Enhancing Communication to Assist in Fraud Prevention and Detection.
聚焦内部控制中的沟通维度,整合举报文献与审计准则,提出评估沟通系统防舞弊能力的四类特征及研究问题,为审计师和研究者提供参考。
Abstract Increasing pressure to reduce fraudulent financial reporting (fraud) over the past 25 years has resulted in new laws, commission reports, and standards. Improvement of internal control is among the most prominent remedies. For example, SAS 55 emphasized the control environment because existing guidance concentrated on detailed procedures which were generally irrelevant to fraud. Research is supportive of this emphasis. However, critics of SAS 55 (both past and present) question auditor's reliance on the control environment because of ill-defined guidance regarding evidence and because of the apparent reduction of testing based on this reliance. The Committee of Sponsoring Organizations of the Treadway Commission recently issued a lengthy report on internal control (COSO 1992), particularly as it relates to fraud deterrence. The Auditing Standards Board has expressed a preference for COSO over SAS 55 for selected engagements; hence it assumes considerable significance. Even though COSO has assumed a key operational role, the Committee itself calls for further research Into its own assertions. This paper focuses on one of the important dimensions of control noted by COSO: communication. The rationale for good communication to deter fraud seems compelling. That is. fraud involves concealment while communication fosters openness. COSO notes that a key element of good communication includes "upstream" communication. Despite the appeal of communication, COSO offers little guidance to ascertain that such communication is functioning or how auditors might reliably assess that condition. This paper's purpose is to encourage and facilitate effective research into two areas: (1) the characteristics of a communication system that lead to reliable assessment of its ability to deter fraud and (2) how auditors play a role in the system and how they can gain sufficient evidence to rely on the system. It integrates the whistle-blowing literature {which deals with internal and external reporting of wrongdoing) with existing professional internal control and audit guidance related to fraud deterrence. In this regard, it provides a nearly complete overview of relevant research findings from the whistleblowing literature. It develops four categories of characteristics to be considered in assessing control and offers specific questions for research.