FRAUD RISK ASSESSMENT FOR INTERNAL AUDITORS.

Samples of fraud risk indicators to look for during fraud risk assessment.

Listed below are the various fraud indicators that have been compiled based on the information gathered from credible sources , our experiences on client engagements and interactions with our network of professional contacts. The list is not exhaustive, but sufficient to provide the internal auditors good baseline or starting points to conduct fraud risk assessment during audit planning and identify frauds during field work execution. The lists have been organized based on two factors, namely: those associated with entity levels and personality traits and those associated with processes or procedural and transactions levels. The United Nations sample list presented below only focuses on the procedural or processes and transactions levels. The very list we have compiled from other sources have been presented based on both the entity and procedural levels.

Also listed below are some fraud risk indicators gathered based on a combination of many sources which include our experience on client engagements, our interaction with business leaders and research on leading practices industry surveys and thought leaderships from credible sources.

Part a – Some common fraud indicators associated with entity level

• General negative tone at the top, negative mood in the middle and negative buzz at the bottom demonstrated with inappropriate communication of ethical standards and business conducts, absence or lack of certifications of acceptance to adhere to ethical standards and business conducts across all levels, particularly top management, board of directors, operational staff and third-party service providers.
• General absence of or poor-quality documented policies, processes, procedures and controls around key business areas and risks, including ethics and business conducts, corporate and departmental level organograms, job descriptions, authority and competency levels.
• Inadequate staffing and fewer number of skilled staff than required.
• High exit of ley personnel
• Pervasive management override of controls
• Absence or irregular executive management meetings, board meetings and board committee meetings including absence or poor documentation of the minutes of the meetings.
• High incentive driven compensation pervasive across all levels in the organisation.
• Lack of cordial relationship between management and the assurance functions, especially between the senior management, executive management and the internal auditors.
• Overtly cordial relationship between internal auditors and non-internal audit employees including operational staff, executive management and board of directors. The expected relation between the internal auditors and the non-internal audit employees should be professional business partnerships and collaborations for the best interest of the company and non-compromising,
• Absence or poor stakeholders and media communications management including adverse media news and publications about the company.

Part b – Fraud risk indicators associated with business processes, procedural and transactional levels. The business processes covered are those that are common to every organization.

• Financial Close, Consolidation & Reporting systems
• Procurements to payables
• Sales to Receivable
• inventory
• Fixed Asset
• Payroll
• Timesheet
• ICT

The fraud indicators specific to the industries such as banking, insurance, production, oil and gas, real estate and others have not been covered in this blog post, but will be covered later in another blog post.

Some common fraud indicators in Financial Close, Consolidation & Reporting systems

• Unusual GL Account balances
• Repetitive and unique journal entries
• Unusual debit and credit transactions
• Unusual General Ledge accounts
• Unusual Transactions from unusual sources
• Journal entries that do not net to zero
• Journal entries out of sequences numbers
• Improper or lack of disclosers of significant events such as fraud and cyber attacks

Some common fraud indicators in Procurements to payables

• Phony vendors including shell companies
• Fictitious invoices
• Unauthorised mode of vendor payments
• Post dated and back dated vendor invoices and payments and returns and refund memos
• Full or semi-manual interventions on procurement and payment procedures where the company has invested in innovative end-to-end automation systems
• .Single sourced vendor and out of line material costs
• Restrictions statements placed on vendor solicitation documents preventing competitive bidding
• Overpayments to legitimate vendor invoices with unprocessed refund requests
• Unusual vendor contact addresses – home, post office box, state, town
• Changes to vendor key data such as  banks, office and mailing address, email, phone number, etc.
• Unusual vendor balances including debit balances
• Unusual large or small payment amounts
• Unusual  large or small invoice amounts
• Unusual purchase order amounts – large and small
• Unusual approval limits -large and small
• Unusual dates for transactions posting – invoice, purchase order and payment instruments such as cheques and transfers
• Unauthorised price changes  in purchase orders
• Purchase deliveries with no GRN
• Related party transactions such as supplies made by employees, directors of the company and close relations.
• Variances  between approved  purchase orders  and invoice cost and waybill delivery
• Gaps in sequence numbers for invoices, purchase orders and cheques and payments transfers
• Unusual purchase order issuers
• Invoice confirmation requests not received
• Vendors with no discount taking
• Vendor invoices paid prior to their dues dates
• Vendors on predefined payments basis such as weekly, monthly
• Payments for unrecorded liabilities
• Unusual debit memos
• Unauthorised and altered purchase orders, invoices, payment vouchers and payments
• Unusual purchase requisitions from employees and other levels of management
• Personal purchases with company issued credit cards
• Purchases made by other departments other than the centralized purchasing departments
• .Unrecorded purchases receipts and returns
• Unreconciled and cleared suspense accounts