Running head: UNIT 5 Fraud Risk assessment

Fraud Risk assessment Kaplan University

AC555 Fraud Examination February 27, 2012

Running head: UNIT 5 Fraud Risk assessment While most entity believe that they have design and implement a robust internal control and executives and employees act ethically in the best interest of the entity, it will be wrong to assume that fraud does not exist. The entity should expect fraud risk to occur internally or externally due to the risk factor as describe in the fraud triangle. These risk factors ate the nonshareable financial needs that place pressure on individuals to commit fraud, where the individual have such opportunity within their means to commit such fraudulent activity and have the ability to rationalize the fraudulent behavior. Global market economy has place pressure on almost every business entities to utilize the cheap online market place and opportunity of doing business globally, and expose such entities to higher fraud risk. These fraud risks may cost the organization billions of dollars, instigate litigation on those that operate the organization and would eventually damage the image of the organization. As a result management should consider the factors that influence fraud risk in their organization as this may lead to corruption, embezzlement and bribery. This research paper will review and discuss the importance of fraud risk assessment, developing and managing fraud risk assessment. Fraud risk assessment is a comprehensive review and analysis of a company to determine the potential risk area and provide corrective actions that is needed. The objective of undertaking a fraud risk assessment is to assist management to recognize the factors to lead to fraud in the organization. This process will also help external auditors, fraud examiners and internal auditors to focus on high risk fraud areas. As there are so many threats about fraudulent activities including, financial statement fraud, organization will be in a better position if they continuously conduct fraud assessments. A combination of ethical environment and good corporate governance will improve communication and the awareness about fraud risk.

Running head: UNIT 5 Fraud Risk assessment Organization should maintain frequent meeting, training to educate employees about the long-term effect of fraud in the organization. Enron and WorldCom for example fail to address the long-term effect about fraud risk ignoring the vulnerability of high risk area, thus focusing on the uncertainty of the market. In 2010 the SEC requires disclosure about the extent of the boards role in risk oversight. In addition to this rule, companies will no longer exclude their proxies shareholder proposals requesting for more information about risks that relate to major policy issues. "Boards should approach risk oversight systematically across divisions and functions and consider various business scenarios for unknown risks." (John Barry, Leader, Center for Board Governance). It is relevant for organization to conduct fraud risk assessment as it enable management to identify what activities are the most vulnerable to fraud or which division is at greater risk and be able to develop a plan to integrate fraud risk into its internal control framework. When developing fraud risk assessment for an organization the human element should be consider as people react to new changes and may resist the change if it is not properly communicated and encourage feedback on the fraud risk assessment. The fraud risk assessment should be design at the organization culture and avoid terminology or languages that people dont understand. For the fraud risk assessment to be effective the organization should embrace it at all level. This will enable management to monitor the system and compare the result to the element that creates the risk. To accomplish the fraud risk assessment task, the assessor should make it simple and focus on areas that likely to have fraud risk. The assessor should develop the fraud risk assessment within the organization framework and avoiding using external fraud risk assessment program.

Running head: UNIT 5 Fraud Risk assessment The organization should setup the right team that has the knowledge, skills and capable to conduct the fraud risk assessment. The assessment team should comprise of individuals with accounting, financial, risk management, legal background within the organization and possible consultant from outside sources. There are several techniques the team can use to achieve best results including, interview, focus group, surveys and anonymous feedback mechanisms. To proceed with the fraud risk assessment, the sponsor and the assessment team should discuss and agree on the nature of the work to be performed, the applicable method suitable for the task, those that will use the method, the format and the form of output of the results. One of the best ways to be successful in the assessment is to educate the employees and create an open communication at every level of the organization. After the team has develop the fraud risk assessment and able to identify the risk areas, management need to established an acceptable level of risk. This is crucial as all risk are important whether low or high, it all contribute to potential damage to the organization. However, an analysis of cost and benefit is relevant in deciding where to allocate resources for fraud prevention and detection. Management need to focus on the nature of the business and consider those risks that are tolerance of the organization. If management decides of those fraud risks that are outside the organization tolerance level, they can utilize one of the following methods to eliminate the residual fraud risk. Avoid the risk, transfer the risk, mitigate the risk, assume the risk or combine the risk. For example if management decide to avoid the risk, they should eliminate the asset or exit an activity that pose threat to the internal control from preventing fraud. Management may decide to remove a segment or division from another country if they think fit that doing business in such environment may involve corruption or bribery.

Running head: UNIT 5 Fraud Risk assessment Managing the fraud risk assessment successful depends on how the results are reported and the usefulness of such results to the organization. Communication is the central of successful implementation of the fraud risk assessment report. The sponsor and the assessment team should consider several points when developing the report. In order to be cost effective and the report be acceptable, the team should keep the report simple for everyone to understand. They should focus on relevant matters pertaining to organization and not to include unnecessary reports that complicate the entire process. During the development stage, the assessment team need to identify those actions that make sense and clearly measurable. The key element of the fraud risk assessment requires result that will decrease fraud and the report should include relevant recommendation that are clear and understood. To place the report in action management and those that are affected should agree and inspect the recommendations. Fraud risk assessment can be waste of time if management does not act on the reports accordingly. The recommended report should be use effectively throughout the organization and management should not see it as a onetime process. Such report can be tailor into the organization internal control policy and make it aware to every individual in the organization. Where applicable the fraud risk assessment should be incorporate with performance measures, rewarding individuals and departmental head for meeting the action plan. Reducing fraud in an organization is a motivating factor that increase employees performance and have a better workplace environment. The fraud risk assessment should be kept current at all time as organization can be expose to different fraud scheme at anytime, especially with the uncertainty of the economic crisis facing the global economy.

Running head: UNIT 5 Fraud Risk assessment The Security and Exchange Commission and other enforcement agency have pass regulations that are in force to combat fraud domestically and internationally. Stakeholders entrust their assets in the hands of management and management has the responsibility to protect such assets from fraudulent activities. To address fraud risk assessment, an effective communication is needed to educate individuals of the impact of fraud in the organization. The report of the fraud risk assessment can be integrated into one of the company control policy that applicable to every operation in the company. Managing fraud risk is dependent on management acceptability of the result and how successful they utilize the report. The success of the fraud risk assessment, rest on the effectiveness of management to use the result as an ongoing antifraud program. In addition management should utilize the result as an open communication policy, educating employees throughout the organization about fraud risk and reward those that promote the fraud risk assessment to prevent fraud.

Reference Wells T. J, Principles of Fraud Examination, (3rd Edition), John Wiley & Sons, Inc 6

Running head: UNIT 5 Fraud Risk assessment

Key issues: Risk management, retrieves from http://www.pwc.com/us/en/corporategovernance/risk-management.jhtml Crumbley. D. L, Heither L. E & Smith G Stevenson, Forensic and Investigative Accounting (3rd Edition), CCH 2007 Wells J.T & Gill J. D, Assessing Fraud Risk (2007), retrieved from the Journal Accountancy, http://www.journalofaccountancy.com/Issues/2007/Oct/AssessingFraudRisk.htm