Enron Fraud

...

Even more important than having and communicating to employees written policies and procedures developed to prevent fraud is actually enforcing those policies and procedures. “It is worse to have a written policy that is not consistently enforced than it is to not have any policy at all,” because non-enforcement of written policy communicates to employees that upper-level management is either not seriously concerned about employee compliance or they just are not attentive enough to notice when employees are not being compliant[4]10. In either scenario, non-enforcement helps to contribute carelessness and dishonesty to an organization’s culture. Consistent and regular enforcement of the established policies and procedures pertaining to fraud creates a motivation within employees to comply; when employees know that management is going to check up on them, they are more likely to be honest and conform to anti-fraud policies10.

Organizations could also establish an anonymous reporting system to deter fraud, by designating certain officials as contacts for reporting fraud and by setting up a whistle-blowing hotline. Honest employees may observe or witness the occurrence of fraud, and the use of a telephone hotline provides a way for those employees to anonymously report potential fraud without fear of retaliation. This strategy not only aids in the detection of fraud, but also in the prevention of fraud, as it discourages potential perpetrators by indirectly notifying them that other employees are also watching and can anonymously report their negative behavior. Fraud hotlines may be established in-house or provided by a third party, and the results of all calls are reported to the client within one business day5. In accordance with Sarbanes-Oxley, publicly-traded companies specifically are required to establish procedures for receiving and responding to complaints received by employees in relation to questionable accounting or internal controls7. The development of an anonymous reporting hotline and a formal whistle-blowing system influences a culture of openness; by creating a culture of openness, organizations can foster communication between upper-level management and lower-level employees that could help in the prevention of fraud.

The establishment and maintenance of adequate internal controls primarily helps an organization to detect fraud, but it can also help to prevent fraud. Segregation of duties, avoidance and discouragement of related party transactions, providing the Board of Directors oversight of agency operations and management, and use of encryption and complex passwords are all internal controls that can both reduce the occurrences of fraud and reduce the length of time it takes to uncover fraud[5]1. The enforcement of a system of checks and balances by leadership within an organization guarantees that no one person has control over all aspects of a transaction. This separation of critical functions within key processes decreases the opportunities for fraud by requiring different individuals to perform separate and distinct parts of any given process. Segregation of duties can decrease business efficiency and increase costs and staffing requirements, but the benefits of improved security and protection against fraud outweigh the costs associated with this internal control. The development and enforcement of a code of ethics policy discourages related party transactions that could result in fraud by directly communicating to employees that it is unacceptable. The inclusion of a requirement that related party transactions be disclosed and be approved by the Board of Directors also discourages fraud by forcing the organization to review relationships and transactions that may result in fraud. The Board of Directors can play an important role in fraud prevention. Not only can the Board be used to approve related party transactions, the Board can also monitor an organization’s financial activity by comparing actual to budgeted revenues and expenses, requiring explanation of significant variations from budgeted amounts, and documenting approval of procedures and policies and major expenditures[6]1. This monitoring of the organization’s financial activity can expose any irregularities that may be indicative of the occurrence of fraud.

Giving internal auditors’ investigation authority is a fraud prevention technique that corresponds with the previously outlined strategy of maintaining adequate internal controls. Although it is ultimately the responsibility of management to ensure the deterrence of fraud within an organization, internal auditors have the responsibility to determine the effectiveness of management’s actions and to examine and evaluate the organization’s internal controls5. In relation to fraud, internal auditors have the duty to evaluate the control environment, identify key indicators of fraud, identify internal control weaknesses which may allow fraud to occur, recommend investigations, and communicate to management occurrences of fraud5. They essentially perform a fraud risk assessment and through these duties the internal auditors are not only able to evaluate the organization’s internal controls, but also its employees, who are all potential perpetrators of fraud. The role of the internal auditor is to identify fraud risks and red flags, which aids in the prevention of fraud within an organization.

Fraud Detection

Fraud detection and prevention work simultaneously to establish accurate and trustworthy financial information. While fraud prevention is used as a line of defense to decrease the company’s risk, fraud detection is the utilization of processes to discover potentially problematic transactions. The responsibility for implementing and utilizing fraud detection processes lies with auditors and the company’s financial management team.An increase in the auditor’s penalty such as, reputation and potential law suits from losses due to fraud, places more at risk for the auditing team, leading to stronger fraud detection processes during an audit[7]6. Auditors routinely evaluate the strength of internal controls and assess the company environment and relationships as indicators of fraud detection. Stressed relationships, for example, existing between an audit team and a company’s management team with inadequate rationalizations regarding materiality are considered when detecting fraud risks9.

Companies with strong internal controls are tested less on fraudulent activity and more on transactions6. Testing of transactions by auditors has proven to be an effective process in detecting and deterring fraud6. Auditors do not perform more testing for fraud when internal controls are strong, but when fraud was discovered, the tests of transaction has proven to detect fraud