The pandemic is increasing financial reporting fraud, putting the onus on CFOs to create an organization-wide system that prevents wrongdoing, a coalition of auditing and other oversight groups said in a report released today.
"Financial statement fraud in public companies is real and that risk has only increased during the Covid-19 pandemic," said Julie Bell Lindsay, executive director of the Center for Audit Quality, one of four groups to release the report.
To help ensure the integrity of their company's financial reporting, CFOs can't rely on external auditors as their bulwark against fraud; they must weave protection into the fabric of the organization and exercise the same skepticism toward numbers auditors are trained to do.
"The strongest fraud deterrent and detection program requires extreme diligence from all participants in the financial reporting system," Lindsay said. "Certainly, you have internal and external auditors, but you also have regulators, audit committees and, especially, public company management."
The report looks at SEC enforcement data from 2014 to 2019, a period of relative calm Linsday said can help set a baseline for assessing how much in pandemic-caused fraud regulators will find when they do their post-crisis analysis.
"The timing of this report is really a great way to ... remind all the folks in the financial reporting ecosystem that ... the pressures for fraud to happen are strong right now," she said.
Improper revenue recognition comprises about 40% of wrongdoing in financial reporting, more than any other type, a finding that tracks an SEC analysis released last August.
Companies tend to manipulate revenue in four ways:
- The timing of recognition
- The value applied
- The source
- The percentage of contract completion claimed
The report singles out revenue-recognition manipulation by OCZ Technology Group, a solid-state drive manufacturer that went bankrupt in 2013, as a typical case.
The company had to restate its revenues by more than $100 million after it was caught mis-characterizing sales discounts as marketing expenses, shipping more goods to a large customer than it could be expected to sell, and withholding information on product returns.
The CEO was charged with fraud and the CFO with accounting, disclosure, and internal accounting controls failures.
The report lists three other common types of fraud: manipulation of financial reserves, manipulation of inventories, and improper calculation of impairment.
Reserve issues involve how, and when, balances are changed, and how expenses are classified; inventory issues involve the amounts that are listed and how much sales cost; and impairment issues involve the timing and accuracy of the calculation.
More of these kinds of problems will likely be found to be happening because of the pandemic, the report said.
"This is where all of this comes to a head," Lindsay said. "You certainly can see pressure, because some companies are struggling right now and there can be pressure to meet numbers, analysts expectations."
The pressure finance professionals face is part of what the report calls a "fraud triangle," a convergence of three factors that can lead to fraud: pressure, opportunity and rationalization.
In the context of the pandemic, pressure comes as companies struggle with big drops in revenue; opportunity arises as employees work remotely; and the rationalization for fraud is reinforced by the unprecedented challenges people are facing.
"It could be anything," said Lindsay. "‘My wife just lost her job, so I need to make up for it.'"
The report lists fraud types that analysts expect are rising because of the pandemic:
- Fabrication of revenue to offset losses.
- Understatement of accounts receivable reserves as customers delay payments.
- Manipulation of compliance with debt covenants.
- Unrecognized inventory impairments.
- Over- or understated accounting estimates to meet projection.
About a dozen types in all are listed.
"Past crises have proven that at any time of large-scale disruption or stress on an economy or industry, companies should be prepared for the possibility of increased fraud." the report said.
Lindsay stressed three lessons she'd like to see CFOs take away from the report.
First, the potential for fraud in their companies shouldn't be an afterthought. Second, protection against it is management's responsibility but there's also a role for company's audit committee, its internal auditors and it's external auditors. Third, CFOs and the finance executives they work with, including at the middle management level, must bring that same skepticism toward the numbers that auditors are trained to bring.
"Professional skepticism is a core competency of the external auditor and, quite frankly, the internal auditor," she said. "Management and committee members are not necessarily trained on what it is, but it doesn't mean you shouldn't be exercising skepticism, [which is] asking questions about the numbers that are being reported. Is this exactly what happened? Do we have weaknesses? Do we have areas of positivity? It's really about drilling down and having a dialogue and not just taking the numbers at face value."
In addition to the Center for Audit Quality, Mitigating the Risks of Common Fraud Schemes: Insights From SEC Enforcement Actions was prepared by Financial Executives International, The Institute of Internal Auditors and the National Association of Corporate Directors.