Internal controls are the single most effective measure to assist in deterring fraud. A hotline is the most effective method to detect fraud. The presence of strong internal controls is associated with significantly reduced fraud losses, shorter duration of fraudulent activity, and more reliable and rapid detection of fraud activity. Another critical anti-fraud tool for business is the operation of a hotline for anonymous reporting of suspected fraud activity. In fact, most fraud is exposed as a result of tips and complaints by other employees. Fraud was more likely to be detected by a tip than any other mechanism used to detect fraud.
Fraud prevention, in practice, falls into three broad areas:
Monitoring – Organizations can develop and utilize tools, policies and procedures for the monitoring, identification and reporting of suspected fraudulent activity.
Investigation – Once potential fraud has been identified, a thorough investigation should be performed by qualified fraud investigators to identify the perpetrator(s) of a fraud, ascertain the losses, and assess the root cause, which is critical in preventing future fraud at the organization.
Program Improvement – Training of all personnel on fraud identification and reporting can greatly increase organizational awareness and reduce overall fraud risk. Review of policies and procedures on a consistent periodic basis can help an organization ensure it is adequately prepared to combat fraud.
Internal controls, if proactively applied by an organization, can significantly assist an organization in fraud prevention.
Management and the Board of Directors must have a thorough understanding of internal controls and how they create value. regardless of size. An effective system of internal controls forms one of the foundations necessary to help control fraud risks.
The controls of current and potential vendors are a key component of many organization’s vendor management program.
Leading practice internal controls change as the processes and technology that support an organization change. Controls are not static. Risks posed to an organization are dynamic, and are subject to change over time.
Additionally, it is key for an organization to find the appropriate balance of internal control. Many organizations hire us as internal control consultants to recommend the appropriate level of control. We help design and implement internal controls, and develop systems to monitor, assess and update those controls.
Outsourcing or co-sourcing your internal audit function enables you to hire dedicated internal audit professionals and alleviate most of the day-to-day managerial requirements. For full outsourcing engagements our team will develop and execute a full-scope, risk-based internal audit plan, report results to executive management and the audit committee, and coordinate with external auditors as needed to meet your company’s needs.
Other companies prefer to maintain ownership of the internal audit function and look to outside firms like ours to supply professionals for critical projects or specialists on an as-needed basis, or to augment their existing staff on an ongoing basis. Our specialists possess expertise including large project management, IT general controls, fraud, industry-specific expertise, and specific software packages. Co-sourcing arrangements are tailored to meet the needs of your organization, with our team of professionals supplementing your team by addressing specialized areas or providing specific expertise.
Choosing the right firm and model to address your internal audit needs is a complex decision.