Risk is inherent in every business. CPAs have a large role to play in strengthening a company's internal controls over financial reporting and ensuring compliance with applicable rules and regulations. As Anthony Chan notes, many companies are going beyond mere compliance to build enterprise risk management programs that can not only detect fraud and prevent control failures but also improve operational effectiveness. He stresses the importance of setting the right tone at the top and having the right people in place to implement a well-designed program.

Fraud is an ever-present problem, and businesses have struggled to both understand it and prevent it. Natalia Mintchik and Jennifer Riley advocate “thinking like a crook”; that is, seeking to understand how fraudsters rationalize their actions might just help CPAs uncover the activity. Accounting standards like the new revenue recognition standard may not seem like they have much to do with fraud detection. But as Douglas Carmichael points out, the standard's new requirements for determining the existence of a contract and analyzing its terms can go a long way in reducing the incidence of some kinds of common frauds.

When CPAs do discover clients or employers violating the law, reporting these actions to the proper authorities can be fraught with difficulties. Retaliation against whistleblowers has long been common, and the available protections for whistleblowers vary greatly by jurisdiction, note Catherine Allen and David Mair. As U.S. standards setters weigh how to adopt standards for the disclosure of noncompliance with laws and regulations, as required under their obligations to international ethics codes, they would do well to consider how the current environment complicates the decision to blow the whistle.