Full Text

Despite intense efforts to stamp out corruption, misappropriation of assets, and fraudulent financial reporting, it appears that fraud in its various forms is a problem that is increasing in frequency and severity. KPMG's Fraud Survey 2003 documented a marked increase in overall fraud levels since its 1998 survey, with employee fraud by far the most common type of fraud. The 2003 survey also noted that fraudulent financial reporting had more than doubled from 1998. This trend is consistent with the unprecedented recent spate of large accounting frauds (Enron, WorldCom), as well as the increased number of accounting restatements and sec enforcement actions in recent years. (see 2005 Annual Review of Financial Reporting Matters by the Huron Consulting Group and the sec's Report Pursuant to section 704 of the Sarbanes-Oxley Act of 2002.)

In response to the fraud problem, Congress and regulatory authorities have enacted tougher laws and increased enforcement actions. Organizations are implementing tighter controls and broader oversight. The auditing profession has adopted more rigorous auditing standards and procedures, and software developers are adding continuous monitoring features to back-office systems. It remains unclear whether these efforts are sufficient to mitigate the fraud problem.

Many studies suggest fraud is more Likely to occur when someone has an incentive (pressure) to commit fraud, weak controls or oversight provide an opportunity for the person to commit fraud, and the person can rationalize the fraudulent behavior (attitude). This three-pronged framework, commonly known as the "fraud triangle," has long been a useful tool for CPAs seeking to understand and manage fraud risks. The framework has been formally adopted by the auditing profession as part of SAS 99.

A Different Way to Think About Fraud Risks

The authors believe that the fraud triangle could be enhanced to improve both fraud prevention and detection by considering a fourth element. In addition to addressing incentive, opportunity, and rationalization, the authors' four-sided "fraud diamond" also considers an individual's capability: personal traits and abilities that play a major role in whether fraud may actually occur even with the presence of the other three elements.

Many frauds, especially some of the multibillion-dollar ones, would not have occurred without the right person with the right capabilities in place. Opportunity opens the doorway to fraud, and incentive and...