To make sure you receive future emails,
please add {[EM-EMAIL ADDRESS]} to your address book or safe list.

Audit & Accounting Alert Newsletter

Issue 5 | May 2016

At-A-Glance

Gerry Herter

Fraud is a persistent nemesis in the business world. As the study covered in our first article demonstrates, the extent of fraud has not changed significantly over the past twenty years, though the techniques and preventive measures have become more sophisticated.

An example of a modern sophisticated approach to rooting out fraud is described in our second article. Forensic data analytics has the potential to uncover fraudulent behavior often before significant damage is done, substantially reducing the financial impact.

Finally, two studies from the United Kingdom explore the relevance of the audit in today’s complex business environment. Implications for the future and recommended priorities are delineated in our third article.

Editor Gerald E. Herter, CPA

In This Issue 

Fraud Numbers Hold Steady

New study shows long ranging persistence of duplicitous behavior

The Association of Certified Fraud Examiners (ACFE) was established in 1988 with a mission to “reduce the incidence of fraud and white-collar crime and to assist the Membership in fraud detection and deterrence.” Today the organization boasts over 75,000 members and sets high membership standards through education, examination and ethics requirements.

 The inaugural Report to the Nation on Occupational Fraud and Abuse was published in 1988, providing the first such compendium of statistical data, bringing visibility to the magnitude of fraud in the business world, as well as serving as a benchmark for ongoing measurement and tracking. This initial report covered 2,608 cases from the prior ten-year period, collected from ACFE members who were surveyed for detailed data, generally from their more serious defalcation cases. A subsequent survey report was issued in 2002, after which a biennial schedule was instituted to facilitate uniform comparison.

Which brings us to the latest edition of the Report to the Nation on Occupational Fraud and Abuse – 2016 Global Fraud Study. ACFE members, with 7,497 submissions for consideration, were asked to respond to 81 detailed questions, which resulted in 2,410 cases accumulated into the final report.

Looking back over the years, the overriding observation is the consistency of the extent and nature of fraud in business over the past twenty years. The 1996 survey reported that the average organization lost about 6% of annual revenue to fraud and abuse. The 2016 survey reports a 5% amount of loss.

The 1996 report estimated that the total cost to US organizations from fraud and abuse was more than $400 billion. The survey expanded in 2008 to cover the entire world. Consequently, in the 2016 report, which includes cases from 114 countries, the authors project and theorize that the potential cost of fraud worldwide could be $3.7 trillion, which is equivalent to the Gross Domestic Product (GDP) of Germany.

In 1996, the typical perpetrator was a college-educated male, with men responsible for almost 75% of the offenses, which were also four times as costly as those caused by women. The 2016 report does not distinguish between the sexes, possibly a reflection that the greater proportion of women in the workplace today has brought more balance to the results. However, the higher the level of authority of the perpetrators involved, the greater the loss that occurred. Executive losses in 2016 were 11 times greater than employee losses, while in 1996 the gap was 16 times.

The median loss for all cases in the 2016 study was $150,000, with 23.2% of them losing at least $1 million. These amounts were only slightly more than the 2014 results. Also, the forms of fraud were comparable between the two most recent studies: 83-85% asset misappropriation, 35-37% corruption, and about 9-10% financial statement fraud. (These total more than 100% since some frauds encompassed multiple forms).

The most prevalent anti-fraud control cited in the 2016 study was the external independent audit, employed in 82% of the companies studied. Yet, as stated as far back as the 1996 study, few frauds are detected by routine audits. From 2012-2016, only 3% were uncovered by external audits. By far, over the past 20 years, tips were the most common detection method, representing about 40% in the last two studies. The importance of an employee hotline, promoted in 1996, was illustrated by the 2016 results, which revealed that detection of fraud through tips was about 20% higher in companies that had hotlines. Overall, companies with anti-fraud controls in place experienced lower fraud losses and quicker detection than companies without them.

The biggest organizational weaknesses that factored into fraud were a lack of internal controls and existing controls being overridden, especially in smaller businesses where prevention resources were more limited. Also, smaller businesses tended to have more fraud risks with “check tampering, skimming, payroll, and cash larceny schemes,” while “corruption was more prevalent in larger organizations.”

Most frauds were the work of first-timers, with the most prevalent warning signs including “living beyond means, financial difficulties, unusually close association with a vendor or customer, excessive control issues, a general “wheeler-dealer” attitude involving unscrupulous behavior, and recent divorce or family problems.”

Other recommendations from the 1996 study which still apply today are: 1) setting the tone at the top; 2) having a written code of ethics (81% of companies in the 2016 study reported having one); 3) checking employee references; 4) high level, independent examination of unopened bank statements (modified for current technological processes); and 5) creating a positive work environment. 

For further information, see  The 2016 ACFE Report to the Nations on Occupational Fraud and Abuse


Forensic Data Analytics: Current Benefits and Untapped Potential

Ernst & Young Survey touts economic payback along with fraud reduction

The ACFE’s Report to the Nation on Occupational Fraud and Abuse pointed out that companies implementing proactive data monitoring and analysis experienced “frauds that were 60% less costly and 50% shorter in duration.” Unfortunately, many companies were found to be overlooking this effective control measure. That is also a key take away in the January, 2016, Ernst & Young (EY) Global Forensic Data Analytics Survey Shifting into high gear: mitigating risks and demonstrating returns.

To assess the status of forensic data analytics (FDA), EY interviewed 665 company anti-fraud program decision-makers from across the world during the third quarter of 2015. The four major conclusions from the survey were:

  1.  Demand for FDA is growing across the board;
  2.  The FDA landscape is maturing;
  3.  There are several hurdles to the attainment of FDA deployment; and
  4.  Effective FDA deployment is reflected by several factors.

The survey defines FDA as the “ability to collect and use data, both structured (e.g., general ledger or transaction data) and unstructured (e.g., email, voice or free-text fields in a database), to prevent, detect, monitor or investigate potentially improper transactions, events or patterns of behavior related to misconduct, fraud and noncompliance issues.”

Cyber breaches and insider threats were reported as the fastest growing threats, along with the related regulatory measures responding ever more stringently. The increasing frequency and severity of these threats have created a heightened sense of urgency and demand from the topmost levels of management.

As a result, spending on FDA has increased. Fewer companies feel that their FDA spending is adequate compared to two years ago, and 60% are looking to increase FDA spending in the next two years. A large portion of the investment will be directed toward proactive monitoring initiatives, attempting to get out in front of incoming threats.

While more advanced technology tools are now available, spreadsheets are still in widespread use as the typical tool for managing fraud risk. The survey noted that “unstructured content accounts for around 90% of an organization’s digital information.” Social media, mobile phones or web logs are extensive forms of communication in the modern world. Combining analysis of structured and unstructured data can greatly enhance results. An example from the report illustrates that “comments from sales logs can show an individual’s intent to commit a fraud, while a financial transaction can provide the evidence.” A large percentage of respondents were reported as currently analyzing both forms of data.

Even with the growing attention and investment in FDA, the survey report pointed out that more than half of companies do not have an awareness of a key added benefit. While most recognize the expanded capability to detect a broader range of fraud, and to detect fraud more quickly, many have not yet grasped the significant cost saving that can be reaped from these results. Prevention is much cheaper than the cost of picking up the pieces after the fact.

Consequently, though there is recognition of the need for FDA, top management has not realized the investment level required for effective deployment. There needs to be better understanding of the total value of FDA, in order to justify the adequate deployment of resources to acquire and develop the specialized skills and technology to get the job done.

Those companies that have overcome the hurdles and succeeded with FDA are characterized as using advanced technology “(including social media and web monitoring, voice searching and analysis, and visualization and reporting tools),” analyzing more data “(over 10 million records),” and investing a greater portion of their total compliance and anti-fraud budgets “(one-third).”

For further information, see Global Forensic Data Analytics Survey 2016.


Essentials for the Successful Audit Team of the Future

Dual studies explore demands of a modern and complex global business environment

Two common thrusts of recent articles in the Integra Audit & Accounting Alert focus on the current quality of the audit function as measured by inspections, and the challenges for maintaining audit relevance and effectiveness into the future. In order to address these issues, the Financial Reporting Council of the United Kingdom (FRC) and The Institute of Chartered Accountants of Scotland (ICAS) in 2013 commissioned two parallel studies “to investigate what mix of attributes, competencies, professional skills and qualities need to be combined in an audit team in order for it to perform a high quality public interest audit in a modern and complex global business environment,” both now and in the future.

The two teams of academic researchers used different methodologies that produced distinctive, yet complementary results. The study The capability and competency requirements of auditors in today’s complex global business environment drew from the three countries of the researchers: Australia, South Africa and the United Kingdom. Six of the largest companies from six different industries were selected from each country. Then the internal and external audit executives, audit committee chairs, and non-auditor experts participating on the audit were interviewed, as well as individuals having regulatory and educational oversight for the countries.

The study found a need for an ongoing debate about the future of audit, in light of current trends and changes in the business and societal environment. As a result of the attempts of increased regulation to improve audit quality, dual audits are, in effect, performed: one a checklist compliance audit and the other assurance driven to express an opinion. At the same time, changes and increases in complexity, for example in technology, require an audit team that is more diverse and specialized in knowledge. There is an interesting paradox in that junior audit staff are in need of closer and more interactive supervision, while mid-career and higher professionals are in need of the deeper technical skills at which the younger staff are often more adept. Also, recruiting the talent that is needed to address the complexities remains a challenge due to the persistent negative perceptions of the profession as being “risky, over-regulated, offering poor work/life balance, possibly boring and with onerous entry and complex update requirements.”

The study calls for regulators, professional bodies, audit firms, the global business community, and educators to work together to devise effective, practical solutions. Audit teams of the future are visualized as comprised of three components: audit accounting specialists, industry specialists, and technical specialists, i.e. actuaries, data analysts, and information technologists. Specialists in each area need a better overall understanding of the other specialties in order to be most effective.

The study Skills, competencies and the sustainability of the modern audit used a focus group approach with a series of meetings, bringing together similar participants as the first study, as well as users of financial statements. The groups included participants from Belgium, France, Germany, Sweden and the United Kingdom.

The findings from this study were organized into four areas where challenges for auditors are perceived. The first centers on the context of the specific audit engagement, where the complexities of the modern business, the accounting and the systems are reasons for concern. Understanding the business under audit is crucial for determining an effective audit approach. With the growing size, complexity and diversity of business models, reporting requirements and technological advances, the expertise required and the nature of audit evidence may be beyond the capabilities of the auditor developed under traditional methods.

The second area for attention is the development of audit personnel. Here the importance of judgment and perceptive discernment, for successful audit results, are seen as eroded from the increased attention given to checklists and routine procedures geared toward standards compliance. Also, the effectiveness of programs for attracting and nurturing staff will impact the ability to assure that the best auditors reach the partner level.

Third is the standing of firms as suppliers of audit services. The clear image of the audit firm has diminished as other service offerings become more prominent and firm structures may no longer be conducive to a long-term career model.

The final area addresses interactions with stakeholders and society. In this regard, there are several tensions to be balanced. The auditor needs a depth of knowledge of the client’s business, but not to the point that independence is impaired from the potential value which that knowledge can bring to the client, aside from the audit. The benefit of disclosures providing transparency and describing the audit can be lost through excessive content. Audit effectiveness is enhanced from high quality communication with those in governance, but to attain that goal calls for appropriate recruiting and training.

Summing up, the report states: “The 'auditing' profession has to ask itself whether the current state of affairs, with respect to auditor education, training and practice is as good as it gets? Is this really the best that can be done? ... Auditing professionals, policy makers and those on whose behalf the audit is undertaken would do well to confront the following issues and challenges if auditing is to have a sustainable future and be regarded as a valued and high skilled function relevant and appropriate (i.e. 'competent') for the demands of the modern, 21st century business environment and broader society.” The issues and challenges are:

  1.  Conceptualizing the audit as a skilled, judgmental activity;
  2.  Recruiting and developing suitable audit professionals; and
  3.  Managing the delivery of the audit as a professional service.

For further information, see Major ICAS/FRC research explores audit skills of the future.

 

Additional A&A News

The following links provide a selection of current articles devoted to highlighting other A&A topics currently making news.

  1. New Indian accounting norms to hit banking, telecom firms most
  2. Deloitte UK scales back real estate business to avoid audit conflicts of interest
  3. SEC Questions Widespread Use of Non-GAAP Measures
  4. How the Role and Skills of a Chief Audit Executive Are Evolving
  5. IAASB Biennial Report - Championing Change in the Public Interest
  6. FASB assists with licensing guidance, identifying performance obligations

Audit & Accounting Alert is a publication of Integra International intended to highlight emerging issues in the profession. The goal is to give Integra members an awareness of developments impacting the practice of Audit & Accounting, enabling them to stay on the forefront of industry trends.

Editor Gerald E. Herter  •  HMWC CPAs & Business Advisors, 17501 E. 17th Street, Suite 100, Tustin, CA 92780-7924
 •  Tel: 1 714 505-9000  •  Fax: 1 714 505-9200  •  Email: gerry@hmwccpa.com