Fraud risk management guidance updated by COSO

By Ken Tysiac

Please note: This item is from our archives and was published in 2016. It is provided for historical reference. The content may be out of date and links may no longer function.

Managing the risk of fraud is a challenge for organisations of all sizes.

A typical organisation loses 5% of revenues in a given year as a result of fraud, according to the 2016 global fraud survey results contained in the Report to the Nations on Occupational Fraud and Abuse.

But governing boards, senior management, staff at all levels, and internal auditors can deter fraud in their organisations by following guidance contained in a newly updated Fraud Risk Management Guide published by the Committee of Sponsoring Organizations of the Treadway Commission (COSO), of which the American Institute of CPAs (AICPA) is a member. The Association of Certified Fraud Examiners (ACFE) is a co-sponsor of the report.

The guide builds upon Managing the Business Risk of Fraud: A Practical Guide, which was published in 2008 by the AICPA, the Institute of Internal Auditors, and the ACFE. The updates consider recent developments in risk management practices, including information related to technology and data analytics.

The guide’s executive summary, which is available at the COSO website, explains that fraud deterrence is achieved when an organisation implements a fraud risk management process that:

  • Establishes a visible and rigorous fraud governance process.
  • Creates a transparent and sound anti-fraud culture.
  • Includes a thorough fraud risk assessment periodically.
  • Designs, implements, and maintains preventive and detective fraud control processes and procedures.
  • Takes swift action in response to allegations of fraud, including actions against those involved in wrongdoing where appropriate.

“This research offers tremendous direction as it relates to reducing the extent of fraud in organisations of all sizes and across all industries,” COSO Chairman Robert Hirth said in a news release. “Although it is virtually impossible to eliminate fraud completely, implementation of the principles in this new guide will maximise the likelihood that fraud will be prevented or detected in a timely manner and will create a strong fraud deterrence effect.”

Ken Tysiac (ktysiac@aicpa.org) is a CGMA Magazine editorial director.

Up Next

Executive turnover slows, but AI strategy remains unclear

By Bryan Strickland
April 8, 2026
A global survey shows that executives aren’t changing jobs nearly as often as they did a year ago, but many are seeking better internal support for strategic objectives built around artificial intelligence.
Advertisement

Most Read

5 types of imposter syndrome and strategies to manage self-doubt
An introduction to Python in Excel: Part 1
An introduction to Python in Excel: Part 2
How companies can improve earnings-per-share disclosure - FM
Introduction to Python in Excel: Part 3

LATEST STORIES

Are you making the most of LinkedIn?

Executive turnover slows, but AI strategy remains unclear

Despite global job insecurity, some young workers are upbeat

April FM: Assessing your worth, board recruitment, and AI governance

CIMA roundup: Global talent development in focus

Advertisement
Read the latest FM digital edition, exclusively for CIMA members and AICPA members who hold the CGMA designation.
Advertisement

Related Articles

April FM: Assessing your worth, board recruitment, and AI governance

April 1, 2026 FM’s editor-in-chief details articles in the April digital edition, including one on advice for determining what you’re worth and another detailing steps organisations can take to establish an AI governance policy. Listen to the episode or read the Q&A.
The first IBM Quantum System Two in Europe, located at the IBM-Euskadi Quantum Computational Center in San Sebastián, Spain, was unveiled on 14 October 2025.

Quantum of risk

March 27, 2026 The quantum computing threat to data encryption methods means companies are developing “quantum-safe” strategies, but only 30% have taken a critical first step, a report found.