Why is fraud still committed even when controls are established?

Fraud can still occur even in the presence of established controls because those controls may not be properly followed. Effective controls are designed to deter, detect, and prevent fraudulent activity, but their effectiveness largely depends on adherence to the established procedures and policies. If employees do not consistently comply with these controls—whether due to negligence, lack of training, or intentional disregard—then the risks remain, making it possible for fraud to be perpetrated.

Moreover, the failure to properly follow controls can lead to gaps in oversight that individuals can exploit. Training, communication, and monitoring are crucial in ensuring that employees understand the importance of these controls and consistently adhere to them. If there is a breakdown in adherence, the controls lose their effectiveness, allowing opportunities for fraud to emerge.

The presence of established controls alone does not guarantee protection against fraud; the organizational culture and commitment to compliance play significant roles in their efficacy.