Internal Audit

Using Internal Controls to Detect and Prevent Fraud

Daniel Kim |
Using Internal Controls to Detect and Prevent Fraud

Fraud is the intentional deception of a person or entity for monetary or personal gain. Fraudulent acts include any form of false statement, misrepresentation, or deceitful conduct.

Since the inherent motive of fraud is to conceal the deception, it is difficult to detect fraud in the real-world environment. Especially in large corporations with interconnected processes and systems, analyzing the root cause of discrepancies then identifying the ulterior motive fraudulent is becoming a major challenge for organizations worldwide.

According to the ACFE 2014 Report to the Nation on Occupational Fraud and Abuse, a typical organization loses 5% of its annual revenue each year due to employee fraud. Most common frauds include asset misappropriation (theft of cash, data, and property), corruption, and financial statement fraud schemes (deliberate misstatement, misrepresentation, or omission of financial statement data).

Prevention and early detection are crucial to reducing the instances of fraud in an organization. Internal controls play a key role in reducing the opportunities available to commit fraud. By implementing the following anti-fraud internal controls and practices, organizations can expect considerably lower losses due to fraud.

Segregation of Duties

The Institute of Internal Auditors (IIA) describes the basic idea underlying segregation of duties as “no employee or group of employees should be in a position both to perpetrate and to conceal errors or fraud in the normal course of their duties.” That is, the work of one individual should be either independent of, or serves to check on, the work of another. The IIA classifies an employee’s duties into three categories: 1) Custody of Assets 2) Authorization/Approval of related transactions affecting those assets and 3) Recording and reporting of related transactions.

Expense Reimbursements

As per ACFE’s 2014 report, a significant portion of asset misappropriation schemes involve situations in which an employee makes a claim for reimbursement of fictitious or inflated business expenses. In order to prevent such schemes, management should ensure that the relevant policies and procedures surrounding employee reimbursements are communicated to employees and make updates whenever deemed necessary. Moreover, the approval flow for such reimbursements should include, along with the direct supervisor, other key stakeholders, such as affected business team members, payroll, or internal audit.

Whistleblower Hotline

Federal corporate whistleblower laws, such as the Sarbanes-Oxley Act and the Dodd-Frank Act, encourage the implementation of a robust corporate whistleblower mechanism. They do this by not only protecting the interests of employees, private contractors, and sub-contractors, but also by creating an awards program to reward whistleblowers. In spite of these federal regulations, the ultimate responsibility of implementing a strong whistleblower program lies with Management. Historically, internal employee tip-offs have provided the best means of fraud detection. Hence, Management cannot afford to neglect having an internal whistleblower mechanism within their organization.

Periodic Reconciliation of Bank Accounts

Bank reconciliations highlight the differences between the cash per balance sheet and bank statement, while also confirming accuracy of the data recorded in the organization’s cash ledger. Depending on the size of the organization, bank reconciliations are performed on a daily, weekly, or monthly basis. The core duty of performing a bank reconciliation is not just to identify unexpected differences, but also entails preventing future occurrences, such as: accounting delays, restricting auto-debits to vendors, etc.

In conclusion, it is Management’s proactive approach towards fraud detection and prevention, coupled with strong internal controls, which will ultimately decrease the opportunities to commit fraud and instill an ethical culture within an organization.

Daniel Kim

Daniel Kim, CPA, is co-founder and co-CEO at AuditBoard. Formerly global head of audit for two multibillion-dollar public companies, Daniel leverages his 15+ years of audit, risk, compliance, and SOX program consulting with hundreds of pre-IPO and public companies to deliver modern solutions for today’s corporate audit needs.

You Might Like

Learn how AuditBoard's integrated suite of easy-to-use software (audit management software, SOX compliance software, risk management software, audit workflow software, and compliance management software) can empower your team.