How Internal Auditors can win The War against Spreadsheet Fraud

To prevent another round of million dollar scandals due to fraudulent manipulations on spreadsheets, regulatory bodies have launched major offensives against these well-loved User Developed Applications (UDAs). Naturally, internal auditors are front and center in carrying out these offensives.

While regulations like the Sarbanes-Oxley Act, Dodd-Frank Act, and Solvency II can only be effective if end users are able to carry out the activities and practices required of them, auditors need to ascertain that they have. Sad to say, when it comes to spreadsheets, that is easier said than done.

Because spreadsheets are loosely distributed by nature, internal auditors always find it hard to: locate them, identify ownership, and trace their relationships with other spreadsheets. Now, we’re still talking about naturally occurring spreadsheets. How much more with files that have been deliberately tampered?

Spreadsheets can be altered in a variety of ways, especially if the purpose is to conceal fraudulent activities. Fraudsters can, for instance:

  • hide columns or rows,
  • perform conditional formatting, which changes the appearance of cells depending on certain values
  • replace cell entries with false values either through direct input or by linking to other spreadsheet sources
  • apply small, incremental changes in multiple cells or even spreadsheets to avoid detection
  • design macros and user defined functions to carry out fraudulent manipulations automatically

Recognising the seemingly insurmountable task ahead, the Institute of Internal Auditors released a guide designed specifically for the task of auditing user-developed applications, which of course includes spreadsheets.

But is this really the weapon internal auditors should be wielding in their quest to bring down spreadsheet fraud? Our answer is no. In fact, we believe no such weapon has to be wielded at all?because the only way to get rid of spreadsheet fraud is to eliminate spreadsheets once and for all.

Imagine how easy it would be for internal auditors to conduct their audits if data were kept in a centralised server instead of being scattered throughout the organisation in end-user hard drives.

And that’s not all. Because a server-based solution can be configured to have its own built-in controls, all your data will be under lock and key; unlike spreadsheet-based systems wherein storing a spreadsheet file inside a password-protected workstation does not guarantee equal security for all the other spreadsheets scattered throughout your company.

Learn more about Denizon’s server application solutions and discover a more efficient way for your internal auditors to carry out their jobs.

More Spreadsheet Blogs

 

Spreadsheet Risks in Banks

 

Top 10 Disadvantages of Spreadsheets

 

Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry

 

How Internal Auditors can win the War against Spreadsheet Fraud

 

Spreadsheet Reporting – No Room in your company in an age of Business Intelligence

 

Still looking for a Way to Consolidate Excel Spreadsheets?

 

Disadvantages of Spreadsheets

 

Spreadsheet woes – ill equipped for an Agile Business Environment

 

Spreadsheet Fraud

 

Spreadsheet Woes – Limited features for easy adoption of a control framework

 

Spreadsheet woes – Burden in SOX Compliance and other Regulations

 

Spreadsheet Risk Issues

 

Server Application Solutions – Don’t let Spreadsheets hold your Business back

 

Why Spreadsheets can send the pillars of Solvency II crashing down

?

Advert-Book-UK

amazon.co.uk

?

Advert-Book-USA

amazon.com

 

Check our similar posts

Large scale corporate transformation

Large scale corporate transformation are the necessary actions required to increase performance in an organisation. It leads to greater performance results and greater organisational growth. It is a lasting change and can range from getting new leaders to combining the functions of different departments. It can also involve the introduction of a new phase in the life of an organisation. Large scale corporate transformation can be measured using three variables. The first variable involves determining how deep the change penetrates to all levels of the organisation. The second variable measures how entrenched it becomes in the organisation while the third measure determines the percentage of the organisation covered in the change.

Corporate transformation is essential for a company that seeks to have a greater impact and a longer life in its business sector. The process requires time and resources. The whole establishment needs to support it for success. Not only does the top management need to back it, but stockholders and staff members also need to buy the idea. This is because when the process of corporate transformation hits a barrier, it will take the entire organisation to keep it on course and complete the process. Without the support of everyone, most organisations will not complete the process.

Business transformation in recent times has begun to combine finance, HR and IT departments into one functioning piece of an organisation. This has resulted in leaner, faster, and more efficient corporate entities that produce high results and has a greater impact in its overall functioning. These three key departments are the backbone of any organisation, and the combination of the three creates an efficient organisation that translates into high performance results.

One crucial aspect of large scale corporate transformation is IT transformation, which entails the entire overhaul of any organisation’s technology systems. It adopts a more efficient platform that enhances its overall operation. IT transformation involves the use of Service Oriented Architecture (SOA) and open systems. This process is the revamping of the existing technology used to support the organisation and is critical for aligning the business functions to the mission of the organization. It touches on the current hardware and software and how they can best be improved upon for greater results. This process is necessary in the entire business transformation.

The question that needs to be addressed is how any organisation can make this process successful. First, it requires the understanding that it is not just a goal to be achieved, but a new way of thinking embraced by the entire organisation. Secondly, the leadership in place needs to be fully involved and dedicated to the process and to realise that it takes time and effort to complete such a mission. There also needs to be flexibility and adaptability in order to learn from mistakes and keep moving forward. Constant communication is also critical to ensure that everyone involved understands the current stage and the next steps to be done. Change is the only constant and is necessary for progress and success.

Shared Services ? Are They A Good Idea

Things happen fast in business and we need to stay on top. It does not seem long ago that some enterprises were still hands-on traders or artisans with a few youngsters to help out. People like that did not do admin and their accounting was a matter of making sure there was enough money in the jar.

When Wal-Mart’s Sam Walton took over his first shop in 1945 things had moved on from there, although he did still deal directly with his customers. When he died his legacy was 380,000 jobs, and a business larger than most economies. So there?s plenty we can learn from how he grew his business.

One of Sam?s secrets was his capacity to centralise what needed gathering together, while empowering store managers to think independently when it came to local conditions. His regional warehouses had individual outlets clustered around them within one day?s drive each. This shared service eliminated 90% of safety stock and released capital for expansion.

Wal-Mart took sharing services a step further in February 2006, when it centralised accounts payable, accounts receivable, general accounting and human resources administration at Wal-Mart Stores and Sam?s Clubs in the U.S. and Puerto Rico. The objective was to bring costs down, while allowing local managers more time to focus on their business plans and other initiatives. As a further spin-off, Wal-Mart was able to integrate its data on a single SAP platform and eliminate significant roadblocks.

This is an excellent example of sharing services by creating own centres of excellence.? Of course, this is not the only business possibility. Other corporates have successfully completely outsourced their support activities, and Wal-Mart has no doubt had a variety of similar offers too. But, is the Wal-Mart picture entirely rosy, or is there a catch?

The Association of Chartered Certified Accountants has indicated that top talent may be the loser globally. This is because the Wal-Mart model removes many challenges through standardisation, and offers less scope for internal promotion as a result. Language and cultural differences may also have a long-term detrimental effect on the way the departments work well together.

Local outsourcing ? this is the business model where several firms engage a shared service provider independently- may hence prove to be a more malleable option for smaller companies. It often makes more sense to hunt down made-to-order services. Offerings such as the professional support we offer on this site.

Succeed at Transformation

Despite the pomp and fanfare associated with launching corporate transformation programs, in reality very few of them succeed. According to a recent report by McKinsey the success rate is pegged below 40%. In addition, the same research indicates that defensive transformations – those undertaken as part of crisis management – have lower chances of success than progressive ones – those launched to streamline operations and foster growth. However, adopting certain strategies, like setting clear and high goals, and maintaining energy and engagement throughout the implementation phase, can really boost the project’s success rate. A key aspect of business transformation is IT transformation. This can be attributed to the fact that significant business change is either driven or influenced by technological change.

So what is IT Transformation?

IT transformation is basically a holistic reorganisation of the existing technological infrastructure that supports the company’s mission critical functions. In essence, IT transformation is not all about effecting change for the sake of change but involves systematic steps that align IT systems to business functions. To appreciate this approach, it is important to explore current trends in the business world where human resource, finance and IT transformations are being carried out in unison. This is being done to develop strong corporate centres that are leaner, agile and more productive that enhance greater synergies across all business functions.

IT transformation inevitably results in major changes of the information system’s technology, involving both hardware and software components of the system, the architecture of the system, the manner in which data is structured or accessed, IT control and command governance, and the components supporting the system. From this scope of works it is evident that IT transformation is a huge project that requires proper planning and implementation in order to succeed.

Tips to Improve Success in IT transformations Projects

1. Focus on Benefits not Functionality

The project plan should be more focused on benefits that can be accrued if the system is implemented successfully rather than system functionality. The benefits should be in line with business goals, for instance cost reduction and value addition. The emphasis should be on the envisaged benefits which are defined and outlined during the project authorisation. The business benefits outlined should be clear, feasible, compelling and quantifiable. Measures should be put in place to ensure that the benefits are clearly linked to the new system functionality.

2. Adopt a Multiple Release Approach

Typically most IT projects are planned with focus on a big launch date set in years to come. This approach is highly favoured because it simplifies stakeholder expectation management and avoids the complexity associated with multiple incremental releases. However, this approach misses the benefit of getting early critical feedback on functioning of the system. In addition, the long lead times often result in changes in project scope and loss of critical team members and stakeholders. IT transformation projects should be planned to deliver discrete portions of functionality in several releases. The benefit of multiple release approach is that it reduces project risks and most importantly allows earlier lessons learnt to be incorporated in future releases.

3. Capacity of the Organisation to confront Change

As pointed out, IT transformations result in significant changes in business operations and functions. Hence it is important that all business stakeholders should be reading from the same script in regards to changes expected. In addition, key stakeholders should be involved in crucial project stages and their feedback incorporated to ensure that the system is not only functional but business focused.

Ready to work with Denizon?

Contact Us Today