Preventing fraud 's effective internal controls

  • 2009-07-08
  • By Giedre Rackauskaite [Jurevicius, Balciunas & Bartkus]
The purpose of the financial statement audit is to provide a reasonable (not absolute) assurance that the key financial numbers are without material misstatement. Thus, there is a remote possibility that even well planned and executed audit procedures will not catch certain covered misstatements and the financial statements will provide misleading information. In most cases, the main reason behind such misstatements is fraud* related. It is the responsibility of the company to ensure that the risk of fraud related misstatements is minimized.

In this article we will quickly examine an example of how to effectively reduce the risk of fraud in the area of procurements and cash disbursements (commonly known as accounts payable activities). For the purpose of this example, consider a company, lets say ABC, which is buying certain supplies from a wide range of suppliers.

Typically, an accounts payable clerk receives all outstanding invoices from the suppliers and processes them for payment. Because there are a number of different suppliers, the company's accounts payable clerk can easily create a false invoice payable to itself (or somebody else in other companies) and fraudulently receive payments from the company. In the same manner, the accounts payable clerk can modify the invoices and submit them for amounts greater than the value of the service/goods received.

That way, the clerk might be engaged to defraud the company with the help of others and expect to receive a portion of the premium paid as a return for the modified invoices. In both of these ways, ABC is deceived and the clerk (along with the others involved) has received personal gain. In addition, the company's financial statements are misstated 's the expenses are overstated and the net profit is understated. This could have an affect on the company's taxation and could have an adverse effect with the tax authorities.

There are ways that the company can easily prevent this type of fraudulent scheme through effective internal controls. The first thing is to establish a segregation of duties within the company. From our example, company ABC should firstly segregate the ability of the accounts payable clerk to receive and process the invoices for payments. The company ABC should have one person who processes the received invoices and a separate person who approves them for payment.

In addition, the person who processes the invoices for payments should not approve any invoices until all relative documents are presented. To ensure that all relative documents are received, the approver should perform a 3-Way Match procedure. During this procedure, the approver should compare the amounts on the Purchase Order, Goods Received Slip (or any other receipt of the goods/services) and Invoice.

That way the approver can see whether the company is paying for something that was ordered and received. Any discrepancies should be immediately investigated and any related invoices should not be processed for payment.

Finally, the company should establish an invoice payment approval matrix. It would provide the guidance and the amounts that a certain individual in the company can approve. For example, an invoice for less than 1,000 euros can be approved by an Accounts Payable Manager while an invoice greater than 15,000 euros must be approved by the Director of Finance.
While these controls do not necessarily ensure that all fraud related activities would be prevented, effective internal controls makes the ability to defraud the company a very challenging task. It provides the documentation trail of all the transactions for additional review.

In addition, the documentation as well as relative controls can be tested by internal or external auditors to ensure that the controls are operating effectively. Periodic testing of these controls can help the company prevent fraud in the procurement system as well as stop any fraudulent activity before it becomes significant in terms of materiality.
Finally, the company as well as external auditors should monitor the list of suppliers to ensure that no invoices are paid to unknown suppliers.

With the help of effective internal controls, the companies can avoid the significant misstatements that would otherwise provide misleading information about the financial key figures.

* Fraud is an intentional deception made for personal gain or to damage another individual.

Giedre Rackauskaite is a lawyer at Jurevicius, Balciunas & Bartkus, a member of Baltic Legal Solutions, a pan-Baltic integrated legal network of law firms including Glikman & Partnerid in Estonia and Kronbergs & Cukste in Latvia, dedicated to providing a quality "one-stop shop" approach toclients' needs in the Baltics.