Presentation by Kjell Larsson from Sweden during the workshop on The role of the Court of Accounts in preventing and fighting fraud and corruption. This workshop was jointly organised by SIGMA and the Algerian Court of Accounts in Algiers 8-9 April 2015. Further information, please contact bianca.breteche@oecd.org.
2. AjointinitiativeoftheOECDandtheEuropeanUnion,
principallyfinancedbytheEU
Why didn’t we notice? A failure of auditors
that become a turning point (INTOSAI Journal July 2010)
• The case
≥5000 research projects and ≥1billion € / year
Thousands of audits, hundreds of auditors (Internal
auditors, external SAI auditors, private and public)
Auditors “EVERYTHING OK” every year
Then OLAF, the Anti Fraud Office, got information
from a whistle-blower. A check raised many ???
Auditors and OLAF realised. We have to work close
together!
1
3. AjointinitiativeoftheOECDandtheEuropeanUnion,
principallyfinancedbytheEU
Why didn’t we notice? Work together!
• Work together? How? Synergies!
Every day co-operation! New rules and practices
Auditors to fully meet ISA 240 /ISSAI 1240, tailored
to the situation
Amount of data (terabytes) data mining tools
Auditors and OLAF, can use each other’s strengths!
After some months: Several major scams for years. 5
million € lost in a few years.
2
4. AjointinitiativeoftheOECDandtheEuropeanUnion,
principallyfinancedbytheEU
Why didn’t we notice? Conclusions
• Auditors had for long audited a few trees. But they
had never ever tried to see the forest!
• The new audit standards must be used fully
• Close cooperation auditors – fraud investigators a
must. New cooperation mechanisms needed.
Respecting our diverse roles and mandates
• Audit tools and competence must be upgraded /
renewed.
3
5. AjointinitiativeoftheOECDandtheEuropeanUnion,
principallyfinancedbytheEU
Why didn´t we notice? Modus operandi
• Fake documents identical to correct ones
• Shell companies in remote places. Fake annual reports, full
history and not only positive news, audit opinions,
professional websites etc.
• Fictitious staff with fabricated CVs. Elaborated exchanges
of emails between “staff” including private stories about
children and illnesses.
• Names of real companies and real people used
• Contracts, invoices, accounting transactions (including
corrections) massively falsified
• Cross payments and back-payments to circumvent control
ISN’T ALL THIS EASY TO DETECT WHEN AUDITING?
4
6. AjointinitiativeoftheOECDandtheEuropeanUnion,
principallyfinancedbytheEU
Interesting SAI practices.
1. Where to start?
• Important points that often come up
A “strategy” before? Or, learning by doing?
Why and how, how ambitious ?
• Covering prevention, detection, sanctions? Culture?
• SAI to do the work?
• Or getting others to do their part?
Cooperation with others? No! Yes!
Public support? Whistle-blower systems?
Perhaps a risk map of the SAI? Is the SAI managing
the risks of “not being relevant” ?
5
10. AjointinitiativeoftheOECDandtheEuropeanUnion,
principallyfinancedbytheEU
Interesting SAI practices.
3. Do it differently! Procurement.
• Instead of auditing some procurement projects
in one / a few entities every year
The SAI will now
• audit big (similar) procurement projects in
several entities covering 5-6 years.
Follow up on indications of prize-fixing, use of identical /fake sub-
contractors, ownership relations, fake persons, “payment
carousels”, eventual corruption.
SAI use external experts + new technologies to control quality and
delivered amounts of procured materials.
Result? 9
12. AjointinitiativeoftheOECDandtheEuropeanUnion,
principallyfinancedbytheEU
Interesting SAI practices.
3. Do it differently! SAI fieldwork
• Preparation
More accurate risk assessment. Including overall financial
situation and “market” situation
Limit the likelihood audit evidence is altered
• During
Get access to essential information
Drill deeper / re-check important evidence
• After
Triple check if complete picture
Document and have other auditors to re-check
Result?
11