When it comes to managing fraud risk, practitioners need to make their presence known.
Most internal auditors dread hearing management ask, “Where were the auditors?” — particularly when it relates to fraud. The moment fraudulent activity is uncovered, organizational stakeholders often blame the auditors even before holding perpetrators accountable. As a result, auditors can find themselves on the defensive and fail to engage in valuable activities such as consulting — they lack trust and fear reprisal in the event of any unforeseen fraud or operational errors in the areas for which they provided services. So rather than covering their organizations against fraud, internal auditors frequently seek to cover their backs. It is time for that to change.
