Between 2014 and 2019, improper revenue recognition was cited in 43 percent of the SEC’s accounting and enforcement releases (AAERs), by far the most common type of fraud incident pursued by the agency. Reserves manipulation was the next closest at 24 percent, according to a study by the Anti-Fraud Collaboration, a joint effort of the Center for Audit Quality, Financial Executives International, Institute of Internal Auditors, and National Association of Corporate Directors.
In an effort to help companies to identify and mitigate areas that are susceptible to higher risk of fraud, the group reviewed 531 AAERs filed between January 1, 2014 and June 30, 2019, and found 140 financial statement fraud schemes across 204 enforcement actions. In addition to the types of fraud schemes, the report sorts the information by industries involved, perpetrators, and company size. It also provides suggestions for deterring fraud at a time when COVID-19 heightens the risk of financial reporting fraud.
The report states that there was rarely a single cause for each matter, with each scheme typically encompassing multiple issues. After improper revenue recognition and reserves manipulation, the study identified inventory misstatements and loan impairment issues as the most common frauds. Each was found in 11 percent of the reviewed AAERs. A large number of fraud schemes also included misleading or inaccurate financial statement disclosures, material weaknesses in internal controls, and unsupported journal entries, according to the report.
Industries involved. The group found that technology services companies were the most commonly charged industry and were the subject of 17 percent of the AAERs. Finance companies were charged in 13 percent of the reviewed actions, and energy firms in 11 percent. Nine percent of the AAERs involved charges against manufacturing companies.
The report states that while the SEC frequently charged the company itself, employees also were charged for their involvement in the schemes. CFOs were the most commonly charged employees (54 percent of the time), followed by CEOs (31 percent), the group found.
The size of the company was not a factor in the enforcement actions, the report stated, with issuers of all sizes subject to the AAERs. The SEC brought 79 actions (39 percent) against companies with less than $250 million in market capitalization, and 44 (22 percent) against small-cap companies. Twenty-two of the AAERs (11 percent) involved each of mid-cap and large-cap entities.
Circumstances of the fraud. The group reviewed the contributing factors to the fraud, and found that the SEC often cited the tone set by company management, a high-pressure environment, and a lack of adequately experienced personnel. Based on these observations, the group suggested that boards, audit committees, management, internal auditors, and external auditors should be attuned to both quantitative and qualitative metrics.
COVID-19. The group stated that the kinds of business challenges that were frequently present in enforcement cases such as pressure to meet analyst expectations, increased supplier costs, and slowing demand for products, are exacerbated in times of crisis like the COVID-19 pandemic. The CEO of the NACD said that the report underscores the need for companies to be prepared for the possibility of increased fraud during the current crisis.
Companies have adopted new ways of working that may change operating procedures, segregation of duties, and associated internal controls, which can leave companies vulnerable to emerging fraud risks, the report notes. While some vulnerabilities may arise due to limited accessibility to physical accounting records and inventory, other factors such as an increased sense of urgency or pressure could result in noncompliance with policies and procedures or lack of adherence to internal controls.
The report identifies the following financial reporting fraud schemes that may be more prevalent in the COVID-19 environment:
- Fabrication of revenue to offset losses.
- Understatement of accounts receivable reserves as customers delay payments.
- Manipulation of compliance with debt covenants.
- Unrecognized inventory impairments.
- Over- or understated accounting estimates to meet projections.
- Misleading plans to remain a going concern.
- Improper capitalization and amortizations of costs.
- Big bath write-offs or inappropriate timing of write-offs.
- Intentional failure to disclose the pandemic’s impact (including impact on forecasts of future cash flows and other activities).
- Passing off and falsely disclosing underlying issues as attributed to the pandemic.
- Overstated business interruption insurance claims that sweep in costs unrelated to the pandemic.
- Cookie jar reserves by companies that may be outperforming expectations during the pandemic.
The group concluded that public companies can effectively fight fraud by exercising professional skepticism, focusing attention on high-risk areas across companies as well as on company-specific risks, and conducting regular quantitative and qualitative risk assessments.