Welcome to Today’s Webinar:

& the Internal Auditor’s Role

QuestionsGround Rules

• Attendees are in listen-only mode• This webinar is being recorded for future on-demand playback• Your participation represents acknowledgement that we are recording• Tweet questions & comments to: #WelchAudit

Windows Mac Tablet

André Auger, CGA, CFEGovernment Services Advisoraauger@welchllp.comwww.welchllp.comTwitter: @andreaugerca.linkedin.com/in/andreauger

Colin Stobo, CA, IFA Consultant, Cobo Accounting Services Ltd.cstobo@rogers.comca.linkedin.com/in/cstobo

Presenters

Introduction

• The role of the internal auditor is increasingly

complex.

• Changes have been coming at a rapid pace since

the implementation of the New Policy on Internal

Audit in 2006.

• Expectations are high and varied.

• Not limited to fraud: also includes inappropriate

transactions, weak internal controls, lack of

oversight, due diligence.

Introduction

• In this webinar, we will provide you with live examples

encountered by Colin & André.

• For each of the 4 examples, we will provide:

o Description of the situation

o Where breakdown occurred

o What could have been done to prevent

the breach

o How IA can help

Example 1 – Petty Cash

Description :

• Petty at multiple locations

• An employee would administer petty cash &

prepare the reimbursement request

• A manager would review the supporting

documentation & approve request by signing it

• Employee would fax/email pdf of approval sheet

only to accounting

• Employee used a photocopy of the

signature block and used it for additional

reimbursement requests

• The employee made false claims of over

60K over 3 years

• This was identified by internal audit in

the spring of 2012

Example 1 – Petty Cash

Where Breakdown Occurred:

• The approval process – it was a manual

process, allowing the employee to

fax/pdf the approval to accounting

without accounting ever seeing the

original documentation

• Accounting did not perform a second

layer of review

Example 1 – Petty Cash

What could have been done:

• Automate the process

• Require submission of actual documentation

• Regular internal audits of the petty cash

How could IA help

• Process and Procedure Review

• Perform audits

• Train staff and organization about red flags

Example 1 – Petty Cash

Example 2 – Expenses

Background:

• Questions were raised about the reasonableness

of a government agency’s CFO expenses

• The CFO incurred approximately 100K in travel

expenses per year

• Travel policy was very lax in terms of what

could/couldn’t be claimed & what documentation

needed to be submitted to support the expense

• Items purchased were not allowed under policy but

were approved by CEO

• Limited information was provided with

expense claims

• It was impossible to determine if the

expenses were incurred for the benefit of the

agency

Example 2 – Expenses

Where Breakdown Occurred:

• Approval process - Accounting took

the view that if approved by CEO

they could not question expenses &

didn’t perform 2nd level of review

• Policies lacked guidance

Example 2 – Expenses

What could have been done:

• Tone at the top

• Proper vetting of executive level

expenses

• Adequate policies that provide

detailed guidance on expenses and

require detailed support

Example 2 – Expenses

Example 3 – Unacceptable Procurement Process

Description:

• The Real Property Department has worked

with a minimum of 3 suppliers to have

fictitious invoices issued & processed for

payment of materials for funded projects.

• Intent was to avoid lapsing of Crown funding.

• No evidence that individuals benefitted

personally, hence could not conclude that a

fraud had occurred.

Where Breakdown Occurred

• 3 individuals were terminated. Dealings with

the 3 suppliers were suspended.

• Breakdown resulted from a lack of controls

and oversight pertaining to delegation of

authorities.

Example 3 – Unacceptable Procurement Process

What could have been done:

• clear delegations of authorities (signing

thresholds), training of Finance staff, testing

of cut-off at Y/E by Finance, confirmation of

Y/E fund balances with the provider of funds.

Example 3 – Unacceptable Procurement Process

Example 4 – Misuse of Acquisition Cards & Contracts

Description:

• CEO of an Agency used a corporate credit

card for personal use & gave himself a

salary increase by amending his

employment contract without proper Board

approval.

Where Breakdown Occurred

• Staff were directed to process payments &

contract amendments.

• CEO was dismissed; restitution agreement

was signed and all monies were returned.

Example 4 – Misuse of Acquisition Cards & Contracts

What could have been done:

• What could have been done: proper

delegation of authorities, whistleblowing

mechanisms in place, fraud hotline.

Example 4 – Misuse of Acquisition Cards & Contracts

Limited or no documentation, including access

Poor or inconsistent documentation

Extensive use of spreadsheets

Limited or lack of oversight

Tone at the top

Under resourced organization

Staff turnover

Custom IT systems, electronic signatures

Red Flags – What to watch for

André Auger, CGA, CFEGovernment Services Advisoraauger@welchllp.comwww.welchllp.comTwitter: @andreaugerca.linkedin.com/in/andreauger

Q&A

Colin Stobo, CA, IFA Consultant, Cobo Accounting Services Ltd.cstobo@rogers.comca.linkedin.com/in/cstobo