Presentation is loading. Please wait.

Presentation is loading. Please wait.

Internal Audit’s Role in Preventing Fraud and Corruption

Published byTobias Hart Modified over 5 years ago

Similar presentations

Presentation on theme: "Internal Audit’s Role in Preventing Fraud and Corruption"— Presentation transcript:

1 Internal Audit’s Role in Preventing Fraud and Corruption
Naohiro Mouri, CIA IIA Global Chairman of the Board

2 IIA’s Standards on Corruption and Fraud Our Role Required Knowledge
Audit Considerations Other Considerations IIA Standards on corruption and fraud Role of internal auditor Knowledge of internal auditor Audit considerations Fraud prevention and anti- corruption programs Governance and risk assessment Policies and procedures Communication and training Monitoring and auditing Investigation and reports Other audit considerations

3 IIA Standards Proficiency and Due Professional Care
Fraud risk Manner in which fraud is managed by the organization Must have sufficient knowledge to evaluate: Expertise of a person whose primary responsibility is detecting and investigating fraud Not expected to have: 1210.A2 – Internal auditors must have sufficient knowledge to evaluate the risk of fraud and the manner in which it is managed by the organization, but are not expected to have the expertise of a person whose primary responsibility is detecting and investigating fraud.

4 IIA Standards Due Professional Care
Extent of work needed to achieve objectives Relative complexity, materiality, or significance Adequacy and effectiveness of governance, risk management, and control processes Probability of significant errors, fraud, or noncompliance Cost of assurance in relation to potential benefits 1220.A1 – Internal auditors must exercise due professional care by considering the: • Extent of work needed to achieve the engagement’s objectives; • Relative complexity, materiality, or significance of matters to which assurance procedures are applied; • Adequacy and effectiveness of governance, risk management, and control processes; • Probability of significant errors, fraud, or noncompliance; and • Cost of assurance in relation to potential benefits.

5 IIA Standards Reporting to Senior Management and the Board
CAE must report periodically on internal audit’s purpose, authority, responsibility, and performance relative to its plan This must include significant risk exposures and control issues, including fraud risks, governance issues, and other matters that require the attention of senior management and/or the board Standard 2060: Reporting to Senior Management and the Board The chief audit executive must report periodically to senior management and the board on the internal audit activity’s purpose, authority, responsibility, and performance relative to its plan. Reporting must also include significant risk exposures and control issues, including fraud risks, governance issues, and other matters needed or requested by senior management and the board.

6 IIA Standards Standard 2120: Risk Management
2120.A2 – Must evaluate potential for the occurrence of fraud and how the organization manages fraud risk 2210.A2 – Must consider the probability of significant errors, fraud, noncompliance, and other exposures when developing engagement objectives Standard 2120: Risk Management 2120.A2 – The internal audit activity must evaluate the potential for the occurrence of fraud and how the organization manages fraud risk. Standard 2210: Engagement Objectives 2210.A2 – Internal auditors must consider the probability of significant errors, fraud, noncompliance, and other exposures when developing the engagement objectives.

7 Our Role “Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations.” Includes detecting, preventing, and monitoring fraud risks and addressing those risks in audits and investigations

8 Our Role The internal auditor should not be expected to have the expertise of a person whose primary responsibility is to investigate fraud. Investigations are best carried out by those experienced to undertake such assignments Some internal auditors have the necessary experience—but most do not.

9 Our Role Audit’s role in investigations depends upon resources and the organization’s governance structure If audit evidence points to an illegal act, the internal auditor should seek legal advice directly or recommend that management do so

10 Required Knowledge Decide Evaluate Understand Identify
Red flags indicating fraud may have been committed Understand Characteristics of fraud Techniques used to commit fraud The various fraud schemes and scenarios Evaluate Effectiveness of controls to prevent or detect fraud Indicators of fraud Decide Is further action necessary? Should an investigation be recommended?

11 Fraud Prevention and Anti-corruption Programs
Internal audit should assess the effectiveness of fraud prevention and anti-corruption programs Help anticipate risks Help identify potential and actual incidents

12 Fraud Prevention and Anti-corruption Programs
Two different, but complementary, approaches may be used exclusively or in conjunction with each other Audit each component of the fraud prevention and anti- corruption program Incorporate into all audits as appropriate, including risk assessment and scoping Two different, but complementary, approaches that may be used exclusively or in conjunction with each other include: • Auditing each component of the fraud prevention and anti-corruption program. • Incorporating an assessment of fraud prevention and anti-corruption measures in all audits, as appropriate. In this approach, fraud and corruption risks should be incorporated into the risk assessment and scoping process of each audit. For example, a financial audit may include a review of cash transactions and a vendor management office audit might include a review of third-party due diligence practices.

13 Fraud Prevention and Anti-corruption Programs
Procedures to assess fraud and corruption risks Fraud and corruption scenarios Control environment and fraud prevention/ anti-corruption programs within the audit area Linking audit procedures to assessed risk

14 Governance and Risk Assessment
Understand attitude/tolerance of board and executive management Is attitude sufficiently restrictive? Adequately communicated throughout the organization? Scrutinize governance structure and monitoring/oversight responsibilities Evaluate inherent risks as part of comprehensive risk assessment Understand the attitude and tolerance of the board and executive management toward fraud and corruption risks Assess whether attitude is sufficiently restrictive Validate that attitude has been adequately communicated throughout the organization Scrutinize governance structure and monitoring/oversight responsibilities related to fraud and anti-corruption programs Evaluate inherent fraud and corruption risks as part of comprehensive risk assessment

15 Policies and Procedures
Documented appropriately? Approved by appropriate management? Compliance with applicable laws and regulations? Implemented effectively? Internal audit should sample test whether policies and procedures: • Are documented appropriately. • Are approved by appropriate management. • Comply with applicable laws and regulations. • Are implemented effectively.

16 Communication and Training
Internal audit should share information and work with other assurance functions Fraud investigation, legal counsel, compliance, external audit… May collaborate with legal and ethics teams on training and anti-bribery and anticorruption audits Must consider whether their training and/or communication activities could impair their objectivity Internal audit should share information and work with other functions such as fraud investigation, legal counsel, compliance, and external audit. Internal audit also may collaborate with legal and ethics teams on training and anti-bribery and anticorruption audits. Internal audit must consider, however, whether their training and/or communication activities could impair their objectivity in any manner.

17 Monitoring should be performed to:
Ensure effectiveness of fraud prevention/anticorruption programs Lower time to detection Support continuous improvement and follow-through on corrective action plans Internal audit’s monitoring activities should not supplant management’s monitoring role

18 When audit evidence indicates possible irregularities…
Follow reporting protocol and refer the matter to the investigation group If internal audit suspects that management is involved in the irregularity, identify the appropriate party to whom audit can report Perform and document adequate actions to support audit findings, conclusions, and recommendations

19 Other Considerations Geography and industry Hiring/employment
Third-party/vendor management Gifts, entertainment, and political contributions Procurement Sales Finance IT Upper management Government relations

20 Thank You

Download ppt "Internal Audit’s Role in Preventing Fraud and Corruption"

Similar presentations

Els Hostyn Partner Internal Audit, Risk & Compliance Services Forensic 13 October 2009 FORENSIC ADVISORY Internal Audit and other assurance providers.

Els Hostyn Partner Internal Audit, Risk & Compliance Services Forensic 13 October 2009 FORENSIC ADVISORY Internal Audit and other assurance providers.
PRESENTATION ON MONDAY 7 TH AUGUST, 2006 BY SUDHIR VARMA FCA; CIA(USA) FOR THE INSTITUTE OF INTERNAL AUDITORS – INDIA, DELHI CHAPTER.

PRESENTATION ON MONDAY 7 TH AUGUST, 2006 BY SUDHIR VARMA FCA; CIA(USA) FOR THE INSTITUTE OF INTERNAL AUDITORS – INDIA, DELHI CHAPTER.
Chapter 14 Fraud Risk Assessment.

Chapter 14 Fraud Risk Assessment.
A Consultative Approach to Auditing

A Consultative Approach to Auditing
IMFO Audit & Risk Indaba June 2012

IMFO Audit & Risk Indaba June 2012
Institute of Municipal Finance Officers & Related Professions

Institute of Municipal Finance Officers & Related Professions
IS Audit Function Knowledge

IS Audit Function Knowledge
Office of Inspector General (OIG) Internal Audit

Office of Inspector General (OIG) Internal Audit
SAFA- IFAC Regional SMP Forum

SAFA- IFAC Regional SMP Forum
Purpose of the Standards

Purpose of the Standards
ISA 220 – Quality Control for Audits of Historical Financial Information

ISA 220 – Quality Control for Audits of Historical Financial Information
Section 1 Guidelines for Office of Inspector General Quality Control and Assurance Programs Peer Review Training – National Science Foundation August 16,

Section 1 Guidelines for Office of Inspector General Quality Control and Assurance Programs Peer Review Training – National Science Foundation August 16,
Auditing Standards IFTA\IRP Audit Guidance Government Auditing Standards (GAO) Generally Accepted Auditing Standards (GAAS) International Standards on.

Auditing Standards IFTA\IRP Audit Guidance Government Auditing Standards (GAO) Generally Accepted Auditing Standards (GAAS) International Standards on.
Learning Objectives LO1 Describe the role of professional judgment in achieving the overall objectives of the independent auditor in conducting an audit.

Learning Objectives LO1 Describe the role of professional judgment in achieving the overall objectives of the independent auditor in conducting an audit.
Elements of Internal Controls Preventing Fraud, Waste, and Abuse in Urban and Rural Transit Systems.

Elements of Internal Controls Preventing Fraud, Waste, and Abuse in Urban and Rural Transit Systems.
Chapter 4 Risk Assessment.

Chapter 4 Risk Assessment.
Internal Auditing and Outsourcing

Internal Auditing and Outsourcing

Central Piedmont Community College Internal Audit.

Central Piedmont Community College Internal Audit.
An Educational Computer Based Training Program CBTCBT.

An Educational Computer Based Training Program CBTCBT.

Similar presentations

Ads by Google