PREVENTIONAL AUDIT: IMPLEMENTATION OF SOX CONTROL TO PREVENT FRAUD

. The Euro-integration vector of Ukraine economic development and business in the open economy zone expands the economic and social potential of domestic enterprises and requires the formation of a reliable information environment to ensure the corporate interests of their investors (in the first) and other users of information (in particular). Today, corporate fraud is the most widespread form of economic crime in Ukraine and the world, which affects about 48% of domestic enterprises. The study attracted substantiated attention to the negative tendency towards the growth of economic crime in Ukraine, which in the end focuses on the fact that domestic business should apply a set of measures to withdraw part of the business from the “shadow economy”. As a result, such measures will help increase the attractiveness of Ukraine’s business investment. The study systematized and analyzed the progressive experience of developed countries, in the first place, the United States, in the fight against economic fraud. The study provides all grounds for asserting that it is quite feasible to achieve the tangible reduction of economic (financial) fraud with preventive measures (which is rather quick and effec-tive). It is proved that the lack of aspirations of the enterprise management to overcome fraud leads to the formation of new money laundering schemes, and not control mechanisms – prevention of opportunities for committing fraud.


Introduction
The European integration vector of Ukraine's development, declared in the Agreement on the Association between Ukraine and the European Union, significantly expands the potential of domestic business entities to the open international market. It substantially increases the requirements for the quality of financial reporting of a business that are subjects of public interest and obliges them to implement a system of internal control aimed at protecting the interests of investors from corporate fraud as the main problem of the world level, which impedes the formation of a favorable business environment and economic development of the country as a whole.
The modern economy is characterized by open access to large amounts of information. Today, openness is perceived by users of information as a sign of reliability. The desire of enterprises to enter new markets, exchanges, to the act of Sarbanes-Oxley (2002) (hereinafter referred to as SOX) was signed. The need for the act was due to a number of large scandals related to corporate governance and accounting in large corporations. These scandals cost investors billions of dollars when stock prices of affected companies collapsed and shocked public confidence in the US national securities market.
According to the SOX act (Paletta & Alimehmeti, 2018), which defines specialized requirements for companies whose shares are traded on international stock exchanges, an important determinant of effective management and compliance with internal policies and procedures is the monitoring and testing of the internal control system. One of the key benefits of SOX audit is protecting the interests of investors by confirming the reliability of the control environment of the enterprise where the funds are invested. It is also important to note that the SOX audit serves as a tool for increasing the stock price of stock exchanges.
Fraud in the economy is appropriate to consider on two sides: the current (national) legislation and as a category of audit, which is substantially different from fraud or error by several criteria. These include: the size of the violation, the intent (intentionality or accident), the number of related parties, the frequency (or severity).
Among the world's most popular corporate fraud protection measures, there are an internal audit system (Boskou, Kirkos, & Spathis, 2019) and an internal control system (Oussii & Boulila Taktak, 2018;Paletta & Alimehmeti, 2018) whose work mechanism needs to be continuously improved. The internal audit is perceived as a process, effected by employers and employees in order to provide the achievement of objectives relating to appropriate reporting and maintaining financial control (Boskou et al., 2019). So, it is necessary to ensure good coordination, timely reporting and continuous quality control and meeting of the public complaints (Gamayuni, 2018). The internal control systems is an important mechanism in assuring the growth of the responsibility of senior managers and the reliability of financial statements (and nonfinancial information necessary for the better understanding of market) (Oussii & Boulila Taktak, 2018) that leads to the better market competition (Cohen, Krishnamoorthy, & Wright, 2010;Khlif & Samaha, 2016). The use of these measures leads to the evaluation of the efficiency of activity and to the ensure of continuous improvement.
One of the areas for improving the reliability of the internal control system is its assessment of compliance with the Sarbanes Oxley Act (known worldwide as SOX). That is why, for the national practice of audit, today's problem issues is the formation and enforcement of a single regulatory document, which would include a series of measures aimed directly at counteracting the occurrence of fraud in Ukraine. In turn, the next changes introduced in the Law "On Audit of Financial Statements and Audit Activities" in Ukraine provide only certain measures that can be aimed at combating fraud, which is massively present in the activities of domestic business.

Literature review
The Sarbanes-Oxley Act (SOX) was issued as a response to the government errors and ensuing issues that required quickly and qualitative solutions and therefore promotes new requirements for auditor independence while ensuring and improving the quality of audit and non-audit services (Chu & Hsu, 2018). The main idea of the SOX is to improve the performance of corporate executives, to discipline the activities of companies and to promote us of innovation in their activities. This is to reduce fraud and violations due to the implementation of deeper internal control with particular emphasis on accountability (Gu & Zhang, 2017).
The act covers key areas such as corporate governance and disclosure standards that affect all organizations (Bhabra & Hossain, 2017). Researchers (Reza, 2018;Prentice, Bills, & Peters, 2019;Stewart, 2019) reveals the most important 11 areas of SOX act. It is the benefits plan's financial statements and related auditor's opinion. Such a benefit plan provides a unique set of the potential benefits provided by the financial statement auditor and can influence auditor choice. Figure 1 presents the major elements in the act. Here are 11 sections of SOX act (Reza,  It follows that SOX includes various areas, so if each of them would attract more attention, the results of the activity of each company should be better and the probability of fraud would be smaller. Here also should be mentioned the principles of the effects of SOX. SOX requires a more careful filling of balance sheets and other financial statements (Funchal & Soares Monte-Mor, 2016). The effects of the SOX system occur in two ways (Saxton & Neely, 2019). The first way is the reaction of organization to the effects of the act, its determinants and the nature of policymaking. The second way evaluates the effectiveness of SOX in improving organizational ethics, regulation and accounting. The application of SOX depends on many factors: company size, operating time, financing, accounting policy, management, debt, area and reporting requirements.
To sum up, the theme has been widely developed by many authors. There are a SOX act and only some instructions for providing SOX audit, but in the scientific field, there is no methodology of SOX audit. There is a lot of general theoretical approach to financial control assessment, risks and corporate investment management, but no one study is connected with the main world act against fraud. It follows, what the main purpose of this article is to present the main approach of the SOX influence to the avoidance of fraud.

Aim, methodology and data
There is a need for justification necessity of audit procedures expansion by the procedures group that should be based on SOX requirements. It is important to identify the corporate fraud gaps and to promptly take all measures to prevent their occurrence in the future. This will allow to: -improve the quality and transparency of financial reporting; -improve the process of developing the reporting practice standards; -improve the internal control and audit in management; -increase of corporate responsibility and usefulness of disclosure of financial corporate information; To reach the bellow aim such goals were set: -to analyze the level of economic fraud in Ukraine and in the World; -to identify the reasons which provide such level of fraud; -to analyze weather the national and foreign business is adopted to the situation and how it could be solved taking into the account the best practice of the countries which are leaders of fraud struggle; -based on the analysis to propose measures which will be directed to the fraud struggle that should rise trust level of foreign investors The research is carried out using the following methods: -monographic -for generalization of theoretical and methodological bases of formation of SOX audit; -literature analysis and synthesis, induction and deduction -to raise the question of research, detail and refinement of his subject; -statistical -to operate and sum-up all provided in the research data that is the main part of theoretical hypothesis and their verification; -system analysis -to clarify the essence of concepts; -classification -analytical -for the classification of information; -graphic -for a visual and schematic representation of theoretical and practical results of research and questioning. To get the research result it is very important follow auditor professional opinion in the process of company internal control assessment. Appropriating the score for each sup-systems of internal control, auditor is managed only by his professional opinion that is based on selected auditor's evidences due to the International standards and Code of ethic of the auditors. In such level of the audit the audit has to do operative analysis and depends on the score should be ready to recommend to the managers measures which should be implemented to the problem solving and it᾽s prevention in the future.

Results
The SOX act has gained great popularity in the world. After its successful implementation in the United States, many countries on its base had adopted similar laws that differed a little from SOX and were aimed against the key economic growth problem -economic crime and fraud. Soon, this practice has passed to all the advanced countries of the world, because information users (professional and unprofessional) needed to know who came to the market, whether this counterparty is transparent and someone with whom you can work together.
For the countries of the post-Soviet area, the full borrowing of the norms of this law meant a radical turn of the system of financial control in the country, therefore the process of adaptation of a successful action to the domestic economy practice of Ukraine wasn't realized locally.
The urgency of SOX Act adoption in the United States was determined by the fact that, despite the long process of consideration and discussion of regulatory documents, this act was adopted overnight. The reason for this was a direct threat to the national security of the state. The next step after the adoption of the SOX Act in the United States was the desire of a business to withdraw or raise the value of their shares on the market, but for this it was necessary to prove that their financial statements fully correspond to real accounting data, and the internal control system is effective and customized prevention of fraud, its operational elimination and provides for a set of preventive measures which requires the formation of priorities of the economic policy of revenue regulation (Yeshchenko, Koval, & Tsvirko, 2019). The resulting criterion for meeting the requirements for entering the stock exchange was the presentation of transparent financial statements and an audit opinion, which confirms it.
Given that since 2002 the internal audit (permanent) has begun to develop, and not the external audit (retrospective), there was an urgent need to analyze whether the SOX act is actually implemented in practice.
According to the World Economic Crime and Fraud Investigation in Ukraine in 2018, 48% of Ukrainian entities have suffered from economic crime and fraud during the last two years (Figure 2) Bribery and corruption (73%) are the leaders among economic crimes that have been affected by organizations over the past two years, and top 5 also includes: illegal appropriation of property (46%), fraud in the field of procurement (33%), fraud in the field of human resources management (33%) and cybercrime (31%) (PWC, 2018).
In an open economy, bribery and corruption are the most significant economic crime for Ukrainian enterprises in the near future.
According to the survey, 31% of companies reported that their organization's losses from the most significant fraud cases amounted to more than $ 100,000. The United States, while 12% of them reported losses of $ 1 million. US $ 50 Million in the USA.
Fraud consequences -not only financial. Ukrainian entities note that their reputation/brand (50%), relations with business partners (42%) and interaction with regulators (38%) were the most affected by economic crimes and fraud. 58% of Ukrainian organizations reported worsening professional ethics and employee behavior as a result of the most significant cases of fraud (Figure 3).
Due to the results of the survey, a significant fraud increase in Ukrainian entities committed by employees (from 28% in 2016 to 56% in 2018), among which the proportion of fraud committed by senior management also significantly increased (from 27% in 2016 to 55% in 2018).
Also, Ukrainian respondents note that 67% of fraudsters are physical and legal persons close to the organization: agents, suppliers and clients.
Despite the increased costs of combating economic crime and fraud, a lot of Ukrainian entities still do not deal with fraud prevention, but only react or defend when the fact of fraud is already committed. Only 40% of polled organizations in Ukraine conducted a general assessment of fraud risks over the past two years. Every fifth organization (17%) did not carry out a risk assessment at all for two years (Figure 4).
Also, the share of entities in Ukraine, which responded with an official program of professional ethics and compliance, decreased from 75% to 59%.
Given the analysis provided by the analyst on the development of economic fraud in Ukraine, there are reasons to state that a large share of the country's economy is in the shadows. In turn, such a mechanism of doing business is not attractive to international investors, which serves as the main problem for increasing the investment attractiveness of the country, and the confirmation of this is the unstable dynamics of international investment in Ukraine (Table 1).
Under these conditions, international investors need to use proven and reliable tools to prevent corporate fraud. Under these conditions, an internal audit is the most reliable instrument of assurance for an investor. At the same time, the auditor's assessment of the control environment of the enterprise in accordance with SOX is a priority task. Since internal audit is a relatively new field of knowledge and therefore requires its own security which has not yet been fully developed, internal auditors have widely used SOX standards in practice that require management from the organization to carry out and continuously monitor the system for ensuring the effectiveness of internal control over the preparation of financial statements. After completing this requirement, the Internal Audit Department (IAD) usually provides assistance to the management. Therefore, by adopting the best practice, domestic business entities began to form internal audit systems to carry out only a controlling function. Bilukha and Mykytenko (2005) argue that a clear statement of the position regarding internal audit and its imperatives is determined by internal audit that solves the following tasks for the client: the system of asset control studies; checks compliance with control of the policy of the entity; analyzes risk situations and prevents bankruptcy; uses the know-how to increase the profit and efficiency of the new technology; takes other measures that promote the development of the business entity in business (Bilukha & Mykytenko, 2005).
The refusal of an external audit, even if it is not mandatory, may have negative social and economic consequences for economic entities. Thus, in a survey of existing and potential investors, analyzing the causes and consequences of the global financial crisis, 28% of them acknowledged that the investments were not made due to the poor quality of SLVA or its absence from the entity, 20% indicated that for obtaining Investments in the management of the entity were proposed to make changes in the middle management's management due to poor quality work or the absence of the IAD in the entity, and only the implementation of these changes enabled the implementation of investment projects (EY, n.d.; Zakonodavstvo Ukraїni, 2018).
Those domestic business entities that already have IAD in their organizational structure, if not on an ongoing basis, then on an outsourcing or co-sourcing basis periodically involve external auditors, which is confirmed by IFC data. Almost 60% of business entities attracted external auditors periodically once a year, and almost 30% of the respondents attracted external auditors several times a year (Zakonodavstvo Ukraїni, 2017;PWC, 2018). At the same time, one of the key reasons for recourse to external audit services is the weaknesses in the work of IAD, which is also confirmed by the results of the global EY study conducted by the company with Forbes Insights, covering respondents representing companies from 26 industries with a total revenue of $ 500 million. The USA. So, the answer to the question "How relevant is it for your organization to improve the work of IAD?" suggests that 28% of respondents definitely acknowledge the need to improve the work of IAD in the near future (EY, n.d.).
After signing the Association Agreement with the EU in 2014, Ukraine has undertaken to harmonize its legislation with European norms. And above all, it concerns business law, including the scope of financial reporting and auditing.
The next changes to the Law on Audit of Financial Reporting and Auditing in Ukraine provide for certain measures that may be directed at combating fraud that is massively present in the activities of the domestic business (APU, n. d.).
Also, due to the updated law, with financial reporting, most companies will have to provide a management report that reflects the state and prospects of enterprise development and reveals the main risks and uncertainties about its activities. Consequently, as a result of innovations, the market will gain greater transparency of business, which will increase the trust of foreign investors in Ukrainian companies and increase the investment attractiveness of Ukraine as a whole. So, it is entirely expected that in such a report, the management of an enterprise should report on cases of significant fraud and how it affects the activities of the enterprise. Investors need this information in the first place, but given that according to a study (PWC, 2018) 55% of cases of fraud in enterprises were committed by senior management, it is expected that the domestic business isn᾽t ready for the innovations envisaged by the law.
Considering the formation of an effective enterprise management strategy using the provisions of SOX, particular attention is paid, in order to increase corporate responsibility and the usefulness of disclosing financial and corporate information, which is also important in the context of updating legislation. The main objectives of the SOX Act are: -Improving the quality and transparency of financial reporting, as well as independent auditing and accounting services for public companies; -Improving the process of developing standards for reporting practices; -Strengthening the independence of companies involved in the audit of public companies; -Internal control and audit in management; -Increase corporate responsibility and usefulness of disclosure of financial corporate information; -Ensuring a guarantee of the objectivity and independence of securities analysts. In connection with this, over the past few years, the company's internal control environment has become increasingly popular due to the Sarbanes Oxley Act (Nazarova & Mysiuk, 2018).
Recent legislative changes regarding this issue do not fully take into account all the components that are Establishes the Public Company Accounting Oversight Board, to provide independent oversight of public accounting firms providing audit services. It also creates a central oversight board tasked with registering auditors, defining the specific processes and procedures for compliance audits, inspecting and policing conduct and quality control, and enforcing compliance with the specific mandates of SOX.

Auditor Independence
Establishes standards for external auditor independence, to limit conflicts of interest. It also addresses new auditor approval requirements, audit partner rotation, and auditor reporting requirements. It restricts auditing companies from providing non-audit services (e.g., consulting) for the same clients.

Corporate Responsibility
Identifies that senior executives take individual responsibility for the accuracy and completeness of corporate financial reports.

Enhanced Financial Disclosures
Describes enhanced reporting requirements for financial transactions, including off-balance-sheet transactions, pro-forma figures and stock transactions of corporate officers. It requires internal controls for assuring the accuracy of financial reports and disclosures and mandates both audits and reports on those controls. It also requires timely reporting of material changes in financial condition and specific enhanced reviews by the SEC or its agents of corporate reports.

Analyst Conflicts of Interest
Includes measures designed to help restore investor confidence in the reporting of securities analysts. It defines the codes of conduct for securities analysts and requires disclosure of knowable conflicts of interest.

Resources and Authority
Defines practices to restore investor confidence in securities analysts. It also defines the SEC's authority to censure or bar securities professionals from practice and defines conditions under which a person can be barred from practicing as a broker, advisor, or dealer. 3

Studies and Reports
Studies and reports include the effects of consolidation of public accounting firms, the role of credit rating agencies in the operation of securities markets, securities violations, and enforcement actions, and whether investment banks assisted Enron, Global Crossing, and others to manipulate earnings and obfuscate true financial conditions. 3

Corporate and Criminal Fraud Accountability
Describes specific criminal penalties for manipulation, destruction or alteration of financial records or other interference with investigations, while providing certain protections for whistle-blowers. 2

White-Collar Crime Penalty Enhancement
Increases the criminal penalties associated with white-collar crimes and conspiracies. It recommends stronger sentencing guidelines and specifically adds failure to certify corporate financial reports as a criminal offense. 1

States that the Chief Executive Officer should sign the company tax return. 3 Corporate Fraud Accountability
Identifies corporate fraud and records tampering as criminal offenses and joins those offenses to specific penalties. It also revises sentencing guidelines and strengthens their penalties.

2
*5 -a number that is assigned at the maximum level of SOX compliance.
important for ensuring the reliability of the control environment of the enterprise ( Table 2). The analysis of the information above allows us to state that in Ukraine there are insufficiently developed systems of control of the internal environment at enterprises. This is explained by the fact that domestic business managers themselves are not interested in developing this system since the level of proceeds from crime is significantly higher than the amount they receive legitimately.
The challenge for such enterprises and their managers is the recently introduced enterprise management report. Users of the management report may be employees, owners, investors and other users interested in information about the company. The management report should be disclosed in the same way as the financial statements, together with the audit report on its own webpage or website, or otherwise in cases specified by law.
The structure of this report involves the disclosure of information about enterprise risks, financial investments and corporate governance. It is these sections that provide detailed information on those fraud cases reported during the global fraud survey in the world. In order to assess the level of economic crime of a business, we recommend to develop and use the wheel of SOX balance by each developed company and auditorsinternal and external. Also, it could be used by governmental bodies to check and analyze economic crime of the country ( Figure 5).
The developed balance wheel, based on the results of investigation in Table 2, allows to make comprehensive assessment of the quality and reliability of the control environment of business and identifies the riskiest segments that require attention. The number (between 1 and 5) is chosen due to the auditor's professional opinion based on professional standards and code of ethics of auditors. The information is shown above in Figure 5 shows that domestic business has favorable conditions for economic crime development in the country. This state of affairs does not contribute to the development of investment activity in the country and needs immediate amendments.

Conclusions
To sum up, while investigating the development of economic crime in Ukraine, it was established that Ukraine has all the conditions for its development. At the legislative level, there is no single document that would resolve this issue. Separate provisions of various normative legal acts are not able to provide an adequate level of reliability of the internal control system of a business. The high level of internal corporate fraud that has developed in Ukraine requires the use of radical measures to overcome it. This situation does not contribute to improving the investment attractiveness of the country due to the lack of confidence of foreign investors.
One of the most successful tools for protecting corporate interests of investors is the SOX Act, that has proven by international practice. The development of SOX-based regulatory support, as well as the methodology for assessing the company's internal control system, is designed to ensure the reliability and transparency of information generated within domestic business.
The Ukraine SOX balance wheel providing allows Ukrainian legislation: -to increase the direct responsibility of senior corporate managers (who have the direct responsibility for the corporate fraud) for the quality of financial reporting and disclosure of information about the company's activities; -to increasing the independence of the audit committee from the company and its responsibility for the company's independent auditors; -to restrict the types and nature of services that the auditor may provide to a publicly traded client; -to sett up an independent board to oversee audit methods for publicly traded companies. SOX act implementation should serve the guarantee for society about their payments and about companies that doing business in their country using it's resources.
The SOX balance wheel developed in the study allows identifying specific segments that do not contribute to the formation of reliable information at the entity and serve as a source for the development of corporate fraud. Particular this assessment enables to comprehensively assess the level of development and the impact of each of the segments of the company's activity on the formation of its reliable system of internal control and recognition at the international level of domestic business as such that Figure 5. SOX balance wheel of Ukraine promotes the growth of investors' capital, protects their interests in all the cases and rational use of basic productive assets (Yankovyi et al., 2019).
In the course of providing financial and economic activities, all the companies try to organize a separate an internal audit department or to distribute internal audit functions within the current stuff. The first method is more efficient, but not every business entity can afford it financially. The larger the company, the more it is interested in methodological developments aimed at specifying internal audit procedures using the results of internal control. Such scientific and practical developments are high demanded, but still require further scientific and practical development. Public companies are required to carry out an independent (external) audit, since they are entities of public interest. That is, the number of users of information in the results of such an audit is as wide as possible. At the same time, SOX requirements include the submission of permanent internal audit results. The undeniable advantage of internal audit is its stability, continuity. Recent trends in the audit field have put the spotlight on the possibility of carrying out preventive audit, as it is a key tool for minimizing the risks of fraud, one of the most important obstacles to effective management. The main vector for the development of such research for the future is synergistic developments in auditing, that means the opportunity to obtain social and economic impact as a result of timely identification and implementation of preventive audit measures. And audit synergies can, as expected, be a significant lever of economic growth (which requires some further research).
In this research the idea of SOX adaptation was developed by K. Nazarova. The approach of SOX balance wheel methodology using was developed by V. Mysiuk.