Tuesday, April 2, 2013

Are Auditors Really Looking for Fraud?

Yesterday, we discussed the requirement by all auditors, not just Government auditors, to plan and perform their audits to obtain reasonable assurance that material misstatements and noncompliance, whether caused by error or fraud, are detected. Historically, many audit firms and Agencies have not considered this step paramount in their overall planning and risk assessments but things are changing. Government contractors should expect inquiries as to whether they have any knowledge of fraud or suspected fraud affecting the entity. Don't take it personally - the auditors are just doing their jobs.

A recent DoD-IG report issued in February is one reason for the renewed emphasis on fraud.

The Institute of Defense Analysis (IDA) is a Federally Funded Research and Development Center (FFRDC) that provides objective analyses of national security issues. As a reciepent of federal funds, it was required to have an audit. In 2011, PriceWaterHouseCoopers (PwC) and the Defense Contract Audit Agency (DCAA) performed a joint audit of the costs expended by IDA. After the audit was completed, the DoD-IG performed a quality control review of the joint PwC/DCAA audit. Insofar as PwC's effort was concerned, the DoD-IG found that it met the standards. Not so for DCAA's portion. In fact, the DoD-IG concluded that more audit work was required before anyone could rely on the results of the audit.

Among the deficiencies found in DCAA's work was a failure to adequately plan, perform, and document the audit procedures to support their conclusions on whether IDA complied with the terms of its grants and contracts. They also found deficiencies in the performance of fraud risk assessment procedures. Specifically, the IG noted the following:

DCAA did not perform sufficient fraud risk assessment procedures during the planning and performance of the audit. The ... audit program procedures required the auditor to evaluate only the fraud risk indicators identified in the DoD IG, “Handbook on Fraud Indicators for Contract Auditors.” The working papers documented that the evaluation of fraud indicators was limited to a review of “Handbook on Fraud Indicators for Contract Auditors.” Based on this review, DCAA concluded that there were no identified fraud risks. 

... (However, auditing standards) ... requires the auditor to plan and perform the audit to obtain reasonable assurance that material misstatements and noncompliance, whether caused by error or fraud, are detected. Specifically, as a means of obtaining information needed to identify fraud risk areas, the standards require, among other procedures, inquiries of management during the planning process to determine if they have knowledge of any fraud or suspected fraud affecting the entity. 

As mentioned in yesterday's posting, since the IG report was issued, DCAA has been revising its audit programs and guidance to ensure compliance with auditing standards. Contractors should expect increased audit emphasis in this area.




No comments:

Post a Comment