Table of Content
1. MEANING OF FRAUD
The Standard on Auditing (SA) 240 “The Auditor’s Responsibilities Relating to Fraud in an Audit of Financial Statements” defines the term ‘fraud’ as - “an intentional act by one or more individuals among management, those charged with governance, employees, or third parties, involving the use of deception to obtain an unjust or illegal advantage”.
Although fraud is a broad legal concept, for the purposes of the SAs, the auditor is concerned with fraud that causes a material misstatement in the financial statements.
Two types of intentional misstatements are relevant to the auditor–
- misstatements resulting from fraudulent financial reporting and
- misstatements resulting from misappropriation of assets.
Although the auditor may suspect or, in rare cases, identify the occurrence of fraud, the auditor does not make legal determinations of whether fraud has actually occurred.
2. CHARACTERISTICS OF FRAUD
Fraud is Intentional
Misstatements in the financial statements can arise from either fraud or error. The distinguishing factor between fraud and error is whether the underlying action that results in the misstatement of the financial statements is intentional or unintentional.
Fraud is a broad legal concept
The auditor is concerned with fraud that causes a material misstatement in the financial statements.
Fraud, whether fraudulent financial reporting or misappropriation of assets, involves incentive or pressure to commit fraud, a perceived opportunity to do so and some rationalization of the act. For example:
- Incentive or pressure to commit fraudulent financial reporting may exist when management is under pressure, from sources outside or inside the entity, to achieve an expected (and perhaps unrealistic) earnings target or financial outcome.
- A perceived opportunity to commit fraud may exist when an individual believes internal control can be overridden, for example, because the individual is in a position of trust or has knowledge of specific deficiencies in internal control.
- Individuals may be able to rationalize committing a fraudulent act. Some individuals possess an attitude, character or set of ethical values that allow them knowingly and intentionally to commit a dishonest act. However, even otherwise, honest individuals can commit fraud in an environment that imposes sufficient pressure on them.
Fraudulent financial reporting involves intentional misstatements including omissions of amounts or disclosures in financial statements to deceive financial statement users.
Fraudulent financial reporting may be accomplished by the following:
Manipulation, falsification (including forgery), or alteration of accounting records or supporting documentation from which the financial statements are prepared.
Manipulation of Accounts: Detection of manipulation of accounts with a view to presenting a false state of affairs is a task requiring great tact and intelligence because generally management personnel in higher management cadre are associated with this type of fraud and this is perpetrated in methodical way. This type of fraud is generally committed:
- to avoid incidence of income-tax or other taxes;
- for declaring a dividend when there are insufficient profits;
- to withhold declaration of dividend even when there is adequate proitt (this is often done to manipulate the value of shares in stock market to make it possible for selected persons to acquire shares at a lower cost); and
- for receiving higher remuneration where managerial remuneration is payable by reference to profits.
There are numerous ways of committing this type of fraud. Some of the methods are given below:
- intflating or suppressing purchases and expenses;
- inflating or suppressing sales and other items of income,
- inflating or deflating the value of closing inventory;
- failing to adjust outstanding liabilities or prepaid expenses; and
- charging items of capital expenditure to revenue or by capitalising revenue expenses.
Misrepresentation in or intentional omission from, the financial statements of events, transactions or other significant information.
Intentional misapplication of accounting principles relating to amounts, classiffication, manner of presentation, or disclosure.
Fraudulent financial reporting often involves management override of controls that otherwise may appear to be operating effectively. Fraud can be committed by management overriding controls using such techniques as:
- Recording fictitious journal entries, particularly close to the end of an accounting period, to manipulate operating results or achieve other objectives.
- Inappropriately adjusting assumptions and changing judgments used to estimate account balances.
- Omitting, advancing or delaying recognition in the financial statements of events and transactions that have occurred during the reporting period.
- Concealing, or not disclosing, facts that could affect the amounts recorded in the financial statements.
- Engaging in complex transactions that are structured to misrepresent the financial position or financial performance of the entity.
- Altering records and terms related to significant and unusual transactions.
Why do Management/ Employees commit fraud? What induces Management/ Employees to commit fraud? Following are certain instances which will help to understand these questions:
- Financial obligations/ Pressure.
- Management’s unrealistic goals.
- Dissatisfied Employees or Lack of motivation among employees.
- Name game (eg. management using power of authority by asking employees to do something illegal).
- Opportunity to commit fraud.
Misappropriation of Assets:
It involves the theft of an entity’s assets and is often perpetrated by employees in relatively small and immaterial amounts. However, it can also involve management who are usually more able to disguise or conceal misappropriations in ways that are difficult to detect. Misappropriation of assets can be accomplished in a variety of ways including:
- Embezzling receipts (for example, misappropriating collections on accounts receivable or diverting receipts in respect of written-off accounts to personal bank accounts).
- Stealing physical assets or intellectual property (for example, stealing inventory for personal use or for sale, stealing scrap for resale, colluding with a competitor by disclosing technological data in return for payment).
- Causing an entity to pay for goods and services not received (for example, payments to fictitious vendors, kickbacks paid by vendors to the entity’s purchasing agents in return for inflating prices, payments to fictitious employees).
- Using an entity’s assets for personal use (for example, using the entity’s assets as collateral for a personal loan or a loan to a related party).
Example
Vineet is a manager in Zed Ex Ltd. He is having authority to sign cheques up to Rs. 10,000. While performing the audit, Rajan, the auditor, noticed that there were many cheques of Rs. 9,999 which had been signed by Vineet. Further Vineet had split large payments (amounting to more than Rs. 10,000 each, into two or more cheques less than Rs. 10,000 each so that he may authorize the payments). This raised suspicion in the auditor’s mind.
The auditor found that the cheques of Rs. 9,999 were deposited in Vineet’s personal account i.e. Vineet had misappropriated the amount.
Splitting the cheques into lower amounts involves manipulation of accounts. The fraud was committed by an employee.
Misappropriation of assets is often accompanied by false or misleading records or documents in order to conceal the fact that the assets are missing or have been pledged without proper authorization.
Misappropriation of Goods
Fraud in the form of misappropriation of goods is still more difficult to detect; for this, management has to rely on various measures. Apart from the various requirements of record keeping about the physical quantities and their periodic checks, there must be rules and procedures for allowing persons inside the area where goods are kept. In addition there should be external security arrangements to see that no goods are taken out without proper authority. Goods can be anything in the premises; it may be machinery. It may even be the daily necessities of the office like stationery. The goods may be removed by subordinate employees or even by persons quite higher up in the management. Auditors can detect this by undertaking a thorough and strenuous checking of records followed by physical verification process. Also, by resorting to intelligent ratio analysis, auditors may be able to form an idea whether such fraud exists.
Therefore, it is clear from the above that the ‘fraud’ deals with intentional misrepresentation but, ‘error’, on the other hand, refers to unintentional mistakes in financial information.
Intentional errors are most diffcult to detect and auditors generally devote greater attention to this type because out of long and sometimes unfortunate experience, auditors have developed a point of view that, if they direct their procedures of discovering the more difficult intentional errors, they are reasonably certain to locate the more simple and far more common unintentional errors on the way.
Defalcation of Cash
Defalcation of cash has been found to perpetrate generally in the following ways:
(a) By inflating cash payments:
Examples of inflation of payments:
- Making payments against fictitious vouchers.
- Making payments against vouchers, the amounts whereof have been inflated.
- Manipulating totals of wage rolls either by including therein names of dummy workers or by inflating them in any other manner.
- Casting a larger totals for petty cash expenditure and adjusting the excess in the totals of the detailed columns so that cross totals show agreement.
(b) By suppressing cash receipts:
Few techniques of how receipts are suppressed are:
- Teeming and Lading: Amount received from a customer being misappropriated; also to prevent its detection the money received from another customer subsequently being credited to the account of the customer who has paid earlier. Similarly, moneys received from the customer who has paid thereafter being credited to the account of the second customer and such a practice is continued so that no one account is outstanding for payment for any length of time, which may lead the management to either send out a statement of account to him or communicate with him.
- Adjusting unauthorised or fictitious rebates, allowances, discounts, etc. to customer’ accounts and misappropriating amount paid by them.
- Writing off as debts in respect of such balances against which cash has already been received but has been misappropriated.
- Not accounting for cash sales fully.
- Not accounting for miscellaneous receipts, e.g., sale of scrap, quarters allotted to the employees, etc.
- Writing down asset values in entirety, selling them subsequently and misappropriating the proceeds.
(c) By casting wrong totals in the cashbook.
3. DETECTION OF FRAUD AND ERROR–DUTY OF AN AUDITOR
As per SA 240 “The Auditor’s Responsibilities Relating to Fraud in an Audit of Financial Statements”, the primary responsibility for the prevention and detection of fraud rests with both those charged with governance of the entity and management. It is important that management, with the oversight of those charged with governance, place a strong emphasis on fraud prevention, which may reduce opportunities for fraud to take place, and fraud deterrence, which could persuade individuals not to commit fraud because of the likelihood of detection and punishment. This involves a commitment to creating a culture of honesty and ethical behavior which can be reinforced by an active oversight by those charged with governance.
Broadly, the general principles laid down in the SA may be noted as under:
- An auditor conducting an audit in accordance with SAs is responsible for obtaining reasonable assurance that the financial statements taken as a whole are free from material misstatement, whether caused by fraud or error. As described in SA200, “Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance with Standards on Auditing,” owing to the inherent limitations of an audit, there is an unavoidable risk that some material misstatements of the financial statements will not be detected, even though the audit is properly planned and performed in accordance with the SAs.
- The risk of not detecting a material misstatement resulting from fraud is higher than the risk of not detecting one resulting from error. This is because, fraud may involve sophisticated and carefully organized schemes designed to conceal it, such as forgery, deliberate failure to record transactions, or intentional misrepresentations being made to the auditor. Such attempts at concealment may be even more diffcult to detect when accompanied by collusion. Collusion may cause the auditor to believe that audit evidence is persuasive when it is, in fact, false. The auditor’s ability to detect a fraud depends on factors such as the skillfulness of the perpetrator, the frequency and extent of manipulation, the degree of collusion involved, the relative size of individual amounts manipulated, and the seniority of those individuals involved. While the auditor may be able to identify potential opportunities for fraud to be perpetrated, it is difficult for the auditor to determine whether misstatements in judgment areas such as accounting estimates are caused by fraud or error.
- Furthermore, the risk of the auditor not detecting a material misstatement resulting from management fraud is greater than for employee fraud, because management is frequently in a position to directly or indirectly manipulate accounting records, present fraudulent financial information or override control procedures designed to prevent similar frauds by other employees.
- When obtaining reasonable assurance, the auditor is responsible for maintaining an attitude of professional skepticism throughout the audit, considering the potential for management override of controls and recognizing the fact that audit procedures that are effective for detecting error may not be effective in detecting fraud. The requirements in this SA are designed to assist the auditor in identifying and assessing the risks of material misstatement due to fraud and in designing procedures to detect such misstatement.
4. FRAUD RISK FACTORS AND POSSIBILITY OF FRAUD
SA 240, further, explains by way of examples, certain risk factors and circumstances relating to possibility of fraud as may be considered by the auditor which are dealt in the following paragraphs.
Fraud Risk Factors
Fraud Risk Factors may be defined as events or conditions that indicate an incentive or pressure to commit fraud or provide an opportunity to commit fraud.
Examples of Fraud Risk Factors: The fraud risk factors identified here are examples of such factors that may be faced by auditors in a broad range of situations. Separately presented are examples relating to the two types of fraud relevant to the auditor’s consideration, i.e.,
- fraudulent financial reporting, and
- misappropriation of assets.
For each of these types of fraud, the risk factors are further classiffied based on the three conditions generally present when material misstatements due to fraud occur:
- incentives/pressures,
- opportunities, and
- attitudes/rationalizations.
Although the risk factors cover a broad range of situations, they are only examples and, accordingly, the auditor may identify additional or different risk factors. Not all of these examples are relevant in all circumstances, and some may be of greater or lesser significance in entities of different size or with different ownership characteristics or circumstances. Also, the order of the examples of risk factors provided is not intended to reflect their relative importance or frequency of occurrence.
(A) Risk Factors Relating to Misstatements Arising from Fraudulent Financial Reporting: The following are examples of risk factors relating to misstatements arising from fraudulent financial reporting-
Incentives/Pressures: Financial stability or profitability is threatened by economic, industry, or entity operating conditions, such as (or as indicated by):
- High degree of competition or market saturation, accompanied by declining margins.
- High vulnerability to rapid changes, such as changes in technology, product obsolescence, or interest rates.
- Significant declines in customer demand and increasing business failures in either the industry or overall economy.
- Operating losses making the threat of bankruptcy, foreclosure, or hostile takeover imminent.
- Recurring negative cash flows from operations or an inability to generate cash flows from operations while reporting earnings and earnings growth.
- New accounting, statutory, or regulatory requirements.
Opportunities: The nature of the industry or the entity’s operations provides opportunities to engage in fraudulent financial reporting that can arise from the following:
- Significant related-party transactions not in the ordinary course of business or with related entities not audited or audited by another firm.
- A strong financial presence or ability to dominate a certain industry sector that allows the entity to dictate terms or conditions to suppliers or customers that may result in inappropriate or non-arm’s-length transactions.
- Assets, liabilities, revenues, or expenses based on significant estimates that involve subjective judgments or uncertainties that are difficult to corroborate.
- Significant, unusual, or highly complex transactions, especially those close to period end that pose difficult “substance over form” questions.
- Significant bank accounts or subsidiary or branch operations in tax-haven jurisdictions for which there appears to be no clear business justification.
Attitudes/Rationalizations: Communication, implementation, support, or enforcement of the entity’s values or ethical standards by management, or the communication of inappropriate values or ethical standards, that are not effective.
1. Known history of violations of securities laws or other laws and regulations.
2. Excessive interest by management in maintaining or increasing the entity’s inventory price or earnings trend.
3. Management failing to remedy known significant deficiencies in internal control on a timely basis.
4. An interest by management in employing inappropriate means to minimize reported earnings for tax-motivated reasons.
5. The owner-manager makes no distinction between personal and business transactions.
6. The relationship between management and the current or predecessor auditor is strained, as exhibited by the following:
- Frequent disputes with the current or predecessor auditor on accounting, auditing, or reporting matters.
- Unreasonable demands on the auditor, such as unrealistic time constraints regarding the completion of the audit or the issuance of the auditor’s report.
- Restrictions on the auditor that inappropriately limit access to people or information or the ability to communicate effectively with those charged with governance.
- Domineering management behavior in dealing with the auditor, especially involving attempts to influence the scope of the auditor’s work or the selection or continuance of personnel assigned to or consulted on the audit engagement.
(B) Risk Factors Arising from Misstatements Arising from Misappropriation of Assets: Risk factors that relate to misstatements arising from misappropriation of assets are also classiffied according to the three conditions generally present when fraud exists: incentives/ pressures, opportunities, and attitudes/ rationalization. Some of the risk factors related to misstatements arising from fraudulent financial reporting also may be present when misstatements arising from misappropriation of assets occur.
The following are examples of risk factors related to misstatements arising from misappropriation of assets-
Incentives/Pressures: Personal financial obligations may create pressure on management or employees with access to cash or other assets susceptible to theft to misappropriate those assets.
Adverse relationships between the entity and employees with access to cash or other assets susceptible to theft may motivate those employees to misappropriate those assets. For example, adverse relationships may be created by the following:
- Known or anticipated future employee layoffs.
- Recent or anticipated changes to employee compensation or benefit plans.
- Promotions, compensation, or other rewards inconsistent with expectations.
Opportunities: Certain characteristics or circumstances may increase the susceptibility of assets to misappropriation. For example, opportunities to misappropriate assets increase when there are the following:
- Large amounts of cash on hand or processed.
- Inventory items that are small in size, of high value, or in high demand.
- Easily convertible assets, such as bearer bonds, diamonds, or computer chips.
- Fixed assets which are small in size, marketable, or lacking observable identification of ownership.
Inadequate internal control over assets may increase the susceptibility of misappropriation of those assets. For example, misappropriation of assets may occur because there is the following:
- Inadequate segregation of duties or independent checks.
- Inadequate oversight of senior management expenditures, such as travel and other reimbursements.
- Inadequate record keeping with respect to assets.
- Inadequate system of authorization and approval of transactions (for example, in purchasing).
- Inadequate physical safeguards over cash, investments, inventory, or fixed assets.
- Lack of complete and timely reconciliations of assets.
- Lack of timely and appropriate documentation of transactions, for example, credits for merchandise returns.
- Lack of mandatory vacations for employees performing key control functions.
- Inadequate management understanding of information technology, which enables information technology employees to perpetrate a misappropriation.
- Inadequate access controls over automated records, including controls over and review of computer systems event logs.
Attitudes/Rationalizations: Disregard for the need for monitoring or reducing risks related to misappropriations of assets.
- Disregard for internal control over misappropriation of assets by overriding existing controls or by failing to take appropriate remedial action on known deficiencies in internal control.
- Behavior indicating displeasure or dissatisfaction with the entity or its treatment of the employee.
- Changes in behavior or lifestyle that may indicate assets have been misappropriated
- Tolerance of petty theft.
Circumstances Relating to Possibility of Fraud
Examples of circumstances that indicate the possibility of fraud: The following are examples of circumstances that may indicate the possibility that the financial statements may contain a material misstatement resulting from fraud-
(A) Discrepancies in the accounting records, including:
- Transactions that are not recorded in a complete or timely manner or are improperly recorded as to amount, accounting period, classification, or entity policy.
- Unsupported or unauthorized balances or transactions.
- Last-minute adjustments that significantly affect financial results.
- Evidence of employees’ access to systems and records inconsistent with that necessary to perform their authorized duties.
- Tips or complaints to the auditor about alleged fraud.
(B) Conflicting or missing evidence, including:
- Missing documents.
- Documents that appear to have been altered.
- Significant unexplained items on reconciliations.
- Unusual discrepancies between the entity’s records and confirmation replies.
- Large numbers of credit entries and other adjustments made to accounts receivable records.
- Missing or non-existent cancelled cheques in circumstances where cancelled cheques are ordinarily returned to the entity with the bank statement.
- Missing inventory or physical assets of significant magnitude.
- Unavailable or missing electronic evidence, inconsistent with the entity’s record retention practices or policies.
Example
Raj is the auditor of XYZ Ltd. Raj is analysing the financial statements of the company by studying significant ratios. Some of the ratios that he studied were the gross profit ratio and net profit ratio. The gross profit ratio for the current year 2019-20 is 19% and for the previous year 2018-19 was 25%. Similarly, net profit ratio for the current year 2019-20 is 7%, where as in previous year 2018- 19 it was 11%.
There is a large variation in the gross proit ratio and net profit ratio over the two years. Hence, the auditor has reason to believe that there may be something unusual. He will consider the results of such analytical procedures while drawing up his audit plan and allot more time to studying purchases.
Example
Analytical procedures exhibiting unusual ratios and trend e.g. unusually large trans- actions reported in the last month of the reporting period.
(C) Problematic or unusual relationships between the auditor and management, including:
- Denial of access to records, facilities, certain employees, customers, vendors, or others from whom audit evidence might be sought.
- Undue time pressures imposed by management to resolve complex or contentious issues.
- Unusual delays by the entity in providing requested information.
- Unwillingness to facilitate auditor access to key electronic files for testing through the use of computer-assisted audit techniques.
- Denial of access to key IT operations staff and facilities, including security, operations, and systems development personnel.
- An unwillingness to add or revise disclosures in the financial statements to make them more complete and understandable.
- An un willingness to address identified deficiencies in internal control on a timely basis.
(D) Other
- Unwillingness by management to permit the auditor to meet privately with those charged with governance.
- Accounting policies that appear to be at variance with industry norms.
- Frequent changes in accounting estimates that do not appear to result from changed circumstances.
- Tolerance of violations of the entity’s Code of Conduct.
5. FRAUD REPORTING
Reporting to the Central Government: As per sub-section (12) of section 143 of the Companies Act, 2013, if an auditor of a company in the course of the performance of his duties as auditor, has reason to believe that an offence of fraud involving such amount or amounts as may be prescribed, is being or has been committed in the company by its officers or employees, the auditor shall report the matter to the Central Government within such time and in such manner as may be prescribed.
In this regard, Rule 13 of the Companies (Audit and Auditors) Rules, 2014 has been prescribed. Sub-rule (1) of the said rule states that if an auditor of a company, in the course of the performance of his duties as statutory auditor, has reason to believe that an offence of fraud, which involves or is expected to involve individually an amount of Rs. 1 crore or above, is being or has been committed against the company by its officers or employees, the auditor shall report the matter to the Central Government.
The manner of reporting the matter to the Central Government is as follows:
- the auditor shall report the matter to the Board or the Audit Committee, as the case may be, immediately but not later than 2 days of his knowledge of the fraud, seeking their reply or observations within 45 days;
- on receipt of such reply or observations, the auditor shall forward his report and the reply or observations of the Board or the Audit Committee along with his comments (on such reply or observations of the Board or the Audit Committee) to the Central Government within 15 days from the date of receipt of such reply or observations;
- in case the auditor fails to get any reply or observations from the Board or the Audit Committee within the stipulated period of 45 days, he shall forward his report to the Central Government along with a note containing the details of his report that was earlier forwarded to the Board or the Audit Committee for which he has not received any reply or observations;
- the report shall be sent to the Secretary, Ministry of Corporate Affairs in a sealed cover by Registered Post with Acknowledgement Due or by Speed Post followed by an e-mail in confirmation of the same;
- the report shall be on the letter-head of the auditor containing postal address, e-mail address and contact telephone number or mobile number and be signed by the auditor with his seal and shall indicate his Membership Number; and
- the report shall be in the form of a statement as specified in Form ADT-4.
II. Reporting to the Audit Committee or Board: Sub-section (12) of section 143 of the Companies Act, 2013 further prescribes that in case of a fraud involving lesser than the specified amount [i.e. less than Rs. 1 crore], the auditor shall report the matter to the audit committee constituted under section 177 or to the Board in other cases within such time and in such manner as may be prescribed.
In this regard, sub-rule (3) of Rule 13 of the Companies (Audit and Auditors) Rules, 2014 states that in case of a fraud involving lesser than the amount specified in sub- rule (1) [i.e. less than Rs. 1 crore], the auditor shall report the matter to Audit Committee constituted under section 177 or to the Board immediately but not later than 2 days of his knowledge of the fraud and he shall report the matter specifying the following:
- Nature of Fraud with description;
- Approximate amount involved; and
- Parties involved.
III Disclosure in the Board’s Report: Sub-section (12) of section 143 of the Companies Act, 2013 furthermore prescribes that the companies, whose auditors have reported frauds under this sub-section (12) to the audit committee or the Board, but not reported to the Central Government, shall disclose the details about such frauds in the Board’s report in such manner as may be prescribed.
In this regard, sub-rule (4) of Rule 13 of the Companies (Audit and Auditors) Rules, 2014 states that the auditor is also required to disclose in the Board’s Report the following details of each of the fraud reported to the Audit Committee or the Board under sub- rule (3) during the year:
- Nature of Fraud with description;
- Approximate Amount involved;
- Parties involved, if remedial action not taken; and
- Remedial actions taken.
Sub-section (13) of section 143 of the Companies Act, 2013 safeguards the act of fraud reporting by the auditor if it is done in good faith. It states that no duty to which an auditor of a company may be subject to shall be regarded as having been contravened by reason of his reporting the matter above if it is done in good faith.
It is very important to note that these provisions shall also apply, mutatis mutandis, to a cost auditor and a secretarial auditor during the performance of his duties under section 148 and section 204 respectively. If any auditor, cost accountant or company secretary in practice do not comply with the provisions of sub-section (12) of section 143, he shall be punishable with fine which shall not be less than one lakh rupees but which may extend to twenty-five lakh rupees.
Reporting on Frauds already detected and reported: The auditor should apply professional skepticism to evaluate/verify that the fraud was indeed identified/detected in all aspects by the management or through the company’s vigil/whistle blower mechanism so that distinction can be clearly made with respect to frauds identified/detected due to matters raised by the auditor vis-à-vis those identified/detected by the company through its internal control mechanism.
Since reporting on fraud under section 143(12) is required even by the cost auditor and the secretarial auditor of the company, it is possible that a suspected offence involving fraud may have been reported by them even before the auditor became aware of the fraud. Here too, if a suspected offence of fraud has already been reported under section 143(12) by such other person, and the auditor becomes aware of such suspected offence involving fraud, he need not report the same since he has not per se identified the suspected offence of fraud.
However, in case of a fraud which involves or is expected to involve individually, an amount of Rs. 1 crore or more, the auditor should review the steps taken by the management/those charged with governance with respect to the reported instance of suspected offence of fraud stated above, and if he is not satisfied with such steps,
he should state the reasons for his dissatisfaction in writing and request the management/ those charged with governance to perform additional procedures to enable the auditor to satisfy himself that the matter has been appropriately addressed. If the management/those charged with governance fail to undertake appropriate additional procedures within 45 days of his request, the auditor would need to evaluate if he should report the matter to the Central Government in accordance with Rule 13 of the Companies (Audit and Auditors) Rules, 2014.
Reporting under Companies (Auditor’s Report) Order, 2020 [CARO, 2020]: The auditor is also required to report under clause (xi) of paragraph 3 of Companies (Auditor’s Report) Order,2020, whether any fraud by the company or any fraud on the Company has been noticed or reported during the year. If yes, the nature and the amount involved is to be indicated.
The auditor is also require to report whether any report under sub-section (12) of section 143 of the Companies Act has been filed by the auditors in Form ADT-4 as prescribed under rule 13 of Companies (Audit and Auditors) Rules, 2014 with the Central Government; and whether the auditor has considered whistle-blower complaints, if any, received during the year by the company
The scope of auditor’s inquiry under this clause is restricted to following:
- frauds ‘noticed or reported’ during the year;
- reporting on filing of any report in Form ADT–4 during the year; and
- whistle-blower complaints, if any, received during the year
It may be noted that this clause of the Order, by requiring the auditor to report whether any fraud by the company or on the company has been noticed or reported, does not relieve the auditor from his responsibility to consider fraud and error in an audit of financial statements. In other words, irrespective of the auditor’s comments under this clause, the auditor is also required to comply with the requirements of SA 240, “The Auditor’s Responsibility Relating to Fraud in an Audit of Financial Statements”.
Audit Procedures and Reporting under CARO:
(1) While planning the audit, the auditor should discuss with other members of the audit team, the susceptibility of the company to material misstatements in the financial statements resulting from fraud. While planning, the auditor should also make inquiries of management to determine whether management is aware of any known fraud or suspected fraud that the company is investigating.
(2) The auditor should examine the reports of the internal auditor with a view to ascertain whether any fraud has been reported or noticed by the management. The auditor should examine the minutes of the audit committee, if available, to ascertain whether any instance of fraud pertaining to the company has been reported and actions taken thereon.
The auditor should enquire from the management about any frauds on the company that it has noticed or that have been reported to it. The auditor should also discuss the matter with other employees including officers of the company. The auditor should also examine the minute book of the board meeting of the company in this regard.
The auditor should also enquire from the management about any whistle- blower complaints received during the year by the company or that have been reported to it during the year. The auditor should also discuss the matter with other employees including officers of the company. The auditor should also examine the minute book of the board meeting of the company in this regard.
(3) The auditor should obtain written representations from management that:
- it acknowledges its responsibility for the implementation and operation of accounting and internal control systems that are designed to prevent and detect fraud and error;
- it believes the effects of those uncorrected misstatements in financial statements, aggregated by the auditor during the audit are immaterial, both individually and in the aggregate, to the financial statements taken as a whole. A summary of such items should be included in or attached to the written representation;
- it has
(a) disclosed to the auditor all significant facts relating to any frauds or suspected frauds known to management that may have affected the entity; and
(b) it has disclosed to the auditor the results of its assessment of the risk that the financial statements may be materially misstated as a result of fraud.
(4) Because management is responsible for adjusting the financial statements to correct material misstatements, it is important that the auditor obtains written representation from management that any uncorrected misstatements resulting from fraud are, in management’s opinion, immaterial, both individually and in the aggregate. Such representations are not a substitute for obtaining sufficient appropriate audit evidence. In some circumstances, management may not believe that certain of the uncorrected financial statement misstatements aggregated by the auditor during the audit are misstatements. For that reason, management may want to add to their written representation words such as, “We do not agree that items constitute misstatements because [description of reasons].”
The auditor should consider if any fraud has been reported by them during the year under section 143(12) of the Act and if so whether that same would be reported under this Clause. It may be mentioned here that section 143(12) of the Act requires the auditor to have reasons to believe that a fraud is being committed or has been committed by an employee or officer. In such a case the, auditor needs to report to the Central Government or the Audit Committee. However, this Clause will include only the reported frauds and not suspected fraud.
(5) Where the auditor notices that any fraud by the company or on the company by its officers or employees has been noticed by or reported during the year, the auditor should, apart from reporting the existence of fraud, also required to report, the nature of fraud and amount involved. For reporting under this clause, the auditor may consider the following:
- This clause requires all frauds noticed or reported during the year shall be reported indicating the nature and amount involved. As specified the fraud by the company or on the company by its officers or employees are only covered.
- Of the frauds covered under section 143(12) of the Act, only noticed frauds shall be included here and not the suspected frauds.
- While reporting under this clause with regard to the nature and the amount involved of the frauds noticed or reported, the auditor may also consider the principles of materiality outlined in Standards on Auditing.
6. AUDITOR UNABLE TO CONTINUE THE ENGAGEMENT
If, as a result of a misstatement resulting from fraud or suspected fraud, the auditor encounters exceptional circumstances that bring into question the auditor’s ability to continue performing the audit, the auditor shall:
(a) Determine the professional and legal responsibilities applicable in the circumstances, including whether there is a requirement for the auditor to report to the person or persons who made the audit appointment or, in some cases, to regulatory authorities;
(b) Consider whether it is appropriate to withdraw from the engagement, where withdrawal is possible under applicable law or regulation; and
(c) If the auditor withdraws:
- Discuss with the appropriate level of management and those charged with governance the auditor’s withdrawal from the engagement and the reasons for the withdrawal; and
- Determine whether there is a professional or legal requirement to report to the person or persons who made the audit appointment or, in some cases, to regulatory authorities, the auditor’s withdrawal from the engagement and the reasons for the withdrawal.