Insights: Article

Internal Audit or a Forensic Examination: Which Do I Actually Need

By Eric Berman

May 29, 2018

A medium–sized organization reached out to one of our offices with a problem. A long-term employee responsible for the reconciliation of the organization’s deposit account retired. A little over a year after this retirement, another employee discovered the account had not been reconciled since that person’s departure. Something was amiss. But how to resolve this situation? The employee wondered if they needed an internal audit.

Determining if an internal audit is needed versus a forensic examination can easily be misunderstood. Both types of engagements can be extremely helpful to improve internal controls for any entity of any size. Deciding which type of engagement fits best depends on facts, circumstances, goals and objectives.

Your entity may actually need an internal audit if:

  • Ethical or accuracy lapses have occurred and/or accountability is lacking.
  • Specialized expertise is required to accomplish projects beyond regular operations.
  • Risks in operations, compliance and reporting are unrecognized or are increasing due to significant changes in the industry, technology, laws and regulations.
  • Existing policies and procedures may not be followed.
  • Information technology data breaches have occurred or there is significant concern that such risk exists.
  • Compliance with laws and regulations is a significant organizational risk and noncompliance may become a serious issue if not monitored and evaluated.
  • Those charged with governance are focused on the "big picture," but remain concerned about what they may not know about the "little picture" (or vice versa).
  • Communications internally have led to morale and turnover issues, while external communication quality has led to an air of skepticism from stakeholders about operations.

Your entity may actually need a forensic audit if:

  • Suspicions exist of fraud or theft.
  • Similarly to the above described issue, turnover has occurred and account balances are not what they should be (positively or negatively).
  • Accounts that were thought to be in your entity’s name are not really owned by your entity.
  • Reconciliation procedures result in timing differences or unidentified differences or don’t reconcile at all.
  • Contractors that should have been paid have been unpaid and customers that should have paid have not.
  • Theft of personally (or business) identifiable information has occurred (or systems have been "hacked").
  • Labor and materials have resulted in poor quality products that are not selling (or worse, out of compliance with laws and regulations).
  • A whistleblower hotline identified issues such as assets stolen or other defalcations.

While there are cases where you may need both a forensics examination and an internal audit, the key differential between the two types of services is time and objective of the project(s). An internal audit engagement is typically much more current and forward looking focusing on where the organization is today while simultaneously taking a consultative look at the future state of an organization’s inherent risks and what they are or should potentially be doing to control those risks.

A forensic examination is retrospective in nature with the focus on reconstructing how things should be and uncovering what may have happened. After considering these factors, the organization above determined that it wanted to look back in time to determine what happened and to reconcile their deposit account. It was agreed that a forensic examination was actually what they needed.

Latest Insights

September 19, 2018
The IRS has started sending out Letter 5699 asking businesses to verify if they should have filed Forms 1094/1095-C. These forms are required for all ALEs.
September 18, 2018
As the largest tax reform legislation in the past 30 years becomes reality, it is important to stay up-to-date on planning opportunities and how reform may impact you and your business. Our Tax Reform: Practical Insights examples aim to break down…
September 18, 2018
Get ahead of tax season with the Eide Bailly Tax Planning Guide. A supplemental strategy guide to help guide year-end and make the tax laws work for you.
September 18, 2018
The SCOTUS Wayfair decision has prompted a new focus on state and local tax compliance. The decision to register, report, and comply is important.
September 17, 2018
When an IRS Letter 226J is received, it is important to respond timely and with accurate information to eliminate, abate or reduce IRS calculated penalties
September 17, 2018
Firm News
Tom Goekeler, partner at Eide Bailly LLP, has been named chief practice officer of the South Central region, which currently covers our Oklahoma and Texas offices.
September 17, 2018
The recent US Supreme Court decision that overturned Quill in the South Dakota v Wayfair case has many states making or considering law changes related to sales tax compliance for out-of-state sellers.
September 12, 2018
The Tax Cuts and Jobs Act, signed December 22, 2017, significantly impacted inbound tax planning. Non-U.S. taxpayers doing business in the U.S. will need to consider the new tax laws.
September 12, 2018
Applications have made a huge impact on our lives, allowing us to keep track of the complexities of our day-to-day and save for our futures. But it’s important to understand where we are laying our trust.