Whether you manage a for-profit or not-for-profit, publicly held or privately owned company, it is critical that a fraud risk assessment be performed to understand the company’s exposure and identify gaps in control coverage.
Our approach to assessing a fraud risk includes:
- Identifying relevant fraud risk factors
- Identifying potential fraud schemes and prioritizing them based on risk
- Mapping existing controls to related fraud schemes and identifying gaps;
- Testing operating effectiveness of fraud prevention and detection control activities
Based on our experience, there are many potential fraud risk areas that organization can encounter. Some of the most common are cash manipulation, revenue misstatement or income manipulation, understatement of payables, thefts of inventory or other fixed assets, and kickbacks or Foreign Corrupt Practices Act (FCPA) violations.
By conducting a fraud risk assessment, management can analyze each of its business processes and its corresponding activities to determine the associated risks. Internal controls can then be designed to mitigate the risk that management is unwilling to accept. Although controls can never guarantee with absolute certainty that fraud will not occur, properly designed internal controls that operate effectively can help mitigate the effects of fraud and demonstrate to regulators, shareholders, and stakeholders that management is taking the proactive steps necessary to manage risk in an ever more complex global economy.