Forensic Audits – Unique, Focused, Customized, and Necessary

Audit; when most people hear this word, images of professionals in dark suits scouring through boxes of documents searching for illicit transactions come to mind. In reality, most audits are financial statement audits. The goal is to express an opinion on the fairness of an organization's financial balances and disclosures, not to search for misconduct. Forensic audits share characteristics with a financial statement audit. However, they are more focused and typically in response to an explicit concern or concerns. Although similarities exist, financial statement and forensic audits meet specific needs while utilizing unique procedures and professionals with varied skillsets.

Entities of all types and sizes are required to obtain financial statement audits for various reasons. Local governments may need to document compliance with state or federal grant requirements. A small business could be required to present audited financials to secure a loan, or a multinational corporation could be compelled to obtain an independent audit as a condition of a merger. The purpose of a financial statement audit is to opine on the material accuracy of the balances presented and the disclosures contained within the final report, as well as to evaluate the effectiveness of the entity's internal controls.

Auditors use the Generally Accepted Auditing Standards (GAAS) and the knowledge gained during the internal control assessment to design testing procedures. The tests are then applied to the entity's general ledger accounts holistically, employing the concept of materiality coupled with transaction sampling. Materiality is a threshold used to determine individual transactions that, alone, are large enough to result in the presentation of misleading financial data. This amount will vary from entity to entity based on risk, prior adjustments, nature of operations, and size. The materiality calculation utilizes a benchmark balance, such as total assets, total revenue, or total expenditures, for the period being audited and applies a factor to the respective balance based on the characteristics above.

The audit team may sample the transactions that make up the remaining balance, should it be material to the financial statements. Incorrectly recorded transactions are assessed in total, with the result guiding the type of opinion the auditor will issue. These opinions are Unqualified (Clean), Qualified, Adverse, or a Disclaimer of Opinion. The issuance of a clean opinion does not mean the statements are 100% accurate, nor is it a guarantee that no fraud is present. An unqualified opinion does offer reasonable assurance of the material fairness of the financial statements as a whole.

According to the American Institute of Certified Public Accountants, the definition of forensic accounting is "the application of specialized investigative skills and accounting knowledge to collect, analyze, and evaluate evidential matter to help stakeholders reach conclusions on a matter, often within the context of a potential or actual legal or regulatory dispute."   Some of the skills, testing procedures, and knowledge required to perform a forensic audit are similar to those of a financial statement audit. During both forensic and financial statement audits, auditors will test transactions, evaluate internal controls, analyze ratios and variances, and review financial records.

Forensic audits diverge during the planning and design phase of the engagement. Because forensic audits are (in most cases) in response to known or suspected issues, the scope, testing procedures, and timing will vary based on the subject entity and desired outcome. These elements will be determined during the planning portion of the audit. Financial statement audits, on the other hand, have defined perimeters that guide the procedures depending on the applicable regulatory body (Financial Accounting Standards Board (FASB), Public Company Accounting Oversight Board (PCAOB), Governmental Accounting Standards Board (GASB), etc. In contrast to a financial statement audit that employs materiality and sampling, a forensic audit is focused on a specific class or classes of transactions, time period(s), or other area(s) of concern, as determined by the nuances specific to the engagement. The tests could employ an element of materiality; however, the threshold would be dictated by the circumstances of the investigation, not an account balance. The primary concern could be limited to one classification of transactions, in which case it may be appropriate to test 100% of the transactions that fall into that category. Many forensic procedures are mechanically similar to standard audit procedures; often, the application distinguishes them. Forensic audit teams also have unique investigative techniques at their disposal, such as interviews of client personnel, collaboration with law enforcement, and others.  

While there are parallels in the planning and testing stages of both types of audits, the reporting phase illustrates significant differences. In a forensic audit, the report could vary from a formal written document to an informal verbal report or even expert testimony in court. The options are limited only by the subject matter of the investigation, as there is no prescribed format or required content. In comparison, a typical financial report must adhere to the reporting standards of the applicable governing body (the FASB, PCAOB, GASB, or other regulatory entity). Unlike a financial statement audit report, which presents an opinion, a forensic audit report explains the findings, facts, conclusions, and evidence of fraud, asset misappropriation, or other financial misconduct. It does not offer an opinion on the existence of legal transgressions, a task reserved for a trier of fact.      

Understanding the difference between a financial statement audit and a forensic audit is a critical step in choosing the right type of engagement. Several circumstances that require a financial statement audit were outlined previously. The scenarios that lead to a forensic audit are countless, and the only limits to the procedures are the client's specific needs, budget, available evidence, and the desired result. Most commonly, clients seek out forensic accountants when they suspect some sort of asset misappropriation has occurred. However, embezzlement is far from the only situation that necessitates a forensic audit. Mismanagement, poor oversight, lack of internal controls, divorce, bankruptcy, and money laundering are just a few more indicators that it may be time to consider hiring a forensic accountant.

Most, if not all, organizations would prefer to avoid the situations that require a forensic audit, but understanding the basics of a forensic engagement will help leadership recognize when such a service is appropriate. This recognition is an essential tool in preventing or limiting financial losses due to fraud, gross mismanagement, or other potentially damaging environmental factors. When consulted, professionals and firms that offer forensic services will explain the technical differences between a financial statement audit and a forensic audit. However, the conversation with a forensic specialist may not occur without knowledge of the unique characteristics of the two services, and that a forensic audit can be tailored to the organization's specific needs, budget, and offers reporting flexibility. Technological advances, specifically artificial intelligence, as well as an ever-evolving accounting landscape, will increase the instances that call for forensic audits exponentially. The most effective way to combat these risks is to understand the preventative, detective, and reactive tools that entities have at their disposal, including a forensic audit.