Before taking any steps to help a client that may have suffered a fraud or misappropriation of assets, ask yourself the following questions:
- Do I possess the requisite professional competence?
- Do I have the necessary experience/qualifications?
- Will my assistance impair my independence and preclude me serving my client’s attest needs?
- Am I conflicted out?
If fraud is suspected, the best initial step often is sending the client a written communique suggesting a that a qualified professional perform a forensic investigation. If the client declines, retain defensive documentation of the client’s decision. If the client asks you to perform the investigation, do so under the terms of a fraud examination engagement letter.
Important considerations include:
ET Section 201 – General Standards, ET 101 – Independence, and ET 102 – Integrity and Objectivity (AICPA).
The CPA must take due professional care, adequately plan or supervise
their response to a suspicion of fraud, and obtain sufficient relevant
data to support findings regarding the alleged fraud. Hurried responses to fraud might violate the CPA Code of Conduct.
ET 1.295 (formerly Interpretation 101-3) Nonattest Services (AICPA).
If the client is an attest client, be certain that management designates someone with the skill, knowledge and experience to be responsible and accountable for overseeing the forensic examination. Otherwise, the firm’s independence could be impaired because of the self-review threat.
In addition to the threat to independence, CPAs should take precautions to reduce the likelihood that stakeholders will perceive that their investigation was not objective or competently performed.
Before responding, it is important to establish that fraud suspicions are alleged by others, and to obtain written approval to access records and to interview personnel. The key is to be certain to obtain and document sufficient facts, arguments and conditions as defensive documents to defeat allegations that the forensic investigation lacks basis, or is unauthorized or libelous. Encourage management to inform legal counsel; investigations led by counsel preserve available legal privileges.
Presume work will be submitted to a prosecutor; by doing so, you avoid taking shortcuts that could undermine a successful prosecution. Pay particular attention to maintaining the chain of custody of evidence.
Fraud Risk Management Guide (COSO).
Provides implementation guidance that defines principles and points of focus for fraud risk management and describes how organizations of various sizes and types can establish their own fraud risk management programs. (Link to purchase Guide:http://www.acfe.com/fraudrisktools/guide.aspx
Managing the Business Risk of Fraud: A Practical Guide (IIA, AICPA, ACFE).
Recommends ways in which boards, senior management, and internal auditors can fight fraud in their organizations, and defines principles and theories for fraud risk management (Link to Guide: https://www.acfe.com/uploadedfiles/acfe_website/content/documents/managing-business-risk.pdf
For more information and risk management guidance, click Avoiding Missteps When Fraud is Suspected