Fraud: is your organization at risk?Passage of the Sarbanes-Oxley Act See SOX. (SOX) caused companies, public and private, to assess their vulnerability to fraud and abuse. Section 404(a) of the Act requires management of public companies to assess and report on its internal financial reporting controls, largely to ensure financial statements are fairly presented in accordance with generally accepted accounting principles The standard accounting rules, regulations, and procedures used by companies in maintaining their financial records. Generally accepted accounting principles (GAAP) provide companies and accountants with a consistent set of guidelines that cover both broad accounting . Fraudulent financial reporting that leads to a material misstatement mis·state tr.v. mis·stat·ed, mis·stat·ing, mis·states To state wrongly or falsely. mis·state  ment n. in the financial statements is one key
risk management should assess. This assessment focuses on accounts,
processes, GAAP GAAPSee: Generally Accepted Accounting Principles GAAP See generally accepted accounting principles (GAAP). disclosures and the assertions in the financial statements and other required disclosures. Such assessments aren't new. Organizations have assessed business and organizational risks for years. But fraud risk analysis has rarely been the primary focus. Times have changed, and now many companies are considering specific fraud risk assessments. Prevent, Deter and Detect Fraud A fraud risk assessment is designed to examine the controls specifically created to deter and detect fraud. This assessment is fraud-scenario and scheme-based. Fraud risk assessments aren't rooted in preventing a possible material misstatement in the financial statements, but rather in a companywide policy of zero tolerance The policy of applying laws or penalties to even minor infringements of a code in order to reinforce its overall importance and enhance deterrence. Since the 1980s the phrase zero tolerance has signified a philosophy toward illegal conduct that favors strict imposition of for fraud and abuse. To conduct an effective fraud risk assessment, follow these steps: 1. Organize and define the assessment objectives with company management and your internal audit committee. Form a team of fraud and control experts, and get senior management and audit committee buy-in: Ask them to communicate their endorsement and sponsorship of both the process and the anti-fraud program to the entire organization. 2. Determine the business and accounting process(es) to be assessed and investigated. 3. Identify potential schemes and scenarios specific to the process(es) to be examined against current controls. Fraud schemes and scenarios should be selected based on the specific business process, the industry, physical location of the process operation and any known frauds or abuses concerning the process. 4. Determine the likelihood of a fraud occurring within each scheme and scenario. The Public Company Accounting Oversight Board The Public Company Accounting Oversight Board (or PCAOB) (sometimes called "Peekaboo") is a private-sector, non-profit corporation created by the Sarbanes-Oxley Act, a 2002 United States federal law, to oversee the auditors of public companies. defines risk levels as remote, more than remote or reasonably possible, and probable. If assessing a public company, assess risk levels in relation to SOX compliance efforts. 5. After fraud risks for individual processes have been identified, documented and rated as to risk level, match the controls within each process to the identified fraud risks. Determine the effectiveness of each control in preventing or providing a means of early detection for the fraud risk. Group risks according to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. probability. 6. Estimate the probable loss in dollars should the fraud or abuse occur. Try to place a value on loss of reputation if that is a possible outcome. 7. Prepare recommendations for strengthening controls and present to management. Risk Assessment Benefits Some benefits of a fraud risk assessment are obvious--SOX compliance, protection of company assets, and potential increased profitability due to a reduction in fraud losses. But another important benefit doesn't appear in financial statements or government filings: the enhanced reputation of a highly ethical company that supports a strong internal and external antifraud policy and program. Ron Hagenbaugh, CPA (Computer Press Association, Landing, NJ) An earlier membership organization founded in 1983 that promoted excellence in computer journalism. Its annual awards honored outstanding examples in print, broadcast and electronic media. The CPA disbanded in 2000. , CFE CFE Conventional Forces in Europe (treaty) CFE Cash Flow to Equity (finance/accounting) CFE Comisión Federal de Electricidad (México) CFE Certified Fraud Examiner , is a forensic services engagement manager for Jefferson Wells--a global provider of professional services (job) professional services - A department of a supplier providing consultancy and programming manpower for the supplier's products. in the areas of risk, controls, compliance and financial process improvement. For more information on forensic and internal audit and controls services, call Jefferson Wells at 949 885-1560. |
|
||||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion