February 15th, 2016 by Keith Hock
Benjamin Franklin famously stated that, “an ounce of prevention is worth a pound of cure.” This is definitely true when it comes to financial frauds – a fraud risk assessment (the prevention) is definitely better than fixing an internal control deficiency after a fraud (the cure). Let’s look at some numbers, according to the Association of Certified Fraud Examiners’ most recent report:
So how can a business provide the proverbial “ounce of prevention” against fraud? A fraud risk assessment reviews existing internal controls and processes to identify and address potential internal control deficiencies and fraud risks before a fraud has occurred. While no accounting or internal control system is completely fraud proof, understanding and addressing your company’s potential control weaknesses is a good place to start.
A fraud risk assessment can be a comprehensive, one-time review of a company’s entire internal control system (that is, unfortunately, often performed after a fraud has occurred). A comprehensive review can be both time consuming and a significant use of limited financial and human resources. As an alternative, companies may develop a fraud risk assessment strategy that creates a longer-term plan to conduct assessments of each operational and accounting function on a rotating basis over a period of years.
There are several advantages to this type of fraud risk assessment strategy:
Whether a company elects a comprehensive or rotating internal control review, a fraud risk assessment will identify potential risks, each risk’s likelihood of occurrence and the magnitude of its potential loss. The design and operating effectiveness of the current internal control structure is then evaluated. Any significant internal control deficiencies identified in the assessment – especially those related to the risks that are both most likely to occur and could result in significant losses – should be addressed with new, redesigned or re-implemented controls, as appropriate.
Interested in learning more about fraud risk assessments, internal controls or fraud investigations? Contact Keith Hock at (513) 505-4590 or firstname.lastname@example.org, Rebekah Smith at (614) 947-5300 or email@example.com or Tom Powers at (614) 947-5215 or firstname.lastname@example.org.