Three different parts First we will start with the international standards for auditing to describe briefly how to perform an audit in general and more specific how suspicions of fraud are handled according to the standards.
Then we will present how SNAO is taking care of indications on fraud.
Finally we will talk about the border between audit and criminal investigation.
We have two different types of audits- Performance audit (value for money audit) and financial audit.
The financial audit
One section for Performance Audit. Another for financial audit.
SNAO has a right to see all information that is needed in the audit.
According to to Audit law we shall follow good auditing practices which means that we follow international standards (ISSAI)
Financial statements: SNAO annual report for each entity
Errors: all unintended misstatements. Normally the misstements we find as auditors are errors. For example the entity did not know about the correct accounting principles on immateriel assets or they missed to record a few invoices on the correct period.
Fraud: all intentional misstetements Fraud– An intentional act by one or more individuals among management, those charged with governance, employees, or third parties, involving the use of deception to obtain an unjust or illegal advantage. Intentional misstement can be a wide range of actions. It can be anything from using one appropriation instead of the correct one for a certain activity or it can be overspending in the end of the budget year. The advantage is to keep more money because the agency normally have to repay all saved money. On the other side of the scale I can also be criminal actions like secretly transfer money to ones private account or givning valuable procurement contracts to friends.
Fraud can be more difficult to find because it is often more or less hidden.
What is material can differ: materiality in the public sector includes both quantitative and qualitative aspects (referred to in the ISAs as aspects related to the “size” and “nature” of misstatements. In the public sector, materiality levels for classes of transactions, account balances or disclosures maybe set at a lower level than the materiality levels that would be derived by following the requirements of the ISA.
SNAO: do not often use qualitiative materiality but if we find fraud we report it no matter of amount if it is a criminal action.
Auditor must always do 3 things: assess risk areas, gather eveidence for that fraud risk is low if that is the case. And lastly report
Risk areas can for examle be: grants, procurement, salaries, regional departements, track record of management, subsidiaries
Audit evidence: minimum to interview management, law department, internal auditor or other key persons for their opinion on fraud risk and for information on any incidents. Must understand how the IC is designed to prevent and report fraudulent behaviour.
The higher the risk the stronger audit evidence. If fraud risk in one area we perhaps have to make more substantive testing or take more samples. Normally we consider the documents etc from the entity beeing true.
Reporting: the auditor’s legal responsibilities vary by country and, in certain circumstances, the duty of confidentiality may be overridden by statute, the law or courts of law. In some countries, the auditor of a financial institution has a statutory duty to report the occurrence of fraud to supervisory authorities.
SNAO: we normally report to management but if we think that managment or those charged with governance is involved in the fraud or they will not take corrective actions we may report to law enforcement directly.
Not searching for fraud specifically but due to the fact that the auditors have access to all book keeping and supporting document for all the state agencies they have the opportunity to see things.
Fraud – An intentional act by one or more individuals among management, those charged with governance, employees, or third parties, involving the use of deception to obtain an unjust or illegal advantage.
Information from the public can include all kind of information and comment and reflections not necessarily connected to a specific agency.
SNAO don’t have a formal wb function. Information from a Whistle Blower is usually more specific and the person who gives the information is often exposed to a risk if the management would know.
Internal auditors at entities are sometimes good informants.
3 pers part time Long experience of assess inidicatiuons of fraud. Discussions with prosecutoros and tax authority gives good knowledge how to recogtnize relevant criminal offences.
Training in fraud risk handling for SNAO-auditors and sometimes externally. Also have international development.
including mail answers
Crime fighting institutions are most of the time the national anti-corruption unit but can also be tax authority.
SNAO does not make criminal investigations. We are just investigating indications until they are strong enough to bring to a prosecutor for consideration and decision making. Or the indications are dismissed.
The stair case shows how an investigation effects the level of suspicion when more evidence is added. Each of these higher steps is supported by facts. The higher up you go on the staircase, the more facts you have to support an alleged crime.
From an unsupported allegation to evidence beyond reasonable doubt. Some of the steps are connected with coercive measures that law enforcement has access to.
At the level cause to believe that a crime has been committed the Prosecutor has an obligation to start criminal investigation. That is way SNAO stops the investigation at this level of suspicion.
Reasonable suspicion The level of suspicion required for making a arrest (decision is made by Police)
Plausible cause It is the level of suspicion which is required to make a pre-trail detention. (Decision made by court)
Beyond a reasonable doubt. That’s the level of proof that the criminal court requires to convict somebody of a crime and punish him or her.
The group make assessment if we think the facts is enough to reach the firts step in the stiarcase cause to believe. If we dont think so for this specific case we give important input for risk assessments to both finanicial and performance audi.
Legal unit: Quality assuarance If secrecy we handle information according to certain procedures and document in stand alone computers.
Prosecutor: second Quality assuarance
We need more information. No special investigation methods only normal audit, for example we ask for certian documents or analyse transactions.
Report to the management of the audited entity with recommendation to inform prosecutor
Appropriate management level
The audited entity report to law enforcement agency
If management may be involved, SNAO can report directly to law enforcement agency.
Judical system is difunctional corrupt it more important to have a certian prosecutor that we trust not to be involved in corruption.
SNAO and Law enforcement have different roles in society.
The focus for SNAO is audit and the mandate and the competence is therefor adjusted to that role.
Law enforcement has a strong mandate including coercive methods and special competence in the filed of criminal investigation.
Each agency is therefore specialist in its on filed of operation, but since the agencies in the public sector also have an interest to fight corruption it is necessary to cooperate.
Presentation- Preventing and Handling Indication on Fraud and Corruption. Tirana, June 2017
Preventing and Handling indication on Fraud and Corruption
International Auditing standards (ISSAI)
Border between an audit and a criminal investigation
Mandateof the SwedishNAO
Law regulates audit of public activities
Performance and financial audit
For financial audit: Generally accepted auditing standards ISSAI
Content in the relevant ISSAI
The auditor is responsible for obtaining reasonable assurance that the financial statements
taken as a whole are free from material misstatements, whether caused by fraudor error
ISSAI 1240 – audit standards that deals with ”The Auditor’s responsibility to consider
fraudin an audit of financial statement”
Content in the relevant ISSAI
Awareness that fraud can occur
Identify the risk of material misstatement of the financial statements dueto fraud
Obtain sufficient appropriate audit evidence regarding the assessed risks of fraud
including representation letter
If suspicions of fraud –report to appropriate level of managementorlaw
Indications on fraud appear in audits due to the extensive mandate of the SAI
Expectation from the public that the SAI ensures that all indications on irregularities
aretaken careof in a professional and uniform way
When indications on fraud areidentified SNAO has a regulated process for
professional assessments of these indications in a uniform manner
Ways ofdetecting indications
Risk analysis - Audits in areas with high risk for fraud
Information from the public (e.g.whistleblowers)
TheFinancial Audit ”stumbles” upon indications
ThePerformance Audit “stumbles” upon indications
SNAO Fraudsupport group
3 persons, represents each section of the FA department
Experts financial audit and law
Channelize fraudindications from audit
Handling information from public
Link from SNAO to crime fighting institutions
What is audit, what is criminal investigation?
Causeto believe (thatcrimehas been committed)
Clear and convincing evidence
Beyond reasonable doubt
Clear and convincing
Cause to Believe
1. Indication on fraud is identified
2. Special group within SNAO with expert advisors with experienceon handling
indications on fraud, makes assessments
3. The legal unit of SNAO is involved whenrules of secrecy applies i.e.cause to
believe crimehas beencommitted
4. De-identified discussion with a prosecutor, specially appointed contact persons.
5. If additional investigation is necessary, only normal audit methods areused.
6. When indication on fraud is confirmed to beon a level of “causeto believe” the
audit usually stops.
7. Report to the appropriate level of management of the agency with
recommendations to send the information to the appointed prosecutor.
Why stopat ”cause to believe” ?
Risk of jeopardizing a future criminal investigation
Article 6 Presumption of innocence
Crime fighting agencies
National Anti-Corruption Unit
- Handling all cases of bribe
- Independent from the national police force
- Reinforced 2011
Swedish Economic Crime Authority
- Responsible for combating and preventing economic crime
- Accounting crime
- Tax crime
- Bankruptcy-related crime
- Crime againstthe EU's financial interests