Wednesday, January 21, 2015



How does one conduct a fraud risk assessment?
User's Picture
Anonymous
(CFO) | Jan 19, 2015
If I was going to audit our existing processes to look for vulnerabilities what would be the best way to start my assessment?
Answers
Proformative Advisor
Member's Profile
(President/Owner at AlphaMac Resources, Inc.) http://www.proformative.com/images/sigbadge-expert.pnghttp://www.proformative.com/images/sigbadge-advisor.pnghttp://www.proformative.com/images/sigbadge-instructor.png| Jan 19, 2015
Follow the money. That may sound simplistic, but fraud is going to occur anywhere there is value to be stolen. This includes, cash, fixed assets, product, raw materials, accounts payable, etc. Think of any way someone can divert assets to their personal use.
Here is a short list of things to look at:
1. Pay to play schemes for vendors
2. False/fake vendors
3. Poor controls over check stock and access to checking accounts.
4. Expense reports - false invoices, etc
5. Poor controls in accounts receivable and accounts payable
6. Poor segregation of duties in cash, A/R, A/P and inventory control
7. Employees living above their means. (example: extravagant spending on cars, trips, jewelry, parties, etc.)
8. Lack of or poor reconciliations and detailed review by management.
9. Poor physical security of assets (cash, inventories, fixed assets, vehicles, etc)
10. Poor password and network security.
11. Manual journal entries to accounts that should only have automated entries.
Finally, if you don't have a way for employees AND vendors to report issues to you in a confidential manner, you are not going to get an early warning of problems.
Also look for areas where a person who has information on wrong doing has been eliminated by the perpetrator. Example: An otherwise outstanding employee is suddenly fired by their boss for reasons that don't make sense given their past performance. Could be that outstanding employee wouldn't go along with the illegal or immoral activity and was eliminated.
By the way, there are computer programs and consulting companies that can help determine if there is potential fraudulent activity.
Member's Profile

(CFO at Tradeworks) http://www.proformative.com/images/sigbadge-expert.pnghttp://www.proformative.com/images/sigbadge-advisor.png| Jan 20, 2015
Scott's comments are spot on. Something else to consider is that there are usually three aspects that can lead to fraud:
1) Opportunity. As Scott detailed in his comments, if there are poor controls then that provides the individual with the access to commit the fraud.
2) Need. This is difficult to know unless the employee tells you directly that they need money. It is also subjective, as one person's want is another person's need. As Scott mentioned, look to see if anyone is living above their pay grade and evaluate if they have opportunity.
3) Rationalization. Again, this is subjective. Someone might feel they should be paid more, or that the company can afford the fraud, or that they dislike the company for whatever reason. Being aware of employee discontent is important, as in Scott's example.
Lastly, I have sometimes found that employees that never take a vacation or are very secretive about their work can be hiding something that they don't want anyone else to know about.
It is impossible to eliminate fraud 100%. If someone wants to steal they are going to do it. The trick is to make it difficult and to be able to find it as quickly as possible.

No comments:

Post a Comment