🎧 Listen to more in-depth episodes on Spotify!

Revenue Cycle Audits: Fraud Risks, Controls & AR Confirmations Explained

Overview: The revenue cycle is one of the highest-risk areas in an audit, with significant fraud potential. This guide covers how auditors plan, test, and document work related to sales, accounts receivable, and cash receipts.

✅ Common Revenue Cycle Frauds

• Early revenue recognition
• Holding books open past period end
• Fictitious sales or customers
• Failure to record sales returns or discounts
• Channel stuffing and side agreements
• Overstated AR balances or understated allowances

✅ Strong Internal Controls: Sales & AR

Key segregation of duties:

• Authorization: Sales orders approved by credit dept.
• Custody: Warehouse/shipping handle goods.
• Recordkeeping: Billing/AR/accounting handle journals & ledgers.

Examples: Serially numbered documents, independent reconciliations, regular aging of AR, proper approval for write-offs, and daily cash deposits.

✅ Testing Controls: Revenue

• Trace shipping docs to invoices and ledgers (completeness).
• Vouch sales entries back to customer orders and shipping docs (existence).
• Check prices/terms vs. price lists (accuracy/valuation).
• Cutoff tests around year-end.
• Confirm segregation of duties and independent checks.

✅ AR Confirmations: Positive vs. Negative

• Positive Confirmations: Always used for large, risky balances. Customers must respond whether they agree or not.
• Blank Positive: Higher assurance, lower response rate.
• Negative Confirmations: Used when risk is low, many small balances, and recipients likely to respond if differences exist.

✅ Exceptions & Nonresponses

Timing Differences: Not misstatements — e.g., shipment in transit.
Misstatements: Fictitious sales, wrong amounts, misapplied payments, fraud.
Nonresponses: Perform alternative procedures: inspect shipping docs, review subsequent cash receipts.

✅ Related Audit Procedures

• Bank confirmations and debt agreements to check pledges/liens.
• Subsequent event review for returns/adjustments after year-end.
• Presentation & Disclosure: Check revenue recognition policy, AR aging, related parties, and credit risk allowances.

✅ Best Practices

• Presume revenue fraud risk in every audit.
• Use dual-purpose tests to combine TOC & substantive work.
• Document cutoff and aging analyses clearly.
• Watch for contradictory evidence!

🔗 Helpful References

• AICPA Revenue Cycle Guidance
• PCAOB Auditing Standards

🎧 Listen on Spotify: U.S. Audit & Tax Tips Podcast

👉 Tackle revenue fraud risks and AR confirmations with confidence!