by Camico Insurance
Internal or occupational fraud continues to cause enormous problems for CPAs. While audit engagements historically generate more losses than other engagements, all types of engagements are affected by fraud, from non-attest services to tax return preparation. Nearly one-third of all claims losses over $100,000 received by CAMICO stem from some kind of fraudulent activity.
Small businesses are especially prone to defalcation, or misappropriation of assets, which accounts for 80 percent of all fraud cases, according to the Association of Certified Fraud Examiners (ACFE). Small businesses also experience fraud losses at a frequency of nearly 100 times that of larger businesses, which are more prone to fraudulent financial statements, a less frequent but more expensive form of fraud, according to the ACFE.
Some reasons why fraud continues to be such a big problem follow:
Fraud is relatively easy to perpetrate and conceal, and the widespread use of computers has made it even easier in many ways.
Typically committed by experienced, relatively well-educated and computer-literate people who know what they’re doing, fraud can be extremely difficult to detect. Only about 20 percent of known fraud cases are discovered by methods such as audits and management oversight. The other 80 percent of known cases are detected as a result of tips and complaints by employers, associates, and relatives. Most fraud claims handled by CAMICO involve crimes perpetrated on the CPA’s client by third parties such as employees, contract bookkeepers, and loan brokers, although some cases involve the CPA’s employees.
Furthermore, too many employers assume that accounting software programs provide a system of checks and balances that keep employees honest. There is also a false perception that programs somehow legitimize some procedures that are not necessarily legitimate.
The most common defalcation scenario involves a small business owner who is so busy running the business that control of financial matters has been entrusted to a bookkeeper with an accounting software program.
Computers have made the process of bookkeeping easier, but this in and of itself causes potential problems, according to Ron Klein, J.D., CFE, CAMICO vice president of claims. “In a small business, since it is even more likely that only one employee will be doing all the bookkeeping work (posting the books, preparing payroll and disbursement checks, and reconciling the accounts), internal controls suffer greatly from the lack of a segregation of duties,” Klein said.
Small businesses often do not have enough employees for a segregation of duties, which means inadequate checks and balances on the lone bookkeeper. Personal financial pressures and resentment toward the employer can induce someone to start stealing funds.
Extra payroll checks or fictitious vendor payments, which can be easily voided in an accounting software program, are popular devices. The fraud is usually detected when the perpetrator is out ill or on vacation, and the owner or supervisor notices extra canceled checks, or disbursement checks made out to unknown entities.
CPAs are often expected to detect and prevent fraud, and they are often held liable for the damages caused by it.
The Statement on Auditing Standards No. 82 (AU 316.10) confirms the profession’s commitment to detecting and reporting fraud in audit engagements. At the same time, the Statement warns that “even a properly planned and performed audit may not detect a material misstatement resulting from fraud” due to the “the concealment aspects of fraudulent activity, including the fact that fraud often involves collusion or falsified documentation.”
Nevertheless, CAMICO jury studies have shown that nearly two-thirds of jurors agree with the following statement: "The purpose of an audit is to uncover any type of fraud or wrongdoing."
A similar expectation is found even on the subject of non-attest services. Sixty percent of jurors agreed with the following statement: "The purpose of having an accountant examine a company’s books is to uncover any and all irregularities, even if the accountant is not hired to do an audit."
CAMICO claims studies bear out those juror expectations. Not only does fraud cause 47 percent of dollar losses in audit engagement claims, it causes 45 percent of dollar losses in review and compilation claims.
CAMICO recommends two types of letters in this area:
Engagement letters for all types of engagements. Such letters help communicate a clearer perception of the CPA’s role and to bridge the “expectation gap” between what the client is expecting and what the CPA is able to deliver. Establish an understanding with the client, in writing and otherwise, on the objectives, nature, and limitations of the engagement, as well as on the CPA’s and the client’s responsibilities.
Advisory letters to help explain client exposures to the risk of defalcation or financial statement fraud, as well as the need for internal controls. They can also confirm to the client that the CPA has not been engaged to address certain areas.
The bright side is that CPAs can take the need to warn clients of internal control problems, and turn it into a practice opportunity. Many clients expect their CPAs to give them advice about potential weaknesses in their financial operations. A significant number of lawsuits have resulted from CPAs not advising clients about what they should or should not do.