COSO Frameworks and Fraud Risks.
Every organisation has goals and objectives that drive decisions and actions for the operation. The COSO Frameworks which are the most popular standards for embedding robust risk management, internal controls and risk assurance systems in the organisations have categorized corporate goals and objectives as Strategic, Operational, Compliance and Reporting. COSO also classified the risks that may impact the achievement of the organizational goals and objectives as Strategic, Operational, Compliance and Reporting risks. Fraud risks and abuses are subcomponents of the Operational Risk Category that can affect the achievement of the operational goals and objectives. However, the devastating effects of fraud risks and abuses can be felt across all the four categories of the organizational goals and objectives. Below is a high-level overview of the COSO frameworks.
COSO brought fraud risk exposures, the assessment and anti-fraud controls into limelight in 1992 when COSO published the COSO Internal Control Framework as a standard for curbing the menace of accounting records and financial statement reporting frauds. The COSO Internal Control publication was induced by the series of corporate failures and scandals involving high profile companies across the globe over the years, particularly the large corporates and public listed companies. Listed below are some of the notable catastrophic impacts of fraud risks and abuses on the victim organisations:
- Erosion of equity shareholders’ value and huge financial loss caused by sharp drop of the stock price, market share and revenue size of the victim organisations..
- Capital and financial market turbulence leading to instability in the national economy.
- Regulatory financial fines and penalties on the victim organisations.
- Reinstatement of the audited financial statements of the victim organisations thereby bringing the victim organizations, employees and statutory auditors into bad repute and being perceived as lacking integrity and competence.
- Delisting of the victim organisations from the stock exchanges and markets.
- Dissolution of the company boards and changes in the executive management positions of the victim organisations
- Economic hardship to the employees, downsizing and job loss,
- Operating license withdrawal of the victim organisations leading to eventual liquidation .
The blog touched relevant knowledge elements but it is too long. Concise blogs pass messages quicker.
Dear Edu,
Thank you for your comments and the improvement needs suggested.
I totally agree with your observations especially when the target is for the experienced internal auditors who may need a quick refresher on the subject.
My thoughts for the long length are to provide reasonable total picture overview and guidance on the subject as a mentorship to the young and less experienced internal auditors and those aspiring to be in the space, and who will need more detailed insight to grasp the concepts, principles and the application in real life. Once again, thank you for investing your time and effort to read my post.