• 15 Marks

AA – L2 – Q17 – Fraud and Error

Respond to directors about undetected petty cash theft and audit report reissuance. Explain why auditors consider compliance with laws and regulations and actions for material non-compliance.

The directors of your client, Solace Medical Research Labs, have telephoned to tell you that one of their junior employees has been caught stealing petty cash and has admitted to several previous thefts. The total amount of lost cash has been estimated by the directors to be $300. The thefts took place in the year in respect of which you have just completed the audit. The materiality level on the audit was set at $100,000.

The directors are demanding to know why this was not picked up during the audit work, and when the auditor’s report will be reissued as the auditor’s report and financial statements have now been signed.

Required:

(a) Set out the points you would include in a response to the directors of Solace Medical Research Labs.

(b) Explain why the auditor, when planning and performing his audit, should consider whether his client has complied with law and regulations. Set out the actions which may be appropriate if the auditor identifies material instances of noncompliance (NOCLAR).

 

(a)  The following points should be made in response to the directors:
Why the fraud was not picked up/auditors’ responsibilities:
The objective of a statutory audit is to express an opinion on the truth and fairness of the view shown by the financial statements.
It is not the auditors’ function to prevent fraud and error.
However, the auditors’ work should be designed to pick up material misstatements.
Material misstatements are those that if not picked up would have a significant impact on the financial statements such that their subsequent disclosure would affect the opinion of a reader of the financial statements.
As part of our audit procedures we set a materiality level. In the case of Solace Medical Research Labs this was set at $100,000.
Hence the theft of $300, although of obvious concern to the directors, would not be considered material to the overall view shown by the financial statements.
As this fraud was not material, although it may have been picked up, our tests were not designed to ensure that it would be discovered.
To ensure that material misstatements or fraud are identified, we must have an adequate understanding of your business, and its operating methods, and the legal and regulatory framework applicable to the industry in which you operate.
In order to have a reasonable expectation of detecting fraud or error, we ensure that when undertaking an audit we:

  • use personnel with appropriate knowledge and experience for the size and complexity of the company
  • assess the risk of fraud and error given the control environment
  • understand the business, particularly the substance of the company’s transactions
  • ensure that where reliance is placed on the control system, that the system is evaluated and any deficiencies investigated
  • discuss any events involving dishonest or fraudulent conduct and any breakdown or deficiencies in the system of internal control with management and obtain written representations where appropriate
  • remain alert to possible instances of fraud and error during the course of our work indicated by unusual transactions
  • where possible, obtain evidence from external sources.
    Unless there is evidence to the contrary, we are entitled to accept representations as truthful and records and documents as genuine. However, we do plan and perform the audit with an attitude of professional scepticism, such that we remain aware of the possibility of the existence of fraud or error.
    Adjustment required
    Our work programme was designed to ensure that material fraud and errors were identified.
    In this case, the amount is immaterial and hence outside the scope of our responsibilities.
    There is therefore no need to adjust the financial statements that have just been finalised or reissue the auditor’s report.

(b)  Consideration of laws and regulations
Non-compliance with appropriate laws and regulations (NOCLAR) may have a material impact on the amounts and/or disclosures under audit. For example, breaches of legislation could:
lead to fines, which need to be accrued for (or disclosed) in the financial statements, or
in extreme circumstances, could lead to the company being closed down, which could mean that additional disclosures are required in the financial statements.
ISA 250 (Revised) Consideration of Laws and Regulations in an Audit of Financial Statements requires the auditor to obtain a general understanding of the applicable legal and regulatory framework, and how the entity is complying with that framework. This is part of the general requirement (of ISA 315) that the auditor must understand the environment – here the legal environment – within which the entity operates. This might include such matters as employee rights legislation, health and safety law, consumer protection legislation or the current tough laws now in place in many countries relating to money laundering activities. The auditor will need to do this at the planning stage of the audit.
When performing his audit, ISA 250 requires the auditor to obtain sufficient appropriate evidence that amounts and/or disclosures in the financial statements have not been misstated as a result of non-compliance with laws and regulations. The amount of work needed to reach a conclusion on this will depend on the auditor’s assessment of risk in relation to this area as considered at the planning stage of the audit. However, as a minimum, ISA 250 requires the auditor to: make inquiries of management; inspect any correspondence with the relevant authorities; and obtaining written representations from management that any known noncompliance has been disclosed to the auditors.
If the auditor identifies instances of non-compliance (NOCLAR) the following procedures are required by ISA 250:
obtain an understanding of the matter;
advise management to take appropriate and timely actions (if not already done so). i.e. to
rectify, remediate or mitigate the consequences of non-compliance; deter the commission of the non-compliance where it has not yet occurred; disclose the matter to an appropriate authority; and determine whether further action is needed by considering the appropriateness of management’s response. This includes determining whether:

  • the response is timely;
  • the NOCLAR has been adequately investigated;
  • action has been, or is being, taken to rectify, remediate or mitigate the consequences of NOCLAR;
  • action has been, or is being, taken to deter the commission of any NOCLAR not yet occurred;
  • appropriate steps have been, or are being, taken to reduce the risk or re-occurrence (e.g. with additional controls or training);
  • the NOCLAR has been adequately disclosed to an appropriate authority.

 

Back to all study questions

Pick a Form

Professional Tutor Application Form
Academic Tutor Application Form
Student Tutor Application Form