ORIGINS OF INTERNAL AUDIT
To know where we are going, we need to know where we come from.
Now is the turn of:
Internal Audit
Internal Audit is the function that provides independent and objective evaluations of financial and operational business activities. Internal auditors make sure the company complies with local, state and national laws and regulations and that the company follows proper procedures and functions as efficiently as possible. The Internal Auditor reports to the Board of Directors and provides information to the Board of Directors as to whether the company is properly governed and is complying with laws and regulations. The Internal Auditor reports to the Board of Directors usually via an Audit Committee made up of Non – Executives members of the Board of Directors. The internal audit reports issued by the Internal Auditor as a result of his/her work are delivered to the Board of Directors via the Audit Committee.
The Board of Directors is a group of people chosen to help guide and make big decisions for a company. Think of them like the coaches of a sports team. They don’t handle the day-to-day work (that’s the job of the CEO and managers), but they make sure the company is on the right track and growing. Their main job is to protect the company’s interests and make sure it succeeds. They also represent the shareholders (the people who own a piece of the company), and they help decide things like company goals, big plans, and whether the company is doing well or not.
The Board of Directors has some important legal duties, which means they are required by law to act in certain ways. Here’s a breakdown:
Act in the company’s best interest: They must make decisions that help the company succeed, not for their own personal gain. It’s like always playing for the team, not just for yourself.
Follow the law and rules: They must ensure the company follows all the laws and regulations. If the company breaks the law, they can get into big trouble.
Manage money responsibly: The board must be careful with the company’s finances, making sure money is used wisely and for the right reasons.
Keep things honest: They have to be honest with shareholders and investors about the company’s performance, like if the company is doing well or struggling.
Supervise and guide the company: They need to make sure the managers and executives are doing their jobs properly and that everything is running smoothly.
If they fail in these responsibilities, they can be held legally responsible and might face consequences, like fines or losing their position.
A BIT OF HISTORY
The origins of Internal Audit began early in 1900. The internal auditing profession evolved steadily with the progress of management science* after World War II. It is conceptually similar in many ways to financial auditing by public accounting firms, quality assurance and banking compliance activities.
*Management science is defined as a wide and interdisciplinary study of solving complex problems and making strategic decisions as it pertains to institutions, corporations, governments, and other types of organizational entities. It is closely related to management, economics, business, engineering, management consulting, and other fields.
A well-known example of a financial and accounting scandal and actions taken by authorities to stop these scandals from happening:
The WorldCom scandal was a major accounting scandal that came into light in the summer of 2002 at WorldCom, the USA's second-largest long-distance telephone company at the time. From 1999 to 2002, senior executives at WorldCom led by founder and CEO Bernard Ebbers orchestrated a scheme to inflate earnings in order to maintain WorldCom's stock price.
The
fraud was uncovered in June 2002 when the company's internal audit
unit led by unit vice president Cynthia Cooper discovered over $3.8 billion of fraudulent balance sheet entries. Eventually,
WorldCom was forced to admit that it had overstated its assets by over $11 billion. At the time, it was the largest accounting fraud in American history. About a year later, the
company went bankrupt.
One
result of the
Enron (please see Origins of Financial Audit tab) and
WorldCom
scandals was that
Arthur Andersen, then one of the five largest
accountancy firms worldwide, (and financial auditor of both Enron and WorldCom)
lost their ability to audit public companies, essentially killing off the firm. In the case of Enron, the
partner and manager of Arthur Andersen in charge of the Enron Audit were involved in hiding the Enron fraud. The
company was found guilty of obstruction of justice in 2002
for destroying documents related to the Enron audit. Since the SEC (please see Origins of Financial Audit tab) is not allowed to accept audits from convicted felons, Andersen was forced to stop auditing public companies.
Another result was the enactment of the Sarbanes–Oxley Act (SOX controls) of 2002, aimed to protect investors by preventing fraudulent accounting and financial practices at publicly traded companies (please see Origins of Financial Audit tab).
A resulting trend in audits (spurred on by such accounting scandals as Enron and Worldcom) has been an increased focus on internal control procedures, which aim to ensure the completeness, accuracy and validity of items in the accounts, and restricted access to financial systems. This emphasis on the internal control environment is now a mandatory part of the audit of SEC-listed companies, under the auditing standards of the Public Company Accounting Oversight Board (PCAOB*) set up by the Sarbanes–Oxley Act (SOX controls). Internal Audit provides assurance that the company has the internal controls in place to ensure the financial statements are reliable, accurate and complete.
*The PCAOB oversees the audits of public companies and SEC-registered brokers and dealers in order to protect investors and further the public interest in the preparation of informative, accurate, and independent audit reports.
All New York Stock Exchange (NYSE)-Iisted companies are required to have an internal audit function in place, upon or within the first year of listing.
In 2013, the NASDAQ Stock Market proposed a new rule requiring NASDAQ-listed companies to “establish and maintain an internal audit function to provide management and the audit committee with ongoing assessments of the Company’s risk management processes and system of internal control.”
Internal Audit is required by law. An Internal Auditor fulfills a legal requirement that most companies have to comply with.
The Internal Auditor MUST report the findings and any issues to the Board of Directors. Failure to do so can be considered negligence and be subject to penalties.
See below a Tribunal judgment confirming this.
In the United States, in December 2022, a US Tribunal Judgment was released in which two Internal Audit Chief Executives and the Chief Risk Officer (CRO) of Wells Fargo were sanctioned for not having reported internally the wrongdoings and irregularities, as they clearly did not fulfill the duties of their roles.
More information on this judgement can be viewed at the following link:
Two Audit Execs and CRO fined for not fulfilling the duties of their roles
MY ROLE AS INTERNAL AUDITOR
I have worked as Internal Auditor for some 8 years and have conducted audit reviews in large corporations.
Within this role I built experience in all processes of any company, how risks could relate to processes, business, economic environment and impact the company.
In this role I ensured the integrity of financial reporting and corporate governance systems. Issued internal audit reports to management and the Internal Audit committee reporting on control failures, unmitigated risks and recommending improvements and efficient solutions.
Key Achievements
- Discovered and supported the mitigation of a reputational risk.
- Uncovered legal risks for the company and saved over $50Millions in potential liabilities globally via effective management of customer contract legal risk assessment.
