Magazine article Security Management
Tips for Tightening Fraud Controls: Leading-Edge Companies Are Expanding Their Codes of Conduct and Asking Audit Committees to Focus on Fraud
EVEN THE MOST stringent antifraud controls are ineffective when top management can override them. And between 60 to 80 percent of all controls are still manual, not automated, and thus more easily overridden, according to a recent KPMG survey.
Deference to management and reluctance (or inability) on the part of a board of directors or audit committee to look behind the override of internal controls have resulted in huge fraud losses.
Now some top corporations, particularly Fortune 10 companies, have begun to directly charge audit committees to look for and into any management overrides that might introduce false financial information into the corporate ledger, according to Timothy P. Hedley, a partner at KPMG Forensic. That's one of the antifraud trends noticed by Hedley and Lawrence S. Raff, partner in charge of KPMG's 404 Institute, who presented their findings in a recent Webinar.
For assistance in identifying such fraud, companies can turn to a recent paper published by the American Institute of Certified Public Accountants (AICPA). It recommends that internal audit committees brush up on their understanding of the company's business, maintain a constant skepticism, brainstorm to identify fraud risks, cultivate a "vigorous" whistleblower program, and adopt other measures.
To allow their audit committees to focus on fraud, some companies are now reassigning their duties to other committees, says Hedley. …