All organizations are susceptible of various risks, which could also be of different magnitudes. A risk is basically the likelihood that an undesirable incident will happen, and as a result jeopardize, tamper or obstruct an organization from achieving stated objectives. The concept of risk assessment relates to strategies that organizations use to identify and determine how risks can be managed effectively. Risks present in many forms; for instance, a company that deals in logistics (movement of goods) can experience immense losses when vehicles are involved in accidents, their business premises are destroyed by fire or other natural disasters. Risks are usually unforeseen, and quite often cannot be stopped. The best thing to do is to always acknowledge that unforeseen incidents are bound to happen, and better prepare for them. Most of the time, most organizations focus on how to recover should such incidents occur. Some organizations set aside finances to deal with the emergencies once they occur while others invest in different insurance schemes. The latter is the most common strategy especially considering that losses that may be experienced when an undesirable event happens may not be mitigated solely by an organization’s savings.
Risk assessment is not just about evaluating the likely impact of unforeseen disasters; rather, it is also about evaluation and focus on internal vices that may affect an organization adversely. In this case, risk assessment is an ideal first step in fraud awareness and mitigation (Association of Government Accountants, n.d). There are different types of fraud that organizations face. For instance, larceny, which refers to theft of personal property, could result into huge losses for companies. This type of theft or fraud could be committed by insiders or outsiders or both working in collaboration. People can break into business premises and steal property of high value. Some employees can also steal from their employers. An example could be in supermarkets or retail stores where employees hide and escape with valuable goods. When such theft is committed for a long time and by many employees, companies will make huge losses in the long run.
Delegate your assignment to our experts and they will do the rest.
Perhaps an industry where fraud is quite prevalent is the shipping industry. In a case about maritime fraud, I identified the common types of fraud in this industry as document fraud of invoices, bunkering fraud of oil, and insurance fraud of entire vessels and cargo. In document fraud, documents are falsified to avoid sanctions and to deliver goods to other parties other than the original recipients. Consumers who anticipate reception of goods but do not get them due to this type of fraud may experience losses and even potential conflict and negative reviews from customers. Bunker fraud usually happens when fuel suppliers use dubious means to pump less fuel than the quantity paid for by ship companies or owners. The fuel suppliers can pump air or heat the oil to expand; although the pumps may show that the right amount of fuel is being pumped into the ship fuel tanks, it may not be the case.
In the above examples and cases of different types of fraud, risky assessment comes in handy. Risk assessment concerns with firstly, evaluating the likelihood of the anticipated risk of happening. To be specific, organizations will assess how and why these risks happen. In document fraud, a company that relies on delivery of cargo to do business should be conversant with the likelihood of such type of fraud happening. If there is a high risk, it is prudent for such a company to always have alternatives so that its business operations do not stall. For bunkering fraud, it is crucial for shipping companies to only rely on fuel suppliers with an outstanding reputation in the industry. In fact, it is best for shipping companies to have their own oil stores or reserves which should be managed by trustworthy and competent personnel. Situations where fuel suppliers have to pump fuel directly to the ship tanks should be avoided or should be kept as minimal as possible.
Detection and deterring of maritime fraud also requires the International Maritime Bureau to review and update their fraud risk management program. It is essential to document who deals with oversight by defining roles, responsibilities, and implementing robust internal controls. After assessing the risk likely to happen in the industry, internal controls such as watermarks, unique ink and paper, or using electronic means to process documentation can help to prevent issues of inflating bills or forgery. Additionally, adequate screening can be done at the hiring process to ensure that those hired have high levels of integrity. Hiring individuals with proficient skills can help identify anomalies such as bunkering fraud.
Conducting risk assessment accrues various benefits. Firstly, management is availed with the opportunity to make objectives more specific in line with the identified risk (American Accounting Association, n.d). Secondly, organizations can evaluate the objectives that need to be achieved and curb the risk associated with each goal. Thirdly, risk assessment creates a clear picture of the likelihood of fraud especially after the assessment has been made for each objective. Lastly, internal controls can be created or adjusted to mitigate high impact risk. In essence, it appears that without risk assessment and consequently creating adequate strategies to mitigate any uncertainties, organizations can fail to meet their goals. For example, when an organization does not have a mechanism to detect and deter fraud, losses may be made progressively and organizations may apply the wrong strategies without identifying the root cause. In the end, an organization may be compelled to close without achieving their objectives.
Risk assessment interacts with other components of internal control to make a whole in various ways. In relation to control environment, risk assessment, and consequently, management is essential in helping organizations achieve their objectives; organizations direct and control operations in order to attain various stipulated goals. This process needs to manage risks to ensure that these goals are attained. Without risk assessment, control activities would fail especially if the management is not aware of the risks associated with particular actions (Committee of Sponsoring Organizations of the Treadway Commission, 2013). Therefore, risk assessment helps identify operations that could jeopardize progress, and consequently control them. In relation to information and communication, risk information is direly needed to effectively communicate how to achieve objectives; as various stakeholders strive to achieve organizational goals, they need to be aware of certain factors and try to avoid, minimize or control them. Lastly, an organization would not effectively monitor its operations and progress if there is no baseline risk assessment to gauge performance. In a nut shell, risk assessment is a focal point from which the other components of internal control are hinged.
In summary, risk assessment is crucial particularly in fraud detection and prevention. Organizations, through the use of risk assessment can evaluate how often fraud occurs, and in what ways. It is also important to note that risk assessment is not just a single evaluation; rather, it occurs on a continuum or progressively. The rationale is that organizations must always desire to improve in fraud detection and as a result, constantly improve on mitigation effects. A robust risk assessment mechanism makes other internal controls to run effectively and efficiently because risk assessment is often a baseline that organizations use to measure performance.
References
American Accounting Association. (n.d.). Risk Assessment. https: //aaahq.org/COSO/Content/COSO-COMP/coso-comp_chapter3
Association of Government Accountants. (n.d.). Fraud Awareness and Mitigation. https://www.agacgfm.org/Intergov/Fraud-Prevention /Fraud-Awareness-Mitigation.aspx
Committee of Sponsoring Organizations of the Treadway Commission (COSO). (2013). [COSO Cube]. https:// inside.sou.edu/ia/internal-controls.html
