Financial Reporting Fraud in Public Companies - Assignment Example

Information Systems Audit Business leaders are becoming more aware in creating viable measures to address corporate fraud and misbehavior. This paper shows ways that have been found to be effective in risk management have been spotlighted. The document identifies some specific requirements in information systems that must be met in generating appropriate audit. This essay focuses on financial reporting fraud in public companies where certain internal audit functions and management controls are pointed out. Table of Contents 1. Introduction 4 2. Human resource management 4 2.1 Items that could be very sensitive or controversial 4 2.2 Types of data that must be carefully guarded to ensure that they aren’t altered .5 2.3 Control procedures that might be put into place to guard against unwanted changes to employee’s records 5 3. Big Bang versus Phased-In Approach 5 3.1 Advantages and disadvantages associated with the decision to implement the new system using the big bang approach versus the phased-in approach 5 3.2 Implications of implementing the new system using the big bang approach versus the phased-in approach 6 4. Causes of fraud 7 4.1 Situational pressures that would increase the likelihood of fraud in a public company 7 4.2 Corporate circumstances where fraud is easier to commit and detection is less likely 8 4.3 Risk assessment in fraudulent financial reporting 8 4.4 Recommendations that top management should incorporate to reduce possibility of fraudulent financial reporting 9 5. conclusion 9 Information Systems Audit 1. Introduction Puja (2004) defines Information Systems Auditing as the process of examining management controls in computer systems within an IT infrastructure to determine the adequacy of the system controls and ensure compliance (Puja, 2004, p. 5). It is done through collecting and evaluating evidence to determine whether data integrity is maintained and assets are safeguarded. The use computer based information systems has been incorporated into many companies and the ability of these companies to survive entirely depends on well-structured information system audit process that points out shortcomings in the information systems usage. 2. Human Resource Data Management 2.1 Items that could be very sensitive or controversial The human resource department of any organization or company contains more sensitive data. Human resource workers specifically the payroll employees should be able to establish the employment status of an active employee, without altering the status, while the personnel employees have the clearance from human resource administration or higher authority to activate new employees and alter their status from active to terminated service. The personnel employees have no permission in handling of timecards for employees. This clearly defined separation of tasks prevents any occurrence of fraudulent incident. In most common cases it has been reported that the payroll employees or the personnel employees process illegal paychecks to terminated employees or ghost workers either as a result of ignorance or fraud motives. 2.2 Types of data that must be carefully guarded to ensure that they are not altered Human resource management systems house databases that contain other linked company information that the payroll employees have no reason of seeing. Such information may include; data from performance evaluation, health records, and retirement benefit plan balances, and insurance cover. 2.3 Control procedures that might be put into place to guard against unwanted changes to employee’s records. The central location of human resource data is subject to access monitoring enabling the capture of identity of the person logging or exiting as well as the timestamp. This ensures that company data is accessed by authorized personnel and that entry codes are changed periodically where locking mechanisms with keypads are used. Human resource management software is customized and has the option of managing different user accounts. The administrators of such systems allocate user rights to the payroll employees to retrieve information that is necessary for payroll task being carried out. 3. Big Bang versus Phased-In Approach 3.1 Advantages and disadvantages associated with the decision to implement the new system using the big bang approach versus the phased-in approach. Both of these approaches require transformation of data from legacy systems to a common data warehouse. A phased-in approach has an advantage of uncovering discrepancies among data at a single site. Once the discrepancies are found, the resulting bugs can be corrected, so relatively error-free systems can be placed in other sites. Presuming the goals of a DMV is to efficiently collect tax and license drivers and vehicles. The fact that customers were waiting too long to be served made the customers not comply with the law requiring them to have proper licenses. In big bang approach organizational goals were not met of which a phased-in approach might have uncovered these problems and find solutions on a local basis rather than state-wide basis. The employees seemed to lack adequate training and were opposed to the new system. 3.2 Implications of implementing the new system using the big bang approach versus the phased-in approach Phasing-in a new system activity does not require as many technicians, as the instruction process can take place over time and across geography. With an increased number of required technicians, there are low chances that all technicians will be familiar with the system and the requirements. Therefore, a phased-in approach might have supplied the DMV with better instructions. The big bang approach on the other hand seemed to not work well with employees. It is possible that if a phased-in approach had been used, the process might have gone more smoothly. A well elaborated system specification (and its probable improvement over the legacy systems) might have reduced the level of resistance experienced by employees who anticipated for their own phasing-in. The loss of revenue incurred by the DMV could have been averted if its employees were better trained and accustomed to the new system and in turn uplift customer’s satisfaction index in services received. This is a most likely consequence of having the phase-in approach in place. 4. Causes of Fraud Fraud is defined as intentional misrepresentation or omission of the truth for the purpose of gain or damage of a person or an organization. Due to economic nature of needs for employees and companies, fraudulent activities are most likely to take place. 4.1 Situational pressures that would increase the likelihood of fraud in a public company In the public companies arena there are situations that pressure the likelihood of fraud. The main goal of a company is to maximize profits and reduce production costs. Therefore in the event of that there is sudden decrease in revenue or the market share fraudulent ideas can be provoked. Financial expectations from supplementary plans that rely on short term economic performance push up the urge for fraud. According to Centre for Audit Quality report (2010), there are three conditions that necessitate fraud activity to occur in either good or bad financial times, pressure or an incentive to carry out fraud, a detected opportunity, and the ability to justify fraudulent conduct. Temptations to commit fraud may be experienced in situations where goals seem to be unachievable through the normal channels where the individual becomes obsessed in attaining goals at whatever cost, (Centre For Audit Quality, 2010 p. 3-4). 4.2 Corporate circumstances where fraud is easier to commit and detection is less likely There are key areas where fraud detection is minimal. Some situations are very opportunistic to the fraud mind where the fraud takes place easily and without even slight detection. In areas with weak internal accounting controls and unusual complex transactions fraudulent activities may arise. An accounting estimate being done and requiring opinion from the employees may cause over quotation. 4.3 Risk assessment in fraudulent financial reporting For purposes of assessing the risk of financial reporting fraud, there are external factors that are considered in each of the company’s different environmental situations. Factors considered in the company’s’ industry environment and are; Specific trends predominant in the industry like the demand for the industry’s products, events affecting the industry and whether the industry is expanding or declining. The current state of the industry. Transition phases in companies are known to affect the way management control operations associated with the company. In business environment important factors reckoned are; The marketplace viability of the company’s products. The element of sensitivity of the company’s operations and profits that is influenced by economic and political factors. Lastly in legal and regulatory environment factors that are considered are; The current status of compliance to regulatory requirements such as company’s business licenses or agreements. The existence of any judicial proceeding involving the company. 4.4 Recommendations that top management should incorporate to reduce the possibility of fraudulent financial reporting. The management should enforce Sarbanes–Oxley Act of 2002 that mandates restructuring of the companies’ governance and establish an audit committee for supervision. The management has the duty of ensuring the right corporate environment that add value to the financial reporting process. The top management and the oversight committee must be aware of the root causes of fraudulent financial reporting and understand them. Lastly the management must provide reasonable assurance to all stakeholders that fraudulent financial reporting incidents will be avoided by developing sound internal controls. This can be achieved by establishing a role specific department for internal auditing. 5. Conclusion As a result of increasing number of regulations governing business field, companies have developed fraud risk management programs to help in managing the challenge posed. There is no full deterrence and detection of financial reporting fraud. Therefore senior management, audit committees and both the external and internal auditors play key roles in achieving focused long term goals in preventing fraud. Work cited American Institute of Certified Public Accountants Audit Committee Effectiveness Center (2008). The Audit Committee Toolkit: Public Companies, 2nd Edition. American Institute of Certified Public Accountants, Association of Certified Fraud Examiners, and The Institute of Internal Auditors (2008). Managing the Business Risk of Fraud: A Practical Guide. Retrieved April 22, 2013 fromhttp://www.aicpa.org/InterestAreas/ForensicAndValuation/Resources/ FraudPreventionDetectionResponse/DownloadableDocuments/managing_business_risk_fraud.pdf Centre for Audit Quality (2010). Deterring and Detecting Financial Fraud: a Platform for Action. Retrieved April 22, 2013 from http://www.thecaq.org/Anti-FraudInitiative/CAQAnti-FraudReport.pdf. James A. Hall (2010) Accounting Information Systems: South-Western College Pub. Marshall B. Romney (2003). Accounting Information Systems. Upper Saddle River, N.J: Prentice Hall. Ms.Puja S.and Ms. Monika V. (2004). Paper on “Formulation of IT Auditing Standards”. Retrieved April 22, 2013 from http://www.cnao.gov.cn/UploadFile/NewFile/2006612113459150.doc National Association of Corporate Directors and the Center for Board Leadership and Its Alliance Partners (2004). Report of the NACD Blue Ribbon Commission—Audit Committees: A Practical Guide. National Association of Corporate Directors and the Center for Board Leadership and Its Alliance Partners (2010). Report of the NACD Blue Ribbon Commission on Audit Committees. SANS (2006). Consensus Project; Information System Audit Logging Requirements. Retrieved April 22, 2013 from http://www.sans.org/security-resources/policies/info_sys_audit.pdf Read More