Fraud Deterrence

Introduction

• Fraud Deterrence has gained public recognition and spotlight since the inception of Sarbanex Oxley Act,2002.

Goal of SOX Act,2002

• To regain public confidence in the reliability of financial markets in the wake of corporate scandals such as ENRON, World Com and Waste Management.

• It was enacted to proactively deter financial misrepresentation in order to ensure more accurate financial reporting to increase investor confidence

Definition of Fraud Deterrence

• It is the proactive identification and removal of the casual

and enabling factors of fraud.

Definition - Explained

• It is based on the premise that fraud is not a random occurrence, it occurs when the conditions are right for it to occur.

• It attacks the root causes and enablers of fraud.• This analysis could reveal potential fraud opportunities in the

process.

Continued

• It is performed on the premise that improving organisational procedures to reduce the casual factors of fraud is the single best defense against fraud.

• It involves both short term (procedural) and long term (cultural) initiatives

Continued

• Deterrence involves an analysis of the conditions and procedures that affect fraud enablers, in essence, looking at what could happen in the future given the process definitions in place, and the people operating that process.

• Deterrence is a preventive measure-reducing input factors.

Deterrence v/s Prevention

• “While deterrence is preventive in nature, there are semantical problems with referring to ‘fraud prevention’. ‘Prevention’ can imply complete elimination of a risk, which is not possible in the case of fraud.

Casual factors to deter fraud

• Motive (or pressure) – The need for committing fraud (need for money, etc)

• Rationalization – The mindset of the fraudster that justifies them to commit fraud.

• Opportunity – The situation that enables fraud to occur (Often when Internal Controls are weak or non existent)

Statement on Auditing Standards (SAS-99)

• It is the first major standard to be released since the passage of SOX.

• Has the potential to significantly improve audit quality, not just in detecting fraud, but in detecting all material misstatements & improving quality of financial reporting process.

• It requires you to determine whether Management has designed programs and controls that address identified risks of material misstatement due to fraud and whether those programs and controls have been placed in operation.

COSO - Model

• It describes 5 inter related components of internal controlthat provide the foundation for fraud deterrence.

• These elements are the means for which the opportunity factors in the fraud triangle can be removed to most effectively limit instances of fraud.

1- Control Environment

• Consists of actions, policies and procedures that reflect the overall attitude of the management, directors and owners of an entity about Internal control and its importance to the entity.

Sub Components

• Integrity• Ethical Values• Commitment to competence• Board of Directors• Audit committee participation• Management’s philosophy and operating style• Organisational structure• Assignment of authority and responsibility• Human Resources Policies and Practices

2 – Risk Assessment

• It is a forward looking survey of the business environment to identify anything that could prevent the accomplishment of organizational objectives.

• As it relates to fraud deterrence, risk assessment involves the identification of internal and external means that could potentially defeat the organization’s internal control structure, compromise an asset, and conceal the actions from management.

Continued

• Risk assessment is a creative process; it involves identifying as many potential threats as possible, and evaluating them in a way to determine which require action, and the priority for that action”

3 – Control Activities

• Control activities generally fall into the five following specific control activities:

• 1) adequate separation of duties; • 2) proper authorization of transactions and activities; • 3) adequate documents and records; • 4) physical control over assets and records; and • 5) independent checks on performance

4 – Information and Communication

• It relates to flow of information in two directions within an organisation.

• Information should flow downward to the line functions and provide the best, most accurate information as needed to allow the function to produce the best results possible.

• Information about performance should flow upwards through management, through both formal and informal communication channels, providing objective feedback.

• Both communication channels must function effectively to safeguard the organization”

5 - Monitoring

• “Monitoring activities deal with ongoing or periodic assessment of quality of internal control performance by management to determine that controls are operating as intended and that they are modified as appropriate for changes in conditions”. “Monitoring involves both fraud deterrence and fraud detection activities.

Continued

• Management must ensure that all control processes are performed as designed and approved.

• Control compliance analysis to verify correct performance of procedures could reveal a control that has been inappropriately modified or one that is not performed as approved; this control weakness could present the opportunity for fraud.

• Proactively identifying these weaknesses and correcting the weakness is this is the fraud deterrence aspect of the monitoring process