect to risk assessment and risk
management
● Meeting separately with management, internal auditors, and the external
auditor on a periodic basis
● Reviewing with the external auditor any audit problems or difficulties that
they have had with management
● Setting clear hiring policies for employees or former employees of the
external auditor
● Reporting regularly to the board of directors

36
Additional Responsibilities of Audit Committees in
Many Organizations
● In many organizations the audit committee has the
authority to:
● Hire and fire the head of the internal audit function
● Set the budget for the internal audit activity
● Review the internal audit plan
● Discuss all significant internal audit results
● Other responsibilities might include:
● Performing or supervising special investigations
● Reviewing policies on sensitive payments
● Coordinating periodic reviews of compliance with company
policies such as corporate governance policies

37
Check Your Basic Knowledge—True/False
2-21 Corporate governance is the process by which the owners
and creditors of an organization exert control over and
require accountability for the resources entrusted to the
organization. (T/F)
2-22 The term corporate governance mosaic refers to the fact
that each of the parties involved in corporate governance
has complementary roles and specific responsibilities; no
one party is completely responsible. (T/F)

38
Check Your Basic Knowledge (2-23)
2-23 Audit committee activities and responsibilities include
which of the following?
a. Selecting the external audit firm.
b. Approving corporate strategy.
c. Reviewing management performance and determining
compensation.
d. All of the above.
e. None of the above.

39
Check Your Basic Knowledge (2-24)
2-24 Which of the following audit committee responsibilities has
the NYSE mandated?
a. Obtaining a report each year by the internal auditor that
addresses the company’s internal control procedures, any
quality-control or regulatory problems, and any relationships
that might threaten the independence of the internal auditor.
b. Discussing in its meetings the company’s earnings press
releases as well as financial information and earnings
guidance provided to analysts.
c. Reviewing with the internal auditor any audit problems or
difficulties that they have had with management.
d. All of the above.
e. None of the above.

40
Café de Coral Annual Report 2020

https://www.cafedecoral.com/eng/investor_re
lations/reports/index.jsp

41