An analysis of external and internal auditors’ use of ISA 240 red flags: The impact of auditors’ estimation of fraud pervasiveness

The purpose of this study is to investigate how external and internal auditors, respectively, assess the importance of and indicate the use of fraud risk factors (red flags) in their efforts to detect fraudulent financial statements and misappropriation of assets. Further, this study attempts to explain the effect of auditors’ estimation of fraud prevalence in the business environment on their assessment of fraud risk and their subsequent use of fraud risk factors. Empirical data were collected by means of a questionnaire that was sent to external auditors working for global and local audit firms in Saudi Arabia and to internal auditors working for various types of private companies. The results of the study revealed that the use of fraud risk factors by external and internal auditors is positively associated with their estimation of fraud pervasiveness in the business community. The results showed no significant differences between external and internal auditors in their use of fraud risk factors, in general. However, the results provide evidence of an association between the perceived importance of a specific risk factor and its extent of use. The implications of the results should motivate external auditors to utilize the experience and information available to internal auditors in assessing the risk of fraud.