Financial Audits Versus Fraud Audit - How fraud investigation is not an audit.


The published Sarbanes Oxley incorporates concepts and procedures to deter and to catch fraud in audits of internal controls over financial reporting. However, the focus of financial audits and financial reporting ultimately is concerned with providing reasonable assurance that a material misstatement to financial statements has not occurred, regardless of the reason.

Many in the public have questioned why financial auditors do not detect more fraud. The general public believes that a financial auditor would detect a fraud if one were being perpetrated during the financial auditor’s audit. The truth, however, is that the procedures for financial audits are designed to detect material misstatements, not immaterial frauds.

While it is true that many of the financial statements and frauds could have, perhaps should have, been detected by financial auditors, the vast majority of frauds could not be detected with the GAAS of financial audits. Reasons include the dependence of financial auditors on a sample and the auditors’ reliance on examining the audit trail versus examining the events and activities behind the documents. The latter is simply resource prohibitive in terms of costs and time.
There are some basic differences today between the procedures of fraud auditors and those of financial auditors.
Fraud auditors look behind and beyond the transactions and audit trail to focus on the substance of the transactions instead. The fraud auditor doesn’t question if there is a prudent internal control in place. It does not question if the accounting process comply with the accounting standard, either. But it rather question about:
  • Where are the weakest links in this system’s chain of controls?
  • What deviations from conventional good accounting practices are possible in this system?
  • How are off-line transactions handled, and who can authorize such transactions?
  • What would be the simplest way to compromise this system?
  • What control features in this system can be bypassed by higher authorities?
  • What is the nature of the work environment?
Another difference is the current status of technical guidance combined with research on frauds. Frauds can be divided into three main categories: (1) financial frauds, (2) asset misappropriations, and (3) corruption (ACFE fraud tree). Financial frauds are typically perpetrated by executive management and average millions of dollars in losses.
According to a recent KPMG Fraud Survey, that average is about $258 million. Generally speaking, therefore, financial frauds are likely to be material, and thus financial audit procedures have the potential to detect them—because they would be a material misstatement, due to a material fraud.
However, those who might be responsible for fraud audits internal to the firm could be constrained or thwarted in detecting the fraud because executives are in a position to hide the fraud or misdirect fraud auditors’ efforts. Cynthia Cooper argues that at WorldCom she was thwarted from doing her job as internal auditor, but she eventually did uncover the financial fraud being perpetrated there.
Next, let’s have a look at financial auditors, fraud auditors and forensic accountants.

No comments