Wednesday, February 25, 2009

Now Hiring - Continuous Auditing specialists

Many of you know who have heard my partner and I speak at various IIA and MISTI events have heard that we have Google alerts set up on Continuous Auditing and Continuous Monitoring. Most Continuous Monitoring alerts have been related to Medical Devices - glucose monitoring, pacemakers, but it has been rare that we actually get article posts related to Continuous Auditing or what is becoming known as Continuous Controls Monitoring.

But maybe this is changing....

For the past two weeks, I have gotten "hits" on Google Alerts for Continuous Auditing and Continuous Controls Monitoring that relate to data analysis, data mining, and continuous auditing, specifically Job Postings. Yes, despite the challenging economy, there are several Audit Groups that are hiring continuous auditing specialists. Technical skills needed include data analysis, such as working with ACL or IDEA, as well as to more modern tools such as Approva, Oversight Systems or Apex Analytix.

Not surprising, interpersonal skills, including good communication skills and technical writing are also required. You can't write a good continuous auditing test if you don't have good data. And auditors need help from someone to acquire and understand the data.

Kudos to the hiring executives who understand that increasing the depth and especially the frequency of data analysis can increase the value that internal audit brings. Two of the three job postings I've seen are in the Hospitality sector, and the third is in Healthcare. Common threads perhaps are large volumes of disparate data, and opportunities to increase top line revenue through improving data quality.

For more information on these jobs or to compare notes on data analysis and continuous auditing, please reach out via contact information below.


Joe Oringel
Visual Risk IQ
Charlotte NC, USA

Wednesday, February 11, 2009

What is the cost of non-compliance? How's $579 million sound?

Source: Reuters: Halliburton and KBR agree to Settlement in historic Foreign Corrupt Practices Act (FCPA) case

In the largest FCPA settlement against a US-based company, KBR and its former parent Halliburton agreed to pay $579 million in fines to settle charges that they violated Foreign Corrupt Practices Act (FCPA) as part of a plan to secure large, long-term construction contracts in Nigeria.

According to the DOJ, KBR was part of a four-company joint venture that received the contracts. As part of its plea, KBR admitted to conspiring with those partners to promise and pay bribes. They also admitted to paying tens of millions of dollars in consulting fees to two agents for use in bribing government officials.

As part of its criminal plea deal, KBR agreed to retain an independent compliance monitor for a three-year period and continue to cooperate with the DOJ's continuing investigation of this matter.

In a related civil complaint by the SEC, Halliburton and KBR jointly agreed to pay $177 million in disgorgement. The SEC had charged KBR with violating the anti-bribery provisions of the Foreign Corrupt Practices Act. It also charged Halliburton and KBR with record-keeping and internal control violations.

"As part of the resolution of the SEC investigation, Halliburton will retain an independent consultant to perform a 60-day initial and, approximately one year later, a 30-day follow-up review and evaluation of Halliburton's anti- bribery and foreign agent internal controls and record-keeping policies and to adopt any necessary improvements," the company said.


The application for continuous auditing and monitoring in helping organizations monitor internally for potential FCPA violations is particularly positive, because these compliance issues can be assessed concurrent with other operational challenges such as duplicate payment or overpayment.
Joe Oringel
Visual Risk IQ LLC
Charlotte NC, USA

Thursday, February 5, 2009

Check out "The Fraudies", Oversight's list of top Corporate Fraudsters

The folks at Oversight Systems have announced The Fraudies, a light-hearted collection of some of the bolder attempts to defraud corporations that have been detected or deterred by continuous auditing and monitoring. My personal favorite is the individual who used their company's P-Card to purchase $3,400 worth of advice from the Psychic Hotline. Let's hope the psychic didn't tell the fraudster to join your firm.

Unfortunately, today's challenging economic times are increasing the pressures and the rationalization behind more potential fraudsters.  We are working with a number of organizations in different industries, to help increase the likelihood of detection by implementing cost-effective monitoring techniques.

Using these techniques as part of regularly scheduled audits of Accounts Payable, Travel & Entertainment or P-Card audits can help organizations achieve compliance objectives while also returning money to the bottom line by reducing overpayments and re-capturing inappropriate disbursements.  Further, like the Fraudies, we hope that by publicizing these instances of fraud, other future fraudsters will be deterred.   

Joe Oringel
Visual Risk IQ
Charlotte NC 28277