The Latest Change Of International Fraud Auditing Standards And Its Enlightenment

In February 2004, the international auditing and Accreditation Standards Committee (IAASB) under the International Federation of Accountants (IFAC), on the basis of many suggestions from the theoretical and practical circles, promulgated the "International Auditing Standards No. 240 - auditors' responsibility for fraud in financial statements auditing" (hereinafter referred to as the new ISA240), replacing the 2002 international audit standards 240- auditor's responsibility for errors and fraud in the financial statements audit (hereinafter referred to as the old ISA240).

From the name of the guideline, we can see that the new ISA240 does not involve "auditor's responsibility to consider errors in the audit of financial statements", and lays down the basic principles, basic procedures and guidelines for the "auditor's responsibility for fraud in financial statements auditing".

In the context of the endless financial reporting fraud cases in the world, the introduction of IAASB new ISA240 is the need of the situation. Its purpose is to improve the ability of CPA to discover and expose fraudulent financial reports when auditing financial reports.

The new ISA240 briefly introduces the new ISA240, which distinguishes fraud and mistake first, and describes two types of fraud related to auditors - misstatement arising from illegal misappropriation of assets and misstatement arising from fraudulent financial reporting. It describes the respective responsibilities of the directors and bureaus of the audited units in preventing and detecting fraud, describes the inherent limitations of fraud auditing, and expounds the auditor's responsibility to discover the material misstatement resulting from fraud.

The new ISA240 emphasized the professional doubt and asked the auditor to have a career skepticism to find out the possibility of material misstatement due to fraud, although auditors believed that the management and directors of the audited units were honest and honest in the past experience.

In addition, the new ISA240 asked members of the audit team to discuss the sensitivity of the audited unit's financial statements that resulted in gross misstatement caused by fraud, and asked the project leader to consider which issues would be communicated with the auditors who did not participate in the discussion.

要求審計人員：（1）實施審計程序來獲取用于發(fā)現(xiàn)因舞弊導(dǎo)致的重大錯報風(fēng)險的信息；（2）在會計報表層次和認(rèn)定層次識別和評估因舞弊導(dǎo)致的重大錯報風(fēng)險，并針對那些可能因舞弊導(dǎo)致重大錯報的已評定風(fēng)險，評價被審計單位相關(guān)內(nèi)部控制的設(shè)計及相關(guān)控制活動，從而確定它們是否已經(jīng)得到貫徹；（3）在財務(wù)報表層次，確定因舞弊導(dǎo)致的重大錯報風(fēng)險的總體審計程序，并考慮全體人員的任務(wù)和監(jiān)督；考慮被審計單位使用的會計政策，并在選擇將要實施的審計程序的性質(zhì)、時間和范圍時考慮不可預(yù)測的因素；（4）制定和實施針對管理當(dāng)局逾越內(nèi)部控制風(fēng)險的審計程序；（5）確定針對已評定的因舞弊導(dǎo)致的重大錯報風(fēng)險的審計程序；（6）考慮已發(fā)現(xiàn)的錯報是否是重大錯報的跡象；（7）獲得管理當(dāng)局關(guān)于舞弊的書面聲明；（8）和管理當(dāng)局及董事溝通。

In addition, the new guidelines also provide guidelines for communication with regulators and law enforcement authorities, etc., and provide guidance for auditors to deal with unusual cases of their continuing audits, because of fraud or possible fraudulent practices, and put forward requirements for auditors to set up working papers.

New ISA240 has repeatedly stressed that in order to reduce audit risk to an acceptable low level, auditors should consider the risk of misstatement resulting from fraud in the planning and implementation of audits.

Compared with the old ISA240, the main changes of the new ISA240 are the new changes in the following eight aspects: two, the first is to enhance the spirit of "professional skepticism" in the new eight.

The new ISA240 pointed out that career skepticism is a kind of skepticism and critical evaluation of audit evidence.

Despite the past experience, auditors believe that the auditors' management and directors are honest and upright, but they also need to judge whether or not the material misstatement caused by fraud is based on the information obtained and the audit procedures implemented.

This is quite different from the "neutral" view that "the accountants can not consider the management to be unreliable or reliable", which requires the auditors to maintain their professional skepticism throughout the audit process.

Second, sharing the crystallization of collective wisdom and accumulating experience of identifying fraud.

In order to enhance the auditor's audit fraud and the sensitivity to fraud and improve its assessment of fraud risk, the new ISA240 emphasizes that members of the audit team should focus on the sensitivity of financial statements caused by fraud in the audit plan stage, and exchange views on what they think may be or may be most likely to be fraudulent in the financial statements of audited units, how the management may be fraudulent and how the assets of the audited units are misappropriated, and ask the project leaders to consider which issues should be communicated with auditors who have not participated in the audit.

In addition, it is important that, after the initial discussion of the planning stage, the members of the audit team should continue to communicate and share information that may affect the audit procedures to assess the risk of fraud caused by fraud or to address these risks.

Third, the risk assessment procedure is stipulated.

In order to obtain the information needed to identify the risk of major misstatement caused by fraud, the new ISA240 clearly defined the risk assessment procedure: (1) asked to understand the internal control situation of the management; (2) considered whether the fraud factors had existed; (3) considered abnormal and unpredictable relations in the implementation of the analysis procedure; (4) considered other factors that might help identify the risk of major misstatement caused by fraud.

Fourth, expand the scope of inquiry and understanding.

The new ISA240 requires that in understanding the environment of audited units and internal controls, it is necessary not only to inquire about the management and directors, but also to ask the internal auditors and other relevant personnel inside and outside the enterprise at the appropriate time to determine whether they understand the fraudulent practices affecting the enterprise.

At this point, auditors should use professional judgment to decide when to inquire and ask questions.

Fifth, introducing the new concept of "fraud risk factors", emphasizing the importance of understanding the environment of fraud.

In order to make CPAs fully aware of the possible environment of fraud, the new ISA240 describes three aspects of the environmental characteristics of fraud: motivation / pressure, opportunities, attitudes / attempts to rationalize fraud.

It is also known as "fraud risk factors" that some of the items or conditions that are likely to cause these environmental characteristics are required to obtain additional loans, to achieve unrealistic profit targets, to enlist the temptation of huge bonuses, and to void the control environment.

It is required that CPA pay attention to fraud risk factors and consider abnormal or unexpected pactions and other relevant information so as to comprehensively evaluate fraud risk factors.

Sixth, strengthen the identification and assessment of the risk of major misstatement caused by fraud, with special emphasis on fraud risk in revenue recognition.

The new ISA240 clearly pointed out that auditors should make use of professional judgment to identify the risk of material misstatement caused by fraud when identifying and assessing the risk of material misstatement at the level of accounting statement, paction category, account balance, disclosure and so on.

For auditors, it is important to understand the control measures that have been designed and implemented by the management to prevent and detect fraud, because understanding this information will help auditors to assess the risk of material misstatement caused by fraud.

In addition, the gross misstatement caused by fraudulent financial statements usually comes from exaggerated revenue or disguised revenue. Therefore, the new ISA240 puts particular emphasis on fraud risk in revenue recognition.

It is pointed out that auditors usually assume that there are fraudulent risks in income recognition, and which types of income, income items and identification may lead to these risks. In particular, it is emphasized that the risk of material misstatement caused by fraud related to income recognition is an important risk.

If the auditor does not identify the fraud risk in the income confirmation, the reasons are explained.

The "seventh" stipulates the specific way of responding to the misstatement risks caused by fraud and the audit procedures to respond.

The specific ways of reaction include: (1) to strengthen professional skepticism, we should consider more matters besides the special procedures that have been planned; (2) implement the audit procedures for identified risks at the level of recognition; (3) implement the audit procedures for the identified risks of misstatement caused by management overstepping internal control fraud.

The audit procedures to respond include: (1) changing the nature of audit procedures, adjusting the time of substantive testing, and expanding the scope of the implementation of audit procedures; (2) checking inventory records of audited units during inventory physical inventory or inventory checking to find places or items that need special attention; (3) evaluating the reasonableness of business estimates, judgments and assumptions.

Eighth, emphasized the evaluation of audit evidence.

The new ISA240 clearly points out that auditors are based on the implementation of audit procedures and the audit evidence obtained to evaluate the risk of material misstatement at the level of financial statements.

This assessment is mainly the qualitative judgment of auditors.

The evaluation of audit evidence may deepen the understanding of the risk of major misstatement caused by fraud and determine whether additional or special audit procedures need to be implemented.

This evaluation is on the one hand the evaluation of the audit evidence obtained in the past, on the other hand, some new evidence should be obtained through the analysis procedure.

In particular, auditors should consider the implementation of the analysis procedure at the end or close to the end of the audit so as to reveal the risk of major misstatement caused by fraud.

Firstly, we should speed up the research and revision of the fraud auditing standards in China, coordinate with the international auditing standards as soon as possible, establish more practical standards and provide more detailed guidelines for the CPA auditing fraud financial statements in ISA240 three.

Compared with the new ISA240, China's "Independent Auditing Standards No. eighth - errors and fraud" is too concise and lacks detailed guidance for auditing fraud financial statements, resulting in no detailed reference standards for auditors in implementing fraud auditing, resulting in poor audit results.

To find out the responsibility of fraud; (2) to further clarify the responsibility of the auditor to discover the material misstatement resulting from fraud; (3) to increase the provisions on "professional suspicion"; (4) to increase the stipulation of "discussion among the members of the audit team"; (5) to stipulate the risk assessment procedure, mainly including how to inquire about the internal control situation of the management, and to consider which fraudulent risk factors usually should be considered; (6) stipulate how to identify and assess the risk of material misstatement caused by fraud; (7) stipulate the specific way of responding to the material misstatement risk caused by fraud and the audit procedure that responds to the risk of serious misstatement caused by fraud; (8) further clarifying how to evaluate the audit evidence. In order to improve the effectiveness and quality of fraud auditing and coordinate with the international auditing standards as soon as possible, it is suggested that the fraud auditing standards should be studied and revised in the following aspects: (1) the directors and management authorities of the audited units should be further identified for their prevention and treatment.

Second, we should strengthen the professional skepticism of CPAs, improve the quality of CPA and strictly abide by the independent auditing standards, so as to improve the quality of fraud auditing.

In order to improve the quality of fraud auditing, the CPA should: (1) constantly enhance risk awareness and always maintain professional skepticism.

It is necessary to objectively assess the observed situation and the evidence gathered, and to maintain due diligence for any potential negative indicators or signs to determine whether it leads to serious false statements in the financial statements.

In the process of auditing, we should pay close attention to both "internal investigation" and "external adjustment". We should actively use expert work to actively consult with the relevant government and industry authorities, and thoroughly understand the production, operation and financial situation of the audited units, and also understand the relevant situations in the industry. (2) we should constantly learn and explore the methods and techniques of fraud auditing and improve the ability of professional judgement; (3) fully understand the necessity of implementing the independent auditing standards, and take effective measures from multiple levels to tackle both the root cause and the symptoms so as to implement the independent auditing standards in practice.

Third, auditors should pay special attention to management fraud so as to improve the effectiveness of fraud auditing.

As mentioned in the new ISA240, because management can manipulate accounting data or report false financial reports directly or indirectly by overstepping the seemingly effective internal controls, management is in a unique position of fraud.

Through Enron,