If financial statements have fraud misstatements, who will hold the responsibility and how?
In the case that material misstatements due to fraud are detected, the following parties will hold the responsibility as follow:
Accordingly, users of financial statements can sue the audit firms and the auditors in charge to claim compensation for their damages if they believe that the auditing company and the auditor in charge have failed to fully perform their responsibilities, or commit acts of violating professional ethics. If the examination of audit records shows evidence of this, the audit firm and the auditors will be subject to compensation and sanctions as decided by the court.
Why independent auditors may not find out fraud misstatements?
What guidance do the audit standards provide regarding fraud risks?
According to VSA 240 (The auditor’s responsibilities relating to fraud in an audit of financial statements), auditors need to comply with the following guidance:
Professional Skepticism
In accordance with VSA 200, the auditor shall maintain professional skepticism throughout the audit, recognizing the possibility that a material misstatement due to fraud could exist, notwithstanding the auditor’s past experience of the honesty and integrity of the entity’s management and those charged with governance.
Discussion among the Engagement Team
VSA 315 requires a discussion among the engagement team members and a determination by the engagement partner of which matters are to be communicated to those team members not involved in the discussion.6 This discussion shall place particular emphasis on how and where the entity’s financial statements may be susceptible to material misstatement due to fraud, including how fraud might occur. The discussion shall occur setting aside beliefs that the engagement team members may have that management and those charged with governance are honest and have integrity.
Risk Assessment Procedures and Related Activities
When performing risk assessment procedures and related activities to obtain an understanding of the entity and its environment, including the entity’s internal control, required by paragraphs 05-24 VSA 315, the auditor shall perform the procedures in paragraphs 17–24 to obtain information for use in identifying the risks of material misstatement due to fraud.
Identification and Assessment of the Risks of Material Misstatement Due to Fraud
In accordance with paragraph 25 VSA 315, the auditor shall identify and assess the risks of material misstatement due to fraud at the financial statement level, and at the assertion level for classes of transactions, account balances and disclosures.
Responses to the Assessed Risks of Material Misstatement Due to Fraud
In accordance with paragraph 5 VSA 330, the auditor shall determine overall responses to address the assessed risks of material misstatement due to fraud at the financial statement level.
Evaluation of Audit Evidence
If the auditor identifies a misstatement, whether material or not, and the auditor has reason to believe that it is or may be the result of fraud and that management (in particular, senior management) is involved, the auditor shall reevaluate the assessment of the risks of material misstatement due to fraud and its resulting impact on the nature, timing and extent of audit procedures to respond to the assessed risks. The auditor shall also consider whether circumstances or conditions indicate possible collusion involving employees, management or third parties when reconsidering the reliability of evidence previously obtained.
Auditor Unable to Continue the Engagement
If, as a result of a misstatement resulting from fraud or suspected fraud, the auditor encounters exceptional circumstances that bring into question the auditor’s ability to continue performing the audit, the auditor shall follow the guideline of audit standards.
Communications to Management and with Those Charged with Governance
If the auditor has identified a fraud or has obtained information that indicates that a fraud may exist, the auditor shall communicate these matters on a timely basis to the appropriate level of management in order to inform those with primary responsibility for the prevention and detection of fraud of matters relevant to their responsibilities.
Communications to Regulatory and Enforcement Authorities
If the auditor has identified or suspects a fraud, the auditor shall determine whether there is a responsibility to report the occurrence or suspicion to a party outside the entity. Although the auditor’s professional duty to maintain the confidentiality of client information may preclude such reporting, the auditor’s legal responsibilities may override the duty of confidentiality in some circumstances.
See more detail standards here