Frauds: Who is under an obligation to prevent and detect fraud?

Contents:

• Introduction
• Basics to Fraud
• Responsibility of Management
• Responsibility of Auditor
• Responsibility of Preventing and Detecting the Frauds and Errors
• Conclusion

Introduction

No organization is safe from this increasing trend of frauds in corporate accounting scandals like Satyam, WorldCom, Enron, etc. When it comes to detection, a variety of players were found involved in committing fraud like management, the governing body, internal auditors and sometimes external auditors too. So basically, the question arises who is to be held responsible for preventing and detecting the fraud?

The new Companies Act, 2013 not only introduced the stringent norms for addressing the growing problems of corporate frauds but also focuses on the issue of tackling these frauds by means of providing regulations. Section 447 of the Companies Act, 2013 provides the definition of fraud and also the punishment for committing the fraud. It is defined as follows:

“Fraud in relation to affairs of a company or any body corporate includes any act, omission, concealment of any fact or abuse of position committed by any person or any other person with the connivance in any manner, with intent to deceive, to gain undue advantage from, or to injure the interests of, the company or its shareholders or its creditors or any other person, whether or not there is any wrongful gain or wrongful loss.”

 Basics to Fraud

Along with determining that who is responsible for committing fraud, it is equally important to remember some basics to fraud because these are some factors which can aid in reaching the culprit. The factors which are likely to be present in each fraud are:

1. 1. Motive/ Intention to deceive – a willful act to steal or deceive the company or shareholders whether there is any wrongful gain or wrongful loss
   2. Opportunity – an act providing an opportunity to commit fraud in any manner
   3. To gain undue advantage – Act committed by any person or any other person with the connivance in any manner with intent to gain undue advantage from the company or shareholders or creditors or any other person
   4. Rationalization – where someone remains quite and determines that it is okay to commit fraud by misusing its power of authority
   5. Omission and concealment – Any act of omission or concealment of facts committed by a person any other person with the connivance in any manner with intent to deceive the company or shareholders or creditors or any other person whether or not there is any wrongful gain or wrongful loss.

Though there are some factors like Motive/ Intention to deceive or Rationalization which are beyond the control of management because these might result out of public influence, personal issues or other external matters. But, opportunity, omission, concealment and abuse of position are some of the factors which can be controlled by the management by using appropriate means.

 Responsibility of Management

According to Standards on Auditing (SAs) the primary responsibility for the prevention and detection of fraud rests with the Management and Those Charged with the Governance (governing body). The management should build a control environment which not only involves the identification of risks of fraud but also involves taking appropriate actions within the stipulated time frame. For this purpose, the management may use the internal audit function for evaluating the probability of fraud and error and for reviewing the internal control effectiveness.

Prima-facie, it is the responsibility of the management of the company to prevent and detect frauds and other irregularities, have in place the selection and application of appropriate accounting policies so that the financial statements would give a true and fair view and are also free from material misstatement, whether due to fraud or error.

Responsibility of Auditor

As per SA 240, The Auditor’s Responsibilities Relating to Fraud in an Audit of Financial Statements, an auditor is held responsible for following responsibilities:

1. 1. To obtain reasonable assurance that the financial statements are free from material misstatements
   2. To maintain professional skepticism throughout the audit
   3. Should know that risk of non-detection of management fraud is greater than of employee fraud
   4. Must be aware Risk of non-detection of fraudulent material misstatement is higher than the misstatement due to error.

The auditor would enquire with the company’s management and the company’s internal audit team as to whether any instance of actual or alleged fraud has occurred, in the past, and obtain their response on the risk of fraud. Based on the information provided by the management of the company, the auditor would consider whether any fraud risk factors are present and assess the same based on such information. If the auditor come across and identify any unusual / unexpected relationship while performing the analytical procedure, then, they would evaluate them to assess the risk of material misstatement due to fraud.

Responsibility of preventing and detecting the frauds and errors

As of now, it has been seen in no. of cases that many of the governing bodies of entities without operating an internal audit function simply relies on the management for fraud prevention. However, if an internal audit function exists, either it is not operated effectively or it is influenced or threatened by the management. While having a deep understanding of SA 240, it can be external auditor is responsible for assessing fraud risks within an entity, they are only responsible under the auditing standards for providing reasonable assurance that the financial statements are free from material misstatement, whether due to fraud or error. External auditor uses a test of series or sample testing to assess the transaction. Due to limitations of audit and complexities of fraud schemes, it becomes difficult for auditor to detect misstatements arising from fraud. Also, the Association of Certified Fraud Examiners reports that less than ten percent of frauds are detected by the external auditors.

 Conclusion

Thus, it can be said that the management shares a large bite of responsibility for the prevention and detection of fraud. All the concerned parties like management, governing body, internal auditor, external auditor should exercise professional skepticism and try to build such an environment that it not only protects the interest of all stakeholders (especially minority shareholders) also, brings improvement in the corporate governance practices of the entity. Considering the stringent provisions provided in the Companies Act, 2013, the regulators may still need to act as a tipping point and enable the entities to create a transparent and proactive culture to counter the frauds.

(The thoughts expressed in the conclusion are solely the authors with a view to enhance the reader’s knowledge on the subject matter.)