Call us now on 1300 734 707
National Audits Group
Close this search box.
How Your Auditor Can Help Identify And Respond To Fraud

How Your Auditor Can Help Identify And Respond To Fraud

Corporate fraud is a risk to any business or not for profit regardless of the size, and for some it can be quite significant. A recent ACFE study reported that, across 2,504 cases from 125 countries, the net fraud losses exceeded $5 billion, with an average per case of $2 million.

Not only can this behaviour severely impact profits, reliability, and operating efficiencies, but it can significantly damage an organisation’s reputation. The effects can be long term or even terminal.

Learning to identify the risks, signs or instances of corporate fraud, can be challenging. Responding appropriately is critical to minimising the damage. With a helping hand guiding you through this process, it can feel less like fumbling in the dark.

National Audits Group has many years’ of experience in detecting and assisting in the prevention of fraud, and have developed secure frameworks and processes to assist our clients. We’re passionate about helping our clients to be better prepared to identify and respond to incidents of fraud, including establishing fraud and risk management frameworks.

What is corporate fraud?

Corporate fraud typically falls into one of three umbrella categories:

1. ‘Cooking the books’ – when an entity purposely falsifies its financial statements, with deliberate misstatements, to appear to be in better financial health, or more profitable than reality. This can also extend to the falsification of other key documents, including tax related materials, expenditures and bankruptcy statements.

2. Embezzlement – the theft or misappropriation of assets, including cash. This is often identified as large unusual transactions, or concealing the theft of funds through fraudulent financial reporting.

3. Misuse/theft of property or materials – the misappropriation, theft or misuse of any property, whether physical, intellectual or otherwise, also constitutes an instance of fraud. If equipment or property can be proven to have been unlawfully taken, or used without proper permission, then action may be taken.

We’ve previously explored in more detail some of the ways in which cyber security fraud can easily occur in businesses – this is one of the most common types of fraud.

This is a particular issue in less-regulated, work-from-home environments. In fact, over the 2020-21 financial year, the Australian Cyber Security Centre (ACSC) recorded an increase in cybercrime reports of 13%. It is estimated there is one cyber-attack occurring every eight minutes in Australia, with fraud listed as one of the top securities issues.

The most common fraud risk factors

Every government, business, or not for profit organisation has a level of risk and susceptibility to fraud. From those charged with governance, senior management to entry-level employees, and volunteers deepening your knowledge of fraud, including specific risk factors may help you better reduce your risk of fraud.

1. Unsecured information and data systems – any potential information security weaknesses, especially with regards to online data and the management of accounts, can result in instances of fraud. Without a strong internal control environment, and a trusted audit team or sound audit procedures to guide business through data safeguarding and compliance processes, there will likely be significant unseen vulnerabilities.

2. Insufficient management and employee oversight – without regular accountability from governance, management and others within the organisation with access to sensitive accounts and client information, including any audit committee, cracks can emerge which may result in fraud. It is paramount that oversight flows down through the chain of command within the business.

3. Lack of adequate fraud risk assessment resources and procedures – many organisations lack the expertise or capacity to assess the impact on fraud risk, be it cyber or otherwise, before engaging with new products, systems or clients. An effective internal audit function can assist in bridging this gap.

4. Lack of account management systems – without the most contemporary account management tools, and software, external parties or employees may be able to exploit blind spots, to engage in fraud including embezzlement, or the misappropriation of funds. For example, the inability to observe unusual or excessive payments and movements of funds can leave an organisation exposed.

An independent auditing partner such as National Audits Group can assist in the implementation of data governance, and well formulated risk assessment procedures. In the absence of this, organisations may not be getting the full picture. Experienced independent auditors are able to observe an organisation holistically to provide recommendations for fraud detection and fraud prevention.

How can my organisation better detect and respond to fraud with my auditor’s help?

With the guidance of an independent auditor, there are a number of potential ways that a business can be better equipped to locate and prevent fraud.

Implement and update proven anti-fraud security frameworks

This relates to information and data governance, communication procedures and accounts management initiatives. An experienced audit firm can make well founded recommendations for necessary and effective technological and procedural updates for your organisation. This may also extend to providing staff the necessary training to ensure they are equipped to use any systems appropriately.

Create tight internal reporting controls

Each position of management within a business or other organisation, must be subject to clear internal reporting controls. Audit oversight of internal reporting helps to ensure a reasonable level of assurance in the integrity of internal reporting. This helps engender confidence in decision making and identify any “red flags” such as gaps in reporting that may otherwise create an opportunity for fraud to go undetected.

Create risk assessment procedures

Watertight risk assessment procedures allow for the early identification of any potential fraud, reducing a company’s exposure when done properly, and acting as a deterrence to fraudsters. Your auditing partner can provide guidance concerning not only how risk assessment should be conducted, but also how to ensure appropriate levels of staff training and strong compliance.

Cooperate with your auditor

The auditor requires full access and cooperation to provide transparency across all systems, and data to assist your organisation in identifying and preventing potential fraud. Management those charged with governance should therefore be as transparent and compliant as possible with any audit evidence requests.

Incorporating and communicating good governance and strong controls from the top down creates an environment which assists this process significantly. This allows a truly independent auditor to assess a business properly, allowing for the most effective fraud risk mitigation.


Historically, the prevention and detection of fraud has not fallen within the role of auditors, rather those charged with governance, and management through delegation.

However, in modern times the auditor’s responsibility is shifting, placing greater importance on an internal audit function to assist and accept a level of accountability for the client accounting systems and internal controls they manage.

Trusted internal audit service providers are well placed to provide key insights into relevant governance structures, codes of conduct, and tighter financial oversight controls that can help detect and prevent instances of fraud.

By educating team members within a company or other entity from the top down, you increase your likelihood of identifying any suspected fraud before it becomes a greater issue. This is particularly useful as internal auditors and external auditors have legal obligations under the Corporations Act 2001 (Corporations Act) for reporting fraud if they receive a tip off from a whistleblower.

More regulatory controls, such as the National Identity Bill, are also gradually being implemented over time. However, that alone is not enough to provide organisations the adequate security and tools to be able to fully protect themselves.

If you’d like to discuss how your business can best arm itself in the ongoing fight against fraud, speak to our expert team at National Audits Group today.

Stephen Prowse FCA, RCA
National Audits Group
T 1300 734 707 M 0437 209 885

Share this post

Call Now Button