Missing Supporting Document

Just read the CFE (Certified Fraud Examiner) Magazine.

Missing sup doc is a red flag. When we take sampling and found that some transactions are not supported with documents, we cannot forget it and drive on (FIDO). We have to question why the sup doc is not available.

Common reasons answered why the sup doc is not there:

• It was approved by director’/owner directly.
• It was director/owner’s personal expense.
• It was kept by accounting personnel who have resigned.
• It was moved by someone else whom we don’t know.
• The filing is messy and scattered. Maybe it is kept somewhere else.
• We forget where we put it.

The substitution of sampling with other transactions with similar account  but have sup. doc should be questioned with professional skeptiscm.

RI Quote

“Revenue recognition is the most important part in audit. Our assumption is that client’s revenue recognition is wrong. So we have to find valid  evidence or any fact to provide reasonable assurance that the revenue recognition is not wrong.”

Roy Iman – Price Waterhouse Coopers.

Professional Judgment

You’ve heard this words many times in accounting ethic standard books. But sometimes you have no idea what it is or how to use it. Well… professional judgment is how you make decision derrived from your professional education, training, and experience. Some says it equals to sixth sense. For me, it’s how you get the big picture. It’s logical. Nothing dealt with sixth sense. When you’re facing with anomalies, the non-sense thing may looks logical. But when you see it from the 360 degrees view, you’ll know that it’s a red flag.

However, not  everyone knows how to use the professional judgment. Maybe sometimes our professional judgment has reminded us about the red flag but we tend to ignore it due to other distracting thoughts. That will make us not aware of what we’re facing with.

To maximize your professional judgment, you have to stay focused. Have a clear mind, don’t let personal feelings or personal biased distract you. Stay healthy, do some sport, eat nutritious food, grab some good books, avoid unnecessary activities. Don’t let yourself get sick. You have to stay healthy to get a clear mind.  Get some training, and jump to the river. I mean, you have to practice yourself using your professional judgment in every phase of engagement. If you never use it, you’ll never sharpen it.

Remember: stay focused, clear mind, maintain yourself healthy, get some knowledge, and See the BIG picture.

Reasons Why Auditor Cannot Detect Financial Statement Fraud

1. Scope Limitation, this include prohibition in doing corroborative inquiry, limitation  of access to required data
2. Auditor lack of professional skeptism
3. Auditor may choose the wrong sample
4. Auditor is having lack of accounting knowledge
5. Auditor is having lack of experience
6. Lack of audit trail
7. The evidence is seemed to be true (falsified evidence)

if u need further explanation, please email me alfri_n at yahoo.com

Type of Fraud (Fraud Tree)

Before you want to know how-to-detect fraud, you have to start questioning yourself : what type of fraud you want to detect? Because there are numerous type of fraud. Bologna classifies fraud into three categories: corruption, asset misappropriation, and financial statement fraud. So what’s the most crucial in you?

Corruption types of fraud includes corruption, bribery, and getting commission/bonus into personal account from vendor resulted from purchasing activity.
For government corruption investigator like KPK in Indonesia, the most important thing for them is to detect the corruption fraud. Off course, not every corruption frauds in government bodies are detected and investigated by them (KPK), but only the material amount that will be detected (above 1 billion rupiahs/$100,000 USD according to Mr. Najib Wahito, government corruption investigator).

Asset misappropriation is usually done by small-theft. The amount usually immaterial. Most of time external auditors ignore this because of the materiality consideration. But auditors must look at it in aggregate amount. Sales person employee who steals money let’s say $20 per day (occurs on daily basis) could be material for a company with sales $2000/year. Usually this type of fraud caught by tipping, less are  caught by internal auditor.

Financial statement fraud is usually done by CFO, CEO, or C-level employees. They try to cook the book for various reasons: getting bonus for great financial performance, or avoiding tax in illegal way. This type of fraud is systematic, because each transaction journal entry is linked with other journal entry. One hole in transaction can cause another hole in other transaction that may attract auditor’s attention. Since it is high-level type of fraud, sometimes internal auditor themselves are not allowed to get access to examine it. The misstatement that resulted from financial statement fraud is usually big.

According to SAS 99, external auditor is responsible to plan and conduct audit to obtain reasonable assurance that the financial statement is free from material misstatement that caused by error or fraud. So, auditor has responsibility to detect fraud that may cause material misstatement. So if it’s not material, external auditor sometimes just ignore it.
But for the company, fraud, even though it is immaterial, it may cause loss to the company may degrade company’s reputation in the eyes of vendors, other third party, and its own employees.

The tone of the top is the most important thing to reduce fraud. Internal auditor cannot fight fraud alone if the the top level management focuses on sales operation and ignore internal control. Management, the C-level people, must build effective good corporate governance and internal control. And it requires hard work to wake them up, alert them of the importance of internal control.

SPAP yang berenang2x..

Can’t find the right topic for this post. Can’t find the right words. 1 minggu yang lalu sebelum pergi ke surabaya SPAP terus berenang-renang di kepala. Terutama SA 316 dan 317. Lalu perlahan terkikis dengan sibuknya pekerjaan. Kemarin baru saja dapat kuliah auditing lagi di PPAK. Kali ini membahas topik SA 318: Pemahaman Atas Bisnis Klien. Kesannya sepele dan mudah. Tapi ternyata perlu analytical thinking yang kuat. Dibutuhkan logika yang bagus, analisa yg dalam dan pikiran yg jernih. Dalam memahami bisnis klien gak cukup cuman baca koran, lihat laporan audit tahun lalu, baca laporan auditor pendahulu, atau browsing company profile through the company website. Tapi lebih dari itu. Hal yang paling penting dalam pemahaman bisnis klien adalah penggunaan informasi tentang klien untuk penentuan resiko. Dari penentuan resiko ini kita bisa ambil keputusan apakah kita akan terima klien tersebut atau tidak, teruskan engagement, scope audit, dan planning audit. Pemahaman bisnis klien juga membantu kita untuk memutuskan apakah kita memerlukan jasa profesional atau tidak.

Misalnya dalam menilai employee benefit perusahaan klien, auditor memerlukan jasa ahli aktuaris dalam hal ini. Tapi tentu saja auditor tidak boleh rely 100% dalam hasil perhitungan employee benefit atau PSAK 24 dari aktuaris, bahkan menyalahkan aktuaris begitu saja jika terjadi kesalahan perhitungan.

Atau kalau lagi mau audit industri telekomunikasi. Jika diperlukan external auditor bisa meminta bantuan team IT auditor, terutama dalam revenue recognition. Karena dalam jualan pulsa itu barangnya tidak berwujud (intangible) dan sangat rely on technology.

Kalau begitu kapan sebaiknya kita sebagai auditor melakukan pemahaman atas bisnis klien? Sebaiknya sebelum engagement, selama engagement dan sesudah engagement. Jadi, selama kita masih berhubungan dengan klien, kita wajib melakukan pemahaman atas bisnis klien.

SPAP 316: Kecurangan

Di dalam SPAP (Standar Profesional Akuntan Publik) 316, kecurangan dikarakteristikan sebagai suatu tindakan yang disengaja yang berakibat pada salah saji laporan keuangan. Akan tetapi sulit sekali di SPAP ini juga mengakui bahwa sulit sekali memberikan batasan atau judgement atas unsur kesengajaan tersebut. Terkadang dokumen yang hilang bisa saja benar-benar hilang, bukan karena sengaja dihilangkan. Kadang salah saji pada laporan keuangan memang benar-benar disebabkan karena kekeliruan. Bukan kesengajaan. Lalu bagaimanakah sebenarnya kita mendefinisikan atau membuktikan secara nyata bahwa suatu salah saji terdapat unsur kesengajaan di dalamnya?

Menurut pendapat saya, diperlukan audit planning yang cermat, jam terbang yang memadai, skill yang tinggi, serta professional judgement yang baik untuk menentukan apakah salah saji tersebut merupakan salah saji yang sengaja.

Salah satu teknik audit untuk mengetahui adanya unsur kesengajaan di dalam salah saji yang kita temui adalah melalui interview. Tentunya interview ini haruslah didukung oleh bukti-bukti dokumentasi yang memadai, serta analythical thinking. 

Teknik interview ini bisa didapatkan melalui pelatihan dan jam terbang yang cukup. Ada satu buku bagus mengenai Fraud Auditing, yang memuat teknik interview. Saya baru baca buku itu sebagian. Mungkin nanti kalau sudah saya habiskan bacanya, saya bagi-bagi di sini.