Managing Fraud and Audit Risk


Fraud is the intentional conversion of funds or property that is entrusted into a person. Fraud also involves the mistreatment of books of account of the company to appear as if it is performing well in the market yet it is contrary. Auditors have the responsibility to detect and report any form of fraud in any organization. They follow the procedures stipulated by Auditing and Assurance Standards Board as discussed in this paper. This paper examines the types of fraud cases as depicted in various organizations across the world, detection of fraud cases and avoidance of fraud in organizations.

Types of Fraud


This is when a person takes commodities that belong to the company s/he is working for to benefit him/herself. This type of fraud includes manipulating the process in which funds are transferred. Embezzlement of assets and inventory in an organization is termed as a fraud. There are two types of defalcation. The first one is fraud due to corruption where people use their authority to influence business transaction so that they can get personal benefits. It is an offense to go against the duty in which you have been entitled to. Engagement of a person in conflicts of interest is one of the acts of fraud and indicates fraud due to corruption. There are many causes of corruption in organizations. Some of them include bribery and the use of illegal gratitude to influence a certain action. Conflict of interest in certain positions can increase corruption in the organization. Corrupt individuals in organizations can use the economic extortions for their personal benefits (Chau, 2001).

The second type of defalcation fraud is asset misappropriation that occurs when people use their position in the organization to steal or misuse commodities and assets that belongs to the organization. This type of fraud mostly happens in small businesses where some people in high positions in an organization steal the organization’s assets. It involves a person taking cash or a cheque that belongs to the organization from a customer and transfers it into a personal bank account. The people who do this later write of the accounts receivables. This type of fraud occurs when employees are able to manipulate accounts to cover theft cases. Employees sometimes disburse cash to companies that do not exist for them to gain from the cash (Akresh, 2008).

An example of this type of fraud is the case of Omar Siddiqui who is Pakistan American and was the vice president of operations and merchandising in Fry Electronics. This is an electronic retailing company based in California. The company had 120 department personnel. Siddiqui had a gambling habit struggling to live a high-class life and during this time he was the vice president, the company reported a mis appropriation of 10.1 million dollars. Suddiqui was also sued by casinos for debts that also involved in defalcations.

Financial Reporting Fraud

According to Ramos (2003), financial fraud involves misstatement of the firm’s accounts to show that the firm is doing well in the economy so that a person may individually benefit. This kind of fraud is always accompanied by manipulation and alteration of financial records. Some people may also omit some important information required for preparation of the complete financial statement so that they can have the opportunity to divert some cash. Errors are omission of amounts or misstatements of some amounts in books of accounts unintentionally.

Illegal act is the disobedience of law and conventions by an organization, its employees or the management, which affects the organization’s financial statement. Illegal acts are divided into direct-effect illegal acts and indirect-effect criminal acts. Direct-effects illegal acts are the effects that are directly on the organization’s financial statements while the indirect ones are not related to the financial statement. Environmental protection, employment opportunities and occupational health are some examples of illegal acts that affect financial accounts indirectly (Ramos, 2003).

Auditor’s Responsibilities in Fraud Detection

Rittenberg et al. (2009) stated that the major responsibilities of auditors in an organization are to detect fraud that may be affecting that organization. They have a responsibility of gathering information that can help them detect fraud. After they identify the risk, they need to evaluate the control programs in order to assess the risk then react to the risk identified. In the 1920s, the work of auditors in any company was just to reveal the occurrence of fraud. By then, companies were not as large as they are today and cases of fraud were as pronounced as they are today. Auditors today are faced with bigger responsibilities in organizations in which they work. It is auditor’s accountability to evaluate the effectiveness of risk management to prevent fraud cases (Chau, 2001).

Communication of the findings with employees dealing with detection of fraud is encouraged to bring out the effects that minor irregularities that could possibly be ignored can cause the organization. Auditors are responsible for identifying opportunities that fraudsters have in an organization and whether opportunities are justified. They are required to examine why such opportunities are ignored. Some of the errors that may be detected in the books of account can be rectified. Auditors need to identify whether the management of the organization has the rationale to identify and rectify the misstatement or not. However, the main responsibility of auditors is the detection of irregularities in the organization. Although some studies have reviewed that this responsibility should be left to financial managers, it has always remained to be the responsibilities of auditors (Rittenberg et al., 2009).

According to SAS no. 99, auditors have to approach the work of auditing with doubting attitude in that they can be able to ask the questions well. The overreliance should be avoided by auditors to perform their duties effectively. The SAS standards suggest on how auditors can be skeptical in the planning and evaluation of the evidence on fraud. Auditors have the responsibilities of discussing cases of misstatements in the books of accounts and the financial statements in their process of information gathering.

Conditions that can Lead to Fraud

Fraud risk assessment and procedures can be integrated in books of accounts. Those auditors integrate the information about fraud into fraud risk model. The following steps are followed in the process of detecting any fraud that may exist in the organization.

Motivations to Commit Fraud

The first task that auditors have in the process of detecting fraud in the organization is to identify the motivators that make employees or the managers to be fraudsters in their organization. The motivators are identified through the fraud triangle. Incentives to commit fraud are the first component in the fraud triangle. The second component is the opportunity that fraudsters have to commit any fraud. Attitude to commit fraud is the last component in the triangle. The triangle depends on the character of fraud or the organization where it happens. Ability and the confidence to commit fraud may also assist auditors in the process of identifying fraud in the organization (Rittenberg et al., 2009).

The Pressure to commit fraud

Auditors have the responsibility of identifying the pressures that enable people to commit fraud. The pressure may arise from the manner in which the organization is managed. Compensation schemes and personal needs for assets have been identified to increase the probability in which frauds take place in organizations. An individual wealth that is determined by the existence of the organization is one the factor that can make a person commit fraud for them to protect their wealth. Their other financial pressures include the need for improved balance sheets that contribute to high levels of frauds in organizations. Management greed and compensation schemes that also involve the manipulation of the financial statements to improve the stock price of the organization. Debt covenants in the organization agreement with their lenders which limits the organization on the dividend payments may result in fraud (Ramos, 2003).

Opportunities to Commit Fraud

Abou-Seada and Abdel-Kader (2003) argue that People in organizations have opportunities to commit fraud but not all of them do that. It is the auditor’s accountability to reveal opportunities those employees and the managers have in the organization to commit fraud. Lack of control in the organization’s policies is what enables fraudsters to commit those crimes. The restrictions put in organizations on its transaction can prevent people from committing fraud. They can also present skillful people in those organizations with good opportunities for fraud. Roles and duties separation prevent the occurrences of fraud. If duties and responsibilities of either the managers or employees are not well defined, a person may decide to divert some cash into their accounts and manipulate the books of account of the organization. Other opportunities in which people can commit fraud include transactions between related parties in organizations (Chau, 2001).

People’s positions and the powers they have to command the supplies and customers can drive a person to carry out transactions or share deals that are fraudulent to the organization. Auditors should be in a position to establish opportunities that can avoid fraud. Auditors must focus on the effectiveness of the board of directors or the managers in controlling or monitoring the operations of the organization. If the transactions are not well monitored, it means that either the managers in charge of the transaction have an intention to commit fraud or the individuals involved in the transaction will have a chance to do so. Unplanned organization structures and weak internal control systems present people with opportunities for fraud. All these opportunities may be detected by the internal and external audits of the organization. Fraudsters may complicate simple transactions failing to keep good records about the organization (Abou-Seada & Abdel-Kader, 2003).


Chau (2001) suggested that rationalization depends on the character of fraud. In defalcation, rationalization is about the mistreatment by the organization and the ego a person may get for being associated with the organization. Rationalization in the financial fraud is all about protecting the organization to benefit oneself. Rationalization was motivated by accounting professionals in early 2000 when they felt that they held the power to correct possible mistakes in financial statements. People who were interested in committing fraud had the opportunity to do so since these professionals allowed the management fire auditors without considering their performance in the organization. Their rate of compensation affected auditors’ quality of work because the accountants considered profitability without measuring the quality of work (Chau, 2001).


Capability is the confidence and support that a person has and is able to commit fraud. The ego and a person’s position enhance the capability that the person possesses to alter and transfer funds or own assets that belongs to the organization. People in different level of the organization such as CEOs and Managers have the capability to manipulate monetary statements of organizations they work for. It is a duty of auditors to reflect on the fraud capability factor as they analyze fraud risks in organizations (Chau, 2001).

Auditor’s Accountability to detect and Report the Illegal Acts

Detection of Risks

There are some characteristics of illegal acts that make challenges the ability of auditors to detect fraud in organizations. One of the characteristics is that it is hard for an auditor to determine whether an act is legal or illegal. They leave this responsibility for legal bodies to determine the category of the act. Another characteristic that challenges auditors is determining whether the actions affect financial statements directly or indirectly. A violation of some acts like the tax law affects financial statements directly but violation of laws regarding the environment affects the financial statements negatively. Responsibility of illegal acts affecting the financial statements directly is the same as that of fraud. Auditors therefore should use professional skills in detecting illegal acts which affect financial statement of the organization (Chau, 2001).

Auditors are always advised to follow auditing procedures in detecting the illegal acts such as fraud and ascertain whether it has occurred. Auditors have very little responsibility regarding the illegal acts that have an indirect impact on the books of accounts. Because of hidden characteristics of illegal acts affecting financial statements indirectly, auditors have no assurance that such acts will be detected. They use risk indicators to detect an occurrence of illegal acts. This indicator is like an authorized transaction such as organization’s failing to file a tax return and investigations by illegal act. Auditors need to be skeptical in the process of detecting illegal acts in the organization (Ramos, 2003).

Reporting Risk

After detection of illegal activity, auditors are responsible to report those acts to the relevant bodies. When auditors find that financial statements are mistreated and that they are not prepared according to GAAP, they should request the management of the organization they are working for to revise their financial statements. Auditors are responsible to give support the management as they revise their financial statements. Failure of the management to revise the financial statements, auditors can give the report on the GAAP requirements. It is also the dependability of auditors to communicate the discovery of any fraud detected in the financial statements. Evidence of even a minor fraud should be reported to the management at a higher level than where fraud occurred (Rittenberg et al., 2009).

If senior management is involved in committing fraud, auditors are responsible to report directly to the board of directors. Other than on request by the court, auditors are not allowed to report fraud outside the firm. In case where auditors are unable to get enough evidence of the occurrence of illegal acts, they are entitled to communicate the restrictions to management or board of the organization. Auditors can withdraw from being engaged with the firm if management committees go against the report of fraud. If the board of directors has been informed about fraud in their organization and failed to take the required action of rectifying that illegal activity or fraud, then the organization is entitled to a departure from standard audit. It requires them to resign from the management team. Then those auditors shall report the decision to all directors in the entire organization. After the entire board has received the auditor’s report, a public company is required to report to SEC within a day (Rittenberg et al., 2009).

Audit Risk Model

It is used to indicate the willingness of auditors to accept that there is some misstatement in financial statements after they are through with the auditing process and some errors or risks have been identified. It assists auditors to detect risks and decide on the procedures to be followed with respect to a particular firm. Risk model is represented by the figure below.

Audit Risk Model

AR, which means Audit Risk are risks that auditors may fail to modify without knowing in misstated financial statements. Audit risk is the product of inherent risk, detection risk and control risk.

AR=IR*CR*DR where IR is inherent risk, CR is control risk and DR is detection risk.

Inherent Risk

Inherent risk is bigger in some accounts than in others. Complex transactions and account balances are more vulnerable to errors than the simplest transactions. Assets like cash can be easily stolen than other assets such as buildings and other fixed assets. Estimated account balances are also subjected to risks of misstatement than those balances that are based on historical data (Akresh, 2008).

Control Risk

This risk involves the recognition of misstatement of material facts in the reports of firms regarding the profitability and performance of the firm in relation to fraud cases. Efficiency and effectiveness of internal structures of control determine the occurrence of control risk. Existence of limitations in internal control of an organization is what leads to failed recognition of errors in financial statements. This result to occurrence of control risks in the organization (Akresh, 2008).

Detection Risk

This risk involves the doubts that committed fraud cases in the form of data manipulation and errors may not be detected by the auditors of an organization in the course of the auditing exercise. This risk leads to auditors concluding that there are no errors or risks in organizations financial statement while in actual sense there are errors. It is determined by the effectiveness of auditors by using auditing procedures to detect errors or misstatements in the financial statements of the firms (Abou-Seada & Abdel-Kader, 2003).

It is because if auditors apply the procedures wrongly, or select procedures which can not apply in certain organizations, this may lead to failure of detection of errors and risks. The failure of auditors to interpret results from the process may result to detection risk. Control and Inherent risks determine detection risk level. Auditing procedures must be reliable for less detection risks which auditor can accept (Akresh, 2008).

Materiality and Audit Risk Model

According to Rittenberg et al. (2009), materiality is qualitative and quantitative misstatement or omission that would influence or change the users’ decision. Materiality must be considered in the planning and evaluation of auditing results of auditing. Auditors examine materiality in the phase of planning to determine the procedures that will be used in the detection of errors. In this phase of planning quantitative, materiality is established. It is also called the planning materiality that changes with audit circumstances. There are some factors that must be considered in establishing materiality, they included the users of financial statements, trends of financial statements and size of the elements in the books of account (Abou-Seada & Abdel-Kader, 2003).

The Relationship between Audit Risk and Materiality

In the planning phase of auditing, auditors establish the misstatements in financial statements that would be caused by materiality. Auditors are able to decide on whether to use analytic and sampling procedures if they successfully assess materiality on account balances and transactions. This can also enable auditors to bring down the audit risks. Auditors have reviewed the relationship between level of audit risk and level of materiality (Chau, 2001).

The two components are inversely related in that, the lesser the audit risk the greater the materiality level. In their process of planning, auditors may set lower materiality levels to reduce the probability of misstatements in the books of accounts. It guarantees the safety of auditors with the in evaluation of the effects that the misstatements that is discovered have on the firm (Rittenberg et al., 2009).

Types of Auditing Procedures for Gathering Evidence

There are three different levels of reliable evidence followed by auditors. Level one contains physical examination, confirmation, external documentation, re-performance and recalculation. Level two includes internal documentation that is good internal control, observation, analytical procedures using adequate data. The third and the last level have internal documentation that is poor internal control, broad analytical procedures and inquiries of clients (Akresh, 2008).

Audit Procedures

Physical examination: This involves examination of tangible assets and determining the existence but not a valuation or ownership, direct knowledge is used and guarantees high competency.

Confirmation: It is a reliable external evidence for auditors. It has multiple objectives that include valuation and existence.

Documentation:  This step involves evaluations of documents like purchase orders, electronic files, canceled checks and invoices which assist in determining the viability of the transactions in organizations and whether the transactions are supported. This evidence is not expensive to obtain and it is very common in auditing. External documents are more reliable than internal documents in giving the evidence to auditors. When internal documents are prepared by good internal control, they can be of benefit and when the external evidence is received from the external sources rather than extracted for a client (Rittenberg et al., 2009).

Observations: This involves observing the activities or clients. It also involves observing the clients as they perform their assigned duties of evaluating and studying internal control.

Client Inquiries: This is the best source of evidence since auditors are able to get first hand information from the clients. Inquires for the clients must be in line with other procedures used by auditors to maintain client representation.

Recalculation: It involves repeating calculations done with the computers to confirm the correctness of the mathematics done since the computers are not always right. Other auditors can also wrong in the process of calculating or reporting on the financial statements. It involves recalculating the depreciation, cash receipts journal.

Re-performance: Auditors repeated the procedures of auditing to verify that the reporting is done in the financial statement are the right ones. Is also involves comparing the information on financial statements to the source like the price lists.

Analytical Procedures: This also involves comparison of information’s to determine whether they report the same thing in the financial statements. Analytical procedures are done in completion and planning phases. Which is essential for doing the final evaluation of any errors that are likely to happen?

Audit Plan

Audit plan is a schedule followed to conduct internal and external audit. Whereas, it is the duty of internal auditors to conduct the internal auditing of the accounting principles that an organization undertakes, public auditors are responsible for conducting an external audit of the reports of the firm to ascertain strict following of the principles. In the course of conducting both internal and external auditing, it is necessary that the management of the firm is aware of the procedure to be followed by the auditors in order to avoid inconveniences of the running of the firm. External auditors follow strictly the audit plan in the process of auditing and in detection of any frauds in the firm. Audit plan has phases that are followed to determine the risks or frauds in the organization. The phases include, planning, fieldwork, follow-up meetings and remedial audits (Abou-Seada & Abdel-Kader, 2003).

Planning Phase

In this phase, auditors meet with organizations’ management to discuss on the accounting process that is to be evaluated by the external auditors. These external auditors’ requests the organization managed to arrange a sample of information of accounting that they will review to detect fraud or risks. The information provided by the management prevents the audit team to waste time in gathering information on fieldwork (Rittenberg et al., 2009).

Field Work

Akresh (2008) mentioned that fieldwork includes walking around the organization and observing the accounting functions of the firm. Auditors being involved in the process also gather information from the employees of the firm regarding the processes of accounting used by the organization in the preparation of its reports. The interviewed employees hold positions in the accounting department. Field work also involves comparing the audit samples from the organization with the required accounting principles and guidelines. Fieldwork must be conducted for the audit plan to be complete. Auditors must complete every step of the audit plan since all the phases are important and they have different functions under each. After auditors gather the required information in the fieldwork, a report must be prepared for the next phase that is the follow up management meeting (Abou-Seada & Abdel-Kader, 2003).

Follow up Management Meeting

In this phase, auditors discuss any weaknesses or risks that the organization is subjected to. All the risks or weaknesses are detected on books of account of the organization. Management has the right to question the findings from auditors before the final report is prepared. The organization is subject to remedial audit incase it fails in the first audit (Akresh, 2008).

Remedial Audits

They are derived audits conducted on the fiscal statements of the organization. It occurs when the organization fails in the first auditing. When a remedial audit is to be conducted, the audit team is required to go back to the company to do some research that involves reviewing the financial statements. Auditors must determine the accounts that failed the organization in the initial stage. They then set collective measures, which eliminate the accounting error that had failed the organization in the first phase. Then auditors prepare a new report on the organization’s financial statement (Akresh, 2008).

Importance of Audit Planning

Risks of occurrence frauds in organizations can be reduced by the audit planning since the internal and external auditors must plan for auditing to reduce this risk. It ensures that crucial areas of organizations are reviewed to ensure that risks are collected at the right time before they affect the organization. Auditing practices need to be planned for so that they can meet the required accounting standards. Planning phase of auditing requires that individuals with required skills and those who are independent are hired to ensure that they provide auditing services according to the requirements of international standards of auditing (Abou-Seada & Abdel-Kader, 2003). Organizations and especially financial institutions in Germany are required to have control instrument and IT systems reliable to prevent, detect and report possible mismanagement of financial services.

In my opinion, all organizations and not the financial institution only should implement measures of detecting fraud since fraud opportunities and chances are found in every organization. Fraud detection should be part of government process. This is because the organizations like Kentucky Fried Chicken that used fraud detection mechanism have proved the process to be effective since it reduces cases of theft and misappropriation of finances. The USA government advocates for internal committees in every organization so that it can be listed on the (NYSE) New Yolk Stock Exchange. In Australia, their stock exchange company has amended their rules and regulations to promote good corporate governance that will also enhance the role of internal and external auditing.


Fraud has been a problem in many organizations where people are selfish and want to benefit from the assets of an organization. Auditors are needed to detect and report fraud and any risks faced by organizations. Auditors have acknowledged that they have to retain their credibility and status in their process of detecting and reporting fraud. Auditors follow the auditing plan as required to by international auditing standards. Fraud cases are classified into financial reporting frauds and defalcations. Dollar loss in the financial fraud is as big as compared to defalcation (Akresh, 2008).

As argued by Akresh (2008), motivation to commit fraud is summarized by the fraud triangle, which has pressure to commit fraud, opportunity and rationalization as the components in the triangle. The management of the organization may pressure people to commit fraud. Lack of control in the organization’s policies is what enables fraudsters to commit those crimes. Opportunities may arise in organizations when employees in the organization have not been assigned duties and responsibilities. Duty segregation will protect people to interfere with the financial statements thereby reducing the occurrence or risks. It could also prevent the individuals to convert the organization’s cash and other assets in their possession (Chau, 2001).

Capability is the confidence and support that people have that can enable them to commit fraud. The position that a person holds in the organization such as the CEO is able to manipulate the financial statements of the organization. Auditors have the responsibility to detect frauds or risks faced by organizations. After the detection of fraud and risks, they are responsible to discuss their report with the management of the organization in order to avoid committing of the crimes and loss of company assets. An audit risk model is used to show the willingness of auditors to accept that there are some misstatements in the financial statements of organizations. It is represented by inherent risk, control risk and detection risk. Materiality is qualitative and quantitative misstatement or omission that could influence or change the users’ decision. It is inversely related to audit risk. The higher the materiality rate the lower the audit risk. All auditors apply audit procedures as they detect or report to the managements of various organizations as required by auditing standards.


Abou-Seada, M. & Abdel-Kader, M. (2003). Behavioral aspects of auditor’s evidence evaluation: a belief revision perspective. New York, NY: Ashgate Publishing, Ltd.

Akresh, A. (2008). Using the audit risk model to opine on internal control. New York, NY: U.S. Government Accountability Office.

Chau,G. (2001). Auditor’s Responsibilities and Procedures for Detecting Fraud. Web.

Ramos, M. (2003). Auditor’s responsibility for fraud detection. Journal of Accountancy, 1(6), 28-35.

Rittenberg, E. et al. (2009). Auditing: A Business Risk Approach. London: Cengage Learning.

Removal Request
This essay on Managing Fraud and Audit Risk was written by a student just like you. You can use it for research or as a reference for your own work. Keep in mind, though, that a proper citation is necessary.
Request for Removal

You can submit a removal request if you own the copyright to this content and don't want it to be available on our website anymore.

Send a Removal Request