Are We Safe from Financial Reporting Frauds

<p>Corporate America is spending literally billions of dollars to comply with the Sarbanes-Oxley Act of 2002 (SOX),
but the pivotal question remaining is whether the provisions of this landmark legislation will materially improve
the detection and deterrence of fraud committed by senior management. As consumers and shareholders, we will
ultimately shoulder these compliance costs, but will it restore our collective confidence in the integrity of financial
reporting? This is not another article about SOX requirements and compliance; rather, it is intended to address the
underlying issue of its "real-world" effectiveness. Is Corporate America better protected against future senior
management fraud? Are deterrents now in place that would have discouraged the previous wave of accounting
scandals?

</p><h4>Senior Management Frauds Are the Most Costly of All</h4>

<p>Important research in the area of financial reporting fraud was conducted by The Committee of Sponsoring
Organizations of the Treadway Commission (COSO) in its March 1999 report, <i>Fraudulent Financial Reporting:
1987-1997, An Analysis of U.S. Public Companies.</i> The report was a follow-up to the commission's initial 1987
findings in <i>Report of the National Commission on Fraudulent Financial Reporting.</i> The 1999 report by COSO
examined 200 of 300 cases of alleged fraudulent financial reporting by Securities and Exchange Commission (SEC)
registrants as described in its Accounting and Auditing Enforcement Releases (AAER) issued between 1987 and
1997. Among its more prominent findings, COSO reported that in 83 percent of the AAERs it examined, either or
both the CEO and CFO were associated with the financial statement fraud. The average fraud period extended
almost two years, with only 14 percent covering less than a year, and typically involved an overstatement of
revenues and assets. Most companies involved in such frauds were relatively small, with assets generally under
$100 million, according to COSO.

</p><p>In a breathtaking departure from the 1999 COSO report, instances of fraudulent financial reporting since
2000 have extended to Big Board-listed, multibillion-dollar corporations with operations on a global scale. The
recent string of corporate governance scandals that contributed to the downfalls of such giants as Enron, WorldCom,
Adelphia and HealthSouth all resulted from instances (proven or alleged) of financial reporting frauds orchestrated
and then concealed by senior executives.

</p><p>A more recent study of 72 unique instances of financial reporting fraud based on AAERs issued by the
SEC in 1998 and 1999 confirmed that 90 percent of the financial reporting frauds were committed at the senior
executive level.<small>^{<a href="#1" name="1a">1</a>}</small> Of all the types of fraud uncovered in Corporate America, financial reporting fraud committed by
an organization's senior management has undoubtedly been the most costly and most damaging. A recent survey
conducted by KPMG LLP (<i>The Fraud Survey 2003</i>) revealed that while financial reporting fraud is the least
prevalent type of fraud, it is nevertheless the most costly, with an average dollar loss of more than $250 million per
incidence of fraud.<small>^{<a href="#2" name="2a">2</a>}</small>

</p><p>Given the magnitude of financial losses and the negative ripple effect that senior management frauds can
have on creditors' and shareholders' confidence, one cannot help but speculate on the effectiveness of SOX and what
issues, if any, remain unaddressed in preventing such frauds from being perpetrated in the future.

</p><h4>Internal Controls Are Handicapped in Preventing Senior Management Frauds</h4>

<p>Until now, companies have relied on their internal control systems and external auditors to ensure the
integrity and accuracy of their financial statements and disclosures. This reliance has become more pronounced since
the July 2002 enactment of SOX as a major legislative effort to restore the credibility of Corporate America's
accounting and reporting practices. One of the first provisions of SOX that was implemented was §906, which
required that the CEO and CFO each certify the financial statements and disclosures in its quarterly SEC filings,
and which provided for severe financial penalties and jail time as punishment for willful violations of this section.

</p><p>Among its many other provisions, SOX holds senior management accountable for designing,
implementing, evaluating and eventually certifying their companies' internal control systems and procedures.
Section 404 of SOX addresses management's assessments of internal controls and requires that management
include a report of internal control along with its annual report. To put these efforts into perspective, SOX
compliance spending is estimated to exceed $5.5 billion in 2004.<small>^{<a href="#3" name="3a">3</a>}</small>

</p><p>Unquestionably, well-designed-and-implemented internal control systems make it more difficult for
dishonest employees and executives to commit fraud, including financial reporting fraud. However, in light of the
fact that senior management has been charged with the responsibility of designing, implementing and evaluating its
internal control system, there may be serious concerns about how effective a company's internal control system can
be in preventing and detecting fraud committed at the senior executive level.

</p><p>In this regard, we are of the opinion that internal control systems may not be the most effective measure in
preventing and detecting fraudulent financial reporting practices "involving earnings management arising from
improper revenue recognition and overstatement of assets or understatement of liabilities"<small>^{<a href="#4" name="4a">4</a>}</small> because:

</p><ol>
<li>Charging senior executives to design, implement and evaluate an internal control system is, to a certain
extent, the equivalent of having someone design, install and test a security system that he or she may wish to
subsequently thwart.

</li><li>Relying too heavily on internal control systems fails to take into consideration the fact that such systems are
most effective in detecting lower-level accounting frauds resulting from misappropriation of assets "involving
external and internal schemes such as embezzlement, payroll fraud and theft of a company's assets."<small>^{<a href="#5" name="5a">5</a>}</small> In essence,
though misappropriation of assets can occur at any level of a company, it is predominantly committed by
lower- and middle-level employees, and can be prevented or uncovered by implementing low-cost internal
control procedures, such as segregation of duties. However, for internal control systems to effectively deter
senior-management fraud, more complex and costly control mechanisms are necessary due to (a) senior
management's ability to bypass control procedures through overriding the system and (b) the difficulty in
segregating duties generally performed by senior management. This view is supported by <i>The Fraud Survey
2003,</i> which concluded that employee fraud was found to be the most prevalent type (60 percent), while
financial reporting fraud was the least prevalent (7 percent). The survey also indicated that 77 percent of the
frauds were discovered by internal control processes.

</li><li>In an effort to reduce costs, implementing internal control procedures has increasingly been used by management
and external auditors as justification to replace <i>substantive testing</i> of account balances with <i>analytical review procedures.</i> "Substantive testing" means enacting audit procedures that emphasize detailed testing of account
balances, such as confirmation by customers of accounts receivable balances. "Analytical review procedures" are
audit procedures that emphasize analyzing year-over-year changes in account balances for abnormal activities.
However, evidence suggests that of the accounting frauds uncovered by external auditors, most were discovered
through substantive testing of account balances, while only a small portion was discovered through
analytical-review procedures. In our view, this is likely due to the fact that many senior accounting and finance
executives have significant accounting and audit experience. They know exactly how external auditors work. If
senior management is intent on committing accounting fraud, chances are they will go to great lengths to cover their
tracks by making fluctuations in account balances appear as normal as possible in order avoid raising auditor
suspicions.
</li></ol>

One matter in which FTI was intimately involved is American Tissue Inc., a $250 million publicly reporting, fully
integrated paper company. FTI was engaged to assist the company with the preparation of a business plan and
cash-flow projections. Within two weeks, FTI uncovered a major fraud allegedly perpetrated by senior management
and others within the organization. FTI discovered significant overstatement of profits and fraudulent inventory
pricing (inventory unit prices were in excess of the selling price), which led to the discovery of other fraudulent
transactions. American Tissue had reputable accounting firms conducting annual audits, performing underwriting
due diligence and serving as field examiners for the company's lenders—none of whom discovered the fraud. It is
not surprising that the fraud was known within the organization by many individuals. The threatening culture
propagated by certain senior executives was significantly to blame for the fact that many lower-level and mid-level
employees were involved in perpetuating the fraud. This illustrates our point: With substantive testing (actually
looking at the supporting documents), senior management fraud can more readily be discovered.

<h4>Additional Measures Needed</h4>

<p><i>Management Incentives.</i> Most financial reporting frauds committed by senior management involve earnings
manipulation. We believe such fraudulent activity is partly attributable to the mechanisms by which senior
executives are compensated. Most senior executives have bonus programs that are directly tied to sales or earnings
growth targets or their company's stock performance. The stated goal of such incentives is to align senior
management's interests with those of shareholders, but it nevertheless may create incentives to manage or even manipulate financial results for personal gain.

</p><p>A recent incident of such earnings manipulation is the improper recognition of revenue at Computer
Associates International Inc. (CA) allegedly orchestrated by Ira Zar, former Chief Financial Officer; David Rivard,
head of sales accounting; and David Kaplan, divisional vice president and the head of financial reporting. According
to AAER No. 1988, issued by the SEC on April 8, 2004, "through the conduct of certain members of CA
management, including Zar, Rivard and Kaplan, CA engaged in a practice in which CA held its books open after
the end of each quarter and improperly recorded, in that elapsed quarter, revenue from contracts that had not been
finalized and executed before the expiration of the quarter.... For all quarters of FY2000 combined, CA prematurely
recognized over $1.4 billion in revenue from at least 116 contracts that the client or CA signed after the quarter."<small>^{<a href="#6" name="6a">6</a>}</small>
In early April 2004, the three former CA executives pleaded guilty to charges of obstruction and securities fraud. On
April 21, 2004, Sanjay Kumar was asked to step down as CA's chairman and Chief Executive Officer. According to
the <i>New York Times,</i> Kumar, Charles Wang (founder of Computer Associates) and a third executive received $1.1
billion in bonuses tied to the performance of the company's stock in 1998.

</p><p>As most people tend to behave as they are rewarded, management incentive reform may be a powerful
addition to improved internal control systems to curtail financial reporting frauds committed at the senior executive
level. It has been suggested by some that companies may be well served by having compensation packages for their
top executives approved not only by the compensation committee of the board of directors, but also by shareholders
in the annual shareholders' meeting. In addition, instead of short-term financial targets and stock performance,
companies should consider linking their top executive compensation to goals that are more long-term in nature,
definable and specific, and more difficult to manipulate. In any case, the strong public criticism and potential
liability of the NYSE directors that endorsed Dick Grasso's pay package is a loud wake-up call to all directors
sitting on compensation committees that the days of rubber-stamping lucrative executive pay packages—some of
which may inadvertently create such undesirable incentives—are definitely over.

</p><p><i>Ethical Standards.</i> We believe that one of the most important lessons to be learned from the recent
unprecedented wave of corporate accounting scandals is that while the perceived loss of business integrity and
reputation is not easily quantified, it certainly has an impact on corporate valuation. If Corporate America fails to
hold itself to a higher ethical and moral standard, then legislation will—as exemplified by the enactment of SOX.
The capital markets will continue to harshly punish companies with questionable financial reporting practices, as
demonstrated by significant declines in the market valuation of companies involved in even the slightest hint of
accounting improprieties, such as the alleged post-emergence revelations at Global Crossing.

</p><p>Today, the challenge facing senior executives is to instill a new corporate culture that consistently demands
ethical behavior from everyone in the corporation, top to bottom. We recognize that this can be a particularly
daunting task, especially for companies with tens of thousands of employees around the world. But with a sincere
commitment and determination, we believe it is achievable through education programs for both senior executives
and lower-level employees that would provide them with the proper guidance and framework to make the right
decisions when faced with ethical dilemmas.

</p><hr>
<h3>Footnotes</h3>

<p><small>^{<a name="1">1</a>}</small> Cullinan, Charles P., and Sutton, Steve G., "Defrauding the Public Interest: A Critical Examination of Reengineering Audit Processes and the Likelihood of Detecting Fraud," <i>Critical Perspectives on Accounting</i> (2002). <a href="#1a">Return to article</a>

</p><p><small>^{<a name="2">2</a>}</small> KPMG LLP, <i>Fraud Survey 2003.</i> <a href="#2a">Return to article</a>

</p><p><small>^{<a name="3">3</a>}</small> Datamirror Corp, "Experts Examine Auditing Requirements Critical to Sarbanes-Oxley," <i>Market News Publishing.</i> <a href="#3a">Return to article</a>

</p><p><small>^{<a name="4">4</a>}</small> PricewaterhouseCoopers LLC, "Key Elements of Antifraud Programs and Controls." <a href="#4a">Return to article</a>

</p><p><small>^{<a name="5">5</a>}</small> PricewaterhouseCoopers LLC, "Key Elements of Antifraud Programs and Controls." <a href="#5a">Return to article</a>

</p><p><small>^{<a name="6">6</a>}</small> U.S. SEC, Accounting and Auditing Enforcement Release No. 1988, April 8, 2004. <a href="#6a">Return to article</a>