Financial audits are not designed to identify fraud in environments with high levels of corruption
Ever so often there are dramatic press articles about fraud in development aid. Official development assistance is value based and a sensitive topic. Stories of fraud, corruption and mismanagement is a sure recipe to ignite media attention that plays into the emotions.
Donor agencies does their best to counteract. Press releases from the Department for International Development (DFID), or from their colleagues in other donor countries, makes a good effort in rationalizing that there is value for money and that there are effective controls on aid spending.
Audits of aid identify incredibly little fraud and corruption. Is there actually more? It is not all that unlikely, but nobody knows.
We can only speculate that since the general control environment is weaker in many developing countries, there are better opportunities to avoid detection of fraud and especially so in fragile and conflict affected states.
We argue that the nature of audit methodologies, in fragile and conflict affected states, is entirely unsuited to identify real problems.
1. Typical controls on foreign aid programs are limited in scope
The typical aid program requires an audit statement of the financial statements of the projects. The professional accountancy firms are regularly contracted to deliver the audit reports. A financial statement audit is based upon the statements, and may make sample based tests of project cost items and identify inconsistencies.
International aid to non-governmental organizations and civil society typically have very limited fiduciary controls beyond the standard audit. In case of state-to-state, or local government public sector aid, the audits are often performed by the national audit office.
Some institutions, notably the multilateral financial institutions, often require additional enhanced fiduciary measures. For example, particular rules and regulations to substitute for lack of those in fragile and conflict affected states. The core control remains however, the financial audit. Even for major projects there are few additional measures or tailored controls.
2. Are the controls on a typical aid program useful?
There is a gap between stakeholder expectations and audit mandates that both auditors and users of financial reports must recognize. An auditor’s conclusions are based on documentary evidence corroborated, for the most part, by interview techniques and analytical procedures.
The professional accountancy firms that delivers audits follow near identical standard methodologies across the world. There are of course great quality differences in how these are applied across the audit teams of the large networked firms.
But, the fundamental problem is not so much of quality of performance of the audit, it is about the standard methodology in itself. In fact, the products are so standardized that audits are considered a commodity product in the professional service industry.
Globally, the profession has aligned around a set of 3-4 core products. There are extensive rules and guidelines defining these. Audits of financial statements being the “golden standard” – and what almost every cooperation in the world needs to go through on a yearly basis.
The problem is that these methodologies are designed to work effectively in environments where there are sophisticated accounting standards in place, where financial records and information is of good quality and available to the auditors, where documentation of the actual financial management and accounting of the organization actually exists, or reflects how things are actually done. Also, that there are robust laws, regulations and guidance provided for compliance with the legal framework. And importantly, that there are qualified accounting professionals who manage the finances.
In such circumstances, a financial statement audit may deliver value.
However, by default, this is not the situation in a fragile and conflict affected country. The conditions for the methodologies to work are mostly not inexistence.
It is difficult to detect or investigate fraud and corruption as part of part of a financial audit as fraud frequently leaves no documentary evidence. Where documentary evidence is available it is often prepared in a manner that leaves no trace. Where there is collusion between the parties none of them are likely to reveal their dealings as they are, or have been, benefiting from them.
Auditors’ ability to quantify corruption is very limited. They can only indicate the existence of opportunities for corruption. While this can provide useful insight for design of mitigating actions for future, this does not identify past events.
In cases where audit opinions are given, one should question the ability of an auditor to form an opinion on the reasonableness of financial information in fragile states with high levels of corruption and incidence of fraud.
Covering the program with a veil of legitimacy doesn’t provide information on whether things are going well or not.
More complex, tailored approaches will deliver more value.
3. Understanding categories of standard audit products
This section presents the main types of audit products and discusses their usability in the context of aid programs.
3.1 Audit product 1. Financial statement audit
This is the standard annual audit of an organization, whether a government, an International non-Governmental Organization or a business. A financial statement audit can be expected to deliver on what it promises: An opinion on the reasonableness of the annual financial statements of the entity.
The fact that an entire program, making up a small portion of the entire activities of the entity, goes wrong does not mean that the financial statements are not reasonably stated. Materiality is an important and relevant concept in auditing.
Regardless of the facts at hand, an audit of financial statements is undertaken in order for an auditor to form an opinion on the financial reporting subject to audit.
3.2 Audit product 2. Audit of financial reports prepared in accordance with special purpose frameworks
Regularly, annual financial statement audits do not provide the requisite degree of precision or insight desired. Donors may then request auditors to form an opinion on the reasonableness of financial reporting for a specific program and pursuant to a specific (grant) contract.
In this case the level of precision is suited to the donors’ needs. It would not be appropriate for an auditor to provide an opinion on tailored program financial reporting that said all is well, when it is not.
The ability of an auditor to form an opinion on the reasonableness of financial reporting in an environment with high levels of corruption should be questioned.
When every invoice, receipt, and goods received note is questionable, what is the value of an audit opinion that states that financial results are reasonable?
3.3 Audit product 3. Agreed upon procedures
Engagements to perform agreed-upon procedures regarding financial information are often set in motion when donors or administrators wish to gain insight into use of program funds.
In essence, an agreed-upon procedures engagement tells users what is happening. Enquiries are designed and then carried out, with findings reported to users. No opinion is provided on the reasonableness of information, but rather this type of engagement is designed to inform users so that they can form their own opinions. International standards governing agree-upon-procedures engagements strictly define the types of procedures and how results are to be communicated. Agreed-upon procedures need to be agreed, upfront, with the ability to tailor to the situation at hand restricted.
Exhibit 1: Framework for determining usefulness of audits in development aid programs
4. The resolution: bespoke financial monitoring procedures
A resolution can be found in highly tailored approaches. Similar to the agreed-upon procedures model, but providing flexibility to fit and adapt to user needs.
Bespoke financial monitoring procedures are applied when the context requires adaptively, which is frequently the case in dynamic control environments. Donor funding to governments is often provided with the purposes of providing financial support to beneficiaries, as well as encouraging public financial management reforms.
Bespoke financial monitoring procedures can be designed to fit unique circumstances typical of weak financial management systems and are adaptable to changing capabilities of recipients. The bar can be continuously raised to fit the, ideally, improving capabilities of the beneficiary.
As with agreed-upon procedures, no opinion is provided on the reasonableness of information, but facts are identified and reported to inform users who form their own opinions as to use of program resources.
Ultimately, the value of a monitoring arrangement is determined by the information provided, and importantly, how the decision makers act upon this information. Normal audit procedures provide little information and little ability to act.
By Ian Hawley Managing @abyrint.