Cast a critical eye as a first step to fighting fraud

^[1]A healthy dose of professional skepticism is essential in fighting fraud, even if it goes against human nature to be skeptical of people we’ve come to trust.

A Crowe Horwath report outlines steps stakeholders can take to encourage such skepticism. It’s important because someone interested in committing fraud will prey on trust, said the report’s author Jonathan Marks, CPA.

“One of the key drivers is that we get comfortable with people,” Marks said. “We give people the benefit of the doubt instead of resetting that level of skepticism.”

Informed skepticism is important for a variety of stakeholders. If board members, finance executives and others challenge their own assumptions, organizations will not only deter fraud but also make detection more likely.

Recent research details some of the obstacles that prevent organizations from effectively fighting fraud. Companies are aware of the potential of data analytics as an anti-fraud tool but have not taken full advantage yet. Companies are suffering from “compliance fatigue” as they attempt to alleviate fraud risk.

Here are Crowe Horwath’s five steps to fighting fraud with professional skepticism:

1. Play the role of the independent reviewer or inspector, particularly of your own assumptions. A professional skeptic continually challenges beliefs and belief-based risk assessments. Critical self-assessment is necessary to demonstrate to others why and how beliefs and assessments are justified.
2. Resist complacency. Question whether you are placing undue weight on previous risk assessments or discounting evidence inconsistent with your expectations.
3. Be alert to pressure. Pay particular attention to pressure to truncate risk-assessment procedures or make unwarranted assumptions for the sake of meeting a deadline.
4. Understand the sources of evidence. Identify and assess risks from multiple perspectives, using multiple sources of evidence.
5. Be aware of the relative reliability of evidence types. In general, documentation from internally generated documents – particularly those generated manually or not linked to other reporting systems – is less reliable as evidence than documents generated by external sources such as banks or suppliers.