Editor’s Note: Robert Stewart is a former Big 4 auditor and ex-Marine who has since served in several executive management roles in both Internal Audit and Corporate Finance. He is also the founder and chief contributor to the online accounting and audit community, The Accounting Nation. Outside of work, he is a husband, father, brother, writer, and woefully inadequate aspiring triathlete.
You can always count on CFO.com for logic flaws and surface reporting. It’s like drinking that concentrated orange juice in a can when you add three parts too much water and then put ice cubes in it because it’s warm, which makes it even more watery which… Where was I going with this?
Oh yeah. In one of their latest articles, entitled “As Internal Audit Staffs Shrink, Will Fraud Rise?“, the author portends — based on a Deloitte survey and subsequent interview — that the decrease in internal audit personnel somehow increases the risk of organizational exposure to fraud. What? Ever hear the phrase “Correlation is not Causation”? Symptom or cause.
Here’s my $0.02: such staffing reductions may increase the risk that fraud will go undetected (though only nominally given that IA only uncovers about 12% percent of frauds according to the ACFE’s Report to the Nation), but the risk to the organization more than likely remains constant, right? Am I missing something here?
After all, Internal Audit is a downstream event unless you make the argument that the organizational perception of being “watched” has diminished with the reductions in internal audit/compliance staffing, thus emboldening would-be fraudsters (i.e. strengthening the “opportunity” leg of Cressey’s Fraud Triangle). But this article doesn’t make that argument.
The article further states that:
Despite the reduction in compliance personnel, 50% of respondents to the Deloitte survey, who included CFOs, CEOs, board members, and middle managers in finance and risk management, said their compliance and ethics programs are strong. Another 36% said they are adequate. Many public companies and some private companies invested significantly in their compliance programs after the passage of Sarbox in 2002, notes Francis, and they may now feel confident that those programs are effective even with a reduced staff. But that confidence may not always be justified.
Confidence? I would hardly call the above percentages “confidence” on the part of the respondents. If I told you that 50% of the airline pilots felt that their pre-flight checklist procedures were strong, how would you feel about flying? No F*#$ing way I’m getting on that plane.
The words wrapped around the survey results and subsequent interview quotes don’t at all support the conclusion that this article is trying to draw. Perhaps it’s because the survey was designed and administered by a firm (Deloitte) that has a vested interest in drumming up some business through fear tactics? After all, you’re never going to hear a burglar alarm company extolling the improvements in public safety.
And you’re never going to hear a company that sells risk-related services conducting and publicly releasing results that don’t support their strategic objectives. Or perhaps it’s just bad writing at CFO.com in order to satisfy a quota? The World may never know (I think the World will be fine with this). Either way, I’ve wasted double the amount of time that I should have on this topic (i.e. read it and wrote about it). And so with that…I bid you adieu.