FORENSIC AUDITING Forensic auditing could be defined as the application of auditing skills to situations that have legal consequences.

The application of accounting methods to the tracking and collection of forensic evidence, usually for investigation and prosecution of criminal acts such as embezzlement or fraud. A forensic audit is an examination of an organization's or individuals economic affairs, resulting in a report designed especially for use in a court of law. A forensic audit is similar to the tax audits performed by the IRB both strive to establish a comprehensive picture of an entity's finances (assets, liabilities, total income, and cash flow). However, while a tax audit is intended to determine the true size of one's tax liability, a forensic audit can have several goals, including mapping cash flow/cash transactions, identifying accounting errors and enumerating total assets. In a global review conducted by Ernst & Young, on the question of auditors' responsibility, in 1996, found that seven out of ten of the respondents believed that auditors should have the responsibility to detect substantial fraud. While, eight out of ten believed that this should be part of their normal audit and not by special one-off reviews. Its make clear that they see their main goal more in preventing corruption than in the field of actually detecting such illegal activities. Auditors need to be alert for situations, control weaknesses, inadequacies in record keeping, errors and unusual transactions or results which could be indicative of fraud, improper or unlawful expenditure, unauthorised operations, waste, inefficiency or lack of probity. Even though no formal survey on this aspect has been carried out, it may be advisable to address the issue with a view to identifying, and to the extent possible, defining our positions on the several issues that are involved. It is in this context that we need to view the adoption and use of Forensic Auditing. An obvious example of forensic auditing is the investigation of a fraud or presumptive fraud with a view to gathering evidence that could be presented in a court of law. However, there is an increasing use of auditing skills to prevent fraud by identifying and rectifying situations which could lead to frauds being perpetrated (i.e. risks). It might be useful, therefore, to discuss forensic auditing as being either Reactive or Proactive . Forensic audits are used whenever lawyers or law enforcement officials need reliable data on a party's financial status or activities. For example, while reaching a divorce settlement, a lawyer may request the presiding judge to permit a forensic audit to uncover assets that one spouse is trying to hide. Forensic audits are performed by special class of financial experts know as forensic accountants. This class includes certified fraud examiners (people with bachelor's degrees or equal professional experience who have a background in accounting, prosecuting fraud, loss prevention or criminology. There is no gain saying the fact that our audits as currently executed and reported do bring out in a wealth of detail, instances of individual or systematic fraud and corruption. There is, however, a need to provide a comprehensive framework involving the use of forensic auditing methodology, particularly in the areas of audit planning and execution, and for a uniform reporting practice that would very explicitly spell out the implications of control failures including failure of senior management in implementing prescribed controls.

1 ISSUES IN AUDITING

EXPECTATION GAP Auditing is increasingly difficult and challenging with new rules and regulations encouraging, if not requiring auditors to enhance their efforts to detect fraud during an audit. Unfortunately, these rules and regulations contain terms like reasonable, material, professional scepticism and brainstorming whose meanings vary in the minds of different auditors. General public expects the auditors on all existing shortcomings and wrongdoings of the audited company. It also expects the auditors to point towards future likely problems such as insolvency or closure of business. Many auditors and professional bodies of auditors claim that the audit expectation gap exists primarily because of the public ignorance of the extent of the responsibilities of auditors. However this view is not shared by all and considers substandard performance buy auditors to be a major component of the gap. The term "Audit Expectations Gap" was is defined as the difference between the levels of expected performance of auditors in terms of detecting and reporting on practices and performance of the audited company, as perceived by the user of financial statements, and the actual performance of the auditors. Thus we can divide the audit expectation gap in four components. First is the unreasonable expectation of the public beyond what is reasonable and desirable. Second is the gap between the required performance and the officially laid down standards of performance. Next gap is because of actual performance of auditors falling short of the laid down standards. Finally the difference between actual auditor performance, and its perception by the public. The users of financial statements should be allowed to expect that the auditors' materiality levels correspond with their own. If this is not the case an expectation gap will arise. Especially if the financial statements purpose of this empirical and explorative research has been to offer a comparison of the materiality levels among a group of financial analysts (users) and a group of auditors, to determine whether the auditors' materiality levels are in accordance with that of a user group, who get their information about the audit, from the auditors report only. Auditors face similar challenges when it comes to detecting fraud in an audit. In many instances, they are not sure how much effort must be made to uncover red flags for fraud. More important, they do not always take the appropriate steps to uncover fraud once a red flag surfaces during an audit. Clients, judges, shareholders, and other parties, however, expect auditors to take steps to detect fraud during the audit. They are often displeased when fraud goes undetected and is later uncovered by a tip or accident. The resulting investigation or financial statement restatement creates negative consequences for the company and its employees. The reasons an auditor may fail to identify red flags during an audit include the following: Overreliance on client representations; Lack of awareness or recognition of an observable condition indicating fraud; Lack of experience; Personal relationships with clients; Failure to brainstorm potential fraud schemes and scenarios; and A desire not to know.

The expectation gap is driven by two variables: the auditors ability to detect fraud, and the auditors efforts to detect fraud. An auditor may possess the skills to detect fraud, but might choose to take shortcuts or disregard obvious signs of potential fraud. Or, an auditor might use a variety of techniques, but lack the experience to effectively uncover red flags. Both scenarios will broaden the expectation gap. 2 ISSUES IN AUDITING

DUE DILIGENCE Due diligence is a somewhat technical phrase used to describe a range of assignments, legal obligations, reports and investigations which take place in business, manufacturing and law. Its most frequently heard version is the one pertaining to business, where "due diligence" refers to the steps taken by venture capitalists before investing a round of capital in a start up, the ongoing investigation as to how the funds are being distributed, or the precautionary steps taken by a larger company in deciding to acquire a smaller company. The precise definition of "due diligence" varies between firms and organizations. In manufacturing for example, certain environmental requirements must be met, which are verified in an Environmental Site Assessment called a "due diligence report". It consists of a checklist of specifications and sections for open commentary. In venture capitalism, due diligence involves looking into the past and present of the people and structure of a company requesting venture funding. For instance, venture capitalists are wary of investing in companies that lack people with credentials or a proven track record. Depending on the overall level of caution in the investment environment at the time, a due diligence investigation may be more or less stringent. Typically a venture capital firm will have a dozen or more investigators whose task is to research specific details of the personal history of people in the company. With the Internet, researching a person's past associations and experience has never been easier, much to the delight of investment communities. Of course, due diligence is not a panacea against investment failures. Even a company made up of well-educated high achievers can falter due to unpredictable market conditions, unforeseen competition, or technical setbacks. Typically, partners will prefer to invest in companies led by people they already know are very trustworthy, and probably have been given funds in the past. In law, due diligence refers to precautions that are supposed to be taken by a person or company in some context. For example, did the company thoroughly check their product beforehand to ensure it was non-toxic or was not a strangulation hazard? If they do not, and bad results come of their negligence, they can be held criminally liable. The term "due diligence" first came into common use as a result of the United States' Securities Act of 1933 which could be used by broker-dealers when accused of inadequate disclosure to investors of material information with respect to the purchase of securities. As long as broker-dealers exercised "due diligence" in their investigation into the company whose equity they were selling, and disclosed to the investor what they found, they would not be held liable for non-disclosure of information that was not discovered in the process of that investigation. The entire broker-dealer community quickly institutionalized, as a standard practice, the conducting of due diligence investigations of any stock offerings in which they involved themselves. Originally the term was limited to public offerings of equity investments, but over time it has come to be associated with investigations of private mergers and acquisitions as well. The term has slowly been adapted for use in other situations. The due diligence process framework consists of compatibility audit, financial audit, macro-environment audit, legal/environmental audit, marketing audit, production audit, management audit, information systems audit and reconciliation audit. It is essential that the concepts of valuations (shareholder value analysis) be linked into a due diligence process. This is in order to reduce the number of failed mergers and acquisitions. In business transactions, the due diligence process varies for different types of companies. The relevant areas of concern may include the financial, legal, labour, tax, IT, environment and market/commercial situation of the company. Other areas include intellectual property, real and personal property, insurance and liability coverage, debt instrument review, employee benefits and labour matters, immigration, and international transactions. 3 ISSUES IN AUDITING

PRACTICE / PEER REVIEW Practice Review is a programme which applies to Malaysian members who holds a practicing certificate and is engaged in public practice services. It provides members in practice with a framework of quality assurance principles to help them assess and develop their practices, offering practical support and advice. Practice Review has been designed to demonstrate to the business community and the wider public the Institute's commitment to upholding and developing public standards that command public confidence. The Practice Review programme is conducted pursuant to the By-Law Part II, Section 550: Quality Assurance & Practice Review. By-Law Part II Section 550 is issued by the MIA Council on 15 November 2002 and is effective from 1 January 2003. The Malaysian Institute of Accountants (MIA) has set up the Practice Review Committee to monitor the quality of work performed by external auditors such as: - stay at the forefront of the profession through a visible regulatory process and commitment to high quality audit - demonstrate to the public the commitment to upholding professional standards - will elevate to higher levels of professionalism - adds value and brings suggestions for improvement - will provide with reassurance about your own practice - will affirm the public trust a confidence towards profession - will propel to the cutting edge of the profession through the application of best auditing practices This underscores the professions commitment to constantly improve and enhance the quality of chartered accountant practices in the country. Sustaining and ensuring compliance with the requirements of the standard on a system of quality control is mandatory for practising firms. As such it is imperative for practising firms to be in compliance with professional ethics, conduct and practices as set out in the By-Laws of MIA and the various Practice Guides. MIA stands firm and committed to raise practicing firms quality in the systems of quality control including human resource capacity, competency and capability in order to be on par with international standards, for a progressive business and a sustainable practice. The Practice Review Committee (PRC) works together with member firms in conducting practice reviews to determine whether professional standards have been maintained observed and applied. In promoting quality assurance and raising standards, the PRC emphasizes awareness and provides guidance on application and compliance issues as well as recommendations for the cultivation of best auditing practices. The PRC in broad terms aims to fulfil the expectations of the business community, the public and the government by diligently building confidence and elevating trust in the public practice profession in Malaysia.

4 ISSUES IN AUDITING