Skip to main content

Evaluating the Business Risk of Fraud

Written by Paul C. Zarecki on . Posted in Financial Investigations and Fraud Prevention, Forensic Accounting.

More than ever, organizations of all sizes need to assess, manage and monitor risk. According to the Association of Certified Fraud Examiners’ (ACFE) 2016 Global Study on Fraud, a typical organization loses 5% of revenues in any given year as a result of theft. The longer a fraud lasted, the greater the loss to the organization. Large frauds have led to the downfall of entire organizations, significant legal costs and erosion of customer confidence in your organization. The challenge of an organization is to detect and mitigate the fraud. Therefore, an effective risk assessment program is increasingly important to promote the success of any business.

Why do you need a risk assessment?

A risk assessment is a mechanism for identifying areas of vulnerability and opportunities for improvement within an organization. A risk assessment will provide management with valuable information that:

  • reduces the potential of fraud within the organization;
  • create efficiencies and cost savings in financial operations;
  • provides reasonable assurance to management, ownership, vendors looking to do work with the organization, or potential buyers of the organization about the entity’s risks and vulnerabilities; and
  • provide additional assurance to customers, government regulators, and rating agencies, i.e. insurance companies.

Only through diligent and ongoing efforts can an organization protect itself against significant acts of fraud. The ACFE, The American Institute of Certified Public Accountants and The Institute of Internal Auditors have laid out the key principles for proactively establishing an environment to effectively manage an organization’s fraud risk.  Those principles include:

Principle 1: As part of an organization’s governance structure, a fraud risk management program should be in place, including a written policy (or policies) to convey the expectations of the board of directors and senior management regarding managing fraud risk.

Principle 2: Fraud risk exposure should be assessed periodically by the organization to identify specific potential schemes and events that the organization needs to mitigate.

Principle 3: Prevention techniques to avoid potential key fraud risk events should be established, where feasible, to mitigate possible impacts on the organization.

Principle 4: Detection techniques should be established to uncover fraud events when preventive measures fail or unmitigated risks are realized.

Principle 5: A reporting process should be in place to solicit input on potential fraud, and a coordinated approach to investigation and corrective action should be used to help ensure potential fraud is addressed appropriately and timely.

Who is responsible for minimizing risk?

Management is ultimately responsible for effectively managing organizational risk and ensuring identifiable areas of vulnerability are adequately addressed.  In the event problems emerge, governing bodies, regulators, and even law enforcement will look to see what proactive measures were taken by management to assess, control and mitigate the risk inherent in the problem area.   Whether it is setting tone at the top, adequately training staff, or establishing effective internal controls, management is ultimately responsible and accountable.

Why use an outside professional?

During tough economic times, organizations tend to eliminate or downsize internal audit and internal control functions, despite the fact that organizational risks historically increase when pressures to succeed intensify. In response to this dilemma, more and more organizations are outsourcing various aspects of internal controls and risk assessment. In addition to realizing cost-savings, outsourcing provides management with a professional, independent, and objective appraisal of the organization’s risks and vulnerabilities.  In addition, “best practice” recommendations for mitigating risks are part of the assessment.

Professionals work with management throughout the risk assessment process by:

  • gaining an understanding of the organization’s business mission, goals, objectives and control environment;
  • performing a rigorous vulnerability risk assessment tailored to the organization’s specific accounting  and business systems and identifying events that could adversely affect these systems;
  • providing feedback on the risks identified and recommending reasonable, cost-effective remediation measures based on industry “best practices”; and
  • assisting in the implementation and follow-up assessment of the suggested remediation measures.

Organizations tend to not talk about fraud.  The reality is that most organizations experience fraud to some degree. Keep in mind that a proactive approach to managing fraud risk is one of the best steps organizations can take to mitigate exposure to fraudulent activities. The combination of effective fraud risk governance, a thorough fraud risk assessment, strong fraud prevention and detection (including specific antifraud control processes), as well as coordinated and timely investigations and corrective actions, can significantly mitigate fraud risks. Organizations that vigorously interpret and act on the results of their risk assessment are better positioned to capitalize on future opportunities and direct the business toward measurable success.

Paul C. Zarecki

Paul Zarecki, CPA is a Partner with Ferraro, Amodio & Zarecki CPAs (FAZ). FAZ is an experienced team of leading forensic CPAs, valuation experts, Certified Fraud Examiners (CFEs) and business advisors who seek to truly understand clients’ needs. Serving Albany, Boston, NYC, White Plains, Saratoga Springs and the surrounding areas, they leverage deep experience and a genuine, people-focused approach to provide best-in-class forensic accounting, business valuation and business advisory services. www.fazforensics.com
Read Our Reviews

FAZ Forensics is rated 4.95 out of 5.0 stars based on 21 review(s).

---

FAZ Forensics did a full review and evaluation of my business and I was very happy with the level of detail and expertise.

- Chris Schmidt

---

Christian has, along with his good nature and thoughtful regard, been exceedingly helpful with sorting out the complexities of our case. We could not be more pleased with our exchange. Thomas and Hema Easley

- Thomas Easley

---

Christian was patient and easy to understand. clear, concise and thorough. he spoke “plain” English and was respectful. he did not “rush” and he responded to every question i had, in a timely manner. no matter how “dumb” it may have seemed. for example, i received some paperwork by mail and i did not understand it. i emailed him about it and he cleared it up that day. thats great customer service!

- Joong Park

---

Really good, very knowledgeable and communicated with us every step of the way.

- Haartz Corporation/Tom Daigneault

---

FAZ has a great team doing terrific work for our clients.

- Jim Towne

---

Exceptional work produced.

- Matt Smith

---

Thanks!

- Arrow Bank

---

FAZ was very professional, knowledgeable and very fair priced. The work performed was prompt, accurate and reliable. I would absolutely hire them again if in need for additional accounting work.

- Arrow Financial Corporation

---

Excellent to work with. Professional and personable.

- Cambridge Central School District

---

Awesome team! They were a pleasure to work with. I would definitely recommend.

- Cambridge Central School District

---

FAZ was extremely thorough and professional in doing our business valuation. We are very pleased with the results

- Anne Choppy

---

Steve and GeNet were great at the valuation we needed. Very satisfied. Thanks,Vince and Anne

- Vincent M. Choppy

---

Perfect

- Zalazar anelardo

---

Gen'et and Paul were extremely responsive to our needs. They listened and responded to any concerns that we had. I would highly recommend them for any forensic engagement needs.

- Jennifer Mulligan

---

Thank-you for asking. Our experience was excellent. The people at FAZ showed a depth of knowledge and experience that was very helpful with the undertaking before us. Well done.

- Guy Tombs

---

The CPAs and staff at FAZ are truly amazing. They explain their process very well and always answered my questions right away. I highly recommend them for all your forensic accounting and evaluation services.

- Ashley Hart

---

Excellent and responsible.

- Peter Lee

---

Steve Ferraro did an excellent job and worked tirelessly as our expert forensic accountant witness. Based on Steve's hard work, the jury awarded every penny that Steve showed our client to be entitled to and completely rejected the conclusions of the opposing side's expert.

- Dave Paliotti

---

Great firm!

- John Harwick

---

The people at FAZ are amazing. They are true professionals. The staff is knowledgeable & kind. You feel like you matter. Anytime I have questions they take the time to go through everything in detail so I completely understand everything. I would definitely recommend FAZ.

- Dan Dagostino

Write Review