Continuous Auditing's Effectiveness as a Fraud Deterrent

Abstract

Many organizations have responded to their increasingly complex and data-intensive environment by replacing traditional manual internal auditing systems with automated continuous auditing systems. We examine a subset of continuous auditing, known as continuous controls monitoring, in which auditees are provided with early and frequent notification of discrepancies discovered by the continuous monitoring system. Such systems are generally believed to be beneficial at deterring fraud. Our study examines whether there is also a potential downside to early and frequent notification. We predict that the benefit of a continuous monitoring system will depend on the fraud-detection capability of the organization’s monitoring system: when the monitoring system is strong, earlier and more frequent auditee notification is expected to be more of a fraud deterrent, decreasing the incidence of fraud, compared to delayed notification of discrepancies in summary form. In contrast, when the monitoring system is weak, earlier and more frequent auditee notification is predicted to increase an auditee’s propensity to commit fraud. We use an experimental economics approach to conduct an abstract experiment with student participants. Consistent with expectations, we find that early and frequent notification of audit results is not always beneficial in deterring fraud, and that its benefit depends on whether the fraud-detection capability of the monitoring system is strong or weak. We do not find evidence of the predicted benefit of continuous notification reducing the incidence of fraud when the system is strong, but we do find an increase in participants’ inclination to commit fraud when the system is weak. We discuss the implications of these findings for research and practice.