Critics will be harder-pressed to complain about "drive-by" audits after the American Institute of CPAs (AICPA) issues its new fraud standard. Slated for release within the next month, "Statement on Auditing Standards (SAS) 99: Consideration of Fraud in a Financial Statement Audit" will give auditors more guidance to help ensure material fraud is caught early on, before investors are taken in by fraudulent financial statements.
AICPA expects SAS 99 will "significantly change auditor performance," primarily through the following key provisions:
- Auditors will be required to brainstorm how frauds could occur and use these discussions to design audit tests responsive to the risks of fraud.
- Auditors will be expected to ask management and others in the organization about the risk of fraud and whether they are aware of any frauds.
- Auditors will be expected to test areas, locations and accounts that otherwise might not be tested or anticipated by management.
- The new standard requires certain procedures that auditors must perform to test for management override of controls.
SAS 99 is seen as the "cornerstone" of AICPA's efforts to help restore investor confidence in U.S. capital markets and re-establish the credibility of audited financial statements. Chuck Landes, AICPA's director of audit and attest standards, said the thinking reflected in the standard incorporates results of academic research projects, as well as recommendations from the now-disbanded Public Oversight Board's Panel on Audit Effectiveness.
But recent legislative reforms have left the accounting regulatory framework in a state of flux, raising questions about the extent to which the new accounting oversight board will embrace SAS 99 and other standards issued by AICPA's Auditing Standards Board (ASB). The new board could agree to accept ASB's standards in whole or in part by selectively endorsing some standards but not others. Or, it could decide to set its own standards.
Despite the uncertainty, the ASB is forging ahead with three new task forces and one existing task force to tackle a number of issues that rule-makers are required to address under the Sarbanes-Oxley Act. The task forces are focusing on internal controls, auditors' relationships with audit committees, quality control implications, and "omnibus issues" including rules on retention of audit work papers, concurring reviewer requirements and foreign firm issues.