Operational Engagement

 

A ccording to Sawyer’s Internal Auditing, an operational engagement involves “the review of a function or process to appraise the efficiency and economy of operations and the effectiveness with which those functions achieve their objectives.”  A comparison of actual and standard costs addresses efficiency and economy issues.

Internal audit plan

An internal audit plan normally focuses on the following: unacceptable current risks requiring management action, control systems on which the organization is most reliant, areas where the difference between inherent risk and residual risk is great, and areas where inherent risk is very high.

-- 

External assessment

External assessments of an internal audit activity contain an expressed opinion as to the entire spectrum of assurance and consulting work performed (or that should have been performed under its charter), including (but not limited to) conformance with the Definition of Internal Auditing, the Code of Ethics, and theStandards. An external assessment also includes, as appropriate, recommendations for improvement (PA 1312-1, para. 2). On completion of the review, a formal communication should be given to senior management and the board (PA 1312-1, para. 3).

-- 

Mona

Governance

Governance, Risk & Control

Governance

Governance is the combination of processes and structures implemented by the board to inform, direct, manage, and monitor the activities of the organization toward the achievement of its objectives.

IIA Guidance on Governance

2110 - Governance
The internal audit activity must assess and make appropriate recommendations for improving the governance process in its accomplishment of the following objectives:

·        Promoting appropriate ethics and values within the organization

·        Ensuring effective organizational performance management and accountability

·        Communicating risk and control information to appropriate areas of the organization

·        Coordinating the activities of and communicating information among the board, external and internal auditors, and management

2110.A1 - The internal audit activity must evaluate the design, implementation, and effectiveness of the organization's ethics-related objectives, programs, and activities.

2110.A2 - The internal audit activity must assess whether the information technology governance of the organization supports the organization's strategies and objectives.

-- 

 

 

Mona

 

 

 

 

 

 

 

 

 

Internal Audit Girl: What is money laundring

Internal Audit Girl: What is money laundring: what is the meaning of Money Laundring Money laundering  is the process whereby the proceeds of crime are transformed into ostensibly ...

What is money laundring

what is the meaning of Money Laundring

Money laundering is the process whereby the proceeds of crime are transformed into ostensibly legitimate money or other assets.^[1] However in a number of legal and regulatory system the term money laundering has become conflated with other forms of financial crime, and sometimes used more generally to include misuse of the financial system (involving things such as securities, digital currencies such as bitcoin, credit cards, and traditional currency), including terrorism financing, tax evasion and evading ofinternational sanctions. Most anti-money laundering laws openly conflate money laundering (which is concerned with source of funds) with terrorism financing (which is concerned with destination of funds) when regulating the financial system.^[2]

Money obtained from certain crimes, such as extortion, insider trading, drug trafficking, illegal gambling and tax evasion is "dirty". It needs to be cleaned to appear to have derived from non-criminal activities so that banks and other financial institutions will deal with it without suspicion. Money can be laundered by many methods, which vary in complexity and sophistication.

Different countries may or may not treat tax evasion or payments in breach of international sanctions as money laundering. Some jurisdictions differentiate these for definition purposes, and others do not. Some jurisdictions define money laundering as obfuscating sources of money, either intentionally or by merely using financial systems or services that do not identify or track sources or destinations.

Other jurisdictions define money laundering to include money from activity that would have been a crime in that jurisdiction, even if it were legal where the actual conduct occurred. This broad brush of applying the term "money laundering" to merely incidental, extraterritorial, or simply privacy-seeking behaviors has led some to label it "financialthoughtcrime".^[3]

Many regulatory and governmental authorities issue estimates each year for the amount of money laundered, either worldwide or within their national economy. In 1996, the International Monetary Fund estimated that two to five percent of the worldwide global economy involved laundered money. The Financial Action Task Force on Money Laundering (FATF), an intergovernmental body set up to combat money laundering, stated, "Overall, it is absolutely impossible to produce a reliable estimate of the amount of money laundered and therefore the FATF does not publish any figures in this regard."^[4] Academic commentators have likewise been unable to estimate the volume of money with any degree of assurance.^[5] Various estimates of the scale of global money laundering are sometimes repeated often enough to make some people regard them as factual—but no researcher has overcome the inherent difficulty of measuring an actively concealed practice.

Regardless of the difficulty in measurement, the amount of money laundered each year is in the billions (US dollars) and poses a significant policy concern for governments.^[5] As a result, governments and international bodies have undertaken efforts to deter, prevent, and apprehend money launderers. Financial institutions have likewise undertaken efforts to prevent and detect transactions involving dirty money, both as a result of government requirements and to avoid the reputational risk involved. Issues relating to money laundering have existed as long as there have been large scale criminal enterprises. Modern anti-money laundering laws have developed along with the modern War on Drugs.^[6] In more recent times anti-money laundering legislation is seen as adjunct to the financial crime of terrorist financing in that both crimes usually involve the transmission of funds through the financial system (although money laundering relates to where the money has come from, and terrorist financing relating to where the money is going to).

Reverse money laundering is a process that disguises a legitimate source of funds that are to be used for illegal purposes.^[7] In an affidavit filed March 24, 2014 in United States District Court, Northern California, San Francisco Division, FBI special agent Emmanuel V. Pascau alleged that several people associated with the Chee Kung Tong organization, and California State Senator Leland Yee, engaged in reverse money laundering activities.

-- 

Mona

Theft,Burglary,Robbery

What is the difference between burglary, robbery, and theft?

Here is the shortest answer to that question. First, burglary is the intent to break into a building without consent with the intent of committing a crime inside (including theft). Burglary is a specific intent crime, requiring that the burglar knowingly intend to commit a crime while inside. A person does not have to forcibly enter a building to commit burglary; going in through an unlocked window or door can still fulfill the “breaking” element of burglary.

Theft simply involves taking something from someone else with the intent to permanently deprive them of it. Embezzlement is a form of theft in which an employee diverts money intended for his employer or other employees for his or her own use. Likewise, fraud is also a form of theft, involving using trickery to permanently deprive someone of his or her property.

Finally, robbery is another specific intent crime, requiring both theft and a form of violence or threat of violence used to deprive someone of their property. The most common example of a robbery is a convenience store holdup, in which a robber threatens to shoot a cashier unless the cashier hands over the loot.

In all three cases — theft, burglary, and robbery — the government must prove that the defendant intended to permanently deprive someone of his or her property; generally, this element can be proven through the jury’s use of common sense or other circumstantial evidence suggesting the defendant meant to take the property forever. For instance, if a person steals someone else’s car and then claims it wasn’t a theft because he meant to return the car when he was done, the government can admit evidence that the defendant removed the VIN number to suggest he planned to permanently deprive the owner of his vehicle.

Scope Limitation

Definition: A scope limitation is a restriction on an audit that caused by the client, issues beyond the control of the client, or other events that do not allow the auditor to complete all aspects of his or her audit procedures. Examples of events causing a scope limitation are the disappearance of relevant evidentiary matter, and the client's restriction on contact with customers to confirm the existence of accounts receivable.

Segregation of Duties (Preventive & Detective

Segregation of Duties (Preventive & Detective)

Segregation of duties is critical to effective internal control because it reduces the risk of mistakes and inappropriate actions. It helps fight fraud by discouraging collusion. In general, the following functions should be separated among employees: Approval Accounting/reconciling Asset custody A detailed supervisory review of related activities is required as a compensating control activity if these functions cannot be separated in smaller departments.  Examples of segregation of duties: The person who requisitions the purchase of goods or services should not be the person who approves the purchase. The person who approves the purchase of goods or services should not be the person who reconciles the monthly financial reports. The person who approves the purchase of goods or services should not be able to obtain custody of checks. The person who maintains and reconciles the accounting records should not be able to obtain custody of checks. The person who opens the mail and prepares a listing of checks received should not be the person who makes the deposit. The person who opens the mail and prepares a listing of checks received should not be the person who maintains the accounts receivable records. No one person should: Initiate a transaction Approve a transaction Record a transaction Reconcile balances Handle assets Review reports Note: At least two sets of eyes are required for any transaction!

Preventive Controls

Preventive Controls

Many preventive controls are based on the concept of separating duties. Examples include prohibiting the same person from conducting related transactions such as initiating and recording transactions; making purchases and approving payments; ordering and accepting inventory; approving vendors and making payments; receiving bills and approving payments; and authorizing returns and issuing refunds. Payroll preparation and distribution duties and approving, writing and signing checks should also be done by different people.
Examples of internal controls built around the concept of authorization, approval and verification include requiring supervisory review and approval of payroll information before disbursement, requiring interdepartmental dual authorization of payroll data by accounting and human resources departments and requiring prior approval of credit customers, vendors and purchases.

Detective Controls

Detective controls are internal controls designed to identify problems that already exist. Audits are an example of a detective control. Monthly reconciliation of bank accounts, review and verification of refunds, reconciliation of petty cash accounts, audits of payroll disbursements or conducting physical inventory are all examples of detective controls. Preventive and detective controls are often required in combination to provide sufficient protection. Computer systems require preventive controls through acceptable use and access control. Computer usage logs must be kept. Logs are a form of detective control to be reviewed and audited at regular intervals.

Directive Controls

Directive controls cause or encourage a desirable event to occur, such as employees meeting objectives effectively. Formally written procedure manuals would be a directive control in this case because it would encourage employees to carry out particular functions in an effective manner. The objective of directive controls is to cause or encourage desirable events to occur, for instance, providing management with assurance of the realization of specified minimum gross margins on sales. 

What is the Difference Between Speculative Risk and Pure Risk?

In the field of risk management, risks are often divided into two main categories. These are called "pure risks" and "speculative risks."

Basically both terms refer to bad things that can befall one. But they can be distinguished.

A pure risk is something that will necessarily be bad if it happens. There is the possibility of loss or no loss, with no possibility of gain.

Imagine you are being held captive by a sadistic terrorist who decides to submit you to a form of Russian roulette. He puts a bullet in a gun that holds six bullets, spins the cylinder, points it at your head, and pulls the trigger.

There is a one in six risk that you will be shot in the head. There is no corresponding good outcome. The only "good" outcome would be the absence of the bad outcome. Thus, this is a pure risk.

Pure risks tend to be out of the person's control, in that people, unless they're suicidal, do not intentionally put themselves in a situation that is all downside and no upside.

Pure risks can be personal (being sickened by an explosion at a chemical plant a few miles down the road), property (having a tornado wipe out your house), or legal (being sued because someone claims something you posted on the Internet constitutes hate speech).

Speculative risks, on the other hand, are gambles. Speculative risks are the downside of choices one knowingly makes that also have upside.

Having sex with an intriguing stranger is a speculative risk. You might have the best sex of your life, you might fall in love, you might so impress the person with your prowess that they name you the sole beneficiary in their will, die the next day, and turn out to be a billionaire. On the other hand you might get an STD, the sex might result in an unwanted pregnancy, there might be a hidden camera present that will be used to blackmail you, you might fall for the person and get your heart broken, etc.

Playing poker is a speculative risk. You risk losing some or all of the money you bring to the game. But it's not a pure risk because, one, you could also win, and two, you take on this risk knowingly and intentionally.

Investments are the classic case of speculative risk. You might end up behind, but you also might end up ahead.

There are degrees of speculative risk. If you invest in U.S. Savings Bonds, and if you invest in the most volatile of junk bonds, both involve speculative risks that you will lose your money, but they are not thereby equal. In the first case, the chances of that loss occurring are very close to zero. In the second case, the chances of that loss occurring are fairly high.

Definition of Forensic Accounting

Forensic accounting, sometimes called investigative accounting, involves the application of accounting concepts and techniques to legal problems. Forensic accountants investigate and document financial Fraud and white-collar crimes such as Embezzlement. They also provide litigation support to attorneys and law enforcement agencies investigating financial wrongdoing.
Many different organizations consult forensic accountants. Corporations hire forensic accountants to investigate allegations of fraud on the part of their employees, suppliers, or customers. Attorneys consult forensic accountants to obtain estimates of losses, damages, and assets related to specific legal cases in many areas of the law, including Product Liability, shareholder disputes, and breaches of contract. In criminal investigations, forensic accountants analyze complex financial transactions such as those in Stock Market manipulations and price fixing schemes. They also help governments achieve compliance with various forms of regulation.
Forensic accountants typically become involved in financial investigations after fraud auditors have discovered evidence of deceptive financial transactions. After conducting an investigation, they write and submit a report of their findings. When a case goes to trial, they are likely to testify as expert witnesses.

Insurance Fraud

Definition of 'Insurance Fraud' An illegal act on the part of either the buyer or seller of an insurance contract. Insurance fraud from the issuer (seller) includes selling policies from non-existent companies, failing to submit premiums and churning policies to create more commissions. Buyer fraud includes exaggerated claims, falsified medical history, post-dated policies, viatical fraud, faked death or kidnapping, murder and much more.

Investopedia explains 'Insurance Fraud' Insurance fraud is basically an attempt to exploit an insurance contract. Insurance is meant to protect against risks. It isn't meant to be a tool to enrich the insured. Although insurance fraud by the policy issuer still occurs, the majority of cases have to do with the policyholder attempting to receive more money by exaggerating a claim. More sensational instances such as faking one's own death or killing someone for the insurance money are comparatively rare.

Definition of Corporate Fraud

Definition of 'Corporate Fraud'

Activities undertaken by an individual or company that are done in a dishonest or illegal manner, and are designed to give an advantage to the perpetrating individual or company. Corporate fraud schemes go beyond the scope of an employee's stated position, and are marked by their complexity and economic impact on the business, other employees and outside parties. 

Investopedia explains 'Corporate Fraud'

Corporate fraud can be difficult to prevent and to catch. By creating effective policies, a system of checks and balances and physical security, a company may limit the extent to which fraud can take place. It is considered a white collar crime.

Types of Management Control

Types of management control
they are five ways of controlling plans which are:


1. strategic control: it deals with resource maximization,the company checks the overall performance to see whether it is utilizing its opportunities and resources to the fullest.some of these opportunities may include the skills,experience and the abilities of the personnel involved in the organisation,the market demand of the products and the cost of production.this is normally done by the top management.



2. operational control management control: it is assessing the efficiency of the plans and methods used in order to ensure hat the various individual tasks are carried out effectively and efficiently



3. profitability control: this is when the company assesses its profit or losses and it is very important for a company since the aim of every company is profit maximization.It seeks to know if the company is loosing money so as to knoew the companies loop holes and how to fix it.Profitability control is normally the responsibility of the marketing department




4. Annual-plan control: it is the process whereby top management examines the actual outcomes of its company's effort annually in order to know if the companies efforts have been productive or not.



5. Management control: it is concerned with the human effort of plan implementation.it entails ensuring that relevant resources are well utilized andd workers are well motivated