There have been survey on frauds which have found that more than 60% of the frauds are conducted by people internal to a company and some of the well known corporate frauds like Enron, Waste Management Scandal, WorldCom or Satyam were executed at the highest level of management.
The regulators have tried to protect shareholders interests by mandating audit committees and promoting independent audit functions. However, on the ground there is a thin line with respect to independence and its often crossed due to organisation dynamics. After all the internal audit team members are also employees of the company looking at a long term career in the company (outside the audit function) and the head of audit in most cases reports administratively to the CFO and is interviewed and hired by the CFO.
In this post I am not providing answers just raising questions on how can the audit committee ensure that the audit function is truly independent.
– Should it start from the hiring of the head of audit and his directs? To ensure they have someone who can stand-up and call a ‘Spade’ a ‘Spade’ even when the management wants to call it a “Heart”. How many times do board of directors or audit committees really get involved in hiring of the CAE?
– Should it involve reducing the weight-age or eliminating feedback from the business on the performance of the audit function?
– Should it involve periodic third part assessment of the audit function that goes beyond the “Generally Compliant” Tag
Looking for comments and opinions from the more experienced people….