Institute of Certified Public Accountants today announced that it had approved a new standard, Statement on Auditing Standards (SAS) 99: Consideration of Fraud in a Financial Statement Audit, that gives U.S. auditors expanded guidance for detecting material fraud.
The standard is the cornerstone of a multifaceted effort by the AICPA to helprestore investor confidence in U.S. capital markets and to re-establish audited financial statements as a clear picture window into Corporate America.
We feel strongly that the standard will substantially change auditor performance, thereby improving the likelihood that auditors will detect material misstatements due to fraud,” said Barry Melancon, AICPA President and CEO. “The standard reminds auditors that they must approach every audit with professional skepticism and not assume that management is honest. It puts fraud at the forefront of the auditor\’s mind.”
The key provisions of SAS 99 follow below.
– Increased Emphasis on Professional Skepticism. Putting aside any prior beliefs as to management\’s honesty, members of the audit team must exchange ideas or brainstorm how frauds could occur. These discussions are intended to identify fraud risks and should be conducted while keeping in mind the characteristics that are present when frauds occur: incentives, opportunities, and ability to rationalize. Throughout the audit, the engagement team should think about and explore the question, “If someone wanted to perpetrate a fraud, how would it be done?” From these discussions, the engagement team should be in a better position to design audit tests responsive to the risks of fraud.
– Discussions with Management. The engagement team is expected to inquire of management and others in the organization as to the risk of fraud and whether they are aware of any frauds. The auditors should make a point of talking to employees in and outside management. Giving employees and others the opportunity to “blow the whistle” may encourage someone to step forward. It might also help deter others from committing fraud if they are concerned that a co-worker will turn them in.
– Unpredictable Audit Tests. During an audit, the engagement team should test areas, locations and accounts that otherwise might not be tested. The team should design tests that would be unpredictable and unexpected by the client.
– Responding to Management Override of Controls. Because management is often in a position to override controls in order to commit financial-statement fraud, the standard includes procedures to test for management override of
controls on every audit.
SAS 99 supersedes the Auditing Standards Board\’s earlier fraud standard, SAS 82, which carried the same title.
“As part of our continuous improvement process, we commissioned a number of independent academic research projects to help us understand how SAS 82 could be improved,” said Chuck Landes, AICPA Director – Audit and Attest Standards. “SAS 99 is responsive to that research and incorporates recommendations from the Public Oversight Board\’s Panel on Audit Effectiveness.”
“This new fraud standard is the product of a thoughtful and open standards-setting process that constantly seeks to improve audit quality,” said James S. Gerson, Chair of the Auditing Standards Board.
SAS 99 is effective for audits of financial statements for periods beginning on or after December 15, 2002. The AICPA, however, is urging firms, particularly those that audit public companies, to begin earlier implementation. The published standard will be available at the end of October or early November.
The AICPA\’s Anti-Fraud Initiatives
The AICPA emphasizes that SAS 99 is the first part of a multi-initiative program that Melancon announced in a September 4 speech at The Yale Club in New York.
“The release of the standard officially launches our anti-fraud program,” he said. “The auditor is responsible for providing reasonable assurance that the financial statements are free of material misstatement, whether caused by error or fraud.
“However, the auditor is not the only party responsible for dealing with financial statement fraud,” Melancon added. “By raising awareness of fraud and intolerance for it within corporate America, together we will be in a better position to detect and prevent it. It\’s important that corporate boards of directors and audit committees assume a greater role in fighting fraud and overseeing senior management.”
In announcing the new fraud standard, the AICPA reaffirmed its resolve to help investors regain their confidence in the country\’s capital market system and re-establish the audited financial statements as a clear window into the operations of corporate America, missions that Melancon declared in his speech. He, likewise, spoke of the need for a revitalized accounting culture, in which auditors refuse to sign off on inaccurate financial statements and where accounting is based on principles, rather than rules.
To assist its members in fulfilling their responsibilities to detect fraud, the AICPA has launched a competency tool for auditors and corporate employees. The competency tool is available free to members, on-line. Also, the AICPA is developing 17 fraud case studies that academics can use to educate their students on the motivations for fraud, how frauds typically occur and skills necessary to detect fraud. The case studies will be available in the near future.