Professional Documents
Culture Documents
Fraud Efforts
By Dan Swanson
03/04/2008
How does your company stack up? Well, run through this checklist:
The two critical questions that will help get you ahead of the crowd:
To properly answer the second question, you must first have clear
answers to the first.
Specifically: The board is responsible for defining and approving the
organizations overall strategic direction and system of internal control,
as well as setting the tone-at-the-top (corporate governance).
Management operates and expands the business within the guidelines
set by the board, periodically reporting on performance as well as
progress toward key strategies and objectives. Management also
directs and monitors operations. That includes regular assessments of
the effectiveness of the overall system of internal control against the
requirements set by the board, as well as the companys own ethical
values and beliefs.
The IIAs international internal audit standards are clear: internal audit
should be aware of the possibility of fraud, but internal auditors are
not responsible for the detection and prevention of fraud. In my view
however, the standards are inconsistent with the benefit and need for
internal auditors to be actively looking for signs of fraudulent activities
in support of management and the board.
An effective internal audit function improves the companys ethical
culture and control environment, both overtly through its audit work
and in a more general sense by promoting good practices. Internal
audits of anti-fraud activities provide valuable feedback to
management and the board regarding improvement opportunities and
overall performance, contributing in the long term to more effective
fraud risk management efforts. It can also be a deterrent when
employees know that the internal audit department possesses persons
with fraud detection knowledge, skills, and tools.
Once your own house is in order, also consider the potential fraud risks
relating to your key business relationships. Whistle blowing by
suppliers, partners or customers is said to be one of the most common
ways of discovering fraudulent activities, and it cuts both ways. If a
partner employee wanted to disclose fraud at your company, would
they have the means and encouragement to do so? What if you or one
of your colleagues uncovered a fraud at one of your partners how
would they deal with it?