An environment of open and ongoing communication with a goal of sharing knowledge, insights, and concerns to enhance the collective efforts is vital in a fraud-resistant organization.
Management should encourage communication between managers and employees at all levels and ensure boards, audit committees, and internal and external auditors are well informed on a timely basis about the company’s operations, strategies, and risks.
Boards and audit committees should ask questions of management, internal auditors, and external auditors to elicit indications of potential concerns related to incentives or opportunities for financial reporting fraud. They should have executive sessions with their internal audit staff, as well as the external auditor, even in the absence of special concerns or significant issues. In addition, they should take advantage of opportunities to interact with managers, employees, vendors and customers to enhance knowledge of the company and possible risks of financial reporting fraud. Internal auditors should conduct regular meetings with senior management, the audit committee, and the external auditor to exchange insights and perspectives. Ongoing, open lines of communication between an organization’s Chief Audit Executive and both management and the audit committee are crucial.
External auditors should promote opportunities for robust conversations with the audit committee on relevant matters, including management’s approach to developing significant accounting estimates and factors considered in the auditor’s assessment of fraud risk. While executive sessions with the audit committee are not required under the auditing standards, they do provide a forum for candid discussion.