Internal audit steps up fraud response to meet pandemic challenges

Over half (54%) of survey respondents noticed an increase in cyber and phishing fraud, while 40% have experienced an increase in fraud relating to asset misappropriation

Internal audit has stepped up its response to risk management since the start of the pandemic as organisations faced “increased exposure” to cyber, social engineering, and phishing attacks, according to a new report.

The report from Kroll, the provider of data, technology and insights related to risk, governance and growth, in collaboration with The Internal Audit Foundation (IAF) and The Institute of Internal Auditors (IIA) is based on a recent global survey and focus groups with internal auditors, discussing how the role of internal audit in fraud risk management has changed since the start of the pandemic.

This is the second report in Kroll’s fraud risk management series with the IAF/IIA. The first, Fraud Risk Management in Internal Audit, was based on a survey conducted in 2020, before the start of the pandemic.

The new report revealed that the past two years presented a “perfect storm” in terms of the likelihood of fraud occurring and going undetected. It found changing work practices and a sudden move to remote working presented new opportunities for fraudsters and cybercriminals.

Over half (54%) of survey respondents noticed an increase in cyber and phishing fraud, while 40% have experienced an increase in fraud relating to asset misappropriation.

As a result of the heightened fraud risks, 36% of survey respondents said they had devoted additional resources to internal controls, and 29% said they’d done that toward data analytics.

It also revealed that since the start of the pandemic, business leaders have required internal audits to take a “more proactive and flexible continuous assurance approach”. It found the most successful organisations were flexible enough to respond quickly to these circumstances by implementing changes that positioned them for future risk planning.

Anthony Pugliese, president and CEO of The IIA, said: “No aspects of business operations have been immune from pandemic disruption, and we wanted to see precisely how that disruption impacted organizations’ fraud risk management practices.

“As companies increase investments in new technologies, it’s clear that when the independent internal audit function is actively providing assurances of internal controls and risk management systems, the impact of fraud is reduced.”

Matthew Weitz, associate MD, Forensic Investigations and Intelligence, at Kroll, said: “We have seen the external, organised threat of fraud, for example through cyberattacks and social engineering, strengthen during the pandemic, with the internal threat becoming increasingly hard to identify and remediate.

“This has driven a rethink of the role of internal audit with many internal auditors stepping up to become more strategic advisors in the fight against fraud.”


Show More
Back to top button