DATA AND tech company Kroll has issued a report on the changing role of internal audit in fraud risk-management since the start of the pandemic.
The report, in collaboration with the Internal Audit Foundation (IAF) and the Institute of Internal Auditors (IIA) It is based on a recent global survey and focus groups with internal auditors.
This is the second report in Kroll’s fraud risk-management series with the IAF/IIA. The first was based on a survey conducted before the start of the pandemic.
The new report reveals that the past two years presented “a perfect storm in terms of the likelihood of fraud occurring and going undetected”. Changing work practices and a sudden move to remote working have presented new opportunities for fraudsters and cybercriminals.
Organisations faced increased exposure to phishing attacks, as well as instances of impersonation to embezzle funds. Over half of survey respondents noted an increase in cyber and phishing fraud, and 40 percent have experienced an increase in fraud relating to asset misappropriation.
President and CEO of the IIA Anthony Pugliese says no aspect of business operations has been immune from pandemic disruption. “We wanted to see precisely how that disruption impacted organisations’ fraud risk-management practices… It’s clear that when the independent internal audit function is actively providing assurances of internal controls and risk management systems, the impact of fraud is reduced.”
As a result of heightened risks, 36 percent of respondents said they had devoted additional resources to internal controls. Since the start of the pandemic, business leaders have required internal audits to take a more flexible approach of continuous assurance. Successful organisations were flexible enough to respond by implementing changes that allowed planning for risk.
Matthew Weitz, of Kroll, believes increasing attacks have driven “a rethink of the role of internal audit”. Internal auditors were increasingly stepping up to become strategic advisors, he said.