The auditor’s opinion outlined in the audit report is done in order to provide reasonable assurance on the truth and fairness of financial statements. Such assurance can further enhance the qualitative characteristics targeted for external financial reports, namely reliability. External users take decisions of a material nature based on the financial statements provided.
Therefore it is reasonable to have some assurance that such reports are correct and comply with relevant standards and regulations. However this report does not provide any indication on the financial health of the organization. This work rests in the hands of a financial analyst who will conduct vertical and horizontal analyses to examine certain financial areas of the company, like financial performance and financial stability. Thus such opinion just provides reasonable assurance that the financial statements are properly prepared and one can rely decisions upon after appropriate financial examination is conducted.
Occupational fraud encompasses misconduct by internal staff to their own financial advantage, which deters the organization from resources that it has ownership rights to. Occupational fraud can be extremely costly to an organization particularly if it is carried out by higher levels of staff especially managerial ones. This is particularly the case for small firms, in which occupational fraud may even lead to the company’s demise.
In this respect such cost element, together with the responsibility over external stakeholders supports the requirements of the Sarbanes-Oxley Act. Indeed a common notion was found among business entities that it is more cost effective to prevent fraud rather than rectify it. A research methodology resting on a survey was carried out among Certified Fraud Examiners, which outlines the point above with other interesting notions.
This research revealed also the importance of effective internal controls that ought to be revised on a periodic basis in order to ensure their respective effectiveness. However, it was noted that tips are normally the most effective medium through which fraud is identified. In non-for-profit making organizations, internal audit together with their respective internal controls are less effective in detecting fraud than the other types of business entities. Even though employees, especially new ones are normally scrutinized as regards their integrity, it was noted that persons engaged in fraud rarely has (only 12 per cent) previous convictions pertinent to fraud.
The Sarbanes-Oxley Act also affects non-for-profit organizations because fraud can also be present in such firms and may thus hinder such business entities in providing effectively the service that they had been set up for. Such act affected non-for-profit entities in five main areas, which are considered below:
- Control Environment – the management of non-for-profit organizations are required to stimulate a conscientious culture in the firm. In this respect it is important that ethical values are properly communicated between staff. In addition, ethical factors like integrity should be considered in the selection of new employees to enhance such culture.
- Risk Assessment – risk assessment policies and procedures should be enacted in the firm to identify and examine pertinent risks for the setting up of effective control activities.
- Control Activities – establish a range of control activities that enhance the safeguarding of assets. Such activities can include segregation of duties, authorizations, verifications and security of assets.
- Information and Communication – the control activities noted above should be enforced through effective flow of communication that enhances information retrieval. Such information should not be accessible by all staff. For example, the sales ledger control account is an appropriate control activity to monitor the recording of debtors in the sales ledger. This control account should be set up in the nominal ledger, which ought to be restricted by a user profile system. Such measure will thus refrain the person responsible for the sales ledger to manipulate the figures of the sales ledger control account in order to hide any fraud committed.
- Monitoring – control activities should not be regarded as an ends in themselves, but should be viewed as a means to an end. Therefore they should be monitored and assessed on an ongoing basis to ensure that they are still effective in hindering fraud. Such activity is normally done by an internal audit department, which is also necessary for non-for-profit firms.
Helle. J. A., 2005. Security Culture and Risk Management is a Management Responsibility, Telenor.com (on line). Available from: http://www.telenor.com/telektronikk/volumes/pdf/1.2005/Page_011-014.pdf (Accessed 10th December 2008).