What factors should be assessed to understand the risk of fraud?
When assessing the existence of fraud, try to think like a fraudster! Try to understand where the opportunity to commit fraud is, where there are any pressures or incentives, and how an employee might rationalize fraud. The three key factors of fraud to assess include opportunities, pressure & incentives, and rationalization & attitude.
1) Opportunities: Opportunity reflects the risk that members of company management will have the opportunity to take advantage of ineffective internal control procedures or override those controls in order to take advantage for their own self-interest. Management opportunities can appear in various different forms, but typically they will appear when management believes there are weaknesses within the company believes that nobody will notice if assets are taken from the company.
2) Pressure & incentives: Incentives and pressure are common reasons for management to become tempted to commit fraud. Pressures can be due to financial needs and will be used to motivate company personnel for committing fraud. Incentives are reasons for management to feel motivated to commit fraud (e.g. monetary gain).
3) Rationalization & attitude: Managements rationalization and overall attitude can become fraud risk factors when assessing a company’s internal controls. Rationalization can relate to a person frequently justifying reasons for committing fraud (e.g. “I will pay the company back when I receive my next bonus”)!
You might also be interested in...
How can variable sampling risk impact the efficiency or effectiveness of an audit?
Audit risk is comprised of inherent risk, control risk, and detection risk. The level of substantive testing that the audit performs is based on detection risk, which is set after the audit team assesses inherent risk and control risk. Variable Sampling – Substantive Testing When the audit team is performing substantive testing, they will use […]
What happens if control risk is set too high or too low?
Audit risk is comprised of inherent risk, control risk, and detection risk. Depending on how the audit team assesses control risk, they would set detection risk, which determines the level of substantive testing that should be performed. To assess control risk, the audit team would use attribute sampling to determine if the controls were operating […]
What is business intelligence?
In general, business intelligence is the strategy and technology used by a company to analyze their data. There are a number of difference functions that fall under the business intelligence umbrella. These include analytics, data mining, processing mining, use of dashboards, etc. The biggest problem most companies face is that they have a ton, and […]