The Obstacle
Yet that has not traditionally been their role. Auditors have certainly been obligated to report and investigate instances of fraud when irregularities are discovered, but in most cases they have not actively sought out fraud. In fact, according to the Institute of Internal Auditing, which has 2,700 members, only 34% of internal auditors report using automated fraud detection software or similar technologies on every audit. Philip Wolitzer, a 50-year faculty member with Long Island University’s accounting department, says a huge change in attitude is required among auditors. “Let’s state the obvious: Shareholders expect us to look for fraud,” he says, “so, we’re going to have to look for it.” The change in attitude and the costs of searching for fraud pose significant hurdles.
The Response
Trust, but Verify: Quite often, senior management is reluctant to put in place technologies and procedures which actively search out and trace fraud because of the perceived message it sends to employees: “You can’t be trusted.” Analysts say the scandals of the past two years provide ample ammunition for answering that concern. It is not a sign of mistrust, just a way to verify what employees have done—and what auditors need to look into.
Don’t Just Pay the Bill: An auditor vouches for the veracity of financial reports to a company’s board of directors and shareholders. However, that responsibility can be undermined since a company’s CEO and CFO usually call the shots when it comes to picking the auditor. One policy around this, that takes a chief executive and board decision, is to rotate auditors after a certain number of years, to encourage better work.
Boost the Bottom Line: If your systems are effective, you can win points with corporate. In 2002, the Association of Certified Fraud Examiners estimated instances of occupational fraud and abuse—such as asset-theft—sliced 6% off corporate revenues, or about $600 billion. Fraudulent financial statements were the most costly forms of fraud, with median losses of $4.25 million per scheme. Being able to catch—or prevent—fraud through the use of technology, can go right to a company’s bottom line.
Bring Industry Heat: Now you have the ammunition to get your executives—and your auditors—to adopt watchdog systems. In 2002, the American Institute of Certified Public Accountants, the national professional association of CPAs, issued a new audit standard for detecting fraud. Statement of Auditing Standards 99 says auditors must “approach every audit with professional skepticism and not assume that management is honest,” according to association president Barry Melancon. Among the guidelines are provisions for unpredictable audit tests and procedures to test management’s ability to override controls in order to commit fraud. This requirement provides ammunition for auditors to install new technology which will automate some of the detective work, as well as improve audit trails and increase security around reporting controls.
