Tài liệu The auditors’ role in detecting and preventing fraud

THE AUDITORS’ ROLE IN DETECTING AND PREVENTING FRAUD DO THU TRANG BACHELOR OF BUSINESS (MARKETING) HONS HELP UNIVERSITY COLLEGE OCTOBER 2011 1 THE AUDITORS’ ROLE IN DETECTING AND PREVENTING FRAUD BY DO THU TRANG Graduation Project Submitted to the Department of Business Studies, HELP University College, in Partial Fulfilment of the Requirements for the Degree of Bachelor of Business (Marketing) Hons OCTOBER 2011 2 Declaration of Originality and Word Count DECLARATION I declare that this graduation project is based on my original work except for quotations and citation which have been duly acknowledged. I also declare that it has not been previously or concurrently submitted for any other courses/degrees at HELP University College or other institutions. Word Count: 10,491 words Do Thu Trang Date: October 17, 2011 3 Acknowledgements This study wouldn’t have been performed without the help of helpful people. Sincere thanks to my supervisor, Mr. Nguyen Hong Quan for his support, guidance and vision for all my study. Sincere thanks to Ms. Minh – a senior manager of Ernst and Young Company for helping me conduct survey quickly and effectively. 4 Abstract THE AUDITOR’S ROLE IN DECTIONING AND PREVENTIONING FRAUD By DO THU TRANG October 2011 Supervisor: Mr. Nguyen Hong Quan Do you think that the task of the auditor is responsible to detect fraud in the corporation they inspect? Large amount of people think they are. Task of auditors is to prevent, detect and report fraud, dishonest acts and other errors. It is one of the most controversial issues in the audit. My study reports the result of a analysis to find out the level of awareness of fraud and perceptions of auditors' responsibility of the users of financial statements in detect fraud and other auditing procedures concerned. Research also shows that people have misconception about the objective of the audit. Because of the number of respondents, higher expectation was placed on the duties of auditors in detect and report fraud than the requirements of regulations or standards of auditing. The results of this research show that cannot doubt the existence, with respect to detecting fraud, of a gap between the perception of the respondents and the present standard requirements for auditors. 5 TABLE OF CONTENTS Page Declaration of Originality and Word count………………………………….....……….3 Abstract………………………………………………………………………....……….4 Acknowledgements…………………………………………………………….....……..5 Table of Contents…………………………………………………....…………...……...6 CHAPTER 1: INTRODUCTION 1.1. Research Background………………………………………………………....…...10 1.2. Problem Statement………………………………………………………....………10 1.3. Objectives and Sphere of Research…………………………………………...……12 1.3.1. Objectives of Research…………………………………….……..……..12 1.3.2. Sphere of Research……………………………………….......................12 1.4. Research Methods………………………………………………………..….……..12 1.5. Structure of Research……………………………………………………………....13 CHAPTER 2: LITERATURE REVIEW 2.1. Definition of fraud………………………………………………………………..15 2.1.1. Distinguish between fraud and errors……………………………………..18 2.1.2. How fraud occurred………………………………………………………..19 2.2. Auditor’s responsibilities in fraud detection and prevention……………………...20 6 2.2.1. Detecting fraud: What are the roles of external and internal auditors?.......22 2.2.1.1. External auditors’ role…………………………………………………22 2.2.1.2. Internal auditor’s role…………………………………………….…..24 2.2.2. Role of auditor in preventing fraud………………………………………….29 2.3. The company applies internal control to detecting and preventing fraudulent activities…………………………………………………………………………………32 2.3.1. How internal auditors used internal control?.............................................34 2.3.2. How external audit use internal control?...................................................36 2.4. Reasons why auditors fail to detect fraud……………………………………..……36 2.5. Empirical studies on fraud detection…………………………………………….…37 Chapter 3: Research methodology 3.1. Research Objectives…………………………………………………………….....39 3.2. Research Method…………………………………………………………………...39 3.3. Sample Selection…………………………………………………………………...40 3.4. Hypothesis Statement………………………………………………………………41 7 Chapter 4: Result analysis 4.1. Collection of Questionnaires…………………………………………….……..43 4.2. Description of Result………………………………………………….………..43 4.2.1. Demographic data…………………………………………………….…….43 4.2.2. Finding and discussions…………………………………………………….44 4.2.2.1. Analysis of responds related to existence of fraud……………….44 4.2.2.2. Analysis of responses related to auditors’ responsibility in detecting………………………………..46 4.2.2.3. Analysis of responses related to the audit procedures applied to detecting fraud………………………………………...49 4.3. Result Analysis…………………………………………………………………52 Chapter 5: Conclusion and Recommendation 5.1. Conclusion………………………………………………………………………56 5.2. Recommendation……………………………………………………………….56 5.3. Limitation of my study…………………………………………………………57 5.4. Suggestion for future research…………………………………………………..57 Reference………………………………………………………………………………..59 APPENDIX………………………………………………………………….61 8 CHAPTER 1: INTRODUCTION 1.1. Research Background 1.2. Problem Statement 1.3. Objectives and Sphere of Research 1.3.1. Objectives of Research 1.3.2. Sphere of Research 1.4. Research Methods 1.5. Structure of Research 9 CHAPTER 1 1. INTRODUCTION 1.1. Research Background This study investigates the role of auditors in the detecting, preventing and reporting of fraud. I collected data from 100 respondents in Vietnam. But only 70 respondents were received. From this research, many people thinks that fraudulent activities is very affect to entity and auditors play an important role in detection and prevention fraud. In this study, I will further analysis about auditors’ duties in fraud: prevention and detection of fraud. 1.2. Problem Statement All organizations can be a risk of fraud. As we know, large frauds will lead to the collapse of the entire organizations, causing major losses to investors, an important legal cost, affecting directly to key individuals, and loss of confidence in capital markets. Publicized fraudulent behavior by key executives has negatively impacted the reputations, brands, and images of many organizations in the worldwide. The definition of “fraud prevention” and “fraud detection” are related to each other; however it is not the same concepts. Preventing fraud includes policy, procedure, training and communication to prevent fraud happening, while the findings focusing on the activity and technique in order to quickly recognize fraudulent whether fraud has happened or is happening. 10 Despite the fact that preventing fraud techniques do not assure that fraud will not be committed, they are the first line of defense in reducing the risk of fraud. A key to preventing fraud is to promote awareness of the board as well as awareness of the entire organization on program of fraud risk management, including the type of frauds can occur. Whereas, one of the most powerful to prevent fraud is recognize the detection control its effective. Combined with the control and prevention, detective controls improve efficient of a fraud risk management program by demonstrating that prevention and controls are working as intended and by determining if fraud happens. Although detective controls may provide evidence that fraud has occurred or is occurring, they do not intended to prevent fraud. Every organization has to face the problem of fraud, however not all fraud occurs can be prevented. Besides, organizations have not cost-effective to try. A business may determine it is more cost-effective to design its controls to detect, rather than prevent, certain fraud schemes. It is important that organizations must consider both preventing fraud and detecting fraud. When fraud appears in a business, people always ask question: "How it happen?" This question raises the question of whose responsibility to prevent and detect fraud. Therefore, many people who read financial statements believe that auditors are ultimately responsible for the financial statements. Some people also think that the auditors have responsibility to detecting all errors, fraud, and unlawful acts. The role of the auditors is to express an opinion on the financial statements. It is important to remember that while auditors do have important responsibilities, management (director 11 of the company) is primarily responsible for the fairness of the company’s financial statements. 1.3. Objectives and Sphere of Research 1.3.1. Objectives of research  To sum up the definitions fraud, how fraud occurs.  Distinguish between Fraud and Error  Determine the role of external and internal auditors in detection and prevention fraud  How the auditors can prevent and detecting fraud  How auditor used internal control to detecting and preventing fraudulent activities. 1.3.2.  Sphere of research Place of conducting research: Ernst and Young Company and State Audit Office of Vietnam.  Object of research: accountants, auditors and manager  Time period of conducting research: From 12th September 2011 to 30th September 2011. 1.4. Research Methods Real investigation is the method that I applied in this project I conducted a survey among auditors who are working at the two entities. I use information and knowledge of the previous studies to provide questions and measurement. Therefore, I used the previous studies to create the questionnaire. The 12 questionnaires are given to each individual auditor and they can provide their answer and fill in the blank in my survey. The measurement is done in accordance with past studies. In my proposal, I used the quantitative method. Moreover, the sample of responders equals 100 (n = 100). By surveying the auditors in two entities, researchers are able to analyze the collected data to show the role of auditors in detection and prevention fraud 1.5. Structure of Research This proposal is divided into five chapters as follows: Chapter 1: Introduction Chapter 2: Literature Review Chapter 3: Research Methodology Chapter 4: Result Analysis Chapter 5: Conclusion and Recommendation 13 CHAPTER 2 LISTERATURE REVIEW 2.1. Definition of fraud 2.1.1. Distinguish between fraud and errors 2.1.2. How fraud occurred 2.2. Auditor’s responsibilities in fraud detection and prevention 2.2.1. Detecting fraud: What are the roles of external and internal auditors? 2.2.1.1. External auditors’ role 2.2.1.2. Internal auditor’s role 2.2.2. Role of auditor in preventing fraud 2.3. The company applies internal control to detecting and preventing fraudulent activities. 2.3.1. How internal auditors used internal control? 2.3.2. How external audit use internal control? 2.4. Reasons why auditors fail to detect fraud 2.5. Empirical studies on fraud detection 14 CHAPTER 2 2. LITERATURE REVIEW 2.1. Definition of Fraud Associated with the process to search for fraud, we have a clearly defined of fraud to be put on assessment of fraud risk. During the process, a thorough understanding of the theory of fraud is very important to the success of an auditor in the prevention and detection of fraudulent activities. Auditors are required to know that fraud is the deliberate concealment and intention of a person to conceal the nature of truth. The scammer has different levels of sophistication, opportunity, motivation and skills to commit fraud. Besides, assessment of fraud risk begins with a meaning of fraud and other types of organizations when they are confronted with fraud. Assessment may be based on a legal definition, a definition of accounting, the definition author specifically designed for the fraud risk assessments. The meaning of fraud according to legal definition:  It is a misrepresentation even though they know the truth or they conceal a material fact that the stimulus for another damage action.  That is a misrepresentation made recklessly without belief in its truth to make a different action of person. 15  It’s an error of personal which is generated from a misrepresentation; they conceal material, or the lack of careful concealment to stimulate action for the other damage.  Unconscionable dealing specially in contract law. The unfair use of power arising out the parties’ relative positions and resulting in an unconscionable bargain. The legal meaning want the auditor have to understanding the lawful meaning of the terms in the definition. The meaning of “misrepresentation” includes concealment, undisclosed or false representation. Besides, misrepresentations have to relate to a material face, not just stop at a simple opinion. On the other hand, an opinions conducted by an individual purportedly with supervisor knowledge can become a misrepresentation. Concealment, referred to as suppression of facts, is also an important aspect of the misrepresentation. In fact, the use of the legal definition of fraud is not practical for most of the audit organizations simply because the definition was written for the prosecution of civil and criminal. The meaning of fraud according to the definition of accounting: With the use of specific legal definition, auditor often look to professional standards, professional auditing organization. The American Institute of Certified public Accountants (AICPA) provides guidance in the Statement of Auditing Standards (SAS No. 99) as the responsibility of auditors in detecting fraud will have a material impact on the financial statements. The Standards concentrated on financial statement and programs to appropriate property. Special thing is that the standard does not provide a 16 definition of fraud. Instead the auditors are guided by the standard definition of errors in financial statements. An example of a professional standard applicable to fraud is the Institute of Internal Auditors Standard 1210.A2. The Institute provides guidance on Auditor’s responsibilities related to Fraud Risk Assessment, Prevention and detection. It also states that internal auditors have sufficient knowledge and standard to identify the indicators of fraud, but they do not have the expertise of a person whose primary responsibility is detecting and investigating fraud. This standard includes a section called “What is Fraud?” This section states: Fraud contains a series of irregularities and illegal acts characterized by intentional deception or misrepresentation, which an individual knows to be false or does not believe that is true. Fraud is caused by a person when they know that it will probably lead to some unauthorized of their benefit, to the organization, or others, and may be caused by people outside and inside the organization. As we know, the term “fraud” is a large legal concept, according to the goal of the ISAs; the auditor is concerned with fraud that causes a material misstatement in the financial statements. In additional, Auditing Standard (ASA 240) continues by saying that there are two types of intentional misstatements relating to the auditor. Firstly, there are misstatements that result from fraudulent financial reporting and secondly, there are misstatements resulting from embezzlement of property. Most studies to this date have tested the relationship between corporate governance structures and fraudulent of financial statements. 17 Besides, based on ASA 240(Para. 9), fraud in an Audit of a Financial Report” has increased the role of external auditors in this area (Auditing and Assurance Standards Board [AUASB] 2006). It describes fraud as a deliberate act by one or more individuals among management, those charged with governance, employees, or third parties, relating to the use of deception to obtain an unfair or illegal advantage.” The auditors relating to fraudulent activities that cause a material error in the financial statements. Misstatement of the financial statements cannot be the purpose of a several frauds. Auditors do not make legal decisions of that fraud actually occurred. Fraud related to one or more members of management or those respond with governance is called “management fraud"; fraud related to the single employees of the entity know as "employee fraud". In both cases, there may be colluded with third parties outside the company. According to the Author’s definition of fraud: Fraud related to violation of the organization or by the organization or for the organization. These acts are committed by an internal or external source and are deliberate and concealed. The behavior usually indicates an illegal or wrongdoing, such as the cases of: financial misstatement, policy violations, ethical lapses, or a perception problem. The acts cause a loss of company funds, corporate values, or company’s reputation, or any illegal benefit whether received directly or by others. 2.1.1. Distinguish between fraud and errors The main factor to distinguishing between fraud and error is whether the basic actions that result in a misstatement of the financial statements are intentional or unintentional. 18 The term “fraud” is a broad legal concept, but the auditors relating to fraud that causes a misstatement in the financial statements. Hence, ISA 240 (Redrafted – paragraph 11) identifies fraud as: 'An intentional act by one or more individuals in management which charged with governance, employees, or third parties. It includes the use of deception to obtain an unfair or illegal advantage. According to ISA 240 (Redrafted), there are two types of fraud relating to the auditors, frauds was misstatements arising from fraud in financial reporting, and misstatements arising from the appropriate property. Differences from the fraud, “error” refers to an unintentional misstatement in financial statements that including the omission of an amount or disclosure. ISA 240 (Redrafted), paragraph 2 said: The different between fraud and error is whether the basic actions that result in the misstatement of the financial statements are intentional or unintentional. Main focus of my proposal is fraud, for the reason that the responsibilities of fraud are more controversial than the error. Fraud may be related to the sophisticated and carefully organized, designed to conceal fraudulent activities, for example forgery, intentionally not record transactions, or the deliberate misrepresentations of the audit members. Conversely, to more understand about error, it is necessary consider the effectiveness of internal control. 2.1.2. How Frauds occurred There are many reasons show the how frauds occurred. Such as:  Lack of internal controls 19  Management do not take care about internal controls  Employees are in collusion with third parties  Employees are in collusion with management  Manager are lack of control over management  Poor or non-existent corporate ethics policy 2.2. Auditor’s responsibilities in fraud detection and prevention ISA 240 (Redrafted) show the main responsibility of auditors to preventing and detecting fraud: “The primary responsibility to preventing and detecting fraud rests with both those charged with governance of the entity and management”. ISA 240 (Redrafted) also state that: the auditors conducted the audit in accordance with ISAs is responsible for obtaining reasonable assurance that the financial statements as a whole are free from material misstatement, whether caused by fraud or error.’ Consequently, both the entity and the auditors is responsible for fraud and error. It can be said that the primary responsibility for fraud and error is due to the management and those responsible for management, while the auditors has a secondary responsibility. However, to clarify and demonstrate the relevance of these responsibilities, I will be discussed and concentrated on the secondary responsibility in my proposal The objective of an audit of financial statements is to empower the auditors to express their opinion whether the financial statements are prepared. An audit conducted in accordance with Statement of Auditing Standards (SASs) is designed to provide reasonable assurance that the financial statements taken as a whole are free from material misstatement, whether caused by fraud or error. The fact that auditors can act as 20