Most Companies Get an 'F' in Fraud Prevention

Enron had a code of conduct. Enron had a hotline. And in the end, Enron had fraud.

Today, companies operate with a false sense of security because they either don't have a fraud prevention program or the program they have is a legal, yet ineffective "fig leaf."

"One key to fraud prevention is to create an atmosphere where employees feel confident in reporting wrongdoing without being victimized, even if executives appear to be involved," explains Toby Bishop, president & CEO of the Association of Certified Fraud Examiners (ACFE), the largest anti-fraud association in the world. "If companies don't have effective fraud prevention programs, they are at risk of failure," says Bishop.

Years ago, working as a consultant, Bishop tested the effectiveness of an existing fraud prevention program for a major utility company. Management thought their program was working and wanted confirmation. Bishop's firm surveyed a statistical sample of employees to assess their feelings about management's commitment only to discover that employees in one division did not believe management wanted to "do the right thing," says Bishop.

"If employees perceive their company's fraud controls to be weak or if they think management is only giving lip service to ethical behavior, fraud is inevitable," Bishop warns.

In 2002 fraud prevention was one of the goals addressed in the Sarbanes-Oxley Act (SOX), legislation that affects how public organizations and accounting firms deal with corporate governance, financial reporting and public accounting. The effect of SOX has been far reaching, leading to voluntary changes in private companies and mandatory changes in public companies. But is it preventing fraud? "It may not be as effective as people expected," Bishop answers.

Over the past 18 months Bishop has taught several thousand participants how to use the ACFE's Fraud Prevention Check-Up, a tool that identifies major gaps in organizations' fraud prevention processes. None of the participants thought their organization would pass the test, which means they are at significant risk of fraud.

Bishop says while Sarbanes-Oxley invokes a basic framework for internal controls, including anti-fraud controls, additional specifics are needed to address controls to prevent fraud. "There is a definite gap in the standards used to establish fraud prevention controls, if companies use them at all."

You may like these other stories...

We're not sure if project management advice lends itself to poe, but here's an attempt. Please enjoy this collection of project management verses with our compliments. More about project management can be found in my...
Regulators struggle with conflicts in credit ratings and auditsThe Public Company Accounting Oversight Board (PCAOB), which was created by the Sarbanes-Oxley Act in 2002, released its third annual report on audits of...
Could the IRS disallow Ice Bucket Challenge charitable contributions?Unless you’ve been living under a rock, you’ve probably heard of – or participated in – the ALS Ice Bucket Challenge.I was...

Already a member? log in here.

Upcoming CPE Webinars

Aug 26
This webcast will include discussions of recently issued, commonly-applicable Accounting Standards Updates for non-public, non-governmental entities.
Aug 28
Excel spreadsheets are often akin to the American Wild West, where users can input anything they want into any worksheet cell. Excel's Data Validation feature allows you to restrict user inputs to selected choices, but there are many nuances to the feature that often trip users up.
Sep 9
In this session we'll discuss the types of technologies and their uses in a small accounting firm office.
Sep 11
This webcast will include discussions of commonly-applicable Clarified Auditing Standards for audits of non-public, non-governmental entities.