Insights: Article

Internal Audit or a Forensic Examination: Which Do I Actually Need

By   Eric Berman

May 29, 2018

A medium–sized organization reached out to one of our offices with a problem. A long-term employee responsible for the reconciliation of the organization’s deposit account retired. A little over a year after this retirement, another employee discovered the account had not been reconciled since that person’s departure. Something was amiss. But how to resolve this situation? The employee wondered if they needed an internal audit.

Determining if an internal audit is needed versus a forensic examination can easily be misunderstood. Both types of engagements can be extremely helpful to improve internal controls for any entity of any size. Deciding which type of engagement fits best depends on facts, circumstances, goals and objectives.

Your entity may actually need an internal audit if:

  • Ethical or accuracy lapses have occurred and/or accountability is lacking.
  • Specialized expertise is required to accomplish projects beyond regular operations.
  • Risks in operations, compliance and reporting are unrecognized or are increasing due to significant changes in the industry, technology, laws and regulations.
  • Existing policies and procedures may not be followed.
  • Information technology data breaches have occurred or there is significant concern that such risk exists.
  • Compliance with laws and regulations is a significant organizational risk and noncompliance may become a serious issue if not monitored and evaluated.
  • Those charged with governance are focused on the "big picture," but remain concerned about what they may not know about the "little picture" (or vice versa).
  • Communications internally have led to morale and turnover issues, while external communication quality has led to an air of skepticism from stakeholders about operations.

Your entity may actually need a forensic audit if:

  • Suspicions exist of fraud or theft.
  • Similarly to the above described issue, turnover has occurred and account balances are not what they should be (positively or negatively).
  • Accounts that were thought to be in your entity’s name are not really owned by your entity.
  • Reconciliation procedures result in timing differences or unidentified differences or don’t reconcile at all.
  • Contractors that should have been paid have been unpaid and customers that should have paid have not.
  • Theft of personally (or business) identifiable information has occurred (or systems have been "hacked").
  • Labor and materials have resulted in poor quality products that are not selling (or worse, out of compliance with laws and regulations).
  • A whistleblower hotline identified issues such as assets stolen or other defalcations.

While there are cases where you may need both a forensics examination and an internal audit, the key differential between the two types of services is time and objective of the project(s). An internal audit engagement is typically much more current and forward looking focusing on where the organization is today while simultaneously taking a consultative look at the future state of an organization’s inherent risks and what they are or should potentially be doing to control those risks.

A forensic examination is retrospective in nature with the focus on reconstructing how things should be and uncovering what may have happened. After considering these factors, the organization above determined that it wanted to look back in time to determine what happened and to reconcile their deposit account. It was agreed that a forensic examination was actually what they needed.

Latest Insights

July 19, 2018
While it’s great to watch your team grow, hiring new employees can be a frustrating and grueling process.
July 19, 2018
Often, human resources (HR) is over looked, but we’re here to tell you it’s an essential component of any organization and critically important to get right.
July 13, 2018
Here are some idea for giving your new hire a smooth start into your business and alleviating stress for you.
July 13, 2018
The impact of the recent SCOTUS Wayfair decision will continue to have a ripple effect on businesses and state sales tax compliance.
July 9, 2018
The revenue cycle is a complex system and we have historically given much attention to the front-end and back-end while oftentimes leaving the middle functions of the cycle neglected.
July 3, 2018
FASB Accounting Standards Codification Topic 606, Revenue from Contracts with Customers, provides a 5-step framework for determining revenue recognition.
July 2, 2018
As part of the Tax Reform Act of 1986, the “Kiddie tax,” a taxing regime designed to make the transfer of income items by wealthy parents to lower tax paying children less attractive, was implemented.
July 2, 2018
When it comes to your employees, you likely conducted interviews on them when you first hired them.
July 2, 2018
Nearly ten years after the release of the initial exposure draft, FASB issued ASU 2016-02, Leases - The standard may have been issued, but the conversation about this re-write of legacy guidance has not slowed.