Whose Job Is It to Find Financial Fraud?
Report examines expectation gaps within financial reporting chain; experts say communication is key
NATIONAL HARBOR, Md. (October 14, 2013) — A new report released today from the Anti-Fraud Collaboration* reveals that board members, financial executives, internal auditors, and external auditors are not completely on the same page when it comes to owning responsibility for deterring and detecting financial statement fraud. In fact, there are significant expectation gaps among the four groups that make up the financial reporting chain. The areas of greatest disparity appear to be:
- Who has the primary responsibility for deterring financial reporting fraud.
- How confident each group is in their ability to detect material misstatements.
- Whether each party appropriately strikes the balance between trust and skepticism.
The Anti-Fraud Collaboration report, “Closing the Expectation Gap in Deterring and Detecting Financial Statement Fraud: A Roundtable Summary,” includes results of a recent survey, which provided the basis for in-depth roundtable discussions that are summarized in the resulting report. The report concludes that each group in the financial reporting chain has an important role to play, and enhanced communication among all parties is needed to provide clarity on the respective roles in rooting out fraud.
“The roundtable discussions provided a unique opportunity to get all of the players of the financial reporting chain together in one room. To have the best chance of reducing the occurrence of financial statement fraud, everyone must understand their respective roles,” said Richard Chambers, president and CEO of The Institute of Internal Auditors (IIA), one of four organizations comprising the Anti-Fraud Collaboration. “I think the big takeaway here is that communication is key.” The IIA led coordination of the project, the latest in a line of several resources developed by the collaboration since its formation in 2010.
Key findings from the survey include:
- A large majority of respondents (87 percent) believe that financial executives have primary responsibility for deterring financial reporting fraud.
- The group that owns primary responsibility for detecting financial reporting fraud is less clear. Although most (52 percent) designate financial executives, a sizeable minority (31 percent) place the onus on internal auditors.
- The vast majority of board members (96 percent) are confident that the other three groups are able to identify a potential material misstatement due to fraud. Most board members (75 percent) are also confident in their own ability to identify material misstatements, although that belief is shared significantly less so by the other groups. For example, only 36 percent of internal auditors are confident in the board’s ability.
- Although both external and internal auditors identify skepticism as key to performing their work, less than half of internal auditors (46 percent) say they strike the right balance between trust and skepticism. By contrast, the majority of external auditors (70 percent) say they strike an appropriate balance.
During roundtable discussions about the survey results, participants from all four groups did not attempt to define who should take primary responsibility for fraud deterrence and detection. Instead, they focused the conversation on a holistic approach, where each party works together to design, operate, and monitor controls that mitigate the risk of material misstatements related to financial reporting fraud.
Highlights from the roundtable discussion centered on each group’s role:
Financial Executives – Financial executives are responsible for designing processes and procedures and monitoring their effectiveness, participants agreed. Although financial executives are perceived as having the primary responsibility in deterring and detecting financial reporting fraud, concern was raised that when material fraud occurs, management is often involved. This concern highlights the need for an effective oversight function and active communications by which the audit committee (through internal audit) can be made aware of concerns around fraud and management’s potential involvement. “[Internal audit] can be the eyes and ears the audit committee needs,” said one participant.
Internal Auditors – The role of internal audit depends on how the organization utilizes it. The function can have a broad scope in an organization that extends beyond financial reporting controls. Participants emphasized the importance of objectivity for both internal and external audit to provide unbiased information to the audit committee, but some also acknowledged potential or perceived conflicts of interest in this area.
External Auditors – Expectations for external auditors vary widely. As in the case with internal audit, external audit’s approach may vary from one organization to the next, depending on the auditor’s assessment of the risk of fraud in the organization. Some participants believe external auditors are best equipped to identify material financial statement fraud because of their financial reporting audit procedures.
Board Members – When looking at how board/audit committee members affect the deterrence and detection of financial statement reporting fraud, there was a consensus that the governance role they play makes all groups aware of expectations and sets the “tone at the top.” The most frequently stated expectation for this role was that audit committee members should have knowledge of the industry, be financially literate, and ask challenging questions of management when reviewing financial statements. Some believe the audit committee should engage management several layers down to help determine whether internal auditors, external auditors, and the financial reporting team are qualified.
Thematic within all conversation was the need for effective communication among all parties to address expectation gaps across the financial reporting supply chain. Board members conveyed that an open and candid dialogue with external and internal auditors is essential to help them determine whether management is doing the right thing. Moreover, open communication among all parties enables them to perform their governance role with necessary transparency and realistic expectations that will help achieve effective risk management.
“Closing the Expectation Gap in Deterring and Detecting Financial Statement Fraud: A Roundtable Summary” was released today at the National Association of Corporate Directors’ (NACD’s) 2013 Board Leadership Conference in National Harbor, Md. For information about the NACD Board Leadership Conference, please visit www.NACDonline.org/Conference.
The report is available as a free download at www.antifraudcollaboration.org.
Sources representing The IIA, CAQ, FEI, and NACD are available for interviews. Please contact Scott McCallum.
*About The Anti-Fraud Collaboration
The Anti-Fraud Collaboration was formed in October 2010 by the Center for Audit Quality, Financial Executives International, the NACD, and The IIA. The four organizations represent members of the financial reporting supply chain. The goal of the Anti-Fraud Collaboration is to promote the deterrence and detection of financial reporting fraud through the development of thought leadership, awareness programs, educational opportunities, and other related resources specifically targeted to the unique roles and responsibilities of the participants in the financial reporting supply chain.