Internal auditing and fraud prevention have been hotly debated in recent years.
While some firms insist that internal auditors’ role as “fraud detectives” and direct participants in fraud prevention measures is their job, others contend that senior management should be the first line of defence.
Not only is fraud on the rise worldwide, but insiders are believed to carry out 70 per cent of all fraud. Fraud can sometimes be so destructive that it brings a business to its knees.
As criminals become ever more intelligent in their methods, a company’s anti-fraud control systems definitely need to receive more attention if they are to remain effective in preventing, detecting, and responding to fraud.
Who, however, bears the responsibility for this?
The role of internal audit in order to prevent and detect fraud.
“Internal audit should assess where fraud risk is prevalent inside the business and respond appropriately by examining the controls of that area, analysing the possibility for the occurrence of fraud, and how the organisation manages,” according to the IIA’s Fraud and Internal Audit position paper. Risk assessment and audit planning are used to reduce fraud risk. The internal audit does not have direct responsibility for preventing fraud within the company.
How can the knowledge of fraud help the auditors?
- To evaluate the indicators of fraud and determine whether further action or investigation is necessary
- In order to evaluate the effectiveness of controls to prevent or detect fraud.
- In order to evaluate the indicators of fraud and determine whether further action or investigation is necessary
- To evaluate the effectiveness of controls to prevent or detect fraud
Internal audit professionals should not be expected to have the same degree of experience as specialist fraud detectives, according to the IIA, but they should use their data analysis skills to spot trends and patterns that indicate fraudulent conduct.
Despite these recommendations, the reality is that each company’s audit committee and board of directors have different perspectives on internal audit, and the precise role of internal audit and its involvement in fraud prevention is usually determined by a combination of external standards and an anti-fraud policy.
Finally, internal auditors must keep fraud risk in mind throughout all audit work, while also remaining alert to red flags and adhering to the organization’s policies and expectations regarding fraud mitigation.
Internal audit can provide and improve fraud assurance in what ways?
Fraud is without a doubt one of the most serious threats to governance that organisations face, regardless of industry, size, or jurisdiction.
Let’s go through a recent report by Kroll and the IIA that revealed that businesses that empower and invest in internal audits improve the overall effectiveness of their fraud risk management.
Internal audit is critical in not only reducing the financial and reputational impact of fraud but also in preventing business objectives from being jeopardised. As the primary source of assurance on all organisational risks, here are some specific ways internal audit can respond to the challenge of fraud risks:
Examine detection controls
Do you have confidence in your organization’s ability to detect fraud early on, if at all? If not, now is the time to revisit your annual plans to ensure that detective controls are just as stringent as preventative controls, so that if fraud occurs, it will most likely be detected by checks like reconciliations and management monitoring.
Detection can also include whistle-blowing agreements, in which a tip-off can stop fraud in its tracks. Internal audit also needs to collaborate with senior management to ensure that their whistle-blowing procedures do not discourage employees from coming forward during potentially critical business moments.
Provide fraud risk training
We previously discussed the IIA’s position on internal audit having sufficient knowledge to identify warning signs of fraud. Regular training, regardless of experience, can help audit professionals stay on top of fraud techniques and schemes as they become more sophisticated in the modern world.
However, it is worth noting that data monitoring and analytics skills should also be considered as part of your L&D program as they are becoming more effective in reducing losses and duration of fraud by detecting fraud schemes through trends and unusual patterns.
Invest in audit management services and solutions
A well-established team of risk-based audit management solutions can aid in the automation of data mining while also providing a real-time view of information that can be used to detect instances of fraud. It can also assist auditors in:
- Assessing the effectiveness and application of controls, as well as the data’s reliability
- Determining the adequacy of controls for asset protection
- Evaluating compliance with policies, procedures, and legal obligations
- Establishing a partnership and proactive communication with management
- Promoting financial responsibility and accountability at all levels
- Investigating financial improprieties, and
- Identifying and making recommendations for mitigating fraud risks. In a nutshell
To make your business and your organization, you need to seriously invest in the best auditing solutions that can guide your operations step by step with no gaps that can lead astray. At HALSCA, we are committed to helping companies in the UAE achieve their business goals without stumbling blocks. Check our website for more information