Learning from WorldCom: Implications for Fraud Detection through Continuous Assurance

The recent rash of corporate frauds and malfeasance has intensified the focus on continuous assurance as a viable enterprise risk‐management tool. In line with this focus, the current study revisits the WorldCom fraud and explores the feasibility of implementing continuous assurance over key‐event‐transaction data as a means of facilitating early detection of the main fraud activities that occurred. There are three main objectives of the research. The first is to examine the key methods of fraud executed by WorldCom's management in order to design a continuous assurance model that would have provided the analytic monitoring necessary for early detection of the fraudulent transactions. The second objective is to provide a blueprint for the integration of the prescribed continuous assurance model in an SAP environment as a means of demonstrating the feasibility of such a continuous assurance strategy. The third objective is to explore the complexity derived from the use of multiple‐legacy systems as a means of articulating the resulting higher risk and the negative impact on the feasibility of continuous assurance. WorldCom forms the centerpiece of the research study based on the multiple fraud conditions and the coexistence of both SAP enterprise software and a myriad of legacy‐system applications.