One of the most significant risks faced by organizations continues to be the risk of fraud. When fraud surfaces, whether committed by individual employees, collusion among multiple employees, executive management, or outside third parties the afflicted organization may incur not only significant financial losses but also serious reputational damage.
In many cases, the occurrence of fraud at a public company quickly leads to precipitous declines in stock prices and market capitalization, and may be an early indicator of financial distress. Indeed, fraud and financial distress seem to relate to each other in a "chicken-and-egg" sort of way: fraud can lead to financial distress, but financial distress frequently fuels fraud. Given the serious economic consequences of fraud, senior management and governing boards are increasingly stressing antifraud programs and controls to address key business, regulatory compliance, and marketplace drivers. This renewed global focus on corporate governance and fraud deterrence comes from a realization that fraudulent financial reporting could easily cause an organization to fail.
Internal auditors at major corporations often take the lead to ensure compliance with regulatory matters. The first step usually include completion of a fraud risk assessment. There has also been an increase in the adoption of new roles within many organizations, such as chief compliance officer (CCO) and chief risk officer (CRO). The internal audit function may work closely with the individuals in these new roles. In addition, some chief audit executives (CAEs) may now have the compliance function report to them. As always, in such circumstances, the CAE should carefully navigate around any potential independence or objectivity concerns.