|
|
|
Features
< Back
Sarbanes Oxley : Auditing : Fraud
Fraud: Risk and Reward
Reduce Fraud, Strengthen Internal Controls, and Achieve a Great ROI
By
Rakesh Shukla
|
|
Rakesh Shukla
170 Systems
|
Beware. Any organization that relies upon paper-based core financial processes is at risk. Paper-based manual processes in procurement, accounts payable and accounts receivable significantly increase the risk of fraud. Fraud is of serious concern because it is so difficult to detect, losses are the hardest to recover and the consequences for companies can be severe. Now is the time for companies to leverage business process automation and imaging technology to help prevent fraud, achieve compliance and run a more cost-effective organization.
The Negative Impact of Fraud:
With Sarbanes-Oxley 404 attestations underway, auditors are closely scrutinizing core financial controls for fraud risks. According to a recent Compliance Week Newsletter,1 last year alone, nearly 600 companies disclosed material weaknesses or significant deficiencies in internal controls. In addition, more than half of the control weaknesses discovered by companies last year were fraud related resulting in losses of over $660 billion.2
If a SOX 404 material weakness is indeed found, companies can experience many serious negative ramifications, including:
- Drop in Share Prices -A Stanford Law School and Cornerstone Research survey3 shows that share prices fall as high as 3% with more than 65% of those companies that disclosed weaknesses subsequently restating earnings.
- Costly Audit Fees - Auditor fees grow by 150% when a material weakness is uncovered, compared with 30 to 50% for companies without a material weakness.4
- Poor Credit Ratings - Research has shown that disclosures related to poor controls lead to credit-rating reviews, perhaps even downgrades, which raise the cost of capital.
- Lawsuits and Higher Insurance Premiums - Control weaknesses expose a company to shareholder lawsuits and negatively affect D&O insurance premiums.
- CFO Displacement - According to research firm A.R.C. Morgan,5 at companies that disclose a material weakness, nearly 62 percent of CFOs are fired or resign.
With fraud, companies should take preventative measures instead of relying on detection. Typical manual, paper-based processes such as accounts payable (AP) are particularly susceptible to fraud with almost two-thirds of all fraud cases being AP related.6 By leveraging technology such as business process automation and document imaging, tightly integrated with the ERP payables application, companies can address the three key fraud risks below to reduce their vulnerability.
Fraud Risk #1: Lack of Visibility
When a company lacks visibility on the front-end of the AP process it can make a company more susceptible to fraud. An invoice sent to the field office, instead of a central AP location may sit on a manager?s desk for days or weeks, which is unacceptable for liability accrual recognition. In AP departments that are chronically backed up at the end of accounting periods, the company runs the risk of not recognizing a material amount of its liabilities. Incomplete accruals not only understate expenses and overstate income but also increase the likelihood of undetected fraud. Long cycle times can also lead to unnecessary rush invoices where a manager bypasses internal controls to make sure a given invoice is paid quickly to keep a supplier happy.
Reward: Transparent End-to-end Visibility
Companies should have transparent end-to-end visibility into their AP process regardless of whether invoices entered the company via paper, fax, EDI or XML. By leveraging a document imaging system that is tightly integrated with a company?s ERP financial system, invoices can be sent directly to the AP department instead of the field. All paper invoice documentation can be scanned and then indexed into the ERP system using the image instead of the actual paper document.
Central receipt of all invoices coupled with immediate front-end imaging enables the earliest possible recording of liabilities and gives CFOs the highest, accurate visibility into AP accruals. When the invoice record is saved, it is automatically attached to the invoice document. This permanent association of transaction-level backup to the ERP record has a dramatic impact on preventing and detecting fraud. In addition, costs are reduced because it enables companies to decrease cycle times and eliminate rush invoices, which allows them to take early payment discounts and avoid late payment penalties.
Fraud Risk # 2: Lax Segregation of Duties
While the concept is simple, systematic implementation and enforcement of segregated duties is difficult and rarely achieved. The logical place to start is with the ERP system. Most systems have tried to address segregated duties through a security framework, which governs the functionality accorded to each authorized user. For example, an entry-level accounts payable clerk can access modules only related to her specific job function while the CFO can access any module in the system. However, this classification approach is expensive to design, deploy, support, and maintain. As employees are promoted, reassigned or terminated, organizations must continually update their ERP systems with everyone?s correct authorization level; which rarely occurs in practice.
It takes a lot of resources, effort and discipline to enforce consistent segregated duties in one department let alone multiple departments. In a decentralized environment, it is very difficult to maintain and enforce consistent processes. In addition, most organizations struggle with costly and lengthy initial ERP setup so segregated classifications is often the last phase of the project.
Reward: Segregation Easily Maintained and Enforced
With business process automation and document imaging technology, companies can monitor the invoice as it transitions from one step to the next. The system tracks all of the changes and maintains a comprehensive audit trail. In this way, at each point of the process, companies have a record of what was performed and by whom for all prior steps enabling them to automatically catch potential conflicts at the transaction level.
Since segregation can be enforced at the transaction level instead of the job role level, employees can still be allowed to perform multiple functions as long as they don?t perform conflicting duties on the same transaction. Through the use of real-time monitoring of business transactions that identify potential policy violations, payment errors, system misuse and fraud, routing them for executive review and disposition, companies can minimize risk while boosting productivity.
Fraud Risk #3: Poorly Maintained Transaction Back-up Documentation
A huge fraud risk within most organization is the storage and maintenance of transaction backup, which is critical to preventing and detecting fraud. Unfortunately, most transaction backup is still paper-based which increases processing time as well as the chances for information to become misfiled or lost. If the financial system or an auditor flags a questionable transaction, it may take much longer than necessary to resolve if backup documentation cannot be found in a timely fashion.
Reward: Complete Audit Trail
By associating transaction-level backup online with their ERP financial system record, companies can significantly reduce fraud. Business Process Automation and Imaging systems tightly integrated with ERP financial systems can provide complete transaction-level backup that provides unparalleled transparent visibility to financial data. These audit trails contain the complete history of a transaction including all approvals and authorizations that have been automatically enforced by the business process automation software. In a self-service manner, internal and external auditors can quickly access and verify all audit trails and backup documentation for a given financial transaction or general ledger entry including ?out-of-tolerance? credits and debits that may be red flags indicating improper accounting.
Don?t Fear Fraud, Face it
The current surge of companies disclosing internal control weakness will likely increase as SOX 404 attestations continue. Enabling technology such as business process automation and imaging that are integrated tightly with existing ERP financial systems can dramatically reduce fraud and the cost of SOX compliance. Most importantly, they standardize best practice processes across an entire organization driving better overall business performance, ROI and sustainable competitive advantage. Why wait?
1 Compliance Week Newsletter, January 11, 2005
2 Association of Certified Fraud Examiners (ACFE) 2004 Report to the Nation
3 Stanford Law School and Cornerstone Research, January 2005
4 A.R.C. Mogran, ?Using Reported Weakness Disclosures to Benchmark Internal Controls,? January 7, 2005
5 A.R.C. Mogran, ?Using Reported Weakness Disclosures to Benchmark Internal Controls,? January 7, 2005
6 Association of Certified Fraud Examiners (ACFE) 2004 Report to the Nation
Rakesh Shukla
170 Systems
Rakesh Shukla is co-founder of 170 Systems, Inc., a leading global provider of software products and services that capture and manage all of the information associated with core financial functions, transforming them into consistent, automated, "best practices" business processes that ensure continuous compliance.
|
|
|
|
|
