The Anti-Fraud Collaboration (AFC) is pleased to share with you the Collaboration’s recent resources. Explore the latest insights:
- The AFC’s comprehensive analysis of SEC enforcement actions is a reminder of the ongoing need for vigilance against financial statement fraud. The cases highlighted in the report revealed pervasive issues, including insufficient internal controls, poor tone at the top, a weak culture, and lack of skepticism.
- ESG is a new risk area that is quickly evolving with the push from investors and regulators for change, and swift action from C-suite executives. As with any risk area, internal audit should be well-positioned to support the governing body and management with ESG matters.
- The CAQ explores the historical importance of the external audit in well-functioning capital markets to the US economy. Auditor expertise and independence are two cornerstones of audit quality that bolster the level of trust and confidence in company financial statements.
Mitigating the risk of fraud
Addressing fraud risks. In a follow-on to the AFC’s publication, Mitigating the Risk of Common Fraud Schemes: Insights from SEC Enforcement Actions, the AFC facilitated a roundtable discussion among participants in the financial reporting ecosystem to discuss the fraud schemes identified in the report. Here are some lessons learned that emerged from the roundtable:
- As companies adopt different business models and office environments (e.g., remote, hybrid), changes to controls should be documented and tested.
- Risk assessments should be ongoing and thoroughly evaluated because incentives and pressures on people along the financial reporting supply chain may change as the pandemic and its long-term impact continue to unfold.
- To address fraud risks when implementing new accounting standards, companies should use robust processes around estimates that may involve significant subjective judgments.
Enforcement Chief Accountant insights. The SEC Division of Enforcement Chief Accountant participated in a panel at the roundtable at which he stated that SEC enforcement actions can be useful in understanding the efforts taken by the Division. The Division brings meaningful cases that provide both the deterrent effect but also the information out there to the preparers of financial statements and gatekeepers in the process.
Internal audit’s role in ESG reporting
All roles play a part. Based on the key roles in The IIA’s Three Lines Model (an update of the Three Lines of Defense), internal audit should take on the critical role of providing objective assurance, independent from management, over the effectiveness of ESG risk management, reporting, and related regulatory compliance. Here are some key considerations:
- Internal audit can review reporting metrics for relevancy, accuracy, timeliness, and consistency. As regulatory oversight is expected to increase, it is critical that public sustainability reports provide accurate information depicting a company’s ESG efforts.
- Auditors can conduct materiality or risk assessments on ESG reporting. Companies must have a clear understanding on how ongoing sustainability efforts or public commitments to sustainability goals can rise to the level of materiality.
Why it matters. The challenges and complexity of ESG reporting are abundantly evident, and the risks associated with poorly managed reporting can be high in terms of regulatory compliance and reputational damage. Therefore, governing bodies and executive management should carefully consider all disclosures and how related assurance responsibilities are assigned.
Value of the external audit
Audit quality matters. Many factors lead to a quality audit, but it is the combination of auditor expertise and independence that bolsters the level of trust and confidence in company financial statements, and forms the basis of audit quality—and, thus, value to capital markets. Here are two cornerstones of audit quality:
- Expertise. The audit of a company’s financial statements requires a wide range of expertise across auditing and accounting standards, complex transactions necessarily involving management estimates, specialists (as recognized by the PCAOB), internal controls over financial reporting, and an understanding of industry sectors and their related business processes and regulatory matters.
- Independence. Auditor independence underpins the very credibility of the audit. It is critical that the interests of the external auditor who is providing reasonable assurance over the financial statements are independent of the company in both fact and appearance.
The big picture. Enhancing the trust in and reliability of company-reported information is a key aspect of the public interest role that public company auditors play worldwide. An independent audit that provides reasonable assurance that company financial statements are free of material misstatements, whether due to error or fraud, increases the reliability of that information and enhances investor and market confidence.
The full report. Value of the Audit: A Brief History and the Path Forward.
Our new look
- Want to learn more about your role in fighting fraud? The Anti-Fraud Collaboration has launched a new website with resources that highlight how all members of the financial reporting supply chain can work together to combat fraud.