Johannesburg, Friday, October 8, 2021 – Acting CEO of the Independent Regulatory Board for Auditors, Imre Nagy, recently addressed the Association for Certified Fraud Examiners’ (ACFE) 14th annual conference on the Fraud Expectation Gap versus the Audit Expectation. It would be unthinkable for external auditors to be involved in committing or concealing fraud with management, considering their high ethical standards, however high profile corporate failures have led to a global crisis of confidence in financial reporting in general. The International Auditing and Assurance Standards Board (IAASB) recently issued a Discussion Paper on Fraud and Going Concern defining the expectation gap as: ‘The Difference Between Public Perceptions About the Role of the Auditor - and the Auditor’s Responsibilities in a Financial Statement Audit.’ Nagy asked delegates: “So, what is this ‘Expectation gap’ and what does it mean? In simple terms it means, the difference between what the public expects from auditors - and what auditors actually provide. “There is no doubt that external auditors play an important role in the financial system by performing external audits. Whether the gap is caused by weaknesses or failure, or concealing fraud or under-reporting on fraud, auditors need to do what is required in the public interest to protect investors. While the current standards do not extend to expect fraud detection by auditors, there is a strong call on auditors to do more. The International Standards on Auditing (ISA) 240 defines fraud as an intentional act, by one or more individuals among management, those charged with governance, employees or third parties, involving the use of deception to obtain an unjust or illegal advantage. Says Nagy: “Several jurisdictions experienced significant corporate/audit failures in the last few years – with sensational coverage in the mainstream media – like Steinhoff – in which there was accounting fraud as found by investigations in the Netherlands; Wirecard which is beset with allegations of fraud and misstatements; Luckin Coffee where there is suspicion of inflated revenue and WellsFargo which has been accused of false accounting; and the list goes on. “Though the size of these corporate scandals may differ, they all follow a familiar pattern whereby investors lost their investments due to elements of fraud. Consequently, investors’ expectations have changed to expect auditors to do more to prevent corporate failures that were caused by undetected fraud and unidentified risks. Investor sentiment is exacerbated by media reports that criticise the auditing profession for failing the public, without considering the financial reporting and governance eco-system, in which there are many players.” His point is that there has been a tendency among investors and the media to blame the auditors first, often overlooking those who committed the fraud in the first place. However, this is changing as public discourse is now turning to those who failed to execute their primary fiduciary duties. The public and investors are now paying more attention to the role of the preparers, the directors, the audit committees and the boards. In order to evolve and meet investor needs and concerns, audit regulators and standard setters are looking at remedies to address these gaps, be it a knowledge gap, performance gap or a gap in which the standards may not adequately cover public interest with regards to fraud risk detection. This is where audit regulators globally are examining ways in which to close these gaps, firstly by educating the public on the role of auditors, but importantly also re-examining auditor training and the more robust implementation of the requirements related auditing standards related to fraud. The IRBA is no exception. During the IAASB comment process on the fraud and going concern consultation paper, it attracted 86 comment letters from around the world, including from the Auditor-General and IRBA. Some of the suggestions put forward to mitigate the risk of unidentified fraud being concealed from the auditors include: that auditors could make use of forensic specialists as part of their audit risk assessment, particularly where they feel there may be concealed fraud, or where a heightened risk of fraud is identified; actively looking for sources of contradictory information that could bring into question certain estimates made by management; utilising fraud expertise to assist in executing certain audit procedures; training of auditors on forensics and how to identify risks of fraud as well as providing additional examples of fraud indicators; that auditors should adopt and exercise a suspicious mindset to enhance fraud identification and ensure the appropriate exercise of professional scepticism at an overall audit level; increasing transparency in the audit report where fraud indicators are identified and the resulting work is documented in the audit opinion; and that where fraud related to third parties has already been detected by management or those charged with governance, or reported on by the media or investigating authorities, auditors should consider this information in terms of the impact that it may have on the financial statements as well as its possible impact on the integrity of management. The International Forum of Independent Audit Regulators (IFIAR), representing independent audit regulators from 54 countries, in its comment letter suggested that the IAASB consider whether the identification of material misstatements in the financial statements due to fraud requires the use of specialists, and to understand the extent to which fraud investigation specialists are currently engaged or included in audit teams, and, if so, what is the nature of the procedures they are performing. Other audit regulators also responded, e.g. the Financial Reporting Council (FRC) noted that in the UK a specific requirement was added that, if the auditor identifies a misstatement due to fraud or suspected fraud, the auditor shall determine whether a forensic expert is needed to investigate further. The Canadian Public Accountability Board (CPAB) stated that given the increasing complexity of entities’ business models and sophistication of fraud schemes, they believe that auditors should be required to involve forensic and IT specialists more frequently during risk assessment and throughout the audit. Concludes Nagy: “The IRBA suggested progressively that the auditor should have enhanced, or more requirements regarding fraud in an audit of financial statements, to meet today’s evolving expectations of the public. “However, overall, we do not believe that these enhancements need to extend beyond the scope and purpose of a financial statement audit. “Mandating forensic specialists may result in this being applied more broadly and more consistently; however, it may not have a material impact, unless this is complemented with requirements around the nature, timing and extent of their involvement.” It is a fact that until corporate fraud is adequately kept in check by those charged with governance and auditors raise the bar by identifying, responding and reporting on fraud risks more robustly, at least allowing business rescue processes, it is unlikely that the world will see the end of unexpected high-profile corporate failures and resultant confidence issues. Ends
Notes to Editors: More about the IRBA: The IRBA is a public protection statutory body established to protect the financial interests of the public by ensuring registered auditors and their firms deliver services of the highest quality. It upholds audit firm independence to ensure that audit quality is such that it enhances the accuracy and credibility of financial performance reporting. In this way, the IRBA has an important role to play in building the reputation of South Africa as an investment market for both local and global investors and driving economic growth for the country. The IRBA also registers suitably qualified accountants as auditors, who must adhere to the highest ethics standards, and promotes the auditing profession through the effective regulation of assurance conducted in accordance with internationally recognised standards and processes.
|