J.H. Cohn’s Kevin Hyams, Irv Schwarzbaum Deliver Seminar on Business Fraud
6/08/2009
New York, NY – Kevin Hyams, FCA, a principal in the Corporate Governance Services Practice of Cohn Consulting Group, a division of J.H. Cohn, and Irv Schwarzbaum, CPA, CIRA, CFE, CFF, CICA, a director in J.H. Cohn’s Business Investigation Services Group, recently presented a seminar on dealing with business fraud to the New York chapter of the Financial Executive Network Group (FENG), a nationally recognized organization for senior financial professionals and the largest networking group of its type in the world.
Hyams spoke about fraud prevention and detection to a group of approximately 60 chief financial officers, controllers, financial vice presidents, and other senior-level financial executives. He told the audience that the typical U.S. organization loses seven percent of its annual revenues to fraudulent activity1. If this percentage was applied to the 2008 U.S. gross domestic product of $14.196 trillion, it could be projected that roughly $994 billion was lost to fraud in 20082. This staggering statistic, along with such laws and regulations as the revised U.S. Federal Sentencing Guidelines of 2009, the U.S. Foreign Corrupt Practices Act of 1977, COSO – ICFR Guidance for Smaller Companies, and the Sarbanes-Oxley Act, make a strong case for having an effective system in place to prevent and detect fraud.
“Many companies fall victim to fraudulent activity because they believe that ‘it can’t happen here;’ that SOX protects them from fraud, or that any fraud that might take place would quickly be discovered,” Hyams explained. “In fact, all companies are vulnerable to fraud and no individual fraud detection system is foolproof.”
Hyams made the case for an integrated approach to fraud prevention and detection, one that includes corporate governance (the culture, values, mission, structure, and layers of policies, processes, and measures by which organizations are directed and controlled), risk management (the systematic application of processes and structures that enable an organization to identify, evaluate, analyze, monitor, improve, or transfer risk while communicating risk and risk decisions to stakeholders), and corporate compliance (the ability to demonstrate adherence to mandated requirements defined by laws and regulations).
“An integrated approach to fraud prevention and detection takes into consideration financial risks, operational risks, and compliance risks,” said Hyams.
He described a Governance, Risk, and Compliance framework that incorporates five key steps:
1) Inventory corporate objectives and the risks to their achievement
2) Assess inherent risk to the achievement of the objectives
3) Identify key mitigating controls for all significant risks
4) Determine risk of control failure and assess inherent exposure
5) Validate/test, remediate, and assess residual exposure and report
Hyams concluded: “The success of any fraud prevention and detection system is contingent on the commitment and dedication that boards and senior management give it—otherwise known as ’Tone at the Top.’”
Irv Schwarzbaum commenced his portion of the presentation by asking the audience if they had ever been victims of fraud. About 70 percent of the audience raised their hands.
Fraud can be committed in a variety of ways: abuses of trust committed by people in organizations for personal profit; business crimes committed by organizations to further their business interests, e.g. false earnings reports; or confidence games designed to cheat clients, e.g. Bernie Madoff’s Ponzi scheme. Schwarzbaum then described the vicious triangle of fraud—comprised of perceived opportunity, rationalization, and pressure—that creates an atmosphere conducive to fraud. He also answered four critical questions about fraud:
Why does fraud occur? It can be boiled down to the fear and greed of companies and individuals. Companies have earnings pressures brought on by stockholders, venture capitalists, and impatient financial analysts. Individual greed can also lead to fraud. Executives whose compensation and bonuses are tied to revenues are prime candidates to commit fraud.
How does fraud occur? A company with strong leadership will make sure that proper controls are in place to prevent fraud. Companies that have poor internal controls, no ethics policies, or policies in place which allow management to override controls are prime candidates to be victimized by fraud.
How does fraud manifest itself within a business? Companies can commit fraud in a variety of ways, including the acceleration of revenue recognition, expense capitalization, inventory manipulation, overstatement of receivables, disbursements to fictitious vendors, unsubstantiated valuations of assets, and intra- and inter-company activities.
How are frauds discovered? From good internal controls to serendipitous accidents —and everything in-between. Employees, customers, suppliers, and auditors are all candidates for discovering fraud.
If an individual suspects fraud, it is always a good idea to contact an officer of the Company. Such officer may commence an internal investigation, consult with counsel, and/or hire an outside forensic accountant to perform a forensic investigation, which should answer the following questions:
How did the fraud occur?
Who committed the fraud?
Was it a sole individual or was there collusion among employees or third parties?
What was the dollar impact of the fraud?
Is the fraud still occurring?
Is this fraud/theft occurring in other areas of the company?
How can frauds of this nature be prevented in the future?
In today’s environment, compliance-effective policies should be a priority from the top down. From the boardroom to the mailroom, a strong set of internal controls and a viable, enforced ethics policy will go a long way in helping companies prevent fraud.
1 Figure derived from research conducted by the Association of Certified Fraud Examiners as reported in the association’s “Report to the Nation on Occupational Fraud and Abuse.”
2 Based on US Department of Commerce first quarter 2008 GDP estimates.