Page 33 - IIA MAGAZINE_March 2017_English
P. 33

TO COMMENT on the article,                                                                  Fraud Risk
EMAIL the author at dr.kmousa@gmail.com

Therefore, this shows the role of the        2.	 Does the organization have a clear               through the existing internal control
internal audit in the supervision in order         anti-fraud strategy, for example a             methods and evaluate the design and
to monitor progress of the investigations          policy that coordinates the ongoing            effectiveness of such methods (for
to help in ensuring that the organization          activities to reduce and detect fraud?         example, powers, credit, separation of
follows the relevant policies, procedures,                                                        duties, etc.)?
and applicable laws and legislation (where   3.	 Does the organization conduct              8.	 Are there effective channels to
the internal audit is not responsible for          through examination for the                    enhance the flow of information with
conducting the investigations), in the             backgrounds of new potential                   quality whether top down or vice
identification of misappropriated assets or        employees? Are the investigations              versa across the organization?
the assets related to the investigation, as        and inspection of the employees who      9.	 Are training and awareness of cases
well as in supporting the organization in          are promoted to higher positions               of fraud and corruption for all
its legal, insurance and other procedures          conducted?                                     employees provided? Is the training
through the evaluation of and control                                                             regularly held and promoted in the
over the organization’s practices and        4.	 Is there a process for the                       organization?
plans to report on investigations, whether         documentation of registration,           10.	 Are there sufficient, regular and
internal or external, and monitoring the           tracking and response to all the               ongoing procedures to ensure
implementation of improvements in the              allegations or suspicions of a crime           that the Senior Management took
control methods to ensure their efficiency         (for example reporting violations and          into consideration how effective
and effectiveness.                                 fraud hotline)?                                the control environment and risk
The role of internal audit can be summed                                                          assessment are and how much
up in the evaluation of how sufficient       5.	 Is there a regular evaluation of the             modification or update the control
the fraud risk management is in the                orientations, incentives, pressures and        methods that reduce fraud risk may
organization through asking the following          opportunities to commit the crime              need?
questions:                                         across the organization?
1.	 Do the Board of Directors and
                                             6.	 Does the organization have
      the Audit Committee have clear               categorization for the potential fraud
      responsibilities regarding the fraud         and its effect on the organization
      risk management?                             through an evaluation of all the types
                                                   of fraud risk including bribery and
                                                   money laundering?

                                             7.	 Does the organization evaluate
                                                   whether the risks are reduced

For more information, please use the following references:

•	 Association of Certified Fraud Examiners, “Report to      •	 Price water house Coopers LLP, “Fraud in a Downturn A
    the Nation on Occupational Fraud and Abuse”, Global          review of how fraud and other integrity risks will affect
    Fraud Study, ACFE, 2016.                                     business in 2009”, a limited liability partnership in the
                                                                 United Kingdom, 2009
•	 Coderre, D, “Internal Audit Efficiency through
    Automation”, The Institute of Internal Auditors (IIA),   •	 The Institute of Internal Auditors (IIA),”Auditor s
    John Wiley & Sons, Inc, 2009.                                Responsibilities Relating to Fraud Risk Assessment,
                                                                 Prevention, and Detection”, Practice Advisory 1210.
•	 Deloitte LLP, “Fraud Risk Management – providing              A2-1, The International Professional Practices
    insight into fraud preventive, detection and response”,      Framework (IPPF), April, 2006.
    Deloitte Touche Tohmatsu Private Limited, 2013

•	 HM Treasury, “Fraud and the Government Internal           •	 The Institute of Internal Auditors (IIA), the American
    Auditor”, Crown copyright, London, January, 2012.            institute of Certified public accountants (AICPA) and
                                                                 Association of Certified Fraud examiners (ACFE),
•	 KPMG, “Fraud Risk Management Developing a strategy            “Managing the Business Risk of Fraud: A Practical
    for prevention, detection, and response”, KPMG               Guide”, The IIA, AICPA, and ACFE, 2008.
    forensic, KPMG LLP, 2013.

                                                             Dr. Khaled Mohamed Abdalla Mousa, Ph D, CFE

MARCH 2017                                                                                  INTERNAL AUDITOR - MIDDLE EAST 33
   28   29   30   31   32   33   34