Sarbanes-Oxley has done little to curb corporate malfeasance. Therefore, CFOs should implement a range of fraud-prevention measures.
CFO MagazineLaton McCartney - CFO Magazine
March 1, 2011
Image via WikipediaAs a convicted felon, Sam E. Antar, the former CFO for the now-defunct consumer-electronics chain Crazy Eddie,says that despite the antifraud provisions of the Sarbanes-Oxley Act of 2002 and the recently enacted Dodd-Frank Wall Street Reform and Consumer Protection Act, it remains as easy today for bad guys, both internal and external, to loot corporate coffers as it was during the Enron and WorldCom days. "Nothing's changed," he says. "Wall Street analysts are just as gullible, internal controls remain weak, and the SEC is underfunded and, at best, ineffective. Madoff only got caught because the economy tanked."
… "There's a lot more employee fraud and embezzlement today then there was 10 years ago, and this past year there was much more than a year ago," says Steve Pedneault of Forensic Accounting Services. "People blame the economy, but much of the fraud and embezzlement that's coming to the surface now was in the works for 4 or 5 years before the recession hit."…
The most likely targets by industry are financial services, media, technology, manufacturing, and health care. Small and midsize companies are also more vulnerable. "Many of these organizations typically rely on a small accounting department, especially in today's economy," says Pedneault. They simply don't have the resources to catch fraudsters.That challenge becomes all the more daunting when one considers the many varieties of fraud that exist. Aside from various forms of embezzlement and outright theft, and the growing risk of information theft (think hackers), two other kinds of corporate malfeasance have come to the fore in recent years: fraud in the business model and fraud in the business process.
The former is defined by a company selling illegal or worthless wares. "If the pharmaceutical industry sells alleged off-label drugs that have not been approved by the FDA, or the financial-services industry is offering worthless subprime mortgages, that can constitute business-model fraud," says Toby J. F. Bishop, director of the Deloitte Forensic Center for Deloitte Financial Advisory Services.
Fraud of the business-practice variety, Bishop explains, can range from corporations ignoring or turning a blind eye to environmental or safety laws to the ever-popular practice of engaging in "window dressing" at the end of the quarter.
An Action Plan
… "Most fraud today is uncovered by whistle-blowers, or by accident — a tip, a rogue piece of mail, or by happenstance," says Tracy L. Coenen, a forensic accountant and fraud investigator who heads up Sequence, a forensic accounting firm. …
As for what to do, while no one has yet come up with a silver bullet, experts point to seven useful steps that all companies can take:
1. Start at the top. "It's critical for both the board of directors and executive management to set the tone for the corporation and its operating units," says James Davidson, managing director at Avant Advisory Group and a certified fraud examiner. …[When] it comes to curtailing fraud, it really does matter, because without it, an "entire culture of workplace fraud" can take root, according to the Association of Certified Fraud Examiners (ACFE).
2. Educate employees. The ACFE also maintains that employee education is the foundation for preventing and detecting occupational fraud (defined as "the use of one's occupation for personal enrichment through the deliberate misuse or application of the employing organization's resources or assets"), because employees are a company's top fraud-detection resource. …
Image via CrunchBase3. Change the culture ASAP. After it was hit by a $550 million fine by the Securities and Exchange Commission last July for its role in the collateralized-debt-obligation debacle, Goldman Sachs, which has a reputation of functioning as a "black-box" organization, recently announced plans to change its culture. The investment-banking firm claims it will become more transparent and ensure its business processes put customer interests first. That's easier said than done, however. "It's difficult to bring about a far-reaching cultural change in well-established companies," says Quilty of BD Consulting and Investigations. "That's not true, however, for first-generation or even second-generation companies, where the employees have a stake in the company and are more motivated to protect it from fraud." …5. Check (and double-check) employee backgrounds. Due diligence is essential in evaluating the credentials and competence of new hires and becoming aware of any issues regarding personal integrity. … The same scrutiny should be applied to new and existing suppliers, customers, and business partners, Deloitte's Bishop says. … Finally, the ACFE recommends that after someone joins your staff, an evaluation of the new employee's compliance with company ethics and antifraud programs should be incorporated into his or her regular performance reviews.
6. Prepare a data-breach response plan. With information loss and data breaches now the most common form of fraud, according to Kroll, it's essential to establish a comprehensive response plan that will enable decisive action and prevent operational paralysis when a data breach occurs. …
7. Make sure the board of directors plays its role. "Corporate governance is the joint responsibility of both the board of directors and management," says Davidson of Avant Advisory Group. …
What Doesn't Work
...The ACFE maintains that audits are ineffective. … But the group did acknowledge that audits can be of value when they are combined with management reviews, job rotation, the creation of a code of conduct, surprise audits, and hotlines. …
Laton McCartney is a freelance writer based in New York.
Just Whistle?
Image via WikipediaThere is one potential bright spot within the Dodd-Frank Wall Street Reform and Consumer Protection Act regarding fraud prevention: the law contains provisions that generously reward whistle-blowers. According to Toby J. F. Bishop, director of the Deloitte Forensic Center for Deloitte Financial Advisory Services, the Securities and Exchange Commission has already set aside more than $400 million for that purpose. The act also provides strong protective measures, expressly prohibiting employers from retaliating against employee tipsters. …
Posts
No comments:
Post a Comment