Internal Audit: A Strategic Response to Fraud - Vonya Global · Fraud Red Flags • Requires the...
-
Upload
dinhnguyet -
Category
Documents
-
view
218 -
download
0
Transcript of Internal Audit: A Strategic Response to Fraud - Vonya Global · Fraud Red Flags • Requires the...
![Page 1: Internal Audit: A Strategic Response to Fraud - Vonya Global · Fraud Red Flags • Requires the auditor to observe the red flag in the performance of audit procedure. • Observation](https://reader031.fdocuments.us/reader031/viewer/2022020416/5c97489b09d3f2312a8bca0c/html5/thumbnails/1.jpg)
Internal Audit: A Strategic Response to Fraud
Leonard VonaMay 19, 2009
![Page 2: Internal Audit: A Strategic Response to Fraud - Vonya Global · Fraud Red Flags • Requires the auditor to observe the red flag in the performance of audit procedure. • Observation](https://reader031.fdocuments.us/reader031/viewer/2022020416/5c97489b09d3f2312a8bca0c/html5/thumbnails/2.jpg)
© Leonard W. Vona, CPA, CFE Slide 2
Why Audits Do Not Detect Fraud
• Level of sophistication of concealment will vary based on perpetrators knowledge or pressures.
• Range of sophistication– No effort to conceal
– Multi level strategies
• Audit strategy must exceed the sophistication of the concealment strategy.
![Page 3: Internal Audit: A Strategic Response to Fraud - Vonya Global · Fraud Red Flags • Requires the auditor to observe the red flag in the performance of audit procedure. • Observation](https://reader031.fdocuments.us/reader031/viewer/2022020416/5c97489b09d3f2312a8bca0c/html5/thumbnails/3.jpg)
© Leonard W. Vona, CPA, CFE Slide 3
Audit Program ConsiderationsDecision Point
• How far should the audit team drill down?
• How will you respond to the audit fraud risk?
![Page 4: Internal Audit: A Strategic Response to Fraud - Vonya Global · Fraud Red Flags • Requires the auditor to observe the red flag in the performance of audit procedure. • Observation](https://reader031.fdocuments.us/reader031/viewer/2022020416/5c97489b09d3f2312a8bca0c/html5/thumbnails/4.jpg)
© Leonard W. Vona, CPA, CFE Slide 4
Fraud AuditThe Definition
• Fraud Auditing: is the application of audit procedures to a population of business transactions in a manner to increase the propensity of identifying fraud.
• Goal: Identify a suspicious transaction that warrants an investigation.
![Page 5: Internal Audit: A Strategic Response to Fraud - Vonya Global · Fraud Red Flags • Requires the auditor to observe the red flag in the performance of audit procedure. • Observation](https://reader031.fdocuments.us/reader031/viewer/2022020416/5c97489b09d3f2312a8bca0c/html5/thumbnails/5.jpg)
© Leonard W. Vona, CPA, CFE Slide 5
Fraud Risk StructureThe Drill Down Decision
• Major Type: Enterprise fraud scheme
• Minor Type: Within the enterprise level
• Inherent Fraud Scheme associated with Major and Minor Type
– Within the Business System
– Within the Class of Transactions in the Business System
– Within an Account (s)
![Page 6: Internal Audit: A Strategic Response to Fraud - Vonya Global · Fraud Red Flags • Requires the auditor to observe the red flag in the performance of audit procedure. • Observation](https://reader031.fdocuments.us/reader031/viewer/2022020416/5c97489b09d3f2312a8bca0c/html5/thumbnails/6.jpg)
© Leonard W. Vona, CPA, CFE Slide 6
Fraud Risk StructureThe Drill Down Decision
• Fraud scheme variations– Opportunity– Transaction– Entity
![Page 7: Internal Audit: A Strategic Response to Fraud - Vonya Global · Fraud Red Flags • Requires the auditor to observe the red flag in the performance of audit procedure. • Observation](https://reader031.fdocuments.us/reader031/viewer/2022020416/5c97489b09d3f2312a8bca0c/html5/thumbnails/7.jpg)
© Leonard W. Vona, CPA, CFE Slide 7
Enterprise Fraud SchemesMajor Type
• Financial Reporting
• Asset Misappropriation
• Corruption/Extortion
• Revenue Obtain Improperly
• Expense Avoidance
• Government Regulations Avoidance
• Improper Obtain/Loss Information
• Computer Fraud
• Management Override Concerns
• Other Areas
![Page 8: Internal Audit: A Strategic Response to Fraud - Vonya Global · Fraud Red Flags • Requires the auditor to observe the red flag in the performance of audit procedure. • Observation](https://reader031.fdocuments.us/reader031/viewer/2022020416/5c97489b09d3f2312a8bca0c/html5/thumbnails/8.jpg)
© Leonard W. Vona, CPA, CFE Slide 8
Asset Misappropriation TypesMinor Types
• Embezzlement of Funds
• Theft of Tangible Asset
• Misuse of Assets
• Lack of Business Purpose
• Related Party/Conflict of Interest
• Dispose of Asset Below FMV
• Acquire of Asset Above FMV
![Page 9: Internal Audit: A Strategic Response to Fraud - Vonya Global · Fraud Red Flags • Requires the auditor to observe the red flag in the performance of audit procedure. • Observation](https://reader031.fdocuments.us/reader031/viewer/2022020416/5c97489b09d3f2312a8bca0c/html5/thumbnails/9.jpg)
© Leonard W. Vona, CPA, CFE Slide 9
Inherent Fraud SchemesDisbursement
• Front Company– False Billing
– Pass Through Billing
• Real Company– Over Billing on Invoices
– Disguised Purchases
– Conflict of Interest
![Page 10: Internal Audit: A Strategic Response to Fraud - Vonya Global · Fraud Red Flags • Requires the auditor to observe the red flag in the performance of audit procedure. • Observation](https://reader031.fdocuments.us/reader031/viewer/2022020416/5c97489b09d3f2312a8bca0c/html5/thumbnails/10.jpg)
© Leonard W. Vona, CPA, CFE Slide 10
Fraud OpportunityDrill Down Process
• No internal control
• Access to the internal control– Direct Access
– Indirect Access
– Other Access
• Internal control inhibitors– Non performance internal controls
– System override features
– Logical Collusion
– Management Override
![Page 11: Internal Audit: A Strategic Response to Fraud - Vonya Global · Fraud Red Flags • Requires the auditor to observe the red flag in the performance of audit procedure. • Observation](https://reader031.fdocuments.us/reader031/viewer/2022020416/5c97489b09d3f2312a8bca0c/html5/thumbnails/11.jpg)
© Leonard W. Vona, CPA, CFE Slide 11
Fraud Audit ResponsesDecision Point
• Control design is adequate to minimize the fraud risk. Test control operation
or
• Consider fraud scheme as an inherent risk and disregard fraud minimization. Test for fraud
![Page 12: Internal Audit: A Strategic Response to Fraud - Vonya Global · Fraud Red Flags • Requires the auditor to observe the red flag in the performance of audit procedure. • Observation](https://reader031.fdocuments.us/reader031/viewer/2022020416/5c97489b09d3f2312a8bca0c/html5/thumbnails/12.jpg)
© Leonard W. Vona, CPA, CFE Slide 12
What is a Fraud Red Flag?
• A condition associated with a known fraud scheme.
• The condition links to the fraud concealment strategy.
• The condition can be observed through the audit process.
• The condition can be associated with data, documents, controls, and behavior.
![Page 13: Internal Audit: A Strategic Response to Fraud - Vonya Global · Fraud Red Flags • Requires the auditor to observe the red flag in the performance of audit procedure. • Observation](https://reader031.fdocuments.us/reader031/viewer/2022020416/5c97489b09d3f2312a8bca0c/html5/thumbnails/13.jpg)
© Leonard W. Vona, CPA, CFE Slide 13
Red Flag Premise
• Red flags cause an increased sensitivity to fraud propensity.
• Not all red flags have the same weight as to fraud propensity.
• Weight of the red flag(s) correlate to the predictability of fraud occurrence.
![Page 14: Internal Audit: A Strategic Response to Fraud - Vonya Global · Fraud Red Flags • Requires the auditor to observe the red flag in the performance of audit procedure. • Observation](https://reader031.fdocuments.us/reader031/viewer/2022020416/5c97489b09d3f2312a8bca0c/html5/thumbnails/14.jpg)
© Leonard W. Vona, CPA, CFE Slide 14
Test Control OperationFraud Red Flags
• Requires the auditor to observe the red flag in the performance of audit procedure.
• Observation occurs through:– Specific audit evidence gathered through a specific
procedure.– Professional skepticism through overall observation.
• Specific red flags should be incorporated into the audit program.
![Page 15: Internal Audit: A Strategic Response to Fraud - Vonya Global · Fraud Red Flags • Requires the auditor to observe the red flag in the performance of audit procedure. • Observation](https://reader031.fdocuments.us/reader031/viewer/2022020416/5c97489b09d3f2312a8bca0c/html5/thumbnails/15.jpg)
© Leonard W. Vona, CPA, CFE Slide 15
The Red Flag ApproachDecision Point
• Experience of Auditor: Hope approach
• Brain Storming: Awareness approach
• Identify Specific Red Flags: Methodology approach
![Page 16: Internal Audit: A Strategic Response to Fraud - Vonya Global · Fraud Red Flags • Requires the auditor to observe the red flag in the performance of audit procedure. • Observation](https://reader031.fdocuments.us/reader031/viewer/2022020416/5c97489b09d3f2312a8bca0c/html5/thumbnails/16.jpg)
© Leonard W. Vona, CPA, CFE Slide 16
Key Elements of EffectiveFraud Auditing
• Fraud risk methodology
• Data mining for fraud
• Fraud audit procedures
![Page 17: Internal Audit: A Strategic Response to Fraud - Vonya Global · Fraud Red Flags • Requires the auditor to observe the red flag in the performance of audit procedure. • Observation](https://reader031.fdocuments.us/reader031/viewer/2022020416/5c97489b09d3f2312a8bca0c/html5/thumbnails/17.jpg)
© Leonard W. Vona, CPA, CFE Slide 17
What isFraud Data Mining
• The process of obtaining and analyzing information to identify indicators or patterns in the data which is indicative of a inherent fraud scheme / fraud scenario.
• Identify a discreet number of transactions that can be examined using fraud audit procedures.
• Transactions identified have a higher propensity of fraud than other transactions.
![Page 18: Internal Audit: A Strategic Response to Fraud - Vonya Global · Fraud Red Flags • Requires the auditor to observe the red flag in the performance of audit procedure. • Observation](https://reader031.fdocuments.us/reader031/viewer/2022020416/5c97489b09d3f2312a8bca0c/html5/thumbnails/18.jpg)
© Leonard W. Vona, CPA, CFE Slide 18
Data Mining Considerations
• Must be built around the fraud scheme/ fraud scenario.
• Must be built around the concealment strategies.
• Data is extracted and interpreted
• Audit response
![Page 19: Internal Audit: A Strategic Response to Fraud - Vonya Global · Fraud Red Flags • Requires the auditor to observe the red flag in the performance of audit procedure. • Observation](https://reader031.fdocuments.us/reader031/viewer/2022020416/5c97489b09d3f2312a8bca0c/html5/thumbnails/19.jpg)
© Leonard W. Vona, CPA, CFE Slide 19
Data Mining Considerationsfor the Audit Director
• Cost of implementing data mining– Identifying the data tables and accessing data
– Integrating into the audit process
• Data integrity– Reliability
– False positives
• Methodology for use of data mining
![Page 20: Internal Audit: A Strategic Response to Fraud - Vonya Global · Fraud Red Flags • Requires the auditor to observe the red flag in the performance of audit procedure. • Observation](https://reader031.fdocuments.us/reader031/viewer/2022020416/5c97489b09d3f2312a8bca0c/html5/thumbnails/20.jpg)
© Leonard W. Vona, CPA, CFE Slide 20
Data Mining StrategyDecision Point
• Discussion Point– Using Data Mining as a Fraud Strategy
– Using Data Mining to Search for Exceptions
• Discussion Point– Data Mining as a Stand Alone Process
– Data Mining Integrated into Each Audit Team
![Page 21: Internal Audit: A Strategic Response to Fraud - Vonya Global · Fraud Red Flags • Requires the auditor to observe the red flag in the performance of audit procedure. • Observation](https://reader031.fdocuments.us/reader031/viewer/2022020416/5c97489b09d3f2312a8bca0c/html5/thumbnails/21.jpg)
© Leonard W. Vona, CPA, CFE Slide 21
What is Fraud AuditingProactive Approach
• No allegation of fraud.
• Application of audit procedures to a population of business transactions to increase the likelihood of identifying fraud.
• Audit Response– Sampling: Focused and Bias
– Procedure: Fraud Audit Procedure
![Page 22: Internal Audit: A Strategic Response to Fraud - Vonya Global · Fraud Red Flags • Requires the auditor to observe the red flag in the performance of audit procedure. • Observation](https://reader031.fdocuments.us/reader031/viewer/2022020416/5c97489b09d3f2312a8bca0c/html5/thumbnails/22.jpg)
© Leonard W. Vona, CPA, CFE Slide 22
Fraud AuditPremises
• Does not test existence of controls.
• Does not rely on management representations, nor assumes falsityof representations.
• Affirms the authenticity of the transaction.
• Conclusion is no known existence of fraud and indirect evidence that the control is operating.
• Conclusion is the identification of a suspicious transaction.
![Page 23: Internal Audit: A Strategic Response to Fraud - Vonya Global · Fraud Red Flags • Requires the auditor to observe the red flag in the performance of audit procedure. • Observation](https://reader031.fdocuments.us/reader031/viewer/2022020416/5c97489b09d3f2312a8bca0c/html5/thumbnails/23.jpg)
© Leonard W. Vona, CPA, CFE Slide 23
Design the Fraud Audit Procedure
• Procedure must be designed for the specific fraud scheme.
• Procedure must consider the concealment strategies corresponding to the specific fraud scheme.
• There is a correlation between evidence considered and fraud detection.
• The auditor should design an audit approach based on the mechanics of the fraud scheme and the concealment strategy.
![Page 24: Internal Audit: A Strategic Response to Fraud - Vonya Global · Fraud Red Flags • Requires the auditor to observe the red flag in the performance of audit procedure. • Observation](https://reader031.fdocuments.us/reader031/viewer/2022020416/5c97489b09d3f2312a8bca0c/html5/thumbnails/24.jpg)
© Leonard W. Vona, CPA, CFE Slide 24
Fraud AuditingDecision Point
• How to implement– Response to internal control red flag
– Integrate fraud audit procedures into Audit Program
– Perform fraud audit
• How to educate management– Educating and marketing the concept
– Obtaining the resources, tools and budget
– Assurance level
![Page 25: Internal Audit: A Strategic Response to Fraud - Vonya Global · Fraud Red Flags • Requires the auditor to observe the red flag in the performance of audit procedure. • Observation](https://reader031.fdocuments.us/reader031/viewer/2022020416/5c97489b09d3f2312a8bca0c/html5/thumbnails/25.jpg)
© Leonard W. Vona, CPA, CFE Slide 25
Vonya Global LLC150 N. Michigan Avenue
Suite 2935Chicago, IL 60601