fbpx

< Back to Thought Leadership

Importance of a Fraud Risk Assessment

By: Steve Ritzer, CPA, CFE, Manager

A fraud risk assessment is vital because it allows a company to analyze each of its business processes for the associated risks. A company’s fraud risk assessment should focus on the impact of fraud on the company’s reputation, the exposure of the company to criminal or civil liability, and the result of a financial statement loss. After the risks have been identified, the company can improve on the internal controls to mitigate the risk. Properly designed internal controls mitigate fraud risk and demonstrate to individuals outside of the company that management is proactive in managing the company’s fraud risk.

Companies can develop a fraud risk assessment in several ways. The fraud risk assessment should include clear methods of identifying and measuring fraud vulnerabilities. Fraud vulnerabilities identify where fraud may occur and who could be potential perpetrators. Companies should also involve individuals from throughout the organization with different knowledge, skills, and perspectives. These individuals should include the audit committee, accounting/finance, operations, legal, compliance, and internal/external audit personnel.

Some key elements to include in a fraud risk assessment are:

  • Identify the relevant fraud risk factors at the companywide, business-unit, and significant account levels, in addition to special circumstances (i.e. business merger, acquisition, or restructuring)
  • Assess the likelihood (remote, more than remote or reasonably possible, or probable) and significance of the fraud risk factors
  • Prioritize the fraud risk factors based on risk
  • Identify potential schemes and scenarios
  • Link existing controls to the fraud risk factors and identify gaps
  • Test operating effectiveness of existing controls to fraud prevention

The fraud assessment must be supported by management and the board of directors. Management and the board of directors are ultimately the ones responsible for establishing, implementing, and monitoring the policies in place to mitigate the risk of fraud.

ACH payment

Essential ACH Policies and Controls for Not-for-Profit Organizations

By Karen Dringenburg, CPA, Senior Accountant and Andrew Brock, CPA, Senior Manager at Blue & Co. Are you a not-for-profit entity considering implementing ACH transactions? Or are you wondering if […]

Learn More

Blue Cross and Blue Shield Antitrust Litigation Update

Earlier this month, the US District Court for the Northern District of Alabama issued a preliminary approval of the proposed settlement of the class action lawsuit against Blue Cross and […]

Learn More
restricted funds

Navigating Changes of Restricted Funds in Not-for-Profit Organizations

By Cecilia Spencer, CPA, Manager, at Blue & Co. Not-for-profit organizations often receive funds with specific restrictions on how they can be used. These restrictions ensure that the donor’s intent […]

Learn More