مثلث بندی شواهد حسابرسی در ارزیابی ریسک کلاهبرداری

Drawing on the triangulation framework of audit evidence (Bell et al., 2005 and Peecher et al., 2007), we experimentally test for the conditions, if any, under which financial-statement auditors alter their fraud-risk assessments based on whether external evidence provides positive or negative news about underlying business performance. We focus on the condition in which two kinds of management-controlled audit evidence – evidence from the financial statements and evidence from internal data depicting performance of a key business process – is contradicted by external evidence suggesting that a key business objective has not been attained. According to the triangulation framework, such contradictory external evidence should heighten auditors’ skepticism about the veracity of management-controlled evidence and increase their assessment of fraud risk. The experimental findings indicate that auditors’ assessments of fraud risk significantly depend on whether or not external evidence disconfirms the attainment of a key business objective, but only when conflicting messages are provided by the two kinds of internal evidence. Importantly, auditors did not rely on external evidence when, in isolation, the two kinds of management-controlled internal evidence both suggested low fraud risk. Auditors’ failure to use external evidence as a means of ensuring the veracity of management-controlled internal evidence is more consistent with a credulous than with a skeptical mindset.

Recent regulation both in the USA (SAS 99; AICPA, 2002; PCAOB, 2007) and internationally (ISA 240) has placed increased responsibility on auditors for the detection of financial statement fraud. The Public Company Accounting Oversight Board (PCAOB) has reminded auditors of the importance of being diligently focused on their responsibilities to detect fraud (PCAOB, 2007 and PCAOB, 2008). However, fraud can be difficult to detect as “some members of management may even seek to conceal outright fraud by strategically altering information they expect the auditor will obtain as evidence” (Bell, Peecher, & Solomon, 2005, p. 19). This changed regulatory environment, as well as society’s demand for greater protection, implies increasing minimum evidence requirements and increased responsibilities for auditors in relation to fraud detection (Peecher, Schwartz, & Solomon, 2007). This focuses interest on how auditors respond to different types of evidence when making fraud related judgments. With the aim of meeting society’s expectations with respect to financial statement fraud, new evidence frameworks have been developed. In Bell et al. (2005) the concept of evidentiary triangulation2 is positioned as a conceptually normative way for auditors to acquire and evaluate complementary sources of evidence and to rely on that evidence in updating their risk assessments. As part of triangulation, the auditor can obtain evidence from the management-controlled financial statement process, management-controlled evidence depicting performance in key business processes (e.g., internal controls, production and marketing reports) or external evidence on whether a key business objective has been attained (e.g., information from customers or other external parties). Use of this external evidence is of particular interest because it is not easily manipulated by management compared with other sources of evidence that are subject to different degrees of management influence (Peecher et al., 2007). Understanding the use of evidentiary triangulation (hereafter referred to as ‘triangulation’) by auditors is important given the view that “triangulation enables audit quality improvement” particularly in situations where the auditor is concerned about intentional misstatement (Bell et al., 2005, p. 29). Specifically, Peecher et al. (2007) note that while the triangulation framework provides considerable promise for improving auditor fraud detection capabilities, there is a need for research that demonstrates more precisely the conditions under which external evidence, providing information about underlying business performance, can better detect material misstatements that stem from management fraud (Peecher et al., 2007). It is this question that we address. In the context of an accounting fraud, we test hypotheses for auditors’ use of external evidence depicting performance of a key business process. Management has implemented an accounting fraud involving overstated client revenue3 (and profitability) using one of two types of strategies to conceal the fraud (‘concealment strategies’). The two concealment strategies produce financial results that have different levels of compatibility with the client’s strategic business objectives and results of operations during the period. In all treatments, the controller provided the same fraudulent explanation for the higher-than-expected revenue number. In order to assess fraud risks at the planning stage of an audit, senior auditors were given the unaudited financial statement numbers (under the two different concealment strategies), business process performance evidence, and external evidence on levels of achieved customer satisfaction for increased sales. Given both consistent and inconsistent fraud risk implications for profiles of the financial statement and internal business process performance evidence, we examine the impact on fraud risk assessments of external evidence on the performance of a key business objective. There are three major contributions of this research. First, in an environment where there is increased emphasis on fraud detection, there is a need to rethink the types of evidence used (Hammersley, 2011, Hoffman and Zimbelman, 2009 and Peecher et al., 2007). Here we examine fraud risk assessments of auditors when they simultaneously use different sources of evidence that are subject to different degrees of management influence. While some forms of evidence can be manipulated by management, other evidence is generally more difficult to manipulate as it comes from outside the organization. Second, as suggested by Peecher et al. (2007), there is a need for research that addresses the conditions under which auditors are more versus less likely to engage in triangulation. Importantly, we find that external evidence, related to key business objectives, impacts fraud assessments when the implications of two types of management-controlled evidence are inconsistent. However, given the ability of management to manipulate this evidence, external evidence related to business objectives should also be useful to detect fraud in situations where the two types of evidence controlled by management both consistently suggest a low likelihood of fraud. This was not the case in our study even though it is this very situation where external evidence should be of most benefit in detecting fraud. Third, we report results on the ability of auditors to use evidence on the performance of the client’s business model to assess the risk of a (seeded) accounting fraud. We manipulate the financial statements such that there is either relatively high or low compatibility of the asserted financial statement numbers with the design and performance of the client’s business model. While a lack of compatibility does not necessarily indicate a misstatement, it should result in auditors refining their misstatement and non-misstatement expectations (Peecher et al., 2007). We find that auditors can use evidence on the performance of the client’s business model, and its compatibility with the financial statements, to interpret appropriately the fraud risk implications.