Fraud Risk Assessment

Publicly traded companies must conduct fraud risk assessments but privately held businesses aren’t subject to the the same fraud risk assessment requirements.  Reviewing internal controls for gaps that may allow crooks to slip through is recommended for all companies, but if you’re like most business owners and executives, you may not actively search for fraud risks until there’s an incident and you’re facing possible losses.

4 major ways

A comprehensive risk assessment might start in the areas where fraud is most likely to happen, such as accounts payable, purchasing and IT. But don’t stop there. If you close a door in only one department, those bent on fraud will find openings elsewhere.

Look at your internal controls in the same way a dishonest employee would — as opportunities that pose relatively little risk of exposure. In general, there are four major ways employees might exploit weak internal controls:

  1. Fraudulent financial reporting, such as improper revenue recognition and overstatement of assets,
  2. Misappropriation of assets, including embezzlement or theft,
  3. Improper expenditures, such as bribes, and
  4. Fraudulently obtained revenue and assets, including tax fraud.

Some schemes, such as payroll fraud or kickbacks, can involve external people in addition to employees. And bear in mind that fraud may be limited or widespread and affect everything from individual accounts to entity-wide processes. Controls should address all levels and all types of fraud.

Where to start

Your assessment should start with interviewing key executives and managers. They’ll provide you with a first glimpse of potential risk areas. Perhaps more important, these conversations will help you judge whether company leaders are setting the ethical “tone at the top” that’s integral to fraud prevention.

Next, identify the number and names of employees who handle or review accounting functions. How many, for example, reconcile bank statements or are authorized to make bank deposits? Spreading accounting and banking duties across multiple employees — or shouldering some of the review processes yourself — provides segregation and oversight that are essential to deterring fraud. Regularly review organizational charts to ensure constant segregation of duties.

Also consider your company’s key performance indicators. Fraud risks, for example, can show up in the performance of sales goals or in inventory management. And review your fraud-risk management budget. Compliance training, internal controls monitoring and ongoing risk reviews should be included in your business’s budget.

Good financial sense

When analyzing your findings, remember that your company’s processes, procedures, programs and policies make you unique. That’s why it’s a good idea to engage an expert to perform a thorough fraud risk assessment. Contact Adam Hennen, CPA, CFE, CITP or Andrea Addo, CPA, MBA, CFE, CITP, to discuss how a fraud risk assessment could benefit your privately held business.

 

How can we help?

DISCLAIMER: This blog is provided for informational purposes only and is not a substitute for obtaining accounting, tax, or financial advice from a professional accountant. Presentation of the information in this article does not create nor constitute an accountant-client relationship. While we use reasonable efforts to furnish accurate and up-to-date information, the evolving landscape surrounding these topics is supported by regulations or guidance that are subject to change.

We Value Your Privacy

This site may use cookies to store information on your computer. Some are essential to make our site work and others to improve the user experience. By using this site, you consent to the placement of these cookies and accept our privacy policy.