For a good stretch on how to analyze fraud, check out a great article “Beyond the Fraud Triangle,” in The CPA Journal, written by Jack Dorminey, Scott Fleming, Mary-Jo Kranacher, and Richard Riley. This article was mentioned by a commenter in an earlier post.
I heartily recommend the article for all auditors. It goes beyond the standard fraud triangle and provides an overview of several other models, including:
- a four-sided diamond model, which adds capability in addition to opportunity
- a dual diamond which allows for separate analysis of accidental and predator fraudsters
- MICE – money, ideology, corruption, and ego/entitlement – as a model of motivation for high-level, skilled fraudsters that don’t seem motivated by small-scale payoffs
If you want to stretch your knowledge of the concepts, check out those models. Hint for auditors: stretching your brain on fraud is a very good thing to do.
My thoughts:
I’ve only been looking at the article for a little while and I’m scratching my head. The concepts mostly seem to be expanding on either the motivation side of the traditional fraud triangle or the opportunity side. Having said that, expanding the discussion is good idea.
The motivation side, as covered in the audit literature, would seem to cover much of the comments in the MICE model. This does remind us to think beyond money-in-the-pocket for low-level staff and go beyond EPS manipulation for senior level staff.
At first glance, it seems to me the opportunity side covered in both PPC and CCH audit tools include the expanded side of the fraud diamond (capability) and dual diamond (accidental and predator).
One part of the new models that isn’t addressed in the traditional fraud triangle used by CPAs is management override. That is explicitly addressed in the audit literature as a separate issue.
I’m just joining this conversation which has been going for many years. Maybe I’m missing the boat, but my first reaction is the fraud triangle (with added comment on management override) in the current audit literature seems to address the same issues covered in the new models.
None of the models seem to be that helpful for predicting fraud. After reading the article I’m wondering a few things about those new models.
Are you really going to perform a psychological assessment of each member of senior management in terms of their capacity to exploit internal controls and their confidence that they wouldn’t get caught or whether their level of ego is sufficiently large to think they could talk their way out of trouble? That’s necessary under the dual diamond model.
As an auditor, are you going to hang out long enough with each top-level manager to determine how they respond to a variety of situations so you can assess their ability to operate with integrity over time? The time involved for the auditor would be huge and the intrusiveness even larger. That’s necessary in the fraud scale model.
Maybe I’m missing the boat. Looks like I need to do more reading.
Even though I don’t see any of these models replacing what is in the audit literature, it would be very wise for all auditors to read the article and get familiar with some new ways of thinking about fraud.
Next post – organization steps to deter fraud are observable.