Risk assessments, internal control guidelines, and SOX-related processes have become commonplace in corporate operations. But all of that effort only serves to underscore the one issue that companies still haven’t solved: how to monitor and prevent fraud.

“Many organizations still stick their heads in the sand when it comes to fraud,” says Dave Richards, president of the Institute of Internal Auditors. “People who perpetrate fraud often are the most trusted and long-term employees. Companies’ reaction to it, when discovered, is usually one of disbelief.”

Companies are turning to internal auditors to devise effective ways to police employees and to have the ...