The expression “tone at the top” is well established now and for good reason as it neatly encapsulates a complex idea into a few commonsense words. In a business sense, tone at the top most often refers to how executive management comports itself with regard to behaviors that effect everything from human resources to marketing messages or from operations to the strategic plan. When it comes to financial reporting the effect and importance of tone at the top only increases as the ramifications of errors in financial reporting become existential and certainly rise to the level of board issue.
Top management, starting with the CEO, sets the tone and establishes the financial reporting environment. Properly setting the tone at the top of a business sends a clear message, reinforcing management’s commitment to integrity and ethical values. Usually these messages communicate downward throughout the enterprise whereas, in fact, when dealing with issues of financial reporting, the possibility of fraud or material misstatements, the messaging of strict adherence to accounting rules and regulations might also emanate directly from the audit committee or the entire board of directors.
ADDITIONAL STORIES IN THE DIRECTOR’S GUIDE TO LIABILITY:
Risks Rising
Litigation 101: You’ve Been Sued. Now What?
The Ultimate Insurance Check List
The D&O Glossary: Litigation Terminology Every Director Should Know
There is no point in rehashing the well-known horror stories of Worldcom or Madoff. In fact, so infamous is the Enron case that it was the subject of a Tony Award-nominated musical on Broadway. Nor does it attempt to explain the Sarbanes-Oxley Act of 2002 (SOX) except to say that SOX was passed to increase confidence in the public’s ability to rely on audited financial statements; and that it has increased the Audit Committee’s responsibilities. What might be helpful, rather, is to take a basic look at the way in which an accounting firm views the meaning of financial fraud in its audits and, significantly, in training audit staff.
What is fraud? In criminal law, fraud is the crime or offense of deliberately deceiving another in order to damage them—usually, to obtain property or services from them unjustly. Fraud is intentional. There are two types of fraud that auditors consider that boards should be aware of: financial reporting fraud and misappropriation of assets.
Misstatements arising from fraudulent financial reporting are intentional misstatements or omissions of amounts or disclosures in financial statements designed to deceive financial statement users. This may be accomplished by manipulation, falsification, or alteration of accounting records; misrepresentation in or lack of disclosure of events, transactions, or other significant information; or intentional misapplication of accounting principles.
Misstatements arising from misappropriation of assets involve the theft of an entity’s assets, which impacts a company’s financial condition and results of operations and may result in a misstatement in the financial statements. Misappropriation of assets can be accomplished in various ways—embezzling receipts, stealing assets, causing an entity to pay for goods or services that have not been received or causing an entity to make a payment based on conditions that were not truly met.
While it is the auditor’s role to take fraud into consideration during the audit of financial statements, it is management’s responsibility to design and implement programs and controls to prevent, deter and detect fraud. Understanding the fraud risk factors may be of most value to boards. Fraud risk factors, which are set forth in the Statement on Auditing Standards No. 99 (SAS 99), are conditions that may indicate a greater risk that fraud exists at a company.
Fraud risk factors include incentives and pressures, opportunities and rationalizations or attitudes. For instance: a CEO who owns stock or options and a CFO with a bonus tied to financial targets have incentive to help the stock price increase so he or she can benefit financially poor internal controls, accounting subject to estimation and judgment, related party transactions and financial reporting dominated by one individual create opportunities to commit fraud; borrowing revenue from next quarter or waiting until next year to write off bad accounts receivable justified as “timing differences.” This is a rationalization. This is the way fraud typically happens— it starts small with the intention of fixing it next period and spirals out of control.
Board members today need to know and understand that their companies have effective internal controls in place to help prevent financial fraud from occurring, to identify suspicious reporting activity and to establish clear lines of communication with the firm’s auditors and its office of general counsel. An important part of assessing a company’s susceptibility to fraud is the consideration of the existence of fraud risk factors. Board members would be well advised to familiarize themselves with specific examples provided in the appendices to SAS 99 and consider them in light of their company’s corporate policies, internal control processes, compensation arrangements and business relationships.
Following these simple steps sets a tone that will promote an environment in which accounting rules are followed and the chances of fraud are greatly reduced.
Robert Levin is a partner at Eisner LLP.