FRAUD AND ERROR
FRAUD AND ERROR
01. The purpose of this Vietnamese Standard on Auditing (VSA) is to establish standards and fundamental principles and provide guidance on the auditor and the audit firm’s responsibility to consider fraud and error in an audit of financial statements.
02. When planning and performing audit procedures and in evaluating and in evaluating and reporting the results thereof, the auditor and the audit firm should consider the risk of material misstatements in the financial statements resulting from fraud or error.
03. This VSA applies to audits of financial statements and also applies to an audit of other financial information and related services rendered by the audit firm.
The auditor and the audit firm should comply with this VSA in conducting an audit of financial statements.
It is expected that the client entity and users of the audit report should possess essential knowledge as to the objectives and principles set out in this VSA in working with auditor and the audit firm, and dealing with the relations maintained in respect of the information under audit.
In this VSA, the following terms have the meaning attributed below:
04. Fraud refers to an intentional act to cause economic, financial information to be misleading by one or more individuals among the Board of Management and Directors employees, or third parties, which results in a misrepresentation of financial statements.
Fraud may involve the following acts:
– Manipulation, falsification of records or documents relating to financial statements;
– Alteration of records or documents, which causes misrepresentations of financial statements;
– Misappropriation of assets;
– Suppression or intentional omission of information, records of documents and transactions which causes misrepresentations of financial statements;
– Recording of transactions without substance;
– Misapplication of accounting standards, principles, procedures and policies and financial regulations;
– Intentional commitment of mathematical mistakes.
05. Error refers to unintentional mistakes in financial statements, such as:
– Mathematical or clerical mistakes in the underlying records;
– Oversight or misinterpretation of amounts and transactions;
– Misapplication of accounting standards, principles, procedures and policies and financial regulations.
CONTENTS OF THE VSA
Responsibility of the Director (or leader)
06. The responsibility for the prevention, detection and handling of fraud and error in the entity rests with the Director (or leader) through the implementation and continued operation of adequate accounting and internal control systems. Because of the inherent limitations of the accounting and internal control systems, it is impossible to eliminate the possibility of fraud and error.
Responsibility of the Auditor and the Audit Firm
07. Through the audit, the auditor and the audit firm are to assist the client entity in detecting, handling and deterring fraud and error. However, the auditor and the audit firm are not and cannot be held responsible for the prevention of fraud and error in the client entity.
08. In planning and performing the audit, the auditor and the audit firm should assess the risk that fraud and error may exist that materially impact the financial statements and should inquire of the Director (or leader) as to any fraud or significant error which has been discovered.
09. In addition to weaknesses in the design and performance of the accounting and internal control systems, conditions or events which increase the risk of fraud and error include:
– Questions with respect to the integrity or competence of management;
– Unusual pressures within or on an entity;
– Unusual transactions and events;
– Problems in obtaining sufficient appropriate audit evidence.
– Factors unique to computer information system environment relating to the above conditions and events.
(Examples of these conditions or events are set out in Appendix 01).
10. Based on the risk assessment, the auditor should design audit procedures to obtain reasonable assurance that fraud and error that are material to the financial statements taken as a whole are detected.
11. Consequently, the auditor seeks sufficient appropriate audit evidence that fraud and error which may be material to the financial statements have not occurred or that, if they have occurred, the effect of fraud is properly reflected in the financial statements or the error is corrected. The auditor should point out the impacts of such fraud and error on the financial statements. The likelihood of detecting errors ordinarily is higher than that of detecting fraud, since fraud is higher than that of detecting fraud, since fraud is ordinarily accompanied by acts specifically designed to conceal its existence.
12. Due to the inherent limitations of an audit, although the auditor adheres to all audit principles and procedures, there is an unavoidable risk that material misstatements in the financial statements resulting from fraud and error may not be all detected. When such a risk occurs that causes material impact on the financial statements, the auditor would consider compliance with principles and audit procedures undertaken in the circumstances and the suitability of the audit report based on the results of those audit procedures.
Inherent Limitations of an Audit
13. An audit is subject to the unavoidable risk that some material misstatements of the financial statements will not be detected, even though the audit is properly planned and performed in accordance with Vietnamese Standards on Auditing or International Standards on Auditing generally accepted.
14. The risk of not detecting a material misstatement resulting from fraud is higher than the risk of not detecting a material misstatement resulting from error, because fraud ordinarily involves acts designed to conceal it. Unless the audit reveals evidence to the contrary, the auditor is entitled to accept representations as truthful and records and documents as genuine. However, the auditor should plan and perform the audit with an attitude of professional skepticism, recognizing that conditions or events may be found that result in material misstatements in the financial statements.
15. Because of the inherent limitations of the accounting and internal control systems, there will always be some risk of fraud and error occurring that is material to the financial statements. An internal control system may be ineffective against fraud involving collusion among employees or fraud committed by management.
Procedures When there is an Indication that fraud or Error May Exist
16. When the application of audit procedures indicates the possible existence of fraud or error, the auditor and the audit firm should consider the potential effect on the financial statements. If the auditor and the audit firm believe the indicated fraud or error could have a material effect on the financial statements, the auditor should perform appropriate modified or additional procedures.
17. The extent of such modified or additional procedures depends on the auditor’s judgment as to:
(a) the types of fraud and error indicated;
(b) the frequency of their occurrence; and
(c) the likelihood that re-occurrence; and
Unless circumstances clearly indicate otherwise, the auditor cannot assume that an instance of fraud or error is an isolated occurrence. If necessary, the auditor adjusts the nature, timing and extent of substantive procedures.
18. Performing modified or additional procedures would ordinarily enable the auditor to confirm or dispel a suspicion of fraud or error. Where suspicion of fraud or error is not dispelled by the results of modified or additional procedures, the auditor and the audit firm should discuss the matter with management and consider whether the matter has effected on the financial statements and the audit report.
19. The auditor should consider the implications of fraud and significant error in relation to other aspects of the audit, particularly the reliability of management representations. In this regard, the auditor reconsiders the risk assessment and the validity of management representations, in case of fraud and error not detected by the accounting and internal control systems or not included in management representations. The implications of particular instances of fraud of error discovered by the auditor will depend on the relationship of the perpetration and concealment, if any, of the fraud or error to specific control procedures and the level of management or employees involved.
Reporting of Fraud and Error
To the Director (or leader)
20. The auditor and the audit firm should communicate factual findings to the Director (or leader) of the client entity as soon as practicable prior to the date of publication of the audited financial statements or the issuance of the audit report if:
a) the auditor suspects fraud may exist, even if the potential effect on the financial statements has not been measured;
b) fraud is found to exist; or
c) significant error is found to exist.
21. Suspecting fraud exist or having detected any occurrences of possible of actual fraud or significant error, the auditor would consider all the circumstances as to which level of authority to report the case to. With respect to fraud, the auditor would assess which management level is likely to involve. In most cases involving fraud, it would be appropriate to report the matter to a level in the organization structure of the entity above that responsible for the persons believed to be implicated. When doubts are raised as to the involvement of the highest authority, the auditor would ordinarily seek legal advice to assist in the determination of procedures to follow.
To Users of the Audit Report on the Financial Statements
22. If the auditor and the audit firm conclude that the fraud or error has a material effect on the financial statements and has not been properly reflected or corrected in the financial statements, the auditor should express a qualified or an adverse opinion.
The auditor and the audit firm should clearly state in the audit report fraud and error that may be material to the financial statements even though they are adequately reflected in the financial statements.
23. If the auditor is precluded by the entity from obtaining sufficient appropriate audit evidence to evaluate whether fraud or error that may be material to the financial statements, has, or is likely to have, occurred, the auditor and the audit firm should express a qualified opinion or a disclaimer of opinion on the basis of a limitation on the scope of the audit.
24. If the auditor is unable to determine whether fraud or error has occurred because of limitations imposed by the circumstances or by the entity, the auditor should consider the effect on the audit report.
To Regulatory and Enforcement Authorities
25. The auditor and the audit firm are to keep the client’s information and data confidential, except when the client entity has committed fraud or error which, as statutorily required, the auditor and the audit firm are to report to the supervisory authorities. In this case, the auditor and the audit firm may need to seek legal advice in advance in such circumstances.
Withdrawal from the Engagement
26. The auditor and the audit firm may conclude that withdrawal from the engagement is necessary when the entity does not take the remedial action regarding fraud that the auditor considers necessary in the circumstances, even when the fraud is not material to the financial statements. Factors that would affect the auditor’s conclusion include the implications of the involvement of the highest authority within the entity, and the effects on the auditor of continuing association with the entity. In reaching such conclusion, the audit firm would consider the case and seek legal advice.
27. On receipt of an inquiry from the proposed auditor for information on the client entity, the existing auditor should advise any professional reasons for withdrawal from the engagement. The existing auditor would, taking account of the legal and ethical constraints including where appropriate permission of the client, give details of and discuss freely with the proposed auditor such information. If permission from the client to discuss its affairs with the proposed auditor is denied by the client, the existing auditor and the audit firm should disclose that fact to the proposed auditor.