| Enhancing
Fraud Detection Through Education
By
Mary-Jo Kranacher and Lorraine Stern
Traditionally,
financial statement users have believed that independent
audits provide greater assurance than actually articulated
by standards. Since 1938, as a result of the McKesson Robbins
fraud, independent accountants believed that they could
not, and should not, be primarily concerned with the detection
of fraud. It was not until 1976 that Statement on Auditing
Standards (SAS) 16 acknowledged that an auditor had to plan
the audit to search for the occurrence of material irregularities
(fraud) that might affect the financial statements. The
assumption that the auditor was policing public companies
came completely undone with the recent highly publicized
corporate failures, such as Enron. Auditor responsibility
is clearly delineated in a standard engagement letter, which
states that the audit “cannot be relied upon to disclose
errors, irregularities or illegal acts, including fraud
or defalcations, that may exist.” Recent events have
expanded the scope of the auditor’s job to meet the
public’s needs and expectations with regard to searching
for fraud.
SAS
99
Although
the responsibility for preventing fraud ultimately lies
with directors and officers, it is becoming clearer that
auditors must be prepared to detect fraud. Shortly after
Congress passed the Sarbanes-Oxley Act in July 2002, the
Auditing Standards Board (ASB) issued SAS 99, Consideration
of Fraud in Financial Statements, which set a new fraud
standard for auditors. It requires that auditors assess
the risk that fraud may have occurred and materially affected
the financial statements. This standard has redefined the
audit function, which will continue to evolve as the Public
Company Accounting Oversight Board (PCAOB) considers additional
changes.
SAS
99 requires that auditors discuss with management, and others,
whether they are aware of any fraud. According to a 1999
Committee of Sponsoring Organizations of the Treadway Commission
(COSO) study, CEOs, usually aided by their CFOs, perpetrate
75% of all frauds. Auditors have traditionally been hesitant
to ask probing questions of management for fear that doing
so might offend the very people who had engaged them. This
conflict of interest has led to a crisis of confidence in
our financial reporting system.
Critics
of SAS 99 point to its heavy reliance on the “red
flag” approach, which has not been proven to be effective
in identifying fraud. The “Examples of Fraud Risk
Factors” listed in the Appendix of SAS 99 seem all-encompassing,
yet there is a lack of empirical evidence to confirm that
these factors are correlated with the detection of fraudulent
activity. Auditors should learn about the various types
of fraud that may occur, and be able to develop a reasoning
process to detect them. This new standard is a positive
step toward reducing fraud, if only because the perceived
increase in the likelihood of detection serves as a deterrent.
It puts the accounting profession and others on notice that
auditors will actively search for fraud while conducting
an audit.
According
to the Report to the Nation on Occupational Fraud and
Abuse (2004), occupational fraud and abuse occurs “when
an individual uses their occupation for personal enrichment
through the deliberate misuse or misapplication of their
employer’s economic resources.” This study,
published by the Association of Certified Fraud Examiners,
estimated the total cost of occupational fraud to organizations
at approximately $600 billion annually. Recent corporate
scandals have placed a higher degree of visibility and liability
on the independent audit function. To enhance the fraud
detection abilities of auditors and begin to rebuild public
confidence in them, accounting education must be expanded.
The
150-hour requirement provides new opportunities to address
the additional responsibilities imposed by SAS 99. As of
February 1, 2003, 41 of the 54 U.S. licensing jurisdictions
have implemented a requirement of 150 semester-hours of
education for eligibility to take the Uniform CPA Examination.
New York, which is one of seven other states that have adopted
the requirement but not yet put it into effect, will implement
the new requirement as of August 1, 2009. The AICPA and
the National Association of State Boards of Accountancy
(NASBA) have endorsed general guidelines that allow flexibility
in the content covered in the extra 30 hours of educational
programs. Although most accounting programs include courses
covering financial accounting, auditing, taxation, and management
accounting, occupational fraud remains a relatively underaddressed
subject in academe.
Education
That Builds Investigative Skills
To
control fraud, an auditor needs to understand the psychology
of individuals’ behavior as well as the environment
in which they operate. The current environment requires
new CPAs, as well as seasoned professionals, to acquire
supplementary investigative and analytical skills. Because
the majority of frauds are uncovered as a result of tips
from employees and others, Sarbanes-Oxley has required public
companies to establish anonymous hotlines for employees
and others to report any questionable procedures without
fear of retaliation. The best clues come directly from people;
therefore, effective interviewing skills are essential for
an auditor to uncover fraud. Partnering with faculty in
various disciplines to develop courses in criminology, psychology,
business writing, critical thinking, and ethics could qualitatively
improve the education and ability of accounting students.
Historically,
the typical undergraduate auditing class has focused on
how to identify errors and omissions that might materially
affect the financial statements, with only a cursory coverage
of fraud. Because fraud usually entails concealment, a different
set of skills is needed to detect this crime. Much can be
learned from fraud examination and forensic accounting.
In discussions involving the risk factors for fraud, three
conditions are routinely cited: incentives/pressures, perceived
opportunities, and attitudes/rationalizations. These elements
were first identified by Donald R. Cressey, a preeminent
sociologist and criminologist. His hypothesis of the “fraud
triangle” remains one of the benchmark theories in
fraud criminology. Pressure, such as financial or economic
need, provides the motivation for the act. Perceived opportunity
may be the result of poor or nonexistent internal controls,
which give access to the perpetrator. Rationalization allows
an individual to adjust the perception of what she is doing.
For example, fraudsters might reason that they are only
borrowing money they plan to pay back. Auditors should be
trained to recognize and detect these elements and to understand
the psychology of motivation and rationalization, as well
as detect weaknesses in the internal controls of an organization.
Current
auditors have a wealth of possibilities available to learn
about fraud detection and deterrence, in the form of continuing
professional education courses (CPE). Improving the auditor’s
ability to detect fraud will lend technical competence and
credibility to the financial reporting process.
Rather
than narrowing the focus toward specialization, SAS 99 calls
for expanding the educational background of auditors. Greater
educational background will help auditors recognize and
assess the pressures that can lead to fraud, obtain the
necessary information, organize and evaluate the data, and
report conclusions of fraud investigations.
Mary-Jo
Kranacher, CFE, CPA, is an assistant professor in
the department of accounting and business at York College,
CUNY, in New York City.
Lorraine Stern, CPA, MS, is an assistant professor
at York College, CUNY. |