| False Assumptions about your yearly audit | | | | detection and prevention of fraud through |
| "We have an annual audit by a CPA firm. They will | | | | forensic auditing. |
| catch any fraud that's occurring." If you think | | | | Financial Statement vs. a Forensic Audit |
| your organization is fully protected because you | | | | The standard financial statement audit is far |
| have an annual audit of the financial statements, | | | | different than a forensic audit or an operational |
| what percentage of frauds do you suppose are | | | | audit. When our CFEs conduct a forensic audit, it |
| initially uncovered each year by independent | | | | is normally designed specifically and primarily to |
| auditors? Would you say at least 90%? How | | | | detect the occurrence of fraud. When we |
| about 50%? Do you think it certainly must be at | | | | conduct an operational audit, it is specifically |
| least 20%? According to a survey conducted by | | | | designed to determine the potential for the |
| the Association of Certified Fraud Examiners | | | | occurrence of fraud and provide advice on steps |
| (ACFE) in 2008, only about 9% of occupational | | | | for its prevention. Such audits are far more |
| frauds are initially detected by independent | | | | extensive in their use of anti-fraud procedures |
| auditors. | | | | and are quite different than the standard financial |
| When a firm of Certified Public Accountants (CPA) | | | | statement audit. |
| conducts an audit of an organization's financial | | | | Resolving the Problem |
| statements, they have a responsibility under | | | | Does this mean that having an audit by a firm of |
| professional standards to take steps to detect | | | | independent accountants is not useful in deterring |
| fraud. However, their main objective in an audit is | | | | occupational fraud in an organization? No, it does |
| not the detection and prevention of fraud. Their | | | | not mean that at all. Having an annual audit is one |
| main objective is to determine whether the | | | | factor in achieving that goal. But the annual audit |
| financial statements are fairly presented in | | | | must be supplemented by other fraud prevention |
| accordance with stated accounting policies so that | | | | policies and procedures such as strong internal |
| they will not be misleading to a reader. Steps to | | | | controls, internal audit procedures, employee |
| detect fraud are only one aspect of an | | | | background checks, hotlines and, occasionally, a |
| independent financial statement audit. And, while | | | | forensic audit or operational audit. In short, if your |
| the CPAs conducting the audit may be very good | | | | organization's only protection against occupational |
| at conducting a financial statement audit, they | | | | fraud and abuse is an annual financial statement |
| may not be Certified Fraud Examiners (CFE) and | | | | audit, your organization is probably far more |
| may or may not have received training in the | | | | vulnerable than you realize. |