Detecting Fraud, Illegal Acts, Violations of Provisions of Contracts or Grant Agreements, and Abuse That Could Have a Material Effect on the Subject Matter

Bottom of Page TOC PREVIOUS NEXT


GAO-03-673G Government Auditing Standards > Chapter 6 General, Field Work, and Reporting Standards for Attestation Engagements > Detecting Fraud, Illegal Acts, Violations of Provisions of Contracts or Grant Agreements, and Abuse That Could Have a Material Effect on the Subject Matter


6.15 The standard related to fraud, illegal acts, violations of provisions of contracts or grant agreements, and abuse for attestation engagements performed in accordance with GAGAS is:

a. In planning examination-level attestation engagements, auditors should design the engagement to provide reasonable assurance of detecting fraud, illegal acts, or violations of provisions of contracts or grant agreements that could have a material effect on the subject matter or assertion of the attestation engagement, and should be alert to situations or transactions that could be indicative of abuse.

b. In planning review-level or agreed-upon-procedure-level attestation engagements, auditors should be alert to situations or transactions that could be indicative of fraud, illegal acts, violations of provisions of contracts or grant agreements, and if indications of fraud, illegal acts, violations of provisions of contracts or grant agreements, exist that could materially affect the subject matter or assertion, auditors should apply procedures specifically directed to ascertain whether violations of provisions of contracts or grant agreements, and if indications of fraud, illegal acts, violations of provisions of contracts or grant agreements, has occurred and the effect on the subject matter or assertion.

c. Auditors should be alert to situations or transactions that could be indicative of abuse, and if indications of abuse exist that could significantly affect the results of the attestation engagement, auditors should apply audit procedures specifically directed to ascertain whether abuse has occurred and the effect on the results of the attestation engagement.

6.16 Auditors should exercise professional judgment in planning an examination-level attestation engagement by obtaining an understanding of the possible effects of fraud, 1  illegal acts, or violations of provisions of contracts or grant agreements on the subject matter or assertion of the attestation engagement and by identifying and assessing any associated risks that could have a material effect on the attestation engagement. Auditors should include attest documentation on their assessment of risk, and, when risk factors are identified as being present, the documentation should include

a. those risk factors identified, and

b. the auditors’ response to those risk factors, individually or in combination.

6.17 In addition, if during the performance of the attestation engagement, risk factors or other conditions are identified that cause the auditors to believe that an additional response is required, such factors or other conditions, and any future response the auditors conclude is appropriate, should be documented.

6.18 For attestation engagements involving review-level or agreed-upon-procedure-level of reporting, auditors should be alert to situations or transactions that could be indicative of fraud, illegal acts, or violations of provisions of contracts or grant agreements. When information comes to the auditors’ attention (through audit procedures, allegations received through fraud hotlines, or other means) indicating that fraud, illegal acts, or violations of provisions of contracts or grant agreements may have occurred, auditors should consider whether the possible fraud, illegal acts, or violation of provisions of contracts or grant agreements could materially affect the results of the attestation engagement. If such acts could materially affect the results of the engagement, auditors should extend the audit steps and procedures, as necessary, to
(1) determine if fraud, illegal acts, or violations of provisions of contracts or grant agreements are likely to have occurred and, if so, (2) determine their effect on the results of the attestation engagement. Because the scope of review-level and agreed-upon-procedures-level engagements is limited, auditors are not expected to provide reasonable assurance of detecting fraud, illegal acts, or violations of contract or grant agreements for these types of engagements.

6.19 Abuse is distinct from fraud, illegal acts, or violations of provisions of contracts or grant agreements. When abuse occurs, no law, regulation, or provision of a contract or grant agreement is violated. Rather, abuse involves behavior that is deficient or improper when compared with behavior that a prudent person would consider reasonable and necessary business practice given the facts and circumstances. 2  For all levels of attestation engagements, auditors should be alert to situations or transactions that could be indicative of abuse. When information comes to the auditors’ attention (through audit procedures, allegations received through a fraud hotline, or other means) indicating that abuse may have occurred, auditors should consider whether the possible abuse could affect the assertion significantly. Auditors should consider both quantitative and qualitative factors in making judgments regarding the significance of possible abuse and whether they need to extend the audit steps and procedures. If indications of the possible abuse exist that significantly affect the results of the attestation engagement, the auditors should extend the audit steps and procedures, as necessary, to (1) determine whether the abuse occurred and, if so,
(2) determine its effect on the results of the attestation engagement. However, because the determination of abuse is so subjective, auditors are not expected to provide reasonable assurance of detecting abuse.

6.20 Auditors should exercise professional judgment in pursuing indications of possible fraud, illegal acts, violations of provisions of contracts or grant agreements, or abuse, in order not to interfere with potential investigations, legal proceedings, or both. Under some circumstances, laws, regulations, or policies require auditors to report indications of certain types of fraud, illegal acts, violations of provisions of contracts or grant agreements, or abuse to law enforcement or investigatory authorities before extending audit steps and procedures. Auditors may also be required to withdraw from or defer further work on the engagement or a portion of the engagement in order not to interfere with an investigation.

1Fraud is a type of illegal act involving the obtaining of something of value through willful misrepresentation. Although not applicable to attestation engagements, the AICPA SASs may provide useful guidance related to fraud for auditors performing attestation engagements in accordance with GAGAS.

2For example, in an attestation engagement that has as its subject reporting on an entity’s internal controls over compliance with specified requirements governing the procurement of motor vehicles, auditors might find abuse when considering purchases of passenger cars for official senior management use if costly luxury cars were purchased when less expensive models would have been appropriate. While auditors generally will not view the procurement of costly luxury cars as quantitatively significant to the subject matter, this action generally would be considered qualitatively significant to the subject matter or assertion.


Top of Page TOC PREVIOUS NEXT

GAO-03-673G Government Auditing Standards