The Benefits of Outsourcing Internal Auditing

By Lowers & Associates,

As a result of the numerous corporate and accounting scandals, the financial crisis, and other similar events that have occurred in the first part of the 21st century, numerous regulatory and protection acts have been enacted to provide assurance to individuals, investors, and the boards and management of organizations regarding the financial and operational integrity of these companies.

Given the heightened awareness and requirements of the regulatory environment, many people hear the term ‘audit’ and immediately relate it to the ‘external audit’ teams of Certified Public Accountants tasked to review the accounting of organizations to assure the accuracy of the financial information.

An ‘internal audit’ can be critical to the successful operation and growth of any organization before the external audit team even begins to add their value. According to The Institute of Internal Auditors “internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.” … Continue reading

Examining the Bigger Picture in a Fraud Investigation

By Lowers & Associates,

As an experienced corporate investigator, having investigated hundreds of various types of fraud cases, it’s really not hard to come to the conclusion that where there is smoke there is usually fire and often times in more than one place. When a client or an individual is alerted to suspicious behavior by an employee/contractor, the investigation generally must focus on the specific allegations. However, it is also important to use the initial investigation opportunity to open a broader review into the suspect for two main reasons:

  • To look for motivating factors (a motive); and
  • To determine, if he/she may be committing fraud or deviant behavior in other areas not specific to the case. After all, if the individual is involved in some form of fraud or deviant behavior that we are aware of, it is highly probable this extends to other areas as well.

According to the widely accepted Fraud Triangle model developed by Donald Cressey, “…individuals are motivated to commit fraud when three elements come together: 1) some kind of perceived pressure, 2) some perceived opportunity, and 3) some way to rationalize the fraud as not being inconsistent with one’s values.” One of the reasons for opening a broader investigation and not just focusing on the specific allegations is to look for motivating factors or pressure(s) the person may be under that might drive him/her to commit the fraud. People often say “I would never do that” but when faced with varying degrees of perceived pressure, it is difficult to determine the lengths people will actually go to in committing fraud. … Continue reading

Data Analytics as a “Survival Strategy” for Fraud Control

By Lowers & Associates,

Big Data is becoming a resource in the fraud fighter’s arsenal as more companies are using data analytic software to look for anomalous patterns in internal data. This method has helped some companies monitor more data sources, cutting the time for detection and reducing the costs of fraud.

A recent post by Peter Goldmann of ACFE reports on the rate of adoption of data analytic technology, finding that the largest group is companies that have no data analysis program at all (almost 30%–see the bar graph). … Continue reading

  Category: Fraud Prevention
  Comments: Comments Off on Data Analytics as a “Survival Strategy” for Fraud Control

Why Fraud Prevention Really Matters

By Lowers & Associates,

Despite the wealth of well-publicized information about the high prevalence of organizational fraud and the high costs of fraud, it is always surprising to learn that so many companies operate without systematic fraud prevention programs, or fail to review their programs on a regular basis.

In fact, there are very important reasons fraud prevention is worth the effort. Here are some of them: … Continue reading

The Case for a Risk-Based Approach to Compliance Auditing

By Lowers & Associates,

In general, compliance is conforming to particular expectations, standards, or behaviors, where risk is an exposure to potential loss or injury. When we think of compliance in the security arena, it often means that you are following prescribed standards, which could be regulatory, industry best practices, or standards that are otherwise customized or company specific.

While compliance and risk often follow the same path, a compliance audit or survey is often performed with a one-size-fits-all “compliance only” approach, as opposed to one that requires more complex reasoning.

Some may question the rationale of compliance if risk is not a constant consideration. Lack of experience, industry knowledge, or even simply lack of time can hinder the ability to take a more risk-based direction. After all, taking a compliance only approach simplifies the security audit process by allowing for uniform application, reduced subjectivity and error in assessment, and strong performance metrics capability.

Is the added complexity of a risk-based approach worth the effort? … Continue reading