ACT 485 – Capstone Course in Accounting

Semester: Spring 2023

2022-2023
Running head: Red flags in a financial statement reports 2

Table of Contents

Introduction .......................................................................................................................... 3
Importance of red flags in auditing ........................................................................................ 3
Red flags in the financial reports ........................................................................................... 4
a. Red flags in financial reports of Sanam Real Estate......................................................... 4
b. Red flags in financial reports of First Dubai for real estate development ........................ 4
c. Red flags in Aqar Real estate investments ...................................................................... 5
Conclusion ............................................................................................................................ 6
References ............................................................................................................................ 7
Running head: Red flags in a financial statement reports 3

Introduction
Financial statement reports are the final statement for the accounting year.
The auditors are the person who audits the financial information furnished by
the company. This essay reports the importance of red flags in accounting, red
flags in the accounting statement for the company Sanam Real estate, First
Dubai for real estate development and Aqar real estate investment.

Importance of red flags in auditing

Red flags are indications or a signal to the investors and shareholders to look
out for the potential problem in the financial statement report. These red flags
do not mean fraud activity in the company or firm. But these red flags mean
that something out of the ordinary is going on in the financial report that
needs further investigation.

An auditor cannot check all the transactions in an organization due to time

constraints. So they will pick the sample and check for anomalies in the
financial reports. But sometimes, the auditors cannot follow up on some of the
existing problems in the financial reports like high accounts receivable, a high
debt payable to the creditors or legal litigations. These are some examples of
auditors raising red flags in the audit report about the financial statement.

The financial statement needs further research to determine the potential

problems in the future caused by these red flags.

DiNapoli, T. P. (2008) the red flag is a metaphor for the potential problem. The
red flag is used in many fields, and the red flag is used as the indicator for the
potential problem in the financial statement report.
Running head: Red flags in a financial statement reports 4

Red flags in the financial reports

a. Red flags in financial reports of Sanam Real Estate

Sanam real estate is a company that deals with the real estate business in
Kuwait. The company has suffered a huge impact after the COVID-19
lockdown, and so the company has reported a net loss in the income
statement. The company incurs some contingency expenses in response to the
COVID-19 situation.

The auditors have raised two red flags in the financial statement report. The
loss incurred by the company may incur a further loss in the fore coming
financial years; in that case, there is a potential danger for the investors to lose
their money in investment. The contingent fund spent by the company is
another red flag that there is a decrease in the reserve fund, so the company is
vulnerable to potential damages.

Johnson, G. C. (2009) the research study shows the red flags due to the net loss
attributed to earnings management is a potential problem for the company,
and it will be marked as a red flag by the auditors in the financial statement
report.

b. Red flags in financial reports of First Dubai for a real estate

development
First, Dubai for real estate Development Company’s financial statement is
extracted from the company website and analyzed for red flags marked by the
auditors that need further investigations. It is found that the company has
changed their standards for financial reporting. The change in the accounting
report standards will significantly impact the values of various headings in the
financial statement itself.
Running head: Red flags in a financial statement reports 5

The application of a new standard which IFRS (International financial reporting

standards) recommends estimating the assets based on the fair value method.
Traditionally, the GAAP Generally accepted accounting principles do not
recommend the fair value method. They might use the historical or market
value method. The red flag is also marked in the financial report of First Dubai
for real estate development like COVID-19-related rent concession.

There might be a change in the total expense due to the temporary rent-
related concession.

ENAKIRERHI, L. I., IBANICHUKA, E. A., & OFURUM, C. O. (2020) the research

paper states the adoption of the new standards will have some impact on the
financial statement report.

Moyes, G. D., Din, H. F. M., & Omar, N. H. (2009) this paper confirms with
evidence that the change and adoption of new standard marked as the red flag
in the financial statement report will have some impact on the financial
statement as well.

c. Red flags in Aqar Real estate investments

It is based on the auditor's evidence that material uncertainty exists in the
financial statement report of the company. In the legal and regulatory section
report, it is mentioned in the audit report of the Aqar real estate investment
that the auditors observed no violations of material statement. However, they
have stated there might be a presence of material misstatement out of their
knowledge as the firm uses going on concern concept.

The company needs to use the going concern concept for the account
receivable and accounts payable balances that might be settled by the
creditors and debtors of the company in the future. So going on a concern
Running head: Red flags in a financial statement reports 6

basis helps the accountant to put a separate heading as account receivable

instead of actual earnings or sales and as account payable instead of actual
expenses.

This is where the auditor raises a red flag in the financial statement that the
future financial statement needs to be considered for the change in values of
account receivable or payable and their reflection in sales and expenses. In
case the company has intentionally or unintentionally made material mistakes
in these places, causing the error.

Majid, A., Gul, F. A., & Tsui, J. S. (2001) the going on concern is a concept the
company uses to continue the financial statement. But these are where the
potential problem arises because of material misstatement, so the auditors
should indicate the use of going on concern concept by the firm in their audit
report.

Conclusion
In short, the importance of red flags and then the financial reports of the
company Sanam real estate, First Dubai for real estate development and Aqar
real estate investments for the red flags were also investigated and presented
above.
Running head: Red flags in a financial statement reports 7

References
Johnson, G. C. (2009). Using Benford's Law to determine if Selected Company Characteristics
are Red Flags for Earnings Management. Journal of Forensic Studies in Accounting &
Business, 1(2).

Majid, A., Gul, F. A., & Tsui, J. S. (2001). An analysis of Hong Kong auditors' perceptions of
the importance of selected red flag factors in risk assessment. Journal of Business
Ethics, 32, 263-274.

ENAKIRERHI, L. I., IBANICHUKA, E. A., & OFURUM, C. O. (2020). International financial

reporting standards (ifrs) adoption and short-term liquidity of firms in
Nigeria. International Journal of Research and Scientific Innovation (IJRSI), 3(1), 154-
157.

Moyes, G. D., Din, H. F. M., & Omar, N. H. (2009). The auditing standards' effectiveness in
detecting fraudulent financial reporting activities in financial statement audits in
Malaysia. International Business & Economics Research Journal (IBER), 8(9).

DiNapoli, T. P. (2008). Red flags for fraud. State of New York Office of the State Comptroller,
1-14.
 The operations of every company must have internal controls. They are made to make

sure that assets of the organization are protected, that its financial data is correct and

trustworthy, and that it consistently complies with laws and regulations. A company's internal

controls should be effective in preventing mistakes and fraud. According to Dimitrijevic et.al

(2015), Internal controls are crucial for businesses to manage and stop fraud and mistakes.

The leadership team of a corporation can put these controls into place in a number of

different ways. Establishing a mechanism of oversight and accountability to make sure that

no one individual has absolute authority over any one area of the business' operations is one

such method. This can entail dividing up responsibilities so that nobody is in charge of a

transaction's approving, documenting, and reconciling processes. In this article, we'll talk

about the many internal controls that a company's management could employ to combat fraud

and mistakes.

Segregation of roles is one sort of internal control that may be used to combat fraud

and mistakes. Separating responsibilities for various organizational activities is known as

segregation of duties and is done to avoid any one individual from having too much influence

over a given procedure. According to Barra (2010), for instance, the person who handles

payments shouldn't be the same as the person who authorizes invoices. Separating these tasks

makes it harder for someone to conduct fraud or make mistakes without being caught.

Separating responsibilities allows businesses to establish an arrangement of accountability

and oversight that lowers the possibility of fraud or errors. For instance, segregating tasks in a

financial context would entail keeping the duties of individuals who handle currency as well

as those who document transactions in the system for accounting apart. This division

guarantees that neither the actual assets nor the documents pertaining to those assets are

entirely in the control of a single person. To prevent one person from being able to add
defects or harmful code without being noticed, segregation of roles in an IT environment may

entail dividing the duties of those who build software apart from those who test it.

Physical controls are another sort of internal oversight that may be used to combat

mistakes and fraud. Physical controls entail locking up tangible assets like money, stock, and

machinery. Physical controls are a useful tool for reducing errors and fraud inside an

organization. As per Umar & Dikko (2018), these measures entail using material safeguards

to secure and safeguard assets. Locking up money, inventory, and equipment is one of several

measures that may be used to stop theft or illegal access. Protection of an organization's

assets requires physical controls. Organizations can lower the likelihood of loss caused by

theft or poor management by protecting important resources. To guarantee compliance with

legal requirements and industry norms, physical barriers may also be implemented.

Another method of mitigating fraud in an organization is use of surveillance

technology. This might involve taking steps like deploying security cameras to watch what

happens in critical places, and putting in place access controls to restrict access to particular

locations or assets, among other things. According to Morgan & Dowling (2021), the usage

of video surveillance has grown in popularity in recent years. These cameras may be seen in

many different places, including retail establishments, banks, and other commercial

buildings. The potential of security cameras to curb criminal conduct is one of its main

advantages. Potential thieves and con artists are far less inclined to try to steal or conduct

fraud when they notice that a place is being watched. Additionally, if an offense does occur,

the video the cameras recorded can be used as proof in court. As per Salem (2012),

businesses may also use surveillance cameras to spot internal fraud and theft and take action

against it. Businesses can uncover cases of fraud or theft perpetrated by their own workers by

keeping an eye on employee behavior. Increased responsibility and a decrease in losses from

internal theft may result from this. The deployment of surveillance cameras, nevertheless, is
not without controversy. Some contend that they violate people's right to privacy and might

be employed immorally, for example spying on clients or workers. Businesses should employ

surveillance cameras in an ethical and responsible manner, with clear procedures in place.

Monitoring activities is another kind of internal oversight that may be used to combat

fraud and mistakes. Regularly assessing transactions and other operations to spot any peculiar

or suspect behavior is part of the internal supervision approach of monitoring activities. To

detect any discrepancies or abnormalities, this may require frequently reviewing financial

records, bank-record reconciliations, as well as numerous other reports. By doing this,

businesses may identify possible fraud or errors at an early stage and take remedial action

before they become more serious problems. Monitoring can take many different forms,

including as manual checks by inside auditors, managers, or other staff members, automatic

monitoring systems that identify anomalous activities or patterns of activity, and recurring

evaluations by external auditors. The precise strategy depends on the organization's risks and

characteristics.

A corporation can utilize a number of additional broad concepts to assist avoid

mistakes and fraud in addition to these particular kinds of internal controls. Establishing

precise procedures and guidelines for every financial activity is one of them. Others include

educating and training staff on proper processes and ethical behavior, performing routine

audits to spot possible problems before they become serious issues, and maintaining tight

management control. To make sure that everyone is aware of their obligations, these

regulations should be made plain to all staff and reinforced via frequent training.

Daily operations of every company must have internal controls. Internal controls are

crucial for businesses to manage and stop fraud and mistakes and any method chosen by an

organization should be effective in the prevention of fraud and mistakes. Techniques such as

segregation and video surveillance should make it harder for someone to conduct fraud or
make mistakes without being caught. Other techniques such as physical controls for example

safes should secure all valuables from falling into any unauthorized hands. Monitoring of

regular activities in an organization should keep the management team up to date of what

happens in the organization. Lastly, educating staff members on proper processes and ethical

behaviors should enable them avoid or spot any irregular activities in an organization.
References

Barra, R. A. (2010). The impact of internal controls and penalties on fraud. Journal of
information Systems, 24(1), 1-21.
Dimitrijevic, D., Milovanovic, V., & Stancic, V. (2015). The role of a company’s internal
control system in fraud prevention. Financial Internet Quarterly, 11(3), 34-44.
Morgan, A., & Dowling, C. (2021). Physical Security: Video Surveillance, Equipment, and
Training. In Encyclopedia of Security and Emergency Management (pp. 766-775).
Cham: Springer International Publishing.
Salem, M. S. (2012). An overview of research on auditor's responsibility to detect fraud on
financial statements. Journal of Global Business Management, 8(2), 218.
Umar, H., & Dikko, M. U. (2018). The effect of internal control on performance of
commercial banks in Nigeria. International Journal of Management Research, 8(6),
13-32.
 THE AUDITOR’S RESPONSIBILITIES RELATING TO
FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS

Appendix 1
(Ref: Para. A25)

Examples of Fraud Risk Factors

The fraud risk factors identified in this Appendix are examples of such factors that may
be faced by auditors in a broad range of situations. Separately presented are examples
relating to the two types of fraud relevant to the auditor’s consideration – that is,
fraudulent financial reporting and misappropriation of assets. For each of these types of
fraud, the risk factors are further classified based on the three conditions generally
present when material misstatements due to fraud occur: (a) incentives/pressures, (b)
opportunities, and (c) attitudes/rationalizations. Although the risk factors cover a broad
range of situations, they are only examples and, accordingly, the auditor may identify
additional or different risk factors. Not all of these examples are relevant in all
circumstances, and some may be of greater or lesser significance in entities of different
size or with different ownership characteristics or circumstances. Also, the order of the
examples of risk factors provided is not intended to reflect their relative importance or
frequency of occurrence.

Risk Factors Relating to Misstatements Arising from Fraudulent Financial

Reporting
The following are examples of risk factors relating to misstatements arising from
fraudulent financial reporting.

Incentives/Pressures
Financial stability or profitability is threatened by economic, industry, or entity
operating conditions, such as (or as indicated by):
• High degree of competition or market saturation, accompanied by declining AUDITING
margins.
• High vulnerability to rapid changes, such as changes in technology, product
obsolescence, or interest rates.
• Significant declines in customer demand and increasing business failures in either
the industry or overall economy.
• Operating losses making the threat of bankruptcy, foreclosure, or hostile takeover
imminent.
• Recurring negative cash flows from operations or an inability to generate cash
flows from operations while reporting earnings and earnings growth.
• Rapid growth or unusual profitability especially compared to that of other
companies in the same industry.

189 ISA 240 APPENDIX 1

 THE AUDITOR’S RESPONSIBILITIES RELATING TO
FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS

• New accounting, statutory, or regulatory requirements.

Excessive pressure exists for management to meet the requirements or expectations of
third parties due to the following:
• Profitability or trend level expectations of investment analysts, institutional
investors, significant creditors, or other external parties (particularly expectations
that are unduly aggressive or unrealistic), including expectations created by
management in, for example, overly optimistic press releases or annual report
messages.
• Need to obtain additional debt or equity financing to stay competitive – including
financing of major research and development or capital expenditures.
• Marginal ability to meet exchange listing requirements or debt repayment or other
debt covenant requirements.
• Perceived or real adverse effects of reporting poor financial results on significant
pending transactions, such as business combinations or contract awards.
Information available indicates that the personal financial situation of management or
those charged with governance is threatened by the entity’s financial performance
arising from the following:
• Significant financial interests in the entity.
• Significant portions of their compensation (for example, bonuses, stock options,
and earn-out arrangements) being contingent upon achieving aggressive targets for
stock price, operating results, financial position, or cash flow. 1
• Personal guarantees of debts of the entity.
There is excessive pressure on management or operating personnel to meet financial
targets established by those charged with governance, including sales or profitability
incentive goals.

Opportunities
The nature of the industry or the entity’s operations provides opportunities to engage in
fraudulent financial reporting that can arise from the following:
• Significant related-party transactions not in the ordinary course of business or with
related entities not audited or audited by another firm.
• A strong financial presence or ability to dominate a certain industry sector that
allows the entity to dictate terms or conditions to suppliers or customers that may
result in inappropriate or non-arm’s-length transactions.

1
Management incentive plans may be contingent upon achieving targets relating only to certain accounts
or selected activities of the entity, even though the related accounts or activities may not be material to
the entity as a whole.

ISA 240 APPENDIX 1 190

 THE AUDITOR’S RESPONSIBILITIES RELATING TO
FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS

• Assets, liabilities, revenues, or expenses based on significant estimates that

involve subjective judgments or uncertainties that are difficult to corroborate.
• Significant, unusual, or highly complex transactions, especially those close to
period end that pose difficult “substance over form” questions.
• Significant operations located or conducted across international borders in
jurisdictions where differing business environments and cultures exist.
• Use of business intermediaries for which there appears to be no clear business
justification.
• Significant bank accounts or subsidiary or branch operations in tax-haven
jurisdictions for which there appears to be no clear business justification.
The monitoring of management is not effective as a result of the following:
• Domination of management by a single person or small group (in a non owner-
managed business) without compensating controls.
• Oversight by those charged with governance over the financial reporting process
and internal control is not effective.
There is a complex or unstable organizational structure, as evidenced by the following:
• Difficulty in determining the organization or individuals that have controlling
interest in the entity.
• Overly complex organizational structure involving unusual legal entities or
managerial lines of authority.
• High turnover of senior management, legal counsel, or those charged with
governance.
Internal control components are deficient as a result of the following:
• Inadequate monitoring of controls, including automated controls and controls over AUDITING
interim financial reporting (where external reporting is required).
• High turnover rates or employment of staff in accounting, information technology,
or the internal audit function that are not effective.
• Accounting and information systems that are not effective, including situations
involving significant deficiencies in internal control.

Attitudes/Rationalizations
• Communication, implementation, support, or enforcement of the entity’s values or
ethical standards by management, or the communication of inappropriate values or
ethical standards, that are not effective.
• Nonfinancial management’s excessive participation in or preoccupation with the
selection of accounting policies or the determination of significant estimates.

191 ISA 240 APPENDIX 1

 THE AUDITOR’S RESPONSIBILITIES RELATING TO
FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS

• Known history of violations of securities laws or other laws and regulations, or

claims against the entity, its senior management, or those charged with governance
alleging fraud or violations of laws and regulations.
• Excessive interest by management in maintaining or increasing the entity’s stock
price or earnings trend.
• The practice by management of committing to analysts, creditors, and other third
parties to achieve aggressive or unrealistic forecasts.
• Management failing to remedy known significant deficiencies in internal control on a
timely basis.
• An interest by management in employing inappropriate means to minimize reported
earnings for tax-motivated reasons.
• Low morale among senior management.
• The owner-manager makes no distinction between personal and business
transactions.
• Dispute between shareholders in a closely held entity.
• Recurring attempts by management to justify marginal or inappropriate accounting
on the basis of materiality.
• The relationship between management and the current or predecessor auditor is
strained, as exhibited by the following:
○ Frequent disputes with the current or predecessor auditor on accounting,
auditing, or reporting matters.
○ Unreasonable demands on the auditor, such as unrealistic time constraints
regarding the completion of the audit or the issuance of the auditor’s report.
○ Restrictions on the auditor that inappropriately limit access to people or
information or the ability to communicate effectively with those charged with
governance.
○ Domineering management behavior in dealing with the auditor, especially
involving attempts to influence the scope of the auditor’s work or the
selection or continuance of personnel assigned to or consulted on the audit
engagement.

Risk Factors Arising from Misstatements Arising from Misappropriation of

Assets
Risk factors that relate to misstatements arising from misappropriation of assets are also
classified according to the three conditions generally present when fraud exists:
incentives/pressures, opportunities, and attitudes/rationalization. Some of the risk factors
related to misstatements arising from fraudulent financial reporting also may be present

ISA 240 APPENDIX 1 192

 THE AUDITOR’S RESPONSIBILITIES RELATING TO
FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS

when misstatements arising from misappropriation of assets occur. For example, ineffective
monitoring of management and other deficiencies in internal control may be present when
misstatements due to either fraudulent financial reporting or misappropriation of assets exist.
The following are examples of risk factors related to misstatements arising from
misappropriation of assets.

Incentives/Pressures
Personal financial obligations may create pressure on management or employees with
access to cash or other assets susceptible to theft to misappropriate those assets.
Adverse relationships between the entity and employees with access to cash or other
assets susceptible to theft may motivate those employees to misappropriate those assets.
For example, adverse relationships may be created by the following:
• Known or anticipated future employee layoffs.
• Recent or anticipated changes to employee compensation or benefit plans.
• Promotions, compensation, or other rewards inconsistent with expectations.

Opportunities
Certain characteristics or circumstances may increase the susceptibility of assets to
misappropriation. For example, opportunities to misappropriate assets increase when
there are the following:
• Large amounts of cash on hand or processed.
• Inventory items that are small in size, of high value, or in high demand.
• Easily convertible assets, such as bearer bonds, diamonds, or computer chips.
• Fixed assets which are small in size, marketable, or lacking observable

AUDITING
identification of ownership.
Inadequate internal control over assets may increase the susceptibility of misappropriation of
those assets. For example, misappropriation of assets may occur because there is the
following:
• Inadequate segregation of duties or independent checks.
• Inadequate oversight of senior management expenditures, such as travel and other
re-imbursements.
• Inadequate management oversight of employees responsible for assets, for
example, inadequate supervision or monitoring of remote locations.
• Inadequate job applicant screening of employees with access to assets.
• Inadequate record keeping with respect to assets.

193 ISA 240 APPENDIX 1

 THE AUDITOR’S RESPONSIBILITIES RELATING TO
FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS

• Inadequate system of authorization and approval of transactions (for example, in

purchasing).
• Inadequate physical safeguards over cash, investments, inventory, or fixed assets.
• Lack of complete and timely reconciliations of assets.
• Lack of timely and appropriate documentation of transactions, for example, credits
for merchandise returns.
• Lack of mandatory vacations for employees performing key control functions.
• Inadequate management understanding of information technology, which enables
information technology employees to perpetrate a misappropriation.
• Inadequate access controls over automated records, including controls over and
review of computer systems event logs.

Attitudes/Rationalizations
• Disregard for the need for monitoring or reducing risks related to misappropriations
of assets.
• Disregard for internal control over misappropriation of assets by overriding
existing controls or by failing to take appropriate remedial action on known
deficiencies in internal control.
• Behavior indicating displeasure or dissatisfaction with the entity or its treatment of
the employee.
• Changes in behavior or lifestyle that may indicate assets have been misappropriated.
• Tolerance of petty theft.

ISA 240 APPENDIX 1 194

 THE AUDITOR’S RESPONSIBILITIES RELATING TO
FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS

Appendix 2
(Ref: Para. A40)

Examples of Possible Audit Procedures to Address the

Assessed Risks of Material Misstatement Due to Fraud
The following are examples of possible audit procedures to address the assessed risks of
material misstatement due to fraud resulting from both fraudulent financial reporting
and misappropriation of assets. Although these procedures cover a broad range of
situations, they are only examples and, accordingly they may not be the most
appropriate nor necessary in each circumstance. Also the order of the procedures
provided is not intended to reflect their relative importance.

Consideration at the Assertion Level

Specific responses to the auditor’s assessment of the risks of material misstatement due
to fraud will vary depending upon the types or combinations of fraud risk factors or
conditions identified, and the classes of transactions, account balances, disclosures and
assertions they may affect.
The following are specific examples of responses:
• Visiting locations or performing certain tests on a surprise or unannounced basis.
For example, observing inventory at locations where auditor attendance has not
been previously announced or counting cash at a particular date on a surprise basis.
• Requesting that inventories be counted at the end of the reporting period or on a date
closer to period end to minimize the risk of manipulation of balances in the period
between the date of completion of the count and the end of the reporting period.

AUDITING
• Altering the audit approach in the current year. For example, contacting major
customers and suppliers orally in addition to sending written confirmation, sending
confirmation requests to a specific party within an organization, or seeking more or
different information.
• Performing a detailed review of the entity’s quarter-end or year-end adjusting
entries and investigating any that appear unusual as to nature or amount.
• For significant and unusual transactions, particularly those occurring at or near
year-end, investigating the possibility of related parties and the sources of financial
resources supporting the transactions.
• Performing substantive analytical procedures using disaggregated data. For
example, comparing sales and cost of sales by location, line of business or month
to expectations developed by the auditor.

195 ISA 240 APPENDIX 2

 THE AUDITOR’S RESPONSIBILITIES RELATING TO
FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS

• Conducting interviews of personnel involved in areas where a risk of material

misstatement due to fraud has been identified, to obtain their insights about the risk
and whether, or how, controls address the risk.
• When other independent auditors are auditing the financial statements of one or
more subsidiaries, divisions or branches, discussing with them the extent of work
necessary to be performed to address the assessed risk of material misstatement due
to fraud resulting from transactions and activities among these components.
• If the work of an expert becomes particularly significant with respect to a financial
statement item for which the assessed risk of misstatement due to fraud is high,
performing additional procedures relating to some or all of the expert’s
assumptions, methods or findings to determine that the findings are not
unreasonable, or engaging another expert for that purpose.
• Performing audit procedures to analyze selected opening balance sheet accounts of
previously audited financial statements to assess how certain issues involving
accounting estimates and judgments, for example, an allowance for sales returns,
were resolved with the benefit of hindsight.
• Performing procedures on account or other reconciliations prepared by the entity,
including considering reconciliations performed at interim periods.
• Performing computer-assisted techniques, such as data mining to test for anomalies
in a population.
• Testing the integrity of computer-produced records and transactions.
• Seeking additional audit evidence from sources outside of the entity being audited.

Specific Responses—Misstatement Resulting from Fraudulent Financial

Reporting
Examples of responses to the auditor’s assessment of the risks of material misstatement
due to fraudulent financial reporting are as follows:

Revenue Recognition
• Performing substantive analytical procedures relating to revenue using
disaggregated data, for example, comparing revenue reported by month and by
product line or business segment during the current reporting period with
comparable prior periods. Computer-assisted audit techniques may be useful in
identifying unusual or unexpected revenue relationships or transactions.
• Confirming with customers certain relevant contract terms and the absence of side
agreements, because the appropriate accounting often is influenced by such terms
or agreements and basis for rebates or the period to which they relate are often
poorly documented. For example, acceptance criteria, delivery and payment terms,
the absence of future or continuing vendor obligations, the right to return the

ISA 240 APPENDIX 2 196

 THE AUDITOR’S RESPONSIBILITIES RELATING TO
FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS

product, guaranteed resale amounts, and cancellation or refund provisions often are
relevant in such circumstances.
• Inquiring of the entity’s sales and marketing personnel or in-house legal counsel
regarding sales or shipments near the end of the period and their knowledge of any
unusual terms or conditions associated with these transactions.
• Being physically present at one or more locations at period end to observe goods
being shipped or being readied for shipment (or returns awaiting processing) and
performing other appropriate sales and inventory cutoff procedures.
• For those situations for which revenue transactions are electronically initiated,
processed, and recorded, testing controls to determine whether they provide
assurance that recorded revenue transactions occurred and are properly recorded.

Inventory Quantities
• Examining the entity’s inventory records to identify locations or items that require
specific attention during or after the physical inventory count.
• Observing inventory counts at certain locations on an unannounced basis or
conducting inventory counts at all locations on the same date.
• Conducting inventory counts at or near the end of the reporting period to minimize
the risk of inappropriate manipulation during the period between the count and the
end of the reporting period.
• Performing additional procedures during the observation of the count, for example,
more rigorously examining the contents of boxed items, the manner in which the
goods are stacked (for example, hollow squares) or labeled, and the quality (that is,
purity, grade, or concentration) of liquid substances such as perfumes or specialty
chemicals. Using the work of an expert may be helpful in this regard.

AUDITING
• Comparing the quantities for the current period with prior periods by class or
category of inventory, location or other criteria, or comparison of quantities
counted with perpetual records.
• Using computer-assisted audit techniques to further test the compilation of the
physical inventory counts – for example, sorting by tag number to test tag controls
or by item serial number to test the possibility of item omission or duplication.

Management Estimates
• Using an expert to develop an independent estimate for comparison to
management’s estimate.
• Extending inquiries to individuals outside of management and the accounting
department to corroborate management’s ability and intent to carry out plans that
are relevant to developing the estimate.

197 ISA 240 APPENDIX 2

 THE AUDITOR’S RESPONSIBILITIES RELATING TO
FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS

Specific Responses—Misstatements Due to Misappropriation of Assets

Differing circumstances would necessarily dictate different responses. Ordinarily, the
audit response to an assessed risk of material misstatement due to fraud relating to
misappropriation of assets will be directed toward certain account balances and classes
of transactions. Although some of the audit responses noted in the two categories above
may apply in such circumstances, the scope of the work is to be linked to the specific
information about the misappropriation risk that has been identified.
Examples of responses to the auditor’s assessment of the risk of material misstatements
due to misappropriation of assets are as follows:
• Counting cash or securities at or near year-end.
• Confirming directly with customers the account activity (including credit memo and
sales return activity as well as dates payments were made) for the period under audit.
• Analyzing recoveries of written-off accounts.
• Analyzing inventory shortages by location or product type.
• Comparing key inventory ratios to industry norm.
• Reviewing supporting documentation for reductions to the perpetual inventory
records.
• Performing a computerized match of the vendor list with a list of employees to
identify matches of addresses or phone numbers.
• Performing a computerized search of payroll records to identify duplicate
addresses, employee identification or taxing authority numbers or bank accounts.
• Reviewing personnel files for those that contain little or no evidence of activity,
for example, lack of performance evaluations.
• Analyzing sales discounts and returns for unusual patterns or trends.
• Confirming specific terms of contracts with third parties.
• Obtaining evidence that contracts are being carried out in accordance with their
terms.
• Reviewing the propriety of large and unusual expenses.
• Reviewing the authorization and carrying value of senior management and
related party loans.
• Reviewing the level and propriety of expense reports submitted by senior
management.

ISA 240 APPENDIX 2 198

 THE AUDITOR’S RESPONSIBILITIES RELATING TO
FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS

Appendix 3
(Ref: Para. A49)

Examples of Circumstances that Indicate the Possibility of Fraud

The following are examples of circumstances that may indicate the possibility that the
financial statements may contain a material misstatement resulting from fraud.
Discrepancies in the accounting records, including:
• Transactions that are not recorded in a complete or timely manner or are improperly
recorded as to amount, accounting period, classification, or entity policy.
• Unsupported or unauthorized balances or transactions.
• Last-minute adjustments that significantly affect financial results.
• Evidence of employees’ access to systems and records inconsistent with that
necessary to perform their authorized duties.
• Tips or complaints to the auditor about alleged fraud.

Conflicting or missing evidence, including:

• Missing documents.
• Documents that appear to have been altered.
• Unavailability of other than photocopied or electronically transmitted documents
when documents in original form are expected to exist.
• Significant unexplained items on reconciliations.

AUDITING
• Unusual balance sheet changes, or changes in trends or important financial
statement ratios or relationships – for example, receivables growing faster than
revenues.
• Inconsistent, vague, or implausible responses from management or employees
arising from inquiries or analytical procedures.
• Unusual discrepancies between the entity's records and confirmation replies.
• Large numbers of credit entries and other adjustments made to accounts receivable
records.
• Unexplained or inadequately explained differences between the accounts
receivable sub-ledger and the control account, or between the customer statements
and the accounts receivable sub-ledger.
• Missing or non-existent cancelled checks in circumstances where cancelled checks
are ordinarily returned to the entity with the bank statement.

199 ISA 240 APPENDIX 3

 THE AUDITOR’S RESPONSIBILITIES RELATING TO
FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS

• Missing inventory or physical assets of significant magnitude.

• Unavailable or missing electronic evidence, inconsistent with the entity’s record
retention practices or policies.
• Fewer responses to confirmations than anticipated or a greater number of responses
than anticipated.
• Inability to produce evidence of key systems development and program change
testing and implementation activities for current-year system changes and
deployments.

Problematic or unusual relationships between the auditor and management,

including:
• Denial of access to records, facilities, certain employees, customers, vendors, or
others from whom audit evidence might be sought.
• Undue time pressures imposed by management to resolve complex or contentious
issues.
• Complaints by management about the conduct of the audit or management
intimidation of engagement team members, particularly in connection with the
auditor’s critical assessment of audit evidence or in the resolution of potential
disagreements with management.
• Unusual delays by the entity in providing requested information.
• Unwillingness to facilitate auditor access to key electronic files for testing through
the use of computer-assisted audit techniques.
• Denial of access to key IT operations staff and facilities, including security,
operations, and systems development personnel.
• An unwillingness to add or revise disclosures in the financial statements to make
them more complete and understandable.
• An unwillingness to address identified deficiencies in internal control on a timely
basis.

Other
• Unwillingness by management to permit the auditor to meet privately with those
charged with governance.
• Accounting policies that appear to be at variance with industry norms.
• Frequent changes in accounting estimates that do not appear to result from changed
circumstances.
• Tolerance of violations of the entity’s code of conduct.

ISA 240 APPENDIX 3 200