Article 3:
Guarding Against Fraud Risk
Economic downturns are often linked to increased instances of fraud, and although the worst may be over, many companies are still vulnerable. A review of internal controls and fraud prevention strategies can help ensure the company is protected.
Types of fraud on the rise
Two categories of fraud may increase during troubled economic times. The first is fraud perpetrated against the company by employees, suppliers or other third parties. This may include embezzlement, misappropriation of assets, kickback schemes or false invoicing, usually motivated by personal financial gain. The damage to the company goes beyond monetary loss as the corrupting influence may spread throughout the organization.
The second type of fraud is management-level fraud relating to the company's financial disclosures. This includes failure to comply with generally accepted accounting principles, inappropriate earnings management and improper or omitted disclosures in financial statements. These frauds are generally designed to make the company appear healthier than it actually is and may be motivated by personal gain (e.g.: the need to meet performance targets to ensure bonus payouts) or may be an attempt to protect the company from the effects of disclosing bad news.
While this type of fraud is less common, the impact on the company is greater. It frequently requires radical correction to financial statement disclosure, shaking investor confidence and impacting stock prices. Regulatory penalties and reputational damage often follow.
Incentives and opportunities for fraud
During economic downturns, there may be increased incentives to commit fraud to maintain or supplement income in the face of decreased compensation or the threat of downsizing. Falling stock prices can lead to increased pressure to meet performance targets.
Periods of market turbulence also present increased opportunities for fraud. Cost-cutting measures and staff reductions may mean decreased segregation of duties and/or deterioration in management review and supervision. The focus on business imperatives such as maintaining sales and cash flow can lead to control weaknesses and delays in the remediation of internal control deficiencies.
Internal controls are key
In both good times and bad, strong internal controls are key to guarding against fraud. Management is responsible for designing and implementing a system of internal controls to provide reasonable assurance that financial records are reliable and form a proper basis for preparing the financial statements, that assets are properly accounted for and safeguarded, and that regulations are complied with. These internal controls are overseen by the board of directors, primarily the audit committee.
Issues that should be considered in the current economic climate include the impact of staff and resource reductions on internal controls, the need for increased supervision and review by management in areas where internal controls may be weakened, and the progress on remediation of previously identified control deficiencies.
Tone at the Top
A critical element of effective internal control is the integrity of the CEO and the creation of a culture of integrity within the organization, often referred to as "tone at the top." This sends a clear signal to the entire organization. When CEOs make the quality of financial reporting a top priority, it is more likely to be a priority as well for those who prepare financial reports, accounting estimates and financial disclosures.
Code of Conduct
The code of conduct is another key element of the company's control environment. The code should be reviewed regularly and employees and contractors should be asked to acknowledge that they are familiar with the code and undertake to comply with it. CEOs may consider expanding the list of parties who are required to comply with the code to include others such as suppliers.
Whistleblowing
Securities laws require issuers to establish a whistleblowing program, overseen by the audit committee, relating to financial reporting and accounting matters. In many public companies, all whistleblowing (financial and otherwise) is folded into one program.
Fraud Prevention Programs
A solid fraud prevention program enhances awareness among employees, suppliers and others, and facilitates quick and effective response to allegations of impropriety. The program should minimize the potential for management override of controls. Responsibility for fraud prevention and detection should be clearly assigned to a specific executive.
The fraud prevention program should be reviewed in light of the current economic situation and revised where necessary to reflect changing fraud risks, taking into account risk factors specific to the company and industry.
Beth Deazeley, LL.B.
Principal, Risk Management and Governance
Canadian Institute of Chartered Accountants (CICA)
Resources from the Risk Management and Governance Board of the CICA are available at www.rmgb.ca, and include the documents 20 Questions Directors Should Ask about Corporate Wrongdoing by Carol Hansell and Beth Deazeley, and Director Alert on Fraud Risk by Mike Savage. Much of this article is based on those documents.
