Meet Rubino & Company

Chris Mannina I work with clients to identify and address strategic, operational, reporting, and compliance objectives. This includes assessing and responding to risks through implementation of control activities, enhancing information and communication, as well as monitoring activities.

Recent Twitter Updates

Business ID Theft: Is Your Data at Risk?
1 week ago Follow Us


What to Consider When Working to Prevent and Deter Fraud from Occurring in Your Organization

Category: Articles

By Dawit Negari, CPA, CFE

According to Guidance to Help Prevent and Detect Fraud, a document commissioned by the Fraud Task Force of the American Institute of Certified Public Accountants (AICPA), organizations must take three fundamental actions to mitigate fraud.

Those three actions are creating a culture of honesty and high ethics, evaluating antifraud processes and controls, and developing an appropriate oversight process.  The following are some of the highlights from the document.   

Creating a Culture of Honesty and High Ethics 

It is the organization’s responsibility to create a culture of honesty and highly ethical behavior, and communicate acceptable behavior and expectations for each employee.  Creating a culture of honesty and high ethics should include the following:

  • Setting the Tone at the Top – Honesty can best be reinforced when a proper example is set. Management of an organization cannot act one way and expect others to behave differently. 
  • Creating a Positive Workforce Environment – Less wrongdoing occurs when employees have positive feeling about their work. A positive working environment can be enhanced by rewarding positive behavior, providing positive feedback and recognition for job performance, realistic budget expectation and other financial targets, competitive compensation, adequate training, clear organizational responsibilities, and clear communication practices. 
  • Hiring and Promoting Appropriate Employees – Organizations should have effective policies to minimize the chance of hiring or promoting employees with low levels of honesty, especially for positions of trust.  The hiring and promotion procedures may include conducting background investigations on individuals considered for a position of trust;  checking a candidate’s education, employment history, and personal references; and periodic training about the organization’s values and code of conduct. 
  • Training – New employees should be given training at the time of hiring covering the organization’s value and its code of conduct. The training should cover expectations of all employees regarding their duties to communicate certain matters; a list of the types of matters, including actual and suspected fraud; and information on how to communicate those matters. 
  • Confirmation – Management needs to articulate clearly that all employees will be held accountable to act within the organization’s code of conduct. 
  • Discipline – The way an organization reacts to incidents of alleged or suspected fraud sends a strong deterrent message throughout the organization, helping to reduce the number of future occurrences. Actions that should be taken in response to an alleged fraud include conducting investigation of the incident; taking appropriate and consistent actions against the violators; assessing and improving relevant controls; and reinforcing the organization’s values, code of conduct, and expectations through communication and training. 

Evaluating Antifraud Processes and Controls            

Neither fraudulent financial reporting nor misappropriation of assets can occur without a perceived opportunity to commit and conceal the act. Organizations should be proactive in reducing fraud opportunities by identifying and measuring fraud risks, taking steps to mitigate identified risks, and implementing and monitoring appropriate preventive and detective internal controls and other deterrent measures. 

  • Identifying and Measuring Fraud Risks – Management has primary responsibility for establishing and monitoring all aspects of the organization’s fraud risk-assessment and prevention activities. 
  • Mitigating Fraud Risks - It may be possible to reduce or eliminate certain fraud risks by making changes to the organization’s activities and processes. For example, closely monitoring the entity’s procurement process.   
  • Implementing and Monitoring Appropriate Internal Controls - Once fraud risk assessment has taken place, the organization can identify the processes, controls, and other procedures that are needed to mitigate the identified risks. In particular, management should evaluate whether appropriate internal controls have been implemented in any areas management has identified as posing a higher risk of fraudulent activity, as well as controls over the organization’s financial reporting process. 

Developing an Appropriate Oversight Process 

To effectively prevent or deter fraud, an organization should have an appropriate oversight function in place. Oversight can take many forms and can be performed by individuals within and outside the entity, under the overall oversight of the audit committee (or board of directors where no audit committee exists). 

  • Audit Committee or Board of Directors - The audit committee (or the board of directors where no audit committee exists) should evaluate management’s identification of fraud risks, implementation of antifraud measures, and creation of the appropriate “tone at the top.”  This helps to make sure that senior management fulfills its responsibility, and serve as a deterrent to senior management engaging in fraudulent activity. 
  • Management –   Management is responsible for overseeing the activities carried out by employees, and typically does so by implementing and monitoring processes and controls such as those discussed previously. 
  • Internal Auditors - Internal auditors can assist in the deterrence of fraud by examining and evaluating the adequacy and the effectiveness of the system of internal control, commensurate with the extent of the potential exposure or risk in the various segments of the organization's operations. 
  • Independent Auditors – Independent auditors can assist management and the board of directors (or audit committee) by providing an assessment of the organization’s process for identifying, assessing, and responding to the risks of fraud. 
  • Certified Fraud Examiners –Certified Fraud Examiners can provide more objective input into management’s evaluation of the risk of fraud and the development of appropriate antifraud controls. They can assist the audit committee and board of directors in evaluating the fraud risk assessment and fraud prevention measures implemented by management. They can also conduct examinations to resolve allegations or suspicions of fraud, reporting either to an appropriate level of management or to the audit committee or board of directors, depending upon the nature of the issue and the level of personnel involved. 

Please feel free to contact us with any questions or your need for assistance with implementation of fraud risks prevention and deterrence process.   

Dawit Negari, CPA, CFE is a senior manager at Rubino & Company.  In addition to his responsibility for developing audit plans and training of staff, he assists clients with internal controls, suggesting cost-beneficial solutions to their needs in order to  enhance compliance with grant and regulatory compliance requirements and improve overall financial reporting capabilities. He is a Certified Public Accountant and Certified Fraud Examiner. 

View more resources