The roles of internal audit and external audit are important in fraud identification and investigation; however, their scope is different from each other. Internal audit works as the third line of defense in the organization to check the operating effectiveness of internal controls and investigation of reported fraud incidents in different processes and departments. Internal audit is independent of the management, and operations are likely to report transparent positions regarding the organization’s internal control system.
Roles Of Internal Audit
Internal audit is an independent function within the organization or the company, which comprises a team of professionals who perform the audit of the internal controls and processes of the company or the organization.
Internal Audit Essentials
Internal audit staff is the employees of the company and take salaries, but they are not part of the management of the organization or the company. It means that they do not perform business activities or take part in performing the company’s operations.
The internal audit department works as an independent department and reports to the Board of Directors committee, the Board Audit Committee (BAC).
The internal audit department performs an audit of the processes and controls of the departments and functions of the organization or the company. The internal auditors identify and report audit observations in the internal audit reports.
Significant audit observations are reported by the head of internal audit or the chief internal auditor (CIA) to the BAC periodically.
Should Internal Auditors Discover Fraud?
As the internal audit function performs an audit of the processes and checks the effectiveness of internal controls, therefore it is vested with the powers to investigate the fraud incidents. Internal audit is provided with sufficient authority to obtain and review the relevant evidence both within and outside the organization. Investigating fraud is the additional responsibility of the internal audit department in any organization.
Internal auditors appropriately plan the fraud investigations and deploy relevant and experienced resources to investigate the case. The process may involve interviewing the fraudsters and other relevant employees.
The internal auditors prepare the investigation report after performing the investigation procedures and gathering sufficient appropriate evidence. The fraud investigation report is shared with the Fraud Management Committee and to the BAC for their consideration and feedback.
Role Of The Audit Committee In The Fight Against Fraud
The Board of Directors forms sub-committees to oversee different functions of the organization. To oversee the audit activities and effectiveness of the internal controls system, Board Audit Committee (BAC) is formed. BAC works as a supervisory authority for the internal audit function of the organization. Head of Internal Audit reports to BAC and works as secretary to the committee. All internal audit activities are completed under the supervision of the head of the internal audit. Each department’s significant audit issues and findings are highlighted, and a report is prepared for the BAC consideration.
Periodically BAC meeting is conducted, where the secretary to the committee presents significant internal controls breaches, violations, and fraud incidents. BAC reviews the findings and provides feedback for each control breach and violation. All significant types of violations and frauds are addressed according to the direction of BAC. BAC regularly monitors the implementation of feedback provided to the management, and serious actions are taken against those who do not implement the BACs direction.
BAC also ensures that what measures need to be taken further to enhance the internal controls system to avoid frauds, such as outsourcing arrangements where experts may be hired to review the internal controls system and provide the gap report to the BAC.
BAC members ensure that the internal control system is enhanced and maintained to avoid fraud incidents. BAC helps in providing appropriate oversight to build the transparent and robust controls, necessary to deter the occurrence of frauds.
Understanding An Internal Auditor
An internal auditor’s (IA) primary responsibility is to identify and correct problems before they are discovered during an external audit by an outside firm or regulatory agencies such as the Securities and Exchange Commission (SEC). One of the SEC’s responsibilities is to regulate how companies report their financial statements in order to ensure that investors have access to all relevant information before investing.
Internal audits typically carry out the three tasks listed below.
- Examine any risks and internal controls within a company.
- Ensure that a company and its employees are abiding by federal and state laws and regulations.
- Make recommendations on what should be done to correct a failed audit or issues identified as problematic during the audit.
Internal Auditing Process
Internal auditors typically perform a variety of tasks to achieve this goal, including examining financial statements, expense reports, inventory, financial data, budgeting and accounting practices, and creating risk assessments for each department. To eliminate potentially damaging errors or falsehoods and find ways to boost productivity, detailed notes are taken, interviews with employees are conducted, work schedules are supervised, physical assets are verified, and financial statements are scrutinized.
Following the completion of the examination by an internal auditor, the findings are presented in a formal report. The audit report describes how the audit was conducted, what was discovered, and, if necessary, suggestions for future improvements. It is usually presented to the company’s top executives. If changes are suggested, it is common for an internal auditor to be asked to conduct a follow-up audit to determine how well the recommended changes were implemented.
Internal audits are also performed by properly managed publicly traded companies to ensure that the company is in compliance with federal and state regulations, including those mandated by the SEC. Companies must, however, ensure that their accounting practices adhere to the accounting guidelines outlined in the Generally Accepted Accounting Principles (GAAP).
Despite the fact that they are not legally required to do so, many businesses choose to hire an internal auditor. Internal audits are viewed as an important way to quickly correct issues, maintain a good reputation, and avoid wasting money. Internal auditors’ (IA) reports can help businesses thrive and operate at peak efficiency. Internal auditors also prepare the company for success when the annual external audit arrives. An internal auditor’s job is essentially to help catch and fix problems before an external auditor can. As a result, many executives regard them as a necessary expense.