Changes in work practices due to the COVID pandemic are increasing the likelihood of fraud occurring and going undetected, according to research from the Internal Audit Foundation and Kroll.
The raised risks will prompt a shift in the internal audit function, with the prospect of more investment in fraud risk management.
Kroll’s associate managing director Matthew Weitz said the pandemic acted as a catalyst for change in some areas, such as technology in fraud and fraud prevention.
There was a need for continuous assurance with the pandemic creating new challenges that required flexible solutions.
“The most successful organisations were flexible enough to respond quickly by implementing changes that positioned them for future risk planning,” Mr Weitz said.
“In terms of the fraud landscape, while many participants felt that the overall prevalence of fraud had not necessarily increased, they felt that the type and nature of fraud had changed, partly driven by changing working practices.
“Many respondents felt that their organisations were much more exposed to cyber, social engineering and phishing attacks, as well as impersonation of senior management to embezzle funds out of the business.
“There was a perception that the internal control framework had been weakened due to the challenges of remote working and, in many cases, a reduction of staff through illness, furlough, and headcount.”
The report also highlighted challenges facing auditors in managing supply chains.
In some cases, the opportunity for fraud to go undetected was enhanced due to fluctuating prices and more fragmented supply chains. Constraints on travel meant third-party activity was less visible.
Mr Weitz said there was also a perception that while reports of fraud may not have increased in some organisations, this was partly because it had gone undetected due to challenges in monitoring and detection from a more fragmented working environment.
“Internal audit, like any other business function, experienced significant challenges presented by the pandemic in undertaking its day-to-day work,” he said.
“The inability to get on site to check inventory levels or form relationships and partnerships with business leaders was particularly challenging.
“Many of the participants responded to this through the engagement of new and developing technologies, such as increased use of video conferencing to allow remote working and also through more creative use of technologies such as satellite imagery, open-source intelligence tools and drones to check the existence of assets and assess risk in business relationships.”
From a more strategic perspective, the survey found the pandemic is putting internal audit in the driving seat when it comes to fraud risk management.
Mr Weitz said many respondents talked about how internal audit had been put at the forefront of the operational challenges faced by organisations in the pandemic, with a requirement for continuous assurance and more collaboration with other business functions.
“A number of participants cited more strategic engagement with management from a fraud risk perspective, and more involvement in examining enterprise-wide fraud risk through a risk assessment,” he said.
“As was noted in the 2020 survey, balancing the opportunity of being more involved in the strategic dialogue with the threat of losing independence remained a significant concern of the participants.
“Another significant challenge highlighted by the participants included an increasing gap in skills, particularly with the increased requirements for internal auditors to have more data analytics capabilities and to be involved in fraud investigation.”
The report, Fraud and the Pandemic – Internal Audit Stepping Up to the Challenge, is based on a global survey and focus groups with internal auditors across 24 countries conducted by the Internal Audit Foundation and Kroll.