The American Institute of CPAs’ Auditing Standards Board is looking for feedback on a proposed standard updating auditors’ responsibilities related to fraud.
The proposed Statement on Auditing Standards, The Auditor’s Responsibilities Relating to Fraud in an Audit of Financial Statements, includes several changes, such as the creation of required procedures for when an auditor has identified or suspected fraud. The proposed SAS also reminds auditors to maintain professional skepticism throughout the audit.
“This exposure draft doesn’t alter the overall objectives of the auditor when fraud or suspected fraud is identified,” said AICPA chief auditor Jennifer Burns in a statement Thursday. “What it does is strengthen and clarify the auditor’s specific role in these circumstances. Management, those charged with governance and auditors all have important responsibilities, and when everyone diligently executes those responsibilities, an organization is best positioned to identify fraud.”
The proposed changes come in the wake of a stalled project from the Public Company Accounting Oversight Board that was opposed by many auditing firms and organizations.
The proposed changes in the exposure draft include:
New requirements to clarify the auditor’s response when fraud or suspected fraud is identified in an audit of financial statements, which are among the most significant changes in the proposed SAS;Extra guidance to explain the relationship of fraud with corruption, bribery and money laundering, as well as fraud committed against an entity by third parties;A new requirement that stresses the importance of remaining alert throughout the audit for information that is indicative of fraud or suspected fraud;A new requirement for the engagement partner, when addressing engagement resources, to determine that members of the engagement team collectively have the appropriate competence and capabilities, including sufficient time and appropriate skills or knowledge, to perform the audit;A broadening of the requirement for an auditor to perform a retrospective review of management judgments and assumptions related to accounting estimates reflected in the financial statements of the prior year, and not just those of significant accounting estimates;A new requirement for the auditor to treat the risk of management override of controls as a risk of material misstatement due to fraud at the financial statement level and to determine whether such risk affects the assessment of risks at the assertion level;An enhanced requirement for an auditor to take into account related fraud risk factors when determining which types of revenue, revenue transactions or relevant assertions give rise to risks of material misstatement due to fraud;Auditors are concerned about a material misstatement of financial statements due to fraud, and the proposed standard clarifies that even when an identified misstatement due to fraud is not “quantitatively material,” it may nevertheless be “qualitatively material” depending on who instigated or perpetrated the fraud (such as management) and why the fraud was perpetrated;Requirements pertaining to communications with management and the governing body throughout the audit engagement.
Comments about the exposure draft are due by Oct. 3, 2025. If issued as final, the proposed SAS would supersede SAS No. 122, Statements on Auditing Standards: Clarification and Recodification, as amended, section 240, Consideration of Fraud in a Financial Statement Audit (AU-C Section 240), and amend several other standards.
The exposure draft is the result of over three years of outreach and research by an ASB task force, which also considered alignment of the proposed standard, where appropriate, with a similar project by the International Auditing and Assurance Standards Board. The ASB is also continuing to monitor a similar project at the Public Company Accounting Oversight Board, known as the noncompliance with laws and regulations or NOCLAR standard, which the PCAOB has halted for this year after a backlash from auditing firms and business groups.
If issued as final, the proposed SAS would be effective for audits of financial statements for periods ending on or after Dec. 15, 2028, with early implementation permitted.
