Click here to bookmark this page
Click here to remove bookmark
Click here to bookmark this page
Click here to remove bookmark
80% of internal auditors face barriers to involvement in fraud risk management
Nearly half say internal audit not involved in strategic decision making
London – Kroll, a division of Duff & Phelps, the global leader in risk mitigation, investigations, compliance, cyber resilience, security and incident response solutions, The Institute of Internal Auditors (IIA) and Internal Audit Foundation, the nonprofit research and publishing arm of The IIA, today identify that greater empowerment of and increased investment in internal audit can have a significant impact on the effectiveness of fraud risk management programs. This is highlighted in a new research report, “Fraud Risk Management in Internal Audit”.
The report, based on a survey of over 700 internal audit professionals across the globe and across industries, reveals that the vast majority (80%) of internal auditors are facing barriers to being involved in managing fraud risk, despite almost two thirds (62%) saying they had seen an increase in fraud incidents over the past five years.
Matthew Weitz, Associate Managing Director at Kroll, comments: “Internal auditors are facing a challenging landscape and an unclear future. Risk profiles are changing and fraud threats are continuously evolving. In the current conditions of a looming financial crisis, increased pressure on individuals and companies which when combined with rapidly shifting management focus can lead to a perfect storm for fraud to occur and go undetected. In this environment, careful consideration of fraud risk management is more important than ever.”
“Following recent scrutiny of the external audit profession, the focus is turning to companies’ internal defences against fraud, of which internal audit can be a key participant. If internal audit is given a clearer and stronger mandate in feeding into strategic fraud risk management, then it can add significant value and ultimately contribute to reducing incidents of fraud. Furthermore, by enlisting more support from internal audit, fraud can be detected quicker, and investigation and remediation can be carried out when issues occur. To make this happen, there needs to be more buy-in from senior management, adequate resource allocation, and recruitment of people with the right skillsets.”
The report shows a clear disconnect between fraud risk assessment and resulting strategic plans. Almost half of survey respondents felt that internal audit teams were not part of enterprise-wide strategic decision making, even though 91% said that they had at least some role in assessing fraud risk.
Where internal audit was part of the strategic risk management of fraud, the process was perceived as more effective overall. Those who felt that their organisation’s risk management process was ‘very good’ or ‘excellent’ increased from 31% to 60% between respondents who were ‘very involved’ and those who were ‘extremely involved’ in fraud risk management.
For those respondents who said they were ‘minimally involved’ or ‘not involved’ in the fraud risk management process, only 12% felt that their effectiveness was ‘very good’ or ‘excellent’, with over half stating that overall the fraud risk management program was fair or poor.
A third (33%) of respondents said a lack of resources was the biggest obstacle to internal audit being more involved in fraud risk management processes. A further one in four (23%) cited lack of mandate as the most significant barrier, followed by one in five (21%) who cited concerns over potential conflicts of interest.
In a webinar quick poll of 1,750 internal auditors conducted by Kroll and The IIA in July 2020, it was revealed that two thirds (65%) of internal audit professionals felt that COVID-19, remote working, and financial strains would result in an increased risk of fraud. Over three quarters (77%) agreed that, if internal audit was more involved in strategic fraud risk management, the fraud risk management process would improve.
Richard F. Chambers, President and CEO of The Institute of Internal Auditors, comments: “It is vital for organizations of all sizes and industries to have boards, executive management, and internal audit leaders who are well aligned in their approach to managing risk, including fraud. Internal audit plays a critical role, with other surveys supporting these findings that, when internal audit is involved, the impact of fraud is lessened. That’s because internal audit is well-positioned due to its enterprise-wide view of an organization to identify vulnerabilities for potential fraud and, in some cases, even to investigate. What’s clear is that internal auditors know how to follow the risks. But they must have the resources to assess the exposure to potential fraud, ensure internal controls are in place and effective to limit such risks, and to offer assurance that risk management processes are robust and appropriately implemented.”
Notes to Editors
About the Findings
Kroll and the Internal Audit Foundation conducted a short questionnaire, which was distributed to internal auditors globally and received 704 responses. The aim of the survey was to seek to understand the extent to which the involvement of internal audit in fraud risk management impacts the perceived effectiveness of the fraud risk management process. The survey also covered where responsibility lies for strategic fraud risk management within an organisation, who is responsible for operational activity of the prevention, detection, and investigation of fraud and the challenges and barriers to internal audit’s involvement in fraud risk management.
About Kroll, a division of Duff & Phelps
Kroll is the leading global provider of risk solutions. For more than 45 years, Kroll has helped clients make confident risk management decisions about people, assets, operations and security through a wide range of investigations, cyber security, due diligence and compliance, physical and operational security, and data and information management services. For more information, visit www.kroll.com.
Duff & Phelps is the world’s premier provider of governance, risk and transparency solutions. We work with clients across diverse sectors in the areas of valuation, corporate finance, disputes and investigations, cyber security, claims administration and regulatory compliance. With Kroll, the leading global provider of risk solutions, and Prime Clerk, the leader in complex business services and claims administration, our firm has nearly 4,000 professionals in 25 countries around the world. For more information, visit www.duffandphelps.com.
About the Internal Audit Foundation
The Internal Audit Foundation provides groundbreaking research for the internal audit profession. Through initiatives that explore current issues, emerging trends, and future needs, the Foundation is a driving force behind the evolution and advancement of the profession. For more information, visit www.theiia.org/Foundation.
Further Information (Journalists Only)
Global, efficient investigations into allegations of fraud, bribery, corruption and money laundering.
Helping clients determine what happened, how it occurred and who was responsible.
Helping companies and their counsel investigate complex financial misconduct across jurisdictions.
Providing clients with the facts and insights they need to respond confidently to regulatory issues.
Tracing funds and identifying assets through complex money laundering schemes and corporate structures.
Actionable intelligence on acquisition targets, business partners, suppliers, competitors and markets.