Show Para
Passage 5
Despite the best efforts of those responsible for preventing fraud, one inevitable reality remains: “fraud happens.’ Because fraud and misconduct can occur at various levels in any organization, it is essential that appropriate preventive and detective techniques are in place. Although fraud prevention and detection are related concepts, they are not the same. While prevention encompasses policies, procedures, training, and communication , detection involves activities and programs designed to identify fraud or misconduct that is occurring or has occurred. Although preventive measures cannot ensure that fraud will not be committed, they are the First line of defense in minimizing fraud risk.
One key to prevention is making personnel throughout the organization aware of the fraud risk management program , including the types o f fraud and misconduct that may occur. This awareness should enforce the notion that all of the techniques established in the program are real and will be enforced. The ongoing communication efforts could provide information on the potential disciplinary, criminal and civil actions that the organization could take against the individual. With this in mind, prevention and deterrence are interrelated concepts. If effective preventive controls are in place, working and well-known to potential fraud perpetrators, they serve as strong deterrents to those who might otherwise be tempted to commit fraud. Fear of getting caught is always a strong deterrent. Effective preventive controls are, therefore, strong deterrence controls.
The system of internal controls in an organization is designed to address inherent business risks. The business risks are identified in the enterprise risk assessment protocol and the controls associated with each risk are noted. COSO’s Enterprise Risk Management Integrated Framework describes the essential ERM components, principles and concepts for all organizations regardless of size.
Establishing internal controls may not address all of an organization’s fraud risks. Fraud risks, although a form of business risk, necessitate specific controls to mitigate them, which makes an organization’s fraud risk assessment process essential to fraud prevention. In addition to implementing fraud preventive controls, it is important that the organization assess and continuously monitor their operational effectiveness to help prevent fraud from occurring.
Prevention is the most proactive fraud-fighting measure. The design and implementation of control activities should be a coordinated effort spearheaded by management with an assembled cast of employees. Collectively, this cross section of the organization should be able to address all of the identified risks, design and implement the control activities and ensure that the techniques used are adequate to prevent fraud from occurring in accordance with the organization’s risk tolerance. The ongoing success of any fraud prevention program depends on its continuous communication and reinforcement. Stressing the existence of a fraud prevention program through a wide variety of media posters on bulletin boards, flyers included with invoices and vendor payments and articles in internal and external communications get the message out to both internal and external communities that the organization is committed to preventing and deterring fraud.
Among the many elements in fraud prevention are HR procedures, authority limits and transaction level procedures. An organization’s HR function can play an important role in fraud prevention by implementing the following procedures. A key business and fraud risk in any organization lies in the people hired to operate the business and promoted into positions of trust and authority. For that reason, it is important to know employees in order to evaluate their credentials and competence, match skills to the job requirements and be aware o f any issues of personal integrity that may impact their suitability for the position. Much can be learned about an individual through confirmation of work history and education presented on a job application or resume or in follow-up with references provided. It is possible to find false or embellished information or undisclosed history and reputation that may represent increased and possibly unacceptable risk.
Despite the best efforts of those responsible for preventing fraud, one inevitable reality remains: “fraud happens.’ Because fraud and misconduct can occur at various levels in any organization, it is essential that appropriate preventive and detective techniques are in place. Although fraud prevention and detection are related concepts, they are not the same. While prevention encompasses policies, procedures, training, and communication , detection involves activities and programs designed to identify fraud or misconduct that is occurring or has occurred. Although preventive measures cannot ensure that fraud will not be committed, they are the First line of defense in minimizing fraud risk.
One key to prevention is making personnel throughout the organization aware of the fraud risk management program , including the types o f fraud and misconduct that may occur. This awareness should enforce the notion that all of the techniques established in the program are real and will be enforced. The ongoing communication efforts could provide information on the potential disciplinary, criminal and civil actions that the organization could take against the individual. With this in mind, prevention and deterrence are interrelated concepts. If effective preventive controls are in place, working and well-known to potential fraud perpetrators, they serve as strong deterrents to those who might otherwise be tempted to commit fraud. Fear of getting caught is always a strong deterrent. Effective preventive controls are, therefore, strong deterrence controls.
The system of internal controls in an organization is designed to address inherent business risks. The business risks are identified in the enterprise risk assessment protocol and the controls associated with each risk are noted. COSO’s Enterprise Risk Management Integrated Framework describes the essential ERM components, principles and concepts for all organizations regardless of size.
Establishing internal controls may not address all of an organization’s fraud risks. Fraud risks, although a form of business risk, necessitate specific controls to mitigate them, which makes an organization’s fraud risk assessment process essential to fraud prevention. In addition to implementing fraud preventive controls, it is important that the organization assess and continuously monitor their operational effectiveness to help prevent fraud from occurring.
Prevention is the most proactive fraud-fighting measure. The design and implementation of control activities should be a coordinated effort spearheaded by management with an assembled cast of employees. Collectively, this cross section of the organization should be able to address all of the identified risks, design and implement the control activities and ensure that the techniques used are adequate to prevent fraud from occurring in accordance with the organization’s risk tolerance. The ongoing success of any fraud prevention program depends on its continuous communication and reinforcement. Stressing the existence of a fraud prevention program through a wide variety of media posters on bulletin boards, flyers included with invoices and vendor payments and articles in internal and external communications get the message out to both internal and external communities that the organization is committed to preventing and deterring fraud.
Among the many elements in fraud prevention are HR procedures, authority limits and transaction level procedures. An organization’s HR function can play an important role in fraud prevention by implementing the following procedures. A key business and fraud risk in any organization lies in the people hired to operate the business and promoted into positions of trust and authority. For that reason, it is important to know employees in order to evaluate their credentials and competence, match skills to the job requirements and be aware o f any issues of personal integrity that may impact their suitability for the position. Much can be learned about an individual through confirmation of work history and education presented on a job application or resume or in follow-up with references provided. It is possible to find false or embellished information or undisclosed history and reputation that may represent increased and possibly unacceptable risk.
© examsnet.com
Question : 21
Total: 100
Go to Question: