Fraud Risk Assessment
In the simplest terms, the objective of a fraud risk assessment is to help an organization recognize what makes it most vulnerable to fraud. Through a fraud risk assessment, the organization is able to identify where fraud is most likely to occur, enabling proactive measures to be considered and implemented to reduce the chance that it could happen. The strategic reasoning used in conducting a fraud risk assessment requires a skeptical mindset and involves asking questions such as:
- How might a fraud perpetrator exploit weaknesses in the system of control?
- How could a perpetrator override or circumvent controls?
- What could a perpetrator do to conceal the fraud?
- Could this be a false positive or is there a genuine fraud underway?
What makes a Good Fraud Risk Assessment?
1. Collaborative Effort of Management and Auditors
2. The Right Sponsor
3. A Good Working Knowledge of the Business
4. Access to People at All Levels of the Organization
5. Engendered Trust on the Risk Assessors
6. The Ability to think the Unthinkable
7. One Size Does Not Fit All
8. Keeping It Simple
The Risk Assessment Process
We offer Internal Audit services which focus primarily on fraud risks, along with additional focus on revenue leakage, cost overruns and process optimization.
- During the Risk Assessment, we assess the applicable control question, and provide a risk rating on a High-Medium-Low model against Impact and Probability.
- From this set of applicable control questions
- We identify those risks which are already mitigated by existing controls within the organization – Risk Mitigated
- We identify those risks which are accepted by the management, post a cost-benefit analysis – Risk Accepted
- We identify those risks which are open (Open Risks), and shall create a risk tracker, assign risk owner, and follow-up towards closure against agreed target date.
- The Management would receive a Risk Assessment Report, which will include an Executive Summary and a detailed list of Applicable Risks.
Fraud Risk Assessment Framework
The ACFE’s Fraud Risk Assessment Tool can be used by fraud examiners to identify their client’s or employer’s vulnerabilities to fraud.