Internal Auditors
Although not all companies have an internal audit function, when they do, it is the internal auditor’s responsibility to evaluate risks related to the reliability and integrity of financial information. The Anti-Fraud Collaboration understands that internal auditors must act as the eyes and ears of an organization, particularly regarding risk management, control, and governance processes.
Internal audit’s role typically includes communicating to the board, audit committee, and management that internal controls, including controls to deter and detect fraud, are sufficient for the identified risks, and verifying that the controls are functioning effectively. Throughout our resources, we share tools and techniques that can help internal auditors incorporate traits that will make their organizations more fraud-resistant.
In addition to these duties, internal audit may be involved in monitoring the whistleblower program, assessing compliance with the entity’s code of ethics, and other activities in support of the organization’s ethical culture. In a review of SEC Enforcement Actions, we uncovered some key themes that could help internal auditors mitigate the risk of common fraud schemes.
Internal audit must operate with organizational independence, which usually means direct functional reporting to the audit committee and unrestricted access to both the board and audit committee in the event concerns arise. Many of our reports on skepticism can offer internal auditors guidelines that will aid them in their examination of management’s fraud risk assessment, review of evidence supporting management’s assertions in the financial statements, and in the evaluation of controls intended to deter or detect fraud.
Internal Auditors Can Identify Root Causes
Given its reach throughout the organization and deep knowledge, internal audit is well equipped to evaluate culture. The Anti-Fraud Collaboration shares potential roadblocks for an internal audit review of culture alongside an overview of the typical steps an internal audit of culture might include.
Evaluating Effectiveness with a Risk-Based Approach
Taking a risk-based approach empowers internal auditors to evaluate the effectiveness of processes on a continual basis. The Anti-Fraud Collaboration outlines how internal auditors can monitor and evaluate results of whistleblower programs and collaborate across departments to help ensure that results are addressed.
The Unique Value of Internal Auditors
For internal auditors, skepticism means being intellectually curious, confirming verbal representations with evidence, and having a “mindset” that recognizes the possibility that fraud always exists. Overall, skepticism from internal auditors can make a vital difference over time to help deter and detect financial reporting fraud. Explore the Anti-Fraud Collaboration’s resources on how internal auditors can use skepticism to combat fraud.
Could Technology Change the Internal Audit?
Auditors are increasingly using technology to analyze entire populations of data with thousands, sometimes millions of individual transactions, to identify transactions that raise red flags. The Anti-Fraud Collaboration is carefully examining the role emerging technologies will play in deterring and detecting fraud, and is keeping a close eye on the implications of technologies like artificial intelligence and machine learning.
Culture
Internal Auditors Can Identify Root Causes
Given its reach throughout the organization and deep knowledge, internal audit is well equipped to evaluate culture. The Anti-Fraud Collaboration shares potential roadblocks for an internal audit review of culture alongside an overview of the typical steps an internal audit of culture might include.
Risk
Evaluating Effectiveness with a Risk-Based Approach
Taking a risk-based approach empowers internal auditors to evaluate the effectiveness of processes on a continual basis. The Anti-Fraud Collaboration outlines how internal auditors can monitor and evaluate results of whistleblower programs and collaborate across departments to help ensure that results are addressed.
Skepticism
The Unique Value of Internal Auditors
For internal auditors, skepticism means being intellectually curious, confirming verbal representations with evidence, and having a “mindset” that recognizes the possibility that fraud always exists. Overall, skepticism from internal auditors can make a vital difference over time to help deter and detect financial reporting fraud. Explore the Anti-Fraud Collaboration’s resources on how internal auditors can use skepticism to combat fraud.
Technology
Could Technology Change the Internal Audit?
Auditors are increasingly using technology to analyze entire populations of data with thousands, sometimes millions of individual transactions, to identify transactions that raise red flags. The Anti-Fraud Collaboration is carefully examining the role emerging technologies will play in deterring and detecting fraud, and is keeping a close eye on the implications of technologies like artificial intelligence and machine learning.