by Glenn Cheney
New York - The Auditing Standards Board of the American Institute of CPAs has issued a proposed standard on fraud detection that replaces and expands on the current standard, SAS 82.
Experts in the field welcome the stronger requirements, but warn that for auditors to be highly effective at detecting and deterring fraud, they must make even greater efforts to look for the crime that is, by definition, conducted secretly.
"This is an excellent step in the right direction," said Charles Landes, AICPA director of audit and attestation. "It provides more specific guidance for the detection of material misstatement caused by fraud."
Landes recognized that auditors who follow the proposed guidelines, with the best of intentions, are not necessarily going to detect all fraud. The proposal called, "Consideration of Fraud in a Financial Statement Audit," is part of an ongoing project of continuous improvement. He also advised the entire accounting profession that the focus must be more on deterrence and that management, audit committees and regulators must get involved.
Joseph Wells, chair and chief executive officer of the Association of Certified Fraud Examiners, contributed to the research and writing of the proposal. He praised the proposal for its description of the characteristics of fraud and its requirement that auditors "brainstorm" on fraud risks before beginning an engagement and then proactively ask management and employees the "tough questions" that can turn up signs of fraud.
"I am convinced that auditors who carefully review and apply the information in this standard will catch more fraud than those who don’t," Wells said from his association headquarters in Austin, Texas. "But it won’t catch them all. At a time when the profession is under the gun, the most important thing is to restore public confidence. Although I think the improved standard will bring additional lawsuits, anything the auditor can do to improve his or her ability to detect or deter fraud will ultimately bring positive results."
According to an ACFE study, "Report to the Nation on Occupational Fraud and Abuse," which was released at the end of March, the rate of occupational fraud and abuse has not risen in the last six years. The report estimates that the total damage to the United States economy caused by fraud totals about $600 billion a year. That figure includes all associated costs of investigation, litigation prosecution, incarceration and lost profits and wages. In 1996, the estimate was $400 billion, but the additional $3 trillion in current gross domestic product made up the difference. The most expensive frauds detailed in the report are financial statement manipulations, that’s mean loss is $4.5 million.
The AICPA proposed standard is the result of discussions with the now-defunct Public Oversight Board and international standard-setters. In researching the standard, the ASB found that, while auditors reacted appropriately to increased fraud risk by expanding tests and using more experienced staff on engagements, the results were mixed on whether auditors changed the nature of their procedures when looking for fraud.
The research found that much fraud takes the form of fictitious entries made by overriding management controls. The new standard, therefore, mandates that all audits of public companies include a search for evidence of overrides.
The standard, if approved will, go into effect for audits of periods beginning on or after Dec. 31, 2002. It also called for greater questioning of management regarding their awareness of allegations of fraud, their understanding about the risks of fraud and the controls they have established to mitigate the risks of fraud. Similar questions would be directed to audit committees and internal auditors. The audit team is to exchange ideas about where financial statements may be susceptible to fraud.
Wells pointed out that though the standard will be an improvement over the existing SAS 82, it still provides only the most general assurance about fraud. Complete audits for fraud, he said, can be very expensive as specially trained auditors pick through the corporate haystack in search of carefully hidden needles.
"In any large, complex company, the auditors are completely at the mercy of honest clients because hiding fraud is not that difficult for insiders," Wells said. "If the auditors suspect a needle in the haystack, they can turn over every straw until they find it. But who is going to pay for this, the haystack itself? That is the current situation. Fraud, unlike any other crime, is stealth and concealment beneath it all. Detection cannot, by definition, be foolproof."
Grace B. Ghezzi, CPA, CFE, partner in charge of fraud and litigation at Green & Seifter CPAs, says the standard is "a big step in terms of recognition of the [fraud detection] profession but only a small step toward solving the problem." The solution, she says, would be in better education of auditors.
"It’s good that the standard addresses the issue of guidance, but it isn’t a failsafe answer," Ghezzi said. "It’s a start ... It’s good that the focus is back on the issue of fraud, but what’s wrong with it is that it relies so heavily on management inquiry, which isn’t going to do it. I’m sorry."
The exposure draft can be seen at
Public comments are due by May 31.
