Question

10-30 (Objectives 10-2, 10-5, 10-8) This problem requires you to access PCAOB Auditing Standards (pcaobus.org) to answer each of the following questions. You can access those standards by viewing content found under the link “Standards.” For each answer, document the paragraph(s) in the relevant standard supporting your answer. Review PCAOB auditing standards related to the auditor’s consideration of fraud in a financial statement audit, to answer questions in parts a. through d. Review PCAOB Auditing Standard No. 12, Identifying and Assessing Risks of Material Misstatement, to answer parts e. and f.

a. You have determined that there is a fraud risk related to the existence and accuracy of inventory. Review the guidance in PCAOB auditing standards to provide examples of auditor responses involving changes to the nature, timing, and extent of audit procedures related to this assessed fraud risk for inventory.

b. What do PCAOB auditing standards say about how the auditor should assess risk related to revenue recognition?

c. What examples of auditor responses to fraud risk related to revenue recognition are provided in PCAOB auditing standards?

d. What kind of documentation is required for the auditor’s consideration of fraud?

e. What kinds of inquiries about fraud risks are required by PCAOB Standard No. 12?

f. How does PCAOB Standard No. 12 define “fraud risk factors”? Do all conditions have to be present for fraud risk to exist?

Answer 1

All the below answers are provided as per the guidelines of PCAOB and its standards.

Answers:-

a. The following are examples of responses to assessed fraud risks involving the nature, timing, and extent of audit procedures:

• Performing procedures at locations on a surprise or unannounced basis, for example, observing inventory on unexpected dates or at unexpected locations or counting cash on a surprise basis.
• Requesting that inventories be counted at the end of the reporting period or on a date closer to period end to minimize the risk of manipulation of balances in the period between the date of completion of the count and the end of the reporting period.
• Making oral inquiries of major customers and suppliers in addition to sending written confirmations, or sending confirmation requests to a specific party within an organization.
• Performing substantive analytical procedures using disaggregated data, for example, comparing gross profit or operating margins by location, line of business, or month to auditor-developed expectations.
• Interviewing personnel involved in activities in areas in which a fraud risk has been identified to obtain their insights about the risk and how controls address the risk.
• If other independent auditors are auditing the financial statements of one or more subsidiaries, divisions, or branches, discussing with them the extent of work that needs to be performed to address the fraud risk resulting from transactions and activities among these components.

b. Since revenue recognition is dependent on the particular facts and circumstances, as well as accounting principles and practices that can vary by industry, the auditor ordinarily will develop auditing procedures based on the auditor's understanding of the entity and its environment, including the composition of revenues, specific attributes of the revenue transactions, and unique industry considerations.

c. If there is an identified fraud risk that involves improper revenue recognition, the auditor also may want to consider:

• Performing substantive analytical procedures relating to revenue using disaggregated data, for example, comparing revenue reported by month and by product line or business segment during the current reporting period with comparable prior periods. Computer-assisted audit techniques may be useful in identifying unusual or unexpected revenue relationships or transactions.
• Confirming with customers certain relevant contract terms and the absence of side agreements, because the appropriate accounting often is influenced by such terms or agreements. For example, acceptance criteria, delivery and payment terms, the absence of future or continuing vendor obligations, the right to return the product, guaranteed resale amounts, and cancellation or refund provisions often are relevant in such circumstances.
• Inquiring of the entity's sales and marketing personnel or in-house legal counsel regarding sales or shipments near the end of the period and their knowledge of any unusual terms or conditions associated with these transactions.
• Being physically present at one or more locations at period end to observe goods being shipped or being readied for shipment (or returns awaiting processing) and performing other appropriate sales and inventory cutoff procedures.
• For those situations for which revenue transactions are electronically initiated, processed, and recorded, testing controls to determine whether they provide assurance that recorded revenue transactions occurred and are properly recorded.

d. The auditor should document the following for consideration of fraud:

• The discussion among engagement personnel in planning the audit regarding the susceptibility of the entity's financial statements to material misstatement due to fraud, including how and when the discussion occurred, the audit team members who participated, and the subject matter discussed
• The procedures performed to obtain information necessary to identify and assess the fraud risks
• The fraud risks that were identified at the financial statement and assertion levels, and the linkage of those risks to the auditor's response
• If the auditor has not identified in a particular circumstance, improper revenue recognition as a fraud risk, the reasons supporting the auditor's conclusion
• The results of the procedures performed to address the assessed fraud risks, including those procedures performed to further address the risk of management override of controls
• Other conditions and analytical relationships that caused the auditor to believe that additional auditing procedures or other responses were required and any further responses the auditor concluded were appropriate, to address such risks or other conditions
• The nature of the communications about fraud made to management, the audit committee, and others.

e. The auditor's inquiries regarding fraud risks, according to PCAOB Standard 12, should include the following:

• Inquiries of management regarding:

(1)	Whether management has knowledge of fraud, alleged fraud, or suspected fraud affecting the company;
(2)	Management's process for identifying and responding to fraud risks in the company, including any specific fraud risks the company has identified or account balances or disclosures for which a fraud risk is likely to exist, and the nature, extent, and frequency of management's fraud risk assessment process;
(3)	Controls that the company has established to address fraud risks the company has identified, or that otherwise help to prevent and detect fraud, including how management monitors those controls;
(4)	For a company with multiple locations (a) the nature and extent of monitoring of operating locations or business segments and (b) whether there are particular operating locations or business segments for which a fraud risk might be more likely to exist;
(5)	Whether and how management communicates to employees its views on business practices and ethical behavior;
(6)	Whether management has received tips or complaints regarding the company's financial reporting (including those received through the audit committee's internal whistleblower program, if such program exists) and, if so, management's responses to such tips and complaints;
(7)	Whether management has reported to the audit committee on how the company's internal control serves to prevent and detect material misstatements due to fraud; and
(8)	Whether the company has entered into any significant unusual transactions and, if so, the nature, terms, and business purpose (or the lack thereof) of those transactions and whether such transactions involved related parties.

• Inquiries of the audit committee, or equivalent, or its chair regarding:

(1)	The audit committee's views about fraud risks in the company;
(2)	Whether the audit committee has knowledge of fraud, alleged fraud, or suspected fraud affecting the company;
(3)	Whether the audit committee is aware of tips or complaints regarding the company's financial reporting (including those received through the audit committee's internal whistleblower program, if such program exists) and, if so, the audit committee's responses to such tips and complaints;
(4)	How the audit committee exercises oversight of the company's assessment of fraud risks and the establishment of controls to address fraud risks; and
(5)	Whether the company has entered into any significant unusual transactions.

• If the company has an internal audit function, inquiries of appropriate internal audit personnel regarding:

(1)	The internal auditors' views about fraud risks in the company;
(2)	Whether the internal auditors have knowledge of fraud, alleged fraud, or suspected fraud affecting the company;
(3)	Whether internal auditors have performed procedures to identify or detect fraud during the year, and whether management has satisfactorily responded to the findings resulting from those procedures;
(4)	Whether internal auditors are aware of instances of management override of controls and the nature and circumstances of such overrides; and
(5)	Whether the company has entered into any significant unusual transactions.

In addition to the inquiries listed above, the auditor should inquire of others within the company about their views regarding fraud risks, including, in particular, whether they have knowledge of fraud, alleged fraud, or suspected fraud. The auditor should identify other individuals within the company to whom inquiries should be directed and determine the extent of such inquiries by considering whether others in the company might have additional knowledge about fraud, alleged fraud, or suspected fraud or might be able to corroborate fraud risks identified in discussions with management or the audit committee. Examples of other individuals within the company to whom inquiries might be directed include:

• Employees with varying levels of authority within the company, including, e.g., company personnel with whom the auditor comes into contact during the course of the audit (a) in obtaining an understanding of internal control, (b) in observing inventory or performing cutoff procedures, or (c) in obtaining explanations for significant differences identified when performing analytical procedures;
• Operating personnel not directly involved in the financial reporting process;
• Employees involved in initiating, recording, or processing complex or unusual transactions, e.g., a sales transaction with multiple elements, a significant unusual transaction, or a significant related party transaction; and
• In-house legal counsel.

f. According to PCAOB Standard 12, fraud risk factors can be defined as:-

Fraud risk factors are events or conditions that indicate (1) an incentive or pressure to perpetrate fraud, (2) an opportunity to carry out the fraud, or (3) an attitude or rationalization that justifies the fraudulent action.

All three conditions discussed above are not required to be observed or evident to conclude that a fraud risk exists. The auditor might conclude that a fraud risk exists even when only one of these three conditions is present.