Accounting, Organizations and Society 26 (2001) 25±37
www.elsevier.com/locate/aos

The e€ects of experience and explicit fraud risk assessment in
detecting fraud with analytical procedures$
Carol A. Knapp a,*, Michael C. Knapp b
a

University of Central Oklahoma, College of Business Administration, 100 North University Drive, Edmond, OK 73034, USA
b
University of Oklahoma, Michael F. Price College of Business, 307 West Brooks, Norman, OK 73019, USA

Abstract
This paper reports the results of an experiment that examined the e€ects of audit experience and explicit fraud risk
assessment instructions on the e€ectiveness of analytical procedures in detecting ®nancial statement fraud. The results
of this study suggest that audit managers are more e€ective than audit seniors in assessing the risk of fraud with analytical procedures. Additionally, explicit fraud risk assessment instructions resulted in more e€ective assessments of the
presence of fraud. These results have implications for the assignment of auditors to tasks and the structuring of these
tasks. # 2000 Elsevier Science Ltd. All rights reserved.

1. Introduction
This paper reports the results of an experiment

that examined the e€ects of audit experience and
explicit fraud risk assessment instructions on the
e€ectiveness of analytical procedures in detecting
®nancial statement fraud.1 The experimental materials used in this study include fraudulent ®nancial
statements issued by a public company and the
subsequently restated and reissued ®nancial statements of the same company. Audit seniors and

$
Data availability: The data upon which this research is
based may be obtained from the authors on request.
* Corresponding author. Tel.: +1-405-974-2444; fax: +1405-974-3853.
E-mail address: cknapp@ucok.edu (C.A. Knapp).
1
The type of fraud addressed in this paper is ®nancial
statement fraud: the intentional misstatements or omissions of
amounts or disclosures in ®nancial statements (American
Institute of Certi®ed Public Accountants [AICPA], 1997).

managers applied analytical procedures to ®nancial statements and assessed the risk of fraud. The
subjects were divided into four groups, each of

which received one of four combinations of ®nancial statements and explicit fraud risk assessment
instructions. The ®nancial statements presented to
the auditors were either fraudulent or fairly stated.
One-half of the subjects received explicit instructions stating that the objective of their task was to
assess the risk of ®nancial statement fraud, while the
remaining subjects did not receive such instructions.
The results of this study suggest that audit
managers are more e€ective than audit seniors in
assessing the risk of fraud with analytical procedures. Additionally, explicit fraud risk assessment
instructions resulted in more e€ective assessments
of the presence of fraud.
The remainder of this paper is organized as follows. Section two develops the motivation and
hypotheses for the study. The research design and
results are presented in Sections three and four,

0361-3682/00/$ - see front matter # 2000 Elsevier Science Ltd. All rights reserved.
PII: S0361-3682(00)00005-2

26

C.A. Knapp, M.C. Knapp / Accounting, Organizations and Society 26 (2001) 25±37

respectively. Finally, Section ®ve discusses the
results and their potential implications for practice
andresearch.

2. Motivation and hypotheses
In 1988, the Auditing Standards Board (ASB)
issued Statement on Auditing Standards No. 53,
The Auditor's Responsibility to Detect and Report
Errors and Irregularities (AICPA, 1988). This
standard imposed greater responsibility on auditors to detect ®nancial statement fraud. The ASB
formed a task force in 1993 to reconsider auditors'
responsibility for the detection of fraud. Among
other recommendations, this task force concluded
that the concepts of professional skepticism and
reasonable assurance discussed in SAS 53 needed
to be developed further and that a new SAS
devoted strictly to the issue of fraud detection was
necessary. The new SAS No. 82, Consideration of

Fraud in a Financial Statement Audit (AICPA,
1997), delineates auditors' responsibility for the
detection of fraud more precisely than SAS 53 and
provides operational guidance to practitioners.
Fraud is an intentional act designed to deceive
or mislead another party (Arens & Loebbecke,
1996). This study focuses speci®cally on ®nancial
statement fraud by business executives or managers who have sucient authority to override an
organization's internal controls. Generally, such
fraud involves deliberate distortion of accounting
records, falsi®cation of transactions, or misapplication of accounting principles. Regardless of how
the fraud is manifested, it is typically dicult for
auditors to discover since the perpetrators take
steps to deliberately conceal the resulting irregularities. Given the diculty that auditors face in
detecting ®nancial statement fraud, coupled with
their increasing responsibility to detect it, there is
a de®nite need to develop audit procedures or
strategies more speci®cally focused on fraud
detection.
Analytical procedures have long been used by

auditors, although the profession has required
them to be incorporated in ®nancial statement
audits only since 1988. The potential for using
analytical procedures for fraud detection purposes

has been discussed widely in the professional literature. Nevertheless, there is little evidence that
these procedures have been extensively applied by
auditing ®rms for the speci®c purpose of detecting
®nancial statement fraud.
Explicit fraud risk assessments have been recommended as an audit procedure that would improve
the auditor's likelihood of detecting fraud (Loebbecke, Eining & Willingham, 1989; Shibano, 1990).
Explicit fraud risk assessments are included as a
required audit procedure in SAS No. 82, Consideration of Fraud in a Financial Statement Audit
(AICPA, 1997).2 Recent research on SAS No. 82
indicates that implementation of the speci®c fraud
risk assessment varies greatly across ®rms (Shelton, Whittington & Landsittel, 2000). Shelton et
al. looked at the practices of all of the Big Five
®rms and two second-tier ®rms. Their study
reported that three of the Big Five and both second-tier ®rms incorporate fraud risk assessment
into the overall risk assessment process. The

impact of requiring a separate fraud risk assessment on audit eciency has been examined
recently by Zimbelman (1997). He found evidence
that requiring a separate fraud risk assessment
increased auditors' attention to fraud cues and
in¯uenced audit planning decisions. The current
study looks at the e€ect of separate fraud risk
assessments on audit e€ectiveness. The ®ndings
indicate that fraud risk assessment is more e€ective when a separate, explicit fraud risk assessment
is performed. Potentially, several audit ®rms could
improve fraud risk assessment by requiring a
separate assessment rather than incorporating it in
the overall risk assessment.
Shelton et al. (2000) also reported that two of
the Big Five and one second-tier ®rm perform the
fraud risk assessment at the client acceptance/
continuance stage of the audit. The remaining
®rms studied perform the fraud risk assessment
during planning. In the current study, the fraud
risk assessment is performed during planning with
analytical procedures. Practice improvement may

be possible for several ®rms by changing the fraud
risk assessment to the planning stage of the audit
2
At the time of this study, explicit fraud risk assessments were
not a required audit procedure as they are now under SAS 82.

C.A. Knapp, M.C. Knapp / Accounting, Organizations and Society 26 (2001) 25±37

rather than at the client acceptance/continuance
stage.
In addition, the practice aids used to assess
fraud risk by the ®rms studied by Shelton et al.
(2000) almost all involve checklists. Prior research
on practice aids has provided evidence that the use
of checklists may not be e€ective in assessing the
risk of fraud (Eining, Jones & Loebbecke, 1997;
Pincus, 1989). The present research indicates that
for experienced auditors performing an explicit
fraud risk assessment with analytical procedures,
e€ectiveness is improved. Hopefully, the current

study will contribute to the accounting profession's continuing e€ort to improve the fraud
detection capability of ®nancial statement audits
and the implementation of SAS No. 82.
2.1. Analytical procedures as a method of fraud
detection
In 1987, the Treadway Commission reported,
``The potential of analytical review procedures for
detecting fraudulent ®nancial reporting has not been
realized fully (National Commission on Fraudulent
Financial Reporting [NCFFR], 1987).'' Based
upon a review of actual fraud cases, the Treadway
Commission observed that ®nancial statement
frauds tend to be very similar in terms of how they
are perpetrated. Most fraudulent cases involve
improper revenue recognition, overstatement of
assets, and/or improper deferral of expenses.
Typically, analytical procedures involve comparing actual ®nancial statement amounts with expected amounts that are derived from the application
of a naive or complex prediction model. Since the
misstatements resulting from fraudulent misrepresentations result in di€erences from predicted
amounts, they should be potentially detectable

with analytical procedures.
The central task of an auditor in applying analytical procedures is to develop expectations. The
expectations the auditor develops will be based
upon both the external information that the auditor encounters and his/her own existing knowledge
stored in memory. An auditor's existing knowledge
is an important factor in his/her understanding and
interpretation of information, and can be expected
to in¯uence the auditor's e€ectiveness in assessing

27

the risk of ®nancial statement fraud. Research on
experience and expertise suggests that an individual's knowledge changes as experience increases
(Chi, Glaser & Rees, 1982), thus an auditor's performance of analytical procedures may be a€ected
by experience.
Previous research in both psychology and
auditing has found that as individuals gain relevant experience their knowledge structures change
and develop (Chi et al., 1982). Generally the ®ndings indicate that experienced individuals have
greater total knowledge (Christ, 1993; Knapp,
1995; Libby & Frederick, 1990; Tubbs, 1992), more

understanding of relationships between variables
(Chi et al., 1982; Frederick, 1991; Moeckel, 1990),
and an ability to go beyond the surface features of
information and identify the true, underlying problem (Biggs, Mock & Watkins, 1988; Chi et al.,
1982; Christ, 1993; Moeckel, 1990). All of these
characteristics of knowledge are potentially
important to the task of fraud risk assessment
with analytical procedures.
Two empirical studies of particular importance
to the issues addressed here have both found signi®cant knowledge di€erences between audit
managers and seniors. Christ (1993) studied auditors' planning knowledge (of which preliminary
analytical procedures are a subtask) with a recall
task. She found signi®cant di€erences in the
knowledge structures of audit managers/partners
as compared to senior and junior auditors. Knapp
(1995) examined auditors' knowledge of factors
that may indicate the existence of ®nancial statement fraud and found signi®cant di€erences.
Managers were able to recall a greater number of
``factors that may suggest the existence of fraud in
a set of ®nancial statements'' than were audit

seniors. Given that signi®cant knowledge di€erences have been identi®ed between experience
levels of auditors, this knowledge di€erence will
likely a€ect auditors' understanding and interpretation of information during analytical procedures and, thus, their ability to e€ectively assess
the risk of ®nancial statement fraud.
The ®rst hypothesis of this study addresses the
relationship between level of experience and the
ability of auditors to use analytical procedures for
fraud detection purposes. Hypothesis one predicts

28

C.A. Knapp, M.C. Knapp / Accounting, Organizations and Society 26 (2001) 25±37

that greater experience will positively a€ect auditors'
performance in this context.
H1. Audit managers will assess the risk of ®nancial
statement fraud more e€ectively with analytical
procedures (higher when fraud is present, lower
when fraud is not present) than will audit seniors.
2.2. Explicit fraud risk assessment as a fraud
detection procedure
Extensive psychological research has investigated the existence and structure of knowledge
utilized by decision makers, factors that in¯uence
the activation of the correct or most appropriate
knowledge in a given decision-making context,
and the impact of knowledge on the e€ectiveness
and eciency of decision-making processes (e.g.
Lesgold, 1984; Lurigio & Carroll, 1985; Mandler,
1984; Rumelhart, 1980). This research indicates that
prior knowledge facilitates the encoding of new
information, the interpretation of the information
being processed, and the retrieval of relevant information (Alba & Hasher, 1983).
For analytical procedures to be bene®cial in
enabling an auditor to e€ectively assess the risk of
®nancial statement fraud, an auditor must possess
the relevant knowledge required to uncover the
fraud if it is present and the ability to ``trigger'', or
activate, that knowledge when needed. An individual cue within the ®nancial statements may trigger the auditor's fraud knowledge if it is material
enough. Or, it may be necessary for an auditor to
identify several cues to trigger his/her fraud
knowledge. Financial statement fraud involves an
attempt by management to ``fool the auditors''. One
way to try to hide the fraud is with a series of
manipulations of accounts, none of which is material
enough on its own to trigger the auditor's suspicion
of fraud.
It may be possible to improve fraud detection by
requiring auditors to explicitly assess the risk of
fraud. Zimbelman (1997) found that auditors
explicitly assessing fraud risk pay more attention
to fraud cues than do auditors not making explicit
fraud risk assessments. In addition, his results
suggest that requiring auditors to explicitly assess
the risk of fraud will lead to increased audit hours

for both high- and low-fraud risk cases. Unanswered is the question of whether explicit fraud
risk assessments lead to more accurate fraud risk
assessments. It is possible that requiring auditors
to separately assess the risk of fraud on a ®nancial
statement audit will only decrease audit eciency
by increasing audit hours. Also, fraud risk assessment instructions may only increase fraud risk
assessments for both fraud and no-fraud ®rms
simply because they increase auditors' assessment
of the prior probability of fraud.
Research in psychology provides support for more
accurate fraud risk assessments with explicit instructions (Graesser & Nakamura, 1982; Rumelhart,
1980; Shank & Abelson, 1977; Taylor & Crocker,
1981). Explicit fraud risk assessment instructions
should activate the auditor's fraud knowledge and
initiate a search for evidence that supports the
possibility of fraud. The auditor's fraud knowledge should guide the search for relevant cues
indicative of fraud. If evidence is not identi®ed that
supports the possibility of fraud, the auditor
should assess the risk of fraud as low. Thus, explicit
fraud risk assessment instructions will serve as a
prime that triggers the auditor's fraud knowledge
and, thus, improve his/her performance in assessing the risk of fraud. Based upon the above, the
following is hypothesized:
H2. The presence of explicit fraud risk assessment
instructions will improve auditors' e€ectiveness
(higher when fraud is present, lower when fraud is
not present) in assessing the risk of ®nancial
statement fraud with analytical procedures.
3. Research design
Study participants were 119 auditors (57 managers and 62 seniors) from six di€erent international
accounting ®rms. Table 1 provides descriptive statistics of the participants' average years of auditing
experience. The task required the auditors to
apply analytical procedures to a set of ®nancial
statements for an actual company that had issued
fraudulent ®nancial statements.
The experiment is a 222 design (see Fig. 1)
with two experience levels (manager, senior), the
presence/absence of fraud in the ®nancial statements,

C.A. Knapp, M.C. Knapp / Accounting, Organizations and Society 26 (2001) 25±37
Table 1
Descriptive statistics of experience levels
Rank

n

Mean

S.D.

Minimum

Maximum

Managers
Seniors

57
62

8.5 years
3.1 years

2.6 years
0.9 years

5 years
1 year

17 years
5.1 years

and the presence/absence of explicit fraud risk
assessment instructions. Audit e€ectiveness is
assessed as the signed di€erence between fraud
risk assessments between the fraud and no-fraud
case for each experience level/instructions treatment combination. The ®rst hypothesis is addressed by comparing the e€ectiveness of audit
managers and audit seniors in assessing the risk of
®nancial statement fraud. Hypothesis two is tested
by comparing the e€ectiveness of auditors receiving explicit fraud risk assessment instructions with
auditors not receiving such instructions.
3.1. Case materials and procedures
A case with two versions, fraud and no fraud,
was constructed using annual and 10-K reports of
an actual company. The case included a narrative
description of the company's business, its products, markets, competition and management.
The narrative description of the case was followed
by a full set of ®nancial statements with related
notes. In addition, to facilitate the performance of
analytical procedures, the ®nancial statements

Fig. 1.

29

were followed by common-size balance sheets and
income statements and selected ®nancial ratios.
The selected company had received a clean opinion from a major accounting ®rm despite the
presence of ®nancial statement fraud. The Securities and Exchange Commission (SEC) conducted
a lengthy investigation of the company and concluded that the company had used a variety of
manipulative devices to overstate earnings in its
®nancial statements. The SEC required this company to restate and reissue its ®nancial statements.
In the no fraud condition, the restated ®nancial
statements were presented to the subjects. In the
fraud condition, the originally issued ®nancial statements were presented to the auditors. The fraudulent
and restated income statements and balance sheets
are presented in the Appendix.
The data for the case was based upon publicly
available information from 1981 and 1982. The
name of the company and its ocers were ®ctionalized. All other information was based upon published facts. The dated nature of the case should
reduce the possibility that auditors would recognize
the company. The use of a historical ®nancial statement fraud has two major advantages in this
experiment. First, it provides a criterion outcome
for evaluating auditor e€ectiveness in assessing the
risk of fraud. Second, its real-life complexity
enhances the external validity of the task.
Participants were randomly assigned to experimental conditions. The auditors were provided
with the case materials, lined paper, pencils, and

30

C.A. Knapp, M.C. Knapp / Accounting, Organizations and Society 26 (2001) 25±37

calculators. Each auditor was asked to perform
preliminary analytical procedures on a set of
®nancial statements. The auditors were asked to
assume they were in the initial planning stages of
the audit of a new client, a medical products
manufacturer. They were asked to list unusual
items noted in the ®nancial statements and provide potential explanations for the unusual items
noted. Subjects were not allowed to use reference
materials or confer with one another while completing the experiment.
Participants in the explicit fraud risk assessment
condition were asked to perform a preliminary analytical review of the ®nancial statements with the
speci®c objective of assessing the risk that ®nancial
statement fraud was present. Financial statement
fraud was de®ned as the ``intentional distortion of
the ®nancial statements by management.'' Auditors
in the no instructions condition were simply asked
to perform preliminary analytical procedures on the
®nancial statements. In this condition, a speci®c
objective was not stated.
Immediately after completing the preliminary
analytical review task, participants were asked to
perform a risk assessment task. The auditors were
asked to express, on a scale, their judgment of the
likelihood of various risks,3 including the risk of
®nancial statement fraud, for the client described
in the case. Although the fraud risk assessment
was the dependent measure of interest, it was
``hidden'' among other risk assessments to reduce
any demand e€ects.

perform preliminary analytical procedures?'' The
responses were as follows:
Senior
Senior/Manager Team
Sta€
Other

82.9%
4.5%
6.3%
6.3%

Audit managers have performed analytical procedures earlier in their careers and, typically,
review the work of the senior accountant. All of
the auditors indicated that they had previous
experience performing preliminary analytical procedures. The experience groupings in this study
allow for a comparison of auditors who typically
perform preliminary analytical review to a group
of more experienced auditors.
3.3. Independent and dependent variables
The independent variables Ð whether or not fraud
is present in a set of ®nancial statements and whether
or not explicit fraud risk assessment instructions are
provided Ð were manipulated on a between-subjects
basis. In addition, the auditors' rank, manager or
senior, is treated as a classi®cation factor.
The dependent variable is the participants' risk
assessments of the presence of fraud in the ®nancial
statements. The response scale used for eliciting
likelihoods was a zero-to-ten scale, with zero being
most unlikely and ten being most likely.
3.4. Manipulation check

3.2. Experience requirements
The task requires the participants to have previous experience performing analytical procedures. The use of audit seniors and audit
managers for this task is justi®ed, since audit
seniors typically perform preliminary analytical
review. In the post-experimental questionnaire,
subjects in this study were asked, ``In your ®rm, at
what position or rank does an auditor typically
3
All subjects were asked to assess each of the following risks:
a signi®cant departure from GAAP; a material ®nancial statement error; a material uncertainty; ®nancial statement fraud; a
signi®cant contingent liability; and a consistency problem.

To assess whether auditors attended seriously to
the explicit fraud risk assessment instructions,
participants were asked in the post-experimental
questionnaire about the objective of the analytical
procedures they had performed. Sixty-six percent
of the auditors in the explicit fraud risk assessment
instructions condition answered speci®cally that
the objective was the assessment of the risk of
fraud. An additional 19% of these participants
responded that the objective was to identify speci®c risks or possible misstatement. None of the
auditors in the no instructions condition responded that detection of the risk of fraud was the
objective of the preliminary analytical procedures

31

C.A. Knapp, M.C. Knapp / Accounting, Organizations and Society 26 (2001) 25±37

task. This analysis indicates that the explicit fraud
risk assessment manipulation was successful.
A potential explanation for the results found in
this paper would be that managers paid more attention to the risk assessment instructions than did
seniors. To test for this potential threat to internal
validity, managers' responses to the manipulation
check were compared to seniors' responses. Using a
chi-square test (chi square 0.223, d.f. 1), a statistically signi®cant di€erence in the responses of managers and seniors was not found.

4. Results
Table 2 presents the mean fraud risk assessments
conditional on fraud/no fraud and instructions/no
instructions. Additionally, explicit instructions do
not appear to have created a demand e€ect, evidenced by the failure of auditors to assess the risk
of fraud as high in the no fraud with instructions
groups.4
The di€erences in assessment of the risk of fraud
across experience level, fraud condition, and
explicit fraud risk assessment instructions were
tested in a 222 ANOVA model, where risk of
fraud was the dependent variable, and experience,
fraud/no fraud, and instructions/no instructions
were categorical variables with two levels each.
Table 3 reports the results of the analysis of variance.
The analysis is based on results from 119 auditors
receiving the fraud and no fraud conditions. The
Table 2
Mean risk assessments of fraud (standard deviation) [n=119]
Managers

No instructions

Instructions

Seniors

Fraud

No fraud

Fraud

No fraud

5.4
(2.5)
[14]
6.8
(1.1)
[14]

3.9
(1.5)
[15]
3.8
(1.5)
[14]

3.2
(1.9)
[15]
4.4
(1.7)
[18]

4.4
(2.0)
[15]
4.6
(1.3)
[14]

4
The seniors/fraud/no instructions group assessed the risk
of fraud as lower than did the seniors/no fraud/no instructions
group, but this result was not statistically signi®cant.

Table 3
222 ANOVA: overall model of factors a€ecting assessment
of risk of fraud [n=119]
Between-subject e€ects
E€ect
Fraud
Experience
Instructions
Fraud*exper
Exper*instr
Fraud*instr
Fraud*instr
experience
Error

DF

Type
III SS

Mean
square

FValue

Prob
>F

1
1
1
1
1
1

17.846
19.334
13.548
66.863
0.045
10.501

17.846
19.334
13.548
66.863
0.045
10.501

5.94
6.44
4.51
22.26
0.01
3.50

0.0164
0.0126
0.0359
0.0001
0.9031
0.0641

1
111

0.447
333.368

0.447
3.003

0.15
Ð

0.7003
Ð

results show interactions between (1) fraud and
experience (P=0.0001) and (2) fraud and instructions (P=0.0641).
This indicates that, consistent with our hypotheses, experience and explicit fraud risk instructions
increased the di€erence in risk assessments between
the fraud and no fraud cases. One potential criticism of the research design is that the subjects could
have taken the explicit fraud risk instructions to
mean that there was a greater probability of fraud
than usual in the experimental case. If this had
been the perception of the subjects, there would
have been a main e€ect of instructions, but not the
interaction with fraud/no fraud as was found.
The signi®cant fraud-by-experience and fraud-byinstructions interactions necessitate further analysis
to identify the sources of the di€erences. Tables 4
and 5 provide multiple comparisons of the simple
main e€ects to identify the sources of the di€erences.
Table 4 indicates that managers assessed the
likelihood of fraud as higher in the fraud treatment
than did seniors (P