Times may change and fraud schemes may evolve with those changes but for the most part, the root cause and therefore the subsequent behavior of would-be fraudsters generally remains the same. As the Journal of Accountancy wrote way back in 2000:
It’s said that accountants’ predecessors were the scribes of ancient Egypt, who kept the pharaohs’ books. They inventoried grain, gold and other assets. Unfortunately, some fell victim to temptation and stole from their leader, as did other employees of the king. The solution was to have two scribes independently record each transaction (the first internal control). As long as the scribes’ totals agreed exactly, there was no problem. But if the totals were materially different, both scribes would be put to death. That proved to be a great incentive for them to carefully check all the numbers and make sure the help wasn’t stealing. In fact, fraud prevention and detection became the royal accountants’ main duty.
Harsh. I bet if the PCAOB had the legal authority to hand out the death penalty, audit failure rates would drop to zero almost overnight.
From that same article:
From the time of the ancient pharaohs until the turn of the 20th century, auditors were responsible for fraud prevention and detection. In the original edition of Robert H. Montgomery’s classic textbook, Auditing Theory and Practice (1912), the author stated that in “what might be called the formative days of auditing,” students were taught that the primary purposes of an audit were “the detection or prevention of fraud” and “the detection or prevention of errors.” However, later textbooks and accounting theory took a different tack, largely out of necessity. Huge conglomerates had formed and financial transactions became so numerous they could not all be examined. Accrual basis accounting became common and, as a result, reporting issues became a top priority for the profession. Vouching each transaction from “cradle to grave”—which catches and prevents many frauds—was discontinued. Fraud detection or prevention was relegated to a secondary role.
Now, most of us ("us" meaning you, me, Colin, Sam Antar, dumb audit students posting repetitive questions on Reddit and let's just throw my cats in too because they are fairly smart) already know audits aren't meant, at their core, to detect fraud. If you happen to find some, cool. But that's not what you're there to do.
The ancient scribes were influenced by the principles of the Fraud Triangle without anyone even knowing it. Perhaps that's why the fraud triangle is still a basic but important part of understanding fraud to this day.
Two individuals who probably deserve the most credit for the fraud model are early criminology researchers Edwin Sutherland and Donald Cressey. Sutherland developed the "differential association" theory of why people commit crimes. In his view, criminal behavior is linked to a person's association with a criminal environment. He believed that people encounter various social influences throughout their lives. Some individuals have social interactions with individuals having criminalistic tendencies and so become criminals as a consequence of this association. The major elements of Sutherland's differential association theory can be summarized as follows (Sutherland and Cressey, 1978):
- Criminal behavior is learned; it's not inherited, and the person who isn't already trained in crime doesn't invent criminal behavior.
- Criminal behavior is learned through interaction with other people through the processes of verbal communication and example.
- The principle learning of criminal behavior occurs with intimate personal groups.
- The learning of crime includes learning the techniques of committing the crime and the motives, drives, rationalizations and attitudes that accompany it.
- A person becomes delinquent because of an excess of definitions (or personal reactions) favorable to the violation of the law.
We may never fully understand why individuals commit fraud. Even if we understand the basics, broken down in the simplicity of the Fraud Triangle, what compels otherwise reasonable individuals to take it even further by, say, trying to kill their boss so their fraud isn't brought to light? "You might point to the embezzlement as a motive, but who commits murder to cover up a petty theft?" asks the defense attorney of the former Michigan CPA accused of killing his boss over theft.
So, on that note, is it time to update the Fraud Triangle? Are there new, untested threats to financial reporting being overlooked while auditors are busy checking boxes? Or are the ancient scribes of Egypt, the Bernie Madoffs, the Eddie Antars, and the modern day auditors all in the exact same camp?