How to Reduce Fraud Within Our Changing Risk Framework

Effectively managing internal controls to support financial reporting is now top of mind in our complex regulatory and operating landscape. Accounting and finance organizations are challenged to operate efficiently and drive strong comprehensive controls amidst shifting risk.

Globalization, intercompany trade, and mergers and acquisitions have increased the volume of transactions that impact the close. They’ve also created more silos and risk in downstream financial and regulatory reporting.

With risk management typically rolling up to the CFO, the new COSO framework expands and elevates the accounting and finance function by recognizing the critical importance of the CFO’s role in the effective management of strategic risk.

An expanded risk model that encompasses strategic risks means an elevated role for business planning and modeling in the board room. This also extends the realm of the CFO to measure broader performance management indicators across other departments that may have an impact on risk.

In fact, a Grant Thornton study found that 40% of CFOs identify strategic planning as one of their biggest priorities, closely behind increasing cash flow (45%), and reducing costs (41%).

However, to support this expanded definition of risk, the finance function needs to invest in its people and in the technology necessary to support them in areas, such as budgeting, forecasting, analysis, and long-term planning.

A recent Hackett study found that best-in-class accounting and finance organizations devote 25% fewer resources to transactional tasks while boosting resources by 38% for planning and analysis.

For CFOs, the mandate is to apply automation within accounting, nurture talent around analytics and planning, and encourage business partnering to gain a clearer perspective on broader indicators of risk.

Failure to enforce controls, whether in accounting or in broader parts of the organization, doesn’t just increase the risk of error. It increases the risk of fraud. Sarbanes-Oxley (SOX) remains the most far-reaching response to accounting scandals and has created new requirements to reduce fraud risk.

Section 302 of SOX requires a company’s “principal officers” to certify the integrity of financial reports quarterly, while Section 404 bolsters requirements that the company discloses any financial reporting controls deficiencies.

Lately, the SEC has upped the ante, with the prior SEC Chair, Mary Jo White, stating in her keynote address that the SEC has “been closely scrutinizing the gatekeepers of financial reporting, continuing to hold accountants, auditors, and audit committees accountable in appropriate circumstances.”

Recent SEC cases have included:

• Actions focused on companies completely lacking internal controls

• Failure of individuals to comply with existing controls

• “Quality” controls at accounting firms

With both organizations and individuals at risk, and increased external scrutiny, it’s never been more important to review the quality and implementation of the controls companies have put in place to stamp out financial irregularities and ensure that personnel have a comprehensive understanding of them.

Further, ensuring that companies, corporate officers, and external auditors can interact efficiently and effectively has become critically important.

Performing balance sheet and bank reconciliations are standard procedures for preventing fraud risk, yet they are also one of the main reasons behind a slow close. Organizations often walk a tightrope between fraud risk, resource drain, or a sluggish financial close.

Common issues include integrating data from internal and external sources, prioritizing between reconciling high-risk versus low-risk accounts and ensuring strong documentation trails.

Automation and the application of robotics enables organizations to integrate data more easily, apply matching rules at scale, auto-certify low-risk accounts, and focus effort on exceptions.

Read our CFO Playbook: Compliance & Controls to dive deeper into how your organization can manage controls around financial reporting.