How To Execute A Forensic Audit? The Ultimate Step-By-Step Guide

WHAT IS AUDIT?

“Audit is an examination of accounting records, undertaken with a view to establishing whether they correctly and completely reflect the transactions to which they purport to relate.” Prof. Dickers

“Auditing is concerned with the verification of accounting data, determining the accuracy and reliability of accounting statements and reports.” R.R. Mautz 

“Long range objectives of an Audit should be to serve as a guide to management's future decisions in all financial matters such as controlling, forecasting, analysing and reporting. These objectives help the business unit to improve its performance.” Arthur W. Holme

• Auditing is nothing but the systematic and critical examination and verification of the books of accounts. It can be undertaken throughout the year or periodically.
• The primary aim is to find out whether the financial statements exhibit a true and fair view of the business.
• Origin of the term audit is said to be in the Latin term audire which means to listen.
• Audit of accounts by a duty qualified chartered accountant is mandatory for the registered joint stock companies, public trusts, bigger co-operative societies and for income tax and VAT tax payers above a particular limit.

Objectives of Audit:

• To find the reliability of the financial position and profit and loss statement.
• To check whether the financial statements of the company present a true and fair view.
• To check whether the financial statements are kept as per the provisions of the relevant Act.
• Verification of the entries with the relevant documentary evidences.
• To check whether all the money received is accounted for or not and all the payments made have proper supporting documents.
• To conduct an independent review of financial statements.
• Auditor has to examine the prevailing internal control and internal check systems prevalent in the organisation and must check the arithmetical accuracy of the books of accounts.
• The auditor has to check the physical existence of various assets shown in the balance sheet and check whether they present a true and fair value.
• After checking the accounts the auditor has to express his or her personal judgement on the maintenance of the books of accounts.
• The company who audits its financial statements on a timely basis builds a good reputation and goodwill.
• Helps the stakeholders with decision making as audited accounts are considered more reliable.
• To detect and prevent frauds and errors.

Necessary Steps:

Before the commensement of any new audit ,the auditor must take the following steps:

1. Ascertain the scope of duties: To start with, the auditor should assertain the exact nature and scope of his or her duties. This question does not arise in case of a statutory audit as his or her duties are enumerated in the concerned law only.For example; when an auditor is appointed to audit the accounts of a joint stock company, there are provisions in the Companies Act, about the duties, rights of an auditor. However, if a concern in which audit is not legally mandatory, auditor must communicate or discuss the scope of his or her duties with the management of the concern.

2. Acquisition of Appointment letter: Before the commencement of the audit work, the auditor must obtain his or her appointment letter from the client. Such letter should consist of his or her duties, remuneration, duration allowed to complete the job. Engagement letter leads to an audit contract.

3. Nature of the client’s business: Each and every business has its own special and unique features. Hence, business follows and accounting system that suits its needs. There is no one uniform accounting system that can be followed by every business organisation. So the auditor before commenting his auditing work should study the special problems of the business unit and the system of accounts prevalent in the organisation.

4. Obtain a list of accountable officers: The auditor should obtain a list of responsible and accountable officers, so that, while going through the audit procedure, if the auditor needs any information or clarification on any specific point, he can directly contact the concerned officer. Auditor should also obtaine information about the extent and scope of authority of each of them.

5. Knowledge of technical details: The auditor should also acquire some knowledge about the technical details of business. This will help him or her to understand and analyse the nature of the transactions while auditing them.

6. Inquiry into special circumstances, if any: Should enquire into special circumstances surrounding his appointment. In case he or she is appointed in place of another auditor it is his professional duty to communicate with him.

7. Instructions to the client: ‌

• Accounts should be finalized and kept ready for audit.‌
• Necessary schedules be prepared and made available. For example: list of debtors and creditors, fixed assets, outstanding incomes, incomes received in advance, cost of acquisition and market price statement of deferred revenue expenditure etc.‌ The auditor should also ask to produce the final accounts of last two three years with auditor’s report.

Key Considerations While Audit Execution:

Audit of various financial statements of a company is quite a multifaceted activity, it needs to be process driven to execute is effectively and ensuring accuracy. The auditor has to take into account many components whithin the business starting from the functioning of the internal management, the workforce, accounting practices followed, work ethic, nature of the business, the accounts kept by the internal auditors, the company’s policies and ensuring whether the company is a adopting a true and fair approach in its dealings…

The key phases in the audit execution stage are Execution Planning, Risk and Control Evaluation, Testing and Reporting.

Execution Planning:

Prior to the commitment of an audit program it is of vital importance to have a road map of audit execution to ensure a timely and quality audit result. The auditors need to plan their work in order to carry out the audit in an effective, efficient and timely manner. A detailed audit program is prepared laying down the all the objectives, scope and audit approaches.

The workforce requirement, professional audit team qualifications and the time allotment are some of the major considerations while executing an audit plan. Effective audit needs the effectively planned code of conduct and accurate data driven information. In order to plan effectively, the auditor may need some more information about the audit area. Using various forms of statistical data driven information and collection of primary and secondary data will definitely provide the auditor with accurate financial and non-financial data.

Risk and Control Ascertainment:

For each stage of audit, the auditor should conduct a detailed risk and control evaluation that ascertains the list of risks that must be reviewed in that specific area, take into consideration risk controls that exist or those that are needed to protect against the risk and show for each control, the work steps required to test the effectiveness of the controls. While establishing a risk and control assessment it is quite necessary to borne in mind the materiality levels as the same is linked with audit risks.

Testing:

Once a comprehensive understanding is acquired of the key risk factors and the control systems to be evaluated in a given audit area, the auditors should test the operating effectiveness of the controls to determine whether controls are operated as per the standard expectations. There are multiple test methods which can be put to use to reach the conclusions on the effectiveness of the control systems. Deviations, if any, can be fixed with the right strategies and framework.

Deviations refer to the differences between the standard estimates and the actual outputs.

Reporting:

SA 700, “Forming an Opinion and Reporting on Financial Statements” establishes standards on the form and content of the auditor’s report to be issued as a result of an audit performed by an auditor of the financial statements of an entity. The auditor should review and assess the conclusions drawn from the audit evidence obtained as the basis for the expression of an opinion on the financial statements. The review and assessment primarily involves considering whether the financial statements have been prepared in accordance with an acceptable financial reporting framework applicable to the entity under audit. It is also quite necessary to consider whether the financial statements comply with the relevant statutory requirements such as the compliance of Provisions and Enactments of the Company Law, Accounting Standards framed by ICAI, etc.

The auditor’s report should contain a clear cut written expression of opinion on the financial statements taken as a whole. A measure of uniformity in the form of content of the auditor’s report is desirable because it helps to promote the readers understanding of the auditor’s report and to identify unusual circumstances when they occur.

Other Vital Consideration:

In addition to the above mentioned stages, the auditor has to take into consideration this practice while executing the Audit, which is:

SA 600- Using The Work of Another Auditor

When the auditor delegates work to assistants or uses work performed by other auditors and professional experts, he/she will continue to be responsible for forming and expressing his/her opinion on the stated financial information. However, the auditor will be entitled to rely on the work performed by the other auditors and professional experts, provided that he/she exercises adequate professional skill, expertise, data driven analysis and care and is not aware of any reason to believe that he/she should have not so relied.

In the case of any independent statutory appointment to perform the work on which the auditor has to rely in forming his/her opinion, such as in the case of the work of branch auditors appointed under the statutory framework of the Companies Act, the auditor’s report should completely disclose the fact of such reliance.

It is to be noted that auditor who uses the work performed by other auditors and professional experts is known as the Principal Auditor.

Principal Auditor means the auditor with the responsibility for reporting on the financial information of a company when that financial data includes the financial information of one or more components audited by another auditor or professional expert.

Other Auditor means an auditor, other than the principal auditor, with responsibility for reporting on the financial information of a component which is included in the financial information audited by the principal auditor.

Component means a division, branch, subsidiary, joint venture, associated enterprises or other entity whose financial information is included in the financial statements audited by the principal auditor. 

When the principal auditor uses the work of another auditor, the principal auditor should determine how the work of the other auditor will affect the audit reports.

The purpose of SA 600 (Using the work of another auditor) is to:

SA 600 (Using the work of another auditor) has put in place statutory standards to be applied in situations where the Principal Auditor uses the work of other auditor with respect to the financial information of one or more components included in the financial information of the company.

What Is A Forensic Audit?

Forensic Audit is a meticulous and thorough examination of financial records and transactions to uncover a potential fraud, embezzlement, or other financial irregularities. It’s a specialized field that combines accounting, auditing, and investigative skills to uncover the truth behind financial discrepancies.

A forensic audit is a detailed examination of a company’s financial statements, transactions, and records to detect and investigate potential financial malpractices. It’s a comprehensive review of financial data, often conducted in response to suspected fraud, corruption or other financial irregularities.

Forensic audits can be conducted on various types of organizations, including corporations, non-profits and government agencies.

Importance of Forensic Audit:

Forensic audits play an integral role in the regular corporate affairs like:

Detecting Financial Crimes: Forensic audits help identify and investigate financial irregularities, such as embezzlement, money laundering, or accounting fraud.

Preventing Financial Losses: By detecting potential fraud early, companies can take steps to prevent further losses and protect their assets.

Ensuring Regulatory Compliance: Forensic audits help companies comply with regulatory requirements and industry standards.

Protecting Stakeholders’ Interests: Forensic audits provide stakeholders, including investors and shareholders, with assurance that financial statements are accurate and reliable.

Techniques Used In Forensic Audit:

Forensic auditors use various techniques to uncover financial irregularities:

Document Examination: Reviewing financial documents, such as invoices, receipts, and bank statements.

Data Analysis: Analyzing financial data to identify trends, anomalies, and potential red flags.

Interviews and Interrogations: Conducting interviews with key personnel and suspects to gather information.

Digital Forensics: Examining digital evidence, such as emails, computer logs, and other electronic data.

Surprise Audits: Conducting unannounced audits to detect potential fraud or irregularities.

Skills Required for Forensic Audit:

Forensic auditors need a unique combination of skills, including:-

Accounting and Auditing Expertise: Knowledge of accounting principles, auditing standards and financial regulations.

Investigative Skills: Ability to analyze data, identify patterns, and follow leads.

Communication Skills: Effective communication and interviewing skills to gather information and present findings.

Analytical Skills: Ability to analyze complex financial data and identify potential irregularities.

Types of Forensic Audits:

1. Fraud Audit: Focuses on detecting and investigating financial statement fraud, asset misappropriation and corruption.

2. Compliance Audit: Examines an organization’s compliance with regulatory requirements, industry standards and internal policies.

3. Operational Audit: Evaluates an organization’s operational efficiency and effectiveness, identifying areas for improvement.

Skills Required for Forensic Audit:

Forensic auditors need a unique combination of skills, including:

1. Accounting and Auditing Expertise: Knowledge of accounting principles, auditing standards, and financial regulations.

2. Investigative Skills: Ability to analyze data, identify patterns, and follow leads.

3. Communication Skills: Effective communication and interviewing skills to gather information and present findings.

4. Analytical Skills: Ability to analyze complex financial data and identify potential irregularities.

Strategic Procedure To Execute A Forensic Audit:

1. Planning: Defining the scope and objectives of the audit.

2. Evidence Collection: Gathering financial data, documents and other relevant documentary evidence.

3. Strategic Analysis: Examining and analyzing the evidence to identify potential irregularities.

4. Reporting: Presenting findings and recommendations to stakeholders.

5. Follow-up: Monitoring the implementation of recommendations and ensuring compliance.

A Step-by-Step Guide to Executing a Forensic Audit:

A forensic audit is a thorough examination of financial records and transactions to detect and investigate potential fraud, embezzlement, or other financial irregularities. It’s a specialized field that combines accounting, auditing, and investigative skills to uncover the truth behind financial discrepancies.

Here’s a detailed, practical and strategic guide to performing a forensic audit:

I. Planning and Preparation

1. Define The Scope And Objectives: Clearly determine the purpose and scope of the audit, including the specific areas to be examined and the time period covered.

2. Establish A Team: Gather a team of experienced forensic auditors, accountants and investigators with the necessary skills and expertise.

3. Gather Information: Collect relevant documents, including financial statements, bank records and other supporting documents.

4. Develop A Timeline: Create a timeline of key events and transactions to be investigated.

II. Risk Assessment and Analysis

1. Identify Potential Risks Factors: Analyze the organization’s financial data and identify areas of high risk, such as unusual transactions or large journal entries.

2. Conduct A Preliminary Review: Review the organization’s financial statements, policies and procedures to identify potential weaknesses or irregularities.

3. Develop A Risk Matrix: Create a risk matrix to prioritize areas of high risk and focus the audit efforts.

III. Evidence Collection

1. Gather Documents: Collect and review relevant documents, including financial statements, bank records, invoices and contracts.

2. Conduct Interviews: Interview key personnel, including management, accounting staff and other relevant individuals.

3. Use Data Analytics: Use data analytics tools to analyze financial data and identify potential irregularities.

4. Digital Forensics: Examine digital evidence, such as emails, computer logs and other electronic data.

IV. Analysis and Testing

1. Analyze Financial Data: Analyze financial data to identify trends, deviations and potential irregularities.

2. Test Transactions: Test transactions to verify their accuracy and authenticity.

3. Verify Account Balances: Verify account balances and reconcile discrepancies.

4. Identify Potential Fraud: Identify potential fraud or other irregularities and document findings.

V. Reporting and Communication

1. Document Findings: Document all findings, including evidence and supporting documentation.

2. Prepare A Report: Prepare a clear and concise report detailing the audit findings and conclusions.

3. Communicate Results: Communicate the results to the relevant parties, including management and the audit committee.

4. Recommendations/Suggestions: Provide recommendations for improving internal controls and preventing future irregularities. Implementing strong internal control and check systems and the way it needs to be executed.

VI. Follow-up and Monitoring

1. Monitor Execution: Monitor the implementation of recommendations and ensure that corrective actions are taken.

2. Follow-up Audits: Conduct follow-up audits to ensure that internal controls are effective and functioning as intended.

3. Continuous Check: Implement continuous monitoring to detect and prevent future irregularities.

Bottomline:

Forensic audit is a powerful tool for uncovering financial irregularities and detecting potential fraud. By combining accounting, auditing, and investigative skills, forensic auditors play a crucial role in protecting companies and stakeholders from financial malpractices.

With these practical strategic steps, forensic auditors can effectively uncover financial irregularities and provide valuable insights to companies and stakeholders.