Who is responsible to detect and prevent fraud? Management and the board of directors are responsible for adopting sound accounting policies and establishing controls to prevent, deter, and detect fraud.
It would be a mistake to expect an annual financial statement audit to uncover or prevent all frauds. Although auditors perform required testing procedures, they do not review 100% of a company’s transactions during a year and they generally do not test the internal control system or express an opinion on its effectiveness unless Section 404 of the Sarbanes-Oxley Act requires it or the company specifically requests it.
Furthermore, fraud is usually concealed, so material misstatements due to fraud may be hard to uncover. Because company managers have access to the internal control system, they can sometimes override it to perpetrate and conceal fraud by illegally circumventing controls, falsifying information, and using collusion.
What can alert a company to possible fraud?
Known as a “fraud triangle,” three conditions are generally present when fraud occurs: (1) incentive or pressure, (2) opportunity, and (3) attitude or rationalization. The following red flags could also indicate fraud:
• Do you have employees living beyond their means?
• Is your accounting department dominated by one individual?
• Do you fail to require all employees to take vacations and have others do their work while they are away?
• Have your margins or bottom line eroded unexpectedly or without probable explanation?
• Are your internal controls less than adequate, especially over cash disbursements (including electronic payments)?
Perform a fraud risk assessment
How can you assess the fraud risks specific to your company? A fraud risk assessment will identify where you may have potential control lapses, such as inadequate segregation of duties and ineffective monitoring of controls, or the ability to override those controls. The assessment will rank these risks based on impact and likelihood.
Use the results to establish preventive controls (to segregate duties and limit access to systems allowing manipulation) and detective controls (to identify fraud after it occurs). Preventative controls are best, but detective controls will provide basic protection.
Our special services target fraud
Consider the following services designed to help prevent and detect fraud:
• Fraud risk assessment
• Internal control system evaluation
• Accounts payable testing, with features to detect potentially fraudulent transactions
We have experienced professionals qualified to perform services specifically designed to prevent fraud and identify it when it occurs.
For more information or discussion, please call Brian Benes or Scott Gokey at 888-556-5580 or 414-463-4411.