< Back to Thought Leadership

Importance of a Fraud Risk Assessment

By: Steve Ritzer, CPA, CFE, Manager

A fraud risk assessment is vital because it allows a company to analyze each of its business processes for the associated risks. A company’s fraud risk assessment should focus on the impact of fraud on the company’s reputation, the exposure of the company to criminal or civil liability, and the result of a financial statement loss. After the risks have been identified, the company can improve on the internal controls to mitigate the risk. Properly designed internal controls mitigate fraud risk and demonstrate to individuals outside of the company that management is proactive in managing the company’s fraud risk.

Companies can develop a fraud risk assessment in several ways. The fraud risk assessment should include clear methods of identifying and measuring fraud vulnerabilities. Fraud vulnerabilities identify where fraud may occur and who could be potential perpetrators. Companies should also involve individuals from throughout the organization with different knowledge, skills, and perspectives. These individuals should include the audit committee, accounting/finance, operations, legal, compliance, and internal/external audit personnel.

Some key elements to include in a fraud risk assessment are:

  • Identify the relevant fraud risk factors at the companywide, business-unit, and significant account levels, in addition to special circumstances (i.e. business merger, acquisition, or restructuring)
  • Assess the likelihood (remote, more than remote or reasonably possible, or probable) and significance of the fraud risk factors
  • Prioritize the fraud risk factors based on risk
  • Identify potential schemes and scenarios
  • Link existing controls to the fraud risk factors and identify gaps
  • Test operating effectiveness of existing controls to fraud prevention

The fraud assessment must be supported by management and the board of directors. Management and the board of directors are ultimately the ones responsible for establishing, implementing, and monitoring the policies in place to mitigate the risk of fraud.

IRS 501(r) Compliance: Financial Assistance Policy and Amounts Generally Billed Calculation

Non-profit hospital organizations as defined by Section 501(c)(3) must meet requirements imposed by Section 501(r) on a facility-by-facility basis to be treated as a tax-exempt organization. According to the Internal Revenue […]

Learn More

Hospital Price Transparency: What’s New in 2024 and Beyond

The Centers for Medicare & Medicaid Services (CMS) has introduced significant changes to the requirements for hospital price transparency. The aim is to enhance pricing transparency and ensure compliance with […]

Learn More
building and using insurance reserves

Building and Using Insurance Reserves for Sustainability

By Annmarie Novotney, CPA, Director at Blue & Co. Not-for-profit organizations have been dealing with changing circumstances on many fronts over the last five years. Part of this changing landscape […]

Learn More