Management is responsible, too; practical advice to help corporations prevent, detect and deter fraud.The audit standard issued by the AICPA AICPA See American Institute of Certified Public Accountants (AICPA). auditing standards board In the United States, the Auditing Standards Board (ASB) is the senior technical committee designated by the American Institute of Certified Public Accountants (AICPA) to issue auditing, attestation, and quality control statements, standards and guidance to certified public (ASB ASB Asbestos ASB Arbeiter Samariter Bund (German medical help organisation) ASB Anti-Social Behaviour ASB Accounting Standards Board (UK FRC) ASB Aarhus School of Business ) in October 2002--SAS no. 99, Consideration of Fraud in a Financial Statement Audit--does something no audit standard has ever done. It contains a document titled Management Antifraud Programs and Controls: Guidance to Help Prevent, Deter, and Detect Fraud, which challenges corporate management to be equal partners with auditors in creating an environment that neither condones, nor is conducive con·du·cive adj. Tending to cause or bring about; contributive: working conditions not conducive to productivity. See Synonyms at favorable. to, the existence of illegal activities. "Both SAS (1) (SAS Institute Inc., Cary, NC, www.sas.com) A software company that specializes in data warehousing and decision support software based on the SAS System. Founded in 1976, SAS is one of the world's largest privately held software companies. See SAS System. no. 99 and the document are important first steps toward regaining public trust in the integrity of U.S. corporations," says Dennis Chookaszian, CPA (Computer Press Association, Landing, NJ) An earlier membership organization founded in 1983 that promoted excellence in computer journalism. Its annual awards honored outstanding examples in print, broadcast and electronic media. The CPA disbanded in 2000. , former chairman and CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. of CNA (Certified NetWare Administrator) See Novell certification. Insurance and a member of both the antifraud detection subgroup sub·group n. 1. A distinct group within a group; a subdivision of a group. 2. A subordinate group. 3. Mathematics A group that is a subset of a group. tr.v. and the panel on audit effectiveness which provided the foundation for the SAS. "The standard, which is the cornerstone of the AICPA's new antifraud and corporate responsibility program, does a good job of telling CPAs what they should be doing during an audit. But what about management's role? Just as the auditor should be on heightened alert, so too should corporate executives." FRAUD COSTING U.S. COMPANIES BILLIONS The document, sponsored by seven professional associations including the AICPA, spells out specific recommendations to help boards of directors, audit committees, management and others prevent and root out fraud of all kinds--from unproductive behavior and employee theft to misappropriation misappropriation n. the intentional, illegal use of the property or funds of another person for one's own use or other unauthorized purpose, particularly by a public official, a trustee of a trust, an executor or administrator of a dead person's estate, or by any of assets and fraudulent financial reporting. "Fraud is a significant problem for U.S. companies," says Joseph T. Wells, chairman of the Association of Certified Fraud Examiners Established in 1988 the Association of Certified Fraud Examiners is the professional organization that governs professional fraud examiners. Its activities include producing fraud information, tools and training. (ACFE ACFE Association of Certified Fraud Examiners ACFE Adult, Community and Further Education (Department of Education, Victoria, Australia) ACFE American College of Forensic Examiners ) and a member of the antifraud detection subgroup. Indeed, according to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. the ACFE's 2002 Report to the Nation: Occupational Fraud and Abuse, an estimated $600 billion, or about $4,500 per employee, was lost last year as a result of on-the-job fraud and abuse. Although financial statement fraud was the most costly, with a median loss of $4.25 million per occurrence, about 95% of all occupation al fraud incidents actually involved asset misappropriation and corruption. "The exhibit was designed to help create a corporate environment that will deter and detect both kinds of illegal activities--financial statement fraud and traditional employee embezzlement embezzlement, wrongful use, for one's own selfish ends, of the property of another when that property has been legally entrusted to one. Such an act was not larceny at common law because larceny was committed only when property was acquired by a "felonious taking," i. and theft," says Wells. "The same ethical corporate culture, processes and controls, and oversight that help corporations prevent financial statement fraud also protect against asset misappropriation and corruption." Wells points out that small businesses may find the exhibit especially useful since fraud is a particularly severe problem for them. "Surprisingly, a single instance of fraud is likely to be more costly to a small business than to a large one," he says. The average scheme in a small business, the ACFE report noted, caused $127,500 in losses, compared to $97,000 at the largest companies. CORE VALUES The document identifies the measures an organization should take to prevent, deter and detect fraud. It maintains companies should establish three fundamental practices: * A culture of honesty and high ethics. * Antifraud processes and controls. * An appropriate oversight process. Implementing all or even some of these measures not only helps companies protect themselves and their employees against fraudulent acts but also potentially saves revenue, enhances market value, averts civil lawsuits and maintains a positive company image. A culture of honesty and high ethics. The document emphasizes that the most important way for management to prevent fraud is to communicate effectively, by both statement and deed, that it will not tolerate it. This may seem self-evident, but setting a "tone at the top" goes a long way toward preventing fraud throughout an organization. Because most employees are not in a position to observe the actions of company leaders, management must make sure the value system is shared with all personnel. The best way to do this is through a code of conduct. Such a code typically discusses ethics, confidentiality, conflicts of interest, intellectual property, sexual harassment sexual harassment, in law, verbal or physical behavior of a sexual nature, aimed at a particular person or group of people, especially in the workplace or in academic or other institutional settings, that is actionable, as in tort or under equal-opportunity statutes. and fraud. But management must back up this code by creating a work culture that rewards ethical actions and does not tolerate dishonest behavior even if it benefits the organization financially. Only then will employees know the code of conduct is more than just words on a piece of paper. The exhibit also points out that wrongdoing wrong·do·er n. One who does wrong, especially morally or ethically. wrong  do occurs less frequently
when employees have positive feelings about their workplace than when
they feel abused, threatened or ignored. Poor morale can affect employee
attitudes about committing fraud while a culture that empowers employees
to participate in creating a positive work environment can build respect
for the company's code of conduct. To encourage employees to
practice oversight, organizations should implement a process for them to
report in confidence any actual or suspected violation through a
telephone hot line monitored by an ethics or fraud officer, the general
counsel or another trusted individual.Antifraud processes and controls. Neither fraudulent financial reporting nor misappropriation of assets can occur without a perceived opportunity to commit and conceal the act. The document offers ways an organization can identify and measure the risk of fraud as well as the steps it can take to mitigate those risks and implement preventive internal controls. It may be possible, for example, to reduce or eliminate the risk of misappropriation of funds by implementing a central lockbox Lockbox A collection and processing service provided to firms by banks, which collect payments from a dedicated postal box to which the firm directs its customers to send payment to. at a bank to receive payments instead of receiving them at the entity's various locations. A company can avert financial statement fraud by establishing shared services centers Shared Services Center is the entity responsible for the execution and the handling of specific operational tasks Accounting, human resources, payroll, IT, legal, compliance, purchasing, security. to provide accounting services to multiple segments, affiliates or geographic locations. Effective measures vary among organizations, but the exhibit identifies specific deterrents any company can employ. While all organizations are subject to risk, their internal controls should set up an effective and secure environment. And because fraud can occur when management overrides internal controls, the company's value system and culture should support employees in declining to participate in a fraud and provide a means for reporting any wrongdoing. Appropriate oversight process. Management is responsible for overseeing the activities carried out by employees and for implementing and monitoring antifraud processes and controls. But sometimes senior executives themselves may initiate or participate in the commission or concealment of a fraudulent act. For that reason, an audit committee (or board of directors where no audit committee exists) must supervise the activities of senior management. The exhibit makes clear that corporate management, boards of directors and audit committees should share with the outside auditor the duty of detecting and deterring fraud. While management designs and implements antifraud systems and procedures, strong oversight by the audit committee and/or board of directors is absolutely crucial. These bodies should continually evaluate management's identification of fraud risks, implementation of antifraud measures and maintenance of the appropriate "tone at the top." Active oversight reinforces management's commitment to creating a culture with zero fraud tolerance. MORE THAN DOLLARS AND CENTS When a company puts in place the antifraud procedures outlined in the exhibit, it does much more than protect itself from the tremendous monetary damage fraud can cause. It also safeguards its reputation, its ability to achieve its strategic objectives and, certainly, its value. Perhaps most important, the exhibit also helps a company create the corporate governance Corporate Governance The relationship between all the stakeholders in a company. This includes the shareholders, directors, and management of a company, as defined by the corporate charter, bylaws, formal policy, and rule of law. and management oversight the public is demanding of organizations of all sizes, private or public. "With these best practices in place," Chookaszian says, "a company enhances its reputation among its various stakeholders Stakeholders All parties that have an interest, financial or otherwise, in a firm-stockholders, creditors, bondholders, employees, customers, management, the community, and the government. , who can be confident it has made a serious investment in fraud detection and prevention." Note: The exhibit was issued jointly by--in addition to the AICPA--the Association of Certified Fraud Examiners, Financial Executives International, Information Systems Audit and Control Association Information Systems Audit and Control Association (ISACA) is an international professional association for information system audit. ISACA is an affiliates member of IFAC[1] and IT Governance Institute. , the Institute of Internal Auditors “IIA” redirects here. For IIA in decision theory, see Independence of irrelevant alternatives. Established in 1941, The Institute of Internal Auditors (IIA) is an international professional association of more than 128,000 members with global headquarters in , Institute of Management Accountants The Institute of Management Accountants (IMA) is a professional organization headquartered in Montvale, New Jersey consisting of over 70,000 members worldwide. The IMA is dedicated to advancing the role of the management accountant and financial manager within the business and Society for Human Resource Management  This article or section is written like an .Please help [ rewrite this article] from a neutral point of view. Mark blatant advertising for , using . . Other organizations that reviewed the document and offered advice included the American Accounting Association, Defense Industry Initiative and National Association of Corporate Directors. Preventable Losses Financial statement fraud costs businesses an average of $4.25 million per incident. Source: 2002 Report to the Nation: Occupational Fraud and Abuse, Association of Certified Fraud Examiners, www.cfenet.com It is only those organizations that seriously consider fraud risks and take proactive steps to create the right kind of climate to reduce its occurrence that have success in preventing fraud. --Management Antifraud Programs and Controls: Guidance to Help Prevent, Deter, and Detect Fraud Research suggests the most effective way to implement measures to reduce wrongdoing is to base them on a set of core values.... This provides a platform upon which a more detailed code of conduct can be constructed, giving more specific guidance about permitted and prohibited behavior, based on applicable laws and the organization's values. Management needs to clearly articulate that all employees will be held accountable to act within the organization's code of conduct. --Management Antifraud Programs and Controls: Guidance to Help Prevent, Deter, and Detect Fraud Setting unachievable goals for employees can give them two unattractive choices: fail or cheat. In contrast, a statement from management that says, "We are aggressive in pursuing our targets, while requiring truthful financial reporting at all times," dearly indicates to employees that integrity is a requirement, This message also conveys that the entity has "zero tolerance The policy of applying laws or penalties to even minor infringements of a code in order to reinforce its overall importance and enhance deterrence. Since the 1980s the phrase zero tolerance has signified a philosophy toward illegal conduct that favors strict imposition of " for unethical unethical said of conduct not conforming with professional ethics. behavior, including fraudulent financial reporting. --Management Antifraud Programs and Controls: Guidance to Help Prevent, Deter, and Detect Fraud Employees should be given the means to obtain advice internally before making decisions that appear to have significant legal or ethical implications. They should also be encouraged and given the means to communicate concerns, anonymously if preferred, about potential violations of the entity's code of conduct without fear of retribution RETRIBUTION. 1. That which is given to another to recompense him for what has been received from him; as a rent for the hire of a house. 2. A salary paid to a person for his services. 3. The distribution of rewards and punishments. . ... For example, some organizations use a telephone "hotline" that is directed to or monitored by an ethics officer ... or another trusted individual responsible for investigating and reporting incidents of fraud or illegal acts. --Management Antifraud Programs and Controls: Guidance to Help Prevent, Deter, and Detect Fraud Active oversight by the audit committee can help to reinforce management's commitment to creating a culture with "zero tolerance" for fraud.... The audit committee's evaluation and oversight not only helps make sure that senior management fulfills its responsibility, but also can serve as a deterrent de·ter·rent adj. Tending to deter: deterrent weapons. n. 1. Something that deters: a deterrent to theft. 2. to senior management's engaging in fraudulent activity.... --Management Antifraud Programs and Controls: Guidance to Help Prevent, Deter, and Detect Fraud If senior management is involved in fraud, the next layer of management may be the most likely to be aware of it. As a result, the audit committee (and other directors) should consider establishing an open line of communication with members of management one or two levels below senior management to assist in identifying fraud at the highest levels of the organization.... --Management Antifraud Programs and Controls: Guidance to Help Prevent, Deter, and Detect Fraud Some risks are inherent in the environment of the entity, but most can be addressed with an appropriate system of internal control. Once fraud risk assessment has taken place, the entity can identify the processes, controls and other procedures that are needed to mitigate the identified risks.... In particular, management should evaluate whether appropriate internal controls have been implemented in any area management has identified as posing a higher risk of fraudulent activity, as well as controls over the entity's financial reporting process. --Management Antifraud Programs and Controls: Guidance to Help Prevent, Deter, and Detect Fraud For Further Information Management Antifraud Programs and Controls: Guidance to Help Prevent, Deter, and Detect Fraud can be downloaded from www.aicpa.org/antifraud/management/20.htm. More information on fraud and on implementing antifraud programs and controls can be found at the following Web sites: American Institute of Certified Public Accountants www.aicpa.org/antifraud Association of Certified Fraud Examiners www.cfenet.com Financial Executives International www.fei.org Information Systems Audit and Control Association www.isaca.org The Institute of Internal Auditors www.theiia.org Institute of Management Accountants www.imanet.org National Association of Corporate Directors www.nacdonline.org Society for Human Resource Management www.shrm.org ARLEEN R. THOMAS, CPA, is vice-president of professional standards and services at the American Institute of CPAs. Her e-mail address See Internet address. e-mail address - electronic mail address is athomas@aicpa. org. KIM M. GIBSON, CPA, is a technical manager on the audit and attest To solemnly declare verbally or in writing that a particular document or testimony about an event is a true and accurate representation of the facts; to bear witness to. To formally certify by a signature that the signer has been present at the execution of a particular writing so as standards team at the AICPA. Her e-mail address is kgibson@aicpa.org. Their views, as expressed in this article, do not necessarily reflect the views of the Institute. Official positions are determined through certain specific committee procedures, due process and deliberation deliberation n. the act of considering, discussing, and, hopefully, reaching a conclusion, such as a jury's discussions, voting and decision-making. DELIBERATION, contracts, crimes. . |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion