New IIA (Internal Audit Institute) Global Internal Audit Standards will focus on internal auditors actively assessing and mitigating the risk of fraud within an organization A deeper understanding of potential fraud plans Enter their audit plan and execution.
So, how to gain a deeper understanding of fraud plans? I would like to introduce the concept of fraud risk intelligence. A person is born without understanding the risk of fraud. It can only be obtained by studying the risks of fraud in the real world.
As you know, I always search the internet as part of writing blog posts. So before reading the rest of this blog, I ask you to search for the following phrase: “A deeper understanding of potential fraud schemes”. What have you found?
In my search, I found two documents that I thought should be discussed.
1. CFE magazine titled “An in-depth understanding of career fraudWritten by John Warren, JD, CFE. July 2024
2. A practical guide to release The IIA is titled “Participation Program: Assessing the Risk of Fraud.” 2017
The title of Mr. Warren's article caught my attention, and it was the goal the writer hoped to achieve. But, at first, I was disappointed with this post because that wasn't what I wanted. Then I began to reflect on the article and realized that it had nothing to do with the risk of fraud itself, but rather the cost of doing business and how to manage the risk of fraud. This is important because I believe most managers think that fraud has occurred, but it happens in other companies. This article has attractive subtitles, e.g. Fraudster: If we know what to look for, behavior will give us clues and Red card data can teach employees how fraud is. This is building a sense of fraud, which is crucial to preventing fraud. Please read the article.
My second discovery, practice guide Participation Program: Assessing Fraud Riskpropose the process of evaluating fraud. The executive summary states:
- Collect information to understand the purpose and context of participation, as well as governance, risk management, and controls related to the area or process under review.
- Brainstorm fraud scenarios to identify potential fraud risks.
- Assess the identified fraud risks to determine which risks require further assessment during the participation period.
I am glad that IIA has published documents on evaluating the risk of fraud. It shows me that our career is taking the risk of fraud into core competence one step closer. However, I should point out that the document is copyrighted in 2017. There has been a lot of changes in the industry since then.
Now, you should know that it's hard for me to write the next sentence. I think the explanation of fraud risks in the guide is fundamental. It does not illustrate a concept of deeper understanding. For example, it says:
“The virtual vendor was established in the system, resulting in fraudulent payments.”
Sorry, this is not a deeper understanding. A deeper understanding will discuss different types of virtual vendors such as creation, assumption, Shell, Shell, etc. Fraudulent payments will discuss the differences between a false billing plan and a pass plan. It will identify the difference between direct access and indirect access setting vendors.
When IIA said auditors should have a deeper understanding of fraud risks, I hope that this practice guide can at least illustrate or provide good examples of what a “more understanding” looks like. That being said, as an internal auditor, you should still read this document. It is necessary to gain basic core competitiveness.
So, how about this with a deeper understanding of potential fraud schemes? I believe that professional skepticism should be changed to educated professional skepticism.
- Through researching knowledge, I call it the science of fraud risk assessment and fraud prevention
- Through experience knowledge, I call it the art of fraud risk assessment and fraud prevention
My advice to all CAEs is to invest in fraud risk intelligence by studying fraud risk management science. The science is the basis of the art of fraud risk intelligence.
Fraudulent trivia
Last month's answer:
Which male actor portrays a woman to get a job? Dustin Hoffman at Tootsie
Which male actor portrays a woman to meet his child? Robin Williams
Which movie star plays a singer who pretends to be a man pretends to be a woman? Be crazy! Victor/Victoria's Julie Andrews
The woman's role in the role of the film that made her most commercially successful is glittering and hoarse, forever popularizing her title role and becoming the most important femme Fatale in history. Greta Garbo (1931) by Mata Hari
One of the great figures in film and literature is probably the most important accident of the cinema. The most famous adaptation of Patricia Gosmith’s character is portrayed by numerous Oscar-winning actors. Thomas Ripley
Because he is a classic, he cannot be excluded from the list. He now works for the FBI. Leonardo DiCaprio portrayed him. Frank Abagnale.
Trivia of this month
Feedzai, which recently released its trend in AI fraud and financial crime prevention report for 2025, found how to use Generative AI (Genai) in financial fraud.
1. XX% of financial institutions show that fraudsters use generative AI. XX noted that they did not see criminals using Genai?
2. According to the report, xx% of financial professionals say deep strikes were used in fraud schemes. xx% reported that fraudsters are using social engineering, a set of manipulative strategies that exploit human psychology and deceive individuals into revealing sensitive information.
3. Fraudsters also leverage voice cloning technology, which xx% considers to be a major issue, followed by XX% citing SMS and AI-powered phishing scams to trick victims.
4. Can you name some of the more common account acquisition techniques?
