Forensic Auditing
August 28, 2022
Traditionally, auditing has been mainly an activity to check legal compliance and accuracy of the financial statements. Fraud detection has always been a part of auditing, but never gained so much importance in the past. In recent years, financial frauds and corruption have become a major problem all over the world. Such is the state of affairs that scams, frauds and corruption are being the normal way of life. In most cases, the people involved are those with high authority who should, otherwise, be the ones to guard the funds involved. Fraudsters apply highly advance techniques to conceal their frauds and hence more often than not, these frauds escape the auditors’ attention in the course of a routine audit.
However, these scams/frauds/corruptions have raised questions on the credibility and reliability of auditor reports and financial reporting. It is not out-of-context to say that “the auditor is a watchdog and not a blood hound”. Auditors cannot shirk the responsibility of authentic reporting because the stakeholders place a lot of faith in their reports. An auditor is not only expected to check legal compliance but is also expected to check misappropriation and frauds. Hence, like a bloodhound, an auditor must apply an investigative approach to auditing so as to detect even the slightest possibility of a fraud.
Now, since we see that the primary work of a forensic accountant is to detect frauds, let us first understand what a fraud means. A deliberate deception or misrepresentation made by an individual or entity with the intention to derive some illegitimate gain at the loss of another is considered to be a ‘fraud’.
In India, the concept of Forensic Accounting was explained centuries ago. Kautilya, an ancient Indian teacher, philosopher, economist, jurist and royal advisor, had explained 40 ways of embezzlement in his book ‘Arthashastra’. He had mentioned that detecting an appointed official’s dishonesty is as difficult as detecting the amount of water drunk by a swimming fish. Thus, the need for experts to detect frauds was emphasized even then. However, it is human nature to seek a solution only when a problem erupts. Hence, forensic accounting gained importance only after the outbreak of major scams.
What is ‘Forensic Accounting’?
According to AICPA, ‘Forensic Accounting’ is the application of accounting principles, theories and discipline to facts or hypothesis at issues in a legal dispute and encompasses every branch of accounting knowledge’. To put it in simple words, Forensic Accounting is the use of accounting skills to investigate fraud or embezzlement and to analyse financial information for the use in legal proceedings. Forensic Accounting is also referred to as ‘Forensic Auditing’ or ‘Investigative Auditing’.
Forensic Accounting can be applied to various departments such as:
- Calculation of monetary damages incurred in a breach of contract or violation of law
- Post-acquisition disputes
- Capital Market Frauds
- Bankruptcy and insolvency
- Tax fraud
- Money laundering
- Business valuation
- Computer forensics / e-discovery
- Assessment of actual value of frauds
Chartered Accountants have the requisite knowledge of accounting, auditing, taxation and finance. Hence, they are often entrusted with the job of analyzing and assessing the accounting framework of a fraud-hit organisation.
Forensic Accountants utilize their understanding of economic theories, business information, financial reporting systems, accounting and auditing standards and procedures, data management and electronic discovery, data analysis techniques for fraud detection, evidence gathering and investigative techniques, and litigation processes and procedures to perform their work.
Forensic Accountants are also increasingly playing a vital role in risk reduction by designing and applying certain aspects of forensic accounting to statutory audits so as to facilitate early detection of frauds.
An experienced Forensic Accountant can provide the following services:
- Investigate the financial evidence.
- Analyze and present the financial evidence in computerized format.
- Communicate their findings in the form of reports and documents.
- Testify in court and assist in legal proceedings.
A forensic accountant identifies the potential risk areas of an organisation, the ways in which these risks may be exploited and uses different tools and techniques to investigate the risk factors. The results are processed and presented to the management suggesting ways to protect the organisation from possible frauds.
Of the majority of corporate frauds, financial statement frauds are the most common. In order to present a rosy picture, the management often manipulates the financial records. Commonly observed financial statement frauds are showing inflated revenues, round-tripping, concealment of liabilities, asset overstatement, understatement of expenses, cash embezzlement, improper/inadequate disclosure, etc.
The other two most common types of frauds are insurance frauds and banking frauds. People staging a fire or accident to claim insurance money and obtaining illegal health insurance policies by concealing pre-existing illnesses is a common practice in India.
As far as banking frauds are concerned, the most striking examples would be the PNB-Nirav Modi scam and the ICICI-Videocon loan controversy.
Fraud Triangle and its applicability in Forensic Accounting
In the late 1940s, Donald R. Cressey, a famous criminologist, formulated the fraud triangle. He observed that 3 factors led to a fraud –
- Opportunity,
- Motivation, and
- Rationalization.
This theory can be applied by a forensic accountant to disrupt at least one aspect of the triangle to deter frauds. Although it is difficult to the elements of fraud, an attempt to minimize the chances of a fraud could be made.
An auditor ought to report any misstatement in the financial records of an organisation. However, well-planned frauds may not be detected in the course of a routine audit. There are many reasons for frauds to go unnoticed. Often there is a lack of auditor independence. Also, the time-frame is also often too limited making the audit process so structured that an auditor doesn’t look for frauds. Even if the auditor focuses on looking at the internal controls and their effectiveness, a shrewd fraudster will find a way to dodge the controls and go undetected. No matter what the reason, public expectations from an auditor are so high that they will blame only the auditor for not having detected a fraud. Hence, even during the course of a routine audit, the principles of forensic accounting must be applied.
The most important (and often the most difficult) task for an auditor is to ask a lot of questions during the course of an audit. Even the slightest chance of a possible fraud shouldn’t be left without asking questions. Moreover, it is perfectly okay to question absolutely anyone irrespective of how high or low in position the person is in terms of organizational hierarchy. Often, the auditor may feel it inappropriate to question someone with higher authority, but that could be the biggest mistake because the higher the authority of the person, the bigger the magnitude of the fraud. Major scams are all executed by the people in the highest level of authority which is why it is perfectly okay to question absolutely anyone.
In an organisation, there are various sources of data for which digital forensic techniques can be used. According to NIST (National Institute for Standards and Technology, USA), ‘Digital Forensics’ is considered as the application of science to the identification, collection, examination and analysis of data while preserving the integrity of the information and maintaining a strict chain of custody for the data.
Digital Forensics are often used for the following purposes:
- Investigating a fraud and collecting and preserving of evidence
- Operational troubleshooting
- Log monitoring
- Due diligence / Regulatory compliance
- eDiscovery (also known as electronic discovery) which is the identification, collection and reporting of electronically stored information in response to a request for production in a law suit / investigation.
Conclusion: In the past, auditing mainly involved tallying of figures and checking regulatory compliance. But now times have changed drastically with all sorts of financial frauds / crimes / corruption emerging from all sectors. Hence, an auditor has to have a forensic mind and the attitude of a detective whilst conducting an audit. Stakeholders have a lot of faith in the auditor’s report and in order to live up to their expectations, an auditor must take up the responsibility of providing complete and accurate financial reports.