Performance Measured quantitatively and on a short-term basis Measured both qualitatively and quantitatively, and
Critical feedback on a longterm basis
Negative feedback Positive feedback
Supportive feedback
Reporting Routine reports only Exception reporting
Everything documented— a rule for everything Adequate documentation, but not burdensome—
Formal, written, stiff, pompous, ambiguous internal some discretion allowed
communications Informal, oral, clear, friendly, open, candid internal
communications
Primary Management Concerns Preservation of capital Human, then capital and technological asset
Profit maximization utilization
Profit optimization
Corporate Fraud Environment: Potential for Fraud
Factors High Fraud Potential Low Fraud Potential
Reward System Punitive Reinforcing
Penurious Generous Fairly administered
Politically administered Recognition, promotion, added responsibility, choice
Mainly monetary assignments, plus money
Business Ethics Ambivalent: rides the tides Clearly defined and regularly followed
Human Resource Problems High turnover Not enough promotional opportunities for all the
Burnout talent
Grievances Absenteeism
Financial Concerns Cash flow shortage Opportunities for new investments
For financial statement frauds, clearly the executives of the entity are
the most likely would-be fraudster and thus a risk assessment would
necessarily include those individuals. For asset misappropriation, an
employee in a trusted position is likely to be the culprit. For corruption,
it might be the same but it includes somebody outside the entity
working with someone inside—a unique characteristic of corruption
schemes.
Faktor Internal
Internal factors that enhance the probability of fraud, theft, and embezzlement include inadequate management controls or
monitoring activities such as the following :
- Failure to create an honest culture
- Failure to articulate and communicate minimum standards of performance and personal conduct Kegagalan untuk
mengartikulasikan dan mengkomunikasikan standar minimum kinerja dan perilaku pribadi.
- Inadequate orientation and training on legal, ethical, fraud, and security issues
Orientasi dan pelatihan yang tidak memadai pada hukum, etika, penipuan, dan masalah keamanan.
- Failure to counsel and take administrative action when performance level or personal behavior falls below acceptable standards, or
violates entity principles and guidelines
Kegagalan untuk mengambil tindakan administratif ketika tingkat kinerja atau perilaku pribadi turun di bawah standar yang dapat diterima, atau melanggar prinsip
dan pedoman entitas.
- Ambiguity in job roles, duties, responsibilities, and areas of accountability
Ambiguitas dalam peran pekerjaan, tugas, tanggung jawab, dan bidang akuntabilitas
- Lack of timely or periodic audits, inspections, and follow-through to ensure compliance with entity goals, priorities, policies,
procedures, and governmental regulations; generally speaking, a lack of accountability over key positions of trust
Kurangnya audit tepat waktu atau berkala, pemeriksaan, dan tindak lanjut untuk memastikan kepatuhan dengan tujuan entitas, prioritas,
kebijakan, prosedur, dan peraturan pemerintah;secara umum, kurangnya akuntabilitas atas kunci posisi kepercayaan
RISK ASSESSMENT BEST PRACTICES
Untuk mengembangkan penilaian risiko yang efektif, manajemen harus mengambil pendekatan yang formal :
• Leaders
• Team