So we've looked at what fraud is, why it happens, and we've touched on how it can happen. In this lesson, we take a very important next step, which is to better understand how to prevent and detect fraud, which will round out your understanding of how opportunity can be minimized. We talked in earlier lessons of internal controls and about the importance of establishing entity level controls and strong corporate governance. Stopping fraud really starts here. fraud prevention and detection is a management responsibility. Management in the board of directors are responsible for setting an ethical tone at the top, which establishes the acceptable ethical behaviors of the organization.

This should result in a code of ethics or a fraud policy, which makes it explicitly clear what is expected of the employee and any repercussions of any fraudulent act. tivity but obviously this is just a first step as management needs to walk the talk as well. Research has shown that the creation of a positive workplace helps to mitigate the rationalization condition we spoke about in the previous lesson, and this often arises when employees feel threatened, abused or ignored. An important part of creating and maintaining this positive work environment is providing employees with a safe outlet to voice their concerns. And the best way to enable this is to set up a whistleblower hotline for employees to report their concerns on an anonymous basis. Obviously, trying to hire employees that are honest is important, which requires effective screening policies and extensive background checks.

Employees should be trained in the company's expectation of ethical conduct, as well as in basic fraud awareness techniques, such as those you're presently learning. The number one way in which frauds are detected is through tips received enabling employees can be the company's Best line of defense to reinforce the ethical culture the company may have the employees reconfirm annually their compliance with the corporate code of conduct. When allegations of fraud arise, it's important that the company be diligent in investigating and responding. This will send a clear message to all employees that fraud is not tolerated. Senior Executives should also approach fraud risk management with five principles in mind. First, management must clarify his expectations of fraud risk within a written policy.

Second, management must assess where the organization fraud risk exposure exists. This would include all the areas in the schemes that we've discussed in previous lessons. Third, management should establish control activities to mitigate progress. These may be company wide controls such as ethics policies and fraud awareness training, or they may be specific to particular areas of risk, such as adequate segregation of duties over Fourth, in addition to the prevention controls detection controls should be implemented. Detective controls include that all important whistleblower hotline, or having internal audit, perform audits of high risk areas or initiate Special Investigations of any unusual activity. And lastly, communication reporting and monitoring of the fraud assessment should be ongoing and continuous internal audit often plays an important role to evaluate whether the fraud controls are operating efficiently and effectively.

There must be a mechanism in place to ensure findings are funneled up to the organization, even to the audit committee as indications of fraud arise regardless of materiality. As chairman of the audit committee. Any tips that are received through the hotline come directly to me, the audit committee has an important oversight role to play. The committee oversees management's fraud risk assessment, as well as the anti fraud programs and controls they implement. The audit committee reinforces that all important towards the top and discusses matters directly with the internal audit function in the absence of management to prevent any interference. The audit committee has the authority and the resources at its disposal to investigate any allegations of fraud.

Note that we haven't said much about the external auditors role in the prevention or detection of fraud. The reason for this is that research has shown that the external audit is not all that effective at detecting frauds. This may come as a surprise to many directors, executives and shareholders who believe that fraud detection is implicit in an audit. However, detecting transactions that have been intentionally concealed and possibly material can be very difficult for the auditors. But with that said the auditors are by no means exonerated from considering fraud during the performance of their audit.