Assessing fraud risk
Required:
(a) Identify and explain any significant fraud risk factors for Dolphin.
(b) For each fraud risk factor identified in (a), explain how the risk will affect the approach to the audit of Dolphin.
(a) Fraud risk factors:
Justin and Sarah Morris have effective control, but not 100% ownership of the business. This creates a risk that related party transactions are not properly at arms’ length or disclosed in the Dolphin reports. The presence of a new equity investor and the involvement of the bank increase the demand for credible reports. The management have a ‘laid back’ style, suggesting there is not effective control. There is also the question of effective control over assets because the CFO is in control of financial reports and a major investor in both companies. The chairman of the board is the husband of the CFO, the CFO is a director – is there good oversight, i.e. good corporate governance?
The accounts have not been audited before, meaning that an independent external party has not previously reviewed the business’s internal control and financial reports. Opening balances are particularly at risk.
Accounts staff rarely take leave, suggesting that there has not been an opportunity to independently review their work. Are they hiding anything? There appear to be issues with segregation of duties and effective supervision. For example, they help each other with journal entries, it is not clear whether banking cash is kept separate from bank reconciliation (these issues relate to opportunity to commit fraud).
Peter Pinn is close to retirement and thus has a short ‘horizon’ in the business. Is there an attitude that they work so hard in the accounting department that they are ‘owed’ something (i.e. an attitude/rationalisation issue).
Is there effective supervision of the casual workers? They are people likely to have incentives for asset misappropriation due to their low wages. They could have an attitude that fraud is reasonable due to the poor working conditions and low wages. Does the accounting staff have proper procedures for processing these short-term employment contracts? Who handles the HR duties?
Overall, the small size of the business means that it is unlikely that the client has fully effective internal control systems. A great deal of reliance is placed on management supervision and there are factors that indicate that this supervision might not be totally effective.
(b) Each fraud risk factor would require more time in the audit plan to gather evidence about the assertions relating to relevant accounts and transactions.
The plan would include time on understanding the client’s system of internal control, but additional control testing would only be warranted where the auditor intended to place reliance on the controls. The fraud factors appear to suggest that greater substantive testing would be required, particular for accounts relating to payroll, bank, related parties, revenue recognition and expenses, and closing entries.
| Fraud Risk Factor | Explanation as to why a risk | Suggested audit approach to address the risk |
| Key Finance staff not taking leave | There is no independent review of the work of the key finance/accounting staff which could lead to the staff misappropriating asset and not being detected by anyone |
Little reliance should be placed on internal controls. More use of substantive testing of transactions and account balances (i.e. (payroll and bank reconciliation. Review unusual transactions/activity |
| Weak or ineffective internal controls |
Poor segregation of accounting duties- Poor supervision of staff Poor business management systems and processes |
Test authorisation of refunds and discounts |
| Opening balances have not be confirmed | Testing of opening balances | |
| Related party transactions | There is a risk that transactions to related parties were not at arm’s length, not reviewed or approved |
Substantive testing ( i.e. confirming specific transactions, purpose and aspects of transactions to related parties and making enquiries to business relationship) ( see ASA 550.20, A31-A33) |
| Poor corporate governance- independence issues | Risk of management overriding of controls (see ASA 240.32 |
Test appropriateness of journal/ledger entries Review of management estimates and adjustments |
| Review timing difference issues for recognition of revenue and expenses |
Before moving on to Chapter 4 activities, you might take another minute to reflect on how much of the suggested answers are continuing to utilise and test your understanding of accounting systems and processes from earlier studies … in auditing you are now casting a critical eye over that knowledge to see if your client is using the systems and processes wisely in the circumstances … so your accounting and business knowledge more generally is being developed and tested and applied rather than all this being “new” to you.