Antifraud Programs and Controls
The audit committee should determine that the company has programs and policies in place to prevent and identify fraud. It should work with management to oversee the establishment of appropriate controls and antifraud programs and to take the necessary steps when fraud is detected. The audit committee should also be satisfied that the organization has implemented an appropriate ethics and compliance program and established a complaint hotline.
Ten Areas the Audit Committee Can Evaluate That May Help Mitigate Reputational Risks of Fraud and Corruption
- Integrating risk and strategy
- Crisis management planning
- Comprehensive risk assessment
- Risk tolerance and mitigation planning
- Managing performance and compensation
- Evaluating the tone at the top
- Whistleblower system benchmarking
- Leveraging transaction monitoring and data mining
- Regulatory relationships
- Investigative resources and protocols
Questions about Compliance Programs for Audit Committees to Consider
- Does the audit committee hear directly from the person who has day-to-day responsibility for compliance matters?
- Is the ethics officer independent of the general counsel’s office?
- Does the ethics officer have an adequate budget to do an effective job?
- Does the company regularly and systematically scrutinize the sources of compliance failures and react appropriately?
- How does management take action on reports? Is there evidence of employees being disciplined appropriately and consistently?
- Does the reporting process keep the audit committee informed of ethics and compliance issues, as well as the actions taken to address them? Is ethics and compliance a regular item on the committee’s agenda?
- What type of ongoing monitoring and auditing processes are in place to assess the effectiveness of the program?