By Christopher Niesche

Spurious websites set up with information about COVID-19; fraudsters posing as members of the World Health Organisation; bogus online shops selling surgical masks; and phoney doctors demanding payment for treatments.

The COVID-19 pandemic has increased opportunities – and motivation – for fraud, and regulators and accountants are warning auditors they need to be on the alert.

We are dealing with possibly the most complex and challenging environment many auditors have ever seen, says Amir Ghandar FCA, leader, reporting and assurance, at Chartered Accountants Australia and New Zealand.

“In the COVID-19 reporting environment, there’s going to be enormous pressure on management to be able to maintain performance and meet covenants and satisfy the market and keep up with their peers,” he explains.

“There’s going to be enormous pressure on management to be able to maintain performance and meet covenants.”

“In the current circumstances, being a once-in-a-lifetime situation where there are jobs on the line, and there are companies on the line, there is a whole set of dynamics around where fraudulent activities could be rationalised by the perpetrators.”

The current situation has created a perfect storm of opportunity, motivation and rationalisation – three ingredients needed to facilitate the fraud triangle.

At the time of writing, the International Auditing and Assurance Standards Board was preparing to launch a consultation into the role of auditors in regard to fraud, and related public perceptions or misconceptions.

Broadly speaking, there are two types of accounting fraud that could arise from the COVID-19 pandemic.

First is what might be called lower level fraud, when an employee, customer or outsider siphons money from accounts payable, payroll or other parts of a business where money is moved around. While companies need to be alert to these frauds and maintain controls, they are not the sorts of activities typically expected to be picked up by auditors.

At the other end of the spectrum is financial reporting fraud, where reports are misstated.

When fraud opportunity knocks

Chief financial officers and finance managers have a lot of fodder for the rationalisation of any financial misstatement.

There is a risk that assets are revalued or impaired to take advantage of the circumstances created by the pandemic and therefore don’t present true and fair results.

“Aggressiveness in accounting estimates and profit is not the only risk. Truth and fairness is as much about also avoiding over-conservatism, over-recognising losses or provisions that would be unwound in later years,” Ghandar says.

Large costs for redundancy payments and large amounts of government payments such as Australia’s JobKeeper and New Zealand’s wage subsidies will also be moving through financial statements, creating further opportunity.

This all comes at a time when internal controls that serve to prevent and mitigate the risk of fraud have been turned on their head. People are working from home and companies are primarily focused on keeping operations afloat and aren’t operating at full strength.

Adam Simms, forensic services partner at BDO in Sydney, says companies are reducing or “completely disregarding” internal controls due to the need for businesses to have a workaround. He says BDO has seen a decline in the number of fraud risk assessments by its clients.

“There’s a real focus from management on things like COVID-19 [that is] unfortunately taking away from other areas such as the internal audit program. We’ve seen that with a number of clients where there’s been a heightened risk of fraud and there’s been a cessation of funding across the board.”

“There’s a real focus from management on things like COVID-19 [that is] taking away from other areas such as the internal audit program.”

Simms’ main advice to the firm’s auditors is to understand where their client is at with knowing its fraud risk and taking account of the current environment –not as it might have been a year or two ago.

“Have a look at the fraud risk assessment. That should be number one for a business that hasn’t got one or that just simply doesn’t understand its fraud risk,” he says. “If there is a fraud risk assessment done, have they revisited it since COVID?”

What approach should auditors take?

When controls change or don’t operate effectively, the auditors need to look at the nature, timing and extent of their audit work and how they deal with these changes, says Doug Niven FCA, chief accountant at the Australian Securities and Investments Commission (ASIC).

When they work well, these controls allow the auditor to do less substantive testing such as looking back at source documents and invoices.

In terms of financial statements, Niven notes that directors and management are needing to make more difficult judgements about asset values, provisions, solvency and going concern in an environment where there may be many uncertainties about the future.

Auditors need to consider the approach to revenue recognition, expense deferral, how they’re being realistic about their assessments of asset values and disclosure as well.

“It is pretty key in the current environment to consider the possibility of financial reporting frauds but also where people might get the wrong results by not putting in sufficient effort and attention,” Niven says.

ASIC is addressing the problem firstly with education and trying to encourage management and auditors to focus on the change environment from the outset, “because it’s best to get them to do that rather than picking up the pieces afterwards”, says Niven.

ASIC is also tailoring its surveillance and audit inspection work to the new circumstances. “We're changing the focuses in our financial reporting surveillance and audit inspections to focus on what's happening with asset values, revenue recognition and expense deferral, solvency, going concern and disclosures.”

This is most complex reporting season ever

Matt Graham FCA, assurance leader at PwC Australia, says this is the most complex reporting season many auditors will have experienced in their entire careers.

“Striking a set of financial statements and performing an audit requires a lot of professional judgement. It particularly asks you to look forward a lot and think about the impact of certain things on a business, their forecasts while you’re checking the carrying value of assets, for example. And it is a really uncertain environment for companies to be thinking about their forecasts,” he says.

“So the amount of personal and professional judgement that needs to be applied by companies first, and then the auditors, makes for a much more complex reporting season.”

At the same time, the purpose of the audit in bringing independent trust and confidence to the capital markets is more important than ever.

In recognition of the extra amount of judgement involved, PwC is providing its audit partners with access to a panel of experienced audit partners who have previously dealt with highly complex situations, to consult with confidentially.

“I think that’s really important to be able to stand behind the quality of our audit work and, therefore, it’s really important for shareholders to know that we’re going over and above, given the complexity of this environment,” Graham says.

Auditors are in a pressure cooker

The large amounts of government stimulus money flowing to companies puts an additional pressure on auditors says Gill Cox ONZM FCA, former president of the New Zealand Institute of Chartered Accountants and now a professional company director.

“You’re getting businesses applying for wage subsidies that may not fully justify getting them and may not be playing to the rules,” he explains.

The grants raise two issues: the strictly legal, whether or not the company has complied with the requirements to get the grant; and what Cox calls the moral, for instance, if it was a wage subsidy to keep people in work, has the company done that or let people go and retained the subsidy anyway?

“The auditor’s responsibility is to report non-compliance with laws and regulations and this is going to put a lot of pressure on auditors,” says Cox, adding it will “create a debate within the profession about the responsibility of the auditor”.

Adding to the difficulty for auditors in dealing with these issues is the fact that governments have been making up the rules on grants and subsidies as they go.

Ghandar says auditors need to adjust to the new normal and be vigilant about the unique circumstances at play.

“Auditors need to revisit their risk assessments for the part of the year that the environment changed and employees were at home,” he says.

“It’s really important for auditors to recognise that as much as each year is a new audit and can bring new considerations, like never before this is the year where you can’t look at what was done last year as any kind of a guide.”

Vigilance is key, he adds. “That’s where the vigilance comes in – in terms of really looking at the situation, reassessing based on where things have shifted, and taking a fresh set of eyes to that risk.”

Livestreaming audits

Another difficulty facing auditors in this disruptive year is the simple logistics of carrying out an audit. Strict social distancing requirements may prohibit access to paper records or inventory.

One workaround for an inventory check is to have a trusted staff member of the client, outside of the finance section, livestream a tour of a warehouse to the auditor’s instruction, with controls such as geolocation or panning to street signs to guarantee they are at the right premises. Another control is to have a second camera pointing behind the staff member to ensure no-one’s shuffling stock around behind their back.

Additionally, auditors may not be able to conduct face-to-face meetings. Zoom interviews require a slightly different skill set for interviews.

Read more: