What is a Forensic Audit?
A forensic audit is an examination of a company’s financial records to derive evidence which can be used in a court of law or legal proceeding.
For example, Telemart, on the recommendation of its Chief Financial Officer (CFO), entered into a contract with RJ Inc for the supply of carts. At the time, RJ Inc was not authorized to conduct business, as its license was suspended due to certain irregularities in taxes paid. The CFO had knowledge of this fact, but still recommended that Telemart enter into a contract with RJ Inc because he was secretly receiving compensation from RJ for doing so.
A forensic audit can reveal such cases of fraud.
Why is a forensic audit conducted?
Forensic audit investigations are made for several reasons, including the following:
In a forensic audit, while investigating fraud, an auditor would look out for:
- Conflicts of interest – When a fraudster uses his/her influence for personal gains detrimental to the company. For example, if a manager allows and approves inaccurate expenses of an employee with whom he has personal relations. Even though the manager did not directly financially benefit from this approval, he is deemed likely to receive personal benefits after making such inappropriate approvals.
- Bribery – As the name suggests, offering money to get things done or influence a situation in one’s favor is bribery. For example, Telemith bribed an employee of Technosmith company to provide certain data to aid Telesmith in preparing a tender offer to Technosmith.
- Extortion – If Technosmith demands money in order to award a contract to Telemith, then that would amount to extortion.
Asset misappropriation is the most common and prevalent form of fraud. Misappropriation of cash, creating fake invoices, payments made to non-existing suppliers or employees, misuse of assets, or theft of Inventory are a few examples of such asset misappropriation.
Financial statement fraud
Companies get into this type of fraud to try to show the company’s financial performance as better than what it actually is. The goal of presenting fraudulent numbers may be to improve liquidity, ensure top management continue receiving bonuses, or to deal with pressure for market performance.
Some examples of the form that financial statement fraud takes are the intentional forgery of accounting records, omitting transactions – either revenue or expenses, non-disclosure of relevant details from the financial statements, or not applying the requisite financial reporting standards.
Procedure for a forensic audit investigation
A forensic auditor is required to have special training in forensic audit techniques and in the legalities of accounting issues.
A forensic audit includes additional steps that need to be performed in addition to regular audit procedures.
1. Plan the investigation
When the client hires a forensic auditor, the auditor is required to understand what the focus of the audit is. For example, the client might be suspicious about possible fraud in terms of the quality of raw materials supplied. The forensic auditor will plan their investigation to achieve objectives such as:
- Identify what fraud, if any, is being carried out
- Determine the time period during which the fraud has occurred
- Discover how the fraud was concealed
- Identify the perpetrators of the fraud
- Quantify the loss suffered due to the fraud
- Gather relevant evidence that is admissible in the court
- Suggest measures that can prevent such frauds in the company in future
2. Collect evidence
By the conclusion of the audit, the forensic auditor is required to understand the possible type of fraud that has been carried out and how it has been committed. The evidence collected should be adequate enough to prove the identity of the fraudster(s) in court, reveal the details of the fraud scheme, and document the amount of financial loss suffered and the parties affected by the fraud.
A logical flow of evidence will help the court in understanding the fraud and the evidence presented. Forensic auditors are required to take precautions to ensure that documents and other evidence collected are not damaged or altered by anyone.
Common techniques used for collecting evidence in a forensic audit include the following:
- Substantive techniques – For example, doing a reconciliation, review of documents, etc
- Analytical procedures – Used to compare trends over a certain time period or to get comparative data from different segments
- Computer-assisted audit techniques – Computer software programs that can be used to identify fraud
- Understanding internal controls and testing them so as to understand the loopholes which allowed the fraud to be perpetrated.
3. Interview the suspect(s)
- Reporting – A report is required so that it can be presented to a client about the fraud. The report should include the findings of the investigation, a summary of the evidence, an explanation of how the fraud was perpetrated, and suggestions on how internal controls can be improved to prevent such frauds in the future. The report needs to be presented to a client so that they can proceed to file a legal case if they so desire.
- Court proceedings – The forensic auditor needs to be present during court proceedings to explain the evidence collected and how the suspect was identified. They should simplify the complex accounting issues and explain in layman’s language so that people who have no understanding of the accounting terms can still understand the fraud that was carried out.
To summarize, a forensic audit is a detailed engagement that requires the expertise of not only accounting and auditing procedures but also expert knowledge regarding the legal framework. A forensic auditor is required to have an understanding of various frauds that can be carried out and of how evidence needs to be collected.
More learning and resources
CFI is the official provider of the global Certified Banking & Credit Analyst (CBCA)™ certification program, designed to help anyone become a world-class financial analyst. To keep advancing your career, the additional CFI resources below will be useful: