Internal Auditor’s blogs reflect the personal views and opinions of the authors. These views may differ from policies and official statements of The Institute of Internal Auditors and its committees and from opinions endorsed by the bloggers’ employers or the editors of Internal Auditor.

FRAUD (Is Not What This Is About)

Comments Views

Let me let you in on a dirty little secret, one that every chapter president, vice-president, professional development chair, track planner, or person who is responsible for scrounging up speakers with the hope that warm bodies will appear for the monthly chapter meeting knows. You want to get people to show up to your chapter meeting? Put the word "Fraud" in the title. Internal auditors will come running like Pavlov's dogs at dinner.

All well and good. Fraud is an important topic. And every auditor needs to be aware of their role in fraud detection (and, in some instance, fraud investigation). But fraud is not the end all and be all of our work.

But you sure can't tell that from the number of meetings, sessions, and seminars that have the word "fraud" in the title. "The Mind of the Fraudster." "Investigating the Mind of the Fraudster." "The Fraudulent Minding of Investigative Fraudsters." "The Fraud of Frauding the Fraud of the Fraudster's Fraudulent Frauditing." You put any of those out there and your meeting, session, or seminar will be a hit, no matter what the content. People will attend, CPEs will be awarded, and the sounds of joy and jubilation will be heard throughout the chapter.

And that is inherently wrong. It is all the evidence we need to prove we have lost sight of what we should be trying to achieve.

The true purpose of attending these meetings and conferences and seminars and webinars and other training sessions is for us to actually learn new things. It is not to rehash what we already know, it is not to sit and hear a bunch of stories that provide no real insight, it is not to just get another CPE. No, it is about becoming a better professional.

And that means all of us have to make a concerted effort to shy away from the siren call of another hour of war stories about how the CEO sent the email to the wrong person, or how the clerk never should have been driving that car to work every day, or how the office manager shouldn't have borrowed from petty cash on the day of the cash count, or how the employees shouldn't have counted on everyone on the team keeping quiet about what was going on, or any of the myriad, sometimes sordid, tales that we love to hear and tell but, when we are honest with ourselves, provide no real learning opportunities.

Here's some ideas for training topics that would provide any of us more value than another round of "let me tell you some more stories about fraud." Culture (not only how to audit it, but also how to improve it within the audit department itself). Marketing (10 percent to 15 percent of organizational expenses go to marketing, yet how many audit shops even include that as a potential area for review?). Human Resources (is the department actually doing the job it is supposed to do in protecting the organization's number one asset?). Third-party and vendor relationships (from my personal experience, you can't swing a dead audit program without hitting a finding in third parties).

However, throw those titles in the mix and what happens? Guess which sessions will be crowded and which will be populated with empty seats?

Here's an example. I just attended The IIA's Southern Regional Conference in Austin, Texas (an excellent conference) and, to the planners' credit, every one of the topics I mentioned above was addressed in at least one session. But the number of attendees in each of the many fraud sessions was always greater than for those sessions with topics related to those I listed above.

In the case of this conference, fraud had been covered perfectly well with an excellent general session on the subject. But there were also at least five (I lost count after a while) other concurrent sessions about fraud and investigations. Was it really necessary to have that many sessions on that single topic? Again, based on filled seats, I guess so.

I do not blame the speakers and I do not blame the conference planners. Just as I don't blame those in the chapters who are struggling to put together the best slate of speakers they can manage. No, the fault, dear Brutus, is with ourselves.

We vote with butts in seats. And when we keep voting by putting our butts in seats for the same old, same old, then all we will get is the same old, same old. And when all we get is the same old, same old, the one thing we will not get is better.

And isn't that really the point of CPEs — to show that we are expanding our knowledge related to the profession of internal audit?

I'm not saying shy away from fraud training. But, when the alternatives present themselves, you better be out there in similar numbers. Because that is the only way we are going to get better training and, from that, become better professionals.

(And don't even get me started on fraud's second runner-up — data analytics.)​

Internal Auditor is pleased to provide you an opportunity to share your thoughts about these blog posts. Some comments may be reprinted elsewhere, online or offline.



Comment on this blog post

comments powered by Disqus
  • CIA-June-2021-Blog-1
  • CIA-LS-June-2021-Blog-2
  • Agents-of-Change-June-2021-Blog-3