But let's keep that between us, shall we?
If you rely on audits to protect your organization from fraud, you may be in dangerous territory. Internal fraud is detected very rarely by external auditors.
There is a common misperception about the role, function, and effectiveness of financial statement audits as a tool to uncover fraud. The accounting profession is as responsible for this misperception as anyone, due to their marketing of the service and justification for their fees. Nevertheless, the perception that financial statement audits are designed to find fraud and that they are effective in that pursuit is pervasive. The fact is that neither is true.
Purpose of an Audit
Financial statement audits are a process where an outside independent accounting firm expresses an opinion on whether the financial statements present fairly the financial position and operating results in accordance with some identified basis of accounting and whether that accounting has been done consistently. While the audit opinion letter does reference work done to determine whether there is "material" misstatement in the financial statements, this is just one type of fraud.
The audit function does not purport to address non-material financial statement fraud or any other of the several types of fraud. This is not to criticize the audit function - but only to highlight that it is not the end-all in fraud detection.
Audits tend to be predictable (once-a-year), planned, and can be easily manipulated by key employees. History is littered with stories of flagrant crimes committed around, and in spite of, auditors.
Wrong Tool
If audits are not designed to detect most types of fraud is it somehow effective anyway? Fraud is far more likely to be detected by "tips" than by any other method, and it is typically detected by external auditors a very low percentage of the time.
This is not really a failure of the audit function. As described above, the audit is not designed to do any better than it does in fraud detection. This is hard to keep in mind in the face of popular media attention after a high-profile white-collar crime is exposed.
Prevention
Most, if not all, of the fraud-related benefit of a financial statement audit may be prevention. Prevention is nearly impossible to measure since, by definition, you are trying to quantify events that did not happen. A common prevention strategy used by business is the external audit. The expectation of employees that an outside auditor will be looking over their shoulder may cause a tempted employee to think twice. Hopefully those tempted employees will never figure out how ineffective the audit actually is in discovering and exposing fraud.
* Author: Chris Hamilton, CPA, CFE, CVA. Originally published at www.i-sight.com.
|