Numerous stories of financial statement fraud and alleged misconduct have been covered in the media in the recent past, including WorldCom, Xerox, Enron, Adelphia and Tyco, to name a few. To implement accounting reform and corporate accountability, the Congress passed and the president signed the Sarbanes-Oxley Act of 2002. While the Act applies to public companies, closely held businesses and not-for-profit organizations also have been affected by the recent frauds.

	Daniel Marsula, Post-Gazette Click illustration to see a larger version.

At about the same time as the Sarbanes-Oxley Act was passed, the American Institute of Certified Public Accountants issued a statement titled "Consideration of Fraud in a Financial Statement Audit (Statement on Auditing Standards No. 99, SAS 99)." The new set of rules is just one component of the AICPA's ongoing, comprehensive anti-fraud and corporate responsibility program. SAS 99 applies to all financial statement audits, regardless of the type of entity (public company, closely held company, not-for-profit, etc.) being audited.

While the new standard does not change the auditor's responsibility for fraud detection, it does require the auditor to take extra steps to uncover it.

SAS 99 will result in a substantial change in audit practice and more effective audits as it requires independent auditors to obtain a more in-depth understanding of their clients, including their internal controls, to identify the risks of material misstatements in the financial statements and determine what the clients are doing to mitigate those risks. Accounting firm clients, bankers and users of audited financial statements, as well as the public, have increasing expectations on the ability of the external auditor to detect fraud.

		Write us To submit a letter or an essay for consideration for The Private Sector, please send it via e-mail to Business@Post-gazette.com or via regular mail to Post-Gazette Business Section, Private Sector, 34 Blvd. of the Allies, Pittsburgh, Pa. 15222. Please include your telephone number, municipality and return address for verification.

Whether you are a private business owner, a controller or a board member of a not-for-profit organization, this new audit standard will affect your organization's interaction with the audit team.

Implementing new audit procedures can be challenging and uncomfortable at times. However, the new standard has some significant benefits for organizations. Examples include:

Your auditors will discuss with management, owners and boards fraud risk factors, both those related to fraudulent financial reporting (i.e., cooking the books) and misappropriation of assets (i.e., stealing)

Based upon the information your auditors gather as a result of the expanded procedures called for in SAS 99, your auditors may evaluate whether the programs and controls your organization currently has in place address fraud risk-factors identified and make recommendations to help your organization deter and detect fraud in order to prevent financial losses from misappropriation of assets.

The following are some of the effects an organization may notice during the audit as the audit team applies the requirements of the new standard:

Additional inquiries and communications by the audit team;

Additional emphasis on controls to prevent stealing, including controls over cash disbursements;

Examination of journal entries and other adjustments;

Performance of a "retrospective review" of prior accounting estimates made by management for biases;

Use of electronic testing approaches utilizing computer-assisted audit techniques designed to "mine" the source data for unusual relationships and trends;

Developing an understanding of the business rationale for significant, unusual transactions, including related party transactions and major property sales and exchanges;

Introduction of an element of "surprise" in the scope, timing and extent of procedures performed.

SAS 99 will have an impact on the way audits are done for private companies and nonprofit organizations. However, CPAs are well qualified and trained to dig through financial records and ferret out the type of information needed to draw conclusions about the existence of fraud -- a valuable asset to any organization.