Forensic Auditing:

The Audit of the Future, Today

Instructor:
Ron Durkin, CFE, CPA/CFF, CIRA

1
1
 Agenda
 Current events and developments in forensic
accounting
 Define the term forensic auditing
 What is the audit of the future?
 Forensic audit thinking
 Forensic audit procedures
 Use of technology
 Interviewing tips
 Knowledge checks along the way
2
 Past Events Relevant to Today
 PCAOB Standing Advisory Group Discussion Paper on Financial
Fraud—September 2004
 Page 21—Involvement of Forensic Accountants in an Audit of
Financial Statements: “The auditor may respond to an identified
risk of material misstatement due to fraud by assigning
additional persons with specialized skill and knowledge such as
forensic … specialists … to the engagement.”
 Page 22—“a forensic accountant participating in an audit
generally performs investigative services that make use of a
CPAs skills including the application of accounting and auditing
knowledge as well as investigative skills to collect, analyze and
evaluate evidential matter and to interpret and communicate
findings.”

3
 SAG Discussion Paper—9/04
 “To perform adequately the fraud detection procedures that
might be performed by a forensic accountant in an audit of
financial statements, the forensic accountant should learn
critical background information about the company, its business
and its environment. This background information is, for
example, particularly important for effective participation in the
brainstorming session.”
 Should a forensic specialist, whether employed by the auditor’s
firm or engagement by the auditor, be regarded as a member of
the audit team? Would treating a forensic accountant as a SAS
73-type specialist create an artificial distinction between the
work necessary to detect fraud and the work necessary to
complete an audit?

4
 SAG Discussion Paper—9/04
 Question 45—What professional standards should apply to
forensic accountants participating in an audit of financial
statements? Should auditors obtain the necessary skills to
detect fraud, including forensic skills?
 Page 23—A registered public accounting firm that, during the
course of performing an audit of financial statements, detects
indications of fraud affecting those financial statements might
be requested by management or the audit committee to expand
the scope of the audit and perform an in-depth investigation to
determine the impact of the alleged fraudulent activities on the
client and its financial statements.

5
 SAG Discussion Paper—9/04
 Question 47—Can auditors obtain reasonable assurance
required by paragraph .02 of AU sec. 110 … without
performing investigations to determine the impact of
alleged fraudulent activities on the financial statements?
 Question 48—What restrictions on the arrangements for
the in-depth investigation would be necessary to avoid an
impairment of independence?
 Question 49—Does a forensic accountant employ an
investigative mindset that is different from the professional
skepticism of an auditor of financial statements?

6
 Current and Future Events
 How current and future events will impact forensic
auditing:
PCAOB—At the April 2010 meeting the Standing Advisory
Group (SAG) discussed the undertaking of a standard-
setting initiative to consider improvements to the
auditor's standard reporting model, and clarification of
the auditor's report of the auditor's role in detecting
fraud under current auditing standards.

7
 Current and Future Events
 PCAOB—April 2010 meeting:
The current auditor's report does not mention fraud
Advisory Committee on the Auditing Profession (ACAP)
recommended "expressly communicating to investors,
other financial statement users, and the public the role of
the auditors in finding and reporting fraud."
ACAP recommended that the PCAOB "review and update
the auditing standards governing fraud detection and
fraud reporting."

8
 Current and Future Events
 PCAOB—April 2010 meeting:
Some SAG members stated that the current auditor's
report model is "very routine," "sort of a boiler plate,"
and the "information content is minimal."
ACAP recommendation suggests that the auditor's report
should articulate the "auditor's role and limitations in
detecting fraud."

9
 Current and Future Events
 PCAOB—April 2010 meeting:
The Global Public Policy Symposium (Nov. 2006) claiming
"there is a significant 'expectations gap'…”
• Proposed certain ideas of change:
 A forensic audit on a regular basis
 A forensic audit on a random basis
 Other "choice-based" options
PCAOB discussion question—should auditing standards
be amended to require a forensic audit component to
the audit, or another option?
10
 A Forensic Audit?
Auditing Standards Investigator Becomes Auditor

Traditional SAS 99
Traditional
Audit Investigation

(Auditing) (Consulting)

Auditor Becomes Investigator Consulting Standards

11
Knowledge Check Discussion Question
Will auditing standards be amended to require a
forensic audit?
A. Yes, a forensic audit will be required
B. No, a forensic audit will not be required
C. No, a forensic audit will not be required;
however, additional procedures will be
incorporated
D. Other

12
 What Is a Forensic Audit?
A. An audit
B. An investigation
C. An agreed-upon procedures engagement
D. A proactive search for fraud
E. Expansion of SAS 99 procedures

The answer is—it depends.

13
 The Audit of the Future
 Forensic Auditing is a new concept that
comprises three key ingredients:
Forensic Audit Thinking
—in other words “thinking forensically”
Forensic Audit Procedures
—both proactive and reactive
Appropriate use of technology and data analysis

14
Forensic Audit Thinking (FAT)

15
 Forensic Audit Thinking—FAT
 Forensic Audit Thinking involves the critical
assessment throughout the audit of all evidential
matter and maintaining a higher degree of
professional skepticism that fraud may have occurred,
is occurring, or will occur in the future.

16
 FAT General Considerations
• Yes, fraud can happen anywhere! Most, if not all companies,
will experience fraud at some level.
• Know what you are looking for and be prepared to do
something if and when you find it.
• Forensic thinking is a mind shift where the auditor believes
that the possibility of fraud may exist and the controls may
be overridden to accomplish that possibility.
• Forensic thinking is used throughout the audit.
• Know your client—what is the tone at the top?

17
 Assess the Tone at the Top
• Does management act with the highest levels of integrity?
• Is management committed to upholding its code of
conduct?
• Are oversight mechanisms in place and functioning that will
prevent, deter, and detect management override of
internal controls?
• Test ethics, conduct, conflict of interest, compliance, and
fraud prevention programs.
• Test the operation and adequacy of confidential disclosure
processes and management’s response to identified risks.
• Test the tone at the top including communication of
management’s philosophy and operating style.

18
 The Fraud Triangle
Pressure/
Incentive

Opportunity Rationalization/
Concealment
19
Gestation Period for Frauds to Be Detected

Source: ACFE 2010 Report to the Nation 20

 Planning
 Gathering of background information from client:
Prior year knowledge
Current company information
Preliminary interviews
Internal pressures

 Gather external background information:

Current company research
Industry research
Market pressures

21
 Brainstorming Essentials
 Discuss various broad programs to prevent, detect, and
respond to fraud issues (antifraud programs and controls).
 Examine company-level controls such as hotlines, employee
handbook, code of conduct, hiring practices, termination of
employee protocol, etc.
 Evaluate process-level controls over recording transactions,
segregation of duties, approval limits, continuous
monitoring, etc.
 Discuss computerized controls and how they will be tested.

22
 Risk Assessment
 Economic, environmental, and industry factors
 Pressures and incentives that could drive behavior
 Assess areas where internal controls could be
overridden
 Internal pressures (budget contraints, approval levels,
etc.)

23
 Risk Assessment (Cont’d)
 Review prior year’s audit work papers
 Review current information gathered
 Comparison to competitor’s analysis
 Stock price, analyst estimates, market pressure
analysis
 Insider-trading analysis
 What is the “fraud du jour”?

24
 Case Example
 While conducting a brainstorming session, we determined
that the client was doing much better in China than their
competition.
 We asked what internal controls and fraud prevention
procedures were in place to detect a possible FCPA
violation.
 We were told that the company had controls in place.
 The company subsequently had an FCPA issue.
 The controls in place were overridden by the country
manager.
25
 Knowledge Check
Forensic Audit Thinking involves:
A. An increased level of professional skepticism
B. Following prescribed checklists
C. A critical evaluation of evidence obtained
D. All of the above
E. Both A and C above

26
65.324689.7.1364615.452.215374216.242364312234.165434.4.4.31503787423.1634642.136284.97841615.3165.6451.1526.134644513.11.163466.1164.166.615463123046.132964.

What Professional Standards Are Auditors

61.1636212.616.1615423.16254.1622.11.897851948.4252442.61516.1622542196254.51.154231.5132251.22643.256451332.51.2512.1152.13.1523451.152345312354.236461.4222
5264.65512.252564.65.4623.4645343425524352.3126484.4345.42465.36378823.1225568.5566.8.586.685678688.76868444.78234.56854556.64.56423255.46285423.66.66451.872
15.32645.6158913.99102456.5675612.745.55.556463.46.4642.463.4635523453.6652335.63345.2313.6343226.8754121.56635521.125.648.746666.7132319.22.44455.698545.13.11

Following If They Conduct an Investigation?

A. Auditing Standards
B. ACFE Code of Professional Standards
C. Private Investigation Standards
D. Statement on Standards for Consulting
Services No. 1

27
Forensic Audit Procedures (FAP)

28
 Forensic Audit Procedures—FAP
 Forensic audit procedures are more specific and
geared toward detecting the possible material
misstatements in financial statements resulting from
fraudulent activities or error.
 Audit procedures should align with fraud risks and
fraud risk assessments.
 If fraud was occurring at your audit client, what
procedures would detected it?

29
 Key Characteristics for Effectively
65.324689.7.1364615.452.215374216.242364312234.165434.4.4.31503787423.1634642.136284.97841615.3165.6451.1526.134644513.11.163466.1164.166.615463123046.132964.
61.1636212.616.1615423.16254.1622.11.897851948.4252442.61516.1622542196254.51.154231.5132251.22643.256451332.51.2512.1152.13.1523451.152345312354.236461.4222
5264.65512.252564.65.4623.4645343425524352.3126484.4345.42465.36378823.1225568.5566.8.586.685678688.76868444.78234.56854556.64.56423255.46285423.66.66451.872
15.32645.6158913.99102456.5675612.745.55.556463.46.4642.463.4635523453.6652335.63345.2313.6343226.8754121.56635521.125.648.746666.7132319.22.44455.698545.13.11

Implementing Forensic Procedures

Those performing forensic procedures (either the auditor or
the forensic specialists) may consider having:
 An investigative mindset—more than skeptical
 An understanding of fraud schemes and indicia of fraud
 Experience in dealing with fraud issues
 Knowledge of certain investigative, analytical, and
technology-based techniques
 Knowledge of legal process (pitfalls, ramifications, etc.)

30
FAP—The Seven Investigative Techniques*
1. Public document reviews and background
investigations
2. Interviews of knowledgeable persons
3. Confidential sources and informants
4. Laboratory analysis of physical and electronic
evidence
5. Electronic and physical surveillance
6. Undercover operations
7. Analytical procedures
* Source: Based on “The 7th Investigative Technique” by Richard Nossen (modified from the original text).

31
 Case Example
 Prior to going into the field with the audit team (forensic in
the audit) we did a public records search looking for
insider-trading activities—best practice!!
 We saw that a number of insiders had significant trading
activities.
 We reported this to the audit partner.
 Six months later, a class action lawsuit was filed against the
officers and directors for “alleged” insider trading.

32
 Interviewing Basics
 Be objective and not biased.
 Be well prepared.
 Understand that listening is essential—two ears one
mouth.
 Don’t prepare a list of questions in advance.
 Be professional at all times.
 Maintain eye contact.
 Prepare a memo or written report of your interview (this
should be in a previously approved format for consistent
results).
 Don’t express opinions (yours not theirs).
33
 Prior to the Interview
 Don’t call it an interview when setting it up—use terms
such as “I’d like to come by to visit with you” or “I’d like
to have a few minutes of your time to discuss ….” The
terms interview and inquiry sound threatening.
 Review documents and know the span of authority of
the person be interviewed.
 Have evidence or documents copied and ready for
review by interviewee.
 Have a partner as a note taker—discuss roles.

34
 Note Taking
 Ask for permission to take notes—Is it okay if I jot
down a few notes?
 Don’t record more than one interview on a piece of
paper.
 Be sure to list only the pertinent facts.
 Use quotes sparingly, but when a statement is relevant
do it.
 Prepare an interview memo timely.
 Consider reviewing it with interviewee.

35
 Knowledge Check
The forensic auditor should be fully prepared for
the interview with a script to follow:
A. True
B. False

36
 Knowledge Check
The purpose of an interview is to obtain an
admission of wrongdoing.
A. True
B. False

37
 Knowledge Check
Which of the following is NOT an investigative
technique?
A. Interviews
B. Background checks
C. Confirmation with third parties
D. Handwriting analysis
E. Using confidential sources (informants)

38
 Appropriate Use of Technology

Using Forensic Data Analysis to Find Fraud

39
 Forensic Data Analysis
 Forensic Data Analysis is the process of gathering,
summarizing, comparing, and aggregating existing
disparate sets of data that organizations routinely collect in
the normal course of business with the goal of detecting
anomalies that are traditionally indicative of fraud or other
misconduct.
 Can be used in the Prevention, Detection, or Response of
fraud or other misconduct.
 Provides additional comfort to C-Level Executives, Audit
Committees, Internal Audit Departments, and
Management.

40
Benefits of Forensic Data Analysis
 Analyzes 100% of data sets rather than using statistical
sampling—Risk Based Sampling.
 Can help identify potential control environment
weaknesses.
 Can assist with the assessment of the effectiveness of
existing anti-fraud and fraud risk management
programs and practices.
 Can help to Identify potential policy and process
violations—vendor acceptance/approval process, T&E,
etc.
 Can assist with interviews in investigations.

41
 Forensic Data Analysis
1
0
1
0

1
0

$10,000
$60,000,000
Payment
3/15/2004
Gift
Wire
14575Transfer
Main St
$10,000,000
3/4/2004 10
Cash
9/16/2003
Acme Inc.
13$999,999
Second Ave

42
 Forensic Data Analysis Process

1. Acquire Data and 2. Brainstorming and 3. Output Trends

Normalize Real-Time Data Analysis and Anomalies

43
Digital/Frequency Testing
Benford Analysis

Why do these values occur

more often?

44
Analytical Testing—Income Statement Items
Revenue Trending
30

20

10
$ in Millions

-10 Debit
Credit
-20

-30

-40

-50

-60

45
Analytical Testing—User Activity by Month
16,000,000

14,000,000 Jan
Feb
12,000,000
Mar

10,000,000 Apr
May
8,000,000 Jun
Jul
6,000,000
Aug
4,000,000 Sep
Oct
2,000,000 Nov
Dec
-
Bsimpson Glopez Cbrown Nfine Ijones

46
Analytical Testing—Day of the Week
140

120

100

80

60

40

20

0
Monday Tuesday Wednesday Thursday Friday Saturday Sunday

47
 Analytical Testing—Time of Day
6,000

5,000

4,000

3,000

2,000

1,000

48
 Related-Party Analysis
Draft; Tentative and Preliminary; Subject to Change
Prepared for Counsel
Shell Company B
Related Party Analysis
Shell Company A

Person Wife Dependent Dependent Dependent

A

Related to Related to Related to Related to Agent

Wife Wife Wife Wife

Agent
Company X LLC
Financial
Management
Company Y LLC Company Z LLC Company

Company Company Company Company

Company Company
Company Company Company Company

49
Computer Forensics and E-Discovery
Hide
Steal Pressure
Opportunity
Conceal
Destroy Fraud
Incentive

50
 Knowledge Check
Forensic Technology Tools can help to find the
indicia of:
A. Misappropriation of assets schemes
B. Corruption schemes
C. Financial reporting schemes
D. All of the above

51
Questions?

52
 Contact Info
Ronald L. Durkin CPA/CFF, CFE, CIRA
Sr. Managing Director—Los Angeles
rdurkin@durkinforensic.com
(213)225 -1110 ext. 5211

www.durkinforensic.com

53
The End

54