forensic audit - nbaa · performance of a forensic audit such as isa/ifrs • regulation for...

Forensic audit

April 2017

3© 2017, KPMG Advisory Services Limited, a Limited Liability Company Registered in Kenya and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative, a Swiss entity. All rights reserved.

Document Classification: KPMG Public

Why is this important?

There is a lot of misconception regarding forensic audit

Increasing needs of forensic audit Demonstrate the role of

accountants/auditors to our stakeholders Enabling accountants/auditors to better

protects stakeholders interest Provide insights on what to consider before

accepting forensic engagement

3



Agenda

1. Introduction 2. Forensic versus normal audit3. When to involve forensic auditor4. Methodology and process5. Case studies6. Closing

4

GO TO INSERT>HEADER & FOOTER TO ENTER YOUR COUNTRY'S COPYRIGHT INFO (PER THE FORMAT SHOWN ON THE THANK YOU SLIDE IN THIS DECK.) THIS IS A GLOBAL KPMG BRANDING REQUIREMENT AND MUST APPEAR ON ALL SLIDES EXCEPT TITLE AND SECTION SLIDES.

Introduction



Description Forensic accounting is a term used to describe the wide range of

investigative work whereby a forensic accountant carries outprocedures to gather evidence, which could ultimately be used in legalproceedings or to settle disputes.

An examination and evaluation of a firm's or individual's financialinformation for use as evidence in court.

Normally involve an investigation into financial affairs of an entity andis often associated with investigation into alleged fraudulent activities

Forensic accounting can cover non-fraud situations e.g settling ofmonetary disputes in relation to business closure or matrimonialdisputes under insurance claims

Forensic accountant could aim to discover if a fraud actually had takenplace, to identify those involved, to quantify monetary amount of thefraud and to ultimately present findings to the client and potentially tocourt



Description Specific procedures carried out in order to produce evidence. For

example how long the fraud has been carried out, how it wasconducted and concealed by the perpetrators

Evidence may also be gathered to produce evidence tosupport/identify The suspect’s motive and opportunity to commit fraud Whether fraud involved collusion between several suspects and

any physical evidence at the scene of the crime or contained indocuments

Comments made by the suspect during interviews and/or at thetime of arrest

Attempt to destroy evidence

Investigators findings reflect more than mere opinion on the matter.



Type of investigations Corruption- Conflict of interest, the fraudster exerts their influence to achieve

personal gain which detrimentally affects the company- Bribery (when money/something else of value is offered in order to

influence a situation)- Extortion (the opposite of bribery) - happens when money or

something else of value is demanded in order to secure particularoutcome

Asset misappropriation (the most common)- Theft. E.g. Stealing of physical cash, inventory- Fraudulent disbursements – company funds being used to make

fraudulent payments. Payment to fictitious suppliers, ghost employees- Misuse of assets e.g. employee using company assets for personal use

Financial statement fraud- fraud that causes a material misstatements in the financial statements- Can include deliberate falsification of accounting records; omission of

transactions, balance or disclosures or misapplication of financialreporting standards


Forensic vs Normal audit



Forensic audit Vs Normal auditElement External Audit Forensic auditObjective • Provision of an opinion on

whether the financial statement give true and fair view

• Prevention, investigation and detection of fraud

Guidance • Limited by professionalstandards

• Not limited by external audit standards and can perform professional activities outside the standards

Materiality • Very important • Look at total value of the damage of the fraud, regardless of materiality.



Forensic audit Vs Normal auditElement External Audit Forensic auditPeriod of activity

• Expression of opinion on the financial statement for one business year

• No specific timeline. Activity lasts until the fraud is discovered

Reporting • Provides independent,professional and competent opinion in line with International Accounting Standards

• Specialized report containing the elements of the offense of fraud and is intended for legal proceedings.

Obligation • Mandatory • It is not a legal obligation



Regulation• Unlike normal audits, there are no standards that govern the

performance of a forensic audit such as ISA/IFRS

• Regulation for forensic audits stems from professional regulatorybodies where the auditors are registered such as Association ofCertified Fraud Examiners (ACFE) in US.

• Laws within the jurisdiction also govern the execution of forensicaudits. This occurs where government passes law governingsecurity services bodies or elements of fraud such as handling ofevidence


When to involve Forensic auditor



When to involve a forensic auditorOften, clients request forensic audits in varying situations depending onthe needs of the organisation. Some of these are:

A whistle-blower reports the occurrence of fraud;

A manager suspects occurrence of fraud due to red flags viewed in the course of their work;

On discovery of loss/mismanagement of assets;

The nature of fraud occurring requires specialised skills, e.g. a system is illegally accessed - the need for IT experts

Assessment of utilisation of funds is necessary especially for donor funded organisations; and

Sometimes, when internal investigations have not borne the results required.



When to involve a forensic auditor

A need to thoroughly assess the Company procedures required to enable fully compliance with Anti Money Laundering requirement

A need to determine whether Anti-fraud programs and Controls are actually effective

When there is a dispute e.g. Breach of contract, shareholders disputes, Contentious valuations, Damage assess


Methodology and process


Overview• Consider whether your firm/the accountant has the necessary

skills and experience prior to accepting the work/engaging theaccountant

• Forensic investigations are specialist in nature and the workrequires detailed knowledge of fraud investigation techniques andthe legal framework

• Whether the investigation involve and audit client



Knowledge and skillsForensic auditor

Education

- At least a Bachelors Degree

- Professional certification e.g. by Association of Certified Fraud Examiner

- Continuous on the job and other training

Practical skills

- Easily understands internal control systems

- Analytical skills

- Detail oriented

- Professional scepticism

Interpersonal skills

- Integrity

- Communication skills

- Interviewing skills

- Listening skills

Specialised skills

- Digital evidence recovery

- Dispute resolution

- Testifying/expert witness

- Asset recovery



Forensic knowledgeEach experienced forensic team should comprise of individuals whoare multi skilled. Knowledge relevant for the successful execution ofall engagements includes:

Professional responsibility and project management

Laws and regulations (sector/jurisdiction of practice)

Planning and preparation

Information sourcing and preservation (electronic data, documents, interview notes)

Analysis and synthesising information

Reporting including expert witness



MethodologyA forensic audit is similar to a project management assignment. Inensuring all risks are considered and delivery, the methodologyfocuses on 5 element:

Preliminary considerations

Planning and Management

Gathering of information

Analysis of information

Reporting



ProcessDuring a forensic audit, the general processes performed are:

Planning and agreement with the client

System walkthroughs conducted with process owners Document request/ electronic data requests made

Analysis of information obtained

Further inquiries on exceptions noted in reviewed informationConduct admission seeking interviews based on findings/leadsDocumentation of findings and collation of exhibits supporting the findings

Communication with client and amongst team throughout the engagement



Techniques and toolsSampling

Forensic audits require 100% sampling of information because forensic auditors present their investigation findings in court proceedings.

By reviewing all documentation available, the forensic auditor is capable of presenting losses or issues without doubt on existence of information that would negate the findings.

Analysis tools

Forensic auditors can use data analysis tools for varying data structures such as:

Use of IDEA software tool in analysis of structured data to identify anomalies; and

Use of document search tools under forensic technology such as NUIX or Dtsearch for the review of unstructured data, for example emails, excel and word documents retrieved from a suspect’s computer.



Techniques and toolsEvidence recovery tools

Evidence can be recovered from suspect laptops, desktops and phones through imaging. This is where the team uses specialised tools and software to duplicate the hard drive of a machine.

Deleted items are recoverable in this case.


Case studies



Project A DescriptionProvision of forensic investigation services into allegations of irregularitiesin the finance department. Specifically, the client required an in-depthreview of the finance function over an 18 month period to determine theculpability and involvement of finance personnel in any irregularitiesnoted and a quantification of loss incurred through the irregularities.

Work performed Reconstructed the finance process for funds issued over a 16 month

period through creation of an audit trail;

Performed analysis of information to quantify unaccounted for funds;

Performed third party confirmations to ascertain receipt of issued fundsto suppliers and program beneficiaries through site visits and phonecalls; and

Performed a fraud risk assessment of the key processes involved inmanaging the programs run by the organization.



Project A Benefit to client

We quantified the loss incurred by the client .

Our report provided the client legal support to proceed with claimsagainst the culpable persons.

We also identified finance and program fraud risk areas and providedpractical recommendations to address the loopholes.



Project BDescriptionA review of a proposed new office construction project among otherprojects which included an analysis of the basis of appointment ofvendors, contract compliance, assessment of work done and relatedreports on the work done, analysis of payments and project governance.

Work performed Gained an understanding of the internal project implementation

procedures, including the expected governance reporting structuresand system controls;

Undertook a review of the project implementation and identifiedareas where the project team did not follow laid down procedures,and key project risks were not escalated within the organization;

Conducted interviews to establish facts and seek explanations fromvarious staff members and third parties; and

Prepared a report that identified the individuals responsible forvarious aspects of loss and negligence.



Project BBenefit to client

We identified instances of

procurement flaws,

unmitigated conflicts of interest,

poor governance structure, and

unclear price discovery processes.

We provided the client with recommendations which would greatlyimprove the control environment.



Project CDescriptionFollowing review of reports issued and a visit by our client to theirpartner organisation in DRC, discrepancies were noted in the financialreports and red flags at the premises. We were contracted to perform aforensic audit.

Work performed Identified and secured physical evidence relating to suspect

transactions; Conducted background searches on the agents, entities and

individuals involved. Conducted field visits to verify existence of projects and occurrence

of activities Reviewed hard and soft copies of documents related to the

allegations, these included financial statements, and correspondencebetween various parties, procurement documents, finance supportingdocuments and HR records; and

Conducted interviews to establish facts and seek explanations fromvarious staff members and third parties.



Project CBenefit to client We identify instances of irregularities and misconduct that led to a

potential loss of USD 29,500.

These irregularities included abuse of the procurement procedures, falsification of financial supporting documents, financial misreporting and non-adherence with the guidelines

provided by our client.


Closing



Misconceptions of forensic audit

I can avoid fraud in my organization by letting only a trusted, long-term employees handle the money.

38% of fraudsters in the 2016 KPMG profile of a fraudster have worked for the organisation for more than 6 years.

According to the 2014 Report to the nations by ACFE, 53% of fraudsters had been in the organisation for more than five years.




My financial statements are audited each year. I do not need a forensic auditor to investigate fraud in

my organisation.

The role of a normal auditor and a forensic auditor is not the same.

From the 2016 Profile of a fraudster survey;

61% of frauds occurred due to weak internal controls whilst

44 % of perpetrators had unlimited authority in their company therefore could override controls.




A forensic report’s purpose is to tell me which member of staff stole from me.

The purpose of a forensic report is not limited to apportioning culpability for fraud. We use the reports for:

Presenting factual findings; Illustrating what, how and who made the fraud occur; Identifying system weaknesses; Proposing practical mitigation strategies to curb future fraud

from occurring; and Quantification of loss to the client for litigation or insurance

claims.


Key points to remember

The need to enhance and abide to internal control: 53% of fraudsters had been in the organisation for more than five years.

Be alert of red flags on when to carry out forensic investigations. There has been increasing trend of fraudulent activities

Consider whether you/firm has the necessary skills and experience before accepting forensic assignments 35

© 2017 KPMG, a Tanzanian registered partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.

Thank you

© 2017 KPMG, a Tanzanian registered partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.

Genes Inyasi Manager KPMGMobile: +255 714 451727Email: [email protected]

37

mailto:[email protected]


© 2017, KPMG Advisory Services Limited, A Limited Liability Company registered in Kenya and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative, a Swiss entity. All rights reserved.

The KPMG name, logo are registered trademarks or trademarks of KPMG International.

The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act on such information without appropriate professional advice after a thorough examination of the particular situation.

kpmg.com/socialmedia kpmg.com/app

forensic audit - nbaa · performance of a forensic audit such as isa/ifrs • regulation for...

Documents