The Anti-Fraud Collaboration recently published Mitigating the Risk of Common Fraud Schemes: Insights from SEC Enforcement Actions, which summarizes its study of common financial statement fraud schemes based on an analysis of 204 SEC enforcement actions involving accounting or auditing issues. The study provides observations on higher risk areas that are susceptible to fraud, and insights into what companies can do to more effectively identify and mitigate these fraud risks.
SEC enforcement cases were brought against issuers of all sizes, in multiple jurisdictions and across various industries. Industry sectors most commonly charged by the SEC included technology services, finance, energy, manufacturing and healthcare.
The most common types of fraud identified were improper revenue recognition, manipulation of reserves (e.g., inadequate reserves for known liabilities), inventory misstatement and impairment issues. Fraud schemes also included misleading or inaccurate financial statement disclosures, material weaknesses in internal controls, and unsupported journal entries.
Business challenges that frequently were present in enforcement cases included pressure to meet analyst expectations, increased supplier costs and slowing demand for products — all of which are exacerbated during the COVID-19 pandemic. The SEC also often cited common company-culture-related issues, such as tone at the top, a high-pressure company environment, and lack of adequately experienced personnel.
There rarely was a single root cause for a fraud, as each scheme typically encompassed multiple issues. Keys to protecting companies against fraud include vigilance, a continued resolve to exercise skepticism, and attention to the potential risks. Important takeaways for board and audit committee members, management and internal and external auditors include:
- Be attuned to both quantitative and qualitative metrics
- Learn from the enforcement actions how controls were circumvented, and continue to evaluate the efficacy of internal controls, identify potential weaknesses, and design and implement improvements to internal controls
- Remain focused on the fundamentals—
- Controls, processes and environments that impact financial recordkeeping and decision-making
- Company-specific risks identified through regular risk assessments
In addition, in the current COVID-19 environment, vigilance will include focusing on financial reporting fraud schemes that may be more prevalent, such as:
- Fabrication of revenue to offset losses
- Understatement of accounts receivable reserves as customers delay payments
- Manipulation of compliance with debt covenants
- Unrecognized inventory impairments
- Over- or understated accounting estimates to meet projections
- Misleading plans to remain a going concern
- Improper capitalization and amortizations of costs
- “Big bath” write-offs or inappropriate timing of writeoffs
- Intentional failure to disclose the pandemic’s impact (including impact on forecasts of future cash flows and other activities)
- Passing off and falsely disclosing underlying issues as attributed to the pandemic
- Overstated business interruption insurance claims that sweep in costs unrelated to the pandemic
- “Cookie jar” reserves by companies that may be outperforming expectations during the pandemic