Impact of Risk Management and Internal Controls

Opportunity, pressure, and rationalization are the key identified points of the Fraud Triangle. Within any organization, regardless of size, the risk of fraud can be mitigated by utilizing internal controls (fraud prevention techniques) in order to specifically reduce the “opportunity” for fraud. As the economic climate has shifted in recent years, the “pressure” to commit an illicit act in the workplace has become increasingly prevalent. Unfortunately for small businesses owners, their business is often the target due to limited internal controls, inadequate fraud information and training, as well as infrequent external audits of risk assessment programs.

According to the worldwide survey by the Association of Certified Fraud Examiners 2012 Report to the Nations on Occupational Fraud and Abuse, small businesses exhibit a substantially greater risk for neglecting to implement necessary controls in order to better safeguard their organization than larger businesses (100+ employees).  Many small businesses fail to recognize the inherent value of good internal controls and the subsequent positive impact on the performance of the company, or believe that the cost of such a program exceeds the perceived benefit. However, many anti-fraud controls can be inexpensive and provide cost-effective solutions to help small businesses owners with implementation and process control.

Ways to Improve Internal Control and Fraud Detection:

  • Responsibility and Accountability for Policies
    Assign a person or group of people within an organization the task of developing, documenting, implementing, enforcing, monitoring, and updating risk management policies.
  • Update Risk Assessment
    The process of risk assessment is to establish a risk baseline and to identify new / changed risks as they arise. Updating an internal risk assessment involves periodically identifying these risks and developing appropriate responses.
  • Provide Supporting Resources
    For these controls to work, they must be supported by all levels of the organization, from management through administrative staff. Assigning resources such as personnel, budgets, and other program resources are integral to continued compliance.
  • Awareness and Training
    Specific training for personnel should be required for all employees. As employees have different job roles and responsibilities, the training should be tailored accordingly.
  • Expert Assessment
    Obtaining the assistance and guidance of an expert that is external to the organization can illustrate potential problem areas within an organization. These professionals can provide valuable insight in order to leverage key resources and mitigate fraudulent activities.

About the Author:

John Lash, CFE, CAMS, CSAR, PMP is a Manager of Forensic & Dispute Services at Cowheard, Singer, & Company, PA (Miami, FL). He can be reached at 

John has extensive experience providing investigative and forensic accounting services specializing in economic damage valuations, internal investigations, money laundering and regulatory compliance matters. 

John is a Certified Fraud Examiner, Certified Anti-Money Laundering Specialist, Certified Specialist in Asset Recovery, and Certified Project Management Professional.