The ongoing trial of former senior executives at telecom firm Nortel Networks alleged that staffers used "significant guestimation" in accounting for expense reserves that had the potential to drain cash flow and impact earnings, according to an article published in The Toronto Star. The defense argued that while Nortel had accumulated excess reserves in 2002, some of which lacked supporting documentation, the company had launched a campaign to "scrub" its ledger in a process that was closely tracked by its external audit firm. Prosecutors allege that the Nortel executives misused unsupported liabilities in non-operating accounts to fabricate profits and activate bonus payouts.
- A strong, independent internal audit activity is a critical ingredient in management and oversight of large businesses with complex transactions and financial controls — especially when turbulent forces pressure organizations into dramatic, rapid transformation of their business priorities and practices.
- In such complex circumstances, as represented by the Nortel case, the role of the external auditor in providing timely, independent advice is a significant challenge. Internal auditors always should be mindful of differences between providing assurance versus advice to management.
- Proving the existence of fraud often can be elusive. Internal auditors should tread carefully in cases involving alleged fraud and focus on quality fraud risk assessments, related audit assurance work, and the provision of solid findings and recommendations rather than presuming the presence of fraudulent activities.
- Considering what controls should be in place to prevent executives from introducing volatility in the organization's earnings is an important task for internal auditors, as most organizations have — or will — face some of the circumstances described in the Nortel case.
- Internal auditors should be focused on the clarity of relevant corporate accounting policies dealing with accruals and liabilities to make sure they comply with the requirements of regulators as appropriate to the jurisdictions in which the organization operates. Auditors also should share information and offer recommendations for enhancing controls to minimize the risk of unnecessary manipulation of financial statements as well as prioritize the prompt review of such transactions to identify risks, potential errors, and the possibility of fraudulent activity.