Fraud considerations in audit

Fraud considerations in audit

Fraud considerations in audit

We consider and document the risk or suspicion of fraud throughout the audit process, notify the hierarchy and the legal service, and report as appropriate.
Ref: 12.700

Definitions

Fraud

Fraud, in the EU context, is defined in Art 3 of Directive (EU) 2017/1371. Whenever reference is made to "fraud" and "corruption" it includes both “suspected fraud and corruption" and "proven fraud and corruption". The auditor should apply the term "suspected fraud and corruption" for the reason that it is the responsibility of the national authorities to confirm the existence of fraud or corruption.

Corruption

Corruption is defined in Articles 2 and 3 of, the Convention drawn up on the basis of Article K.3(2)(c) of the Treaty on the European Union on the fight against corruption involving officials of the European Communities or officials of member states of the European Union) as: Passive corruption “Deliberate action of an official, who, directly or through an intermediary, requests or receives advantages of any kind whatsoever, for himself or for a third party, or accepts a promise of such an advantage, to act or refrain from acting in accordance with his duty or in the exercise of his functions in breach of his official duties shall constitute passive corruption." Active corruption “Deliberate action of whosoever promises or gives, directly or through an intermediary, an advantage of any kind whatsoever to an official for himself or for a third party for him to act or refrain from acting in accordance with his duty or in the exercise of his functions in breach of his official duties shall constitute active corruption." Neither active nor passive corruption necessarily has an immediate and direct financial impact (e.g. on the Communities’ general budget) although it is likely to have a financial impact in the long run.

Illegal Activity

While the term “illegal activity" is used in the legislation establishing the European Anti-Fraud Office (OLAF), no legal definition exists. It follows from the ordinary meaning that illegal activity means an activity forbidden by law.

Principles

The ECA’s policy on and approach towards irregularities, fraud, corruption and other illegal activities is based upon the EU legislative framework and International Standards of Supreme Audit Institutions (ISSAIs).

EU legislative framework

In accordance with Article 287 (2) of the TFEU, “The Court of Auditors shall examine whether all revenue has been received and all expenditure incurred in a lawful and regular manner and whether the financial management has been sound. In doing so, it shall report in particular on any cases of irregularity". Irregularity is defined by Article 1 of Council Regulation 2988/95. Article 325 of the TFEU provides the legal framework for the protection of financial interests against fraud and other illegal activities detrimental to the Union’s financial interests. Its paragraph 4 states that the Court of Auditors has to be consulted by the European Parliament and the Council before adopting measures concerning the prevention of and fight against fraud affecting the financial interests of the Union.

Standards

The professional standards provide guidance on matters pertaining to fraud and irregularity: ISSAI 100/47: Identifying and assessing the risks of fraud relevant to the audit objectives Financial audit ISSAI 200/44-45: Considerations relating to fraud in an audit of financial statements ISA 240: The auditor’s responsibilities relating to fraud in an audit of financial statements ISA 315: Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and its Environment ISA 330: Responding to significant risks of material misstatement Compliance audit ISSAI 4000/58-62: Considering the risk of fraud throughout the audit process, and document the result of the assessment Performance audit ISSAI 3000/58-62: Assessing the risk of fraud when planning the audit and being alert to the possibility of fraud throughout the audit process

Instructions

Audit procedures in relation to fraud

The primary responsibility for the prevention and detection of fraud rests with both those charged with governance of the entity and management, which, in the context of the EU funded activities, comprises the:
  • European Commission (and other institutions and bodies);
  • National, regional and/or local authorities; and
  • Relevant economic operators (beneficiaries).
Due to the nature of fraud, and the inherent limitations of an audit, there is an unavoidable risk that fraud may occur and not be detected by audit work. Fraud may consist of acts designed intentionally to conceal its existence. There may be collusion between management, employees or third parties, or falsification of documents. For example, it is not reasonable to expect the auditor to identify forged documentation in support of claims for grants and benefits, unless they are obvious forgeries. The auditor shall consider the risk of fraud throughout the audit process:
  • consider whether fraud risk factors are indicated in the information presented
  • discuss and analyse in the audit team the susceptibility of the entity to fraud
  • maintain an attitude of professional scepticism throughout the audit
  • document the result of the discussion and the assessment in Assyst

Financial and compliance audit

An auditor conducting an audit in accordance with ISAs is responsible for obtaining reasonable assurance that the financial statements as a whole are free from material misstatement, whether caused by fraud or error. The key distinguishing factor between fraud and error is whether the underlying action that results in the misstatement of the financial statements is intentional or unintentional. In audit of financial statements the objectives of the auditor are to:
  • identify and assess the risks of material misstatement of the financial statements due to fraud;
  • obtain sufficient appropriate audit evidence regarding the assessed risks of material misstatement due to fraud, through designing and implementing appropriate responses; and
  • respond appropriately to fraud or suspected fraud identified during the audit.
In
Statement of Assurance
the ECA also verifies whether the underlying transactions underlying the financial statements are free from material irregularity, regardless of whether caused by fraud or error.
Fraudulent transactions are, by their nature, not in compliance with relevant regulations. The auditor may also determine that transactions where fraud is suspected, but not yet proven, are not in compliance with applicable laws and regulations. Fraud can result in qualification of the compliance opinion in the auditor's report. Furthermore, ECA's auditors do not have investigative powers, while only a court of law can determine if a particular transaction is fraudulent.

Performance audit

In performance audit the auditor needs to identify and assess the risks of fraud relevant to the audit objectives. If the risk of fraud is significant, it is important during the audit for the auditor to obtain a good understanding of the relevant internal control systems and examine whether there are any signs of irregularities that could hamper performance. The auditor needs to take enquiries and perform procedures to identify and respond to the risks of fraud relevant to the audit objectives.
Examples of sources of information for risk assessment

Suspected fraud during the audit

If there is suspicion of fraudulent activity during the audit, report it to your hierarchical superior, and to the legal service via encrypted e-mail. The legal service informs the President, who then decides whether or not to notify OLAF or the EPPO. Suspicions of fraud are usually treated in the same way as other errors without any reference to fraud in clearing documents and reports. A specific guideline presents what to do when confronting cases of suspected fraud or any other illegal activity.

Abuse

Although
abuse
does not necessarily involve fraud , public sector auditors remain alert throughout the audit for its occurence.

Cooperation with OLAF and the EPPO

The ECA has concluded an Administrative arrangement with OLAF and a Working arrangement with the EPPO. The aim is to facilitate how we work together, in particular regarding the transmission of suspected fraud cases, and the organisation of mutually beneficial training courses, workshops or exchanges of staff. Consult also our internal requirements regarding cooperation with OLAF in respect of access to audit information concerning:
  • cooperation with OLAF on suspected fraud and irregularities;
  • the confidentiality of information communicated;
  • requests by OLAF for information concerning ECA audits;
  • the procedures for dealing with unsolicited information received.

Resources

repository of elements(red flags) indicating the risk of a possible fraud or corruption. The red flags are organised by audit area, nature of the transaction, or issue.
Videos, good practices examples, case studies, useful tools like registers and databases, links to relevant legislation and other material on fraud prevention and detection.
Last Modified: 15/03/2022 15:15   Tags: