Cast a critical eye as a first step to fighting fraud

A healthy dose of professional scepticism is essential in fighting fraud, even if it goes against human nature to be sceptical of people we’ve come to trust.

A Crowe Horwath report outlines steps stakeholders can take to encourage such scepticism. It’s important because someone interested in committing fraud will prey on trust, said the report’s author, Crowe Horwath partner Jonathan Marks, CPA/CFF/CITP, CGMA.

“One of the key drivers is that we get comfortable with people,” Marks said. “We give people the benefit of the doubt instead of resetting that level of scepticism.”

Informed scepticism is important for a variety of stakeholders, not just auditors. If board members, finance executives, and others challenge their own assumptions, organisations will not only deter fraud but also make detection more likely, Marks said.

Recent research from EY details some of the obstacles that prevent organisations from effectively fighting fraud. Companies are aware of the potential of data analytics as an anti-fraud tool but have not taken full advantage yet. And, according to EY’s 13th Global Fraud Survey, companies are suffering from “compliance fatigue” as they attempt to alleviate fraud risk.

Here are Crowe Horwath’s five steps to fighting fraud with professional scepticism:

1. Play the role of the independent reviewer or inspector, particularly of your own assumptions. A professional sceptic continually challenges beliefs and belief-based risk assessments. Critical self-assessment is necessary to demonstrate to others why and how beliefs and assessments are justified.
2. Resist complacency. Question whether you are placing undue weight on previous risk assessments or discounting evidence inconsistent with your expectations.
3. Be alert to pressure. Pay particular attention to pressure to truncate risk-assessment procedures or make unwarranted assumptions for the sake of meeting a deadline.
4. Understand the sources of evidence. Identify and assess audit risks from multiple perspectives, using multiple sources of evidence.
5. Be aware of the relative reliability of evidence types. In general, documentation from internally generated documents – particularly those generated manually or not linked to other reporting systems – is less reliable as evidence than documents generated by external sources such as banks or suppliers.

Related CGMA Magazine content:

“Biennial Report Details Fraud’s Impact Worldwide”: Fraud continues to take huge bites from organisational coffers, but the implementation of anti-fraud controls can significantly reduce the damage done, a spring 2014 report shows.

“Organisations Take Preventive Steps, but Payments Fraud Still Persists”: Payments fraud is a global concern, but companies’ preventive measures have done little to stop attempted or actual fraud, according to an annual survey.

—Neil Amato (namato@aicpa.org) is a CGMA Magazine senior editor.