FRAUD AWARENESS AND PREVENTION KEY FUNCTIONS AND MECHANISMS Presented by: The Office of Auditor-General of Pakistan
SEQUENCE OF PRESENTATION 2 Introduction Auditor-General s Mandate Our work Basics of fraud How we help against fraud? - Audit Planning - Audit Execution - Audit Reporting - Capacity Building Conclusion
INTRODUCTION 3 Fraud and corruption are signs of bad governance They erode the legitimacy of state institutions The role of Supreme e Audit Institutions s (SAIs) in fighting g fraud and corruption has been a subject of debate at national and international forums
4 DEFINITION OF FRAUD & CORRUPTION The following working definition of Fraud & Corruption, derived from the ASOSAI Guidelines for Dealing with Fraud & Corruption, has been adopted: FRAUD involves deliberate misrepresentation of facts and / or significant information to obtain undue or illegal financial advantage. CORRUPTION involves effort to influence and / or abuse of public authority through giving or acceptance of inducement or illegal reward for undue personal or private advantage.
FRAUD DETECTION AND PREVENTION 5 Detection and prevention of fraud and corruption is primary responsibility of executive. The mechanism for detection and prevention of fraud includes; System of Internal Control - designed to ensure reliability of financial reporting, compliance with applicable laws and regulations and effectiveness and efficiency of operations. An ethical work environment Communication plan to educate staff on fraud risk, prevention, detection and deterrence
SAIs AS ANTI-CORRUPTION INSTITUTIONS Cont.. 6 The World Bank in its note series on Public Sector underlines: Although preventing corruption is not an explicit responsibility of supreme audit institutions, audits may detect fraud and abuse. Fostering strong financial management based on reliable reporting and internal controls, is a crucial part of detecting and preventing corruption because it promotes transparency and accountability in government programs and actions
7 SAIs AS ANTI-CORRUPTION INSTITUTIONS Cont.. Irrespective of the primary responsibility for detection & prevention of Fraud & Corruption which lies with executive, the external auditors are expected to be alert to the possibilities of fraud & corruption in the auditee organizations. Both the ASOSAI Guidelines as well as International Standard on Auditing 240, dealing with Fraud and Corruption, require the auditors to incorporate Procedures which provide them with reasonable assurance against the risk of material misstatements in the financial statements resulting from Fraud & Corruption.
SAIs AS ANTI-CORRUPTION INSTITUTIONS 8 It is through the evaluation of the control systems that the external auditor forms an opinion about the possibilities and potential of corrupt practices in an organization. In dealing with Fraud & Corruption the principal value of the external auditors work revolves around assisting the management in improving the control environment.
9 AUDITOR GENERAL S MANDATE The Auditor General s mandate covers federal, provincial, and district i governments, public sector enterprises, and other regulatory/autonomous bodies The 18 th Amendment has strengthened the independence of the Auditor-General As catalyst for good governance, we strengthen internal controls to guard against fraud and corruption; Our role varies from limited involvement to complete responsibility for the internal investigation/reporting of fraud
OUR WORK 10 Certification of accounts of federal, provincial and district governments. Compliance with authority audits, focusing on compliance with the law, rules, and regulations Performance Audits, focusing on economy, efficiency, and effectiveness of government projects/programs Special audits, focusing on risk-prone and public interest areas in public sector operations In carrying out these audits, we blend fraud risk into audit process and continually update it until audit s completion At times SAI reports form basis of NAB and FIA fraud investigations
OUR BECHMARKS 11 Timeliness and quality of audit reports as per international standards Recovery of public money Changes made in systems and procedures Accountability of authority abusers
OUR CORE VALUES 12 Integrity Non partisan, zero tolerance towards fraud & corruption, compliance with international audit standards Quality Timeliness, relevance, reliability and cost effectiveness Partnership Alignment with government agenda, understanding audit environment, facilitating government in good governance
13 BASICS OF FRAUD Frequency and extent of fraud has increased Globalization and IT has made fraud complex Risk of Fraud increases when; Preventive controls ( i.e. systems and procedures) are not effective Detective controls ( i.e. oversight/monitoring) are weak or absent. Code of ethics are non existent and enforcement is weak
14 HOW WE HELP AGAINST FRAUD? We work toward strengthening preventive and detective controls in government operations Focus on High Risk areas in audit planning; Use fraud examination tools in addition to other techniques and procedures in audit execution; Sensitize stakeholders to risks of fraud; Build staff capacity to detect potential fraud as Build staff capacity to detect potential fraud as part of their regular audits
AUDIT PLANNING 15 SAI Pakistan has an Audit Cycle of three years i. High risk entities are audited annually ii. Medium to low risk entities are covered at least once in an audit cycle High Risk entities have some/all of the following attributes: i. Historical trends ii. Large allocation of funds ( i.e. health, education) iii. Complexity of Operations ( i.e. IT & Mega Projects ) iv. Non-coverage in previous audits v. Rural/Community development projects
AUDIT EXECUTION 16 Understand the entity- structure and environment Assess controls ( preventive, detective) Preventive controls like segregation of duties, authorization, ti reconciliation, recording and reporting Detective controls like monitoring/oversight, staff s fraud awareness Watch for red flags in detailed scrutiny Make mid-course adjustments during execution Communicate information on potential fraud detection to management Document evidence in support of audit assertions
AUDIT REPORTING 17 Building Awareness of Fraud - Parliament Audit reports indicate control failures ( preventive and detective) and steps to strengthen controls Parliamentarian in general and the Public Accounts Committee (PAC) in particular are briefed on need for strengthening controls in government operations At the pointation of Audit PAC issues directives for; Initiating disciplinary proceedings Systemic improvements in internal controls Changes in laws
AUDIT REPORTING 18 Building Awareness of Fraud - Management Auditors educate management on fraud risks and controls through out their engagement Share internal control gaps and weaknesses with management in Departmental Accounts Committee meetings; Recommend changes in systems and procedures to prevent/detect frauds; Internal control systems in public sector are continuously strengthened th based on audit input
19 AUDIT REPORTING Building Awareness of Fraud - Media Through the PAC meetings, Audit Reports are shared with media; Media, in turn, educates masses, promotes fraud awareness, and strengthens accountability and good governance; Media flashes potential frauds/risk areas. The AGP orders special audits if deemed appropriate.
20 IMPACT OF AUDIT We strengthened preventive and detective controls in public sector through high quality audit reports; Time lag between closing of a financial year and its audit reports has been shrunk to eight months, thus allowing timely reviews and accountability at PAC levell In the past five years, an amount of Rs.60 billion has been recovered and deposited d in the public treasury at pointation of audit.
CAPACITY C BUILDING 21 As a knowledge-based organization, we provide staff opportunities to learn good practices to deal with fraud in audits Capacity building initiatives: Training in Forensic Auditing; Training in Fraud Risk Assessment; Training in Certified Fraud Examiner (CFE) Certifications for officers/officials Developing Master Trainers in Information Systems Developing Master Trainers in Information Systems Auditing.
CONCLUSION 22 Mitigating fraud risks should be given a priority by all government agencies Preventive/detective control failures pointed out in the Audit Reports need to be fixed through systemic changes Government agencies need to implement the Auditor- General s recommendations Civil Society Organization, Media and other nongovernment stakeholders also need to provide oversight over fraud and corruption in government operations
23 Thank you