Let them know someone's watching; from the boardroom to the mailroom, all fraudsters think alike.The recent failure of Enron--even though fraud charges have yet to be proven--has renewed the hue and cry hue and cry, formerly, in English law, pursuit of a criminal immediately after he had committed a felony. Whoever witnessed or discovered the crime was required to raise the hue and cry against the perpetrator (e.g. from Congress, regulators and the investing public: Why can't auditors catch these problems? The answers run the gamut: Auditors lack independence from their clients, the audit process is not designed primarily to detect fraud, the number of audit failures is minuscule compared with the number of audits, it is not possible--because of collusion--to detect all material frauds. While these explanations may be perfectly valid, the public isn't buying them. In a 1998 study, Bonner, Palm-rose and Young determined that after a failed audit plaintiffs were more likely to sue auditors who didn't detect questionable transactions. And McEnroe and Martens' 2001 study found that only 41% of auditors--vs. 71% of investors--said auditors should serve as "public watchdogs." The message seems clear: The public wants independent auditors to detect and deter fraud. Unfortunately, there is no foolproof method for uncovering fraud. Unlike visible crimes--such as robbery or assault--fraud's hallmarks are deception and stealth. The company insiders who might be tempted to commit financial statement fraud constantly attempt to cover their tracks. And many of them are good at it--so good, in fact, that investigators will never catch them all. Historically, CPAs have counted on internal controls as the main defense against fraud. Although there is no question that controls are a vital part of any organization's risk management program, their preventive effect on fraud is questionable for two reasons. First, internal controls provide only reasonable assurance against fraud. Second, if upper management is hell-bent on showing stronger earnings, it can find ways to override controls. Therefore, to catch offenders in the act, CPAs must start thinking like them. THE POWER OF FEAR English philosopher Jeremy Bentham originated classic criminological theory in the 18th century. It holds that a person's propensity to commit a crime is determined by his or her perception of related risks and rewards--the greater the risk of detection and apprehension, the less likely a person is to violate the law. So what potential fraudsters are concerned about--from the CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. to the average rank-and-file employee (see "Pam's Parable," page 109)--is getting caught; they're not thinking specifically about internal controls. Following classic criminology, their willingness to commit fraud is inversely proportional See See also: Inversely to their perceived risk of being discovered. This concept--the perception of detection--can be summarized as follows: Those who perceive they will be caught engaging in fraud are less likely to commit it (see "How Fraudsters Think," page 110). This graphic illustrates the potential fraudster's thought process. First, some sort of pressure creates a motive. For a CEO, it may be the need to create the appearance of greater corporate earnings. Next, the executive concocts a scheme--for instance, to add phony sales and receivables. Since a CEO doesn't have access to the company's books and records, he or she then enlists the aid of someone in the accounting department--often the CFO See Chief Financial Officer. . Finally, the fraudster fraudster Noun a person who commits a fraud; swindler weighs the risk of being caught. If he or she anticipates little or no risk, the fraud proceeds. But if the executive foresees the possibility of detection, he or she either develops another, less risky scenario or abandons the plan. PREVENTION VS. DETERRENCE Although many people use the terms "prevention" and "deterrence" interchangeably, they refer to different concepts. Prevention implies removing the root cause of a problem--principally the financial pressures that motivate a person to commit fraud. Deterrence, on the other hand, is the modification of behavior through the threat of sanctions. From the perpetrator's perspective, there is no sanction more negative than being caught. But note carefully that it is the perception--not necessarily the reality--that modifies the criminal's behavior. Consider an example. When attempting to control street crime, the authorities usually increase police visibility in crime-prone neighborhoods. Officers' mere presence--a proactive deterrent--is the most effective way to discourage offenders. But punishing criminals once they've acted--a necessity in a civilized society--is reactive deterrence. While many organizations use this tactic as their principle weapon against fraud, experience shows it is the least effective method of all--fully three-quarters of incarcerated incarcerated /in·car·cer·at·ed/ (in-kahr´ser-at?ed) imprisoned; constricted; subjected to incarceration. in·car·cer·at·ed adj. Confined or trapped, as a hernia. criminals are subsequently arrested again, usually for increasingly serious offenses. Criminologists have found it difficult to determine whether the threat of punishment deters other members of an organization from committing crimes. If we accept, however, that increasing the perception of detection is the best deterrent, the profession has alternatives to consider including in its antifraud efforts. We can start at the logical place: the top of the organization, where most financial statement fraud schemes begin. UPPER MANAGEMENT AND FRAUD A 1999 Committee on Sponsoring Organizations of the Treadway Commission (COSO COSO Committee of Sponsoring Organizations of the Treadway Commission COSO Church of Spiral Oak COSO Corporate South COSO Class of Service Override COSO Combat Oriented Supply Operations (USAF) ) study found the CEO and/or CFO directed the fraud in at least 82% of the cases examined. Given that, CPAs must increase management's perception that auditors will catch on to their misdeeds. Consider three practical ways to achieve this: Closer examination of management's compensation. Empirical studies Empirical studies in social sciences are when the research ends are based on evidence and not just theory. This is done to comply with the scientific method that asserts the objective discovery of knowledge based on verifiable facts of evidence. by Jensen and Warner (1988), Jensen and Murphy (1990) and Beasley (1994) showed a connection between the finances of top executives and their likelihood of committing financial statement fraud. The researchers found the more stock an executive owned, the less likely he or she was to commit financial statement fraud. The reason? Those who own stock want to see it grow and increase in value. Conversely, other executives--with little equity in their company but receiving compensation through various arrangements based on predetermined pre·de·ter·mine v. pre·de·ter·mined, pre·de·ter·min·ing, pre·de·ter·mines v.tr. 1. To determine, decide, or establish in advance: financial goals--had little disincentive dis·in·cen·tive n. Something that prevents or discourages action; a deterrent. disincentive Noun something that discourages someone from behaving or acting in a particular way Noun 1. to commit fraud: The results of their fraudulent acts would have hurt investors, not themselves. Therefore, a detailed examination of the finances of key insiders could reveal conflicts of interest, related-party transactions, sales and purchases of stock and even evidence of high-stakes embezzlements. Frequently auditors can uncover these schemes by examining insiders' personal financial statements, tax returns and bank statements. If executives were aware of the possibility that auditors might scrutinize scru·ti·nize tr.v. scru·ti·nized, scru·ti·niz·ing, scru·ti·niz·es To examine or observe with great care; inspect critically. scru their finances, it would--as increasing police visibility on the street does--proactively deter them from committing a crime. Diligent inquiry. A good way of increasing the perception of detection is for the auditor--as part of his or her routine duties--to diligently inquire about the existence of fraud within the organization. (See "`Why Ask?' You Ask," JofA, Sep.01, page 88, www.aicpa.org/pubs/jofa/sept2001/wells.htm). Since, in financial statement fraud, the CEO nearly always has one or more accomplices, there is always the possibility that someone else involved will reveal the truth. Human nature being what it is, we look down on "squealers." It's one thing to expect someone to voluntarily come forward and quite another to ask a potential informer Informer Battus revealed theft by Mercury; turned to touchstone. [Gk. and Rom. Myth.: Walsh Classical, 47] Cenci, Count Francesco old libertine ravishes his daughter Beatrice. [Br. Lit. point-blank questions: Are you aware of any fraud within this organization? Has anyone asked you to do something you thought was illegal or unethical? Toward that end, the Auditing Standards Board In the United States, the Auditing Standards Board (ASB) is the senior technical committee designated by the American Institute of Certified Public Accountants (AICPA) to issue auditing, attestation, and quality control statements, standards and guidance to certified public (ASB ASB Asbestos ASB Arbeiter Samariter Bund (German medical help organisation) ASB Anti-Social Behaviour ASB Accounting Standards Board (UK FRC) ASB Aarhus School of Business ) in February issued an exposure draft, Consideration of Fraud in a Financial Statement Audit, which proposes requiring auditors to gather from management and others within the audited entity information necessary to identify the risks of material misstatement mis·state tr.v. mis·stat·ed, mis·stat·ing, mis·states To state wrongly or falsely. mis·state  ment n. due to fraud.Surprise audits. In today's complex business environments, conducting a complete audit by surprise would be a practical impossibility. In CPAs' natural zeal to serve their clients and cause them minimal disruptions, they've gradually gotten away from unannounced audit work. But historically, large financial statement frauds usually showed up in one or more of three accounts: inventory, sales and accounts receivable accounts receivable n. the amounts of money due or owed to a business or professional by customers or clients. Generally, accounts receivable refers to the total amount due and is considered in calculating the value of a business or the business' problems in paying . If auditors periodically examined certain accounts without warning, it might help deter upper management from attempting to artificially inflate inflate - deflate assets or revenue. Perhaps the best proof of the value of surprise is the disastrous result its complete absence can produce. In one of the most striking examples, auditors for the Phar-Mor drugstore chain advised management months in advance which of their stores would be selected for audit. Not surprisingly, this gave management enough time to ensure that auditors would find nothing wrong in those stores. As a result, auditors failed to detect a financial statement fraud of some half a billion dollars. (See "Ghost Goods: How to Spot Phantom Inventory Phantom inventory is a common expression for goods that an inventory accounting system considers to be on-hand at a storage location, but are not actually available. This could be due to the items being moved without recording the change in the inventory accounting system, breakage, ," JofA, June01, page 33, www.aicpa.org/pubs/Jofa/Jun2001/wells.htm.) In the wake of Enron and beyond, members of the profession must effectively address these difficult issues because every instance of fraud hurts the victim, the perpetrator A term commonly used by law enforcement officers to designate a person who actually commits a crime. , the auditor and the criminal justice system. Fortunately, with the aid of the ASB's proposed auditing guidance and by thinking like the thieves they're trying to catch, CPAs can start winning the struggle against fraud. Who's Doing the Stealing? Median Fraud Loss by Position in Organization Employees $60,000 Managers $250,000 Owners $1,000,000 Source: Occupational Fraud and Abuse by Joseph T. Wells, Obsidian Publishing Co. Inc., 1997. Note: Table made from bar graph. Pam's Parable Pam, a recent high school graduate, got a job at a photo kiosk See kiosk. in the parking lot of a mall. With little training, Pam began work. After two weeks of sitting alone in her small booth, it occurred to Pam that no one was watching. Since she was a little short on money, she snitched $10. The next day, she took $20 more. Several weeks went by with Pam continuing to filch filch tr.v. filched, filch·ing, filch·es To take (something, especially something of little value) in a furtive manner; snitch. See Synonyms at steal. [Middle English filchen. small amounts of money. Then one day an auditor showed up at the kiosk unannounced. By counting her cash, the auditor quickly found Pam had stolen more than $500. When he confronted her, she confessed she had "borrowed" the money without authorization. She was fired. When he spoke with Pam, the auditor asked whether she knew someone would audit her work. "No" she replied. "Until you walked in here, I didn't even know what an audit was." This parable teaches us two important lessons. First, Pam didn't actually have an opportunity to commit and conceal her thefts; she only thought she did--because management didn't tell her it was planning to conduct a surprise audit. So, managers must continually reinforce employees' awareness of the risks facing anyone who commits fraud. This process also works in reverse: People who do have the opportunity but perceive that they do not are less likely to take the chance. The perception--not the actual likelihood--of detection determines whether or not a person will commit fraud. Second, Pam's thinking is not unique. CEOs considering a major financial statement fraud also expect their misdeeds to go undetected. JOSEPH T. WELLS, CPA (Computer Press Association, Landing, NJ) An earlier membership organization founded in 1983 that promoted excellence in computer journalism. Its annual awards honored outstanding examples in print, broadcast and electronic media. The CPA disbanded in 2000. , CFE CFE Conventional Forces in Europe (treaty) CFE Cash Flow to Equity (finance/accounting) CFE Comisión Federal de Electricidad (México) CFE Certified Fraud Examiner , is founder and chairman of the Association of Certified Fraud Examiners Established in 1988 the Association of Certified Fraud Examiners is the professional organization that governs professional fraud examiners. Its activities include producing fraud information, tools and training. , Austin, Texas, and is an adjunct professor of accounting at the University of Texas. Mr. Wells' article, "So That's Why They Call It a Pyramid Scheme Pyramid Scheme An illegal investment scam based on a hierarchical setup that relies on new recruits' funding as the source of money, or so-called returns, to be provided to those earlier investors/recruits above them in the pyramid. " (JofA, Oct.00, page 91), won the Lawler Award for the best article in the JofA in 2000. His e-mail address See Internet address. e-mail address - electronic mail address is joe@cfenet.com. |
|
||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion