Audits That Keep Fraudsters Guessing

Scratch the surface of many audit plans and you’ll find predictable elements that someone bent on fraud can anticipate and foil. That’s why SAS no. 99, Consideration of Fraud in a Financial Statement Audit, requires auditors to incorporate elements of unpredictability into their procedures. Here’s how.
Use random sampling. Auditing a patternless selection of items makes it impossible for fraudsters to determine which will be chosen.

Conduct surprise visits. Showing up unannounced to count inventory prevents employees from fraudulently moving goods from one location to another just to fool auditors.

Change the timing. At clients where accounts receivable traditionally are confirmed at fiscal year-end, try performing this audit procedure two months early.

Vary your technique each year. If you’ve always tested a sample of transactions posted to an account, switch to an analytical test that compares account activity with production data. That might make fraud easier to spot.

Evaluate low-profile accounts. Selecting accounts that are not normally audited might reveal items being hidden in them for just that reason.

Test small accounts. Checking them could reveal fraudulent transactions spread over several accounts of relatively insignificant size.

Look for bogus patterns. Use Benford’s Law, a statistical formula for evaluating the frequency of given values in a random sample, to expose implausible numeric data. (See “ I’ve Got Your Number, JofA , May99, page 79.

Observe operations discreetly. Monitoring customer traffic or vendor deliveries from a nearby vantage point may reveal discrepancies in recorded revenue.

Review whistleblower files. Look over employee reports of company mal- or misfeasance for indications of fraud.

Use audit software. Test large electronic transaction files for duplicate payments, invoices or addresses for multiple employees or vendors that often escape notice when checked manually.

Get a clearer view of the numbers. Use graphs to display daily, weekly or monthly data—such as the number and dollar amount of transactions or journal entries—on key cycles or processes to make it easier to spot abnormal amounts and address the risk of management override.

Embed software monitors. Get the client’s permission to design and plant a program to capture, encrypt and record key data for auditors to analyze later.

Check the Web. Visit Internet chat groups in which employees who own the client’s stock discuss operational or other issues that might merit consideration as part of an effective audit.

Use alternative models. Develop independent evaluation models and assumptions, instead of using those supplied by management, to verify clients’ estimates of warranty costs and other charges.

Editor’s note: SAS no. 99 (product no. 060701JA) can be ordered at .

Source: Thomas E. McKee, CPA, professor of accountancy at East Tennessee State University’s College of Business and Technology, Johnson City (e-mail ).


Year-end tax planning and what’s new for 2016

Practitioners need to consider several tax planning opportunities to review with their clients before the end of the year. This report offers strategies for individuals and businesses, as well as recent federal tax law changes affecting this year’s tax returns.


News quiz: Retirement planning, tax practice, and fraud risk

Recent reports focused on a survey that gauges the worries about retirement among CPA financial planners’ clients, a suit that affects tax practitioners, and a guide that offers advice on fraud risk. See how much you know with this short quiz.


Bolster your data defenses

As you weather the dog days of summer, it’s a good time to make sure your cybersecurity structure can stand up to the heat of external and internal threats. Here are six steps to help shore up your systems.