Internal Auditors' Perceptions of the Effectiveness of Red Flags to Detect Fraudulent Financial Reporting

Abstract

The purpose of this study is to investigate the level of effectiveness of 42 red flags for detecting fraudulent financial reporting as perceived by 82 internal auditors. According to Practice Advisory 1210.A2-2.2: Responsibility for Fraud Detection (IIA, 2004), internal auditors have a responsibility to exercise 'due professional care' ... with respect to fraud detection. The Professional Practices Framework (IIA, 2005) expects internal auditors to deter, detect, investigate and report fraud. While Statement of Auditing Standard (SAS) No. 99 requires external auditors to use red flags in financial statement audits, internal auditors also use them in conducting operational, compliance and financial statement audits. Of the 42 red flags, we found 15 were rated as more effective, 14 were considered effective, and 13 were perceived to be ineffective as indicators that fraud might be present. SAS No. 99 further categorizes these red flags into three groups - opportunities, incentives and pressures, and attitudes and rationalizations. The results also show that internal auditors consistently rated red flags categorized as opportunity and attitudes and rationalizations as more effective in detecting fraudulent financial reporting activity than red flags labeled incentives and pressures.