RIYADH — The Saudi Organization for Chartered and Professional Accountants (SOCPA) has confirmed that the risk of fraud related to management override of controls is a mandatory risk under International Standard on Auditing (ISA) 240.It stressed that it cannot be presumed absent or rebutted due to its pervasive nature and potential impact on financial statements as a whole.In its guidance titled “Effective risk assessment and testing of management override of controls, including overrideable accounting estimates,” SOCPA explained that misstatements in financial statements arise either from fraud or error, with the key distinction being intent.Fraud involves deliberate conduct, while error is unintentional.The authority noted that management’s ability to manipulate records or override controls places it in a unique position that may result in fraudulent financial reporting.SOCPA stated that the risk of management override is not confined to a specific area, but may extend to classes of transactions, account balances and disclosures, making it a pervasive financial statement-level risk that requires precise evaluation and tailored audit responses.It emphasized that addressing this risk requires auditors to maintain professional skepticism throughout the audit process and to consider the possibility of intentional misconduct when planning and performing audit procedures, as procedures designed solely to detect errors are not sufficient to uncover fraud.SOCPA recently launched the “Accounting Disclosures” initiative to enhance professional awareness of standards and practices related to audit quality and to highlight high-risk areas in financial statements.The initiative aims to improve auditor competence, strengthen transparency and reinforce confidence in financial reporting among users.
Keep Up to Date with our Weekly Newsletter
