Published : December 14, 2012 | Daily FT
A time that has presented great challenges for companies, has in turn provided abundant opportunity for internal auditors and the flagship event of the Institute of Internal Auditors Sri Lanka – the Fifth National Conference on Internal Audit 2012 – addressed how internal auditors have to play an increasingly important role in corporate governance.
Aptly themed ‘Internal Audit – A Strategic Partner’, the conference featured a line-up of Sri Lankan experts in the profession to address the gathering on a wide range of subjects, stressing on the importance of embracing technology and emerging IT trends and the need for a paradigm shift in the way businesses think to reduce the errors and misappropriations through proper risk management and governance structures.
In his opening remarks, IIA Sri Lanka President Ashane Jayasekara noted that the global crises over the past couple of years has taught businesses that managing risk in today’s global economy means managing reputation, and in a world being defined and shaped by new technologies, the oldest values of trust, honesty and integrity are more important than before. “We are now entering a new phase, and must go beyond rule reforms to create the conditions for good governance to flourish – developing a conducive ecosystem for market discipline, building up the competencies of our boards of directors, and instilling a culture of ethical conduct and values,” Jayasekara said.
The key note speaker for the conference was Suren Rajakarier, Head of audit for KPMG Sri Lanka.
While the country aims of doubling its GDP by 2016, the keynote speaker, Suren Rajakarier, questioned if the country is equipped with enough professionals and resources to face the changing landscape. “Are companies going to share the same resources in such a scenario? That’s a challenge. How do we increase the number of internal auditors? Furthermore, a lot of people who are locally based only focus on checking transactions. How do we make them look at risk management, governance, structures so that they reduce the amount of errors and misappropriations?”
He raised these questions while delivering a presentation titled ‘The New Corporate World Order: How Does Internal Audit Fit In?’ Outlining some challenges faced by internal audit departments, Rajakarier identified the frequent changes in the regulatory compliance requirements and the Institute of Internal Auditors standards and cost containment, reduction in headcounts, and pressure to do more with less as some of the more prevalent challenges.
Others included aligning internal audit coverage to meet new expectations, moving beyond traditional internal audit projects to demonstrate value add to the bottom line, the lack of necessary resources and skill sets needed to meet responsibilities, leveraging technology to achieve greater efficiencies, and managing audit committee and management requests for ad-hoc audits and investigations.
Rajakarier went on to say that internal audit reports need to shift into a more preventive mode by looking at emerging trends and for this, technology has to be leveraged. Technology is vital due to the increasing complexities and volumes of transactions.
He added: “The training of internal auditors is another aspect that needs to be looked into. I hear the Institute is making some headway in this direction. We also need to try to make people understand prevention versus detection. “Prevention is so many times better than finding a cure. Global companies lose nearly six per cent of revenue to fraud. You need to take that amount and show the management to get them to understand the concept of prevention. You need to be able to articulate your importance – communicate how much you are saving for the company through preventive measures.”He also noted that while earlier, auditing was an independent role, it has now evolved to an integrated risk management and corporate governance role.
Internal audit should be able to deliver an objective and systematic evaluation of risk – IT systems are going to have a very important role here, Rajakarier asserted. However, he admitted that it is nearly impossible for an internal audit department in an organisation to have all the required skills to deploy such systems. “This is where strategic sourcing should be used where companies only focus on core activities in the company and source whatever else they need. It also ensures cost effective delivery because when you source what you need, you are able to manage costs in a better way. I don’t mean that internal audit should be outsourced completely but just the special skills required,” he explained. This also gives companies access to specialised and global resources.
He also revealed that when looking for skills required for new hires, accounting, which people would generally see as a top requirement, is low down on the list, and it is analytical and critical thinking, communication skills, and data mining and analytics skills that ranks much higher.
Rajakarier also recommended conducting a more responsive and flexible risk-based audit plan in order to deal with global or local changes that may take place over the year.
“Don’t leave IT projects to IT people – auditors have a role to play there. Leverage audit technology and tools. If you do not have the necessary tools and skills within your organisation, you need to be able to communicate how important it is to the management and audit committees and source it.”
Another upcoming trend is data analytics, the science of examining raw data to draw conclusions. Many large corporate have taken the step to embrace data analytics. He pointed out that banks use this on a frequent basis to identify common frauds.
“Things we used to manually cannot be done so anymore because there are too many transactions and complexities. Data analytics is another good method to use to improve your internal audit. If you give findings of this nature to companies, the audit committees and management will be really impressed by what the internal audit department is putting on their table. Identify trends and issues that will affect the company in the long term – this is what managements now want.”
The Chief Guest at the conference, the Central Bank Governor Ajith Nivard Cabraal, while addressing the gathering highlighted the importance of the internal audit function in organisations.
“While internal auditors are generally the most unpopular people in an organisation, they play an extremely important and useful role and no one will ever want to challenge that. Internal auditors have an indirect benefit as they serve as a buffer between the management and other departments. You also create a huge deterrent effect on people who know that the work will be reviewed that is why I believe the profession has survived and is thriving, especially in such challenging times.”
“Internal auditors need to be proactive – you don’t need to wait for the fraud to be highlighted to go after it – learn to read early warning signs. Being a strategic partner is very important in this day and age. The internal audit function should not look like one that is there because it has been proposed in the corporate governance code, instead internal auditors should prove that they add value to the organisation,” Cabraal said.