Fraud finds: auditors, armed with SOX provisions, chip away at corporate fraud.

• Author: Preber, Bradley J.
• Position: CORPORATEFRAUD

An independent auditor is required to plan and perform an audit to obtain reasonable assurance that financial statements are free of material misstatements, whether caused by error or fraud.

[ILLUSTRATION OMITTED]

Generally accepted auditing standards define the auditor's responsibility related to fraud in Statement on Auditing Standards No. 99, Consideration of Fraud in a Financial Statement Audit (SAS No. 99), which provides guidance in connection with fraudulent financial reporting and the misappropriation of assets.

SAS No. 99 uses a risk assessment approach that includes a discussion among engagement personnel about fraud risks, gathering information to identify fraud risks, assessing fraud risks after considering internal controls and responding to any significant fraud risks discovered.

One of the intended consequences of the Sarbanes-Oxley Act was to help independent auditors fight corporate fraud. Among other things, SOX required the disclosure of company ethics policies, enhanced conflict of interest protections and defined corporate responsibility for the disclosure of fraud to the auditor.

It also called for corporate procedures to collect and investigate whistle-blower fraud claims. Each of these measures has helped auditors identify and assess financial statement fraud risks.

ETHICS, CONFLICTS OF INTEREST

SOX Sec. 406 requires each company to disclose its code of ethics, defined as standards for senior financial officers that are "reasonably necessary to promote:

* Honest and ethical conduct, including the ethical handling of actual or apparent conflicts of interest between personal and professional relationships;

* Full, fair, accurate, timely and understandable disclosure in the periodic reports required to be filed by the issuer; and

* Compliance with applicable governmental rules and regulations."

Additional conflict of interest prohibitions cover corporate loans to officers and directors. If a company has not adopted a code of ethics, it is required to disclose this fact and the reasons therefore.

The communication of ethics and conflict of interest policies by senior corporate officials, together with consistent employee fraud awareness and ethics training, set the tone necessary to reduce fraud risks.

Key executives can be interviewed to determine their knowledge of policies and any efforts taken to ensure communication and compliance by company personnel; training programs can be evaluated and attendance verified; and...