Internal Audit: Role, Effectiveness, and Fraud Detection Analysis

Verified

Added on 2020/04/21

AI Summary

This report delves into the multifaceted role of internal audit within organizations, emphasizing its significance in detecting and preventing fraudulent activities. It begins by defining internal audit and fraud, establishing a foundational understanding of the subject matter. The report then explores the various functions of internal audit departments, highlighting their contribution to risk management, regulatory compliance, and the evaluation of operational processes. A critical aspect examined is the effectiveness of internal audit in identifying organizational fraud, considering factors such as management support and the experience of auditors. The report also acknowledges the weaknesses inherent in internal auditing systems, such as broad applications, time consumption, and the potential for management manipulation. Furthermore, it includes a comparative analysis of organizations with and without internal audit departments, as well as a review of fraud case studies, to illustrate the practical implications of the concepts discussed. Overall, the report provides a comprehensive overview of internal audit, its strengths, limitations, and its vital role in safeguarding organizational integrity and financial health.

Running head: INTERNAL AUDIT
INTERNAL AUDIT
Name of the Student:
Name of the University:
Author Note:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1INTERNAL AUDIT
Table of Contents
1. Introduction..................................................................................................................................2
1.1 What is Internal Audit............................................................................................................2
1.2 What is fraud..........................................................................................................................2
2. Role of IA in an organisation.......................................................................................................3
3. Effectiveness of IA to detect organisational fraud......................................................................5
3.1 With Management Support....................................................................................................5
4. Weakness of Internal Auditing....................................................................................................7
5. Data and comparison for organisation with and without IA........................................................9
6. Analyses on fraud case studies..................................................................................................10
References......................................................................................................................................13

2INTERNAL AUDIT
1.Introduction
1.1 What is Internal Audit
Internal audit is an organisation’s initiative, made up of a number of different strategies
and tools that help to monitor and analyze the operations and business functions of itself. This
type of audit helps and organisation to understand how well does it fare in meeting certain and
specific criteria, both internal as well as the market requirements. In an organisation, internal
audit helps maintain many aspects of business departments and activities, including focusing
upon the enterprise’s risk management functions, maintaining regulatory compliances of the
company and security processes (Hayes, 2017). The most important aspect of an internal audit is
to find the bridges and discrepancies between the initial plan of an operational process and the
actual outcome of those processes. This is the most crucial part that the auditors are supposed to
do. When any discrepancy is identified and documented, the auditors include these reports and
issues in the final reports, that are sent to the company’s leadership who would then be making
decisions and decide which processes should be altered so that the operations of the company
can be improved (Pizzini, Lin &Ziegenfuss, 2014).
1.2 What is fraud
Although there are varying definitions of the term “fraud” the most general versions refer
to the dishonest activities or ways that are used by people to make personal gains for oneself or a
group of people or organisation, while making another person or group incur loss. The term
generally encompasses activities such as theft, conspiracy, acts of corruption, extortion, money
laundering and embezzlement. The effects of fraud on organisations can be devastating and last
for a long period of time, even after the act of fraud has been done (Alzeban&Gwilliam, 2014).
Apart from the apparent financial troubles it causes the company, it can also become the reason

3INTERNAL AUDIT
for organisations or companies to be shut down. Frauds can come in many forms, some of the
most notable ones include, fraud regarding financial statement, misappropriation of assets,
larceny and skimming of cash, intellectual property theft, fraud over healthcare services that are
to be given to the employees, misusing the assets of the company, deception of the customers
and exploiting them for financial gains by taking advantage of their limited knowledge.
2. Role of IA in an organisation
Internal audit department play an important role in a firm as it key element in the
accounting system, help to evaluate the works of all department. It can also be descript as a
backbone of an organisation accounting where all the crucial business related record is involve.
AccordinglyTampubolon (2005) Internal Audit works as extra sights and hearing ensuring
policies implementation smoothly and as flawlessly as possible for management. Internal audit
also work as enterprise risk management (ERM) by recognizing goal, potential factor element of
risks and recline response to counter take the risk appropriately (Ritches& Brindley, 2007;
Sitkin& Amy, 1992).
Internal audit played as internal control system and numerical appraisal to ensure
accounting system that are appropriate and reliable. At the same time, internal audit acted as
preserver that established fund for the constant development and executions of system to prevent
the invested fund is being exploited and minimize loss due to negligent (Al-Shammari, 2010).
Conducting internal audits of an organisationon a regular basis helps to uncover a number
of hidden facts and potential frauds. It also helps to assess a company’s controls, the amount of
waste it produces and any abusive conduct by the employees that the higher authority is not
aware of (Newtonet al., 2015). The frequency of the audits depends upon the department of the
company that is to be examined. Some specific departments that manufactures products in large

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4INTERNAL AUDIT
scales require day to day audits to maintain quality of the products, while some other
departments are audited annually (Boyle, DeZoort&Hermanson, 2015). While an external
auditor concerns her or himself with the financial risks that are faced by the company, internal
auditors take care of a huge array of risks, that encompass a lot of aspects and are directly related
to the company’s reputation and growth in the market. Internal audits are often the reliable
source to find if the company’s reputation is being hampered in any way; like if the employees
are being treated in an unfair manner or safety violations are being documented (Yeeet al.,
2017). One of the foremost roles of internal audit is to ensure the risk management processes are
effective, efficient, secure and compliant with the laws and regulations, after assessing those risk
management procedures of the companies.
Internal audit also assesses and risk management culture of a company along with evaluating
the same and reporting on its effectiveness; and to find out if the management policies are being
implemented efficiently.
IA identifies the key activities of the organisation and the relevant risk factors as well as
assessing their significance in the operations of the organisation (Lenz,Sarens&D'Silva, 2014).
Risk is often assessed while keeping in mind that market trends and business or economic
conditions continuously evolve. Internal auditing techniques have changed from being reactive
and control based to become more proactive and risk based in nature. This aspect of internal
auditing enables the auditors to predict and anticipate future opportunities and concerns based on
the current issues.
Internal auditors also are skilled in strategic objectives of the organisation, which enables
them to review the operations and report their findings to the higher authority.Every

5INTERNAL AUDIT
organisationmust adhere to the laws, regulations, ethical guidelines and principles of a country
(Lenz&Hahn, 2015).
3. Effectiveness of IA to detect organisational fraud
According to Abbott, (2000) IA has been found to reduction in the possibility of
companies are facing fraudulent financial reporting by the audit committee. However, the size of
the internal audit group will contribute the accuracy like larger firm will need larger group of
experience auditor to minimize environmental risk (Goodstein, Gautam& Boeker1994; Pearce &
Zahra, 1992; Pfeffer, 1987).
Internal audit influence risk management of organisation potential factor element of risks
and recline response to counter take the risk appropriately (Ritches& Brindley, 2007; Sitkin&
Amy, 1992). The relevant experiences of the internal auditor play a part in the effectiveness audit
performance as well as accuracy to identify the risks. Internal auditor with more year experiences
will make faster and prompt response as compare to those who are newly graduates.
3.1With Management Support
Internal audit’s effectiveness in performing its duty can’t be alienated from cooperation
and support by both the management and stakeholder, mentioned by Ebrahimpour and Lee,
1988; Tugiman (2005) whom had exemplify management support played none omitted role that
ascertain the successful internal audit and their support result not just influence the quality of
internal audit but also constructive and also pessimistic as well.
Research done by Gramling, (1999) that proof with lack management support will result
in auditor unable to functions efficiency hence will allow fraud, treacherous of accounting
information and transaction. Chain reactions from high pressure apply from the management to
diminish the independence of the internal audit department.

6INTERNAL AUDIT
Internal auditing is comprised of tools and other strategies that help to uncover the
potential fraud threats to a company. Internal auditing also helps to identify discrepancies in the
organisation’s operations and financial transactions, to clearly track if any fraudulent activities
have been carried out (Parkeret al., 2017). Fraud detection methods need to be adaptive, flexible
and has to be continuously evolving, in order to meet the changes of the risk environment. Even
though preventive measures for fraud are apparent and easily defined, the detective controls to
identify fraudulent activities are not always so easy or identifiable themselves. In most cases,
organisations have to be reliant on the employees themselves to report suspicious activities that
may stem from internal fraud (Ege2014). Employee feedback is helpful in the notion that many
employees often want to share their own information regarding the organizational operations and
activities, as well as reports and knowledge regarding illegal activities. There are many methods
and ways to use the employees to detect fraud within the organisation. For example:
 Confirmation of code of conduct: When the employees sign a code of conduct in an
organisation which they are obligated to follow and respect, it is their responsibility and
duty to report any violations of operational activity and the organisation can ask them to
do so (Chenet al., 2016).
 Whistleblower: A telephone hotline can be used by the organisation so that any
employee can report suspicious activities to the higher authority while remaining
anonymous. This can also an internet based portal or hotline as well.
 Exit interviews: Conducting exit interviews of employees who are leaving the company
or have been terminated can give important insights and knowledge about fraud activities
in an organisation.They can also give ideas and information regarding the environments
and conditions that induce fraudulent activities (Costan&Popa, 2017).

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7INTERNAL AUDIT
 Employee survey: Organisations can conduct regular employee surveys to solicit
knowledge from the employees that would be giving ideas about fraud or unethical
activities within the organisation.
Apart from these methods, organsisations can also conduct surprise internal audits in the
areas that are prone to fraud activities.
4. Weakness of Internal Auditing
Despite internal audit system being a process and mechanism that helps organisations in
many ways, it too has some drawbacks and deficiencies and is not completely perfect in ensuring
an organisation’s absolute transparent transactions and operations (Bhattacharjee,Maletta&
Moreno, 2015). These weaknesses must be addressed by the business owners if they wish to
continue with their operations in the industry.
Internal audits can be very broad in their application. This can create a weak internal
audit control in the organisation (Everett & Tremblay, 2014). Business owners should look into
creating an internal audit system that would be addressing specific issuesrelated to the business
operations because systems that cover too many functions do not produce maximum benefits for
the company. Rather, these controlling systems should have only a few clearly defined policies
for each department. By having specific policies for specific issues, the business managers and
the employees are provided with the ability to focus upon proper application of the control
systems and implementation of the policies. Internal safeguards are also often time consuming
(Chambers &Odar, 2015). In many cases, the managers and the employees are forced to think up
of new and alternative approaches to problems that are faced in the business simply because the
originally proposed plans are too time consuming and requires special attention that entails other
functions to be delayed.

8INTERNAL AUDIT
In many cases it has been seen that internal audits fail to detect planned fraudulent
activities within the company.In order to conceal inefficiencies and manipulate accounts, the
management can play many tricks which are never disclosed and hence the audit accounts fail to
show a proper fair view of the transactions of the company. If the information that is delivered
from the management itself is false, then the internal audits have no chances of identifying these
issues and fraud activities will lead to misleading ideas (Abbottet al., 2016). Background entries
are also not absolutely clear to the internal auditors and generate vaguely defined clarifications to
the accounts.
In many cases internal audit reports and formats are not comprehensible simply because
of its technicality. The inability to communicate with the employees, and often the managers as
well, about the functions of the audit reports and how to interpret them can lead to serious
problems as they would not be possessing adequate knowledge (Knechel&Salterio, 2016). For
small businesses, managers or owners often do not have any clearly defined policies about the
key business processes. Ironically, this is one of the most unused control tools that can manage
business operations with the minimal efforts. An effective procedure can help to align the
business operations with the objectives of the organisation and thus helping to establish the
required operating procedures. A clearly defined business plan and procedure is the key for a
proper internal audit. However, in most cases, internal audits fail to correctly process the
information of the organisation as the auditors do not have any clear idea about the company’s
operations or procedures (Hopkin, 2017).
If these drawbacks of the internal audit control system can be tackled and overcome,
there is a full possibility that businesses and organisations would be able to operate according to

9INTERNAL AUDIT
the goals of the company and also have a clearer and transparent functionality (Malaescu&
Sutton, 2014).
5. Data and comparison for organisation with and without IA
In recent years there has been significant discussions and debates regarding whether
internal audit is in fact beneficial to organisations and if companies which use internal audit
processes are more likely to detect incidents of fraudulent activities within the organisation. To
determine if IA is indeed helpful to detect fraud, survey data of KPMG Fraud Survey from 2004
that used a unique self-reporting fraud measurement for the first time, which related to
misappropriation of assets.
The survey gave results that successfully showed that organisations that used internal
audits were more likely to detect fraud than those which did not. Furthermore, companies that
outsourced their internal audit functions were also less likely to detect any activities that may
pertain to being fraudulent in nature (Badara&Saidin, 2013). This gave significant and logical
explanation that internal audit actually does add value to the functionalities and operations of the
company through better controlling and monitoring procedures within organisations.
In 2004, KPMG conducted a huge survey taking data from 491 organisations and
compared the data to understand whether internal audit is beneficial for organisations to detect
fraud. The survey was based on the hypothesis that organisations with internal audit can detect
fraud better than organisations without the same. Moreover, the survey also aimed to give
definitive answers regarding whether orgnisations that outsource their internal audit control
systems are less likely to detect fraudulent activities than those which conduct the audits from
within the organisation. The participants of the survey were the organisations that responded to

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

10INTERNAL AUDIT
the fraud survey across Australia and New Zealand. Industries including government
organisations had participated in the survey through mails. A median revenue of $180 million
and a median employee capacity of 545 showed that these organisations were all economically
significant (Coetzee &Lubbe, 2014). The organisations were required to fill out a mailed
questionnaire regarding whether they have internal audit or not and the size of the process, as
well as the bodies that were responsible for carrying out the audit. Among the organisations, 68
percent had internal audit; 48 percent of them using their own staff for the audit, 27 percent
outsourced the process and 25 percent conducted the survey using both the surveys. Almost 44
percent of the respondents had experienced fraud.
The survey used a chi-square test to understand the relatedness, or independence,
between the organisations with or without internal audit function and the likelihood of the same
to report fraud activities in the organisation. The chi-test came out with a value of 26.79 with
p<0.001. this shows a significant difference in the detection of fraud depending on the existence
of internal audit. Internal audit helps organisations to self-report fraud. The size of the
organisation is highly correlated to the chances of a fraud and reporting it.
The survey clearly showed that organisations with internal audit is more likely to detect
and report fraud than those which do not. It was also concluded that insourcing the audit is more
effective than absolutely outsourcing the entire process (Christet al., 2015). The fact that this
survey was conducted based on self-reported data ensures the gathered information is rich and
also shows that the companies which did have an internal audit control process were more likely
to participate in the survey, as they can detect the cases better.

11INTERNAL AUDIT
6. Analyses on fraud case studies
Corporate Scams are one of the biggest organizational troubles, which not only harms the
economy of the company but the country as well (Waisman, Ye & Zhu, 2015). The cases of the
frauds taking place in the organization are often due to the involvement of a number of top
employees in the organization. The inability to detect such frauds is often attributed to the
auditors, as they are the ones conducting the internal audits in the organization. one of the major
issues of concern brought into question is the fact that how these frauds are covered up all these
years and fail to show up unless there is whistleblower. The fraud of Toshiba amounting to 1.2
billion USD is greatly harmed the organization and brought it to the verge of bankruptcy but the
issue worth contemplating is how it went undetected even after internal audits.
The Toshiba fraud brings the auditing company Ernst & Young ShinNihon in question of
fraudulent activities. It is the Auditor of a number of companies involved in accounting scandals
Japan most notably the Olympus scandal in 2011 ("Key questions in Toshiba scandal still
unanswered", 2017). In case of the Toshiba scandal the motive of the executive was not of
siphoning off profits from the organization but to hide losses to make the company look good in
the eyes of the investors and the stake holders (Suzuki, 2017).
The Undetected Fraud:
One of the major questions posed by this fraud was the cover-up of the fraud. The reason
of the cover-up and the process of the cover up of the fraud are a topic to be concerned. The
major strategy of managing the organization among the Japanese is to give more importance to
the will of the will of the executives than of the stakeholders. It was not that the people in the
organization did not know of the fraud but the Japanese business organization run on as practice
known as “makoto” (Engelberg, 2017). This gives an organization a military like structure and a