Security Blanket #7 – We Do an Audit Every Year

Nov 1, 10 • UncategorizedNo Comments

We do an audit every year.  Our auditors would have told us if anything was wrong…”

One of the mysteries of the Enron scandal was how could an auditing firm issue a clean opinion on the company only to have it collapse shortly after.  One of the reasons, in my humble opinion, is an expectation gap that exists between the accounting profession and the public. 

While it is true that an audit is “one” brick in the wall of fraud protection, discovering fraud is neither the primary nor the only task of the auditor.  CPAs are charged with assessing the risk of fraud of their audit client, but their primary task is to express an opinion of the financial statements of the client taken as a whole.  So, if having an outside audit is the only form of fraud prevention a church engages in, then the church is woefully unprotected.

Statistics generated by the Association of Certified Fraud Examiners bear this out.  Based on actual fraud cases reported to the ACFE, a certified audit was one of the least effective means of fraud detection.  Based on reported cases the Association reported that:

 49% of the fraud cases were detected by anonymous tips

25% were uncovered by the internal controls of the victimized organizations

11% were discovered by accident

However, external audits only accounted for 13% of the fraud cases discovered, not much above the fraud cases discovered by pure dumb luck.

The lesson is this. Don’t depend SOLELY on your auditors to prevent fraud.

Interested in an objective Fraud Risk Assessment to complement your independent audit?  Contact us today about scheduling one of our many Best Practice Engagements at 

One of the mysteries of the Enron scandal was how could an auditing firm issue a clean opinion on the company only to have it collapse shortly after.  One of the reasons, in my humble opinion, is an expectation gap that exists between the accounting profession and the public. 

While it is true that an audit is “one” brick in the wall of fraud protection, discovering fraud is neither the primary nor the only task of the auditor.  CPAs are charged with assessing the risk of fraud of their audit client, but their primary task is to express an opinion of the financial statements of the client taken as a whole.  So, if having an outside audit is the only form of fraud prevention a church engages in, then the church is woefully unprotected.

Statistics generated by the Association of Certified Fraud Examiners bear this out.  Based on actual fraud cases reported to the ACFE, a certified audit was one of the least effective means of fraud detection.  Based on reported cases the Association reported that:

 49% of the fraud cases were detected by anonymous tips

25% were uncovered by the internal controls of the victimized organizations

11% were discovered by accident

However, external audits only accounted for 13% of the fraud cases discovered, not much above the fraud cases discovered by pure dumb luck.

The lesson is this. Don’t depend SOLELY on your auditors to prevent fraud.

Interested in an objective Fraud Risk Assessment to complement your independent audit?  Contact us today about scheduling one of our many Best Practice Engagements at at (817)664-3000 or email us using our contact form.

Security Blanket #6 – Our Finance Committee Looks at Everything…

Oct 28, 10 • UncategorizedNo Comments

Our Finance Committee looks at everything…”

On the surface, this sounds reasonable.  But, it all hinges on how one defines “everything.”  The success of this statement in preventing or discouraging fraud depends totally on exactly what the finance committee or elders are given.

Often, in the interest of expediency, those charged with the financial oversight of a church are simply given summary reports of their church’s financial activity.  And many times, these summary reports consist of financial highlights generated by spreadsheet software like Microsoft Excel.  These programs are very powerful and have their place in the financial operations of a church, but they also have two significant limitations:

First, they are extremely easy to manipulate.  Spreadsheets can be changed at will and their accuracy is totally dependent on the integrity and competence of the preparer.

Second, spreadsheets leave no “audit trail” like formal general ledger accounting systems.  An embezzler can change numbers indiscriminately without leaving any “fingerprints.”

These two features make it easy for a thief to steal and cover themselves as long as church leadership is content to receive only a summary of their church’s financial results.  In order to shield against fraud, the financial records presented to a church’s finance team must be comprehensive. At a minimum, the financial reports given to leadership should include:

                A statement of financial position (Balance Sheet)

                A statement of activities (Income Statement or Budget Report)

                A statement of restricted fund activities

We caution against providing TOO much data, as it can have the tendency of being only cursorily reviewed.  That notwithstanding, more can clearly be added to this list, even some helpful spreadsheets from Excel.  But anything less than the minimum opens the opportunity for a fraud portal…

Interested in finding out how your reporting package measures up?  Contact us today about an internal financial reporting review or other Best Practice Engagements at (817)664-3000 or email us using our contact form.

What Can We Do For You?

Get In Touch →