Fraud risk management guidance updated by COSO

By Ken Tysiac

Managing the risk of fraud is a challenge for organizations of all sizes.

A typical organization loses 5% of revenues in a given year as a result of fraud, according to the 2016 global fraud survey results contained in the Report to the Nations on Occupational Fraud and Abuse.

But governing boards, senior management, staff at all levels, and internal auditors can deter fraud in their organizations by following guidance contained in a newly updated Fraud Risk Management Guide published by the Committee of Sponsoring Organizations of the Treadway Commission (COSO), of which the AICPA is a member. The Association of Certified Fraud Examiners (ACFE) is a co-sponsor of the report.

The guide builds upon Managing the Business Risk of Fraud: A Practical Guide, which was published in 2008 by the AICPA, the Institute of Internal Auditors, and the ACFE. The updates consider recent developments in risk management practices, including information related to technology and data analytics.

The guide’s executive summary, which is available at the COSO website, explains that fraud deterrence is achieved when an organization implements a fraud risk management process that:

  • Establishes a visible and rigorous fraud governance process.
  • Creates a transparent and sound anti-fraud culture.
  • Includes a thorough fraud risk assessment periodically.
  • Designs, implements, and maintains preventive and detective fraud control processes and procedures.
  • Takes swift action in response to allegations of fraud, including actions against those involved in wrongdoing where appropriate.

“This research offers tremendous direction as it relates to reducing the extent of fraud in organizations of all sizes and across all industries,” COSO Chairman Robert Hirth said in a news release. “Although it is virtually impossible to eliminate fraud completely, implementation of the principles in this new guide will maximize the likelihood that fraud will be prevented or detected in a timely manner and will create a strong fraud deterrence effect.”

Ken Tysiac ( is a JofA editorial director.


Year-end tax planning and what’s new for 2016

Practitioners need to consider several tax planning opportunities to review with their clients before the end of the year. This report offers strategies for individuals and businesses, as well as recent federal tax law changes affecting this year’s tax returns.


News quiz: Retirement planning, tax practice, and fraud risk

Recent reports focused on a survey that gauges the worries about retirement among CPA financial planners’ clients, a suit that affects tax practitioners, and a guide that offers advice on fraud risk. See how much you know with this short quiz.


Bolster your data defenses

As you weather the dog days of summer, it’s a good time to make sure your cybersecurity structure can stand up to the heat of external and internal threats. Here are six steps to help shore up your systems.