Over the years there have been numerous high-profile frauds perpetrated by management across the world. Those infamous ones in the UK are: BCCI; Barings; and Equitable Life. Wirecard’s recent failure in Germany has highlighted once again: what is the auditor’s role in detecting fraud within a company?Auditors design their work in order to obtain a reasonable assurance that the financial statements are free from misstatement. In the eyes of the public…. caused by either error or fraud. Either way this means that the auditor should have a good chance of discovering a fraud. This also means that auditors have a legal responsibility to detect fraud.The auditors will explicitly limit their responsibility and they state in their engagement letters that their work does not go as far as detecting fraud. So, from a legal perspective the auditor will do what they can to make it clear that their role does not include the exposure of a fraud.So, do auditors have a responsibility or not; and when a company goes bust due to fraud are the auditors responsible?The answers are unsatisfactory: technically no and perceptually yes.The problem is that fraud tends to be sophisticated; often involves the collusion of staff; and requires a deep knowledge of the processes and systems. Auditors spend a relatively short amount of time working with a client. Within that time, they are expected to look at all elements of the company from its processes; transactions; regulation and management. Is it reasonable that during this limited amount of work that the responsibility of detecting a sophisticated fraud would be detected?On the other hand, investors and the wider public expect that a company that has been audited is free from fraud.So perhaps auditors need to step up and probe closer into areas that could uncover a fraud, as part of their work. These areas could be:
For cash businesses: scrutinising what controls exist related to takings and banking.
For all procurement: reviewing the ordering and authorisation process; and ensuring that there is sufficient division of duty.
Spotting large or unusual transactions.
Do certain members of management have unproportional control.
Are there any unusual patterns emerging?
Are there unusual journals being posted through the accounts?
Do any members of management display a lifestyle that appears out of proportion?
And depending upon the specific client many more areas.