Building a Fraud Resistant Organization
Certain conditions can make an organization susceptible to fraud; other conditions can help to create and sustain a fraud-resistant organization. The Anti-Fraud Collaboration, a joint effort of The Center for Audit Quality, Financial Executives International, and The Institute of Internal Auditors, examined those conditions in a report published last November. The report focused on the topic of financial reporting fraud,but many of its conclusions are relevant for all types of fraud. Here is a summary of those conclusions.
A fraud-susceptible organization often exhibits one or more of the following conditions*:
- Lack of a strong “tone at the top” / lack of an ethical culture;
- Insufficient professional skepticism on the part of all persons up and down the organizational supply chain; and
- Insufficient communication among all persons in the organizational supply chain
These conditions can make it easier for elements of the “fraud diamond” (motivation, opportunity, rationalization, and capability) to be present and easier for individuals to commit fraud.
A fraud-resistant organization, by contrast, exhibits the following conditions*:
- A tone at the top that encourages an ethical culture;
- The presence of balanced, professional skepticism;
- The engagement of all persons in the supply chain, “with all relevant parties understanding and effectively performing their roles with respect to the company’s … reporting.”
As explained in detail in the Anti-Fraud Collaboration report, a strong ethical culture creates an expectation (and motivation) to do the right thing. It supports well-designed, effective controls that diminish opportunities for fraud and increase opportunities for detection. An ethical culture also limits an individual’s ability to rationalize fraudulent behavior. Such a culture begins with the tone at the top and then flows throughout the organization.
Individuals exhibit balanced, professional skepticism via the following characteristics; a questioning mind; the ability and willingness to suspend judgement until appropriate evidence is obtained; a desire to corroborate evidence; interpersonal understanding; the moral independence to decide for oneself, rather than accepting the claims of others; and the self-confidence to challenge assumptions or conclusions. Some of these characteristics are personality traits, but all can be learned behaviors as well. A fraud-resistant organization will train and encourage its employees to use professional skepticism.
Members of an engaged supply chain must participate in regular, open, and robust communications and collaboration with all others; their joint success in deterring and detecting fraud requires “sharing information and concerns and identifying gaps in the collective efforts to mitigate the risk of financial reporting fraud.”
The report contains a great deal more useful information, to include summaries of the elements of a fraud risk-management program, principles for effective board oversight, and features of a well-designed whistleblower hotline. It also provides an excellent bibliography of related publications. You may want to keep this report readily to hand.
*Adapted from the Anti-Fraud Collaboration report referenced below.
Ethical Advocate provides comprehensive ethics and compliance solutions, including confidential and anonymous hotlines and training on fraud awareness, business ethics, harassment and discrimination, the Foreign Corrupt Practices Act, and more.
Anti-Fraud Collaboration. The Fraud-Resistant Organization: Tools,Traits, and Techniques to Deter and Detect Financial Reporting Fraud, November 2014