The Committee of Sponsoring Organizations of the Treadway Commission or COSO (2014) provides a framework for identifying guidance in risk management, and providing internal controls and fraud deterrence in organizations. This framework can be used to analyze the fraud that occurred in WorldCom, which is one of the largest cases of fraud that occurred in a private organization in the US. COSO provides a system that can be used to not only develop an internal fraud control system, but can also be used to analyze fraud failures and to highlight the major weaknesses that led to the more than 11 billion in fraud that happened at WorldCom (Westhausen, 2010). Here is a breakdown using these principles of the fraud that occurred at this major corporation.
At WorldCom the company operated in an environment where there was pressure from top management, where the pressure came primarily from the CEO to be the number one on Wall Street, but also pressure came from stakeholders, because the company’s stock was at a point where it was half of its “all-time high” and thus, there was a lot of pressure from the CEO Ebbers and by banks to get the company back where it needed to be (Westhausen, 2010). This resulted in unrealistic business targets, and unrealistic schemes including bonuses schemes where a huge number of ridiculous stock options were offered to help motivate management to do something to increase the performance of the company when this was impossible at the time.
There was unreasonable if any assessment of risk, and no processes implemented that were neutral or available for employees to report questionable findings that may have existed in the company at the time. Now, processes including internal processes and external processes as per SOX are mandatory so that whistle-blower tools for example, are available to help mitigate risk and ensure that there are processes in place to help oversee misconduct including overblown stock offerings and bonuses to help reduce risk in instances where a company may be tempted to engage in risky practices (Westhausen, 2010). Other risky practices included the rapid growth of WorldCom, fostered from the 70 acquisitions the company experienced in over 65 countries in a very short time, causing it to move from being a local player to a global player increasing its risk (Westhausen, 2010).
Control activities are necessary to mitigate risk and to reduce the odds of fraud. If control processes including internal and external auditing are not in place, which was not the case at WorldCom, then a company is much more likely to engage in questionable business accounting practices. This is exactly what happened at WorldCom. The company lacked formal methods for reporting and auditing particularly for reporting their losses, and thus had no reason to organize functions that included organizing practices for reporting incidents and no formal reporting methods that would have detected fraud among chief executives. This minimized their risk for detection which is why fraud was possible.
Information and Communication
Information and communication practices are put into place to ensure the legality of accounting operations. Typically external auditors will monitor business practices (Westhausen, 2010; Coso, 2014). These practices have only recently been implemented thanks to new legislation including SOX however. During the time that the WorldCom fraud occurred such practices were not mandatory.
Monitoring may include vigorous regulation and review of activities through internal controls on management, and controls that ensure that accounting functions and management are operating the way they are supposed to (Westhausen, 2010). There are instances when regulations or operating procedures may need to change as a result of internal auditing practices, or because fraud may be detected. Further, weaknesses may be uncovered. None of this was discovered because monitoring was lacking in the case of WorldCom.
- COSO. (2014). Welcome to COSO. Retrieved from: http://www.coso.org
- Westhausen, H.U. (2010). The WorldCom Fraud Under A COSO Magnifier. Fraud Magazine. Retrieved from: http://www.fraud-magazine.com/