Mobile Edition
Print
Get the Mag
Weekly UpdatesTHE INTERNATIONAL FINANCIAL REPORTING STANDARDS (IFRS) transition, Extensible Business Reporting Language (XBRL) for communicating financial data electronically, and IT risk rank among internal auditors' biggest concerns, according to Protiviti's 2009 Internal Audit Capabilities and Needs Survey. The survey was conducted from July to August 2008--before the U.S. government bailouts of financial service companies in September--with more than 700 participants, including chief audit executives (CAEs), internal audit managers, and staff.
[ILLUSTRATION OMITTED]
Also emerging as high-priority areas for improving general technical knowledge for CAEs and internal audit professionals are enterprise risk management (ERM), fraud, continuous auditing and computer-assisted audit techniques, and developing relationships with board committees other than the audit committee. In addition, CAEs cite The IIA's GAIT IT risk and control methodology and the ISO 27000 information security standard as key technical needs.
"You can see the impact of this economic cycle reflected in the way internal auditors answered this year's survey," says Bob Hirth, executive vice president of Global Internal Audit in Protiviti's San Francisco office. "There's a real shift in their view of risk and how it's managed compared to years past."
Keeping IFRS and XBRL high on the list is the U.S. Securities and Exchange Commission's (SEC's) announcement that it may require U.S. issuers to prepare financial statements in accordance with IFRS within the next five years, as well as the commission's proposed rule requiring companies to file financial statements in an interactive data format using XBRL as early as this year. ISO 27000 also appears on the top five concerns list, but the survey indicates that internal auditors are becoming more comfortable with data security and privacy measures companies are implementing.
CAE responses regarding audit process knowledge areas that need improvement closely mirror the study's overall results, but differences emerged over personal skills and capabilities. This is understandable because CAEs have likely reached their current level in the organization by mastering these skills, according to the survey. CAEs say they need to develop better negotiation skills and learn how to create a learning internal audit function, while respondents over-all listed leadership within the profession and persuasion among personal skills that need improvement.
The 2009 Internal Audit Capabilities and Needs Survey can be downloaded from www.protiviti.com.
--S. STEFFEE
CAEs Are Changing Audit Priorities
INTERNAL AUDIT DEPARTMENTS ARE RESPONDING TO the worldwide financial crisis by reassessing risk and audit priorities, a pair of reports by The IIA's Global Audit Information Network (GAIN) assert. Nearly half of U.S. internal auditors surveyed by GAIN have increased coverage of operational risks since the crisis began--yet, less than 20 percent say better risk management could have lessened its impact on their organization.
[ILLUSTRATION OMITTED]
Eighty-seven percent of the 364 auditors surveyed say the crisis has negatively impacted their organization, according to The Financial Crisis: Implications for the Internal Audit Profession. In response, 47 percent of audit functions have focused more on cutting costs and expenses, but one-third have stepped up assessments of risk management effectiveness.
In a separate survey of Fortune 100 CAEs conducted prior to The IIA's General Audit Management (GAM) Conference in March, 56 percent say their organization's risk management processes are functioning adequately, while 17 percent say they need improvement. Forty-four percent say internal auditing could have done more to help identify key risks that could have mitigated the impact of the crisis. "New approaches to risk assessment must be contemplated, tested, and ultimately incorporated into best practice," says IIA President Richard Chambers, who notes that the crisis demonstrates that external forces could hurt any organization.
A roundtable of CAEs convened during the GAM Conference in Washington, D.C., dove deeper into these issues. The 28 CAEs represented Fortune 100 companies, as well as some from the Fortune 250--audit organizations presumably at the forefront of best practices. The GAIN report, A World in Economic Crisis: Key Themes for Refocusing Internal Audit Strategy, summarizes the issues discussed in the roundtable, identifying several trends that are impacting roundtable participants' audit functions:
* Stakeholder expectations are changing. CAEs say stakeholders are asking internal auditing to take on a more strategic role and revise audit strategy. Audit functions are focusing more on ERM and recession-related risks.
* There is a broader, strategic focus on risk. CAEs say their board and management want internal auditing to become risk champions and ensure that risk management processes are working throughout the organization. Even so, participants admit that predicting and responding to a crisis of this magnitude would be difficult, although warning signs existed.
* Internal auditing's coverage is shifting dramatically. CAEs at the roundtable are changing their audit plan to respond to the organization's changing risk profile, particularly cost and operational risks. Another focus is increased risk in areas such as credit, liquidity, and exposure to third parties that are under financial duress.
* CAEs are trying to do more with less. More than half of CAEs in the pre-conference survey have experienced budget cuts in the past year, and roundtable participants say internal auditing must continue to be cost-conscious and creative.
The full reports on the GAIN survey and CAE roundtable are available in the Research Foundation section of The IIA's Web site, www.theiia.org, under GAIN Benchmarking.
--T. MCCOLLUM
U.S. Class Action Filings Increase
[ILLUSTRATION OMITTED]
PRICEWATERHOUSECOOPERS' (PWC'S) ANNUAL Securities Litigation Study reports that U.S. companies will face increasing scrutiny in 2009 as the global financial crisis continues to transform the financial services industry. Fueled by the financial crisis, U.S. federal securities class actions jumped from 163 case filings in 2007 to 210 in 2008. The PwC study cites three areas where companies should remain especially vigilant over the coming years: institutional-plaintiff activity, internal controls accounting-related allegations, and enforcement of the U.S. Foreign Corrupt Practices Act.
"The unprecedented financial events of 2008 eclipsed all other issues during the year," says Grace Lamont, New York-based principal and U.S. securities litigation practice leader for PwC. "Not surprisingly, the majority of filings during 2008 were related to the financial crisis, with investment banks most often named as the defendants."
The study points out that the total value of settlements in federal securities class actions, excluding the Tyco settlement of US $3.2 billion in 2007, has increased by approximately 9 percent compared to 2007. More troubling, the number of Ponzi schemes rose to an average of three per month as 2008 drew to a close, according to the SEC. On the other hand, the number of accounting-related cases as a percentage of total filings continued to decline, falling from 52 percent in 2007 to 40 percent in 2008--the lowest total since 1995.
Other findings in the 2008 Securities Litigations Study include a 6 percent increase in federal securities class action lawsuits against Fortune 500 companies, more frequent filing activity in New York's Second Circuit and California's Ninth Circuit, and a 48 percent increase in filings against financial services firms. Settlements declined from 121 in 2007 to 95 in 2008, which is the lowest number in this decade. Also, federal securities class actions filed against foreign private issuers jumped to an all-time high since 1995. Moreover, the number of companies registered with the SEC decreased for the third year.
The PwC 2008 Securities Litigation study is available from www.10b5.com.
--A. CAIN
Occupational Fraud Worsens
TOUGH ECONOMIC TIMES HAVE SPARKED AN INCREASE in workplace fraud, and it's expected to worsen as layoffs leave holes in organizations' internal control systems, according to an Association of Certified Fraud Examiners (ACFE) report, Occupational Fraud: A Study of the Impact of an Economic Recession. More than half of the 507 U.S. certified fraud examiners (CFEs) surveyed reported an increase in the number of frauds occurring during the past year, and 49 percent observed an increase in the dollar amount lost to fraud during the same period.
[ILLUSTRATION OMITTED]
When asked which types of fraud had increased during this period, 48 percent cited employee embezzlement. Almost 37 percent noted a rise in frauds by unrelated third parties such as identity theft, con schemes, and securities fraud. More than 80 percent of respondents say there is more fraud during times of economic crisis, which may indicate an inverse relationship between fraud and economic strength, the report notes.
"Desperate people do desperate things," ACFE President James Ratley explains. "Loyal employees have bills to pay and families to feed. In a good economy, they would never think of committing fraud against their employers. But especially now, organizations must be vigilant during these turbulent times by ensuring proper fraud prevention procedures are in place."
Other key findings include:
* Eighty-eight percent of CFEs anticipate a slight or significant increase in fraudulent activity in the next 12 months.
* Fifty-nine percent indicate their organization has maintained its current level of spending on fraud-related internal controls. Twenty-two percent have increased spending on detective controls, and 17 percent have increased spending on preventive controls.
FEED