Deterring corporate fraud

K.P. SHASHIDHARAN | Updated on: Jun 19, 2011




Unless and until the regulators strictly monitor financial reporting, the proclivity to fudge financial statements would continue.

India Inc.'s ineffective internal controls have been decried, time and again by the Securities and Exchange Board of India (SEBI).

The market watchdog has punished some corporates for inadequate internal control framework to deter market manipulations and insider trading.

Deterrence of illegal acts and fraud requires coordinated efforts by the management, audit committee, and auditors. Falsification of books of accounts constitutes fraud and illegal acts.

Besides illegal acts, corporate frauds can fall into two categories — one leading to falsification of accounting records and the other misappropriation of assets or fraudulent expenditures. Fraud analysts find three causal factors constituting a triangle in all frauds. The best way to reduce the occurrence of fraud is strengthening the internal control system.

Role of auditor

Role of auditors in reporting of fraud is assuming greater significance since the enactment of the Sarbanes Oxley Act, 2002 in the US, which has an overwhelming impact on corporate governance all over the world. It mandates vide Section 404 effective internal control system over financial reporting overseen by Public Company Accounting Oversight Board (PCAOB).

More or less, identical regulations have been introduced all over the world and in India, Clause 49 of SEBI's Listing Agreement also provides for regulations to maintain internal controls over financial reporting.

However, the effectiveness is evaluated by the audit committee unlike by any supreme oversight body equivalent to PCAOB. In India, various regulatory watchdogs such as SEBI and the Reserve Bank of India, oversee compliance in respect of respective regulations.

Though Clause 49 of the SEBI Listing Agreement requires the Chief Executive Officer/Chief Financial Officer to accept responsibility for establishing and maintaining internal controls and to evaluate their effectiveness, it does not elaborate internal control framework or the underlying documentation requirements.

Companies have to identify business processes relating to financial reporting, document the process flows, design of controls, and evaluate their effectiveness.

Management's assertions such as completeness, existence and occurrence, valuation, rights and obligations, presentation and disclosure are linked to control objectives.

Auditor's responsibilities in relation to fraud in a financial statements are elaborated in the Statement on Auditing Standard (SAS 99) by AICPA and its Indian equivalent Standard on Auditing (SA 240) issued by Institute of Chartered Accountants of India (ICAI). Adoption of benchmarked frameworks of the Institute of Certified Internal Auditor's COSO framework, IT audit control framework of COBIT may help in improving controls.

The Association of Certified Fraud Examiners and National Association of Certified Valuation Analysts have also elaborated effective controls to deter fraud.

Most of the companies have no anti-fraud policies. A multi-pronged strategy to take action to prevent corporate frauds when organisations are expanding beyond borders and systems and procedures become complex, the management needs to be more vigilant.

Identification of the fraud vulnerability and actions to detect, control and prevent control deficiencies for effective enterprise risk management by reducing the likelihood of susceptibilities are important.

Lax compliance

As Clause 49 does not elaborate the internal control framework as a mandatory legal requirement unlike SOX Act, most of the companies have a tendency to comply with the bare minimum requirement.

There is a tendency of neglecting internal audit wing, posting comparatively less competent, inexperienced, untrained and unskilled personnel.

Consequently, most of the companies have only namesake control systems that can detect some errors but not effectively geared up to deter fraud.

Unless and until the regulators ensure that the corporates put in place adequate internal control systems and effectiveness of the controls over financial reporting is strictly monitored and also attested by an independent external auditor, the proclivity to fudge financial statements would continue, giving only lip service to internal control framework.

There is therefore a strong case of amending the Clause 49 of SEBI Listing Agreement elaborating the internal control framework, insisting on the maintenance of adequate documentation and monitoring the effectiveness of internal controls for India Inc.

(The author is a Director-General, CAG Office)

Published on June 19, 2011
This article is closed for comments.
Please Email the Editor

You May Also Like

Recommended for you