When fraud is suspected

Before taking any steps to help a client that may have suffered a fraud or misappropriation of assets, ask yourself the following questions:
  • Do I possess the requisite professional competence?
  • Do I have the necessary experience/qualifications?
  • Will my assistance impair my independence and preclude me serving my client’s attest needs?
  • Am I conflicted out?
If fraud is suspected, the best initial step often is sending the client a written communique suggesting a that a qualified professional perform a forensic investigation. If the client declines, retain defensive documentation of the client’s decision. If the client asks you to perform the investigation, do so under the terms of a fraud examination engagement letter.

Important considerations include:

ET Section 201 – General Standards, ET 101 – Independence, and ET 102 – Integrity and Objectivity (AICPA). The CPA must take due professional care, adequately plan or supervise their response to a suspicion of fraud, and obtain sufficient relevant data to support findings regarding the alleged fraud. Hurried responses to fraud might violate the CPA Code of Conduct.

ET 1.295 (formerly Interpretation 101-3) Nonattest Services (AICPA). If the client is an attest client, be certain that management designates someone with the skill, knowledge and experience to be responsible and accountable for overseeing the forensic examination. Otherwise, the firm’s independence could be impaired because of the self-review threat.

In addition to the threat to independence, CPAs should take precautions to reduce the likelihood that stakeholders will perceive that their investigation was not objective or competently performed.

Before responding, it is important to establish that fraud suspicions are alleged by others, and to obtain written approval to access records and to interview personnel. The key is to be certain to obtain and document sufficient facts, arguments and conditions as defensive documents to defeat allegations that the forensic investigation lacks basis, or is unauthorized or libelous. Encourage management to inform legal counsel; investigations led by counsel preserve available legal privileges.

Presume work will be submitted to a prosecutor; by doing so, you avoid taking shortcuts that could undermine a successful prosecution. Pay particular attention to maintaining the chain of custody of evidence.

Other Resources:

Fraud Risk Management Guide (COSO). Provides implementation guidance that defines principles and points of focus for fraud risk management and describes how organizations of various sizes and types can establish their own fraud risk management programs. (Link to purchase Guide:http://www.acfe.com/fraudrisktools/guide.aspx)

Managing the Business Risk of Fraud: A Practical Guide (IIA, AICPA, ACFE). Recommends ways in which boards, senior management, and internal auditors can fight fraud in their organizations, and defines principles and theories for fraud risk management (Link to Guide: https://www.acfe.com/uploadedfiles/acfe_website/content/documents/managing-business-risk.pdf)

For more information and risk management guidance, click Avoiding Missteps When Fraud is Suspected.

Share this post

Leave a comment

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.

Latest Articles

  • 17 Dec

    War Story 113

    #113: Difficult Client; Tax Planning and Return Preparation Services — A client with high turnover and disorganization in its accounting and financial staff is not only frustrating, but also a liability exposure if documentation is not thorough.

    read more

  • 17 Dec

    General Data Protection Regulation

    General Data Protection Regulation ("GDPR") is a European mandate that went into effect on May 25, 2018. The regulation is designed to establish uniform data privacy law across the European Union, and applies to any EU established business, including U.S. companies and firms with offices i... read more

  • 17 Dec

    Documentation Tips for Tax Season

    With the increasing complexities in tax law and regulations facing CPAs today in light of the Tax Cuts and Jobs Act ("Tax Act," "Act" or "TCJA"), which introduced the most significant changes to the U.S. tax system since 1986, it is even more difficult to stay current on risk management an... read more