article banner
From Where We Sit

Boards and their power: Setting the right culture

Occupational fraud happens more in private companies than their public counterparts. The Association of Certified Fraud Examiners’ 2020 Report to the Nations said that 44 percent of reported frauds occurred in private companies, 26 percent in public companies, 9 percent in nonprofits, and 21 percent in government or other entities. These numbers indicate that having a board of directors and management team that prioritize fighting fraud is crucial.

Most organizations grow complacent with their internal controls that fraud actors can end up easily working around them. More interestingly, the American Institute of Certified Public Accountants said that most of the major damaging fraud cases from the last 50 years were instigated by members of senior management – they circumvented and overrode seemingly efficient systems of internal control.

According to a five-year study on fraud schemes by The Center for Audit Quality and the Anti-Fraud Collaboration which Grant Thornton participated in, four themes emerged: The first is that the most common types of fraud are improper revenue recognition, reserves manipulation, inventory misstatement and impairment issues. The second is that improper revenue appears to be the most prevalent fraud scheme almost every year, and it was among the top two fraud schemes from 2014 through mid-2019. Third, the technology services sector is most commonly charged by the government as finance, energy, manufacturing and healthcare industries also experience frequent accounting and reporting issues. Last is that chief financial officers are the most commonly charged employees, followed by chief executive officers.

Role of the board

The board of directors and senior management must ensure that proper safeguards against fraud are in place. As fraud incidences historically increased during economic downturns, the board’s role is especially significant during these times. They must continue to adapt as fraudsters keep innovating new schemes.

Although boards are expected to be the main champions against fraud, minimizing risk requires participation from all sectors in the financial reporting ecosystem, which includes the board, management and finally, the external auditor. Some strategies being used in fighting fraud are exercising skepticism, focusing on high-risk areas and continuously conducting routine risk assessments. Timely and continuous fraud assessments must be done to address changes in risk environment as well as changes in company’s processes.

How the ecosystem works

When it comes to fraud, actions speak louder than words. This makes setting the tone from the top of the ecosystem (boards and senior management) incredibly crucial. This mindset should trickle down throughout the rest of the company, reaching middle management, internal controls and even the external auditor.

The board and senior management set the culture a company would follow. A culture that is well adapted to the current risk environment that the company is in will help minimize fraud risk or prevent fraud from happening in the company.

Practicing professional skepticism is also necessary. Boards must reiterate that management should circulate cybersecurity and vigilance reminders to employees, customers and stakeholders. Monitoring initiatives by the board should ensure that management constantly instructs employees to verify requests using alternative channels.

Moreover, boards must have a holistic view of internal controls, capturing the changes in the organization, especially new fraud risks that may arise. Internal controls must be adapting to changing work arrangements. Since remote working will most likely last a long time, companies must be ready to finetune protocols to improve internal controls.

Managing fraud

Companies should consider investing on fraud and cyberthreat intelligence tasked to monitor the dark web. This will help uncover information on the activities of fraudsters – the products they buy and sell, their techniques, and if possible, advance notices of future fraud risks.

Analytical tools can also be used by boards. Fraud-detecting technologies such as data matching, anomaly detection and identity analytics must be equipped by management and shared with the board. This can be done on top of data collection and governance. A more proactive data collection leads organizations to be effective in prevention, detection or mitigation of fraud to acceptable levels.

As fraud attempts continue to increase due to the changing business landscape, raising awareness about fraud risk and responsibility among boards, management, internal control and users of financial statements will be a step towards protecting business and its stakeholders.

Gio Belchez is a Managing Consultant of the Advisory Services Division of P&A Grant Thornton. P&A Grant Thornton is one of the leading audit, tax, advisory, and outsourcing firms in the Philippines with 22 Partners and more than 900 staff members. We’d like to hear from you! Tweet us: @GrantThorntonPH, like us on Facebook: P&A Grant Thornton, and email your comments to or For more information, visit our website:


As published in The Manila Times, dated 24 February 2021