Roadmap to Fraud Prevention and Internal Control: Creating
a Culture of Compliance
Martin T. Biegelman and Joel T. Bartow
by John Wiley & Sons, 2006; ISBN: 0471739278
416 pages, $39.95 (Hardcover)
by Anthony Tarantino
2006 - Martin Biegelman and Joel Bartow bring to this impressive
work a combined 50 years of public- and private-sector experience
in detecting, investigating, and preventing fraud and white-collar
fraud. Their experience covers a wide spectrum of fraud,
including corporate crime, investment fraud, kickback schemes,
international fraud scams, insurance and healthcare fraud,
organized crime, and violations of the RICO (Racketeer Influence
and Corrupt Organizations) Act. In this process they were
involved with hundreds of prosecutions. Both also assisted
private-sector clients who were victims of corporate fraud
and white-collar crimes in the United States and globally.
book is heavy on real-world experience, case studies, and
proven methods in preventing fraud and white-collar crimes.
It provides realistic steps to create proactive and cost-effective
antifraud programs for companies of all sizes, and will
serve companies well in helping them to comply with a rising
bar of regulatory compliance, satisfy investors, and maintain
a competitive advantage.
work builds on earlier fraud-prevention handbooks to demonstrate
the critical need to create a fraud-prevention culture in
the Sarbanes-Oxley corporate environment. The authors make
an effective argument that it takes years to develop the
internal controls, education, training, and executive “tone
at the top” to realize a truly effective antifraud
program, yet it takes only moments to destroy it.
scandals of the 1990s and the resulting regulatory reforms
have fundamentally changed how white-collar crime is viewed.
Prior to Enron, WorldCom, and similar public-relations disasters,
it was not unusual to look at white-collar crime as much
less threatening to our way of life than violent and blue-collar
crime. But when millions of investors saw their retirement
accounts destroyed, the climate changed to one demanding
greater financial-reporting transparency and vigorous prosecution
of corporate wrongdoers.
authors’ case studies should be seen as eye-openers
in preventing an environment ripe for fraud: a too-large
percentage of accounting staff from temporary agencies;
disparate financial systems; loose audit controls; high
personnel turnover; and aggressive financial goals.
404 of the Sarbanes-Oxley Act (SOX) requires robust internal
controls to maintain segregation of duties and prevent both
fraud and errors. The authors use fascinating fraud stories
and case studies to demonstrate that fraud prevention must
be closely aligned with internal auditors’ efforts
to maintain internal controls. Unfortunately, some internal
auditors still take a passive approach to fraud prevention,
while others see fraud prevention as just an opportunity
to greatly expand the importance of the internal-audit process.
Ironically, despite the high cost of implementing SOX section
404, the authors note that less than 20% of fraud is detected
from internal-control measures.
authors demonstrate that greater corporate compliance, accountability,
and ethical conduct are not only mandated by SOX. They explain
the role of the AICPA , whose Statement on Auditing Standards
(SAS) 99 requires more-robust fraud prevention measures.
They also explain the importance of the historic “Thompson
Memo,” in which former U.S. Deputy Attorney General
Larry Thompson laid out tougher corporate-fraud principles
to guide Justice Department prosecutors. The authors argue
that every CEO and CFO should carefully read the Thompson
Memo and be well aware of the consequences of noncompliance.
authors make a compelling argument for background checks
and whistleblower programs. They demonstrate that employees
are the primary source for tips; about 60% of all tips are
from employees; 20% are from customers; 15% are from suppliers;
and 13% are from anonymous sources. They also argue that
whistleblower programs are better administered by third-party
providers than by internal resources.
though a history of credit and drug problems is a major
factor in creating a motive for fraud, they note that only
about one-third of companies conduct credit checks and less
than two-thirds perform drug screening.
the growth of global trade and outsourcing, fraud risks
outside of the United States are growing. Corruption and
bribes are common practice in much of the world, where Western
notions of financial transparency are neither well understood
nor accepted. The Foreign Corruption Practices Act (FCPA)
imposes heavy fines and jail sentences for U.S. companies
that bribe foreign government officials. Some U.S. companies
have circumvented the FCPA by creating joint ventures to
oversee their dirty work. These schemes will become more
risky with the greater scrutiny that SOX section 404 imposes
on internal controls and that section 409 imposes on joint
ventures and special-purpose entities in general.
authors provide a highly readable and realistic primer for
any company or government agency seeking to establish a
world-class fraud investigation and prevention program in
light of the new compliance environment created by the SEC,
the U.S. Justice Department, and the New York’s Attorney
General’s Office. Their book is also helpful for executives
and middle managers in small to mid-sized companies who
may not realize the threat from fraud or the relationship
between fraud prevention and good corporate compliance.
Additionally, the book is useful to those charged with fighting
fraud as law-enforcement agents and within companies, nonprofits,
and government agencies.
Tarantino, PhD, is the author of The Manager’s
Guide to Compliance (Wiley, April 2006), as well as articles
and white papers on the Sarbanes-Oxley Act, global compliance,
and compliance automation. As an independent consultant and
as a practice lead with BearingPoint (www.bearingpoint.com),
he has led over a dozen compliance automation projects and
post–Sarbanes-Oxley compliance automation projects.