According to a report from the Anti-Fraud Collaboration -- The Fraud-Resistant Organization: Tools, Traits, and Techniques to Deter and Detect Financial Reporting Fraud -- three central themes are critical to fraud deterrence and detection -- strong “tone at the top,” skepticism, and robust communications.
The report describes the responsibilities of various stakeholders along the financial reporting supply chain, including company management, the board of directors, the audit committee, and the organization's internal and external auditors.
Management, for instance, bears the primary responsibility for promoting an ethical culture that discourages financial reporting misconduct.
"A strong ethical culture hedges against all three sides of the fraud triangle—pressure, opportunity and rationalization," the report states.
"In an ethical culture, pressure to commit fraud is counteracted through sound risk management strategies and appropriate incentives. It will support well-designed controls that reduce opportunities for fraud and increase the likelihood of early detection."
The report also stresses the importance of skepticism to a strong ethical culture. Management should encourage employees to feel not only comfortable, but also obliged, to question and challenge the results for which they are responsible.
Directors and the Audit Committee
Although management plays a critical role in preventing material financial reporting fraud, a knowledgeable and engaged board of directors is important to help ensure management is behaving appropriately.
Directors must understand the company, including key drivers of revenue and profitability, and must be alert to signs of possible weaknesses in the company's culture or controls environment.
Internal and External Auditors
Other critical defenses against fraud include internal and external auditors, who play distinct roles in evaluating a company's risk management frameworks, internal controls, and other preventative measures.
Internal and external auditors are expected to provide objective viewpoints and to examine the company's financial data with an appropriate degree of professional skepticism.
"Skepticism must be employed in the examination of management’s fraud risk assessment, review of evidence supporting management’s assertions in the financial statements, and in the evaluation of controls intended to deter or detect fraud."
The Anti-Fraud Collaboration is an initiative whose members include the Center for Audit Quality (CAQ), Financial Executives International (FEI), The Institute of Internal Auditors (The IIA), and the National Association of Corporate Directors (NACD).