How Internal Audit Can Be Proactive in the Fight Against Fraud

How Internal Audit Can Be Proactive in the Fight Against Fraud

The threat of fraud is one of the most common challenges that organizations face, regardless of size, industry, or location. In a recent global survey, the Association of Certified Fraud Examiners (ACFE) estimates that organizations lose 5% of their revenue to fraud each year. Over the past two years, global disruption — caused by the 2020 pandemic and its aftermath — as well as rising inflation, political tension, and socioeconomic unrest have created an ideal environment for all elements of the fraud triangle (motivation, opportunity, and rationalization) to thrive. A new report, Fraud Is on the Rise: Step up to the Challenge, from the Chartered Institute of Internal Auditors (CIIA) and AuditBoard, examines the increasing threat of fraud and the actions that can be taken by auditors, executive leadership, and boards to fight it. Download a copy of the full report, and read on below for the key takeaways auditors can use to take a proactive role in the fight against fraud.

Developing a Positive Fraud Awareness and Prevention Culture

A root cause of almost every major fraud scandal is dysfunction in the organisation’s corporate culture. This is because a poor, unhealthy corporate culture encourages various types of misconduct, including fraud. According to the ACFE Report of the Nations 2020, a faulty tone from the top was the primary risk factor in 22% of all financial statement frauds. Many studies have shown that a robust and ethical culture, underpinned by the right tone from the top, can act as a bulwark against the pressure of the fraud triangle that often leads to fraud and corruption. Some ways boards and senior management can set the right tone at the top include:

  • Initiating and respecting anti-fraud policies, processes, and controls.
  • Lead by example, as opposed to a “do as I say and not as I do” attitude.
  • Clearly communicating consequences for employees involved in fraudulent activities.

When we asked participants of roundtable discussions — attended by a total of 33 participants composed of senior internal auditors, risk professionals and fraud experts from the private, public, and third sectors — whether they thought their organisations had set the right tone at the top, we heard mixed messages. Some participants said they thought their board and senior management had set a strong tone at the top with fraud embedded in policies and publicity materials; and fraud was talked about widely across the whole of the organisation. Others said they had a good fraud culture but that it wasn’t led by the right tone from the top – rather by the tone from the bottom with managers talking about fraud with their teams for example.

Most participants, however, agree that fraud is a topic that overall is being talked about more openly than it used to be. One reason mentioned by a few participants is that there has been a shift in people’s sense of responsibility with regards to fraud. Andrea Deegan, Fraud Risk Services Director at RSM said: “During the pandemic, we have seen an increase in the use of and range of channels for reporting fraud as people seem to feel more responsible to report wrongdoings. Perhaps it is because people are more exposed to fraud in their day-to-day lives and therefore it is on their radar. Perhaps it is also because people have been under considerable pressure during Covid and have less sympathy for those committing fraud.”

Removing the Negativities Attached to Fraud

While boards and senior management are instrumental in developing the right tone from the top, internal auditors can play an essential supporting role in developing a positive fraud culture by helping to remove the negativities attached to fraud. Historically, fraud has been – and sometimes still is – an uncomfortable topic of conversation. No one wants to admit that the controls in their department failed, but it is important to share lessons learned. One important way for auditors to remove the stigma of being the “fraud police” is to take an approach of being partners and allies. Some ways internal auditors can help to transform fraud into a safer, less negative topic include:

  • Depersonalize the processes and procedures when talking about fraud.
  • Anonymize the instances and instead focus on the themes and trends and lessons learned.
  • Encourage people to talk about fraud; doing so will help more people become comfortable discussing fraud and sharing lessons learned.
  • Emphasize that your goal is not to police fraud but to build a safe environment for business departments to raise issues and concerns.

Additionally, internal auditors have an important role to play as a trusted advisor to the board and the business by promoting whistleblowing best practice and advising on change where it is needed. This includes raising awareness of the need for well-designed and operating speak up mechanisms. Ultimately, auditors who choose to view fraud as an opportunity to show their value to the organizations they serve — rather than a check-the-box exercise — are in a good position to combat this rising threat.

For a deeper dive into the regulatory and policy context and how organisations are approaching fraud today, download the full Fraud Is on the Rise: Step up to the Challenge report here.