Professional Documents
Culture Documents
(USED) Corporate Governance Fraud Prevention in UEA
(USED) Corporate Governance Fraud Prevention in UEA
Corporate governance and information technology in fraud prevention and detection: evidence from the
UAE
Sawsan Saadi Halbouni Nada Obeid Abeer Garbou
Article information:
To cite this document:
Sawsan Saadi Halbouni Nada Obeid Abeer Garbou , (2016),"Corporate governance and information technology in fraud
prevention and detection: evidence from the UAE", Managerial Auditing Journal, Vol. 31 Iss 6/7 pp. -
Permanent link to this document:
http://dx.doi.org/10.1108/MAJ-02-2015-1163
Downloaded on: 09 May 2016, At: 23:18 (PT)
References: this document contains references to 0 other documents.
To copy this document: permissions@emeraldinsight.com
The fulltext of this document has been downloaded 7 times since 2016*
Access to this document was granted through an Emerald subscription provided by emerald-srm:121184 []
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
For Authors
If you would like to write for this, or any other Emerald publication, then please use our Emerald for Authors service
information about how to choose which publication to write for and submission guidelines are available for all. Please
visit www.emeraldinsight.com/authors for more information.
About Emerald www.emeraldinsight.com
Emerald is a global publisher linking research and practice to the benefit of society. The company manages a portfolio of
more than 290 journals and over 2,350 books and book series volumes, as well as providing an extensive range of online
products and additional customer resources and services.
Emerald is both COUNTER 4 and TRANSFER compliant. The organization is a partner of the Committee on Publication
Ethics (COPE) and also works with Portico and the LOCKSS initiative for digital archive preservation.
sawsan.halbouni@cud.ac.ae
Nada Obeid
University of Sharjah
College of Business Administration
Accounting Department
Sharjah, UAE, PO Box 27272
Abeer Garbou
University of Sharjah,
College of Business Administration
Finance & Economics Department
Sharjah, UAE, PO Box 27272
* Corresponding author
1
Abstract
Purpose: This study investigates the role of corporate governance and information technology in fraud
prevention and detection within the United Arab Emirates.
Design/methodology/approach: This study uses a survey of financial accountants and internal and
external auditors to assess their perceptions of the effectiveness of IT and corporate governance as
measured in terms of the audit committee’s effectiveness, internal audit functions, external audit
functions, culture of honesty and employee training programmes in preventing and detecting fraud in the
UAE.
Findings: The results indicate that corporate governance has a moderate role in preventing and detecting
fraud in the UAE and that IT has the same role as traditional fraud prevention and detection techniques.
The results also show no significant difference between internal and external auditors in their use of
technological and traditional techniques during the course of audits.
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
Research implications/limitations: The findings suggest that the senior management and boards of
directors must better understand the importance of their oversight function. The finding that a culture of
honesty has a low positive impact on fraud prevention and detection in the UAE indicates that chief
executive officers and boards of directors must make more efforts to set the ‘tone at the top’ to improve
the corporate environment in terms of integrity and ethics, among other factors. Furthermore, as IT and
traditional techniques provide the same function, senior management and boards of directors must be
alerted to the importance of developing systematic approaches to fraud investigation that involve greater
reliance on technological approaches.
Practical implications: The moderate role of corporate governance suggests that senior management and
boards of directors must better understand the importance of their oversight function to meet their
obligations and fiduciary responsibilities to stakeholders. Furthermore, greater adoption of IT to detect
and prevent fraud contributes to developing a systematic approach to fraud investigation, capable of
identifying unusual activity using effective software.
Originality/value: This study contributes to the literature on the role of corporate governance and IT in
preventing and detecting fraud, particularly for Middle Eastern countries and other emerging nations. The
study may provide insights to academics and practitioners in the UAE and their international counterparts.
Keywords: Corporate governance, Fraud prevention techniques, Fraud detection techniques, Internal
auditor, External auditor, United Arab Emirates.
2
1. INTRODUCTION
The International Standards on Auditing (ISA 240, 2009, p.167) states that fraudulent financial
reporting involves intentional misstatements, including material omissions or disclosures
intended to deceive financial statement users. Fraud impairs efficiency, productivity, and
innovation because it shifts resources to unconstructive activities, limits the organization’s ability
to grow, may decrease the company’s stock value, and puts the company at risk of being delisted
from national stock exchanges (Glover and Aono, 1995; Beasley et al. 1999; Rezaee, 2005). Fich
and Shivdasani (2007) raise concerns about the quality of corporate governance and argue that
massive deficiencies in its effectiveness have caused a wave of corporate financial scandals.
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
The Association of Certified Fraud Examiners (ACFE, 2008) in the US finds that the total
cost associated with 2,608 reported fraud cases over the last 10 years was US$ 15 billion
(Owusu-Ansah et al., 2002). As a result, regulators in the US, such as the Securities Exchange
Commission (SEC), New York Stock Exchange (NYSE), and NASDAQ, among others, have
actively promoted extensive agendas aimed at reforming the quality of corporate governance in
public organizations (Fich and Shivdasani, 2007). Witherell (2004) argues that good corporate
governance should be senior managers’ core objective, since poor corporate governance has a
negative impact on a company’s potential and paves the way for financial difficulties, and even
fraud.
A recent study by PricewaterhouseCoopers (PwC, 2014) in the UAE finds that 27% of those
surveyed were victims of economic crime in the past 2 years. Amold (2014) points out that
PwC’s (2014) findings indicate that economic crime in the region continues to be a significant
threat, affecting every industry and both large and small organizations. Coderre (2000) points out
that as more business operations used computerised information, frauds are increasingly being
committed using computer-assisted means. However, he argues that the same technology that
enables this type of fraud provides auditors with more sophisticated detection techniques.
Moreover, PwC (2014) highlights the need for better fraud detection techniques at UAE
companies.
The main objective of this research is to investigate financial accountants and practitioners’
(internal and external auditors) perceptions of fraud, the role of corporate governance, IT and
traditional prevention and detection techniques, in preventing and detecting fraud by UAE
3
companies. It also seeks to investigate the impact of demographic variables on their perceptions
of fraud and prevention.
There are several reasons for choosing UAE for this study. First, despite extensive research
on the role of corporate governance and information technology in fraud prevention and
detection in developed countries (Bierstaker et al., 2006; McKee, 2006; Grove and Basilico,
2008; Janvrin et al., 2008; Krambia-Kapardis, 2010; Ngai et al., 2011; Zhou and Kapoor, 2011;
Sharma and Panigrahi, 2012; and Chen et al., 2014), to the researchers’ best knowledge, few
empirical studies (e.g. Halbouni, 2015) have been conducted on this issue in the UAE. The
extensive findings about developed countries may not be applicable to emerging countries
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
because of differences in culture, society, institutional settings, legal systems and economies.
The second reason for choosing the UAE is that its most populous city—Dubai—seeks to
become a global trade and logistics powerhouse, and through such initiatives as Dubai World
Central, the government of Dubai is looking to transform the emirate into a smart city (George,
2013). The third reason in favour of setting the study in the UAE is that by mid-2009, the UAE
government introduced a code of corporate governance that provides a useful framework for this
study.
This study of the role of corporate governance and IT in preventing and detecting fraud adds
to the scant research on this topic, particularly in the Middle Eastern and emerging nations.
There are significant consequences for UAE companies due to the lack of fraud prevention and
detection practices. Therefore, this study’s results could provide more information to these
companies’ senior management and boards of directors, so that they are more aware of the
importance of their oversight functions, ethical conduct, their own behaviour and tone, and
effective corporate governance to avoid future company failures (Law, 2011). Moreover, the
results provide insights for academics and practitioners beyond the UAE.
The rest of this paper is organized as follows. Section 2 reviews the relevant literature and
develops research hypotheses. Section 3 describes the study’s research design and data collection
methods. The empirical results and analyses are discussed in Section 4. Section 5 concludes,
provides additional discussions, and describes the study’s limitations and avenues for future
research.
4
2. LITERATURE REVIEW AND HYPOTHESES DEVELOPMENT
Fraud may be one of the most serious problems and challenges in the current business
environment (Law, 2011). Organizations cannot remain healthy and competitive if fraud goes
undetected (Glover and Aono, 1995). Kelly and Chicken (2013) argue that an effective fraud
strategy prioritizes prevention and has an effective risk management policy in place in the event
that an incident occurs. Ngai et al. (2011) point out that financial fraud detection enables
decision makers to develop appropriate strategies to decrease the impact of frauds and create an
average annual increase in profit of between 10% and 40%. Law (2011) and Hopwood et al.
(2012) argue that the long-term benefits of conducting and implementing controls to prevent and
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
5
assets or stock, 17% (Halbouni, 2015). The first proposed hypothesis addresses possible
differences in fraud perceptions between financial statements’ preparers and auditors.
This corresponds to the extent to which corporate governance effectively prevents and
detects fraud.
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
6
The American Institute of Certified Public Accountants (AICPA, 2010), among others, have
applied various indicators measuring the effectiveness of corporate governance in preventing and
detecting fraud (Campbell and Lindsay, 1994; Gramling and Myers, 2003; Harrast and Olsen,
2007; Christopher et al., 2009; Goh, 2009; Kaplan, 2009; Leung and Cooper, 2009; Persons,
2009; Law, 2011; McNeel, 2011). These indicators include audit committee effectiveness,
internal audit effectiveness, external audit effectiveness, employee training, and the
presence/absence of a culture of honesty and strong ethics in the top management. Corporate
governance is measured by scores on five dimensions. Each variable is measured on a five-point
–Likert scale and the scores are summed to get the final score of corporate governance.
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
7
the code requires the committee to meet at least once a quarter and to submit a written report to
the board of directors regarding their actions, which are independent.
committee. Gramling and Myers (2003) add that an effective internal audit function can provide
advance notice of fraud risk, thereby helping to detect and prevent fraudulent financial reporting.
Church et al. (2001), Rezaee (2005), and Nicolãescu (2013) confirm with the belief that
internal auditors are the ‘first line of defence’ against fraud because of their knowledge and
understanding of the business environment and the internal control structures, arguing that
organizations with an internal audit function are more likely to self-report incidents of fraud than
others. Coram et al. (2008) find a significant positive relationship between organizations with an
internal audit function and the number and value of self-reported fraud incidents.
In 2013, the Committee of Sponsoring Organizations of the Treadway Commission’s
(COSO) framework on governance was translated into Arabic by the UAE Internal Audit
Association and released in November (Hirth, 2015). Though the COSO framework is not a
requirement, several leading companies, such as Etisalat and the National Bank of Kuwait, have
chosen to adopt the framework as a best practice. According to Hirth (2015), several listed
companies in the region have adopted regulations on internal controls, including annual
evaluations of effectiveness.
8
Additionally, Paragraph A8 of ISA 520 confirms that different types of analytical procedures
provide differing levels of assurance.
Carmichael (2004) and Kim and Kogan (2014) argue that even though fraud detection is not
the external auditors’ primary responsibility, stakeholders believe that this should be one of their
tasks. According to Kim and Kogan (2014), in the post-Sarbanes–Oxley Act era in the US since
2002, in the wake of the Enron scandal, auditors have some degree of responsibility for fraud
detection by evaluating whether the company’s internal control systems sufficiently address the
risk of material misstatement due to fraud. Therefore, external auditors are required to collect
information necessary to identify the risks of material misstatements due to fraud; identify and
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
assess the risks that may result in material misstatements due to fraud; evaluate audit evidence;
communicate about the fraud to the management, audit committee, and others; and (finally)
document their consideration of fraud (Porter, 1997; Kusnierz, 2006; Gullkvist and Jokipii,
2013).
In the UAE, the Regulatory Law of 2004 was amended in 2012 to provide the stock market
authority with regulatory oversight over registered auditors, allowing the Dubai Financial Stock
Authority (DAFSA) to implement an audit-monitoring programme (Hawkamah, 2013). This
programme was developed and designed to assess whether registered auditors meet the
appropriate ISA, International Standard on Quality Control, and Code of Ethics for Professional
Accountants issued by the International Federation of Accountants (Hawkamah, 2013). To
accomplish these objectives, the stock market authority has identified three key areas of
improvement for registered auditors: practicing greater professional scepticism, identifying
evidence related to corporate balances and managerial judgments, and improving the sufficiency
and appropriateness of evidence obtained to support their conclusions related to significant areas
of audits (Hawkamah, 2013; Halbouni, 2015).
9
Marston et al. (1989) argue that once an organization has trained staff adequately, they should be
allocated responsibility for fraud prevention and detection.
Johnson and Rudesill (2001), GEO (2006), and Leishman and Timings (2008) point out that
employees must be motivated to report their concerns, and should be assured of confidentiality
and of there being no retaliation or victimization. They suggest ‘hotlines’ as an effective way to
protect internal whistle blowers’ identities and encourage reporting of irregularities. In addition,
all employees should be fully aware of the consequences of fraudulent conduct, perhaps through
the use of a formal code of conduct or awareness training (Leishman and Timings, 2008).
In the UAE, ACFE (2014) announced a partnership with the Financial Audit Department
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
(FAD) of the Dubai government to provide expert fraud training and certification for FAD
employees (Patterson, 2015). According to ACFE (2014a), it is providing resources and
instruction to help FAD employees earn Certified Fraud Examiner credentials, which are
globally recognized as an indicator of anti-fraud knowledge and expertise.
10
the SEC whenever there is a change or waiver in the code. Grove and Basilico (2008) argue that
company employees should be encouraged to push their behaviour and financial reporting to
ethical and professional limits. Tuŝek and Klikovac (2012) indicate that only 37% of the
surveyed companies have strict codes of ethics, while more than one third have no codes of
ethics implemented at all. In the UAE, PWC (2014) findings indicate that reporting suspicious
transactions and corporate culture are the most effective methods of fraud detection.
From the above, we can infer that respondents regard audit committees, internal audits,
external audits, employee training programs, and a culture of honesty as being effective and
significant in preventing and detecting fraud. Thus, this study proposes the following second
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
hypothesis.
H2: The summation score of corporate governance is related to fraud prevention and
detection.
11
used techniques are logistics models, neural networks, the Bayesian belief network, and decision
trees. Arens et al. (2012) argue that IT could improve a company’s internal controls and affect
overall risk, although its use creates other risks, such as those related to the protection of
hardware and data, or the potential introduction of new types of errors if there is too much
reliance on hardware and software capabilities. These risks include systematic risk, unauthorized
risk, and the risk of losing data.
At the same time, Mahathevan (1997) points out that traditional auditing techniques are
widely acceptable and used. On the one hand, Porter (1997) and Hyde (2007) argue that
traditional compliance testing, which uses random sampling and requires an extrapolation of the
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
results, may be appropriate for external auditors, given their emphasis on financial statements,
though they are not sufficient for internal audits, which require a much more detailed
understanding of the company’s risks and controls. In addition, internal auditors must rely more
on automated data analysis and targeting sampling methods rather than traditional procedures to
enhance testing methods and optimize efficiency and effectiveness.
On the other hand, McKee (2006) argues that external auditors need to use their imagination
when choosing the most effective and efficient audit techniques in a particular audit approach,
suggesting that external auditors use many irregular, traditional techniques and technological
techniques such as unannounced inventory observation, changing audit techniques from prior
years, applying Benford’s Law; and embedding a software monitor in the auditee’s system to
maintain unpredictability. Banker et al. (2002), Kusnierz (2006), Dowling and Leech (2007),
Dowling (2009) and Chen et al. (2014) confirm that audit support systems are primary
technology applications used by audit firms to control, facilitate and support their audit work. In
addition, audit firms promote these systems as essential to facilitate and achieve high-quality
financial statement audits. The authors point out that if auditors do not use audit support systems
appropriately, then the quality of audited financial statements could suffer and have negative
impacts on stakeholders’ economic decisions.
Protiviti (2013) believes that the automation of internal audits is becoming more appealing
and could help mitigate costs and increase audit effectiveness and efficiency. Malaescu and
Sutton (2015) find that external auditors are willing to rely more on internal audit work in a
continuous audit environment than in a traditional environment, and this effect is magnified if a
12
prior-year audit report on the effectiveness of internal controls were to indicate that these were
working properly.
In 2012, the UAE’s Federal Legal Decree No. 3 established the National Electronic Security
Authority (NESA), which aims to ‘organize protection for the communication network and
information systems to develop, amend, and use the necessary security methods in the electronic
security domain’ (PwC, 2014). The NESA then issued Federal Legal Decree No. 5 in 2012 to
combat information technology (IT) crimes, which came into effect in December 2012.
It can be said from this discussion, and the requirements of Federal Legal Decree No. 5, that
respondents believe that internal and external auditors use both technological and traditional
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
fraud detection techniques in the UAE. Therefore, we test the following hypothesis.
H3: Fraud prevention and detection techniques are significantly practiced. However, there
is no significant difference in the perceived use of technological and traditional
techniques between internal and external auditors.
2.4 Impact of Various Factors on Internal and External Auditors’ Perceptions of the
Existence of Fraud, and the Effectiveness of Corporate Governance and Fraud Prevention
and Detection Techniques
Jackson (2012) points out that internal auditors endeavouring to assess the risk of fraud need to
be acutely aware of what makes their organization unique. Loebbecke et al. (1989), Beasley et al.
(2000), and Jackson (2012) add that some fraud risks are very industry specific: the healthcare,
financial services, and manufacturing industries appear to have high concentrations of fraud.
Janvrin et al. (2008) find that the use of technological audit techniques varies by audit firm
size. Gillett and Uddin (2005), Janvrin et al. (2008), and Dowling and Leech (2014) confirm this
by arguing that large audit firms have made significant investments in IT, while Johnson and
Rudesill (2001) note that small businesses are at greater risk of fraud because they do not have
the resources that larger companies have to install sophisticated security devices and elaborate
audit and security procedures.
13
Janvrin et al. (2008) reveal that auditors employed by national firms are more likely to use
and assign perceived importance ratings similar to auditors from international operations on
certain audit applications, such as fraud reviews, expert systems, and internal control evaluations,
though they are simultaneously similar to auditors from smaller firms in other areas, such as
audit report writing. Audit experience has a significant impact on auditors’ professional
judgment and the length of audit experience has a significant impact on determining the
seriousness of a fraud problem (Wright, 1988; Bedard 1989; Hackenbrack, 1993; Johnson and
Rudesill, 2001).
This study proposes the following hypothesis on the impact of current position,
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
qualification, work experience, business type, operation, listing status, and company size on
internal and external auditors’ perceptions of the existence of fraud, and the effectiveness of
corporate governance and of the techniques they use to prevent and detect fraud.
H4: Current position, qualifications, experience, company operation, business type, listing
status, and company size have a significant impact on internal and external auditors’
perceptions on the existence of fraud, effectiveness of corporate governance, and
techniques used to prevent and detect fraud.
14
experience. These questions are also designed to capture whether the company operates locally,
regionally, or internationally; the company’s listing status and business type (manufacturing,
retail, financial, service, or government); and the size of the company in terms of number of
employees (large: more than 1,000 employees; medium: between 501 and 1,000 employees;
small: less than 500 employees).
The second part of the questionnaire contains two questions related to participants’
perceptions of the existence of fraud in their companies and their future expectations of the UAE
business environment. These questions were constructed as a series of five-point Likert-type
scales (1 = strongly disagree, 5 = strongly agree).
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
The third and fourth parts of the questionnaire contain 39 questions presented using a five-
point Likert-type scale. The third part includes six questions measuring respondents’ perceptions
of the effectiveness of their companies’ corporate governance against fraud. The first question
investigates the role of the audit committee in acting against fraud, while the second question
investigates the effectiveness of the internal audit function measured in terms of funding change
over the past 3 years. The third question measures the pressure on employees to achieve
organizational objectives. The fourth question measures the effectiveness of the external audit
function in acting against fraud. The fifth question investigates the role of employee training
programmes, and the sixth question considers the role of the culture of honesty in acting against
fraud. Finally, the fourth part of the questionnaire includes 33 questions developed to measure
internal and external auditors’ perceptions of the use of fraud detection techniques in the course
of an audit in the UAE.
15
3.3 Reliability Analysis
Cronbach’s alpha values were analysed to determine the internal consistency of the items for
each construct. The results indicated that the two constructs used to measure respondents’
perceptions of the existence of fraud and its impact on the future UAE business environment
were moderately reliable (α = .707) and the 33 constructs used to measure internal and external
auditors’ perceptions of the techniques used to prevent and detect fraud were high (α = .851),
whereas the six constructs measuring the effectiveness of corporate governance in preventing
and detecting fraud were not calculated since each used a single construct to measure the
respondents’ perceptions of the effectiveness of a certain element of corporate governance in the
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
UAE. The Cronbach’s alpha values for the two indices were within acceptable ranges (Nunnaly,
1994; Fornell and Larcker, 1981; Smith, 2003).
16
4. EMPIRICAL ANALYSIS AND RESULTS
4.1 Perceptions of Fraud
To test the first research hypothesis about the significant differences in fraud perceptions
of financial accountants and internal and external auditors, this study uses sample t-tests and the
one-way ANOVA test for the respondents’ perceptions that their firms had been a victim of
fraud and their expectations that fraud will increase in the future in the UAE. The results are
shown in both Panels A and B of Table 2.
Panel A of Table 2 shows that 44.6% of respondents considered their firms to have been
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
victims of fraud. The results are in line with those obtained by Johnson and Rudesill (2001), in
which 44.6% of the respondents perceived fraud to be a serious problem in their firms.
Moreover, Panel A of Table 2 reveals that 45.8% of the respondents expect that incidents of
fraud would increase in the future; this is nearly double the PwC’s (2014) finding that 27% of
those surveyed in the UAE were victims of economic crime in the past 24 months. In addition,
Panel A of Table 2 shows that a large proportion of the respondents in this study believed that
their organizations would fall victim to some form of economic crime in the future that they have
already experienced in the past.
{Please Insert Panel A of Table 2 Here}
{Please Insert Panel B of Table 2 Here}
These findings for the UAE are consistent with PwC’s (2014) results, which find that 21%
of companies in the Middle East were victims of an economic crime as compared to 37% of
businesses globally and that 38% of the Middle Eastern respondents expected their organizations
to suffer from an economic crime in the next 24 months. As in PwC (2012), the most common
corporate crimes in the Middle East include asset misappropriation, bribery and corruption,
cybercrime, and accounting fraud.
Panel A of Table 2 reports mean score for respondents’ perceptions of the existence of fraud
in the UAE and their belief that their organizations will experience some form of economic
crime in the future. Panel A of Table 2 further shows that the overall mean of respondents’
perceptions of the existence of fraud in the UAE and their expectation that fraud will increase in
the future is significantly neutral (indicated as 3 on the five-point scale; t = 7.89, p = .000).
17
Finally, Panel B of Table 2 presents the one-way ANOVA test results. The results indicate
no significant difference between financial accountants and internal and external auditors’ views
that their companies were victims of fraud (F = .080, p = .923) and in their expectations that
fraud will increase in the future (F = 2.823, p = .065). The overall mean average is not significant
(F = 1.154, p = .321).
Based on these results, the first research hypothesis regarding the differences between
financial accountants and internal and external auditors’ perceptions of fraud in their
organizations in the UAE is not supported, and it is possible to conclude that there is no
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
significant difference in the perceptions of fraud among financial accountants and internal and
external auditors.
18
Furthermore, the results reveal that funding for internal audit departments has changed
significantly over the past 3 years, with an average greater than 3 (t = 4.64, p = .000). This study
sees this change as an increase based on the UAE Corporate Governance Code requirements,
issued by the SCA in 2009. These results are in accordance with Bierstaker et al.’s (2006)
finding that funding for internal audit departments has increased over the past 3 years. Table 3
also shows that audit committees, employee training programmes, and external audit functions
have significant effects in preventing and detecting fraud in the UAE.
Furthermore, this study’s results confirm Law’s (2011) finding that the effectiveness of the
audit committee and the internal audit function, along with the impact of the culture of honesty,
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
are positively associated with the absence of fraud in organizations. However, despite the
positive influence of the culture of honesty (Q6, with an average greater than 3), the results
indicate that the culture of honesty has the lowest mean average, and is not statistically
significant.
Based on the results, the second hypothesis regarding the effectiveness of corporate
governance for UAE companies is supported. Corporate governance measured by scores on five
dimensions, the role of the audit committee, the pressure on employees to meet organizational
objectives, the significant role of the external audit function, and increased funding for the
internal audit department and employee training programmes have significant effects on
preventing and detecting fraud in the UAE.
19
constructs are below the cut-off point of 3. The results do not meet the Public Company
Accounting Oversight Board (2000, 2007, 2008) recommendations for audit effectiveness for the
use of forensic-type fieldwork audit procedures to demonstrate a high level of professional
scepticism throughout the audit process and to focus on fraud risk indicators that may signal the
occurrence of financial statement fraud. At the same time, the results agree with Bierstaker et
al.’s (2006) finding that firewalls, virus protection, password protection, and internal control
reviews are the most common techniques practiced by the organizations surveyed, while the use
of forensic accountants is the least common practice. Moreover, Table 4 indicates that despite an
acceptable mean average for fraud-reporting policies (Q6) and fraud hotlines (Q7), the p-value
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
20
survey was initially detected through employee tips. In addition, Table 4 demonstrates that
respondents’ perceptions of the use of both technological and traditional techniques is
significantly different from 3 (3.74; t = 13.26; p = .000).
prevention and detection techniques by internal and external auditors in the UAE. The paired
samples test was used to investigate any significant difference in the use of technological and
traditional audit techniques by internal and external auditors, while the independent-sample t-test
was employed to examine any significant difference in the use of technological and traditional
techniques between internal and external auditors in the UAE.
Panel A of Table 5 presents the sample t-test results. The results indicate that the overall
main average for the use of technological means is slightly higher than that for traditional audit
techniques.
{Please Insert Panel A of Table 5 Here}
An analysis of the paired samples test results reveals no significant differences between the
overall mean averages of technological and traditional audit techniques. The results shown in
Panel B of Table 5 indicate that no significant difference exists between the two mean averages
(t = -.724; p = .472), suggesting that both technological and traditional fraud audit techniques
play a significant role in fraud prevention and detection in the UAE.
Finally, the independent-sample t-test used to examine the absence of a significant
difference in the use of technological and traditional techniques between internal and external
auditors in the UAE. Panels B and C of Table 5 present the results of this analysis.
{Please Insert Panel B of Table 5 Here}
{Please Insert Panel C of Table 5 Here}
21
Panel C of Table 5 indicates that no significant difference exists between internal and
external auditors’ perceptions of the use of technological and traditional fraud prevention and
detection techniques. Therefore, hypothesis 3 is supported.
4.4 Impact of Various Factors on Internal and External Auditors’ Perceptions of the
Existence of Fraud, and the Effectiveness of Corporate Governance and of Fraud Prevention
and Detection Techniques
This study applies a one-way ANOVA test to examine the fourth research hypothesis related
to the impact of internal and external auditors’ current professional position, qualification, and
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
work experience and their organization’s operation, business type, listing status, and company
size on the auditors’ perceptions of the existence of fraud in their companies, their expectations
about the increase of fraud in the future, corporate governance effectiveness, and their use of
traditional and technological techniques to prevent and detect fraud in the UAE. The results are
presented in Panels A–H of Table 6.
Panel A of Table 6 indicates that demographic variables do not have a significant impact on
respondents’ perceptions of their companies being victims of fraud. Panel B of Table 6 shows
that current position (being an internal auditor or an external auditor) as well as listing status
significantly impact expectations that fraud will increase in the future. In addition, Panel B
reveals that the mean average for external auditors is greater than that for internal auditors (F =
6.004, P = .018), and the mean average for listed companies is significantly greater than that for
unlisted companies (F = 4.77, p = .033). The results indicate that external auditors are more
concerned about the increase of fraud in the future than internal auditors. Moreover, Panel B
indicates that listing status significantly affects respondents’ perceptions of a future increase in
fraud.
{Please Insert Panels A & B of Table 6 Here}
To verify the impact of respondents’ perceptions on the effectiveness of corporate
governance, a factor analysis using the extraction sums of squared method is applied to the
corporate governance indicators (six items). The factor loading is rotated using rotated
component analysis. The results are reported in Panel C of Table 6.
22
It is noteworthy that the audit committee’s role in fraud detection, as well as the change in
funding for employee fraud prevention training over the past 3 years, is loaded substantially for
Factor 1 (audit committee), the change in funding for the internal audit department over the past
3 years. Meanwhile, the high pressure placed on employees to meet organizational objectives is
loaded substantially on Factor 2 (internal audit), while the role played by the external audit
function for fraud prevention and detection, as well as top-management accountability, are
loaded substantially on Factor 3 (external audit). Panel C of Table 6 indicates that the role of the
audit committee, internal audit function, and external audit function are the three main factors
associated with corporate governance that explain 71.9% of the variation in the auditors’
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
responses.
{Please Insert Panel C of Table 6 Here}
Panels D, E, and F of Table 6 indicate that business type is the only variable that has a
significant effect on internal and external auditors’ perceptions of the effectiveness of the audit
committee and the internal audit and external audit functions. The table shows respondents’
business type (specifically, manufacturing firms) to be the most influential factor behind the
effectiveness of corporate governance in acting against fraud.
{Please Insert Panel D of Table 6 Here}
{Please Insert Panel E of Table 6 Here}
{Please Insert Panel F of Table 6 Here}
Panel G of Table 6 indicates that professional qualification, business type, and listing status
have significant impacts on internal and external auditors’ perceptions of the use of traditional
techniques. Respondents with higher education or professional degrees rely more on traditional
techniques than those with other degrees, such as bachelor’s, secondary degrees, or diplomas (F
= 2.861, P = .033). In addition, some business types, such as manufacturing organizations, rely
more on traditional techniques than do others, such as government or retail organizations.
However, unlisted companies significantly rely on traditional techniques compared to listed
companies (F = 5.37, P = .024).
{Please Insert Panel G Table 6 Here}
{Please Insert Panel H Table 6 Here}
23
Panel H of Table 6 indicates that professional qualification and business type have
significant impacts on auditors’ perceptions of their use of technological fraud prevention and
detection techniques. Respondents with bachelor’s or higher qualifications rely more on
technological techniques than those with secondary school education or diplomas (F = 2.824, P =
.034). Moreover, manufacturing firms rely significantly more on technological techniques
compared to other business types (F = 9.127, P =.000).
The data shows that internal and external auditors with higher qualifications use both
traditional and technological fraud prevention and detection techniques more as compared to
those with lower qualifications. Moreover, manufacturing organizations rely on both traditional
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
and technological techniques more than other business types. The results in this subsection
confirm the earlier results in this study that internal and external auditors use both traditional and
technological techniques simultaneously. The results are also in line with Martinis et al.’s (2011)
finding that client-type differences impact auditors’ risk assessment. Furthermore, the results are
in accordance with Marston et al.’s (1991) finding that auditors rely on both computer-assisted
tools and manual techniques. These results thus support the fourth research hypothesis. The
results also reveal that work experience, organizational operation, and company size have no
significant impact on respondents’ perceptions of the techniques they use to detect fraud, which
are in line with those of Johnson and Rudesill (2001), in which auditors’ years of experience
have no impact on their perceptions of the techniques used to prevent and detect fraud. At the
same time, the results differ from those of Martinis et al. (2011), who found that company size
has a significant impact in determining the seriousness of the fraud problem and the risk
associated with the client, as well as Janvrin et al. (2008), who find that national firms may
invest resources in relatively high-risk activities, like fraud detection and prevention.
25
Furthermore, the results indicate that setting an honest ‘tone at the top’ has limited positive
impact on fraud prevention and detection in the UAE. This result contradicts Law’s (2011)
argument that the moral and ethical tone of the top management is an integral part of an
organization’s control systems and it supports Horton’s (2002) argument that this should be set
by the CEO and board of directors to influence the corporate environment in terms of integrity
and ethics, among other factors.
In respect of fraud prevention and detection techniques, the results demonstrate that
respondents have positive perceptions of the role of IT and traditional techniques in preventing
and detecting fraud. Furthermore, there is no significant difference in the use of technological
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
and traditional techniques for internal and external auditors in the UAE, which departs from
Arens et al.’s (2012) argument that internal auditors should rely more extensively on
technological techniques than external auditors. Auditors’ moderate use of technological
techniques could moderately explain the respondents’ concerns about their organizations
becoming victims to some form of economic crime in the future.
Our results should encourage greater reliance on technological techniques and fraud
software to prevent and detect fraud, in line with the work of Coderre (2000), Kusnierz (2006),
Gill (2009), and Kemal (2013), who indicate that advanced analytical techniques are essential for
generating financial statements on a real-time or close to real-time basis, and that models should
be developed from data for both the detection of fraudulent activity that has already occurred and
for the proactive determination of the propensity for fraudulent activity in the future.
Finally, the analysis of the impact of the firm’s current position, professional qualifications,
work experience, company operation, business type, listing status, and company size on internal
and external auditors perceptions of the existence of fraud, corporate governance effectiveness,
and fraud prevention and detection techniques indicates that external auditors are more
concerned about the increase of fraud in the future, while internal auditors are more concerned
about the impact of listing status on the existence of fraud. Furthermore, internal and external
auditors perceive that manufacturing companies have the most effective corporate governance,
and therefore, they rely more on both technological and non-technological techniques than other
business types to prevent and detect fraud. In addition, internal and external auditors’
qualifications have a significant impact on their perceptions of their use of both traditional and
26
technological fraud techniques, while they perceive that unlisted companies rely more on
traditional techniques to act against fraud.
This study’s main contribution is the finding that corporate governance plays a moderately
significant role in preventing and detecting fraud in the UAE, providing information to senior
management and boards of directors to improve their awareness of the importance of their
oversight function to meet their obligations and fiduciary responsibilities to stakeholders. The
moderately significant role the audit committee plays suggests that the audit committee members
need to learn more about how to enhance confidence in their oversight of risk through an
appropriate orientation and ongoing training, in addition to staying current with regulatory
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
standards and developments (KPMG, 2015). Simultaneously, the moderately significant role the
internal auditors have suggests that they should work to improve their ability to deal with issues
such as assessing strategic risks, business risks, and risks related to fraud and technology, in
addition to dealing with finance, compliance, and operational issues (PWC, 2008). Whilst the
external auditor is in large part responsible for the effectiveness of the audit process,
management and the audit committee have important contributions through the overall
assessment of the effectiveness of the external audit process. Moreover, the limited positive
effect of a culture of honesty emphasises the importance of adopting effective business ethics
programs to serve as the foundation for preventing, detecting, and deterring fraudulent and
criminal acts and to create an environment where making the right decision is implicit. However,
the current research findings and suggestions provide insightful contributions to the significance
of corporate governance.
Furthermore, as most organizations in the current business environment rely on IT to
conduct business, the finding that IT performs the same function as traditional techniques should
indicate to senior managers that it is important to develop a systematic approach to fraud
investigation that involves identifying unusual activity using effective software. Moreover, the
results from this study in the UAE as an emerging nation are in line with those obtained in
developed countries, except for the corporate governance indicator related to ethical conduct,
despite the cultural, social, institutional, legal, and economic differences between the UAE and
developed nations. This could be attributed to the fact that the UAE is not representative of most
developing nations as it is a high-income country, with technology investments and global trade,
supplemented by the SCA’s efforts in 2009. This study’s results could provide further insights
27
not only to academics and practitioners in the UAE, but also to their counterparts internationally.
Future research may investigate the effectiveness of a broader view of governance, such as risk
management programs, internal controls, and corporate responsibility and risks related to fraud
and technology. Additionally, future research based on specialized domain knowledge could
investigate the most effective and efficient computer-assisted automated fraud-detection
mechanisms. An investigation of the effectiveness of audit procedures by internal and external
auditors in the UAE provides yet another avenue for future research.
This study shares a limitation common to other studies of fraud prevention and detection.
The sensitive nature of the subject and the tendency of financial accountants and practitioners to
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
protect themselves and their organizations may lead them to provide socially desirable answers.
Additionally, the empirical analysis is limited by the survey instrument. Although five-point
Likert-type scales are common, they limit the range of responses, so, it may have been
insufficiently precise in detecting differences between financial accountants and internal and
external auditors.
28
References:
Abu Dhabi Education Council (2014), ‘ADEC conducts the first anti-fraud assessment program for senior
officials, schools and universities. As cited on 20/2/2014:
(http://www.adec.ac.ae/en/MediaCenter/News/Pages/ADEC-conducts-the-first-anti-fraud-
assessment-program-
ACFE, (2008). Association of Certified Fraud Examiners. Report to the Nations on Occupational Fraud
and Abuse, Association of Certified Fraud Examiners, Austin, TX.
ACFE, (2010). Association of Certified Fraud Examiners Report to the Nations on Occupational Fraud
and Abuse, Association of Certified Fraud Examiners, Austin, TX.
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
ACFE, (2012). Association of Certified Fraud Examiners Report to the Nations on Occupational Fraud
and Abuse, Association of Certified Fraud Examiners, Austin, TX.
ACFE, (2014, a). Association of Certified Fraud Examiners Report to the Nations on Occupational Fraud
and Abuse, Association of Certified Fraud Examiners, Austin, TX
ACFE, (2014, b). Association of Certified Fraud Examiners. Tone At The Top: How Management Can
Prevent Fraud in the Workplace. As cited on December 12th, on
http://www.acfe.com/uploadedFiles/ACFE_Website/Content/documents/tone-at-the-top-
research.pdf.
AICPA, (2002). Statement on Auditing Standards No. 99: Consideration of Fraud in a Financial
Statement Audit From: http://www.aga-olympia.org/attachments/sas_no_99.pdf.
AICPA, (2010). American Institute Certified Public Accountants. Fraud and the responsibilities of the
Audit Committee: An Overview. pp. 95-98.
Alleyne, P. Howard, M. (2005). An exploratory study of auditors’ responsibility for fraud detection in
Barbados, Managerial Auditing Journal, Vol.20, No. 3, p. 284-303
Amold, T. (2014). Over 1 in 4 UAE companies are victims of fraud, from:
http://www.thenational.ae/business/industry-insights/economics/over-1-in-4-uae-companies-are-
victims-of-fraud.
Arens, A.A. Elder, R.J. and Beasley, M.S. (2012). Auditing and Assurance Services-Ab Integrated
Approach, 14th ed., Pearson.
Bainbridge, A. (2011). Corporate Governance for UAE Companies, As Cited from:
http://www.nortonrosefulbright.com/knowledge/publications/54327/corporate-governance-for-
uae-companies
Banker, R.D. Chang, H. and Kao, Y. (2002. Impact of Information Technology n Public Accounting firm
productivity. Journal of Information Systems, Vol. 16, No. 2, pp. 209-222.
29
Beasley, M.S. Carcello, J.V. and Hermanson, D.R. (1999). Fraudulent financial reporting 1987-1997. An
analysis of public companies. New York, NY:COSO.
Beasley, M.S. Carcello, J.V. and Hermanson, D.R. (2000). Fraudulent financial reporting: Consideration
of Industry Traits and Corporate Governance Mechanisms, Accounting Horizons, Vol. 14, No. 2,
pp. 441-454.
Bedard, J. (1989). Expertize in Auditing: Myth or reality? Accounting, Organizations and Society, Vol.
14, No. 1&2, pp. 113-131.
Bierstaker, J.L., Brody, R.G. and Pacini, C. (2006)."Accountants' perceptions regarding fraud detection
and prevention methods", Managerial Auditing Journal.Vol.21, No.5, pp.520-535.
Braiotta, L. JR. (1992). Preventing Fraudulent Reporting, Auditing for Honesty, ABA Journal, May, p.
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
76-79.
Campbell, A. and Lindsay, D. (1994). Internal auditors and the detection of fraud. Internal Auditing, Vol.
9, No. 4, pp. 26-37.
Carmichael, D.R. (2004)."The PCAOB and the Social Responsibility of independent Auditor", Mid-Year
Auditing Section Meeting of the American Accounting Association, Florida, USA.
Chen, Y. Smith, A.L. Cao, J. and Xia, W. (2014). Information Technology Capability, Internal Control
Effectiveness, and Audit Fees and Delays, Journal of Information Systems, Vol. 28, No. 2, pp.
149-180
Christopher, J. Sarens, G. and Leung, P. (2009). A critical analysis of the independence of the internal
audit function: evidence from Australia, Accounting, Auditing and Accountability Journal, Vol.
22, No. 2, pp. 200-220.
Church, B. McMillan, J.J. and Schneider, A. (2001). Detection of Fraudulent Financial Reporting: Are
internal auditors not spotting red flags? Journal of Accountancy, September, p. 99.
Coderre, D.G. (2000). Computer Assisted Fraud Detection, Computers and Auditing, August, pp. 24-26.
Coderre, D.G. (2006). Global Technology Audit Guide: Continuous Auditing Implications for Assurance,
Monitoring, and Risk Assessment. Montvale, NJ. The Institute of Internal Auditors.
Concerning Governance Rules and Corporate Discipline Standards, Ministerial Resolution No.
(518) of 2009.
Coram P, Ferguson C, Moroney R (2008). Internal audit, alternative internal audit structures and level of
misappropriation of assets fraud. Accounting and Finance Journal, Vol. 48, No. 4, pp. 543–559.
COSO, (2006). Committee of Sponsoring Organizations of the Treadway Commission. Managing the
Business Risk of Fraud: A Practical Guide. The Institute of Internal Auditors, pp. 1-79. From:
https://na.theiia.org/standards-guidance/.../fraud%20paper.pdf
30
CPA, (2014). Chartered Professional Accountants, Canada. Oversight of the External Auditor
GUIDANCE FOR AUDIT COMMITTEES January. From:
https://www.icd.ca/getmedia/ac88804a-db90-4cf5-a006-
a674a944ac59/item78035_Guidance_EN.pdf.aspx.
Dowling, C, and Leech, S.A. (2007). Audit support systems and decisions aids: Control Practice and
opportunities for future research. International Journal of Accounting Information Systems, No.
8, pp. 92-116.
Dowling, C, (2009). Appropriate Audit Support System Use: the Influence of Auditor, Audit Team, and
Firm Factors, The Accounting Review, Vol. 84, No. 3, pp. 771-810.
Dowling, C. and Leech, S.A. (2014). A Big 4 Firm's Use of Information Technology to Control the
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
Audit Process: How an Audit Support System is Changing Auditor Behavior†, Contemporary
Accounting Research, Vol. 31, No. 1, pp. 230-252.
Evans, J. Evans, R. and Loh, S. (2002). Corporate Governance and Declining Firm Performance,
International Journal of Business Studies, Vol. 10, No. 1, pp. 1-18.
Farber, D.B. (2005). Reporting Trust after Fraud: Does Corporate Governance Matter?, The Accounting
Review, Vol. 80, No. 2, pp. 539-561.
Fich, E.M. and Shivdasani, A. (2007). Financial fraud, director reputation, and shareholder wealth,
Journal of Financial Economics, Vol. 86, pp. 306-336.
Fornell, C. & Larcker, D.F. (1981). Evaluating Structural Equation Models with Unobservable Variables
and Measurement Error. Journal of Marketing Research, Vo. 18, No. 1, pp.39-50.
GAO, (2006). United States Government Accountability Office, Individual Disaster Assistance Programs:
Framework for Fraud Prevention, Detection, and Prosecution, July 12, pp. 1-13.
George, J. (2013). UAE to be a global tech hub. As cited from: http://www.emirates247.com/expo-
2020/uae-to-be-a-global-tech-hub-2013-11-29-1.529626
Gill, W. (2009). Fighting Fraud with advanced Analytics Canadian Underwriter, September, pp. 28-32.
Gillett, P.R. and Uddin, N. (2005). CFO Intentions of Fraudulent Financial Reporting, Auditing: A
Journal of Practice and Theory, Vol. 24, No. 1, pp. 55-75.
Goh, W. (2009). Audit committees, boards of directors, and remediation of material
weaknesses in internal control. Contemporary Accounting Research, Vol. 26, N. 2, pp .486-508.
Glover, H.D. and Aono, J.Y. (1995) ‘Changing the Model for Prevention and Detection of Fraud’,
Managerial Auditing Journal, Vol. 10, No. 5, pp. 3-9.
Gramling, A. and Myers, P. (2003). Internal auditors’ assessment of fraud warning signs, The CPA
Journal, Vol. 73, No. 6, pp. 20-24.
31
Grove, H. and Basilico, E. (2008). Fraudulent Financial Reporting Detection, International Studies of
Management and Organization, Vol. 38, No. 3, pp. 10-42.
Gullkvist, B. and Jokipii, A. (2013). Perceived importance of red flags across fraud types, Critical
Perspective in Accounting, Vol. 24, pp. 44-61.
Hackenbrack, K. (1993). The Effect of Experience with Different Sized Clients on Auditor Evaluations of
Fraudulent Financial reporting Indicators, Auditing: A Journal of Practice and Theory, Vol. 12,
No. 1, pp. 99-110.
Halbouni, S.S. (2015). The Role of Auditors in Preventing, Detecting and Reporting Fraud: The Case of
the United Arab Emirates, International Journal of Auditing. Vol. 19, No 1, pp. 117-130.
Harrast, S. and Olsen, L. (2007). Can audit committees prevent management fraud? The CPA Journal,
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
32
Jackson, R.A. (2012). Are You Addressing the Obvious? Organizations can't afford to ignore potential
fraud risks. Internal Auditor, October.
Janvrin, D. Bierstaker, J. and Lowe, D.J. (2008). An Examination of Audit Information Technology Use
and Perceived Importance, Accounting Horizons, Vol. 22, No. 1, pp. 1-21.
Johnson, G.G. and Rudesill, C.L. (2001). An Investigation into fraud prevention and selection of small
business in the United States: responsibilities of auditors, managers, and business owners,
Accounting Forum., Vol. 25 Issue 1, p56. 78.
Kaplan, S. Pany, K. Samuels, J. and hang, J. (2009). An examination of the effects of procedures
safeguards on intentions to anonymously report fraud? Auditing, A Journal of Practice and
Theory, Vol. 28, No. 2, pp. 273-289.
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
Kelly, R. and Chicken, L. (2013). Approaches to fraud management for companies in the UAE. From:
http://www.clydeco.com/insight/articles/approaches-to-fraud-management-for-companies-in-the-
uae
Kemal, M. (2013). Continuous Audit: From the concept towards the implementation. From:
http://www.google.ae/url?sa=t&rct=j&q=&esrc=s&frm=1&source=web&cd=1&ved=0CBwQFj
AA&url=.
Kim, Y. and Kogaan, A. (2014). Development of an Anomaly Detection Model for a Bank’s Transitory
Account System, Journal of Information Systems, Vol. 28, No. 1, pp. 145-165.
KPMG (2003). Fraud Survey, KPMG, Sydney. From:
http://faculty.usfsp.edu/gkearns/Articles_Fraud/Fraud%20Survey_040855_R5.pdf
KPMG (2015) Lower Gulf and Hawkamah launch first Audit Committee Institute (ACI) in the UAE.
From:
https://www.kpmg.com/AE/en/Documents/ACI%20launch%20-%20Press%20Release.pdf.
Krambia-Kapardis, M. (2010). Neural network: the panacea in fraud detection, Managerial Auditing
Journal, Vol. 25, No. 7, pp. 659-678.
Krummeck, S. (2000). The role of ethics in fraud prevention: a practitioner’s perspective, Business
Ethics: A European Review, Vol. 9 No. 4, pp. 268-72.
Kusnierz, R. (2006). Fraud Doesn’t Matter?, Credit control, , Vol. 27 Issue 4/5, pp. 61-64.
Law, P. (2011). Corporate governance and no fraud occurrence in organizations: Hong Kong evidence,
Managerial Auditing Journal, Vol. 26, No. 6, pp. 501-518.
Leishman, M. and Timings, S. (2008). New trends in identifying and mitigating fraud, Chartered
Accountants Journal, Vol. 87 Issue 3, April, p30.
33
Leobbecke, J.K., Eining, M.M. and Willingham, J.J.(1989)."Auditors'' experience with material
irregularities: frequency, nature, and detect-ability", auditing: A journal of Practice & Theory
.Vol.9, pp.1-28.
Leung, P. and Cooper, B. (2009). Internal audit an-Asia Pacific profile and the level of compliance with
internal auditing standards, Managerial Auditing Journal, Vol. 24, No. 9, pp. 861-882.
Mahathevan, K. (1997). Auditors’ use and perception of analytical procedures: evidence from precision in
evidential analytical procedures, Auditing, Vol. 26, No. 1, pp. 1-18.
Malaescu, I. and Sutton, S.G. (2015). The Reliance of External Auditors on Internal Audit’s Use of
Continuous Audit. Journal of Information Systems, Vol. 29, No. 1, pp. 95-114.
Marston, C. Dixon, R. and Collier, P. (1989).Internal Auditors and the Prevention and Detection of
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
Computer Fraud, Journal of Information Technology (Routledge, Ltd). Vol. 4, No. 4, pp. 230-
238.
Martinis, M.D. Fukuawa, H. and Mocjk, T.J. (2011). Exploring the role of country and client type on the
auditor’s client risk assessments and audit planning decisions, Managerial Auditing Journal, Vol.
25, No. 7, pp. 543-565.
Marston, C. Dixon, R. and Collier, P. (1991).The role of internal auditors in the prevention and detection
of computer fraud, Public Money & Management. Vol. 11, No. 4, pp. 53-61.
McKee T. E. (2006). “Increase your fraud auditing effectiveness by being unpredictable!”, Managerial
Auditing Journal, Vol. 21, No. 2, pp. 224-231.
McNeel, A. (2011). The Role of the Board in Fraud Risk Management. From: https://www.conference-
board.org/retrievefile.cfm?filename=TCB...
NESA, (2012). National Electronic Security Authority. By The National Electronic Security Authority.
Ngai, E.W.T. Hu, W. Wong, Y.H. Chen, Y. and Sun, X. (2011). The Application of data mining
techniques in financial fraud detection: A classification framework and an academic review of
literature, Decision Support Systems, Vol. 50, pp. 559-569.
Nicolãescu, E. (2013). Internal Auditors’ Role in Detecting Fraud. Contemporary Readings in Law and
Social Justice, Vol. 5, No. 1, pp. 109-111.
Nita, C. (1997). Fraud detection techniques, Internal Auditor, Vol. 54, No. 2, April, pp 17-21, 1997.
Nunnally, J.C. & Bernstein, I.H. (1994). Psychometric theory. New York, NY: McGraw-Hill.
Ormerod, T.C. Ball, L.J. and Morley, N.J. (2012). Informing the development of a fraud prevention tools
through a situated analysis of fraud investigation expertise, Behaviors and Information
Technology, Vol. 31, No. 4, pp. 371-381.
Owusu-Ansah, S. Moyes, G.D. Oyelere, B.P. and Hay, D. (2002). An empirical analysis of the likelihood
of detecting fraud in New Zealand, Managerial Auditing Journal, Vol. 17, No. 4, p. 192-204.
34
Patterson, S. (2015. Dubai anti-fraud partnership provides expert training, certification for FAD
employees. From: http://www.fraud-magazine.com/article.aspx?id=4294986991.
Persons, O. (2009). Audit committee characteristics and earlier voluntary ethics disclosure among fraud
and no-fraud firms, International Journal of Disclosure and Governance, Vol. 6, No. 4, pp. 284-
298.
PCAOB, (Public Company Accounting Oversight Board, 2000).Panel on Audit Effectiveness, Report and
Recommendations. From: www.pobaditpanel.org/download.html.
PCAOB. (2007). Public Company Accounting Oversight Board. Standing Advisory Group Meeting:
Panel Discussion – Forensic Audit Procedures. From:
http://pcaobus.org/News/Events/Documents/02222007_SAGMeeting/Forensic_Audit_Procedures
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
.pdf
PCAOB. (2008). Public Company Accounting Oversight Board . Standing Advisory Group. Retrieved
December 2, from http://www.pcaobus.org/Standards/Standing_Advisory_Group/index.aspx
Perri, F.S. and Brodyt, R.G. (2011). The sleeping watch dog: aka the Securities and Exchange
Commission, Journal of Financial Regulation and Compliance, Vil. 19, No. 3, pp. 208-221.
Phua, C., Lee, V., Smith, K. and Gaylar, R. (2005).” A comprehensive survey of data mining-based fraud
detection research”, Artificial Intelligence Review, pp. 1-14.
Porter, B. (1997): Auditors’ responsibilities with respect to corporate fraud: a controversial issue, in
Sheerer. and Turley, S. (Eds), 3rd ed., Current Issues in Auditing, Paul Chapman Publishing.
London, Ch. 2:31-54.
PwC, (2006). Price Waterhouse. State of the Internal Audit Profession: Continuous Auditing Gains
Momentum. NY: Pricewaterhousecoopers
PWC, (2008). Pricewaterhouse. Targeting key threats and changing expectations to deliver greater value.
PricewaterhouseCoopers. State of the internal audit profession study. From:
http://www.pwc.com/us/en/internal-audit/assets/state_internal_audit_profession_study_08.pdf
PWC, (2012). Price Waterhouse. Global Economic Crime Survey 2011. From:
http://www.pwc.com/m1/en/publications/globalecnomiccrimesurvey.jhtml
PWC, (2014). Price Waterhouse. Economic Crime in the UAE. From:
http://www.pwc.com/m1/en/publications/gecs2014reportuae.pdf
Protiviti, (2013). Building Value in Your SCX Compliance Program: Highlights from protiviti 2013
Sarbanes-Oxley Compliance Survey. From:
http://www.google.ae/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=0CBwQFjAA&url=
http%3ASOX-Compliance-Survey-
35
Rezaee, Z. (2004). Restoring public trust in the accounting profession by developing anti-fraud education,
programs, and auditing, Managerial Auditing Journal, Vol. 19, No. 1, pp.134 – 148.
ReZaee, Z. (2005). Causes, consequences, and deterrence of financial statement fraud, Critical
Perspectives on Accounting, Vol. 16, No. 3, pp. 277-298.
Robinson, P. (2006). Prevention controls are designed to help reduce the risk of fraud and misconduct
from occurring in the first place. Fraud Risk Management: Developing a Strategy for Prevention,
Detection, and Response. KPMG as cited on December, 12th, 2014 from:
https://www.google.com/search?sourceid=navclient&ie=UTF-
SAI, (2011). State Audit Institution. Fraud control Frameworks, Best Practice guide. UAE. From:
http://saiwb1.saiuae.gov.ae/Reports/SAI%20-
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
%20Best%20Particle%20Guide%20English%20Layout.pdf
Sarbanes-Oxley Act of 2002 - Securities and Exchange. From: https://www.sec.gov/about/laws/soa2002.
Saidi, N. (2011). Corporate governance in the GCC: What has been done & what Remains. Qatar
Business Review, pp. 11-13.
SCA, (2009). Securities and Commodities Authority, Corporate Governance Code. From:
http://www.linklaters.com/pdfs/insights/UAECorporateGovernanceRegime.pdf
Sharma, A. and Panigrahi, P.K. (2012). A Review of Financial Accounting Fraud Detection based on
Data Mining Techniques, International Journal of Computer Applications, Vol. 39, No. 1, pp. 37-
47.
SME Advisor (2012). Preventing Financial Fraud. August 15th. As Cited on:
http://www.smeadvisor.com/2012/08/preventing-financial-fraud/.
Smith, M. (2003). Research Methods in Accounting, Sage Publications: London.
Sommer, A., JR. (1991). Auditing audit Committee: An Educational opportunity for auditors. Accounting
Horizons: pp. 91-93.
Tomasic, R. (2011). The financial Crisis and the haphazard pursuit of financial crime, Journal of
Financial Crime, Vol. 18, No. 1, pp. 7-31.
Tuŝek, B. and Klikovac, A. (2012). Corporate Governance Practices in Fraud Prevention and Detection-
Empirical Evidence from Croatia, International Journal of Management Cases, Vol. 14, No. 3, pp.
59-71.
Tysiac, K. (2012). To prevent fraud, offer a hotline, train employees on fraud prevention, report says,
Journal of Accountancy, May, 9th.
Verschoor, C.C. (2005). Three Pillars of Fraud Deterrence and Detection. Strategic Finance, April, pp.
17-18.
36
Weisbach, M.S. (1993). Corporate governance and hostile takeovers, Journal of Accounting and
Economics, Vol. 16, pp. 199-208.
Wright, W.F. (1988). Audit Judgment consensus and experience. In Behavioural Accounting Research: A
Critical Analysis. Ed. K. R. Ferris, 305-328. Century VII Publishing Company.
Witherell, W. (2004). The Immense Economic Benefits, Priority to Combating Financial Crimes and
Abuse. The OECD and Economic crime.
Zhou, W. and Kapoor, G. (2011). Detecting evolutionary financial statement fraud, Decision Support
Systems, Vol. 50, pp. 570-575.
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
37
Tables
Total 83 100%
Work Experience
(number of years) <5 27 32.5%
5-10 34 41%
>10 21 25.3%
Missing 1 1.2%
Total 83 100%
Company Operation
Local Firm 21 25.3%
Regional Firm 43 51.8%
International Firm 19 22.9%
Total 83 100%
Business Type
Manufacturing company 18 21.7%
Retail company 11 13.3%
Financial institution company 18 21.7%
Service company 28 33.7%
Governmental organization 8 9.6%
Total 83 100%
Listing Status
Listed Company 69 83.1%
Unlisted Company 14 16.9%
Total 83 100%
Company Size
Large: more than 1000 employees 13 15.7%
Medium: between 501-1000 30 36.1%
employees
Small: less than 500 employees 40 48.2%
Total 83 100%
38
Panel-A of Table 2: Respondents’ perceptions of fraud in the UAE
No. Mean SD Percentage Percentage t-value Sig.
Rating Rating
1 or 2 4 or 5
1. My firm has been a victim of fraud. 3.05 1.28 55.4% 44.6% 7.48 .000
**
2. I am expecting fraud to increase in the 3.01 1.33 49.4% 45.8% 6.93 .000
future? **
Panel-B of Table 2: The One-way Anova Test for the respondents’ perceptions of
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
39
Table 4: Respondents’ perceptions of fraud prevention and detection technique in the
UAE
No. Fraud detection techniques Mean SD t-value Sig. Rank
1. Corporate code of conduct/ethics policy. 3.59 .938 5.74 .000** 27
10. Fraud prevention and detection training. 3.73 .976 6.86 000** 21
40
26. Data mining. 3.78 1.47 3.59 000** 16
41
4 Surveillance equipment. 4.11 1.29 1 Filtering software. 4.38 1.10
10 Increased role of audit committee. 3.89 1.33 7 Digital analysis. 3.98 1.25
42
Panel-B of Table 5: Paired sample t-test results
Mean SD t-value Sig.
The difference in use between traditional and technological -.0336 .344 -.724 .472
audit techniques.
The use of technological and traditional audit techniques by internal and .137 .713 1.05 .295
external auditors in the UAE.
43
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
Panel-A of Table 6: The One-way Anova Test for the impact of respondents’ background and organization characteristics on their perceptions towards:
Panel A: My firm has been a victim of fraud
Current Internal External
Position auditors auditors
No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
value
4 4.25 .428 14 3.29 1.33 20 2.85 1.39 3 2.67 1.15 14 2.79 .1.19 1.347 .266
No. Mean SD. No. Mean SD. No. Mean SD. SD. F- Sig.
value
No. Mean SD. No. Mean SD. No. Mean SD. SD. F- Sig.
value
No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
44
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
value
12 3.42 .348 10 3.00 1.63 11 3.09 1.04 14 2.86 1.39 8 .374 .319 .416 .835
No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
value
No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
value
3 3.33 1.15 21 3.00 1.37 22 3.00 1.35 9 3.11 1.17 .125 .945
45
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
value
4 2.00 .000 14 3.14 .561 20 3.20 .424 3 3.92 .740 14 2.57 1.22 1.238 .307
No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
value
No. Mean SD. No. Mean SD. No. Mean SD. SD. F- Sig.
value
No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
value
46
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
12 3.25 1.54 10 2.70 1.49 11 2.82 1.08 14 3.36 .929 8 .2.25 1.16 1.457 .221
No. Mean SD. No. Mean SD. No. Mean SD. No. Mean F- Sig.
value
**
No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
value
3 3.33 1.15 21 2.86 1.31 22 3.09 1.34 9 2.67 1.12 .358 .785
47
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
48
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
value
4 3.50 .428 14 3.64 .745 20 3.80 .70 3 3.67 .777 14 3.86 .691 .283 .887
No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
value
No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
value
No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
value
12 4.20 .838 10 3.60 .633 11 3.05 .757 14 4.04 .237 8 3.69 .594 5.154 .001
49
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
568 **
No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
value
3 3.33 .577 21 3.79 .768 22 3.73 .783 9 3.83 .613 .372 .773
50
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
value
4 3.62 1.80 14 3.46 .50 20 3.63 .91 3 3.50 .50 14 3.64 .84 .111 .978
No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
value
No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
value
No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
value
51
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
12 4.21 .541 10 3.56 412 11 3.45 1.11 14 3.56 .795 8 3.30 .64 2.80 .027
**
No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
value
3 2.83 1.61 21 3.69 .70 22 3.67 .761 9 3.61 .894 .986 .407
52
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
value
4 3.75 . 289 14 2.82 .923 20 3.70 .894 3 3.92 .740 14 3.50 1.26 2.38 .064*
No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
value
No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
value
No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
value
53
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
12 4.21 .838 10 3.60 .568 11 3.27 .691 14 4.03 .237 8 3.69 .594 5.154 .001
**
No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
value
3 3.17 1.04 21 3.29 .462 22 3.43 1.04 9 3.444 1.07 .117 .950
54
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
Panel-G of Table 6: The use of traditional fraud prevention and detection techniques
Current Internal External
Position auditors auditors
No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
value
4 3.46 .428 14 3.36 .561 20 3.78 .424 3 3.92 .740 14 3.94 .501 2.861 .033
**
No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
value
No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
value
No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
55
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
value
12 4.30 .348 10 3.68 .633 11 3.22 .368 14 3.56 .325 8 3.19 4.14 8.750 .000
**
**
No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
value
3 3.57 .825 21 3.73 .462 22 3.67 .665 9 3.76 .665 .125 .945
56
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
Panel-H of Table 6: The use of technological fraud prevention and detection techniques
Current Internal External
Position auditors auditors
No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
value
4 3.33 .605 14 3.43 .441 20 3.94 .481 3 3.67 .500 14 3.88 .631 2.824 .034
**
No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
value
No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
value
57
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
value
12 4.33 .331 10 3.71 .549 11 3.17 .294 14 3.76 .531 8 3.59 .234 9.127 .000
**
No. Mean SD. No. Mean SD. No. Mean SD. No. Mean SD. F- Sig.
value
3 3.31 .801 21 3.82 .483 22 3.73 .600 9 3.76 .570 .750 .527
58
Questionnaire
The purpose of this survey is to investigate the role of corporate governance and information technology in fraud
prevention and detection within the UAE. It should take approximately 10 minutes to be completed. Thank you in
advance for your willingness to contribute to the enhancement of the profession. Your response is confidential and
will be published in summary and statistical form. You or your firm will not be identified in anyway. Accordingly,
there are no foreseeable risks to you or your firm.
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
59
Part One: Respondent’s profile
1. Work Experience:
2. Academic Qualification
□ Diploma Degree
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
□ Bachelor’s Degree
□ Professional certificate
3. Current Position:
□ Financial Accountant
□ Internal Auditor
□ External Auditor
□ Others. Specify……………..
□ Professional certificate
□ 1-50
□ 51-100
□ 101-500
60
□ 501-1000
□ Over 1000
5. Business Type:
□ Manufacturing Firm
□ Retail
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
□ Financial Institution
□ Service Firm
□ Governmental Organization
□ Others (specify.……………………
6. Company Operations:
□ Local Firm
□ Regional Firm
□ International Firm
61
Part Two: The existence of fraud
Please, indicate the extent to which you agree or disagree with each of the following statements using the scale
below:
Low - High - 1
2 3 4 5
(Strongly Disagree) Disagree) Don't Know) (Agree) (Strongly Agree)
Low………. High
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
Please, indicate the extent to which you agree or disagree with each of the following statements using the scale
below:
Low - High - 1
2 3 4 5
(Strongly Disagree) Disagree) Don't Know) (Agree) (Strongly Agree)
Low………. High
2 In my firm, the funding for the internal audit department has been
significantly changed over the past three years. 1 2 3 4 5
62
4 In my firm, external audit is playing a significant role for fraud
prevention and detection. 1 2 3 4 5
Please indicate to what extent you perceive the following techniques are practiced and effective in preventing and
detecting fraud in your organization by using the scale below:
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
Low - High -
1 2 3 4 5
(Strongly ineffective) (Ineffective) (Don't Know) (Effective) (Strongly effective)
Completely ineffective
…. completely
effective
2
Internal control review and improvement 1 2 3 4 5
3
Reference checks on employees 1 2 3 4 5
4
Employment contracts 1 2 3 4 5
5
Fraud auditing 1 2 3 4 5
6
Fraud reporting policy 1 2 3 4 5
7
Fraud hotline 1 2 3 4 5
8
Whistle-blowing policy 1 2 3 4 5
63
9
Operational audits 1 2 3 4 5
10
Fraud prevention and detection training 1 2 3 4 5
11
Ethics training 1 2 3 4 5
12
Surveillance equipment 1 2 3 4 5
13
Increased attention of senior management 1 2 3 4 5
14
Code of sanctions against suppliers/contractors 1 2 3 4 5
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
15
Increased role of audit committee 1 2 3 4 5
16
Surveillance of electronic correspondence 1 2 3 4 5
17
Staff rotation policy 1 2 3 4 5
18
Security department 1 2 3 4 5
19
Employee counselling programs 1 2 3 4 5
20
Cash reviews 1 2 3 4 5
21
Inventory observation 1 2 3 4 5
22
Bank reconciliations 1 2 3 4 5
23
Ethics officer 1 2 3 4 5
24 Fraud software
1 2 3 4 5
25 Discovery sampling
1 2 3 4 5
26 Data mining
1 2 3 4 5
27 Digital analysis
1 2 3 4 5
64
28 Continuous auditing
1 2 3 4 5
29 Financial ratios
1 2 3 4 5
30 Virus protection
1 2 3 4 5
31 Password protection
1 2 3 4 5
32 Firewalls
1 2 3 4 5
33 Filtering software
1 2 3 4 5
Downloaded by University of Pittsburgh At 23:18 09 May 2016 (PT)
Biographical Information
Dr. Sawsan Saadi Halbouni (Corresponding author) is an Assistant Professor of Accounting,
Canadian University-Dubai, School of Business Administration, Accounting and Finance
Department, Dubai, UAE, PO Box 117781, Tel: +971 4 7096821 Fax: +971 4 321 9090, E-mail:
sawsan.halbouni@cud.ac.ae
65