Over and over and over again, we hear of instances where auditors miss fraudulent activity.
Remember when the SEC auditors missed Bernie Madoff’s Ponzi scheme?
Or when CliftonLarsonAllen missed Rita Crundwell embezzling $53.7 million from the City of Dixon, Illinois over a 22 year period?
In order to combat this phenomenon, the AICPA’s Statements on Auditing Standards requires the audit team, including audit leadership, to get together and brainstorm possible frauds that are relevant to the audit objective. The GAO’s Yellow Book contains similar requirements.
But auditors often skip this crucial step.
Why don’t auditors do fraud brainstorming?
Many auditors skip fraud brainstorming because they think it is a little silly and because it is hard to get the whole audit team together for an hour. The meeting and its resulting documentation also consume a good chunk of time and some auditors are under enormous time pressure. And on top of that, auditors reason that they will know fraud when they see it.
Check your observation skills with these videos
But what is even sillier than having a brainstorming meeting is relying on our eyes and ears to find fraud.
Take a few minutes to look at these two YouTube videos that test your awareness:
After watching those videos, I realized that fraud could be standing right in front of me – waving its fuzzy bear arms – and I could completely miss it. But give me some time to gather information, maybe do a few interviews, and put me in a room with some like minded professionals, and I can come up with a plausible and likely fraud scenario.
What are the fraud procedures?
In a nutshell, the AICPA and the GAO require auditors to:
- gather information regarding fraud risks. On financial audits, auditors are required to lead fraud interviews with key players of the auditee.
- brainstorm the risk of fraud
- perform a risk assessment to determine which frauds brought up in the brainstorming session are significant (more likely and of a higher magnitude)
- determine if the auditee has any controls in place to prevent the significant frauds
- perform procedures to confirm that fraud did not occur for high risk items
Raising your awareness
I imagine you have experienced the new car phenomenon. It just happened to me a few months ago. When my hubby suggested we buy a particular silver sedan that he found on CraigsList, I started seeing them everywhere. I hadn’t noticed them before – and there are no more of them on the road than there were a year ago – but now my attention has been drawn to them.
That long list of fraud procedures is designed to draw our awareness to fraud so that we are less likely to overlook it.
Do you know what fraud looks like for your auditee?
Yes, you know what fraud is. But have you thought about what fraud will look like at the specific organization that you are auditing?
Each entity you audit will present different opportunities for fraudsters. For instance, one auditee’s revenues might come in the form of large electronic transfers, so the fraudster might use this opportunity to divert the transfers to fake accounts. Another auditee might collect cash from the public, so a fraudster could skim the cash before it hits the books. Some auditees might issue a large number of construction contracts, so a fraudster could take kickbacks or bribes.
Fraud brainstorming encourages audit teams to take time to think about those nuances and notice patterns and clues they may have been blind to before.
Want to learn more about fraud brainstorming?
Do you want to learn more about the required fraud procedures and available tools? Check out An Auditors Responsibility for Fraud in the Government Environment, a self-study course available on YellowBook-CPE.