Auditing - The Pros and The Cons_ by gjmpzlaezgx

VIEWS: 25 PAGES: 176


Auditing: Complying with the
11 Most Dangerous Standards
                               Gary Zeune, CPA
                          The Pros & The Cons
                  10356 Wellington Blvd, Suite D
                              Powell, OH 43065
                        Phone      614-761-8911
                        Fax        206-202-0880
These materials were developed by Gary D. Zeune.
          Required Legal Stuff
     The following policies govern their use:
1.   These materials are intended for use in group study situations and
     were not developed for self study or reference uses. These materials
     are copyrighted. Reproduction of the manual or any portion of it is prohibited unless
     written permission has been obtained from Gary D. Zeune.
2.   These materials were prepared solely for the purpose of continuing professional
     education. They are distributed with the understanding that Gary Zeune is not engaged
     in rendering legal, accounting, or other professional services. If legal advice or other
     expert assistance is required, the services of a competent professional should be
3.   Participants are advised that the Statement on Standards for Formal Continuing
     Education (CPE) Programs places responsibility on both the individual participant and
     the program sponsor to maintain a record of attendance at a CPE program.
4.   The information the participant should keep on each program is (a) sponsor's name,
     (b) title and/or description of content, (c) date(s) of the program, (d) location, (e)
     number of CPE contact hours. This information is found in the printed program for most
     courses or conferences and/or in a CPE attendance record form. Either or both of these
     documents should be kept for an appropriate period to enable regular periodic
     reporting to jurisdictional board(s) and to professional organizations requiring such
Auditing: 11 Dangerous Standards                                                          2
         Manual Posted Online

This manual is posted at
It can be viewed and printed but not
downloaded, edited or saved on your computer.

Auditing: 11 Dangerous Standards                3
          Free: Leading Edge
          Information Every Week

  Stay up to date with Mr. Zeune's free electronic

  Send an email with
  SUBSCRIBE FRAUD in the subject line and include
  your email address in the body.

  There is no cost and you can unsubscribe at any time.

                             “Just wanted to let you know that I appreciate being
                             on your distribution list. I have found that there are
                             many items that you refer to me that are helpful.”
                             . . .Mike McGlynn
Auditing: 11 Dangerous Standards                                                      4
          11 Dangerous Auditing Standards
   SAS 102               Defining Professional Requirements
   SAS 1                 Training, Proficiency, and Independence
   SAS 45                Related Parties
   SAS 54                Illegal Acts by Clients
   SAS 56                Analytical Procedures
   SAS 57                Auditing Accounting Estimates
   SAS 59                Consideration of Going Concern
   SAS 67                The Confirmation Process
   SAS 85                Management Representations
   SAS 99                Consideration of Fraud in a Financial Statement Audit
   SAS 103               Audit Documentation

Auditing: 11 Dangerous Standards                                                 5
          Bank President

Auditing: 11 Dangerous Standards   6
          Where Danger Comes From…….

    “The vast majority [at 90% where the
    potential damages exceed $10 million] of
    serious cases brought against accounting
    firms allege failures to comply with generally
    accepted auditing standards,” Accountants‟
    Liability, Practising Law Institute, Goldwasser,
    Arnold & Eickemeyer. Dan is past chair of the
    firm's Professional Liability Litigation Practice        Dan Goldwasser
    Group and has defended professionals                      212-407-7710
    in 200 liability cases.

Auditing: 11 Dangerous Standards                                        7
          Are You Protected?
  Question: If you miss a material fraud, get sued, and
    can show with a parade of experts that you
    performed a GAAS audit, that you put all the check
    marks in all the right boxes, is the jury bound to find
    you not liable?

                                   Yes   No

  Why?                           GAAP and GAAS do
                               NOT have the weight of law.

Auditing: 11 Dangerous Standards                              8
          Expectation Gap Danger

                                   Judges, juries, SEC  MIN

                                             Auditors  MAX

Auditing: 11 Dangerous Standards                               9
          GAAP + GAAS Not Good Enough

 1. Liability requires scienter
 2. Scienter = intentional or reckless conduct evincing a
    deliberate disregard for the consequences
 3. “Good soldier” defense doesn‟t work
 4. Failure to follow firm‟s _____________________ often
                                professional standards
    evidence of scienter

Auditing: 11 Dangerous Standards                            10
          GAAP + GAAS Not Good Enough

 1. SEC v. Arthur Young…..Court of Appeals held for the
    firm since it fulfilled its professional obligations by
    complying with GAAS. BUT, the court noted that
       compliance with GAAP would not immunize an
       accountant who consciously does not disclose a known
       material fact.

Auditing: 11 Dangerous Standards                              11
          Looking the Other Way
 Willful             A person tries to avoid knowing something
 blindness           that will incriminate him. Defendant “knows”
                     anyway because of the high probability of its
 Deliberate          People who, recognizing the likelihood of
 ignorance           wrongdoing, consciously refuse to take
                     basic steps to discern the truth.
 Conscience If a defendant claims a lack of knowledge,
 avoidance and the facts suggest a conscious course to
            avoid learning the truth, then the defendant
            may be charged with knowledge.
 “Good                           following orders
                     “I was just _________________,”
 soldier”                      work            You‟re a CPA
                     doesn‟t _________. WHY ________________.
Auditing: 11 Dangerous Standards                                     12
          “I Didn‟t Know” Doesn‟t Work

                                    Buford Yates, Dir Gen Acctg
                                    1 year + a day                   Scott Sullivan
Bernie Ebbers CEO
                                                                     CFO 5 years
Supreme Court refused to
hear appeal of 25 year
sentence, 3/5/07

Andersen conviction is
overturned but settles                                            David Myers
for $65 million                    Betty Vinson 5 months
                                                                  Controller 1 year
                                   Troy Norman 3 yrs probation
Auditing: 11 Dangerous Standards                                                      13
          Average Size of Claims
          by Engagement Type





   Write up/Bookkeeping


          Executor Trustee



                                    0   50   100   150   200   250   300   350   400

        Camico Insurance

Auditing: 11 Dangerous Standards                                                       14
          Frequency & Severity of
          Audit Claims by Loss


         Adverse Financial: Personal

         Adverse Financial: Business

    Adverse Financial: Sale/Purchase

  Adverse Financial: Business Failure



                                        0   10     20         30        40   50
                                                 Severity   Frequency

Auditing: 11 Dangerous Standards                                                  15
          Significant Claims
          (over $100,000)


                            Tax Loss

                       Fee Disputes

                Creditor Decisions

     Adverse Financial: Personal

    Adverse Financial: Business


                                           0   5   10   15    20   25     30   35

                                                   Severity   Frequency

Auditing: 11 Dangerous Standards                                                    16
          Non-public Audit Claims by Cause of Loss

     A Perspective on Audit Malpractice Claims, J of A, Sept 2002

Auditing: 11 Dangerous Standards                                    17
          Non-public Audit Claims by Client Industry

    A Perspective on Audit Malpractice Claims, J of A, Sept 2002
Auditing: 11 Dangerous Standards                                   18
          Newspaper Materiality

    A little number is material when it
     gets you or your company or firm
     on the front page of the paper.

Auditing: 11 Dangerous Standards           19
          Little Numbers That Are Material

    Bank loan covenant requires minimum income               $1,000,000
    1st pass at income                                         $980,000
    Reduced bad debt expense                                   +$31,000
    Income                                                   $1,011,000

   Company                                                       Firm
                               Goes       Bank sues
   gets clean                                                 „conspired‟
    opinion                                                      with

                                                   SIGNIFICANT EVENT
 Little numbers are material if they accomplish a _________________________

Auditing: 11 Dangerous Standards                                              20

 What used to be OK
 isn‟t any longer….

  Is it ethical to allow
     clients or your
    company to take
 immaterial but illegal
    tax deductions?

Auditing: 11 Dangerous Standards   21
        How Can This Happen

   Suppose it’s June 2001. . . .

   Question: Can a handful of people in a Big-5 firm take the
   entire firm down over 1 audit client?

            ABSOLUTELY NOT
   Answer: __________________

Auditing: 11 Dangerous Standards                                22
          Andersen Fatal Flaw

   1. Professional Standards Group

   2. Engagement partners could override PSG

Auditing: 11 Dangerous Standards               23
          Accountants Under Fire
  For decades the accounting profession basked in the highest kind of
  public confidence. Now all at once there are more than 50 major
  lawsuits pending against the big public accounting firms, charging
  irregularities and negligence in preparing earnings reports and other
  financial statements. With equal suddenness a barrage of public criticism
  has landed on the profession for its highly flexible "generally accepted
  accounting principles." Perhaps most worrisome of all to the CPAs and to
  the management that employ them, the Securities & Exchange Commission
  has been issuing thinly disguised threats to take unilateral action if the
  accountants themselves do not quickly tighten up their rules.

  Under the present accounting rules, there is a very fine line between
  "maximizing" and plain, old-fashioned, manipulation.

  FORBES, May 15, 19_____

Auditing: 11 Dangerous Standards                                               24
          The “Enron” Effect

   1. Pre-Enron – It doesn‟t say I can‟t do this.
   2. Post-Enron – Show me where it says it‟s
      ___ to do this.

Auditing: 11 Dangerous Standards                    25
          Right vs. Right

Auditing: 11 Dangerous Standards   26
          Auditing Standards Overview

   1. Two broad categories
      1. Practice standards
      2. Ethical standards
   2. Violations of practice standards are ethical violations
   3. AICPA and societies Codes of Conduct are broad
      1. Delineated by rules
          1. Explained by interpretations
              1. Supported by various committees

Auditing: 11 Dangerous Standards                                27
          10 Auditing Standards
   10 auditing standards, all other pronouncements are SASs

   3 “General” Standards
   1. Training and proficiency
   2. Independence
   3. Due professional care

   3 Standards of Field Work
   4. Planning and supervision
   5. Internal controls
   6. Competent evidential matter

Auditing: 11 Dangerous Standards                              28
          10 Auditing Standards

   4 Standards of Reporting
   1. Compliance with GAAP
   2. GAAP consistency
   3. Disclosures
   4. Opinion or not

Auditing: 11 Dangerous Standards   29
          How We Got Here

   1.    Auditing procedures were „unofficial‟ through 1930‟s
   2.    1930‟s Statement on Auditing Procedures (SAPs)
   3.    1963 SAPs codified into SAP 33
   4.    1972 Auditing Standards Executive Committee SAS 1
   5.    AudSec replaced by Auditing Standards Board (ASB)
   6.    1972 - 1995 ASB only authoritative statement issuer
   7.    Broad pronouncements, not detailed procedures

Auditing: 11 Dangerous Standards                                30
          How We Got Here

   What do all these laws have in common………..
   1. Private Securities Litigation Act of 1995
   2. FDIC Improvement Act of 1991
   3. Sarbanes-Oxley 2002
                                            set auditing standards
   4. They permit SEC, FDIC, PCAOB to ______________
   5. Enron, WorldCom, etc., exposed weaknesses in self-
      regulation resulted in PCAOB setting audit standards
   6. 1997 SEC + ASB = Independence Standards Board
   7. Broad pronouncements gave way to specific
      guidance (SAS 99)
Auditing: 11 Dangerous Standards                               31
          At the END of EVERY Auditing Standard

     Note: Statements on Auditing Standards are issued by
     the Auditing Standards Board, the senior technical body
     of the Institute designated to issue pronouncements on
     auditing matters. Rule 202, Compliance With Standards,
     of the Institute‟s Code of Professional Conduct requires
     compliance with these standards in an audit of a non-

          This requirement to comply may be the most
          important paragraph in an auditing standard. If so,
                                         AT THE BEGINNING
          where else could it be located _________________.
Auditing: 11 Dangerous Standards                                32
          SAS 102: Defining Professional Requirements
          In Statements On Auditing Standards
   1.    MUST = Unconditional requirements – The auditor or practitioner is
         required to comply with an unconditional requirement in all cases in
         which the circumstances exist to which the unconditional requirement
   2.    SHOULD =Presumptively mandatory requirements – The auditor or
         practitioner is also required to comply with a presumptively
         mandatory requirement in all cases in which the circumstances exist
         to which the presumptively mandatory requirement applies; however,
         in rare circumstances the auditor or practitioner may depart from a
         presumptively mandatory requirement provided he or she documents
         the justification for departure and how alternative procedures
         performed in the circumstances were sufficient to achieve the
         objectives of the presumptively mandatory requirement.
   3.    Effective upon issuance December 2005

                     Review EVERY audit
         Tip _____________________________________________

                   program for compliance.
Auditing: 11 Dangerous Standards                                                33
          SAS 1 Training and Proficiency

    The first general standard is:

    The audit is to be performed by a person or persons
    having adequate technical training and proficiency as
    an auditor.

Auditing: 11 Dangerous Standards                            34
          SAS 1 Training and Proficiency
     Danger                            How do you comply???
     Cannot meet the requirements
     without proper education and
     MUST undergo training adequate
     to meet the requirements of a
     MUST study, understand and
     apply new pronouncements.

     Ability to consider objectively
     and exercise independent
Auditing: 11 Dangerous Standards                              35
          SAS 1 Independence

     The second general standard is:

     In all matters relating to the
     assignment, an independence in
     mental attitude is to be
     maintained by the auditor or

Auditing: 11 Dangerous Standards                 36
          SAS 1 Independence
     Danger                                 How do you comply???
     MUST be without bias…for
     dependability of his findings…
     not a prosecutor but judicial
     impartiality and an obligation for
     fairness on those who rely.
     To be independent, MUST be
     intellectually honest.

     To be recognized as independent
     MUST be free from any
     obligation to or interest in client,
     management or owners.

Auditing: 11 Dangerous Standards                                   37
          SAS 1 Independence
     Danger                               How do you comply???
     Should avoid situations that may
     lead outsiders to doubt their
     Code of Conduct has precepts to
     guard against presumption of
     loss of independence.
     Should administer practice
     within the spirit of the precepts.

Auditing: 11 Dangerous Standards                                 38
          Conflicts in Audits

  Want to trust                    MUST be skeptical
  Keep happy client                    Be persistent
  It‟s an error                            It‟s fraud
  Make a profit                       More evidence
  Who pays                                     ?????
Auditing: 11 Dangerous Standards                        39
          SAS 1 Independence Lawsuit
     Facts            Construction company. President resigned. Cash flow.
                      Auditor gave OK for very low bids and to overestimate
                      % of completion because mgt wanted to improve FS.
                      Issued clean opinion.
     Issues           Client bankrupt. 2 banks and 2 bonding companies
                      sued claiming firm not independent thus motivated to
                      allow client to manipulate the FS.
     Resolution       Settled for more $2 million.
     Thoughts         Extreme but clients go „opinion shopping‟. Subordinate
                      your judgment and your future is tied to the client‟s.
                      Such a client will sacrifice the firm. Resolve and
                      document all independence issues BEFORE starting.

Auditing: 11 Dangerous Standards                                               40
          2006 Pulitzer Prizes in Journalism
   WSJ                Stock-option scandals
   Birmingham         Exposed cronyism and corruption in Alabama‟s two-
   News               year college system.
   Miami              Waste, favoritism and lack of oversight at Miami
   Herald             housing agency
   WSJ                Adverse impact of China‟s booming capitalism on
                      conditions ranging from inequality and pollution.
   NY Daily           Editorials on behalf of ailing ground zero workers.

        Compliance Tip: Would the media uncover/write these
        stories if they were paid by the subject entity? Y N
Auditing: 11 Dangerous Standards                                            41
  Mr. XXXXX, CPA, caused his firm not to be independent in
    an audit of a client in that he obtained a home equity
       SAS 1 Independence Case
    loan from a subsidiary of this audit client while he was
    participating on the audit engagement of another
    subsidiary of the audit client.
  William XXXXX agrees as follows:
  • To waive his rights to a hearing.
  • To neither admit nor deny the above specified
  • To comply immediately with professional standards.
  • To a six month suspension from the AICPA and
  • To complete “Professional Ethics: The AICPA‟s
    Comprehensive Course” with a grade of 90% or more.

Auditing: 11 Dangerous Standards                               42
          SAS 1 Independence Compliance Tips

   1. It‟s nearly impossible to be truly objective/unbiased
      when you have a vested interest in the outcome
   2. Examples……Kids…….Driving
   3. What vested interest do auditors have ___________
                                                GETTING PAID
   4. List a control you have to assure independence
       _______________________________
          Do you have a disclosure statement?

Auditing: 11 Dangerous Standards                               43
          SAS 45 Related Parties

     Procedures that should be considered……to identify
     related party relationships and transactions and to
     satisfy himself concerning the required financial
     statement accounting and disclosure. The procedures
     set forth should not be considered all-inclusive. Also,
     not all of them may be required in every audit.

     Accounting usually same as for non-RPTs but be aware
     substance may be substantially different than the legal
     form so focus is on disclosure.

Auditing: 11 Dangerous Standards                               44
          RPT Examples in SAS 45

   1. Borrowing or lending on terms significantly different
      than market conditions warrant.
   2. Selling real estate at a price significantly different
      than it‟s appraised value.
   3. Exchanging property for similar property in a non-
      monetary transaction.
   4. Making loans with no scheduled terms for when or
      how the funds will be repaid.

Auditing: 11 Dangerous Standards                               45
          SAS 45 Audit Procedures

   1. SHOULD be aware of the possible existence of RPT
   2. If relationship is material, requires disclosure even if
      _______ transactions (FASB 57)
   3. SHOULD understand
       Management responsibilities
       Relationship of each entity component
       Controls and business purpose
       Business style and structure are deliberately used
          to obscure RPTs
    SAS 45 .04 - .05

Auditing: 11 Dangerous Standards                                 46
          SAS 45 Audit Procedures

   Danger                                    How do you comply???
   Lack of working capital or credit
   Need for favorable earnings
   Overly optimistic earnings forecast
   Single or few products, customers, etc.
   Declining industry
   Excess capacity
   Significant litigation (esp. owner/mgt)
   Significant obsolescence danger
Auditing: 11 Dangerous Standards                                    47
          SAS 45 Determining Existence

   1. SHOULD place emphasis on testing material
      transactions with known RPTs
   2. Common RPTs….
      1. Parent-subsidiary
      2. Investor-investee

 SAS 45 .07

Auditing: 11 Dangerous Standards                  48
          SAS 45 Look for Unknown RPs

   Danger                                     How do you comply???
   Company procedures to ID/acct for
   Request names and transactions

   SEC and other filings

   Pension and other trusts
   Review stockholder lists
   Review prior year‟s work papers
   Predecessor, principal or other auditors
   Review material investments
Auditing: 11 Dangerous Standards          SAS 45 .07                 49
          SAS 45 Identify RP Transactions

   Danger                                  How do you comply???
   Provide staff known RPs so they can??
   Board/committee minutes
   Conflict-of-interest statements
   Extent/nature of transactions with

   SAS 45 .08

Auditing: 11 Dangerous Standards                                  50
          SAS 45 Identify RP Transactions

   Danger                                  How do you comply???
   Transactions not properly accounted
   transactions or balances near _______
   Law firm invoices
   Loans receivable and payable

   SAS 45 .08

Auditing: 11 Dangerous Standards                                  51
          SAS 45 Examining RP Transactions

   Danger                                   How do you comply???
   Obtain and evaluate sufficient
   competent evidential matter and
   should extend beyond inquiry of
   Confirm with and inspect evidence held
         other parties
   by _____________________
   Public information
   Collectibility of balances

Auditing: 11 Dangerous Standards     SAS 45 .09                    52
          Related Party Audit Failure
     Facts            Audits of 3 years of rapidly growing construction
                      company, cash flow, bankruptcy, collected on
                      completion bonds. Controller took undisclosed loans.
                      Firm didn‟t train staff to search for RPTs.
     Issues           Sued for $2 million. Bank and bond company
                      extended credit and bond in reliance on AFS.
     Resolution           1 million
                      $ ____________
     Thoughts         3 critical failures caused firm to settle
                      1. Recognize high-risk client with potent plaintiffs
                      2. Design audit program to detect undisclosed loans
                      3. Supervise inexperienced staff

Auditing: 11 Dangerous Standards                                             53
          SAS 45 Related Party Thoughts

   1. Written representations before beginning field work
                 Test management integrity
   2. WHY _____________________________________
   3. If undisclosed material RPTs are discovered ask
       What else hasn‟t been ______________
                                             only one(s)
       What are the odds this/these is/are __________
    Higher risk for management RPT assertions
    Extreme risk  should you audit the entity on the
        other side of RPT

Auditing: 11 Dangerous Standards                            54
          SAS 54

       Illegal Acts
       by Clients

Auditing: 11 Dangerous Standards   55
          SAS 54 Where It Came From

                                             political contributions
   1. Watergate investigations  illegal ___________
                                             government officials
   2. Which uncovered illegal payments to ____________
   3. Commission on Auditor‟s Responsibilities (Cohen
      Commission) resulted in SAS 17 in ______
   4. SAS 17 introduced……..
                                                   tax evasion
       Auditors experts on some illegal acts _______
       In planning/conducting engagement, auditors
         consider illegal acts that have a direct and
         material effect on the financial statements
       Did not require affirmative detection procedures

Auditing: 11 Dangerous Standards                                56
          SAS 54 Definitions

   1. Violations of laws or governmental regulations
   2. Two types for audits
       Direct and material effect on financial statements
       Other illegal acts that are indirect/operational
   3. By the entity/management/employees for the entity
   4. Does NOT include personal misconduct unrelated to
      their business activities
      If someone will cheat on his/her spouse, what
      makes you think they won‟t _______________
                                   COOK THE BOOKS

Auditing: 11 Dangerous Standards                             57
          SAS 54 Judgment and AFS

   1. Normally beyond auditor‟s expertise but may
      recognize acts that may be illegal but ask an ______
   2. More remote act is from AFS less likely auditor will
      become aware or recognize
   3. Act‟s legality relative to the audit, not legality per se
   4. OTHER illegal acts have indirect effect: securities,
      OSHA, FDA, EPA, EEOC, price-fixing, antitrust
   5. Indirect effect usually disclose contingent liability
   6. Usually unaware unless informed or see evidence

Auditing: 11 Dangerous Standards                                  58
          SAS 54 OTHER Illegal Acts

   1. SHOULD be aware of the possibility that such
      OTHER illegal acts may have occurred
   2. Auditor is responsible when
       Aware of specific information
       Material indirect effect
       SHOULD determine if illegal act has occurred
   3. GAAS audit provides no assurance other illegal acts
      will be detected or contingent liability disclosed

    SAS 54 .07

Auditing: 11 Dangerous Standards                            59
          SAS 54 Where to Look

   1. GAAS procedures that might indicate illegal acts….
      reading minutes, ask management and legal
      counsel, claims and assessments, testing
      transactions and balances, and get rep letter.
      No further work unless have specific information.

         Ignoring an act or letting client convince you that an
         act isn‟t _________.

      SAS 54 .08

Auditing: 11 Dangerous Standards                                  60
          SAS 54 Specific Information
   1. Unauthorized or improperly recorded transactions or
      not timely recorded
   2. Investigation, enforcement, or unusual payments
   3. Violations in regulatory reports made available
   4. Large or multiple small payments for unspecified
      work, usually consultants/affiliates/employees
   5. Excessive commissions or fees
   6. Large cash payments or cashiers checks to bearer
   7. Payments to gov‟t or regulatory employees
   8. Fail to pay or file tax returns or regulatory reports
    SAS 54 .09
Auditing: 11 Dangerous Standards                              61
          SAS 54 Response
   1. Inquire at a level ________ those involved
   2. Not satisfied SHOULD
       Consult client‟s legal counsel (arranged by client)
         or other specialists
   3. Additional procedures
       Are supporting docs ___________ with acct
       Properly authorized
       Confirm with other party
      What are the odds that this illegal transaction/event
         is the ___________________________?
                            only one
Auditing: 11 Dangerous Standards   SAS 54 .10                 62
          SAS 54 AFS Effect

   1. Illegal act has or is likely to have occurred
   2. SHOULD consider quantitative and qualitative effect
   3. “an illegal payment of an otherwise immaterial
      amount could be material if there is a reasonable
      possibility that it could lead to a material contingent
      liability or material loss of revenue” SAS 47
   4. SHOULD consider effect on amounts in AFS
   5. SHOULD evaluate adequacy of disclosure
       Material revenue or relationship from illegal acts

    SAS 54 .13 - .15
Auditing: 11 Dangerous Standards                                63
          SAS 54 Communication

   1. SHOULD consider reliability of mgt representations
   2. Communications with audit committee
       SHOULD determine AC or equivalent is informed
       Not clearly inconsequential acts
       If senior mgt is involved go directly to AC
         SHOULD document oral presentation

    SAS 54 .17

Auditing: 11 Dangerous Standards                           64
          SAS 54 Effect on Opinion

   1. Material and not properly accounted for or disclosed
                        qualified          adverse
      SHOULD issue __________ or ___________
   2. If client prevents obtaining sufficient competent
      evidence SHOULD issue __________
   3. If client refuses to accept the opinion, auditor
      SHOULD __________

   4. What are some of the pressures that make the
      above responses difficult _________________?
   SAS 54 .18 - .21
                           Getting paid, friends, long-time client
Auditing: 11 Dangerous Standards                                     65
          SAS 54 Other Issues….
   1. May conclude withdrawal is necessary… even when
      the illegal act is not material
       Won‟t fix the problem
       Management integrity
       Continuing association
   2. Disclosure to outside parties prohibited except…
       Form 8-K
       Successor auditor                       Talk to YOUR
       Subpoena                                __________
       Government funding requirement

Auditing: 11 Dangerous Standards                               66
          SAS 54 Common Illegal Act

   1. NY state employers cheat workers‟ compensation
      estimated $500 million to $1 billion per _________
   2. 15 to 20% of premiums, Fiscal Policy Institute
   3. 20% estimated by NY State Assn of Ins Agents
   4. Accepted practice due to lack of _______________
   5. Underreport number of _______________________
   6. $389 billion reported to pay unemployment taxes
      but only $311 billion reported for workers‟ comp
   7. Do you have an audit procedure to determine if
      client‟s are cheating workers‟ comp system? Y N
Auditing: 11 Dangerous Standards                           67
          SAS 56

      Analytical Procedures
      January 1, 1989

Auditing: 11 Dangerous Standards   68
          SAS 56 BIG Picture

   1. Requires analytical procedures in planning and
      overall review stages of all audits
   2. Study plausible relationships among both financial
      and nonfinancial data
   3. Relationships are expected to exist and continue
      unless conditions change
   4. Requires knowledge of client and industry

    SAS 56 .01 - .03

Auditing: 11 Dangerous Standards                           69
          SAS 56 Understanding the Client

      What business is Xerox in ______________
                                  COPIER BUSINESS
       1970 The COPIER Company is ______________
      1995 The DOCUMENT Company is ______________
      Early 2000s Xerox nearly went bankrupt
                                   Disruptive Technology
       WHY ________ which is a __________________
      What business is Xerox in ______________________
                                  INFORMATION DISTRIBUTION

   Auditing Tip: Simply adding up the numbers does NOT
     mean you _______________ the business.

Auditing: 11 Dangerous Standards                         70
          Do You Understand
          Your Client‟s Business?

      Do you know what business your client is in?
            Yes No
      What business is your favorite client in___________?
      What are the 3 major reasons your client‟s customers
       do business with your client instead of a competitor?
        2. _____________________________
        3. _____________________________

Auditing: 11 Dangerous Standards                               71
          SAS 56 Analytic Procedures
          Are Used For

   a) Planning the nature, timing and extent of other audit
   b) Substitutive test to obtain evidential matter about
      assertions for account balances or classes of
   c) Overall review in the final review stage
    SHOULD be applied to some extent in a) and c) for ALL

    SAS 56 .04

Auditing: 11 Dangerous Standards                              72
          SAS 56 Analytic Procedures

   1. Compare recorded amounts, or ratios therefrom, to
      expectations developed by identifying and using
      plausible relationships, for example
    Prior periods
    Anticipated results
    Intraperiod relationships
    Industry information, such as gross margin
    Nonfinancial information

    SAS 56 .05

Auditing: 11 Dangerous Standards                          73
          SAS 56 Anticipated Results
          The Hockey Stick
         Lumber Yard
         3-year average sales
         $22 million

                                   Sales at 12/15
                                    $18 million
    Jan                                             Dec

Auditing: 11 Dangerous Standards                          74
          SAS 56 Gross Margin

   1.    Mark Morze, CFO, ZZZZ Best Carpet Cleaning
   2.    Pepperdine University
   3.    Toastmaster Speaking Champion
   4.    Fraud: Ex-Con Tells All Part II
   5.    10,000 phony documents
   6.                                      fake
         $50 million revenue, 86% was _________
   7.                              what’s wrong with this document??
         “If you were my auditor, ____________________.”
   8.    Reported 50 to 60% gross margins, but the industry
         average was _____%.

Auditing: 11 Dangerous Standards                               75
          SAS 56

    Capitol Bank Bldg
Auditing: 11 Dangerous Standards   76
          SAS 56 Gross Margin

   1.    Fraud 5+ years
   2.    Sole practitioner, local firm, Big-8
   3.    E&W WHY ___________________________ the industry
                                   knew the least about
   4.                              the easiest to fool
         E&W would be ________________________
   5.    Failure to understand cost E&W __________
                                             $3 million

   6. Next time you are asked to propose on a client that
      you know little or nothing about the industry, ask
                  WHY are they asking us?

Auditing: 11 Dangerous Standards                            77
          SAS 56 Failure
     Facts            Small toy mfgr. Clean opinion. Next firm found accts
                      payable understated $400k. Sued for $200k, amount
                      of tax overpaid.
     Issues           Client claimed GAAS failure.
     Resolution       Settled for _________________
     Thoughts                                             year-to-year
                      Firm didn‟t compare accts payable _______________,
                      which should have been done during __________

Auditing: 11 Dangerous Standards                                             78
          SAS 56 Trouble

        If a misstatement is suspected, the failure to apply
        analytical procedures and subsequent nondisclosure
        may be so damaging the client made allege gross
        negligence and intentional misconduct resulting in
            treble punitive damages.
                       Accounting, Auditing and Financial Malpractice, Section 17.41

Auditing: 11 Dangerous Standards                                                       79
          SAS 56 Success
     Facts            New large privately-owned bank client. Loan portfolio
                                            stayed about the same
                      doubled but income __________________________.
                      Senior loan officer approved and __________ money.
                      Expanded procedures. Discovered he approved loans
                      to friends, which were in default and _____________.
     Issues           Client alleged negligence, gross negligence,
                      intentional misconduct, and fraud suing for $1.5MM.

     Resolution                      no liability
                      Jury found _______________________.
     Thoughts         Analytic procedures during _____________ violated
                      expectations. Additional procedures uncovered the
                      fraud. What was the expectation ________________.

        Change in loan portfolio = change in portfolio income.
Auditing: 11 Dangerous Standards                                              80
          SAS 57


Auditing: 11 Dangerous Standards   81
          SAS 57

   1. Estimate is an approximation of a financial
      statement element, item, or account
   2. Management is responsible for making the estimate
   3. Auditor is responsible for the reasonableness

   4. Even competent management using relevant and
      reliable data will be biased because they have a
      vested interest in the _____________________.
      When planning and performing procedures, auditor
      SHOULD apply professional ________________.
Auditing: 11 Dangerous Standards                          82
          SAS 57

   1. Risk of material misstatement usually varies
      according to complexity and subjectivity of the
      process, availability and reliability of the data,
      number and significance of the assumptions and
      degree of uncertainty of the assumptions.
   Compliance Tip: Determine if estimate is consistent with
      operational plans by looking at client‟s _______ and
      compare prior estimates to ________.

   SAS 57 .05 last para, .06 e + f

Auditing: 11 Dangerous Standards                              83
          SAS 57 Circumstances
   1. Are all material estimates in the AFS……..
       Method of conducting business
       New accounting pronouncements
       Circumstances of the industry
       Other external factors

   2. How do you stay informed about the client‟s industry
      and external factors so you have a reasonable
      chance of knowing when a change should take
      place? _________________________ publication.
              Read at least one industry trade
    SAS 57 .08

Auditing: 11 Dangerous Standards                             84
          SAS 57 Reasonableness

   1. SHOULD consider client‟s past estimates and
      auditor‟s experience in the industry
   2. SHOULD use one or more of……
       Review and test management‟s process
       Develop an independent expectation
       Review subsequent events or transactions

    If you can‟t develop an independent estimate, then
     on what basis do you know enough to judge the
     reasonableness of _________________________?
                          management‟s estimate
                                   SAS 57 .09
Auditing: 11 Dangerous Standards                          85
          SAS 59

   The Auditor‟s
   Consideration of
   an Entity‟s Ability
   to Continue as a
   Going Concern

Auditing: 11 Dangerous Standards   86
          SAS 59 Responsibility

   1. Continuation is assumed in the absence of
      significant information to the contrary
   2. Responsibility to evaluate whether there is
      substantial doubt as to a going concern for a
                                              one year
      reasonable period, not to exceed ____________
   3. Evaluation of relevant conditions and events existing
      at or prior to completion of the field work
   4. Based on standard audit procedures

    SAS 59 .01 - .02
Auditing: 11 Dangerous Standards                              87
          SAS 59 Responsibility
   1. SHOULD evaluate in the following manner…
       Did procedures identify a substantial doubt
         Additional information
       If substantial doubt SHOULD
         Obtain management plans to mitigate the
            event or condition and
         Assess if plans will work
       If still substantial doubt SHOULD
         Evaluate disclosure
         Include explanatory paragraph
     SAS 59 .03
Auditing: 11 Dangerous Standards                      88
          SAS 59 Responsibility

   1. Not responsible for predicting future conditions or
   2. Ceasing to exist after receiving a clean opinion does
      not indicate inadequate performance
   3. Absence of going concern does not provide
      assurance that entity is a going concern

    SAS 59 .04

Auditing: 11 Dangerous Standards                              89
          SAS 59 Conditions and Events

   Danger                                     How do you comply???
   Negative trends: operating losses,
      WC shortage, adverse key ratios
   Financial difficulties: defaults, trade
   credit, statutory capital shortage,
   seeking financing
   Internal matters: labor, one or few
   projects, uneconomic long-term
   commitments, revise operations
   External matters: lawsuits,
   regulations, franchise, license,
   patent, customer, supplier, insurance
Auditing: 11 Dangerous Standards       SAS 59 .06                    90
          SAS 59 Management Plans

   1. If doubtful about going concern, evaluate
      management plans and determine if they will
      mitigate adverse effects and whether the plans can
      be effectively implemented, including
       Dispose of assets
       Borrow or restructure debt
       Reduce or delay expenditures
       Increase equity

    SAS 59 .07

Auditing: 11 Dangerous Standards                           91
          SAS 59 Management Plans

   2. Obtain evidence for particularly significant elements
       Financing or asset disposal
   3. Is there support for the critical elements of the plan
                          management talk
      or is it just __________________________ giving
      attention to assumptions that are….
       Material to financial information
       Especially sensitive or subject to change
       Inconsistent with historical trends

     SAS 59 .08 - .09

Auditing: 11 Dangerous Standards                               92
          SAS 59 Effects on Opinion
   1. If still doubtful about going concern must include explanatory
      paragraph such as “substantial doubt about its ability to
      continue as a going concern” or similar wording that includes
      “substantial doubt” and “going concern” such as……..
   2. The accompanying financial statements have been prepared
      assuming that the Company will continue as a going concern.
      As discussed in Note X to the financial statements, the
      Company has suffered recurring losses from operations and
      has a net capital deficiency that raise substantial doubt about
      its ability to continue as a going concern. Management's plans
      in regard to these matters are also described in Note X. The
      financial statements do not include any adjustments that might
      result from the outcome of this uncertainty.
    SAS 59 .12 - .13
Auditing: 11 Dangerous Standards                                        93
          SAS 59 Effects on Opinion

   1. If disclosures are inadequate disclaim or qualified
   2. Current period going concern does not mean existed
      in prior period and should not affect that opinion
   3. If prior period going concern doubt has been
      removed, the paragraph should not repeated

    SAS 59 .14 - .16

Auditing: 11 Dangerous Standards                            94
          SAS 59 Documentation

   Auditor SHOULD document all of the following…….
   a. Conditions or events that caused the doubt
   b. Elements of plan to rectify the adverse effects
   c. Audit procedures performed and evidence obtained

     SAS 59 .17

Auditing: 11 Dangerous Standards                         95
          SAS 59 Documentation

   Auditor SHOULD document all of the following…….
   d. Conclusion whether doubt is alleviated
       If doubt remains document effects on AFS and
       If alleviated document need for disclosure of the
         conditions and events that caused the doubt
   e. Conclusion whether to include explanatory
      paragraph and if client disclosure is inadequate
      conclusion to issue a qualified or adverse opinion

     SAS 59 .17
Auditing: 11 Dangerous Standards                            96
          Practical Going-Concern

   1. Clean opinion covers not just the past
      but __________________
                                               12 months
   2. Says „everything will be fine‟ for next __________
   3. How many of you look at next year‟s __________

   4. Going concern situations are very risky. If you are
      dealing with management plans, seriously consider
      engaging _______________________________.
                  turnaround and operational experts

Auditing: 11 Dangerous Standards                            97
          MiniScribe Corporation

Auditing: 11 Dangerous Standards   98
          MiniScribe Corporation

   1.    Business
   2.    Market share
   3.    Fortune 500
   4.    IPO                 2
                                   t P3
                                    k 99
                                     r 8
                                   Sc -0
                                   c 19
                                   oe 1

   5.    IBM
                             2                    o




                               9 9 9 9 9 9 9 9
                               8 8 8 8 8 8 8 9
                                3 4 5 6 7 8 9 0
                               1 1 1 1 1 1 1 1
                             o c g n t ir
                             u o Sa i
                             rc u h nn
                              e ne s S
                             S cn a a c
                                i ngM
                                   i    b

Auditing: 11 Dangerous Standards             99
          MiniScribe Corporation

   1.    Hambrecht & Quist
   2.    Reorganization
   3.    Incentives and bonuses
   4.    New products
   5.    Employees

Auditing: 11 Dangerous Standards   100
          MiniScribe Corporation

   1.    Plants
   2.    Capacity exceeds demand
   3.    Cost per megabyte
   4.    Market growth
   5.    New market entrants

Auditing: 11 Dangerous Standards   101
          Mini-Scribe Financial Ratios
                                   16   15 C g
                                        98  a
                                           h e

        ls                         $4
                                    8 19
                                     8$ .
       r s
       r t
       pi                          $.
                                    6 9 2
                                   2 %2 2

        a                          1.
                                   $48$ .
                                       19 6 %
                                       13  .
       n o
        e y
       Iv tr                       $.
                                    5  22500
                                     1 $. 1.%
        G                           8
                                     0 $.528
                                        3 1.%

        ls  1.
            $48$ .
                19 6 %
                13  .
       A    39
            $.7$.4 4 %
              7 6
                1   7
                 0 1.
       l we
       A ac .3
             7  7
              %.5%2 .%
Auditing: 11 Dangerous Standards                 102
          MiniScribe - Creating Inventory

   1.    Inventory workpapers
   2.    Fictitious inventory in transit
   3.    Receiving raw materials
   4.    Fictitious shipping program __________________
   5.    Scrap inventory
   6.    Inventory tickets
   7.    Ship ahead

Auditing: 11 Dangerous Standards                          103
          MiniScribe Risks

   1.    Loan covenant violation
   2.    Related party transactions
   3.    Dash meetings
   4.    Common knowledge
   5.    Debt reserves

Auditing: 11 Dangerous Standards      104
          MiniScribe Opinions

   1. Overstated net income
      1. 1986 $4.5 million (37%)
      2. 1987 $22 million (244.5%)
      3. 1988 2nd+3rd quarters $31.6 million
   2. What kind of opinions did MiniScribe get _________
                                         going concern,
   3. What kind should it have gotten ________________
       adverse, something other than unqualified

Auditing: 11 Dangerous Standards                           105
          SAS 67


Auditing: 11 Dangerous Standards   106
          SAS 67 The Confirmation Process

   “When evidential matter can be obtained from
   independent sources outside an entity, it provides greater
   assurance of reliability for the purposes of an
   independent audit than that secured solely within the
   entity.“ SAS 67, ¶ .06

         Make sure you‟re really confirming with an
         independent source.

     SAS 67
Auditing: 11 Dangerous Standards                                107
          SAS 67 Audit Risk

   Obtaining and evaluating a direct communication from a
      third party to test management assertions about an
      item in the AFS
   1. Select items
   2. Design the request
   3. Send the request to proper third party
   4. Obtain a response
   5. Evaluate the information, including reliability

    SAS 67 .04

Auditing: 11 Dangerous Standards                            108
          SAS 67 Risk v. Confirmations

   Danger                                   How do you comply???
   Greater risk means greater need for
   substantive tests (eg, confirmations)
   Unusual or complex transactions                         3rd party
                                            Confirm with ____________
   Confirmation isn‟t sufficient (eg, AR)                    cutoff
                                            Perform sales ___________
   Low existence risk of cash in bank       Look at bank statements
   and bank usually doesn‟t reply                         client
                                            provided by ____________

          Because the confirmation process is consistent from
          year to year, it‟s easy to _________________.
  SAS 67 .08
Auditing: 11 Dangerous Standards                                        109
          Sahlen & Associates
   1.    Harold Sahlen starts company in 1980
   2.    Rent-a-guard
   3.    Small IPO in 1984
   4.    Moves company
   5.    Competition
   6.    Undercover investigations
   7.    A/R confirmations
   8.    Public debt offering
   9.    SEC review
   10.   Business trips

                     NEVER Underestimate
   Advice ________________________________
                       Your Opponent
Auditing: 11 Dangerous Standards                110
          CF Foods

                                   Sales in Millions

                  94               95       96         97   98

Auditing: 11 Dangerous Standards                                 111
          CF Foods

   1. David Burry GP managed the private wholesale
      candy distribution company
   2. Promised investors 18-30% returns using his candy
      buying expertise attracting $25 million
   3. 2 types of sales: Sales One and Sales Two
   4. Sales One completely managed by Burry himself
   5. Sales Two was real sales, employees, and inventory

Auditing: 11 Dangerous Standards                           112
          CF Foods

   1. Recorded hundreds of fake transactions in computer
   2. Created fake supporting documents using Sales Two
      making copies for auditors
   3. Gave substantial amounts to churches WHY ______

   4. CF lenders sued churches which had to __________
                                              give money back

   5. Auditors sent confirmations
   6. What % of 1998 sales were real _________
   7. Burry got the confirmations back signed and
      returned them to auditors HOW ___________

Auditing: 11 Dangerous Standards                                  113
          Parmalat Finanziaria
   1. Largest corporate fraud in history __________
                                          $18 Billion
   2. Nov 2003 private offering to repay $187 million
      bonds coming due, D&T lead and GT subsidiaries
   3. Dec 2003 Parmalat had $4.9 Billion cash balance
      (40% of total assets) B of A account
   4. Grant Thornton SpA sent confirmation
   5. March 2003 GT got a reply
                                          $10 Billion
   6. Parmalat sued D&T and GT for _______________
                      $149 Million
   7. D&T settled for _____________ but GT has not
      Fraud lesson: No one asked, if it had $4 Billion in a
      checking account, why the company ____________.
                                            needed $187 million
Auditing: 11 Dangerous Standards                            114
          SAS 67


Auditing: 11 Dangerous Standards   115
          SAS 67 Overview

   1. Required to obtain WRITTEN representations
   2. Representations are audit evidence but are NOT
      substitute for other procedures
   3. Confirm continuing appropriateness and reduce
   4. Procedures + written representations, eg, even if
      other procedures indicate all related party issues are
      properly disclosed SHOULD obtain written
      representations mgt knows of no others
   5. Representations that contradict other evidence
    SAS 67 .01 - .04
Auditing: 11 Dangerous Standards                               116
          SAS 67 Reps SHOULD Include

   Financial Statements
   a. AFS are management‟s responsibility
   b. Management believes AFS are fairly presented

   Completeness of Information
   c. All financial records and data are available
   d. All minutes of meetings
   e. Regulatory agency communications
   f. Absence of unrecorded transactions
    SAS 67 .06
Auditing: 11 Dangerous Standards                     117
          SAS 67 Reps SHOULD Include

   Recognition, Measurement, and Disclosure
   g. Passed adjustments are immaterial and a list is to be
      included or attached
   h. Responsibility for preventing and detecting fraud
   i. Actual or suspected fraud involving management,
      employees or others
   j. Allegations or suspected fraud in communications
   k. Carrying value or classification of assets or liabilities
   l. Transactions and amounts from or to RPTs
    SAS 67 .06
Auditing: 11 Dangerous Standards                                  118
          SAS 67 Reps SHOULD Include

   m.    Written or oral guarantees
   n.    Significant estimates and material concentrations
   o.    Actual or possible violations of laws or regulations
   p.    Probable unasserted claims or assessments per
         client‟s attorney
   q.    Other liabilities and gain or loss contingencies
   r.    Title to assets, liens or encumbrances
   s.    Compliance with contracts affecting the AFS
   t.    Subsequent events
   SAS 67 .06
Auditing: 11 Dangerous Standards                                119
          SAS 67 Reps SHOULD Be Tailored

   To   include business or industry information
   1.   Interim information
   2.   New accounting principle
   3.   Change in principles
   4.   Going concern conditions and management‟s plans
   5.   Specific significant impaired assets
   6.   Variable interest in another entity
   7.   Work of a specialist

   SAS 67 .07
Auditing: 11 Dangerous Standards                          120
            SAS 99

      of Fraud in a
      Statement Audit

Auditing: 11 Dangerous Standards   121
          Fraud Auditing Standards

  1973                  1977        1989          1997          2002
                                   SAS 53       SAS 82        SAS 99

  ZZZZ Best 1987                     REASONABLE ASSURANCE
                   SAS 16
                     NO                     Number of Pages
                 ASSURANCE          18             45             75

    SAS 1                              Increasing details on how to
     NO                              achieve “reasonable assurance.”
Auditing: 11 Dangerous Standards                                       122
          SAS 99 Made Simple

                                   SAS 99 requires
                                   you to audit the

                                       Not just
                                      the books

Auditing: 11 Dangerous Standards                      123
          The Triangle of Fraud
                                          Two kinds of need:
     Trigger                       Need
                                          1. Direct
                                          2. Indirect

        Opportunity                          Rationalization
        Low probability                      Action fits
        of getting caught                    inside code of
Auditing: 11 Dangerous Standards                               124
          Situational Fraud


 5-10%                              Situational   5-10%
                                     Fraud or
 Always                            Embezzlement   Never

Auditing: 11 Dangerous Standards                          125
         SAS 99: Aligns Opinion and GAAS

                                     The auditor has a responsibility
                                     to plan and perform the audit to
    “the financial
                                   obtain reasonable assurance about
     statements               +    whether the financial statements are
    fairly present”
                                      free of material misstatement,
                                    whether caused by error or fraud.”

                              POSITIVE, AFFIRMATIVE,
               =              DUTY TO DETECT FRAUD

Auditing: 11 Dangerous Standards                                      126
          Engagement Letters

   WRONG: “An audit is not designed and cannot be relied
     upon to detect defalcations and similar irregularities.”
   SUGGESTED: “The objective of our audit will be to express
     an opinion on the company‟s financial statements that
     provides reasonable assurance that those statements
     are free of material misstatement, whether caused by
     error or fraud. However, an audit cannot provide
     absolute assurance and a material misstatement may
     remain undetected. Also, an audit is not designed and
     cannot be relied upon to detect error or fraud that is
     immaterial to the financial statements.”
 The Annual Audit Tune-Up, The CPA Journal, December 1997, p. 24
Auditing: 11 Dangerous Standards                                   127
          Your Brain Adjusts
 Aoccdrnig to a rscheearch at Cmabrigde
 Uinervtisy, it deosn't mttaer in waht oredr
 the ltteers in a wrod are, the olny iprmoetnt
 tihng is taht the frist and lsat ltteer be at the
 rghit pclae.

 The rset can be a total mses and you can
 sitll raed it wouthit porbelm. Tihs is bcuseae the huamn mnid deos
 not raed ervey lteter by istlef, but the wrod as a wlohe.

          We See What We Expect to See
 LESSON: _________________________

Auditing: 11 Dangerous Standards                                  128
          Management IS Responsible

   Paragraph 4……………
   "Management is responsible for
   adopting sound accounting policies
   and for establishing and
   maintaining internal control that
   will, among other things, initiate,    __________________
                                            Show this to your
   record, process, and report            __________________
                                         client and banker and
   transactions (as well as events and
   conditions) consistent with
                                         anyone else who will
   management's assertions embodied       __________________
                                            use the financial
   in the financial statements."          __________________

Auditing: 11 Dangerous Standards                             129
          Management IS Responsible
                                   Auditor says:
                                   Improve controls
                                   Segregate duties
                                   Code of conduct
                                   Assure compliance

                                   Client says:
                                   Cost too much
                                   We’ll do it later
                                   I trust my people
                                   Never had a problem

Auditing: 11 Dangerous Standards                         130
          „Trusted‟ worker
          stole $1 million

Auditing: 11 Dangerous Standards   131
          Professional Skepticism
   1. MUST be unbiased
   2. Requires a questioning mind and a
      critical assessment of audit evidence
   3. Possibility of material fraud is ALWAYS
   4. Can NOT be satisfied with less than
      persuasive evidence
   5. Can NOT rely on client‟s past honesty,
      integrity, experience
   6. As a practical matter, what management
      tells you is NOT audit evidence

Auditing: 11 Dangerous Standards                132
          Revenue and Management Override

  41      Revenue recognition is ALWAYS a fraud risk

  42      Management override is ALWAYS a fraud risk
             Adjusting journal entries from unusual sources
             Accounting estimates
             Unusual significant transactions
  51      “it is unlikely that audit risk can be reduced to an appropriately
          low level by performing only tests of controls”

Auditing: 11 Dangerous Standards                                               133
          U. Penn Doctors

   1. Teaching physicians required to be present during a
   2. Records did not justify medical necessity
   3. Evaluation and management codes all upgraded to
      levels 4 and 5

    1                     2        3       4            5
Auditing: 11 Dangerous Standards                            134
          13th S&L

   1. First audit step

   2. The embezzlement

   3. The trial

   4. Advice                       Consistency makes fraud easy
                                    Do something DIFFERENT

Auditing: 11 Dangerous Standards                                  135
                                      Release 2007-001
          PCAOB Inspection Findings


Auditing: 11 Dangerous Standards                   136
                                             Release 2007-001
          PCAOB Inspection Findings

   1. Auditor's Overall Approach to the Detection of
      Financial Fraud
   2. Brainstorming Sessions and Fraud-Related Inquiries
   3. Auditor's Response to Fraud Risk Factors
   4. Financial Statement Misstatements
   5. Risk of Management Override of Controls
   6. Other Areas to Improve Fraud Detection

Auditing: 11 Dangerous Standards                           137
          Auditor's Overall Approach Release 2007-001
             to the Detection of Financial Fraud

   1.    Check off standard audit program
   2.    Senior auditors cannot properly review
   3.    No documentation procedures performed
   4.    Failure to expand procedures
   5.    Mechanical auditing

Auditing: 11 Dangerous Standards                  138
          Brainstorming Sessions       Release 2007-001
          and Response to Risk Factors

   Auditor SHOULD set "aside any prior beliefs the audit
      team members may have that management is
      honest and has integrity.“
   1. No brainstorming sessions
   2. Brainstorming sessions after planning and
      substantive _______________________
   3. Key members of team did not ___________
   4. Not making required _______________
   5. Failure to respond to identified fraud risk factors

Auditing: 11 Dangerous Standards                            139
                                               Release 2007-001
          Financial Statement Misstatements

   Indications of fraud my mean that small amounts are

   1. Failure to calculate planning materiality and/or
      adjustment thresholds
   2. Did not post proposed adjustments
   3. Did not scrutinize significant last minute adjustments
      that offset adjustments by auditors

Auditing: 11 Dangerous Standards                               140
                                             Release 2007-001
          Risk of Management Override

   1. Journal entries override
       Did not assure completeness of all JEs
       Excluded low amount entries
   2. Accounting estimates override
       Failed to test or document tests of assumptions
       Didn‟t recognize all differences increased ______

Auditing: 11 Dangerous Standards                            141
                                              Release 2007-001
          Other Areas to Improve Fraud Detection

   1. Numerous deficiencies in analytic procedures
       Failure to test underlying data
       Failure to disaggregate data
       When used as substantive test failure to
         establish expectations or investigate differences
       Failed to corroborate management‟s explanation
   2. Confirmation procedures
       Failure to obtain alternative evidence when
         positive responses were not received

Auditing: 11 Dangerous Standards                             142
          SAS 103: Audit Documentation

      Issued Dec 2005
      Effective for periods ending on or after Dec 15, 2006
      Supersedes SAS 96
      Prepare audit documentation in sufficient details to
       provide an experienced auditor with NO previous
       connection to the audit a clear understanding of the
       work performed, the evidence obtained and its
       source, and the conclusions reached
      Guidance on matter to document and document

Auditing: 11 Dangerous Standards                               143
          SAS 103: Audit Documentation

      Oral explanations on their own do NOT represent
       sufficient support for the work the auditor performed
       or conclusions reached
         May be used to clarify or explain documentation

      Document audit evidence that is contradictory or
       inconsistent with the final conclusions and how the
       auditor addressed the contradiction or inconsistency

Auditing: 11 Dangerous Standards                               144
          SAS 103: Audit Documentation

      Assemble the final audit engagement file within 60
       (calendar) days following the report release date
      After 60 days
         No deletion or discard of existing documentation

         Appropriately document subsequent additions

      Minimum file retention of five years from report
       release date

Auditing: 11 Dangerous Standards                             145
          SAS 104 – 111:
          Risk Assessment Standards
       104        Amendment to SAS 1, Due Professional Care in the
                  Performance of Work
       105        Amendment to SAS 95, GAAS
       106        Audit Evidence
       107        Audit Risk and Materiality in Conducting an Audit
       108        Planning and Supervision
       109        Understanding the Entity and Its Environment and
                  Assessing the Risks of Material Misstatement
       110        Performing Audit Procedures in Response to Assessed
                  Risks and Evaluating the Audit Evidence Obtained
       111        Amendment to SAS 39, Audit Sampling
Auditing: 11 Dangerous Standards                                        146
          Risk Assessment Standards

      Effective for periods beginning December 15, 2006
      More in-depth understanding of the entity and its
       environment, including its internal control, to identify
       the risks of material misstatement in the financial
       statements and what the entity is doing to mitigate
      More rigorous assessment of the risks of material
       misstatement of the financial statements
      Improved linkage between the assessed risks and the
       nature, timing, and extent of audit procedures
       performed in response to those risks
Auditing: 11 Dangerous Standards                                  147
          False Sign-Off

                        Come in under budget
       WHY COMMIT ______________________________
      WHAT TO SIGN OFF _________________________
                         Something not expected to change
                              Keep client and boss happy
       PAY AND PROMOTION _______________________
                         Assume the work was done
       WHY NOT DETECTED ________________________
      WHY _____________________________________
      HOW TO MINIMIZE __________________________
                               Audit the auditors

Auditing: 11 Dangerous Standards                        148
          False Sign-Off Survey Results

                                       it wasn‟t done
   Signing off on work when in fact __________________
   Sample slice                                    %
   % of CPAs who observed False Sign-off           25
   Auditing experience last 10 years                27
   Auditors with some Big 4 experience              26
   Auditors with only Big 4 experience              25
   Auditors with only Big 4 in last 10 years        28

Auditing: 11 Dangerous Standards                         149
          False Sign-Off Survey Results

   Sample slice                                %
   What % do you THINK commit false sign off   26
   If HAVE detected false sign-off             17
   If HAVE NOT detected false sign-off         32

   What happened to the person
   Personally spoke to person                  58
   Person was terminated                        9

Auditing: 11 Dangerous Standards                    150
          What Auditors Do Wrong

   10.Don‟t “listen” for red flags
   11.Don‟t read industry trade publications
   12.Haven‟t talked to client about fraud
   13.Don‟t graph information
   14.Audit only what‟s there
   15.No leading or predictive indicators
   16.Think Accuracy = Truth
   17.Never get actual bank deposit items

Auditing: 11 Dangerous Standards               152
          Be Careful . . . Be Clear
      Other than tax compliance claims, a communications
       breakdown between CPA and client is at the
       heart of a significant majority of claims…at least 70
       percent.” Ron Klein, JD, CFE, Camico vice-president of claims.
  1.   Clarify, don‟t obscure
  2.   Be a linguistic “straight shooter”
  3.   Counsel clients effectively with language they understand
  4.   Reader-friendly structure
  5.   Use charts and graphs
  How to Be Careful and Still Be Clear, J of A, Jan 2001

Auditing: 11 Dangerous Standards                                    153
           Malpractice Wording
                     Problem                                          Solution
 The effect comes before the cause.                   Transpose the cause and effect.

 B is due to A.                                       A led to B.
 B is caused by A.                                    A caused B.
 B was the result of A.                               A caused B or A led to B.
 B can be attributed to A.                            A led to B.

 Use of nouns.                                        Use verb form.
 X stated that payment would not be made.             X stated they would not pay.

 The inclusion of the reserve, [etc.]…                Including the reserve, [etc.]…

 Using the passive voice.   Use the active voice
Auditing: 11 Dangerous Standards                                                           154
 The amounts expected to be collected                 The company expects to collect the
          Selecting and Retaining Clients
 Audit failures are          1.    Law firms specialize
 your greatest risk          2.    Deep pockets
                             3.    Settle if damages > insurance
                             4.    Third party suits
                             5.    Just complying with GAAP+GAAS not enough
 Client acceptance           1.    Screen clients
                             2.    Understand the client
                             3.    Identify high-risk clients
                             4.    Are you qualified

                                           I had a _____ feeling
                                              about that client.
Auditing: 11 Dangerous Standards                                              155
          Selecting and Retaining Clients

 Interview client         1.   Why client needs an service and for whom
                          2.   Deadlines and other services
                          3.   Does client understand engagement
                          4.   Do you understand client + industry trends
                          5.   Why client needs new firm
                          6.   Conflicts of interest
 Interview 3rd            1. Other professionals, attorney and credit sources
 parties                  2. Business assn, vendors, customers, Google
 Contact                  1. Management integrity and disagreements
 predecessor              2. Why fired
 accountant               3. RPTs
Auditing: 11 Dangerous Standards                                                156
Public Perceptions in a
“Post Enron” World

     Results of Jury Research Conducted by
         CAMICO Mutual Insurance Co.
Auditing: 11 Dangerous Standards   158
Auditing: 11 Dangerous Standards   159
Auditing: 11 Dangerous Standards   160
      Do you tend to believe the things you
      hear in the news about corporate

          Pre Enron                 Post Enron


     No                       46%
Auditing: 11 Dangerous Standards                 161
Auditing: 11 Dangerous Standards   162
Auditing: 11 Dangerous Standards   163
Auditing: 11 Dangerous Standards   164
Auditing: 11 Dangerous Standards   165
Auditing: 11 Dangerous Standards   166
Auditing: 11 Dangerous Standards   167
Auditing: 11 Dangerous Standards   168
     Quality of work of large firms vs. small
     firms - Pre vs. Post Enron

                                      Post Enron
                                   Pre Enron

    40%    Pre Enron                                  Post Enron


                                                   Pre Enron

    10%          Post Enron

                Higher                Same            Lower
Auditing: 11 Dangerous Standards                                   169
Auditing: 11 Dangerous Standards   170
      Accountants are responsible for making
      sure that companies stay honest….

                                                          Post Enron


        40%      Pre Enron
                                                      Pre Enron
        30%             Post Enron
                                     Pre Enron
                                         Post Enron

                    Disagree           Neither           Agree

Auditing: 11 Dangerous Standards                                       171
      If an Accountant is hired by a company to
      review financial statements, but not
      retained to do an audit, would you expect
      the accountant to uncover fraud?

               Pre Enron                  Post Enron

                                   Yes   29%
         60%                                      Yes
Auditing: 11 Dangerous Standards                        172
Auditing: 11 Dangerous Standards   173
Auditing: 11 Dangerous Standards   174
Auditing: 11 Dangerous Standards   175
Auditing: 11 Dangerous Standards   176

      Recent corporate and accounting scandals have hurt the
      image of CPAs
      Participants feel even stronger that CPAs should:
       > Police their clients, especially publicly traded companies
       > Discover fraud (even without an audit)
      Significant minority of participants distinguish between
      smaller and larger CPA firms
       > Smaller firms seen as more trustworthy and equally
         or more skilled than large national firms
      There is a strong sentiment that the entire profession should
      not be condemned based on the bad acts of a few
Auditing: 11 Dangerous Standards                               177

To top