TheCorporateCounsel.net

The PCAOB recently added a “Fraud Risk Resources” page to its website. While the materials on this page are intended to assist auditors in complying with their obligations to consider fraud during the course of an audit, the information the PCAOB provides there is also likely to be of assistance to audit committees in understanding those obligations and their implications for the audit process. Here’s an excerpt from the discussion of the auditor’s obligations with respect to the risk assessment process:

PCAOB standards require auditors to perform risk assessment procedures that are sufficient to provide a reasonable basis for assessing the risks of material misstatement, whether due to error or fraud, and designing further audit procedures. The risk assessment procedures required by PCAOB standards are intended to direct the auditor to identify external and company-specific factors that affect risks due to error or fraud, such as, fraud risk factors, for example, factors that create pressures to manipulate the financial statements.

Some required risk assessment procedures and procedures performed when identifying and assessing risks are directed specifically at risks of material misstatement due to fraud (“fraud risks”), such as:

– Conducting a discussion among the engagement team members of the potential for material misstatement due to fraud;

– Inquiring of the audit committee, management, internal auditors, and others about fraud risks;

– Performing analytical procedures relating to revenue for the purpose of identifying unusual or unexpected relationships involving revenue accounts that might indicate a material misstatement, including material misstatement due to fraud;

– Considering factors relevant to identifying fraud risks, including in particular, fraud risks related to improper revenue recognition, management override of controls, and risk that fraud could be perpetrated or concealed through omission of disclosures or presentation of incomplete or inaccurate disclosures; and

– Evaluating the design of controls that address fraud risks.

A substantial number of the other required risk assessment procedures also can provide information that is relevant to the auditor’s consideration of fraud.

Other topics addressed by the PCAOB here include acceptance and retention of audit engagements, audit planning, responses to the risk of material misstatements, and fraud considerations in ICFR audits.

– John Jenkins