Audit s Role in Fraud
|
|
|
- Mabel Atkinson
- 5 years ago
- Views:
Transcription
1 Audit s Role in Fraud Cathy Blunt Manager Internal Audit
2 Introduction Difference between External and Internal Audit Audit s Role in Fraud Audit Committee s Role in Fraud What Should Internal Audit Be Doing
3 Difference between External & Internal Audit External Audit: Statutory opinion to shareholders on accuracy of financial statements Report to Board and shareholders Australian Auditing Standards Independent to organisation Risks & controls over financial reporting Recommendations to improve control environment Internal Audit: Broad based assurance program over key business risks Report to board via audit committee Organisation wide Part of organisation by independent reporting arrangements Assurance over enterprise risk management framework Also recommendations to improve performance and results
4 Audit s Role in Fraud Is not to be primarily responsible for: Placing a strong emphasis on fraud prevention & detection Creating a culture of honesty and ethical behaviour Oversighting activities Considering the risk of over-riding controls or misstating results Australian Auditing & Assurance Standards Board, Compiled Auditing Standard ASA 240 The Auditor s Responsibility Relating to Fraud in an Audit of a Financial Report,
5 External Audit s Role in Fraud ASA Reasonable assurance that financial statements are free from material misstatement» Apply professional scepticism» Discuss fraud risks within engagement team» Perform assessment of fraud risks» Review management s assessment of fraud risks» Understand oversight processes» Evaluate relationships» Assess fraud risk factors» Report fraud Australian Auditing & Assurance Standards Board, Compiled Auditing Standard ASA 240 The Auditor s Responsibility Relating to Fraud in an Audit of a Financial Report,
6 Internal Audit s Role in Fraud Internal Auditor Must: Have sufficient knowledge to evaluate risk of fraud (IPPF 1210.A & 2120.A2) Exercise due professional care by considering the risk of fraud (IPPF 1220.A1 & 2210.A2) Report on significant fraud risks to management (IPPF 2060) Institute of Internal Auditors, International Professional Practice Framework,
7 Internal Audit s Role in Fraud Internal Auditor must have robust understanding of the organisation s business including: Tone at the Top code of conduct, ethics, COI External business environment business partners, suppliers, trends Processes where fraud risks could emerge payroll, procurement, cash, logistics, facilities, sales Internal control environment assurance & gaps Red flags for fraud errors, leave patterns, lifestyle Understanding of fraud risk assessment
8 Audit Committee s Role in Fraud Oversight of an organisation s risk management framework, including fraud risk: Theft, embezzlement, false claims, contract & procurement fraud, kickbacks Non-compliance with key laws and regulations including whistleblower and ethical conduct Breakdown in key internal controls in processes such as financial reporting and financial management Qld Treasury, Audit Committee Guidelines,
9 What Should Internal Audit Be Doing? Policy Development & Review Contribute to development of ERM policies and frameworks Contribute to development of fraud risk policies and procedures Evaluate the ethical culture of the organisation Risk & fraud awareness training Fraud Risk Assessments Contribute to fraud risk assessments Evaluate and test managements assertions re fraud risks Consider fraud risk assessments in audit planning and testing Inform the fraud risk assessment based on audit work
10 What Should Internal Audit Be Doing? Audit Processes Consideration of fraud in planning risk assessment Develop audit procedures to test for fraud risks Evaluate key controls over fraud risks identified Business Process Improvement Consult on development of new processes or changes to existing processes Test changes to processes Consider impacts of workforce changes
11 What Should Internal Audit Be Doing? Assurance Mapping Develop assurance maps for activities, showing gaps in assurance over key risks Discuss additional assurance requirements Undertake testing of key controls over risks Investigations Undertake fraud investigations (where competent to do so) Provide CMC liaison role for Qld Government agencies Prepare documentation for investigations or reports to Police Attend court proceedings Maintain whistleblower function
12 What Should Internal Audit Be Doing? Continuous monitoring/auditing Human Resources Duplicate employees Overtime over xx hours Payments over xx ordinary hours Allowances over $xx Gross Payments over $xx Accrued annual leave Leave analysis Payroll recalculation Procurement/Payables Duplicate vendors Vendor/employee matching Duplicate payments Potential split purchases or payments Overdue invoices Invoice price variations Invoice quantity variations Non panel suppliers Purchasing authorities
13 Duplicate Employees Employee ID DEPT ID Cause for identical TFN QAR Used of middle name in search led to creation of new employee ID QAR IMR Incorrect TFN entered against IMR RES Incorrect TFN entered against RES CAJ Incorrect TFN entered against CAJ LOW Incorrect TFN entered against PIR HEE Surname misspelt on searching database, leading to creation of new employee ID HEE
14 Employer/Vendor Matching Employee ID Vendor ID Payroll Earnings Invoiced Earnings $27, $31, $19, $1, $15, $2,148.41
15 Overtime Hours ABC DEF GHI JKL MNO QRS TUV WYX ZAB CDE Value $90, $80, $70, $60, $50, $40, $30, $20, $10, $- DEF MNO QRS TUV WYX GHI ZAB IJK ABC CDE
16 Overtime ABC DEF GHI JKL MNO QRS TUV WYX ZAB CDE Hours Average $90, $80, $70, $60, $50, $40, $30, $20, $10, $- DEF MNO QRS TUV WYX GHI ZAB IJK ABC CDE Value Average
17 Accrued Annual Leave 500 Departments with Highest Leave Accruals In Weeks ABC DEF GHI JKL MNO PQR STU VWZ YZA BCD EFG HIJ KLM NOP QRS TUV WZY ZAB CDE
18 500 Accrued Annual Leave Weeks Employees Average Days ABC DEF GHI JKL MNO PQR STU VWZ YZA BCD EFG HIJ KLM NOP QRS TUV WZY ZAB CDE FGH
19 Questions Cathy Blunt Manager Internal Audit