Fraud risk management guidance updated by COSO


By Ken Tysiac

Managing the risk of fraud is a challenge for organisations of all sizes.

A typical organisation loses 5% of revenues in a given year as a result of fraud, according to the 2016 global fraud survey results contained in the Report to the Nations on Occupational Fraud and Abuse.

But governing boards, senior management, staff at all levels, and internal auditors can deter fraud in their organisations by following guidance contained in a newly updated Fraud Risk Management Guide published by the Committee of Sponsoring Organizations of the Treadway Commission (COSO), of which the American Institute of CPAs (AICPA) is a member. The Association of Certified Fraud Examiners (ACFE) is a co-sponsor of the report.

The guide builds upon Managing the Business Risk of Fraud: A Practical Guide, which was published in 2008 by the AICPA, the Institute of Internal Auditors, and the ACFE. The updates consider recent developments in risk management practices, including information related to technology and data analytics.

The guide’s executive summary, which is available at the COSO website, explains that fraud deterrence is achieved when an organisation implements a fraud risk management process that:

  • Establishes a visible and rigorous fraud governance process.
  • Creates a transparent and sound anti-fraud culture.
  • Includes a thorough fraud risk assessment periodically.
  • Designs, implements, and maintains preventive and detective fraud control processes and procedures.
  • Takes swift action in response to allegations of fraud, including actions against those involved in wrongdoing where appropriate.

“This research offers tremendous direction as it relates to reducing the extent of fraud in organisations of all sizes and across all industries,” COSO Chairman Robert Hirth said in a news release. “Although it is virtually impossible to eliminate fraud completely, implementation of the principles in this new guide will maximise the likelihood that fraud will be prevented or detected in a timely manner and will create a strong fraud deterrence effect.”

Ken Tysiac (ktysiac@aicpa.org) is a CGMA Magazine editorial director.