Firms are neglecting fraud risk management, says survey

Daily news headlines

NEW YORK – Despite six years living under the Sarbanes-Oxley (Sox) regime, firms have made inadequate progress in confronting the threat of corporate fraud, according to a new study by consultant and software provider Protiviti.

Only 49% of executives from Fortune 1000 firms and other large non-profit organisations said their fraud risk management strategy was well defined. The survey also recommends action to improve existent frameworks, as less than half of firms defined their risk management at entity as well as process level.

Sox – the regulatory offspring of the 2001 Enron scandal – is commonly credited with being one of the more punitive examples of regulatory legislation, attracting considerable industry criticism for alleged competitive disadvantages it has created for American firms.

The study shows that despite the regulation’s original fraud focus, fraud risk management is often combined with other aspects of Sox compliance or general audit planning – allowing for sidelining or neglect.

The results caution that this neglect is probably unintentional, with 72% of subjects reporting the importance of fraud awareness and training; few made training mandatory for the board members or internal auditors who require it most.

The researchers highlight the need for ongoing concentration to fight financial crime. Last month, the UK’s Financial Services Authority also reinforced the importance for continued focus on fighting fraud, highlighting the threat that amid market turbulence firms’ fraud risk management could slip in favour of more immediate threats.

  • LinkedIn  
  • Save this article
  • Print this page  

Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.

To access these options, along with all other subscription benefits, please contact [email protected] or view our subscription options here: http://subscriptions.risk.net/subscribe

You are currently unable to copy this content. Please contact [email protected] to find out more.

You need to sign in to use this feature. If you don’t have a Risk.net account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here: