In this episode of THE SAMPLE, Leita Hart-Fanta, CPA describes the three dimensions of the fraud triangle and how it can help you on an audit.
Welcome to The Sample, a quick discussion of auditing concepts and terms that will help you do your work. Conducting an audit in accordance with auditing standards is no small feat and I want to support you. We’ll be referring to the GAO, IIA and AICPA literature to bolster our conversations. Let’s get started.
In this episode, we answer the question, “What is the fraud triangle?” Well, literally it is a triangle. It’s a model, promulgated by the Certified Fraud Examiners, that tells us who will be prone to committing fraud. It can be anyone in our organization, but in government, it’s a little bit tricky in that it’s not just the employees of our organization or the leaders of our organization that could commit fraud, but also the public. Think of all the fraud that goes on with Medicare, Medicaid – they’re huge government programs and the public takes notice of that and defrauds the government and therefore the taxpayer, right?
Remember from a previous video, we talked about our due diligence procedures for fraud, and we’ve got these mandatory steps that we go through. I call it the audit trifecta. I like to use the fraud triangle when doing the risk assessment, to help me evaluate the likelihood of a fraud occurring, like, “Who would do this? Why might they do it?” But you can also use it (and there’s no wrong answer here). You can also use it while you’re considering influences that could make a fraudster be a little bit more motivated to commit fraud. No matter where you use it, just make sure you do consider it as you go through your due diligence procedures.
Now, the three facets are opportunity, which as an auditor, I’m thinking, “Oh, that means you don’t have any controls in place; where you’ve got weak controls that are putting up barriers to the fraud committing fraud.” Now we all know that no matter how wonderful your controls are, a determined fraudster will figure out a way around them. But at least we don’t want to make it obvious that they could just take things from us.
Then there’s rationalization, where the fraudster comes up with some kind of rationale for why they think stealing is okay. Now this one’s really hard for me to work with because you can’t get in a fraudster’s head. But that is part of it.
And then there’s pressure. Now this is something we can see as auditors a little bit better than we can see rationalization, so I’m going to say we can see as auditors opportunity and pressure.
The AICPA tries to help us here, in their Single Audit Guide. This does sound pretty federal grant oriented, but I’d like you to consider these factors anyway on your audit because I think they could, if you just change them a little bit, could be applied to any government situation:
- Under pressure, which again is something we can see, maybe they’re suffering political pressure.
- Maybe there are changes in program legislation or regulations.
- Maybe this is a new pot of money and they’re being asked to spend it right away. Right?
- Maybe there’s a competitiveness for federal awards, so they want to look as good as possible so they continue to get the funding.
- Maybe there’s a stagnant revenue situation going on or complex or vague compliance requirements.
- Maybe their compensation or performance appraisals are linked to their accomplishments with these programs, which would motivate them to exaggerate their accomplishments. And of course that’s fraud.
- Maybe there are unrealistically aggressive budget or programmatic goals.
- Maybe there’s some kind of incentive to shift costs. Man, I’ve seen all of these things in government. HA HA!
- Maybe there is declining revenue or increasing expenses. Man, I think we all feel this pressure, right?
- Maybe there’s pressure to obtain additional funding in order to keep your service levels where they are because of that increasing expenses issue.
- Maybe they’re being threatened with termination of the program. Boy, if that’s happening, there’s a lot of pressure there.
The AICPA also came up with some ideas for attitudes or rationalizations that could make someone more prone to commit fraud, such as ineffective communication on the team. Boy, do I see that a lot! We all see that!
Subrecipients or subcontract relationships, which are not actually necessary. Management is just not interested. Management is just not interested in following federal award regulations. It happens. People that are not actually inside our organizations – they are not executives, they are not part of the team – have influence on the work of the team. Or, an attitude among programmatic personnel that they are due some kind of benefit from the program. Those are good things to think through as you are doing your fraud brainstorming and your due diligence procedures.
So, that was a little bit about pressure, a little bit about rationalization.
Now, again, as I mentioned before, when it comes to opportunity, I think what we should be doing, of course, is trying to reduce the temptation of our employees, of our leaders, of the public, to defraud the program. The way that you reduce that temptation is you put in additional controls.
Now, here’s the COSO model. I’ve done multiple videos on this one so I’m not going to do it again, but this is the ideal control structure. So, consider that when you’re looking at your risk assessment, especially right here. You are going to apply the COSO model and you’re going to ask yourself, “Is there an opportunity for someone or some organization to defraud us because we don’t have enough controls in place?” \
You’re welcome that I’m not talking about the COSO model again, in this particular video!
Would you like to learn a little bit more about this topic and earn some CPE at the same time? Check out our fraud bundle for more information; it’s available on the website and it’s over 20 hours of continuing education credit, three different courses. We cover the fraud tree, the fraud triangle, the audit trifecta and the COSO model.
That wraps it up for another episode of The Sample. True to the nature of a sample, we didn’t talk about everything, so you’ve probably got questions. Write to me firstname.lastname@example.org and I’ll do my best to fill in the blanks. Thanks for playing.
For More Info: