Corporate Directors as Fraud Detectors

Lora Bentley

When I first saw this Directorship piece published in BusinessWeek, I thought it was more about the FTC's identity theft Red Flag Rules, which I wrote about on Monday. Turns out it has nothing to do with those red flags, but the red flags Michael Ross talks about are also worth attention.

Ross sets out 10 "red flags" that corporate directors who are serious about their roles as fraud detectors should watch for. The first five are paraphrased below.

  • "Those rules are old. They don't apply to us."

Innovation is good when you're talking about products or services, but not good at all when it comes to accounting practices or financial reporting, Ross says. So directors who hear this from CEOs and managers should pay close attention to what's really going on.

  • If something seems too good to be true, it usually is.

Enough said.

  • "Reallocating funds 'just this once' won't hurt."

Well, yes, it could. And if it isn't caught the first time, chances are it will happen again ... and again. What's more, the amount reallocated will typically grow each time. (The same is true of other questionable behaviors, Ross points out.) The more comfortable managers are with overlooking "little things," the easier it is for them to justify more serious fraud.

  • "Everybody does it this way."

Please. That one didn't work when we were 15 and wanted to stay out past curfew, and it isn't valid reasoning now. First of all, everybody probably doesn't do it that way. Secondly, the fact that many do doesn't necessarily make it legal. Ross concedes that "some measure of ethical behavior" is based on common practice, but that's not the only measure.

  • "The lawyers (accountant/boss/other high ranking decision maker) said it was ok."

That may be true. But the very fact that the lawyers had to be consulted raises questions that are worth asking if a director is worth his or her salt. They're paid a lot for their "sound judgment," Ross says, and they should use it.

Add Comment      Leave a comment on this blog post
Jul 29, 2008 9:42 AM Beck Miller Beck Miller  says:
Public disclosures by Boards on compliance with laws and regulations, by CEO's and CFO's on adequate internal controls on safeguarding information assets from criminal acts, by privacy and security statements on complying with federal regulations are inaccurate within the financial industry due to a lack of independent, holistic metrics synchronizing compliance with interconnected federal regulations at the Board level. Applying industry standard CAMELS compliance ratings to the underlying illegal acts, per SEC Section 10a, equals a 4 rating or significant compliance deficiencies due to lack of independent metrics at the Board level. Visit and Information Security Governance Operational Risk Profile Reports. Reply

Post a comment





(Maximum characters: 1200). You have 1200 characters left.



Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.