Français
Home   »  About CGA-Canada  »  CGA Magazine  »  2004  »  Jan-Feb  »  Fraud and Error: Take Two
Subscribe to RSS feeds
Close

Share with friends

* Your name:
* Your email:
* Recipient’s email:
Message:
 

Fraud and Error: Take Two 

Select the archived issue you wish to view: 

 

Standards

Fraud and Error: Take Two

Constant revision and change is now the norm for assurance standards.

 

FROM: JAN-FEB 2004 ISSUE | BY STEPHEN SPECTOR

It seems that these days, no sooner is a standard released than there is a demand that it be improved. In CGA Magazine, November-December 2002 , this column addressed the changes made in March 2002 to Handbooksections 5090 and 5135 as a result of the Assurance (now the Auditing and Assurance) Standards Board's (AASB) desire to harmonize Canadian assurance standards with those of the international community.

Section 5135 incorporated guidance from International Standard on Auditing (ISA) 240,The Auditor's Responsibility to Consider Fraud and Error in an Audit of Financial Statements, with minimum changes to ISA 240 to conform to Canadian standards as a whole. Similarly, section 5090 was amended to reflect changes to ISA 200,Objective and General Principles Governing an Audit of Financial Statements — changes that had been made so that ISA 200 conformed to ISA 240.

Why the rush to change something barely two years old? The answer is simple — Enron, WorldCom, Adelphia, and a host of others. The rash of corporate failures in the United States created an atmosphere where the old approach was just not good enough. And so we had a cascading impact. The international standards were revised, so Canada changed its standards. But the U.S. standards, which had been at the core of the revised international standards, were changed again. And so the process continues.

Consequently, the AASB released an exposure draft in September 2003 to update Canadian standards to reflect changes made to U.S. standards in late 2002. Changes to international standards are expected to be made in 2004. Confused yet? If so, don't worry; there will be yet another iteration before the middle of 2005.

Key Change

When section 5135 and ISA 240 were issued in 2002, conforming amendments were made to section 5090. However, unlike ISA 200,section 5090 retained the assumption of management's good faith. In the September 2003 exposure draft, reference to an assumption of management's good faith was dropped. In other words, management may indeed be acting in good faith, but the auditor can no longer make that assumption. Why? The notion of management's good faith is incompatible with the requirement to conduct procedures to address the possibility of management override of internal controls.

Other Changes

In addition to the elimination of the good faith assumption, changes proposed to the existing sections 5090 and 5135 are:

  • More emphasis on the respective responsibilities of auditors, management, and those charged with governance with respect to fraud;
  • Significantly more guidance on assessing the risk of misstatement due to fraud, including requirements to make enquiries of management and others within the entity, and understanding the role of those charged with governance;
  • Discussion of earnings management;
  • Significantly more emphasis on management's ability to override internal controls, and management fraud generally;
  • Classification of fraud risk factors into factors relating to incentive to commit fraud, opportunity to commit fraud, and the ability to rationalize the fraudulent act;
  • Requiring procedures to be performed to address management's ability to override internal controls. In particular, requiring the testing of journal entries, reviewing accounting estimates for bias, and understanding the business rationale for significant transactions outside the normal course of business;
  • Requiring procedures to be performed to address the presumed risk of improper revenue recognition.

Differences Remain

Despite the goal of international harmonization, some differences remain. For example, the International Auditing and Assurance Standards Board (IAASB) exposure draft proposed to separate fraud from error and limit ISA 240 to issues related to fraud. The IAASB plans to deal with error in other ISAs. Until the related ISAs can be adopted in Canada, there is not a convenient place in the Handbook to move error-related material.

Accordingly, the AASB proposed to retain the error-related material in section 5135 on a temporary basis. Given the emphasis on fraud, these differences were inconsequential with respect to the auditor's responsibilities to consider fraud and the related work effort.

Also, the IAASB exposure draft reflected language used in the proposed ISA entitled Audit Risk. This wording was not adopted, since to do so would render the revised section 5135 inconsistent with existing Handbook wording concerning risk identification and assessment. However, the AASB intends to adopt the proposed new audit risk model (see CGA-Magazine Standards May-June 2003) when it is issued by the IAASB and to conform section 5135 to be consistent with ISA 240.

Nonetheless, the goal of convergence between Canadian, U.S., and international standards has taken a major step forward. In most significant respects, the recommendations expected to be released will result in the requirements being the same as ISA 240 and in substance, meet all the requirements of U.S. Statement on Auditing Standards 99.

A Sense of Urgency

At the time this column was written, it was not known when the final text would be ready. However, the implementation period from the issue date of the final standards to their effective date will be shorter than normal. Typically, revisions to assurance standards take effect from the date of release. But these changes are to be effective for audits relating to periods ending on or after December 15, 2004. In other words, they are effective for December 2004year-end, which means fiscal periods subject to the revised recommendations have already started and auditors must begin preparations now to comply with the new requirements.

If adopted as proposed in the exposure draft, the changes will require not only additional audit procedures to assess and address fraud risk, but also an attitudinal change involving heightened professional skepticism. Firms will need to reconsider their audit policies, guidance and implementation processes, professional development programs, and other quality control processes in order to implement the proposed standards. In fact, these policies and processes may need to be revised as soon as the final standards are issued to allow sufficient time for the development of audit plans.

Section 5136 of the Handbook requires practitioners to read that section in the context of section 5135, and sets out guidance relating to illegal acts. Therefore, practitioners must also consider the risk of illegal acts occurring when discussing risk in engagement team meetings and with audit committees, management, and others in the entity. Finally, the small practitioner will likely wonder how to meet the demands of the section 5135. With respect to owner managed businesses, the draft seems to forget that the auditor is reporting to the shareholders who are the owners and also the managers. The outcome may be fewer firms performing audits and increased cost to smaller enterprises that cannot "get by" with a review engagement.

[ TOP ]

Stephen Spector, MA, FCGA, owns Spector and Associates and teaches Financial and Managerial Accounting at Simon Fraser University. He also serves on CGA-BC’s board of governors. E-mail shspector@shaw.ca.

© 2012 CGA-Canada