Avoiding Missteps When Fraud is Suspected

Similar documents
International Standards for the Professional Practice of Internal Auditing (Standards)

CODE OF BUSINESS CONDUCT AND ETHICS. FRONTIER AIRLINES, INC. Adopted May 27, 2004

Auditors Fraud Primer

International Standards for the Professional Practice of Internal Auditing (Standards)

INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS)

The Company seeks to comply with both the letter and spirit of the laws and regulations in all jurisdictions in which it operates.

Delta Dental of Michigan, Ohio, and Indiana. Compliance Plan

MANAGING FRAUD RISK. Teresa D. Thamer, CPA, CFE Brenau University

Fraud prevention, detection and investigation

What Are Your Auditors Doing? Presented by Carrie Kennedy, Partner Travis Smith, Partner Moss Adams LLP

Internal Misconduct Investigations Seven Steps to Success. December 8, 2017

Corporate Governance: Sarbanes-Oxley Code of Ethics

THE NEW AND REVISED INTERPRETATIONS CONTAINED IN THIS DOCUMENT ARE EFFECTIVE ON AUGUST 31, 2017 UNLESS OTHERWISE NOTED.

Workers Compensation Policy and Procedure

May 3, To the Jail Board Members and Management Western Tidewater Regional Jail Authority 2402 Godwin Blvd Suffolk, Virginia 23434

A Firm s System of Quality Control

CLIENT ALERT: INTERNAL CONTROL OVER FINANCIAL REPORTING

GoldSRD Audit 101 Table of Contents & Resource Listing

Kentucky State University Office of Internal Audit

Performance Auditing: What It Is, and Why It Is Important Presented by: Harriet Richardson, CPA, CIA, CGAP Audit Manager, City of Berkeley

Audit programs that can be easily tailored to address the risks associated with your individual

Government Auditing Standards

1. Auditors may be independent in fact but not independent in appearance. 3. Attestation standards provide guidance for a wide variety of engagements

THE AUDITOR S RESPONSIBILITIES AND FUNCTIONS, INTRODUCTION TO GAAS, AND THE GENERAL STANDARDS (INCLUDING THE QUALITY CONTROL STANDARDS)

Fraud and the Internal Audit role Course Outline

General Principles for Engagements Performed in Accordance With Statements on Standards for Accounting and Review Services

Your Guide to the Compliance Process

Global Code of Business Conduct and Ethics

CODE OF ETHICS/CONDUCT

U. S. GAO Government Auditing Standards Update The New Yellow Book

Statements. This Standard is effective for reviews of financial statements for periods ending on or after 31 December 2013.

Auditing & Assurance Services, 7e (Louwers) Chapter 2 Professional Standards

An Audit of Internal Control Over Financial Reporting Performed in Conjunction with An Audit of Financial Statements

An Audit of Internal Control Over Financial Reporting Performed in Conjunction with An Audit of Financial Statements

PROFESSIONAL DEVELOPMENT: TAKING YOUR CAREER TO THE NEXT LEVEL KEY INVESTIGATIVE TECHNIQUES FOR SUCCESSFUL RECOVERIES

General Principles for Engagements Performed in Accordance With Statements on Standards for Accounting and Review Services

BIG LOTS, INC. CODE OF BUSINESS CONDUCT AND ETHICS

Internal Control 2015 Training

Allegheny County Airport Authority ADMINISTRATIVE POLICY HANDBOOK Business Code of Conduct and Ethics Policy (Effective 04/01/06)

Eric Kinsherf, CPA MMAAA Conference June 12, 2018

LIST OF SUBSTANTIVE CHANGES AND ADDITIONS. PPC's Guide to Audits of Nonprofit Organizations

2. The auditors' report on a corporation's financial statements usually is addressed to the president of the company.

MARICOPA INTEGRATED HEALTH SYSTEM Code of Conduct and Ethics

3.6.2 Internal Audit Charter Adopted by the Board: November 12, 2013

Page: Page 1 of 5 Effective Date: January 27, 2004 Authorized By: President and CEO Function: Executive

Statement on February 2014 Auditing Standards 128. Using the Work of Internal Auditors

River City Medical Group ANTIFRAUD PLAN

Chapter 02. Professional Standards. Multiple Choice Questions. 1. Control risk is

Please activate this copy of RoboPDF.

MANAGING THE RISK OF FRAUD

Fraud Awareness Jennifer Murtha Clara Ewing

Corporate Governor. Providing vision and advice for management, boards of directors and audit committees Winter 2015

AUDIT RESPONSIBILITIES AND OBJECTIVES

Can You Spot Fraudsters?

APES 320 QUALITY CONTROL FOR FIRMS

Internal Audit Appendix: IIA Standards

OCCUPATIONAL FRAUD IN GOVERNMENT AND STEPS TO PREVENT AND DETECT IT

Protecting your private business from fraud

REGISTERED CANDIDATE AUDITOR (RCA) TECHNICAL COMPETENCE REQUIREMENTS

The Research Foundation for The State University of New York Code of Conduct

ASB Meeting January 12-15, 2015

RELM WIRELESS CORPORATION (the Company ) CODE OF BUSINESS CONDUCT AND ETHICS

Re: Proposed Statement on Standards for Attestation Engagements, Attestation Standards: Clarification and Recodification

AMETEK, Inc. Code of Ethics and Business Conduct

HCCA AUDIT & COMPLIANCE COMMITTEE CONFERENCE

INTERNATIONAL STANDARD ON AUDITING 580 WRITTEN REPRESENTATIONS CONTENTS

Code of Business Conduct and Ethics

Auditing and Attestation (AUD) - Content Outline Effective January 2014

CRONOS GROUP INC. CODE OF BUSINESS CONDUCT AND ETHICS. 2018A Approved. Legal Department (Xiuming Shum) Validator

How the Ethics Rules Influence the Role of Discovery Counsel

The Company seeks to comply with both the letter and spirit of the laws and regulations in all countries in which it operates.

Community College Audit and Compliance Workshop. VAVRINEK, TRINE, DAY & CO., LLP April 15, 2014

Chapter 6 Field Work Standards for Performance Audits

Office of the City Auditor. Review of Police Property and Evidence Unit Inventory

NONPROFIT AUDIT 101 A Guide to the Fundamentals and More

Atlas Financial Holdings, Inc. Code of Business Conduct & Ethics

Dena Jansen, CPA Partner Maxwell Locke & Ritter LLP

MULTIMEDIA COLLEGE JALAN GURNEY KIRI KUALA LUMPUR

BUILDING AN EFFECTIVE COMPLIANCE PROGRAM

Background. Required Communications of Other Internal Control Deficiencies

Corporate Code of Business Conduct and Ethics

GUIDELINES. Corporate Compliance. Kenneth D. Gibbs President & Chief Executive. Martin A. Cammer Senior Vice President & Corporate Compliance Officer

AICPA Peer Review Program Compliance: Responding to Latest Developments

Presented by Ed Williamson and Erica Bailey

Triple C Housing, Inc. Compliance Plan

Notice to Readers Use of the Standards Individual Enrollment in the Program... 5

QUESTIONS AND ANSWERS ABOUT THE AICPA PEER REVIEW PROGRAM

IIA ACFE Conference April 17, 2015

ADMINISTRATIVE INTERNAL AUDIT Board of Trustees Approval: 03/10/2004 CHAPTER 1 Date of Last Cabinet Review: 04/07/2017 POLICY 3.

UNIVERSITY OF ILLINOIS AT URBANA-CHAMPAIGN

Evaluation of a Firm s Compliance with 2011 Yellow Book Independence Requirements Related to Nonaudit Services

Standard on Assurance Engagements ASAE 3500 Performance Engagements

Effective implementation of COSO s new anti-fraud guidance

ACFE FRAUD PREVENTION CHECK-UP ASSOCIATION OF CERTIFIED FRAUD EXAMINERS

Fraud incident handling management. Meeting the challenges of fraud

Format and organization of GAGAS Auditor preparation of financials is a significant threat to independence 3 party arrangements in government State

WEST CONTRA COSTA UNIFIED SCHOOL DISTRICT

Corporate Compliance Plan

ABS Consulting Group

Utility Debt Securitization Authority

Transcription:

Avoiding Missteps When Fraud is Suspected By Duncan B. Will, CPA/ABV/CFF, CFE Fraud can have a devastating impact on CPAs clients and on CPAs as well if they aren t careful in defining the scope of their services and properly responding when fraud is identified or suspected. But why? Audits are designed to provide reasonable assurance that misstatements will be detected that could have a material effect on the financial statements, whether from errors or fraud. And the objective of a review is to obtain limited assurance that there are no material modifications that should be made to financial statements. Neither engagement is intended to provide absolute assurance, and most traditional CPA services aren t intended to provide any assurance at all. Why then would CPAs be expected to detect fraud resulting from withheld information, misrepresentations or falsified documents? The answer, along with the problem, is expectation. The public believes that CPAs, regardless of the services performed, are the Fraud Police. We re certainly not the Fraud Police the most recent survey by the Association of Certified Fraud Examiners noted only 3.3 percent of occupational frauds were initially detected by external audits while tips and accidents led to the discovery of over half the frauds. i To contain this expectation and to comply with professional standards in many cases, CPAs should obtain written understandings (i.e., engagement letters) that clearly define the client s (or management s) and the CPA s responsibilities for fraud prevention, detection and the communication of related matters before performing services. As many policyholders are aware, CAMICO has a large library of sample engagement letters and clauses. All letters relating to the issuance of financial statements require clients to acknowledge their responsibility for both fraud prevention and detection. Additionally, these letters indicate the CPA will inform the appropriate level of management of any evidence or information that comes to the CPA s attention, during the performance of their engagement, that fraud may have occurred. This language is not only good risk management, but also complies with the AICPA s Auditing Standard titled Consideration of Fraud in a Financial Statement Audit, ii and AR Sections 80 and 90, which address CPAs and their clients responsibilities for fraud prevention and detection in compilation and review engagements, respectively. The client s responsibilities for fraud detection and prevention aren t limited to financial statement engagements. So why not specify these responsibilities in all engagement letters, and not just those mandated by professional standards? Sadly, CPAs and their clients all too often are fixated on limiting the content of their engagement letters to the least amount of text and pages as possible. Fight this urge and the fraud police perception. Whenever tolerable, add engagement letter language indicating it is the client s responsibility to prevent and detect fraud. Our Achilles Heel Avoiding Missteps When Fraud is Suspected Page 1

CPAs want to help. This is a great attribute, but it can also place CPAs at considerable risk. When faced with suspicion that their client may have suffered a fraud, CPAs often want to, and do, come to the rescue. But, do they have the professional competence to do so. In their eagerness to help, do they take due professional care or adequately plan or supervise their response to the fraud? And do CPAs obtain sufficient relevant data to support statements made regarding the alleged fraud? In their eagerness to help, CPAs might not have considered these General Standards. iii All too often, attorneys representing parties impacted by fraud successfully allege that CPAs hurried responses to fraud violated these general standards as well as the independence and objectivity rules. iv Scope, Limits and Acceptance Considerations When faced with this opportunity/dilemma, CPAs should answer the following five questions before taking on this assignment: Will I impair my independence? Am I conflicted out? Do I have the requisite competence? Do I have the necessary experience/qualifications? Will I be digging my own grave? If you are not performing an attest engagement, it won t matter if the engagement impairs your independence, but if you are, then be sure to comply with the AICPA s nonattest services requirements. v CPAs should consider whether their objectivity is impaired before accepting a fraud examination engagement. Can you be objective when evaluating potential fraud that you didn t discover when performing your previous services? To avoid repercussions, CPAs should take care to reduce the likelihood that stakeholders perceive their investigation was not independent, objective or incompetently performed. In order to maintain independence, CPAs performing attest services (e.g. audits or reviews) will normally not participate in investigations. Due to independence impairment issues, forensic accountants should not be the external CPA engaged to perform financial statement services other than compiled financial statements for which they indicate they are NOT independent. Certified Fraud Examiners and CPAs Certified in Financial Forensics have obtained credentials that provide bona fides for operating in this arena. CPAs lacking either credential should seriously consider teaming with those who do, or decline to participate on the team conducting the investigation. If persons performing the fraud investigation work lack the requisite objectivity and competence, their efforts could result in evidence spoliation and a waste of valuable time. CPAs considering this niche are often surprised by the requirements and attributes of particular interest and benefit. vi Initial Response and Recommendations CPAs should take care to avoid allegations that their fraud response is unauthorized or libelous. To do so, they should first obtain sufficient fraud predication of fraud suspicions describing the nature, the background and the basis for the suspicions. They should also establish that fraud suspicions are alleged by others, and should obtain written approval before accessing records or interviewing personnel. If sufficient predicate exists, then CPAs should encourage management to: 1. Remain calm so they can participate in making informed decisions in response, 2. Inform legal counsel (investigations led by counsel preserve available legal privileges), 3. If the allegations pertain to senior management or officers, promptly notify the board of directors, 4. Identify documentation and records to be preserved and protected, Avoiding Missteps When Fraud is Suspected Page 2

5. Share information only with those having the responsibility and skills to respond to the issues (investigations can be hindered by loose lips), 6. Separate facts from concerns and assumptions, 7. Take steps to minimize further losses (e.g., consider changing locks, passwords, combinations, Internet access to financial records), and 8. Consider whether it is wise to restrict duties or place on administrative leave those under suspicion until cleared. Suspected fraudsters often are tempted to destroy or alter evidence. Consequently, it is important to secure records, documentation and other evidence as soon as possible; be sure concerned clients take the requisite precautions to preserve the evidence. Poor decisions made in response to the initial suggestion that a fraud may have occurred can have devastating consequences. A competent, considered approach in response to the justification for a fraud investigation avoids missteps that could compromise the investigation and prosecution. The goals for the initial response should not include a determination of exactly what occurred, or a quantification of any losses. Instead, the response should establish a foundation to assist the entity s management in making effective, prompt decisions to protect the company s finances and reputation. An external CPA s response and suggestions regarding suspicions of fraud should not be influenced by the level of service the CPA was providing before fraud was suspected. Establish a Written Understanding (e.g., Engagement Letter) Whenever the CPA elects to participate in a fraud investigation, the CPA should establish with the client a written understanding that: Defines the scope and limits of the engagement (consultant or expert witness) Indicates services will be performed under the AICPA s Statements on Standards for Consulting Services (which distinguishes the work from any attest service) Indicates services will be directed by client s attorney Requests a retainer Does not describe expected results The Fraud Investigation Properly conducted investigations demonstrate that personnel are treated fairly, but fraud and unethical behavior will not be tolerated by those who are integrity challenged. Presume work will be submitted to a prosecutor; by doing so, you avoid taking shortcuts that could undermine a successful prosecution. Pay particular attention to maintaining the chain of custody of evidence. Be organized. Consider what is to be done, reassess results and implications after performing each step; the ultimate goal is to be able to answer who, why, how, and when the fraud was committed. Outline: 1. Obtain engagement letter Avoiding Missteps When Fraud is Suspected Page 3

2. Plan and organize 3. Gather evidence and data 4. Communicate with stakeholders early and often 5. Assess results 6. Report results and recommendations 7. Consider notifying law enforcement officials, restricting access by suspected fraudsters. Factors to consider: 1. What are the key issues? 2. Who is involved? 3. Who is aware? 4. How pervasive is the fraud? 5. Should outside experts be consulted? 6. Identify records to be collected, preserved and analyzed 7. Collect the data 8. Consider recalling and restating financial statements 9. Who should be informed? Documentation Accurately and timely document work performed this will necessitate: Properly tag and mark documents Work with copies, not originals Be factual Be timely Be concise Omit opinions Interviewing This function should be left to the experts and is too specialized to address in this article. There are a number of books, courses and newsletters on the subject (e.g., see the Association of Certified Fraud Examiners and Hamlet s Mind, www.hamletsmind.com, for newsletters and books on the subject). Computer/Technology Issues Use an expert Consider mirroring Don t turn on or off Don t access files will change metadata Consider all data storage (computers, flash drives, backup tapes, smartphones, the cloud, etc.) Makeup of the fraud investigation team Those participating in the investigation should be independent of the activities, transactions and individuals who could potentially be culpable. Although it is natural to focus suspicions on particular individuals, the CPA should encourage management to go into the investigation with an open mind and to consider more than the obvious. Impact on management and management s responsibilities Avoiding Missteps When Fraud is Suspected Page 4

An organization s willingness to pursue fraud suspicions and to permit thorough inquiries and investigations is a strong sign of management integrity. Also, a proper examination by a qualified independent forensic team will allow the owner and/or management to focus their attention on day-to-day operations. Stakeholders to keep informed: Owners/ management Board of Directors In-house counsel External counsel Forensic investigators Law enforcement (only after obtaining sufficient evidence and consulting with legal counsel) Once fraud suspicions are validated (determined to be founded), the client should be encouraged to notify the appropriate insurance companies in order to avoid compromising any future claims. Fraud Investigation Common Mistakes Not properly documenting work throughout Not securing evidence Overlooking electronic evidence Not using/being an expert Not maintaining chain of custody of evidence Not documenting/communicating exculpatory evidence Practical Fraud Loss Prevention Tips Warn of embezzlement risk Offer internal control assistance Offer two-tiered bank reconciliation services Recognize potential independence and objectivity impairment Encourage clients to require vacations as well as job and task rotation (fraudsters can t take the chance that the evidence of their fraud will surface on someone else s watch) Suggest clients establish fraud/ethics hotlines Encourage clients perform fraud risk assessments (consider discussion leader role) Duncan Will is an accounting and auditing loss prevention specialist with CAMICO (). He responds to CAMICO loss prevention hotline inquiries and speaks to CPA groups on various topics. i The ACFE s 2012 Report to the Nations on Occupational Fraud and Abuse is available for free at http://www.acfe.com/rttn.aspx ii AU Section 316 effective for periods ending through December 14, 2012, and AU-C Section 240, effective for periods ending after December 14, 2012 iii ET Section 201- General Standards iv ET 101 - Independence and ET 102 - Integrity and Objectivity v Interpretation 101-3 Nonattest Services Avoiding Missteps When Fraud is Suspected Page 5

vi http://www.aicpa.org/interestareas/forensicandvaluation/resources/practaidsguidance/downloadabledocument s/forensicaccountingresearchwhitepaper.pdf Avoiding Missteps When Fraud is Suspected Page 6

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback