. 66
( 82 .)


Ibid., pars. 79, 80, 81, 82.
Statement on Auditing Standards, No. 54, “Illegal Acts by Clients” (New York: AICPA, 1988), par. 2.
For further discussion, see Donald L. Neebes, Dan M. Guy, and O. Ray Whittington, “Illegal Acts:
What Are the Auditor™s Responsibilities?” Journal of Accountancy 171, No. 1 (January 1991), pp.
82“84, 86, 88, 90“93.
The External Auditor™s Responsibility 333

amounts. For example, tax laws affect accruals and the amount recognized as ex-
pense in the accounting period; applicable laws and regulations may affect the
amount of revenue accrued under government contracts. However, the auditor con-
siders such laws or regulations from the perspective of their known relation to audit
objectives derived from financial statement assertions rather than from the perspec-
tive of legality per se. The auditor™s responsibility to detect and report misstatements
resulting from illegal acts having a direct and material effect on the determination of
financial statement amounts is the same as that for fraud as described in SAS No. 82,
“Consideration of Fraud in a Financial Statement Audit.”
Entities may be affected by many other laws or regulations, including those related
to securities trading, occupational safety and health, food and drug administration,
environmental protection, equal employment, and price-fixing or other antitrust vi-
olations. Generally, these laws and regulations relate more to an entity™s operating
aspects than to its financial and accounting aspects, and their financial statement ef-
fect is indirect. An auditor ordinarily does not have sufficient basis for recognizing
possible violations of such laws and regulations. Their indirect effect is normally the
result of the need to disclose a contingent liability because of the allegation or de-
termination of illegality. For example, securities may be purchased or sold based on
inside information. While the direct effects of the purchase or sale may be recorded
appropriately, their indirect effect, the possible contingent liability for violating se-
curities laws, may not be appropriately disclosed. Even when violations of such laws
and regulations can have consequences material to the financial statements, the au-
ditor may not become aware of the existence of the illegal act unless he is informed
by the client, or there is evidence of a governmental agency investigation or en-
forcement proceeding in the records, documents, or other information normally in-
spected in an audit of financial statements.20

Warning signals for possible illegal acts are presented in Exhibit 11.3.
Finally, the auditor is required to communicate with the audit committee in this

The auditor should assure himself that the audit committee, or others with equivalent
authority and responsibility, is adequately informed with respect to illegal acts that
come to the auditor™s attention. The auditor need not communicate matters that are
clearly inconsequential and may reach agreement in advance with the audit commit-
tee on the nature of such matters to be communicated. The communication should
describe the act, the circumstances of its occurrence, and the effect on the financial
statements. Senior management may wish to have its remedial actions communi-
cated to the audit committee simultaneously. Possible remedial actions include dis-
ciplinary action against involved personnel, seeking restitution, adoption of
preventive or corrective company policies, and modifications of specific control pro-
cedures. If senior management is involved in an illegal act, the auditor should com-
municate directly with the audit committee. The communication may be oral or
written. If the communication is oral, the auditor should document it.21

With respect to detection of management fraud and reporting illegal acts, the
Public Oversight Board set forth these recommendations.

Ibid., pars. 5, 6.
Statement on Auditing Standards, No. 54, “Illegal Acts by Clients,” par. 17.
334 A Perspective on Fraud and the Auditor

Exhibit 11.3 Warning Signals of Possible Illegal Acts

• Unauthorized transactions, improperly recorded transactions, or transactions not
recorded in a complete or timely manner in order to maintain accountability for assets
• Investigation by a governmental agency, an enforcement proceeding, or payment of un-
usual fines or penalties
• Violations of laws or regulations cited in reports of examinations by regulatory agencies
that have been made available to the auditor
• Large payments for unspecified services to consultants, affiliates, or employees
• Sales commissions or agents™ fees that appear excessive in relation to those normally
paid by the client or to the services actually received
• Unusually large payments in cash, purchases of bank cashiers™ checks in large amounts
payable to bearer, transfers to numbered bank accounts, or similar transactions
• Unexplained payments made to government officials of employees
• Failure to file tax returns or pay government duties or similar fees that are common to
the entity™s industry or the nature of its business

Source: Statement on Auditing Standards No. 54, “Illegal Acts by Clients,” par. 9.

Recommendation V-1
Accounting firms should assure that auditors more consistently implement, and be
more sensitive to the need to exercise the professional skepticism required by, the au-
diting standard that provides guidance on the auditor™s responsibility to detect and re-
port errors and irregularities.

Recommendation V-2
The Auditing Standards Board, the Executive Committee of the SEC Practice Sec-
tion or some other appropriate body should develop guidelines to assist auditors in
assessing the likelihood that management fraud which may affect financial informa-
tion may be occurring and to specify additional auditing procedures when there is a
heightened likelihood of management fraud.22

Recommendation V-14
The accounting profession should support carefully drafted legislation requiring au-
ditors to report to the appropriate authorities, including the SEC, suspected illegali-
ties discovered by the auditor in the course of an audit if the client™s management or
board of directors fails to take necessary action with respect to such suspected ille-

Public Oversight Board, A Special Report by the Public Oversight Board of the SEC Practice Sec-
tion, AICPA (Stamford, CT: POB, 1993), p. 43.
The External Auditor™s Responsibility 335

galities and the auditor believes that they are or may be significant to the entity. The
profession should seek adequate guidance as to the types of illegalities that would be
encompassed by this requirement.23

It is reemphasized that the auditor™s purpose is to express an objective opin-
ion on the fairness of the presentation in the financial statements. A review of the
scope paragraph of the external auditor™s standard report explicitly indicates that
he or she should plan and perform the audit to obtain reasonable assurance about
whether the financial statements are free of material misstatement. Such a state-
ment is also acknowledged to the client company in the engagement letter,
whereby the auditor explicitly states that the audit may not detect all material
irregularities. Accordingly, if the auditor conducts his or her examination in ac-
cordance with generally accepted auditing standards, then he or she is not respon-
sible for the detection of fraud. It should be recognized that the auditor™s
examination in full compliance with the promulgated auditing standards is not a
guarantee that fraud is totally nonexistent. As noted in the preceding discus-
sion on computer fraud, a sophisticated scheme along with collusion may go un-
detected by the independent auditor. As a result, it is incumbent on the audit
committee to obtain reasonable assurance from the external auditors that man-
agement has taken the necessary actions to protect the assets of the entity. Such
assurance is obtained through the committee™s review of the auditor™s manage-
ment letter regarding management™s responsibility for the financial accounting
system and the related internal controls as well as appropriate fidelity bond in-
surance coverage.
In view of the nature and complex problems of management fraud, the
AICPA™s standing committee on methods, perpetration, and detection of fraud has
provided a preliminary list of warning signals of the possible existence of fraud.
(See Exhibit 11.4.)
This checklist of warning signals is particularly important as a guide to the
audit committee in its inquiries of the audit partner to identify the auditor™s alert-
ness to the possibility of fraud. For example, the committee may wish to corre-
late the checklist of warning signals with the auditor™s management letter in order
to identify potential problem areas. The major objective is to determine whether
the auditor is taking a fresh look at the current year™s audit examination as op-
posed to merely rolling over previous years™ examinations. Furthermore, the com-
mittee™s review of the checklist will enable it to create an environment “that
fosters morality and high business ethics.”24 “The systems should provide checks
and balances and reports that cause flares to streak across the corporate sky if im-
proprieties are practiced.”25

Ibid., p. 55.
Sawyer, Murphy, and Crossley, “Management Fraud,” p. 24.
336 A Perspective on Fraud and the Auditor

Exhibit 11.4 Warning Signals of the Possible Existence of Fraud

1. Highly domineering senior management and one or more of the following, or simi-
lar, conditions are present:
• An ineffective board of directors and/or audit committee.
• Indications of management override of significant internal accounting controls.
• Compensation or significant stock options tied to reported performance or to a spe-
cific transaction over which senior management has actual or implied control.
• Indications of personal financial difficulties of senior management.
• Proxy contests involving control of the company or senior management™s continu-
ance, compensation, or status.
2. Deterioration of quality of earnings evidenced by:
• Decline in the volume or quality of sales (e.g., increased credit risk or sales at or
below cost).
• Significant changes in business practices.
• Excessive interest by senior management in the earnings per share effect of ac-
counting alternatives.
3. Business conditions that may create unusual pressures:
• Inadequate working capital.
• Little flexibility in debt restrictions such as working capital ratios and limitations on
additional borrowings.
• Rapid expansion of a product or business line markedly in excess of industry averages.
• A major investment of the company™s resources in an industry noted for rapid
change, such as a high technology industry.
4. A complex corporate structure where the complexity does not appear to be war-
ranted by the company™s operations or size.
5. Widely dispersed business locations accompanied by highly decentralized manage-
ment with inadequate responsibility reporting system.
6. Understaffing which appears to require certain employees to work unusual hours, to
forego vacations, and/or to put in substantial overtime.
7. High turnover rate in key financial positions such as treasurer or controller.
8. Frequent change of auditors or legal counsel.
9. Known material weaknesses in internal control which could practically be corrected
but remain uncorrected, such as:
• Access to computer equipment or electronic data entry devices is not adequately
• Incompatible duties remain combined.
10. Material transactions with related parties exist or there are transactions that may
involve conflicts of interest.
11. Premature announcements of operating results or future (positive) expectations.
12. Analytical review procedures disclosing significant fluctuations which cannot be
reasonably explained, for example:
• Material account balances.
• Financial or operational interrelationships.
Investigating Known Fraud 337

• Physical inventory variances.
• Inventory turnover rates.
13. Large or unusual transactions, particularly at year-end, with material effect on
14. Unusually large payments in relation to services provided in the ordinary course of
business by lawyers, consultants, agents, and others (including employees).
15. Difficulty in obtaining audit evidence with respect to:
• Unusual or unexplained entries.
• Incomplete or missing documentation and/or authorization.
• Alterations in documentation or accounts.
16. In the performance of an examination of financial statements unforeseen problems
are encountered, for instance:
• Client pressures to complete audit in an unusually short time or under difficult con-
• Sudden delay situations.
• Evasive or unreasonable responses of management to audit inquiries.

Source: American Institute of Certified Public Accountants, CPA Letter 59, No. 5 (March 12, 1979),
p. 4

Summary Guidelines
As previously noted, the annual audit examination does not guarantee the nonex-
istence of fraud. However, through a sound system of internal control, adequate fi-
delity bond insurance, and effective internal and external audits, the entity is
afforded reasonable protection against fraud. Nevertheless, on the discovery of
fraud, it is essential that the board of directors call for a careful and competent in-
vestigation of the situation. While such an investigation is a burden on the entity,
“corporate heads, including the boards of directors, should regard the occurrence
as a business problem, not a legal problem.”27 Hence the board, through its audit
committee, should demonstrate that it has taken the necessary course of action to
properly uncover the fraud in order to maximize on its recovery from the fidelity
bond insurance company.
Although the approach to an investigation may vary, Sawyer, Murphy, and
Crossley point out that “an executive should be assigned to coordinate . . . the
investigation.”28 Ordinarily the executive is the director of internal auditing.

For further reference, see Denzil Y. Causey, “The CPA Guide to Whistle Blowing,” CPA Journal 58,
No. 8 (August 1988), pp. 26“37; Timothy L. Williams and W. Steve Albrecht, “Understanding Reac-
tions to Fraud,” Internal Auditor 47, No. 4 (August 1990), pp. 45“51. As discussed in Chapter 2, the
reader should review Section 806 dealing with whistle-blowing protection for employees.
Sawyer, Murphy, and Crossley, “Management Fraud,” p. 20.
338 A Perspective on Fraud and the Auditor


. 66
( 82 .)