Fraud finds: auditors, armed with SOX provisions, chip away at corporate fraud.An independent auditor Independent Auditor An external auditor with a certified public accounting designation that qualifies him or her to provide an auditor's report. Notes: These auditors aren't affiliated with the company being audited. is required to plan and perform an audit to obtain reasonable assurance that financial statements are free of material misstatements, whether caused by error or fraud. [ILLUSTRATION OMITTED] Generally accepted auditing standards Generally Accepted Auditing Standards, or GAAS, are ten auditing standards, developed by the AICPA, consisting of general standards, standards of field work, and standards of reporting, along with interpretations. define the auditor's responsibility related to fraud in Statement on Auditing Standards No. 99, Consideration of Fraud in a Financial Statement Audit (SAS (1) (SAS Institute Inc., Cary, NC, www.sas.com) A software company that specializes in data warehousing and decision support software based on the SAS System. Founded in 1976, SAS is one of the world's largest privately held software companies. See SAS System. No. 99), which provides guidance in connection with fraudulent financial reporting and the misappropriation misappropriation n. the intentional, illegal use of the property or funds of another person for one's own use or other unauthorized purpose, particularly by a public official, a trustee of a trust, an executor or administrator of a dead person's estate, or by any of assets. SAS No. 99 uses a risk assessment approach that includes a discussion among engagement personnel about fraud risks, gathering information to identify fraud risks, assessing fraud risks after considering internal controls and responding to any significant fraud risks discovered. One of the intended consequences of the Sarbanes-Oxley Act See SOX. was to help independent auditors fight corporate fraud. Among other things, SOX (1) (Schema for Object-oriented XML) An XML schema developed by Veo Systems and Muzino Communications, which was submitted to the W3C. SOX is based on DTD, but adds data typing and reuse mechanisms. required the disclosure of company ethics policies, enhanced conflict of interest protections and defined corporate responsibility for the disclosure of fraud to the auditor. It also called for corporate procedures to collect and investigate whistle-blower whis·tle·blow·er or whis·tle-blow·er or whistle blower n. One who reveals wrongdoing within an organization to the public or to those in positions of authority: "The Pentagon's most famous whistleblower is . . fraud claims. Each of these measures has helped auditors identify and assess financial statement fraud risks. ETHICS, CONFLICTS OF INTEREST SOX Sec. 406 requires each company to disclose its code of ethics Code of Ethics can refer to:
* Honest and ethical conduct, including the ethical handling of actual or apparent conflicts of interest between personal and professional relationships; * Full, fair, accurate, timely and understandable disclosure in the periodic reports required to be filed by the issuer; and * Compliance with applicable governmental rules and regulations." Additional conflict of interest prohibitions cover corporate loans to officers and directors. If a company has not adopted a code of ethics, it is required to disclose this fact and the reasons therefore. The communication of ethics and conflict of interest policies by senior corporate officials, together with consistent employee fraud awareness and ethics training, set the tone necessary to reduce fraud risks. Key executives can be interviewed to determine their knowledge of policies and any efforts taken to ensure communication and compliance by company personnel; training programs can be evaluated and attendance verified; and compliance with policies can be tested by looking at annual employee policy sign-offs, whistle-blower processes and reports. As such, auditors are paying more attention to enterprise self-assessments of fraud risks and focusing on internal control testing in areas deemed to have significant fraud risk exposure, such as revenue recognition, understatement of expenses and liabilities or the manipulation of assets. In addition, the communication and training that SOX mandates related to ethics should lead to more employee whistle-blower reports that provide valuable evidence to the auditor about fraud. The Committee of Sponsoring Organizations of the Treadway Commission
Committee of Sponsoring Organizations of the Treadway Commission (COSO), is a U.S. private-sector initiative, formed in 1985. reinforces the concept of strong internal controls centered on ethical corporate behavior. COSO COSO Committee of Sponsoring Organizations of the Treadway Commission COSO Church of Spiral Oak COSO Corporate South COSO Class of Service Override COSO Combat Oriented Supply Operations (USAF) believes that internal control is made up a five key components, one of which is control environment factors that set the tone of the company. These factors, according to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. COSO, include "the integrity, ethical values and competence of the entity's people; management's philosophy and operating style; the way management assigns authority and responsibility, and organizes and develops its people; and the attention and direction provided by the board of directors." Additional evidence that demonstrates to the auditor the value of well-functioning fraud and ethics policy controls is found in a recent study of more than 1,100 fraud cases reported by the Association of Certified Fraud Examiners Established in 1988 the Association of Certified Fraud Examiners is the professional organization that governs professional fraud examiners. Its activities include producing fraud information, tools and training. . In its 2006 study, "2006 A CFE CFE Conventional Forces in Europe (treaty) CFE Cash Flow to Equity (finance/accounting) CFE Comisión Federal de Electricidad (México) CFE Certified Fraud Examiner Report to the Nation on Occupational Fraud and Abuse," the median time to detect a fraud was 15 months for organizations having fraud awareness or ethics training. For companies without such programs, the time increased markedly to 24 months. Similarly, median fraud losses were cut from $200,000 to $100,000 for companies whose employees have had fraud or ethics training. DISCLOSURE OF FRAUD Executive officers are required under SOX Sec. 302 to disclose fraud to the auditor. Specifically, the principal executive and financial officers must "have disclosed to the issuer's auditors and the audit committee of the board of directors (or persons fulfilling the equivalent functions): * All significant deficiencies in the design or operation of internal controls which could adversely affect the issuer's ability to record, process, summarize, and report financial data and have identified for the issuer's auditors any material weaknesses in internal controls; and * Any fraud, whether or not material, that involves management or not material, that involves management or other employees who have a significant role in the issuer's internal controls ..." Although it would seem that this is clearly a management responsibility, there are past examples of situations in which management, by choice or ignorance, would fail to provide the auditor full and complete disclosure. This is no longer acceptable by law. The statutory requirement for the disclosure of fraud significantly strengthens the written representations provided by management to the auditor. In addition, there are severe penalties for intentional failure to comply. For example, executives and officers may be terminated and charged with civil and criminal crimes bearing long prison terms and large monetary fines under revised sentencing guidelines. The importance of this fraud disclosure to the auditor is emphasized again by the ACFE ACFE Association of Certified Fraud Examiners ACFE Adult, Community and Further Education (Department of Education, Victoria, Australia) ACFE American College of Forensic Examiners 2006 study, which shows that owners and senior management are the most likely to commit a material fraud against any company. That is because "the more authority an individual has, the greater that individual's access to organizational resources, and the more ability that person has to override An arrangement whereby commissions are made by sales managers based upon the sales made by their subordinate sales representatives. A term found in an agreement between a real estate agent and a property owner whereby the agent keeps the right to receive a commission for the sale of controls in order to conceal the fraud," according to the report. The median loss for a fraud committed by an owner or executive is $1 million. If the individual earns more than $500,000, the median loss soars to $8 million per fraud. That is compared to $75,000-$78,000 in fraud losses caused by an average employee. WHISTLE-BLOWERS Under Sec. 301, the audit committee is charged with the responsibility to "establish procedures for: * The receipt, retention and treatment of complaints received by the issuer regarding accounting, internal accounting controls, or auditing; and * The confidential, anonymous submission by employees of the issuer of concerns regarding questionable accounting and auditing matters." SOX gives audit committees the right to engage advisers and necessary funding to investigate whistle-blower allegations and provides whistle-blower protections that ensure employees of public companies will not suffer undesirable consequences from raising and reporting a concern. Whistle-blower complaints are a key source for auditors to identify fraud and assess the appropriateness of company remedial actions A remedial action is a change made to a nonconforming product or service to address the deficiency. Rework and repair are generally the remedial actions taken on products, while services usually require additional services to be performed to ensure satisfaction. connected to such claims. According to the ACFE, fraud is discovered more than 40 percent of the time through a tip in public companies. Whistle-blower complaints can reveal fraud risks, potential internal control weaknesses, ineffective oversight and adverse trends. Research by the National Bureau of Economic Research The National Bureau of Economic Research (NBER) is a "private, nonprofit, nonpartisan research organization" dedicated to studying the science and empirics of economics, especially the American economy. shows that auditors are discovering more fraud after the enactment of SOX (http://nber.org/papers/w12882). The 2007 report "Who Blows the Whistle on Corporate Fraud," provided a detailed study of every reported corporate fraud from 1996-2004 for companies with more than $750 million in assets. The results show "a significant uptick Uptick A transaction occurring at price above its previous transaction. In order for an uptick to occur, a transaction price must be followed by an increased transaction price. in the overall level of auditor involvement in detection [of fraud] and the scope of their detection activity." The study reflects that auditors are better at identifying different types of fraud and that their detection of fraud has increased more than 75 percent post-SOX. Prior to SOX, "auditors accounted for just 9.6 percent of frauds detected by external actors, and focused exclusively on frauds requiring financial restatements." Post-SOX, "They account for 16.9 percent of cases, and their activity is spread across not only financial restatement Restatement A revision in a company's earlier financial statements. Notes: The need for restating financial figures can result from fraud, misrepresentation, or a simple clerical error. cases, but also those cases not involving restatements." An independent auditor is required to plan and perform an audit to obtain reasonable assurance that financial statements are free of material misstatements, whether caused by error or fraud. The enactment of SOX has given the auditor additional resources to identify and assess financial statement fraud risks. Through executive disclosure, improved policies and audit committee whistle-blower responsibilities, auditors have access to new information that is being used to fight fraud. BY BRADLEY J. PREBER, CPA (Computer Press Association, Landing, NJ) An earlier membership organization founded in 1983 that promoted excellence in computer journalism. Its annual awards honored outstanding examples in print, broadcast and electronic media. The CPA disbanded in 2000. AND ANN E. WILSON, CPA Bradley J. Preber, CPA, CFE, is the West Region Partner-in-Charge of Forensic Accounting Forensic accounting, sometimes called investigative accounting, involves the application of accounting concepts and techniques to legal problems. Forensic accountants investigate and document financial Fraud and white-collar crimes & Investigative Services at Grant Thornton LLP  This article or section is written like an .Please help [ rewrite this article] from a neutral point of view. Mark blatant advertising for , using . . He can be reached at brad.preber@gt.com. Ann E. Wilson, CPA is the Southern California Southern California, also colloquially known as SoCal, is the southern portion of the U.S. state of California. Centered on the cities of Los Angeles and San Diego, Southern California is home to nearly 24 million people and is the nation's second most populated region, Forensic Accounting & Investigative Services Director for Grant Thornton LLP. She can be reached at ann.wilson@gt.com. |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion