News & Events

Spotlight on a critical antifraud tool: Risk assessments

Alert
07.05.2022

anti fraud toolboxFraud risk assessments have been shown to prevent occupational fraud and limit losses for victimized organizations. These tools have become more prevalent in recent years, according to “Occupational Fraud 2022: A Report to the Nations” published by the Association of Certified Fraud Examiners (ACFE). But although almost 50% of businesses perform fraud assessments, many owners and managers may be unaware of the value of these procedures and how the assessment process works.

When and why?

Fraud risk assessments generally are conducted by internal auditors, either on a standalone basis or as part of a comprehensive enterprise risk management program. You may want to conduct assessments annually or whenever there have been major organizational changes or disruptions.

The COVID-19 pandemic, when many businesses closed temporarily and many employees started working from home, may provide the impetus to conduct a fresh fraud risk assessment. For example, workers could have used unsecured Wi-Fi connections to log in to your network while working from home, your accounting department may have temporarily stopped rotating duties or employees tasked with overseeing certain antifraud activities may have left your organization.

Getting started

Typically, a fraud risk assessment starts in the areas where fraud is most likely to happen — such as accounts payable, purchasing and IT. But it’s important not to stop there. If you close a door in only one department, those bent on fraud will find openings elsewhere.

You must review your organization’s internal controls in the same way a dishonest employee would — as opportunities that pose relatively little risk of exposure. Employees might exploit weak internal controls via:

  • Fraudulent financial reporting, such as improper revenue recognition and overstatement of assets,
  • Misappropriation of assets, including embezzlement or theft,
  • Improper expenditures, such as bribes, and
  • Fraudulently obtained revenue and assets, including tax fraud.

Some schemes, such as payroll or purchasing fraud, can involve external people in addition to employees. Fraud may be limited or widespread and affect everything from individual accounts to entity-wide processes. So your business’s controls should address all levels — including owners and executives — every department and all types of fraud.

Digging in

Interviewing key executives and managers is critical. They’ll provide you with a first glimpse of potential risk areas. Perhaps more important, these conversations will help you judge whether company leaders are setting the ethical “tone at the top” that’s integral to fraud prevention.

Next, identify the number and names of employees who handle or review accounting functions. How many, for example, reconcile bank statements or are authorized to make bank deposits? Spreading accounting and banking duties across multiple employees — or shouldering some of the review processes yourself — provides segregation and oversight that are essential to deterring fraud. If segregation of accounting duties was suspended during the COVID-19 lockdown and never reinstated, make sure you activate it immediately. A combination of job rotation and mandatory vacation has been shown to reduce fraud losses in victimized organizations by 54%, making it the most effective antifraud control.

Also consider your company’s key performance indicators. Fraud risks, for example, can show up in the performance of sales goals or in inventory management. And review antifraud spending. Compliance training, internal controls monitoring and ongoing risk reviews should be included in your business’s budget.

Too important

The final step is to adjust your controls (and, possibly, introduce new ones) to address any fraud risks you’ve discovered. What if your small business doesn’t have the internal resources to conduct a fraud risk assessment? (Only 17% of businesses with fewer than 100 employees perform risk assessments.) If so, engage a professional fraud expert to do the job. It’s too important a tool to leave in the box.

© 2022

Jump to Page

Boyer & Ritter LLC Cookie Preference Center

Your Privacy

When you visit our website, we use cookies on your browser to collect information. The information collected might relate to you, your preferences, or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. For more information about how we use Cookies, please see our Privacy Policy.

Strictly Necessary Cookies

Always Active

Necessary cookies enable core functionality such as security, network management, and accessibility. These cookies may only be disabled by changing your browser settings, but this may affect how the website functions.

Functional Cookies

Always Active

Some functions of the site require remembering user choices, for example your cookie preference, or keyword search highlighting. These do not store any personal information.

Form Submissions

Always Active

When submitting your data, for example on a contact form or event registration, a cookie might be used to monitor the state of your submission across pages.

Performance Cookies

Performance cookies help us improve our website by collecting and reporting information on its usage. We access and process information from these cookies at an aggregate level.

Powered by Firmseek