CHAPTER ONE

INTRODUCTION

1.1 Background to the Study

Internal audit function in fraud risk management is a critical part of the corporate

governance within an organization. Corporate governance is an effective tool in risk

management. Corporate governance includes those oversight activities undertaken by the

board of directors and audit committee to ensure that there is effective risk management

and the integrity of the financial reporting process (Public Oversight Board, 1993). Three

monitoring mechanisms have been identified in the corporate governance literature.

These are external auditing, internal auditing and directorships, (Anderson, Francis &

Stokes, 1993; Blue Ribbon Committee, 1999), as well as the audit committee (Institute of

Internal Auditor (11A, 2003; Coram, Ferguson & Moroney, 2011).

Risk management is the systematic application of management procedures and practices

which provides the necessary information to address risk, (World Custom Organization,

2010). Risk management is viewed as a relatively recent corporate function, (Dionne,

2013). The modern risk management started after 1955 and up-to 1970, the concept

covered more on insurance market and through that it developed to complement several

other risk management activities, (Dionne, 2013). This made companies to diversify

portfolios of physical assets and began to develop other areas of risk insurance to cover

many areas of risk in the business.

The necessity for risk management has come up based on the changes on the strategic

corporate/business operating environment and the expansion in transaction volumes that

have as well affected the methods corporations approach and handle risk, (WCO, 2010).
1
Every business increase has a corresponding increase of uncertainties that drive many

corporate management to desire a better structured and systematic way to handle risks. It

is through risk management that corporations address the increasing demand of the

modern business operating environment and the consequent risks by endeavoring to

address these risks whenever they are found.

This brought the necessity of the word “fraud” risk management that covers numerous

types of fraud caused by environment, technology, humans, organizations and politics.

Fraud in the other hand is an activity that takes place in a social setting and has severe

consequences for the economy, corporations, and individuals (Silverstone & Sheetz,

2007). Fraud is as old as corporations. The South Sea Bubble of 1720 is the best known

early episode of fraud. The company formed in England in 1711 to trade with Spanish

America, was allowed in 1720 to assume responsibility for Britain‟s National debt in

return for a guaranteed profit. This complicated arrangement ignited a speculative boom

with unscrupulous financiers that took advantage of the public excitement about assured

profits to form other companies with dubious intentions. Many of the newly formed

companies, some of which sought to extract gold from sea water soon failed together

with the south sea company leaving thousands of shareholders to lose their investment. It

caused financial catastrophe in London, Paris and Amsterdam. Subsequent investigations

revealed fraud and corruption among ministers some of whom resigned and some

committed suicide (Onogun, 2009; Adedeji, 2005).

Progressively, the Dictionary of Economics and Commerce confirmed that 200 banks

failed in England alone between 1815 and 1850 just within a period of 35 years, one of

the reasons attributed to the failure is improper fraud risk management (0wolabi, 2010).

2
Fraud risk management is the proper development and implementation of an intelligence

enabled fraud risk management framework and having a fraud risk management culture

within an organization that can assist more effective decision making at all levels of any

business management especially in the area of fraud risk management. There is no doubt

that proper fraud risk management is seen as one of the guiding principles associated with

modern business management, (ISPWG, 2008).

Fraud risk management failure is the determining character of the global financial crisis

(Witoonchart, 2012). The current financial crisis has brought with it a number of

challenges for global economies. The impact of the crisis on the survival of regional

blocks has attracted much attention in international circles (Lewis, Joseph & Roach,

2011).

One can rightly observe that the current financial crisis has its root from the failure of the

sub-prime mortgage market as a result of improper fraud risk management in the USA.

Fraud and other key operating factors have contributed to the ongoing economic crises of

2008 which includes the existence of a highly innovative and deregulated global financial

system, rising assets prices and readily available credit. Many opinion attribute the main

cause of the global financial crisis to the lack of appropriate and effective regulatory

framework in developed countries. Others have suggested ethical failings of highly

powered bankers and business persons‟ insensitivity in fraud risk management in the

USA (Lewis, Joseph & Roach, 2011; Hamilton & Gabriel, 2012; Osisioma, 2012). This

problem was complicated by the existence of an integrated and interconnected global

community which reflected the vulnerability and openness of world economies to

contagious risks and shocks today (Raja, 2008).

3
In an effort to reduce fraud risk which culminated to global financial crisis, (Witoonchart,

2012) stated that thirty five (35) official Anti-Fraud and regulatory bodies have been

formed and recognized internationally to regulate, supervise and investigate organizations

and their activities (Davis, 2011).

In Nigeria alone, several legislations were put in place to reduce and to alleviate and if

possible to eradicate the occurrence and incidences of fraud risk in the industry (Awolabi,

2010). Most popular and prominent among them are: (Company and Allied Matters

Decree No 19. 1990 (CAMD 1990), now CAMA, Declaration of Asset Act 1990,

National drug law enforcement Agency Act 1990; Special Tribunal (miscellaneous

offences) Act 1990; The Central Bank of Nigeria (CBN) Decrees No 24 of 1995; The

Nigerian deposit Insurance Corporation Decrees No 22 of 1998; The Bank and other

financial Institution Decree (BOFID) 1999; Economic and Financial Crime Commission

Act 2004; (CBN) Prudential guideline for Deposit of Money in Banks in Nigeria; Money

Laundry Act and so on.

The fraud risk management sagas are the same even in Nigeria. These have had sever

negative consequences on the country and its global image. Lack of Fraud risk

management and related problems have caused instability in the Nigerian economy

resulting to a high mortality rate of business organizations and the consequent losses of

revenue, huge financial losses to business organizations and their customers, depletion of

shareholders funds and capital base as well as loss of confidence in business investment

(Hamilton & Gabriel, 2012).

Fraud risk management has become the most intractable problems of modern day

business in Nigeria. Public concern is growing by the day and management vigilance is

not improving even with the aid of computerization.

4
A total number of one hundred (100) companies were estimated to have failed in Nigeria

because of improper fraud risk management in 2010 (Adeyemi, 2012). The total number

of frauds and forgeries case reported in one of the annual report of NDIC gave 10,719

cases of fraud which amounted to N168397.9 billion within a period of ten years i.e

2000-2009. The total depositor‟s loss in failed Banks amounted to N187.23 billion as of

2011. The CBN has also maintained that the dwindling situation is occasioned by

weakness in the internal control system of the affected enterprise which is the key area

where internal audit should function in fraud risk management, (Idowu, 2009; Adeyemi,

2012).

One can then deduce that these high profile corporate failures in recent years have

focused significant public and regulatory interest on corporate fraud risk management.

Therefore these recent well-publicized frauds have affected the work of the external

financial statement auditors. Fraud in an audit of a “financial Report” has increased

external auditors responsibilities in this area (Coram, Ferguson & Moroney, (2001). As a

result, the auditing profession has faced more lawsuits from these years, (Brandon &

Mueller, 2006; Lys & Watts, 1999; Palmrose, 1997; Paceni, Hillson & Sinason, 2000;

Reilly & Levitz in Sonnier, Lassar & Lassar, 2012). Thus shareholders attribute their

blames to auditors and auditors denounce full responsibilities and declare that

management has much to attribute on the audit failure as a result of insensitivity to

improper fraud risk management (Porter, 2012; Razeal & Crumbly. 2007).

The truth is that, whatever the size of the organization, external audit is terribly bad at

fraud detection and the scope of their responsibility do not cover fraud risk management.

A recent survey by (Pricewaterhouse Coopers, 2011), showed that perhaps only about 2

percent of frauds were detected through external auditor (Taylor, 2011).

5
Historically, management believed that external auditors would uncover fraud but the

emergence of Sarbanes–Oxley specifically holds management responsible for fraud risk

management and internal audit is an extension of management (Loftus, 2011).

It is expected that internal audit detects weakness in management operations and provides

a basis for correcting deficiencies that have eluded the first line of defense before these

deficiencies become uncontrollable or are exposed in the external auditors report (Eden &

Moriah 1996).

The institute of internal Auditors (11A) provides mandatory guidance for internal

auditors in its internal professional practices framework (IPPF) through the International

Standard for the practice of Internal Audit function in fraud risk management (Standards)

(11A, 2009a). Several standards outline the role of the internal audit function in

detecting, preventing, and monitoring fraud risks and addressing those risks in audits and

investigation (11A, 2009c). 11A standard 1200, proficiency and due professional care,

require that internal auditors have sufficient knowledge to evaluate the risk of fraud in

their organization (11A Standard 2060). Reporting to senior management and the board

require that internal audit function report to the board any fraud risks found during their

investigations under 11A standard 2120, of fraud Risk Management. (Burnaby, Howe &

Muehlmann, 2012)

1.2 Statement of the Problem

It was stated by (Bota – Avram, 2012), that the current economic crises generate a major

pressure over several areas and one of these is represented by the internal audit function

in fraud risk management. Loftus, (2011) also agreed that the emergence of Sarbanese –

Oxley specifically holds management responsible for fraud which results in improper risk

6
control and internal audit is an extension of management. The opinions of (Coram et al,

2011; Sawyer 1988; Coram et al 2008; Edem & Moriah in Coham & Sahag, 2012) were

that the credibility of internal audit function in an organization in fraud risk management

would be questionable. The reason being that the nature of the internal audit function is

also an important consideration that may potentially affects its values in an organization,

and also affect the enterprise objectives and will further be exposed in the external

auditors report.

Some studies have been conducted both in Nigeria and other places on internal audit

function in fraud risk. For instance, (Deloite, 2010; Frank, 2004; Hilison et al 1999;

KPMG, 2013; Normal et al, 2010; PricewaterhouseCoopers, 2013) stated that the

growing reliance by management and the audit committee (AC) on the Internal Audit

Function (IAF) is a critical part of good corporate governance and more specifically as an

effective tool to “Fight fraud”. This has made the understanding of the role of the IAF in

the context of fraud risk management.

This requires that internal audit has to expand its scope and assurance responsibility in

fraud risk management and also the companies facing higher fraud risk will increase their

organizational monitoring through internal audit function, providing evidence of the

importance of the internal audit function in fraud risk management, (Coram et al, 2011).

Observations from some literatures (Omar & Baker 2012; Endaya & Hanefah;

Thenfanis., Drogalis & Giovani, 2011; Domenic & Nonna, 2011; Intakhan &

Ussahawanitchakit, 2010; Feizizadeh, 2012; Collier, Dixon & Marston 1991; Farcane,

Blidset & Popa, 2009; Mui 2009; Stribu et al, 2009) showed that some of these studies on

fraud risk management were not given a holistic approach instead, they were focused on
7
one aspect of fraud risk or the other and that internal audit was not given the

responsibility of fraud risk management. Another limitation observed from some of these

prior studies was that fraud risk combat was not given a management priority. In other

words, internal audit involvement in fraud risk management was not given a full

consideration by management.

There is, also, a dearth of academic studies that have focused on internal audit function in

fraud risk management generally and especially in Nigerian context that were based on a

specific school and have been conducted in a systematic manners. There are, few

research that were conducted in a systematic manner on application of internal audit

function in fraud risk management by Nigerian researchers. But, some of these

researchers like (Badara & Saiden, 2014; Salamu & Agbeja, 2007), found negative or low

positive and insignificant effect on the subject matter.

There are also, some of these studies on internal audit function in fraud risk management

that made use of routine internal audit function but not on the holistic views of

organization‟s fraud risk (Freiedberg, 1998; Welch, Holmes & Strawser, 1996;

Kangarlovei, Motavasse & Moghammadzadah, 2013). Some of their various findings had

mixed evidence that did not provide a strategic method of managing fraud risk

holistically and proactively, (Coezee & Lubee, 2013; Bayo & Reinstain ,2001; Grazioli,

Jamal & Johnson, 2006). Therefore, our observations from some of these literatures have

shown that the subject matter is yet unsettle and hence the need for this study.

1. 3 Research Questions

The problem of this research is to establish a logical research questions using these four

variables to form a bases of this study as follows:

8
 To what extent does the application of the following internal audit function combats

fraud risk in Nigeria banking sector:

1. Data-mining tool?

2. Proactive function?

3. Ongoing function?

4. Interactive function?

1.4 Objective of the Study

The main objective of this study is to broadly test the potentials of the application of

internal audit function in the combating of fraud risk in banks. The following specific

objectives were considered.

To determine the extent to which the following internal audit function

variables are perceived to combat fraud risk in banks:

1. Data-mining tool,

2. Proactive function,

3. Ongoing function,

4. Interactive function.

1.5 Hypotheses of the Study

The following hypotheses have been formulated based on the research questions.

There is a significant difference in the perception of internal auditors, fraud

auditors and accountants on the question of whether:

H01: Application of internal audit data mining tool is a significant factor in the

management of fraud risk in Nigerian banks,

9
H02: Application of internal audit proactive function significantly combats fraud risk in

Nigerian banks,

H03: Application of internal audit ongoing function is statistically significant in

combating fraud risk in Nigerian banks,

H04: Application of internal audit interactive function is significant in combating fraud

risk in Nigerian banks.

1.6 Significance of the Study

The major significance of this research work is that it will share light on internal Audit

function variables that impinge on the management of fraud risk in banks.

Other areas where the study will be significance are as follows:

This study will benefit companies and organizations because it will provide how to

increase the efficiency of internal audit function in fraud risk management procedures

and increase projects success and help the organizations to realize her main objectives.

Proper fraud risk management will save the organizations from financial crises that will

ultimately result in entity collapse. High profile corporate failures in recent years have

focused significant public and regulatory interest on corporate fraud (Coram Ferguson

and Moreney, 2011). Thus application of internal audit function in fraud risk

management “adds values through improving the control and monitoring environment

within organizations to detect fraud” (Coran et al, 2011)

Government also has interest in the financial reporting of an organization because of

taxes paid to her by organizations. Thus when organizations continuously make

fraudulent financial reports and declare no profit to pay tax, the government loses
10
millions of money. Corporate taxes paid to the government increase as organizations

work to reduce the incidence of fraud through the application of internal audit activity

and these contribute to the profitability of the organizations, (Burnaly, Howe &

Muehimnn, 2012).

Researchers in the field of the study will also find it useful as a reference point in

considering that application of internal audit function in fraud risk management is among,

the least scientifically studied topics in management research, this study, will above all

advance and stimulate more scientific interest in the area. The findings will share light on

application of internal audit function in fraud risk management in various organizations.

It will also be a springboard from which other researchers will generate future research

on application of internal audit function, and will suggest direction for such studies.

To the general public, this study will also benefit in various ways. If corporation‟s fraud

risks management is properly taken care of through the application of internal audit

function, the financial strength of the organizations would be evident through the

mandatory reporting in terms of dividends. Expansions and the consequent more

employment are also made possible in profitability of a company that pays dividends to

the public investors.

Finally, this study will improve the professional value of accountants, the auditors

(External and Internal) generally. Litigations against auditors have increased and

multimillion dollar used for settlement globally (Sonnier, Lasser & Lasser, 2012). These

have affected the work of the external financial statement auditors (Curam et al, 2011).

The credibility of the external auditors report is complemented by the effectiveness of the

application of internal audit function especially in fraud risk management. Both values of
11
the auditors are improved in a complementary proper management of fraud risk

management in an organization. Internal audit function is an important governance

structure within an organization. Therefore the results of this study will give credence to

the application of internal audit function in fraud risk management which will ameliorate

the corporate governance and improve the image of the auditors in financial reporting and

restore investor confidence globally.

1.7 Delimitations of the Study

Delimitation of the study has to do with the extent of the content, coverage of the study

and not geographical area coverage (Uzoagulu, 1998).

Thus this study was delimited to the study of application of internal audit function in

Fraud Risk Management, to ascertain how it combats fraud in banks.

The research covered banking sector and their internal auditors, fraud auditors and

selected accountants in the industry

The study was also delimited to the study of how the application of internal audit

function includes: data-mining tool, proactive function, ongoing function, and interactive

function to combats fraud risk in banks. The study did not include every firm in Nigeria

but was focused only on banking sector.

12
 CHAPTER TWO

REVIEW OF RELATED LITERATURE

2.1 Conceptual Frame work

2.1.1 Internal Audit

A background opinion was put forward concerning internal audit by (Brink & Cashin,

1958), that internal audit emerged as a special segment of the broad field of accounting,

utilizing the basic techniques and method of auditing. They, accepted the fact that the

public accountants and internal auditor by using many of the same techniques leads to a

mistaken assumption that there is little difference in the work or in ultimate objectives.

The internal auditor, like any audit, is concerned with the investigation of the validity of

representation, but in his case the representations‟ with which he is concerned cover a

much wider range and have to do with many matters where the relationship to accounts is

often somewhat remote. In addition, the internal auditor, being a company man, has a

more vital interest in all types of company operations and its quite mutually more deeply

interested in helping to make those operations as profitable as possible. Thus to a greater

extent, management services come to influence this thinking and general approach (Brink

& Cashin, 1958).

A wider definition of internal audit came in 1971, 1981 and 1990 after revising the

statement of responsibilities by the Institute of Internal Auditors (11A). The standard

contained the following definition and objectives that “Internal auditing is an independent

appraisal activity established within an organization as a service to the organization. It is

a control which functions by examining and evaluating the adequacy and effectiveness of

13
other controls. The objective of the internal auditing is to assist members of the

organization in the effective discharge of their responsibilities‟.

To this end, internal audit furnishes them with analysis, appraisal,

recommendations, counsel and information concerning the activities reviewed.

Therefore, the audit objective includes promoting effective control at reasonable

cost.

2.1.2 Internal Audit Function

The Institute of Internal Auditors (11A) officially adopted a globally accepted new

definition of the internal audit function. This has become the most globally acceptable

definition of internal audit function that gave the conceptual framework of our research.

“Internal Audit function is an independent, objective assurance and consulting activity

designed to add value and improve an organization‟s operations. It helps an organization

accomplish its objectives by bringing a systematic, disciplined approach to evaluate and

improve the effectiveness of risk management, control and governance processes” (11A,

2000, Karagiorgos.,Drogalis., Christodoulou & Pazarskil, 2004).

Also, (Basel Committee, 2012) defined internal audit function as regards financial

institution as an independent assessment function that carries out objective assurance

activity that is meant to add value and improve corporation‟s operations. The internal

audit function helps the financial corporation to attain its objectives by bringing in a

systematic and disciplined approach in order to evaluate and improve the effectiveness of

fraud risk management processes and internal control systems including controls of

financial reporting, corporate governance, and, within this generality, includes compliance

with the law, directives of the supervisory, ethical probity, economy and efficiency.

14
This revised definition clearly changes the internal audit function from involving

assurance activities to value added activities (Nagy and Cenker, 2002). By this definition

(Nagy & Cenker, 2002) suggests that internal audit function has proactive and interactive

role with other key corporate governance players within the organization such as board of

directors and executive management on the issues of risk, control and governance with

the ultimate purpose to strengthen the organization (Bou –Raad 2000; Ebaid 2011; Julien

& Richards 2008). Although the internal audit continues to have an internal controls

focus, yet its function appears to be evolving from compliance to a more consultative

function and fraud risk management (Bou-Raad, 2000; Ernst & Young, 2008).

The institute of internal auditors (IIA) in international professional practice framework

(IPPF) indicated that internal audit function plays a crucial role in the ongoing

maintenance and assessment of a corporation‟s internal control, risk management and

governance systems and processes where authorities have keen interest.

Furthermore, internal auditors use risk based approaches to determine their respective

work plans and actions. Internal audit function has a different mandate and is responsible

for their own judgments and assessments in identifying fraud risks according to the

stipulations of IIA in IPPF. It is also the internal audit function that has the mandate to

develop an independent and informed idea of the risks that are eminent in the corporation

based on their access to all records and data, their enquiries, and their professional

competence. According to (IIA in IPPF), internal audit function should be able to discuss

their views, findings and recommendations directly with the audit committee and the

board of directors.

15
New York Stock Exchange (NYSE) in its listed company Manual rule 303 A.07

suggested that each listed company must have an internal audit function to provide

management and the audit committee with ongoing assessment of the listed company risk

management processes and system of internal control (NYSE, 2003).

It was stated in (KPMC, 2004) that internal audit functions in fraud risk management

should apply data-mining tools. Further, (Burnaby, Howe and Muchlman, 2012) stated

that internal audit functions will have to include data mining tools, while the Institute of

Internal Auditors 11A‟s competence frame work states that proactive function is required

in internal audit fraud risk management.

It is evident from these new definitions that internal audit function has shifted from

assurance services provider to providing assistance and support to management in

exercising its duties. The survey made by (Ernst & Young, 2008) in internal audit

function supports the changing role of internal audit function with increasing focus on

monitoring high-risk and operational areas in organizations to better support the

management and business process owners.

2.1.3 Characteristics of Internal Audit function in Fraud Risk Management

Characteristics are the distinguishing, features or functions of a concept. In other words,

the characteristics of internal audit function in fraud risk management are distinct

function of internal audit in combating fraud risk. These characteristics of internal audit

functions in fraud risk management are:

Independence: Independence of internal audit function in fraud risk management was

described in (ICEW; IIA, 2011) as the freedom from conditions that threaten the ability
16
of the internal audit activity to carry out internal audit responsibility in an unbiased

manner. Internal audit is an independent function that supports the organization‟s

business objectives and evaluates the effectiveness of fraud risk management, control,

and governance processes. Its threats to objectivity must be managed at the individual

audit engagement, functional, and organizational levels. The member of management

responsible for the internal audit function is the Chief Audit Executive (CAE) and should

have no responsibility for operating the system of internal control and should report

functionally to the audit committee. The Institute of Internal Auditors stated that the audit

plan established by the head of internal audit function, that is the (CAE), and approved by

the board of directors, the internal audit function must be able to perform its assignments

on its own initiative in all areas of the organizations‟ fraud risk management.

The internal audit function must be free to report its findings and assessments internally

through understandable reporting lines. The head of the internal audit (CAE) should

demonstrate appropriate leadership with such necessary skills to accomplish the required

responsibility for maintaining the function‟s independence.

The (IIA) made it clear that the internal audit function should not be involved in

designing, selecting, implementing or operating specific internal control systems. All the

same, the (IIA) agrees that the independence of the internal audit function should not

prevent the senior management of the organization from demanding input from internal

audit on matters related to fraud risk and internal controls.

Furthermore, (IIA) explained that the independence of the internal audit function may be

undermined if the internal audit staff‟s salary is linked to the financial performance of the

business operations as they carry out internal audit functions. In other words, the

remunerations of the head of the internal audit function should be masterminded in

17
accordance with the remuneration policies and practices obtained in all the organization.

Therefore, the remunerations to reward the effective performance of the internal audit

head (CAE) should be structured to avoid causing conflicts of interest and confusion and

thereby compromising independence.

Objectives and Ethics: Internal auditors should remain objective in the fraud risk

management, which means they should perform their assignment free from bias and

interferences. Objective is an unbiased mental attitude that allows internal auditors to

perform engagements in such a manner that they believe in their work product and that

no quality compromises are made (ICAEW). Objective includes that Chief Audit

Executive CAE and all internal audit professional staff should avoid any conflicts of

interest.

Institute 0f Chartered Accountants of England and Wales (ICAEW) was of the opinion

that continuously performing similar tasks and routine jobs can negatively affect an

individual internal auditor‟s capacity for critical judgment because of possible loss of

professional objectivity. The sound practice in order not to mar the objectivity of the

internal audit is that whenever practicable and without jeopardizing competence and

expertise, to periodically rotate internal audit staff within the internal audit function. In

addition, the organization can rotate staff from other functional areas of the business to

the internal audit function or from the internal audit function to other functional areas of

the organization. Staff rotations within the internal audit function and staff rotation to and

from internal audit function should be guided and conducted in accordance with a sound

written policy. At the same time, the policy should be designed to avoid conflicts of

interests and also a critical observation of the period individual stays and returns to the

former internal audit activities.

18
Further, ethics is another important area that is considered in internal audit function in

banks as stated in (Basel Committee, 2012). Therefore a code of ethics is necessary and

appropriate for the profession of internal audit founded as it is on the trust placed on its

objective assurance about governance, fraud risk management, and control. It has

principles that are relevant to the profession and practice of internal audit, IIA CODE OF

ETHICS.

Professional competence and Due Care:

Professional competence, include the knowledge and experience of each internal auditor

and of internal auditor collectively that is essential to the effectiveness of internal audit

function. Professional competence was defined as the ability of an individual to perform a

job or task properly, being a set of defined, skills, and behavior. Professional competence

has a framework that provides a structured guide that enables the identification,

evaluation, and development of required competence in individual internal auditors (IIA,

Competence Framework).

There is the need of professional competence of those individuals involved in planning

and conducting internal audits. Apart from the Bassel Statement on internal audit

professional competence in risk management, ISO 19011 identified three components of

professional competence as personal behaviour, auditing knowledge and skills, technical

knowledge and skills. Therefore, the internal auditors need to have the appropriate

knowledge and skills in all three of these areas. There are also other considerations stated

by ISO 19011 that makes the work easy. These are: that the nature of the organizations,

or the activities, that to be audited should be considered, the type, nature and the

complexity of the audit to be performed, the size and the composition of the audit team,

19
the role of the auditor and the nature of his audit assignment and any specific

requirements imposed by external parties (IIA, 2011)

There are individual professional competence requirements and group requirements. Both

individual and group requirements are stated in International Professional Practice

Framework (IPPF) guidance and should be known and mastered by internal auditors in

order for them to be able to carry their work effectively. The IPPF consisted of the

definition of internal auditing, a code of conduct, International Standards for the

professional Practice of Internal Auditing and various practice advisory. These are what

provide guidance on proficiency and skill requirements for internal auditors (IIA, 2011).

The specific skills and competence requirements taken from mandatory guidance

documents include adding value, risk analysis and interpretation and integrity,

objectivity, and confidentiality (IIA, 2011; Plant, Coezee & Fourie, 2014).

Professional competence depends on the internal auditor‟s capacity to collect and

understand information, to examine and evaluate audit evidence and to communicate to

the stakeholders of the internal audit function. Therefore, this should be combined with

suitable methodologies and tools and sufficient knowledge of auditing techniques.

Further, the head of internal audit function, (CAE) is the person responsible for acquiring

human resources with sufficient qualifications and skills to effectively deliver on the

mandate for professional competence, and to audit to the required level. The CAE should

continually access and monitor the skills necessary to carry out the work. The necessary

skills required for senior internal auditors should be the ability to judge outcomes and

make an impact at the highest level of the organization.

20
Finally, the internal audit function in fraud risk must have to apply the necessary care and

skills expected of a reasonable prudent and competent professional. However, due

professional care does not imply infallibility. Therefore, internal auditors in internal audit

function in fraud risk having a limited competence and experience in a particular area

should be guided by a more experienced internal auditor (11A, 2000,

Karagiorgos.,Drogalis., Christodoulou & Pazarskil, 2004; Basel Committee, 2012).

Internal Audit charter: Internal audit charter is a formal document that defines the

internal audit activity, purpose, authority, and responsibility in an organization. There

should be an internal audit charter that describes the purposes, authority, and

responsibility of the internal audit function in fraud risk management. An audit charter

should include the followings: a) the objectives and scope of internal audit function; b)

the internal audit functions management reporting position within the organization as

well as its authority and responsibilities; c) the responsibility and accountability of CAE;

and, d) the internal audit function‟s responsibility to evaluate the effectiveness of the

institution‟s fraud risk management.

The main mission of the internal audit function in fraud risk management is to provide

independence, objective assurance and consulting services not just in fraud risk control

but also to add value in organizations. These are achieved by bringing a systematic,

disciplined approach to evaluate and improve the effectiveness of risk management,

control, and governance processes. Therefore, the scope of work of the organizations

internal audit function in risk management is to determine whether the governance, risk

management, and control processes of the corporation, as designed to cover the entire

management are complete and whether they are functioning in a way that provide some

21
level of confidence regarding some of the followings: a) whether significant key risks are

appropriately identified and managed, b) whether significant financial, managerial, and

operating information is accurate, c) whether employee actions are in compliance with

policies, standards, procedures and applicable laws and regulations, d) whether resources

are acquired economically, used efficiently, and guided properly, e) whether

corporation‟s agendas, plans and objectives are achieved, f) whether quality and

continuous improvements in risk control are really fostered in the organization control

processes, g) whether significant regulatory issues that improves internal audit are

recognized and addressed properly, and whether the internal audit function apply and

uphold the principles of integrity, objectivity, confidentiality, and competence as required

by the Institute of Internal Auditors Code of Ethics (IIA, 2007; IIA, 2009; AICPA, 2009;

ACFE, 2009; Basel Committee, 2012).

2.2.1 The Four Predicted Application Variables for Fraud Risk Management.

-Data- mining Tool, (see Burnaby et al, 2013; Cook & Clement, 2009; KPMG, 2006;

Ernst & Young, 2011; IIA Global Technology Audit Guide, 2009; IIA Data Mining 101,

2013).

-Proactive function, (Ernest & Young, 2011; Bullen, 1995; PWC, 2014; Fabiani &

Smith, 2014; Stein & Crawford, 2015; Pacini, 2001; Ernest & Young, 2010;

Kuenkaikaew & Rutgers, 2013; KPMG, 2016).

-Ongoing function, (ISPPIA, 2012; KPMG, 2006; PWC, 2003; KPMG, 2016; Coderre,

2005; Aquinot, Kaya & Erdem, 2014; Eden & Morriah, 1996; Ernst & Young, 2012).

-Interactive function, (Hitchinson & Mazlina, 2009; Bou-Read, 2000; Daugher, Parker

& Garry, 2015; Ernest & Young, 2008; PWC, 2017; Dardevic & Dukic, 2015).

22
2.2.2 Data Mining Tool.

Data mining tool generally was defined as a technique, for searching large-scaled

databases for pertains that are used mainly to find previously unknown correlations

between variables that may be commercially useful, (Wiktionary). Research suggests that

internal auditors‟ application of data mining includes business intelligence, as an

effective tool in fraud risk management, (Burnaby et al, 2013). In their research, Cook &

Clement 2009) stated that there is a lack of use of the best tools that are available in fraud

detection and hope that internal auditors would develop the skills necessary to continue

the fight against fraud by applying the business intelligence.

A statement made in the 11A Global Technology Audit Guide, was that fraud prevention

and detection is required in an automated world. This stated that the application of this

tool should be a fulfillment of the Global Technological Audit Guide requirements by the

internal audit function as a tool required that allows the internal auditor the use of IT as a

detective control and a monitoring technique in fraud risk management. Thus data

analysis technology allows internal auditors to examine data for indications of fraud

(11A, 2009b).

An observation made in (11A Data mining 10, 2013) was that application of data mining

tool automates the detection of relevant patterns in a data base. This is achieved by using

defined approaches and algorithms to look into current and historical data that can then

be analyzed to predict future trends. The application of data mining tool in fraud risk is

said to predict future trends and behaviour by trading through database for hidden

patterns. This allows organizations to make proactive knowledge driven decisions and

answer questions that were previously too time-consuming to resolve.

23
Data analytics is defend by (KPMC, 2002) as an analytical process by which insights are

extracted from operations, financial, and other forms of electronic data, internal or

external by the organization. These insights can be historical, real-time, or predictive and

can also be risk-focused.

It was also stated by Witten & Drank as in (Ghanbari & Einakian, 2014) that data mining

tool is the process of discovering patterns in data. The process must be automatic or more

usually semi-automatic. The patterns discovered must be meaningful in that they lead to

some advantage.

For effective fraud risk management, internal audit has to operate in a very dynamic

environment and acquire the ability to adapt and be responsive to change, combined with

the ability to leverage insight on the risk impacting the organization, (11A, WIPO, 2014).

There are common applications of data mining tool in an internal audit function in fraud

risk management. These applications are grouped as macro-and sustained micro-level

analytics for quantitative based risk assessment for audit planning purposes, macro-and

sustained micro-level analytics for control testing and/or compliance auditing such as

optimizing in a repeatable and sustainable process that matures to a continuous auditing

and continuous monitoring process, (KPMG, 2014; Burnaby et al, 2013),

More Literatures show that these techniques could be used for fraud risk management by

internal audit function. Among these are statistical techniques or tools suggested by

(Taylor, 2011), while artificial intelligence was put forward by (11A, 2013; Burnaby et

al, 2013; Wikipedia, 2014). These authors suggested that they could be applied in internal

audit function in fraud management as data preprocessing techniques for detection,

validation, error correction, and filling up of missing or incorrect data. It could be used

for calculation of various statistical parameters such as averages, performance metrics,

24
probability distributions, and so on, (Ghanbari & Einakian, 2014). Other uses to which

they could be applied in fraud detections are as: a) models and probability distribution of

various business activities either in terms of various parameters or probability

distribution, (Durtschi., Hilson & Pacini, 2004), b) clustering and classification that are

applied to find pattern and associations among groups of data (Ghanbari & Einakian,

2014), c) matching algorithms that are used to detect anomalies in the behavior of

transaction or users as compared to previously known models and profiles.

Further, artificial intelligence in is part of data mining tools that could be used by internal

audit function for fraud risk management as suggested by (Tarlor, 2011, Burnaby et al,

2012). In these authors‟ opinion they can be applied as follows:

a) Data mining is used for classification such as cluster used to segment the data and

automatically find associations and rules in the data that signify interesting

patterns, including those related to fraud.

b) Artificial neural networks which are software system that are based on processes of

learning and remembering. They are used in classification such as a methodology

developed for discriminating between two things based on similarities (Tarloy,

2011; 11A, 2014)

c) Expert systems: this is used to encode expertise for detecting fraud in the form of

rules.

d) Pattern recognition: These are used to detect approximate classes, clusters, or

patterns of suspicious behavior, either automatically or to match given inputs.

e) Machine learning techniques: This helps to automatically identify characteristics of

fraud (Tarlor, 2011).

25
f) Link analysis: Link analysis is used to reveal underlying patterns hidden in a large

data sets (Taylor, 2011; Thuruvad & Patel 2011; Wikipedia, 2014).

g) Audit interrogation tools: Audit interrogation tools can be used to highlight fraud,

data anomalies, and patterns (Coderre, 1999).

h) Decision Trees: The core technology of decision tree tools are machine learning

algorithms which automate the process of segmenting important features and ranges

hidden in a data base. They are used to predict the probability of crime (Taylor, 2011;

Thiruval & Patel, 2011).

2.2.3 Proactive Function

Proactive has been defined by dictionary as an, anticipation, forward-looking to deal with

an expected change or difficulty. It is dealing with a problem as it props up. It is a way to

prevent future problems.

The general functions of internal auditors is seen as that of identifying errors that have

already occurred and reviewing procedures that are already in place. This after the fact”

audit function does have its place. However, “future issues must also be addressed.

Bullen, (1995) was of the opinion that by adopting a proactive approach internal audit

function can directly address the causes of weakness that expose corporations to loss by

fraud and theft and make impact.

Proper fraud risk management demands that internal audit adapt a proactive measure to

combat fraud. This could be possible by implementing the set fraud risk framework to

prevent and detect fraudulent and suspicious activities from all carders‟ of management.

Internal audit function needs to let the employers and other stakeholders be aware that

fraud is taken very serious in the organization and therefore cannot be tolerated at any

level of management, (PWC, 2014).

26
Fraud control using proactive function requires the implementation of a number of key

control strategies which contribute to an effective fraud control. The framework must

have fraud detection that includes strategies to discover fraud as soon as possible. This

should also, have fraud prevention strategies that was designed to prevent the occurrences

of fraud from the start or to discover fraud as early as possible as it occurred. Also, fraud

monitoring is one of the strategies that provide assurance that combined efforts are being

accomplished in proactive function. Promoting accountability is also needed by providing

information that demonstrates compliance with a specific fraud control strategies in the

organization. Proactive is also required in fraud response which includes systems and

processes that assist an entity to respond appropriately to an alleged fraud when it is

found out, (Fabiani & Smith, 2014).

However, the changing role of internal audit to more proactive corporate role demands

some independence. Monitoring internal audit independence is one of the numbers of

critical factors. Lack of independence will compromise the work of internal audit

proactive function. This will ensure that the Chief internal auditor do not report to the

lower management level but to the required higher level of management. It is then

expected that if internal audit becomes more proactive in fraud risk management matters,

then there may be an expectation that the external audit can provide comfort about the

effectiveness of risk management system, (Stein & Crawford, 2015).

Also internal audit proactive function in fraud risk control is not only concerned in

stereotype kind of fraud detection but extends its function to improve the company‟s

profile, (Ernst & Young, 2011; Stein & Crawford, 2015; KPMG, 2006). They stated that

a proactive function of internal audit function focus on the most value-added activity

such as participating and reporting in such matters that do not directly involve money
27
transaction. In this, the proactive work includes audit of non-financial information and

the controls surrounding the production of such information. Among such are: (a)

sustainability reporting where corporations are challenged with several issues to comply

with in such complex sustainability standards. This could emerge especially where there

is an increasing concern about the reliability of the information contained in the

sustainability reporting. Internal audit gets involved as the sustainability moves up the

audit committee agenda, internal audit takes a leading function in validating the

information submitted for sustainability reports; (b) Another is reporting on issues not

involving money directly such as press releases, data on key operational performance

metrics and earning guidance. In this, the audit committee should decide with the

management on what are the few key performance indicators that reveals the long-term

value of the corporation. They should ensure on how the management communicates

them to the market. Thus the internal audit proactive role is providing the audit

committee with assessment of the quality of the processes and controls used to generate

this information; (c) a more focused role in the risk process as a result that risk

management has become management priority. Thus internal audit function is now more

focused on auditing the risk processes and acting as a risk catalyst such as leveraging its

holistic perspective on the corporation‟s key risks to initiate and influence the

management discussions at the management level. Internal auditors are participating in

project management office role on risk committees. They are bringing together various

risk functions in the same place to ensure that parties are organised and that these parties

are capturing key risks in the management line – this is also called managing the risk

identification process.

28
There is also the role of ensuring that risk analysis is dynamic and in this the internal

audit proactive function raise such complex issues regarding how the corporation‟s

evolving business model affects its risk profile. At this the internal audit function need to

challenge the audit committee individuals to leverage their experience to think about

business model changes and how they could introduce new fraud risk management.

Other proactive function of internal audit in fraud risk management is a sharper focus on

emerging risks. Here, emerging matters as innovations in information technology IT,

such as cloud computing, the explosion of social media and mobile computing, have

introduced a major business risks for corporations. In short, a recent Ernst & Young

survey on this found that 60% of respondents perceived an increase on the level of fraud

risk they face due to the increase of social networking, cloud computing and personal

devices in the organization. Internal audit in its function is playing a significant role in

testing corporation‟s IT systems and that of staff. The summery of the survey in (Ernst &

Young, 2010) was that there is a tremendous amount of fraud risk associated with

corporation‟s wide systems implementation. In other words, internal audit should have a

seat at the table from the beginning to help identify the risks and to provide controls

consultations. The areas where proactive functions are required are; major new products

risks, international operations and corruption, business continuity, and crisis

management, contractor due diligence, a greater advisory role in governance matters

such as getting involvement in corporate governances, examination of management

decision making process, advising on audit committee effectiveness such as (1)

educating the audit committee (2) helping to shape audit committee charters and agenda

(3) guiding executive on the state of audit committee. (Ernest & Young, 2011; Bullen,

29
1995; PWC, 2014; Fabiani & Smith, 2014; Stein & Crawford, 2015; Pacini, 2001; Ernest

& Young, 2010; Kuenkaikaew & Rutgers, 2013; KPMG, 2016).

2.2.4 Ongoing Function

The word ongoing was defined as without break, cessation or interruption and without

intervening time. International Standard for the Professional Practice of Internal Auditing

(ISPPIA) suggests an ongoing internal audit function. Thus internal audit is encouraged

to initiate a formal ongoing monitoring practice as part of the functions in risk

management. It was stated by (Malaescu & Sutton, 2013), that it is a response to the

increased demand for timely and assurance over the effectiveness of risk management

and control systems and companies are moving towards a more automated control

environment through the implementation of ongoing modules. Ongoing monitoring

encompasses the process that management puts in place to ensure that the policies,

procedures and business processes are operating effectively. This involves intelligent and

efficient continuous testing of controls and risks that result in timely notification of gaps

and weaknesses to allow immediate follow up and remediation. It also ensures that

instances of error and fraud are typically significantly reduced, operational efficiency

increased, and that bottom line results are through a combination cost savings and a

reduction in over payments and revenue linkages, (Coderre, 2005; Aquinot, Kaya,

Neshihan & Tez, 2014).

In adaption of this approach, (Aquinot et al, 2014) opined that it will help the internal

auditors to develop a better understanding of the business environment and the key risks

to the company to support compliance and drive business performance. They also said

that, business suffer from fraud due to either loose or lack of internal control systems.

30
Establishing a fully operating internal control is a challenge task for every level of the

hierarchy within the organization since it requires internal audit function to closely

monitor every monetary and non-monetary transaction. It is one of the strategic ways to

deal with fraud risks effectively.

It was agreed by (ISPPIA; Coderre, 2005; KPMG, 2016), that internal audit ongoing

function should include a continuous monitoring of controls by management to be at the

core of effective assurance strategies. Internal auditors will still ensure that

management‟s activities are adequate and effective. The ongoing assurance framework is

one of a combination of the activities performed by internal audit to independently

evaluate: the state of the controls, risk management within the organization, and

assessment of the management monitoring. It also includes regular risk assessment that

ensures all activities on the control risk continuum. Here, (Coderre et al, 2005), stated

that technology plays a key role in automating the identification of exceptions and

anomalies, analysis of patterns within the digits of key numeric fields, analysis of trends,

detailed transaction analysis against cut-offs and testing of controls.

Further, it includes risk assessment that identifies and assesses the levels of risk. Ongoing

risk assessment identifies and assesses risk by examining trends and comparisons within

a single process, as compared to its own past performance, and against other processes

operating within the organization.

The ISPPIA stated that some of the following should be part of an ongoing internal audit

function. (a) There should be an assessment processes to support adjustments to the audit

plan as they occur. ISPPIA stated that an effective ongoing monitoring can be conducted

by an assigned group or individual internal auditor in fraud control. An effective ongoing

31
process should include written standards to ensure consistent application of processes

throughout the organization. This exercise should include results that should be

documented through a combination of: periodic audit summaries, reporting, updated risk

assessments. This is to substantiate that the process is operating as designed by the audit

committee, and this has to communicate the critical issues identified through the

monitoring processes.

Internal audit ongoing process should also include performance that should be

documented in details in audit manual. According to (11A), the following should be

considered in their performance. (1) Internal Audit Scope: this scope includes that during

the audit planning process the internal audit function has to analyze the auditable entity‟s

specific risks, mitigating controls, and level of residual risk. Also, information gathered

during the audit phase should be used to determine the scope and specific audit steps that

should be carried out to test the adequacy of the design and the operating effectiveness of

the ongoing function.

(2) Internal Audit Work Papers: This is the documentations of the actual work performed,

observed, analyzed and carried out. It is also a support for the conclusions of the audit

results. The document should contain sufficient information regarding any scope or

modification and waiver of issues not included in the final report.

(2) Audit Report: Ongoing monitoring internal audit function should have an effective

process to ensure that issues are communicated throughout the entity such that issues are

addressed timely. The audit report should include management‟s action to address any

audit findings for the moment.

32
(3) Internal Audit Issue Tracking: Ongoing process of internal audit function in fraud risk

management should also have effective processes to track and monitor open audit issues.

Internal audit function should discuss and agree with the management on the level of

work completed. Any work to close on issue of risk should be validated. Also, on higher

risk issues, internal audit should perform and document substantive testing to validate

that the issue has been resolved.

In their own opinion, (KPMG, 2006 and PWC 2003) suggested that ongoing process of

internal audit function has the following four components that could be included in

addressing fraud risk and these are: assessment, design, implementation and evaluation.

2.2.5 Interactive Function

Internal audit interactive function is where the audit function goes with the other key

corporate governance players within the organization (i.e board of directors, senior

management, audit committee, Chief audit executive CAE, External auditors), on the

issue of fraud risk control. Within this, the internal audit function continues to have an

internal controls focus which shifts its functions to evolve from compliance to a more

interactive function (Bou-Raad 200; Ernst & Young 2008). The institute of the Internal

Auditors (11A) includes that every internal auditor (1A) who belong to 11A members

have to adhere to the mandatory guidance within International Professional Practice

Framework (IPPF), 11A‟s Code of ethics and the International Standard for the

Professional Practice of Internal Auditors (ISPPIA) on relation with corporate

governance for effective function in fraud risk control.

Internal audit involvement correlates with more effective management of organizations

fraud risk. This reveals a correlation between the involvement of internal audit function

and overall business performance in response to fraud risk, digital innovation, financial
33
challenges, culture and compensation change. Interactive function also includes the role

and responsibility of the audit board, management and committee as a primary

responsibility participant in this process. The internal audit interactive function provides

support and security to the board of directors and management to ensure that the

likelihood of fraud is minimized.

The purpose why interactive function is included in fraud risk control was made known

by (Dardevic & Dukic, 2015), they said that all employees in the organization regardless

of their hierarchical level as well as persons outside the management commit fraud. In

other words, sometimes fraud is committed to preserve workplace, achieve a prestigious

position and advance in career. Therefore, fraud control should also involve senior

management, Chief audit executive and external auditors in an organization. Some of

these fraud scenarios might be installed by a proper establishment of an adequate

interactive internal audit fraud risk control processes.

- The interactive function with the board of directors and the senior management:

It is the duty of the board of directors to ensure that senior management establishes and

maintain an adequate, effective and efficient internal system within the organization. The

board should also support and work with the internal audit function to discharge their

duties effectively. Some of the interactive functions with the board are: (a) At least once a

year, the board should review the effectiveness and efficiency of the controls based on

the information provided by internal audit function. There should be a review of

performance of internal audit function and independent external quality assurance review

of internal audit function. (b) Senior management should assists to develop the

framework that identify, measures, monitors and controls all risks faced by the

organisation within which the internal audit functions. (c) They are also to ensure that
34
actions are taken in all findings and recommendations. (d) Senior management interacts

with the IAF by informing the internal audit function of the new developments, initiatives

of projects, products and operational changes and all the associated risks and finally, they

are also to ensure that internal audit function has sufficient resources to carry out its

planned and scope of functions.

-Interactive Function with Audit Committee

The audit committee oversees the internal audit function. Audit committee is responsible

for establishing an appropriate internal audit function and its effective operations. The

audit committee provides oversight to the internal audit function. The audit meetings

should be held four times a year at a minimum as provided by 11A guideline. Annually,

audit committee should review and approve internal audit‟s charter, budgets and staffing

levels and the audit plan and the overall risk-assessment.

In other words, the audit committee and its chairperson should have an ongoing

interaction with the Chief Audit Executive CAE from formally agreed meetings to remain

current on any internal audit function concerns.

The Institute of Chartered Accounts of England and Wales (ICAEW, 2004) stated that the

interaction of audit committee with the internal audit function requires some of these; a)

Check and monitor and review the effectiveness of internal audit function; b) Audit

results with a focus on areas rated less than satisfactory; c) Ensure that there is audit plan

completion status and compliance with report issuance; d) Communicate audits plan

changes, including the rationale for significant changes; e) Discuss the audits issue

information ie Share information on higher-risk issues indicating the potential impact,

root cause and remediation status; e) Get results of internal and external quality assurance

35
reviews; f) Drop Information on significant industry and institution trends in fraud risk

controls and reporting of significant changes in audit staffing.

-Interactive function with the Chief Audits Executive CAE:

The CAE is responsible for the development and maintenance of a quality assurance and

improvement program that covers all aspects of internal audit activity, and for

continuously monitoring the effectiveness of the audit function. The CAE works with and

effectively manage and monitor all aspects of audit work on an ongoing basis. Internal

audit ongoing function had earlier been stated to include risk assessment of audit entities

and elements, scope documents, audit programs, detailed audit procedures and steps and

work papers, audit finding, and monitoring of the timely and effective resolution of audit

issues. It is the duty of the chief audit executive to ensure that work rules are judiciously

adhered to.

-Interactive Function with Statutory Auditors.

Interaction between IAF and Statutory auditors exits. Even though internal audit and

statutory audit have different remits, statutory auditors have a legal obligation to report to

the shareholders on the public financial statement and their focus, therefore, is on the

historic financial data. But, to fulfill this obligation, they require a good understanding of

the internal financial controls that lead to the preparation of the financial statements. In

that respect, statutory auditing and internal audit function are complementary, and

synergies exist between their activities. But overlaps or gaps in their work programmer

may arise from a lack of coordination.

However 11A‟s International standards require that the chief audit executive shares

information and coordinates activities with the statutory auditors to ensure that every

aspect of the organization is covered and that there is a minimum of duplication of effort
36
of internal audit function IAF. Therefore, statutory auditors should exchange information

frequently on the scope of the audit, the audit approach and the findings. Sometimes the

audit committee should challenge these arrangements and assumptions. Their respective

plans should be coordinated to ensure the best possible value in audit coverage while

respecting the legal obligations of the statutory auditors.

Also, there should be a regular exchange on the results of their work, like sharing the

reports of internal audit function or the management letters of the statutory auditors. All

these will improve the synergy between these two participants in the governance process.

There are similarities in the two functions as enumerated by European Confederation of

Institute of Internal Auditors (ECIIA, 20015). But, the internal auditor is better placed to

provide assurance to the board and the executive management such as: a) Internal audit

function has a permanent presence in the organization and has continuous access to

executive management and the board; b) Internal audit function can adapt its internal

audit plan quickly to the changed strategic objectives of the organization especially in

developments in fraud risk issues ; c) Internal audit function can time its work to the

needs of executive management or to the emergence of fraud risks; d) Internal audit

function‟s scope is much larger than just the risks and internal controls around historical

finical reporting; e) Internal audit function can identify and measure risks associated with

operations before they end up in the financial reporting of the organization; and, f)

Internal audit function can invest time in ensuring that recommendations on fraud risk

management and internal control are actively followed-up.

37
2.3.1 Fraud Risk Management

Fraud risk management is defined as the systematic application of management policies,

procedures and practices to the tasks of establishing the context, and to those of

identifying, evaluating and treating risks (Hodges, 2000).

Anderson and Terp as in (Na Ranong & Phuenngam, 2009), defined fraud risk

management as a process that should seek to eliminate, reduce and control risks, enhance

benefits and avoid detriments from speculative exposures. The main objective of fraud

risk management is to maximize the potential of success and minimize the probability of

future losses. Thus the risk that becomes problematic can negatively affect cost, time,

quality, quantity and whole system performance.

Fraud risk management is an area of paramount importance to any organization. The fact

being that every entity is exposed to risks but an effective fraud risk management is

necessary for the improvement of any business performance (Williams, 2002). The

definition of fraud risk management give by Committee of Sponsoring Organization of

Tradeway Commission (Coso, 2004) say that “…fraud risk management is a process,

affected by an entity‟s board of directors, management and other personnel, applied in

strategy setting and across the enterprise, designed to identify potential events that may

affect the entity and manage risk to be within its risk appetite, to provide reasonable

assurance regarding the achievement of entity objectives”.

Fraud risk management is the process to manage the potential risks by identifying,

analyzing and addressing them. The process can help also to reduce the negative impact

and the emerging opportunities. This outcome help to mitigate the likely hood of risk

occurring and the negative impact when it occurs.

38
From the definition, fraud risk management involves identifying, measuring, monitoring

and controlling risks. It is to establish that those involved should have a clear view of

fraud risk management and fulfill the business operational strategy and objectives.

2.3.2. Fraud Risk Management Framework

Fraud risk management framework circle is an essential element in meeting the corporate

responsibility (PWC, 2013). Developing such a framework is a complex task that

requires an understanding of (SASA No2, 2004) on fraud and corruption control. These

frame work are:

Identify areas of high risk: Identifying high fraud risk areas is the first substantial steps in

dealing with the problem. It should be done before any further analysis and assessment

can be undertaken; b) Access the risks: Once an organization has identified its own risk

areas, there has to be a fraud risk assessment; c) Involve all the staff: Here an electronic

survey tool should be considered. This can be used across the organization, or at business

unit or product-specific level using prevention, detection, response and remedy (Taylor,

2011).

2.3.3 Fraud risk Management of Prevention

These are some of the preventive controls that are designed by internal audit to help

reduce the risk of fraud and misconduct from occurring in the first place (KPMG, 2006;

11A, 209; AICPA ,2009; ACFE, 2009).

-The leadership and governance/Board/Audit committee oversight play this role of

implementation of controls to mitigate the risk of fraud and misconduct. They can

delegate principal oversight for fraud and misconduct risk management to a committee

(audit) with the responsibility (KPMG, 2006). Their duties should include some of the

followings; (1) Reviewing and discussing issues raised during the organization‟s fraud
39
and misconduct risk assessment. (2) Reviewing and discussing with the internal and

external auditors findings on the quality of the organization‟s antifraud programs and

controls. (3) Establishing procedures for the receipt and treatment of questions or

concerns regarding questionable accounting or auditing matters. (4) Senior Management

Oversight which includes that the responsibility for the organizations fraud and

misconduct risk management approach should be shared at senior management level to

ensure that fraud and misconduct controls remain effective and in line with standards.

There should be a high ethics and integrity set by chief executive to influence employee

action.

The chief compliance officer should chair a committee of cross-sectional managers who

shall do the followings: -Coordinate the organization‟s risk assessment efforts; -Establish

policies and standards of acceptable business practices; Oversee the design and

implementation of antifraud programs and controls; Report to the board and/or the audit

committee on the results of the organization‟s fraud risk management activities. Other

departments should also participate in the organization‟s antifraud strategy and oversee

areas of daily operations in which risks arise. (KPMG, 2006; 11A, AICPA, ACFE, 2009).

Other prevention method in internal audit function includes some of these:

-Planning and conducting the evaluation of design and operating effectiveness of

antifraud controls; Assisting in the organizations fraud risk assessment and helping draw

conclusions as to appropriate mitigation strategies and reporting to the audit committee

on internal control; assessment, audits, investigations, and related activities.

- Fraud and misconduct Risk Assessment: There should be a conventional entity-wide

risk assessment, a fraud and misconduct risk assessment to help management understand

the risks that are unique to its business, identify gaps or weakness in control to mitigate
40
those risks, and develop a practical plan for targeting the right resources and control to

reduce risk.

-Code of Conduct: It is the code of conduct that defines the business acceptable unit of

conduct and the overall control culture to all employees. A well designed code of conduct

includes the following. 1) High level endorsement from the organization‟s leadership

underscoring a commitment to integrity. 2) Simple concise and positive language that can

be readily understood by all employee. 3) Topical guidance based on each of the

company‟s major policies or compliance risk. 4) Practical guide on risk based on

recognizable scenarios or hypothetical examples. 5) Virtually inviting formats that

encourage leadership usage and understanding. 6) Ethical decision making tools to assist

employee in making the right choices.

There has to be a designation of reporting channels by employee. These are:

-Employee and Third Party Diligence: An important part of an effective fraud and

misconduct prevention strategy is the use of due diligence in the hiring retention and

promotion of employee agents, vendors and other-third party. Due diligence starts at the

beginning of an employment or business relationship and continues throughout.

2.3.4 Fraud Risk Management of Detection

Detective controls are designed to uncover fraud and misconduct when it occurs (KPMG,

2006; 11A, AICPA, ACFE, 2009).

Mechanism for Seeking Advice and Reporting: To establish a firm detective control,

the oversight and senior management has to provide employees with multiple channels

for reporting fraud and misconduct possibly by alerting their managers or designated

human resources or compliance office. This is normally done through a telephone hotline

made available. A well-designed hotlines typically include the following features. 1) It

41
should always be treated with confidentiality. 2) There should be anonymity towards the

employee who does not want his identity disclosed. 3) The hotline should be available at

any location and should not cost the employee. 4) It should be real time assistance. 5)

Data management procedures:- The hotline operator has to use consistent protocols for

gathering relevant facts and managing the hotline calls. 6) There has to be classification

of financial reporting concerns. 7) The hotline should have audit committee notification.

8) A follow-up on non-notification as to be made to the employee periodically. 9) There

should be a prominent publication of the hotline always as part of the code of conduct of

the organization.

-Auditing and monitoring: Auditing and monitoring systems that are reasonably

designed to detect fraud and misconduct are important tools that management can use to

determine whether the controls are working as intended. The organization should carry

on a depth auditing and monitoring that includes an activities relating to the nature and

degree of the risk involved with highest issues receiving priority treatment.

2.3.5 Fraud Risk Management of Response.

The response controls are set to take corrective action and remedy the harm caused by

fraud and misconduct in an organization. (Taylor, 2011; KPMG, 2006; 11A, ACFE,

AICPA, 2009). These includes; (a) Investigation: Potential fraud may come to the

organisation‟s attention in many ways, including tips from the employees, customers of

vendor, internal audit, process control identification, criteria audits or by accidents. What

matters is that investigation should be performed in accordance with protocols approved

by the board. A consistent process for conducting investigations can help the organization

mitigate losses and manage risks associated with the investigation (11A, ACFE, AICPA,

2009). (b) Conducting the Investigation/Enforcement: The investigation team should

42
establish the investigation tasks and assign each task to the appropriate team members.

Investigation method will normally include some of the following. 1) Interviewing all

concerns externally, and internally; 2)Evidence collection from all internal documents;

3) Evidence collection from all external records; 4) Computer forensic examination;

5) Evidence analysis of the followings: a) Review and categorization of information

collected, b) Computer assisted data analysis, c) developing and testing of hypotheses.

The investigation results should be reported to the proper authority. (c) Corrective

Action: After the investigation had been completed, the organization will need to

determine what action to take in response to the findings. The board, the audit committee

and the external auditors should be notified of the material findings.

The four predicted application variables that this study investigated are
diagrammatically shown below in figure 1
Data mining function
In te rn a l a u d it fu n c tio n

Proactive function

Fraud Risk
Ongoing function Management

Interactive function

Predicted Variables That Are Applicable In Fraud Risk Management (Adopted

From Weitzman, 2014)

2.4 Theoretical Frame Work

2.4.1 Fraud Theory

The views of many criminologist hold that crime cannot be divorced from the society

within which it flourishes and consequently, many of the causes of crime can be
43
attributed primarily to sociological factors such as upbringing and interpersonal

relationship. While some have the view that it is solely the motivation of the individual

which is the relevant factor, showing that we all act alone and it is this which determines

whether or not individual will be tempted into criminal acts (Taylor, 2011; Ramamoorti,

2008).

Another school of thought presented psychology of fraud as three factor, a supply of

motivated offenders, the availability of suitable targets and the absence of capable

guardians-control, systems or someone “to mind the store”, so to speak Cohen and

Fegulson as in (Duffield & Grabosky, 2001). This is consistent with the general

explanation of White Collar Crime as published by (Edwin Sutherland, 1949) that crime

is a choice and variation in crime is produced by variation in opportunities and in

motivation Shower and Bryant as in (Ramamoorti, 2008). This presupposes that criminal

opportunities are presented by those vulnerable environments and opportunistically

interpretable scenario that individuals and groups see as offering attractive potential for

criminal reward with little apparent risk of detection or penalty.

The aggregate rate of white collar crime varies directly with the supply of criminal

opportunities and with the supply of individual and organization with the intensity, and

severity of role enforcement (Shower, 1998). This theory relates that crime cannot be

divorced from the society within which it flourishes. The theory also states that crime is

caused by sociological factors such as up bring and interpersonal relationship. In order

words, business flourishes within this society where fraud also flourishes and is managed

by individuals of various sociological factors that could be motivated by inherent

criminal acts (Taylor, 2011). This makes the understanding that internal audit function

should not presume to divorce the idea of inherent fraud from both the senior and lower
44
management of the organization as they carry out day to day fraud risk management

function. This theory also implies that sometimes organization provides vulnerable

environments and scenarios that are attractive with little risk of detection and penalty.

2.4.2 Fraud Risk Management Theory

These words risk management is a formal part of decision-making processes within

companies traceable to the late 1940 and early 1950‟s. There were two earlier strands of

risk management practice that have more recently been integrated under the broader

concept of enterprise risk management. One of these relate to the management of

financial risks. Financial risk management began, as a formal system, at the same time as

the development of financial derivatives products such as financial futures, option and

swaps. Business continuation management extended the practice of contingency planning

by requiring more comprehensive internal systems.

The corporate responses to the current threats provide a recent example of business

continuation management in action. Both contingency planning and business continuation

management approaches, however, were limited, since they presupposed that strategic

choices had already been made and their role was continued to the effective

implementation of their strategies (Dickinson, 2001; Deleoach, 2000; Doherty, 2000).

Classical decision theory presupposes the risk of a decision alternative in terms of

variation in possible outcomes, in their likelihoods, and in their subjective values Arrow

1965 as in (Benearoch, Lichtenstein & Robinson, 2006). This view considers a decision

maker to be passive in management of fraud risk as it assumes that all alternatives are

given and their features cannot be changed to affect risk. By contrast, according to the

behavioral school‟s view of fraud risk management, decision makers associate fraud risk

management with a probability concept and with the magnitude of a bad outcome (March
45
& Shapira, 1987), but they do not treat uncertainty over positive good outcome as an

important aspect of fraud risk management, Shapira as in (Benaroch et al ,2006).

Moreover, bringing fraud risk under controls; is seen as entailing the active mastering of

the environmental, for example, by negotiating uncertainty involving contracts or by

delaying decisions, MacCrimmon & Weh Rung as in (Benaroch et al, 2006). The real

option view sees fraud risk management to be a proactive process aimed at favorably

skewing the variation in expected outcome by means of building the flexibility needed to

respond to the occurrence of fraud risk with corrective action (Benaroch et al, 2002). In

other words, risk management includes responding to the occurrence of fraud risk

proactively, in consideration of external and internal fraud risk within the business

environment with corrective action needs.

The theory relates to the topic because it brought the idea of financial risks and business

continuation management and contingency planning of internal systems with current

threats which management respond to via application of internal audit function variables.

The internal audit risk management function is a response to both external and internal

system threats. The theory further states that risk must be brought under control by an

active mastering of the environments. This has to be done by negotiating uncertainty

involving decisions. Therefore the real option view of the theory sees risk management to

be a proactive process aimed to respond to the occurrence of fraud risk while they occur

with corrective action which necessitated this study.

2.5 Discussion of Other Major Issues On Conceptual Frame work

2.5.1 The role of Audit Committee in Nigeria under the CAMD

The Company and Allied Matters Decree CAMD 1990 in section 259 (6) made a

provision for objectives functions of audit committee that shall be as follows

46
(a) To ascertain whether the accounting and reporting polices of the company are in

accordance with legal requirements and agreed ethical practices;

To review the scope and planning of audit requirement;

(b) To review the findings on management matters in conjunction with the external

auditor and departmental responses thereon;

(c) To keep under review the effectiveness of the company‟s system of accounting and

internal control;

(d) To make recommendations to the Board in regard to the appointment, removal and

remuneration of external auditors of the company; and

(e) To authorizes the internal auditor to carry out investigations into any activities of the

company which may be of interest or concern to the committee.

2.5.2 Provisions of Standards of the Internal Auditors.

There are provisions made by standards of the internal Auditors for internal audit

functions based on the established principles of the profession and they tend to be fairly

consistent despite some variation in style and the material covered.

According to Institute of Internal Auditors Code of Ethics (2014), the current standards of

the Institute of Internal Auditors IIA are numbered (1000 to 2600).

2.5.3 Other Regulatory Provisions Assisting Internal Audit Function

To comply with professional standards there are other provisions that assist internal audit

function to comply with the provisions of professionals standards. These provisions, help

in the internal audit fraud risk assessment and is a process aimed at proactively

identifying and addressing an organizations vulnerabilities to both internal and external

fraud. These are: (American Institute of Certified Public Accountant AICPA Statement

on auditing Standards No 99 and No 104-111; PCAOB Auditing standard no 8-15;

47
Sarbanes- Oxley Act of 2002; COSO Fraud Control model 1992; Foreign corrupt

practices Act 1977.

The internal audit function in fraud risk management will become more firmly

established as it responds quickly to new demand from significant regulatory and

legislative mandates. These regulations particularly emphasizes on internal audit function

in fraud risk control and the insurance of the Report of the national Commission of

Fraudulent Financial Reporting RCFFR, 1977). Also the recent changes in the New York

stock Exchange rules regarding the structure and components of the board of Directors

of Listed Companies as well as the requirement for all publicly listed companies to have

an internal audit function, and the ongoing calls for better organization governance

(Ramamoorti, 2003; Loftus, 2011; BBVA, 2012)

2.6. Empirical Review.

The growing reliance by management and the audit committee on the internal Audit

function as a critical part of good corporate governance and more specifically as an

effective tools to fight fraud (Delloittee, 2010; Frank 2010; KPMG, 2008; Norman.,

Rose & Rose, 2010) makes the understanding of the role of the internal audit function in

the context of fraud management an important area of research and practice. This study is

an explorative study addressing an existing gap in the academic research to date on the

Application of Internal Audit function in Fraud Risk Management (An Empirical Study).

Thus on the empirical review of this study (Abort, Brian, Susan & Garry, 2012) studied

the role of the internal audit function in fraud risk management using related literature

and online survey data. The results proved that the respondents perceived that the

internal audit function has a significant role in all areas of fraud risk management. The

study also concluded that the findings enhance the understanding of the IAF‟s current
48
roles and responsibilities with respect to fraud risk management. It was also found that

the audit committees are also to inform management and board of directors/audit

committee on setting IAF‟s scope of work in relation to fraud risk management including

the importance of allocating adequate resources for the IAF to fulfill its responsibilities

and challenges. The research further concluded that internal audit is currently under

sourced to effectively achieve its aim.

In the same way, (Ernst & Young, 2012) conducted a global survey about evolving role

of internal audit using questionnaire and found out that strong risk management has a

positive impact on long –term earnings performance in organization. The findings can

also be related to (PricewaterhouseCoopers, 2009; Norman et al, 2010) on the

understanding of the role of the IAF in the context of fraud risk management.

A consolidated study was made by (Coetzee et al, 2009) on perceptions of the role of the

internal audit function in respect of fraud risk management. Data was obtained by means

of personal interviews with the senior management and the chairperson of the audit

committee using electronic survey issued to the chief audit executives. The conclusions

are that communication regarding risk issues is lacking. Although, the internal audit

function‟s role is perceived as positive yet, the views of senior management and those of

the chairperson of the audit committees differ substantially, and the two parties expect an

increase in internal audit function involvement in the fraud risk management related

issues.

At the same time (DeZoort & Harrison 2008) studied on an evaluation of internal auditor

responsibility for fraud detection using data collected from six countries of Australia,

Belgium, Canada, Mexico and US. On the overall, the internal auditors in the study

reported moderate levels of responsibility for fraud detection and account participants
49
reported higher overall detection responsibility than anonymous participants. Perceived,

responsibility for detecting fraud was higher in the misappropriation of assets case than in

either the fraudulent financial reporting or corruption case. Also, (Schlenker, 1997)

concluded from his study that responsibility is not identical to accountability as part of

pressure put on internal auditors to external pressure. Similar findings were also made in

(KPMG, 2003, 2006; ACFE, 2008).

A study was conducted by (Coram et al, 2011 using ANCOVA on the importance of

internal audit in fraud detection. The results showed that organizations with an internal

audit function are more likely to detect and report fraud than those that do not. Other

researchers like (Carey, Tanewskip & Simmnet, 2000; Carcellor.,Hermenson &

Raphunandan, 2005) made similar studies using an agency cost framework to illustrate

the value relevance of the internal audit function. The conclusions were that the variables

of size, debt or agency are not associated with presence of an internal audit function in an

Australian family owned companies, internal and external audit are used as monitoring

substitutes by these companies.

Another study made by US examined the size of internal audit budgets using percentages

and regression analysis and found that they were positively related to company size;

financial leverage, service or utility industries, inventory operating flows: and audit

committee review of the internal audit budget (Carcellors et al, 2005). Results showed

that internal audit budgets were negatively related to the percentage of internal auditing

that was outsourced. The overall conclusion was that companies facing higher fraud risk

will increase their organizational monitoring through internal audit providing evidence of

the importance of the internal audit function.

50
Also, (Gramling., Malletta., Schneider & Church, 2004) made a literature review on the

internal audit function with corporate governance. The outcome was that the role of an

internal audit function was analyzed using the external auditors evaluation of its quality,

determinants of its reliance decision, the extent of its work relied on by the external

auditor and other aspects of the internal audit. This review shows that internal audit has

been related to the perception of the external auditor and whether the external auditor

utilizes the internal auditors work.

In their research, (Wallace & Kreutzfeldt, 1991) evaluated the work of internal auditor to

know how well they detect errors within an organization. The research used none-

parametric test regression analysis and found out that the number and magnitude of errors

requiring adjustment by the external auditors have been found to be substantially lower

for entities that had an internal audit department than those that did not.

In another studies, (Apostolou et al, 2001) evaluated the ability of internal auditors to

perform fraud-related work. The study applied simple percentages and the findings were

that external and internal auditors achieved a high level of consensus in their financial

statement fraud risk rating suggesting that internal auditors are as aware as external

auditors of where fraud is likely to be detected.

Two other researchers, (Church & McMillan, 2001) investigated on factors affecting

internal auditors consideration of financial reporting during analytical procedures and

comparing financial statements and discovered that when considering fraudulent financial

reporting, internal auditors think that fraud is the reason for an unexpected difference in

income. These studies have focused on the financial statement fraud and they were based

on measuring perception and not application.

51
Fraud risk management cannot be achieved without corporate governance. The works of

(Paape., George Panagiotis., Rani & Evanthia, 2003) investigated the relationship

between internal audit and corporate governance using survey data collected form 15

European Union countries. The result of this research is the differences during internal

auditors work and the perception of the role of internal auditors to corporate governance

by country. Thus, there is a lack of internal audit and audit committee on 50 companies

and business managers are unaware of the recommendation and regulations on corporate

governance. Supporting the idea, (Godwin, 2003) surveyed on the same relationship by

the use of simple t-test and found out that independence and accounting experience have

a complementary impact on audit committee relation with internal audit.

Also (Leung., Cooper & Robertson, 2004) researched on the role of internal audit in

corporate governance in Australia using questionnaires sent to internal auditors and

directors of Australian financial Institutions. The findings were the fact that the culture

and the support of the Board of Directors are key factors that directly affects internal

audits effectiveness in fraud risk management.

Then, (Christopher, Sorens & Leung 2010) investigated a critical analysis of the

independence of the internal audit function through its relationship with management and

the audit committee. The significant threats identified included Chiefs Audit Executives

CEA not reporting functionally to the audit committee; the audit committee not having

sole responsibility for appointing, dismissing and evaluating the Chief Audit Executive,

and not having all audit committee members or at least one member qualified in

accounting.

But, (Sarens & Christopher, 2010) investigated between corporate governance, risk

management and internal control practice. Survey data were sent to chief audit executives
52
in Australia and Belgium and used a simple statistical mean to analyze the data and the

conclusions were that the weaker focus of the Belgian corporate governance guidelines

on risk management and internal control is associated with less developed fraud risk

management and internal control systems in Belgian companies than in Australian

Companies.

More so, (George et al, 2013) performed a literature reviews on the assessment of

corporate governance through internal audit function in fraud risk and concluded that

internal audit plays a critical roles in corporate governance by providing a wide spectrum

of assurance and consulting services. These researches have just centered on the relation

of internal audit function with corporate governance only.

On interaction with executive, (Perrin, 2001) performed a survey in 2000 of

approximately 130 executives, including both internal audit and other management

executives and analyzed the survey using percentages. It was found that internal audit

was involved in risk management committees working teams in 33 percent of the

responding organizations and the management cooperation. But, (Walker Schlnker &

Bartan, 2002) provided information about the role of internal audit in fraud risk

management process with the executives through observations and found out that internal

audit function assisted to identifying risks, facilitated risk workshops, integrated and

aggregated information from the workshops, helped develop risk management processes,

and generated risk reports.

However on interaction, (Beasley, Clune & Hermanson, 2005a) conducted a descriptive

statistics on the adoption of fraud risk management by global organizations and on the

specific role of internal audit function in fraud risk management. The results showed that

48 percent of the surveyed organizations have complete or partial risk management frame
53
work in place. The evidence of close interaction between internal audit and the Chief

Risk Officer, as well as evidence of internal audit focus on coordinating risk management

efforts among various parties, assisting with risk identification, suggesting control

activities and monitoring the risk management effort among various parties, assisting

with risk identification, suggesting control activities and monitoring the risk management

process.

However on ongoing function, (Gramling & Myers, 2006) investigated internal audit‟s

specific role in risk management for conformity with the appropriate internal audit role

identified by the (11A, 2004). The outcome was that internal audit involvement in areas

the 11A deemed “Core” activities for internal audit is moderate, involvement in area the

11A deemed “legitimate with safeguard” is limited moderate, and involvement in areas

the 11A deemed inappropriate is limited. Thus the internal audit‟s risk management-

related activities at many organizations appear fairly consistent with the 11A guidelines.

An investigation of (Colquitt, Huxt & Lee, 1999), by sending questionnaires to managers

of 100 large and small organization probing into their risk management profile and

discovered that large organizations are more likely to adopt integrated risk management

processes than smaller organizations, but, (Bearsley.,Clume & Hermanson, 2005b)

agreed in the same manner just as (Carcellor et al, 2005) is of the same view that this

allow for greater internal audit involvement in risk management.

On enterprise fraud risk management, (Beasley, Clume & Hermanson, 2006) researched

on the impact of enterprise risk management on the internal audit function. They used

OLS regression model to address the research questions. The conclusion show that

enterprise risk management is impacting the internal audit function and that the impact is

greater when the organization has a more complete enterprise risk management
54
framework. Complete adoption is a significant undertaking and can provide numerous

opportunities for internal audit involvement.

A review on internal auditor‟s role in the detection and prevention of fraud on a post SAS

No 82 analysis was conducted by (Thomas & Clement, 2002). They employed non-

parametric ANOVA and Kruskal Wallis to evaluate the effect and the results provided

evident that internal auditors are moderately knowledgeable about 11A and AICPA

standards for fraud. However, they are, at best, neutral with regard to acknowledging

fraud detection and prevention as primary roles for themselves in the organization.

The findings of (KPMG, 1998; 1999) showed that internal audit function was involved

in detection of approximately 43 percent of reported frauds with the external audit

function and designed for the purposes of detecting misstatements due in part to fraud

was involved in detection of only four percent of the reported fraud. Prior research made

by (KPMG, 1994, 1995) found similar results with (Campbell & Lindsay‟s 1994), that

internal auditors are frequently involved in detection of both management and employee

fraud.

Internal audit function (Welch, Holmes & Strawser, 1996) surveyed (ACFE) regarding

actual incidence of fraud with which they were familiar. They collected a total of 2,573

case of known fraud and found that organizations with internal audit functions were

significantly more effective in detecting fraud than those without internal audit function.

In an agreement, (Church et al, 2001) found that internal auditors are able to identify risk

factors for fraud.

The institute of Internal Auditors (11A, WIPO 2014) stressed on the ethics and the code

of conduct and standards on internal audit. On this regard (Heaston., Cooper & Frank,

1993) surveyed on internal audit ethics and found discrepancies between audit directors,
55
who felt the reporting of fraud to the Board of Directors was a serious ethical problem,

and audit staff who felt it was unimportant.

Further function of internal audit, (Carnes & Keithley, 1993) investigated on whether the

limited tenure of internal auditors hampers fraud detection using MANOVA and

ANOVA for the analysis. Findings of the study indicated that the length of audit

experience and auditors plans to continue practicing internal auditing as a carrier do

affect their attitudes outcome which shows that 52% of employees reported that code of

conduct are not taken serious. Also,

(Freiedberg, 1998) made an archival research on ethical aspects of internal auditing as it

affects its function in Israeli. The findings pointed to the paucity of professional research

into the important area of internal audit ethics on one hand, and on the lack of significant

activities to implement the existing code of ethics in Israel and probably in many other

countries, on the other hand and this affect its function.

The use of risk management principles in planning an internal audit engagement was

conducted by (Coetzee & Lubbe, 2013). The conclusion was that the term risk-based

internal auditing is fairly new, in that the terminology is used to describe the audit of the

risk management strategy as well as the development of the internal audit function‟s

annual plan, the chief audit executives are unsure how frequently the risk register is being

updated with emergent risk which could involve internal audit function‟s activities and

that internal auditors are still unclear about the differences between risk management and

risk –based internal auditing as regards terminologies, methodologies and rule. On the

same subject, (Dela Rose, 2008; Griffiths, 2006(b)), all researched in risk based

management in internal audit function and came out with inconsistent results as made by

(Coetzee & Lubbe, 2013).

56
The perceived effectiveness of internal audit function in fraud prevention was carried out

by (Salameh et al, 2011). A survey of forty five executives was selected to gather

information from the Jordan banking industry. The study found that respondents

perceived internal audit units is effective in fraud prevention and that senior managers

consider that in-house internal audit units are more effective in preventing fraud than

outsourcings internal auditors.

Another research by (James, 2003) examined the effects of internal audit function

structure on perceived financial statement fraud prevention in USA. The study found that

users perceived greater financial statement fraud protection when internal audit function

reports to the audit committee than when it reports to senior management. They also

concluded that there is lack of evidence supporting enhanced user confidence resulting

from outsourcing the internal audit function in fraud risk management.

An inconsistent result was found in relation to audit committee existence and the

likelihood of financial statement fraud by, (Beashey, 1993; McMullen, 1996). However,

audit committee effectiveness has been found to reduce the likelihood that companies are

sanctioned for fraudulent financial reporting (Abbort, Parker & Park, 200). Also a

positive relation was found between concentration of power in the hands of insider and

the likelihood of issuing fraudulent financial statement (Dunn, 2004). In Australian

perspective, a negative relation has been found between the proportion of independent

directors and institutional investors and the likelihood of fraud, while a positive relation

was found between duality chairman of the board and also the chief executive officer and

the likelihood of fraud (Sharma, 2004). One observed difference from this study to others

was that in measuring fraud (Sharma, 2004) used both financial statement fraud and

misappropriation of assets.
57
However, (Radu, 2012) discussed on fraud risk, internal audit and environmental audit

and found out that organization that has effective internal audit function in place are

better than those organization that has not such a function as regards to fraud detection

and prevention. As regards fraud prevention, (Omar & Abubakar, 2012) used achiever

survey on fraud prevention mechanism of Malaysian government linked companies and

also found out the same conclusion with (Radu, 2012; Coram, Ferguson & Moroney,

2006). Further, internal auditors responsibility for fraud detection was surveyed by these

following authors as well (Collier, Dixon & Marston 1991; Farcane, Blidset & Popa,

2009; Mui 2009; Stribu et al 2009). They found similar answers that users put high

expectation on auditors‟ duties of fraud prevention and detection. They also concluded

lack of understanding among respondents of the statutory duties of internal auditors in

fraud risk prevention.

Some challenges on internal audit function to prevent and detect fraud as discussed by

fraud literature are difficult to detect for several reasons. This was seen in (Krambia-

Kapardis, 2001) in his discussion on enhancing the auditor‟s fraud detection ability and

concluded that perpetrators may be familiar with accounting procedures, and also have

the ability to cover the fraud. He also found out that the time and budgetary constraints

associated with audit results in external auditors increasing their reliance on

management‟s representation of financial statement. The works of these (Bayon &

Reinstain, 2001; Dycus, 2002; Grazioli, Jamal & Johnson, 2006) found out similar

opinions that internal auditors lack adequate training in fraud nature and investigative

methodology, and hence these have reduced their capability in fraud detection and

management. In agreement, (Coetzee & Lubbe, 2013) also found lack of methodology in

fraud risk management principles in planning internal audit engagement.

58
In the same dependency, (Garvious, 2007) found out that internal auditors can

experience an agency problem of an inherent conflict of interest because they are

investigating the party that paid for their services thus creating a built-in conflict for

internal auditors.

The discussions of (Godwin –Stewont & Kent, 2006) on the use of internal audit function

in fraud risk management using Australian Companies was analyzed using survey data.

In the result, they found out that internal audit function plays a key role in monitoring a

company‟s risk profile and identifying areas to improve in fraud risk management.

Other authors like (Gorden., Loeb & Tseng, 2009), studied on the enterprise risk

management and firm performance but only based their study on contingency perspective

and not on a wide fraud risk management, while (Vasile, Coitora & Mitran, 2012) also

studied on fraud risk management in the financial and accounting activity and based

their-results only on those financial and accounting risk not covering all the risk that are

envisaged in organization. These two authors (Anuntaakalakul, 2010; Woods, 2009)

centered their studies on risk management but not in relation with internal audit function

but in other variables relating to management. These researchers (Beasley et al 2009;

Coetzee & Fourie, 2009; Beaslie et al, 2012; Woods, 2009; Stoneburner,Goguen &

Feringer, 2002) all researched on risk management but had varied results except that risk

management help management achieve its objectives without establishing whether there

are an established variables that assist internal audit function in achieving the fraud risk

management objective.

The following (Salameh, Al-Weshah, Al-Nsour & Al-Hiyan, 2011) investigated

alternative internal audit structure and perceived effectiveness of internal audit function

59
in fraud prevention. The methodology used simple questionnaires sent to fifteen banks in

Jordan. A simple one-t-test, using mean, standard deviation, frequency and percentages

were used to analyzed and test the hypotheses. The study found that respondents

perceived internal audit units effect in fraud prevention. They also found that senior

managers consider that in-house internal audit units are more effective in preventing

fraud than outsourcing internal auditors.

In Nigeria, (Badara & Saidan, 2014) studied empirical evidence of antecedents of

internal audit function effectiveness in fraud risk from Nigerian perspective. The data

were obtained by questionnaires administered to internal auditors, audit committee and

chairman of local governments using descriptive statistics and factor analysis. The result

reveals the significant effect of the entire antecedents on the internal audit effectiveness

in local government, which implies that for local government or other public sector to

attain the effectiveness of their internal audit, such antecedents need to be given due

consideration.

In addition, (Salamu & Agbeja, 2007), investigated on auditing and accountability in the

public sector and concluded that internal audit functions in Nigeria are not effective.

In Nigerian perspective, (Osa-Erhabor & Ehiorobo, 2013) also investigated the role of

internal audit function in effective management in public sector and concluded

ineffective internal audit function in Nigeria.

In Tehran, (Kangarlovei, Motavasse & Moghammadzadah, 2013) studied the evaluation

of internal audit effectiveness in Tehran stock exchange and concluded that internal audit

function is an effective means of monitoring and promoting good system of good

governance. Similarly, conclusions were made by (Belay, 2007), that internal audit

function promotes good system of corporate governance.

60
All these, (Endaya & Hanefah, 2013; Chaveerung, 2011; Sahehi & Arianpour 2013) had

similar conclusion indicating lack of factors that influence internal audit effectiveness

and the possible interaction among them in fraud risk management. The following works

on internal audit effectiveness were accessed (Omar & Baker 2012; Endaya & Hanefah;

Thenfanis., Drogalis & Giovani, 2011; Domenic & Nonna, 2011; Intakhan &

Ussahawanitchakit, 2010; Feizizadeh, 2012) several statistical methods like regression

analysis, ANOVA, ANCOVA, simple percentages and achieved data were used to

investigate many of the studies and some of the results showed internal audit function

effectiveness and others ineffective especially those of the Nigerian perspective. Those

that found internal audit effective were not focused on internal audit function

effectiveness on fraud risk management. The findings and conclusions were at variance

just as the various methods were used to analyze the study data.

On the methods of measuring the performance of internal audit function in fraud risk

management (Aksoy & Kahyaogbu, 2013) measured internal audit performance for

successful implementation in Turkey. The authors used 11A GAIN performance

monitoring 2008 and found that 77 percent of all the respondents have a formal or

informal performance monitoring and quality assurance program. They also applied 11A,

GAIN Annual bench-marking study 2009 and concluded that the major performance

metrics can be categorized in three set such as (a) stakeholder satisfaction (b) internal

audit process and capability and (c) innovation related to audit staff and activities as a

whole. In order to ensure the high performance of internal audit activity, 11A

recommends standards, Code of ethics and also Quality Assurance (QA) services both

applied internally and externally. These measurements were performed in Turkey but not

in Nigerian perspective.
61
Global Internal Audit Survey was conducted by (Ernst & Young, 2007). They

highlighted the findings on the survey made through internal audit executives

representing 138 predominantly public companies representing membership in the Global

Business week 1000, and the standard and poor‟s global 1200 from 24 countries, using

companies having revenues of US 4 billion dollars. The results showed that half of the

respondents (50%) do not track the value their internal audit function provided for the

organization, while only 13% measure value based upon actual cost savings.

Two writers, (Arena & Azzone, (2009) studied organizational drivers of internal audit

effectiveness considering new development in internal audit function and its central role

in corporate governance and fraud risk. The data used for this survey were collected

through questionnaire sent to 364 Italian companies, and 47% responded from the basis

of data from 153 Italian companies. The results show that the effectiveness of internal

audit in fraud risk is influenced by factors like (a) characteristics of the internal audit

team (b) the audit process (c) The organizations links.

Bota-Avram, Popa and Stefanesco (2010) made achiever study on the methods of

measuring the performance of internal audit function and concluded with the followings

as the metrics used for measuring internal audit function: a) Using of Balance scorecard

instrument; b) Using qualitative methods by realizing some satisfaction studies for the

client of internal audit. One man objective being the identifying of the potential cause for

the unhappiness of the clients; c) Implementation of some assurance quality program and

the accountability to realize annual assessment of internal audit quality; d) Other

instruments used for the measuring of internal audits effectiveness are informal reports

for the management, different monitoring systems of a necessary time for fulfilling the

audit missions and the quality audit report.

62
The study made by (Collier et al, 2001), was aimed to investigate where the

responsibility for computer fraud prevention and detection reside within an organization

and to examine the role of internal audit department in prevention and detection of

computer in fraud risk management. They concluded that information services function is

most commonly held responsible for computer fraud prevention and detection. Thus

organizations do not consider computer fraud to be high priority matter in fraud risk

management.

The study made by (Alleyne, Persaud, Greenidge & Sealy, 2010) investigated the use of

audit techniques in detecting fraud especially in the stock and warehousing circle in

Barbados. The study indicates that there is a moderate to high perceived effectiveness of

standard and procedures in the detection of fraud in the stock and warehousing circle in

Barbados.

While, (Thiruvadi & Patel, 2011) conducted a survey of data-mining techniques used in

fraud detection and prevention and concludes that effective use of data mining techniques

detect and prevent fraudulent activities and categorized four computer frauds where data

mining tool can be employed: Management fraud; customer fraud; network fraud; and

computer based fraud.

Then, (Gill & Gupta, 2009) researched on prevention and detection of financial

statement fraud: a data mining approach and concludes that management fraud is a

deliberate and wrongful act carried out of public companies using material misleading

financial statement that cause damage to investors, creditors and the economic market.

Also (Kirkos., Spathis & Manolopoulos, 2007) conducted a research on data mining

techniques for the detection of fraudulent financial statement. The study used a sample

of 76 Greek manufacturing companies in order to inquire and draw an analogy between

63
the performances of the various factors that are associated with the financial statements

fraud. Neural networks Decision tree and Bayesian belief networks were the data mining

techniques employed and the input data was the published financial statement contained

falsified indicators; Bayesian belief networks performed was found out to be the best

with 90.3% correct classification of the cross validation procedure, Neural network had

80% success rate and decision tree model 73.6% success rate.

In another development, (Gill & Gupta, 2009) had a further study in which they used

generic data mining framework for fraud prevention along with fraud risk-reduction for

the financial statement fraud. The study divided data mining tasks into two groups of

predictive tasks and descriptive tasks. Predictive data mining, along with machine

learning helped in better fraud prevention, while performance evaluation of various data

mining techniques using metrics such as error rate, information gain and Gini index for

decision trees were employed.

Huan,Yan.,Yang and Hua (2008) conducted a research to assist auditors in identifying

any possible fraud records and evaluating datasets by developing a fraud detection

mechanism based on Zipf‟s law through simulation test and a case study. They used four

key performance indicators, Audit Hit Rate, Bayers Audit Hit Rate, confusion matrix

and the misclassification cost matrix. Finding showed that ZipF‟s mechanism could be

identified by ZipF‟s Analysis and this is more effective than a 100% sampling

Kotsiantis., Kouthanakos., Tszolepis and Tompakos (2006), investigated the efficiency

of the machine learning techniques in identifying firms that publish fraudulent financial

statements. This they did by implementing a hybrid decision support system through

combining algorithms that uses a stacking variant methodology. The data came from 164

non-financial Greek manufacturing firms listed, 41 of which had issued fraudulent

64
financial statement. The study variables were collected from the financial statements of

the firms. Results from this experiment indicated that the falsification indicators and a

small list of ratios largely determined the classification result in published financial

statements.

Liou, (2006), investigated the similarities and differences between two models of

fraudulent financial reporting detection and the business failure prediction that helped in

identifying firms that procured losses. It aimed to find the effectiveness of the approach

and the explanation variables using data mining algorithms such as regression logistic,

neural network, and classification trees to construct detection/prediction models using

data from Taiwan Economic Journal data bank and. Taiwan stock exchange corporation

website. The financial variables were from 2003 to 2004. The findings show that the

variables were significant in detecting fraudulent financial reporting and predicating

business failures, logistic regression was considered the best of the three data mining

algorithms.

Guo and Viktor (2008) researched on learning from skewed class multi-relation database.

They focused the use of new strategy to address the imbalance in multi-relational data

wherein one class in the target relation is higher than the others. The imbalances assist in

diagnosing a disease or detecting a fraud case such as a credit-card fraud. Six benchmark

data-sets were used for the experiment. The results indicated that imbalance in multi-

relational method was better than other prevailing data mining algorithms in comparison,

especially when there was a high class imbalance with regard to receiver operating

characteristics curve and area under the curve.

Nonyelum and Chibueze (2009), employed the use of neural network technology and the

rule-based components to develop credit-card fraud detection system using four clusters
65
of low, high, risk and high risk using the two staged models that is frequently used in

fraud detection. They developed a model identifying the behavior of a cardholder and

evaluating the transaction characteristic to detect fraudulent transactions was developed

using the self-organizing map algorithm. Other several models were generated by

applying the artificial neural network trained with the unsupervised learning methods.

This experiment further indicated that generation was done to secure a correct result and

minimize the wrongful classification in which genuine transaction is considered

fraudulent.

Xu., Sung and Liu (2007) also used data mining algorithm on simulated and real data to

create user profile for identifying customer behavior in detecting fraudulent transactions

in an online system through a set of association rules. Anomalies were identified by

comparing the incoming transaction of the user against that users profile based on his/her

recent transaction. Conclusion is that the differences between the anomaly behavior and

the profiled user behavior can be correctly interpreted by the proposed algorithm.

Graham & Patel (2006) also found in their studies that classification of network traffic

helps to identity abnormal behaviors by detecting any derivations from the normal

activity, (Kou., Peng., Chen & Shi, 2009) also examined network fraud and found out it

is possible to use data mining-based network intrusion detection system and track the

problem of solving the multi-class classification.

Becker., Volinsky and Wilks (2010) discussed different strategies and techniques used in

the detection of the telecommunication-fraud history. They developed a fraud-

management system to manage different types of fraud using call details, database

required for storing data, fraud detection, algorithms fraud types and corrections and

visualization cool that can help in diagnosis. (Liau et al, 2009) also examined the need
66
for an effective and automated system for network forensic. The experiment results

indicated that 91.59% of the attack types could be classified by the system thereby

providing understandable information of forensic experts.

Sanver and Karahoca (2009) also compared the different data mining techniques,

benchmarked each technique and identified Adaptive Neuro Fuzzy Inference for telecom-

fraud detection in Turkey. The results showed that it provided 97% of sensitively, 99% of

specificity, where 98.37 of the instances were correctly classified.

On computer fraud detection (Koltler & Maloof, 2006) used machine learning and data

mining to discover and classify malicious executables. The research selected executable

which would appear undetected on a user‟s hard drive, without preprocessing or

removing any obfuscation. The results showed that the boosted decision tree had an area

under the ROC curve of 0.996, surpassing other models. Mukkamala., Sung & Abraham,

(2005) showed that the ensemble of artificial neural network, SVM and Multivariate

Adaptive Regression Splines, was superior to individual approach for intrusion detection

in terms of classification accuracy. They used data from Massachusetts with five different

classes of patterns. The results showed that 100% classification accuracies can be

achieved if appropriate intelligent paradigms are chosen.

In their study (Hua., Patel & Zaven, 2009) proposed practical approaches for selecting

and implementing organizational information security and presented three models for

security business information system ISS offensive model, ISS defense model and sati

guard model. He concludes that these help system security and prevent the breaches

respectively.

Also, (Patel & Zaven, 2010) came out with risk-assessment model to assess the financial

damages resulting from these cube attacks. On the use of business intelligence tools to
67
detect fraud (Wang & Yang, 2009) found out an increase in the use of data mining to

detect fraud, but also lamented an overall underutilization.

Burnaby, Howe and Muehlman (2013) made a review of the extent of the use of business

intelligence to detect fraud by internal auditors. They came out with the following as

regard the use of data mining: 15% use relational reporting; 13% use online analytical

processing for fraud risk management; while others respondents complained that all the

tools suggested were deficient and some noted that they use MS Access and the rest

stated that they monitored email looking for transmission of credit card numbers.

Muhammed, Ghanbari and Einakian (2014) researched on using Data mining to detect

fraud of internal audits by application of fraud deductive methods. The result shows that

data analysis technology enables auditors and fraud examiners to analyze an

organization‟s business data to gain insight into how well internal controls are operating

and to identify transactions that indicates fraudulent activity or the highest risk of fraud.

Finally, (PWC, 2011) surveyed on Global Economic Crime, Cyber crime (digital fraud)

and reported that 45% indicated rising cybercrime fraud risks; 40% indicate that it is

damaging reputation; 40% did not have capability to detect and prevent cyber crime; 56%

said the most serious fraud was an inside job and senior executives made up almost 50%

who did not know if a fraud occurred and no indication of internal audit commitment in

the cyber fraud risk management.

2.7 Summary of the Review and the Gap

The most globally acceptable definition of internal audit function within our conceptual

framework by the Institute of Internal Auditing (11A) is that internal audit is an

independent objective assurance and consulting activity designed to add value and

improve an organization‟s operations. It helps an organization accomplish its objectives

68
by bringing a systematic, disciplined approach to evaluate and improve the effectiveness

of risk management, control and governance process.

Fraud risk management in essence is the systematic application of management policies,

procedures and practices to the tasks of establishing the context, and to those of

identifying, analyzing evaluating and treating fraud risk (Hodges, 2000).

Internal audit functions in fraud risk management also comprise fraud prevention,

detection/identification, response which includes corrective action and remedy (PWC

2013; KPMG, 2006; 11A, ALPA ACFE, 2009).

Four internal audit function variables were found through the several literatures as

applicable in fraud risk management and they are data-mining function, proactive

function, ongoing function and interactive function.

We found from the review that different statistical methods and various literature review

methods were employed by various authors. The review also indicated that the global

accounting scandals and the recent corporate collapse have reduced the credibility of

external auditors and the stakeholders shift their blame on management who in turn hopes

that the application of internal audit function would address fraud risk management with

corporate governance structure in order to solve the problems.

The review also showed that few studies were made on this within the emerging

economies of Africa. In others words, the literature indicated that there is a dearth of

researches that focus on the application of internal audit function in fraud risk

management generally and especially in Nigerian context. Many of the available studies

considered the application of internal audit function in fraud risk management being

utilized by external auditors (Carcello.,Hermanson & Raphunandam, 2005), or

consideration given only to corporate governance, board or internal audit effectiveness,

69
or attention given only to the financial statement fraud using perception, or internal audit

function focusing on unexpected difference in income as a signal for fraud (Apostolou,

Hassel, Webber & Summers, 2001; James, 2003; Shalameh., Al-Wesh., Al –Nsou & Al-

Hiyari, 2011; Church & Macmillan,2001).

There was also, an inconclusive and inconsistent results that were observed from the

application of internal audit in various studies made on risk based management by

internal audit function (Dela Rose, 2008; Griffiths, 2006; Coezee & Lube, 2013).

Also, lack of methodology in risk based management in internal audit function was seen

in the application by (Coetzee & Lube, 2013; Krambia-Kapandia, 2011). The findings of

(Dittenholer, 2001; Buhove & Groff, 2013) proved an application but there was not a

clear methodology and the result gave only recommendations to internal audit function

while (Abushaiba & Zaindden, 2012) measured performance on internal audit function

but not in fraud risk management. Majority of the studies did not consider specifically the

application of internal audit function with a clear methodology in fraud risk management.

In Nigeria, researches by (Salamu & Agbeja , 2007; Badara & Saiden, 2014; Osa-Erhabor

& Ehiorobo, 2013) found out that application of internal audit function in risk

management in Nigeria is not effective. Although, these researches applied internal audit

function in fraud risk management in public sectors and local governments, yet, their

findings somehow was limited by the unsystematic approach adopted.

Very few researchers made use of some of these variables such as the use of data mining

tools; proactive function; ongoing function and interactive function in fraud risk

management. If these tools are considered in the application of internal audit function in

fraud risk management, they will make internal audit function realize its full objective of

combating fraud risk. Therefore this study applied these variables to see how it would
70
bridge these gaps and ensured that they were applied in all aspect of internal audit

function in fraud risk management by understanding and incorporating all these required

variables.

We carried out this study in the Nigerian perspective, using Nigerian firms that are

susceptible to fraud risk in their everyday operations and also considering the Nigeria‟s

peculiar economic environment and the obvious challenges. We believe that the

application of the results will improve internal audit function in fraud risk combat. The

study adds to the existing literature in internal audit function in fraud risk management in

Nigerian perspective.

This study, sort to bridge the gap of the knowledge, by a systematic search for, and

review of the factors that have been found by scholars of academic literatures on internal

audit function in fraud risk management. This study will also make contributions to

knowledge such that would be valuable, due to its wealth of literature on internal audit

function in fraud risk management that have not yet been systematically explored and

reviewed in respect of internal audit function IAF in fraud risk management FRM. The

need for this research arose to fill this gap (Protivit, 2012; Frank, 2004; KPMG, 2013;

Deloite, 2010), through an extensive search for, and a systematic review of internal audit

function variables which have been found by academic scholars that are available on

academic literatures on internal audit function IAF in fraud risk management FRM. The

results are shown in the coming chapters.

71
 CHAPTER THREE
METHODOLOGY

3:1 Introduction

This section focused on the structure of the study. That is the methodology used for

collecting and analyzing the needed data.

3:2 Research Design

In this study, a simple survey research design was employed to elicit information from

respondents to address the four objectives of the study on application of internal audit

function in fraud risk management in Nigerian banks. The reason for the choice of a

simple survey research design is to find the potentials of the application of internal audit

function in fraud risk management in banks through the perception of those who have

stake in banking industry.

3:3 Population of the study

The population of banks in Nigeria was 21 as of April 2017. The numbers of banks

studied were selected in a balloting through systematic sampling technique. The names of

all the banks were represented in a paper and reshuffled, after which fifteen papers where

picked that made up the sample size of the banks for the study (Uzoagulu, 1998). The

population element of the study consists of the internal auditors, accountants and fraud

auditors in each of the banks of interest in this study. Questionnaire was used to collect

data from these banks, (refer to appendix seven). The outcome indicated that the total

population of internal auditors, fraud auditors and accountant from the fifteen banks used

for this study is 668 as described in the table below:

72
 Table 1: Population of the Study made up of the internal audit staff, fraud audit
staff and accountant staff in each of the 15 Banks used for the study

S/N Description of Internal Audit Fraud Audit Accountants Total

Institution Staff Staff

1. Bank A 3 5 16 24

2. Bank B 3 4 30 37

3. Bank C 5 9 53 67

4. Bank D 2 3 40 45

5. Bank E 4 6 44 54

6. Bank F 1 2 8 11

7. Bank G 2 3 21 26

8. Bank H 3 5 50 58

9. Bank I 1 1 14 16

10. Bank J 3 8 77 88

11. Bank K 8 10 41 59

12. Bank L 1 2 15 18

13 Bank M 6 7 58 71

14. Bank N 2 3 76 81

15. Bank O 1 2 10 13

45 70 553 668

Source: Primary Data sourced from the Banks by the Researcher using Questionnaire.

3.4. Sample and Sampling Technique

The researcher employed Taro Yamane‟s formulae to determine the sample for the study.

The formula is given as:

where,

n = Sample Size
N = Population Size (668)
E = Level of Significance (0.05)

73
1 = Constant.
Using the formula, therefore, we have:
= = = 400.

Therefore, the sample size for this study is 400 respondents (accountants, internal and

fraud audit staff). Each of the 15 chosen commercial /deposit money banks represents a

sample frame and the 400 determined sample size is distributed among these institutions

as follows:

Table 2: Distribution of sample size among the 15 Banks studied.

S/N. DESCRIPTION OF INSTITUTIONS SAMPLE SIZE FOR EACH INSTITUTION

1. Bank A 24/668 x 400 = 14

2. Bank B 37/668 x 400 = 22
3. Bank C 67/668 x 400 = 40
4. Bank D 45/668 x 400 = 28
5. Bank E 54/668 x 400 = 32
6. Bank F 11/668 x 400 = 6
7. Bank G 26/668 x 400 = 16
8. Bank H 58/668 x 400 = 35
9. Bank I 16/668 x 400 = 10
10. Bank J 88/668 x 400 = 52
11. Bank K 59/668 x 400 = 35
12. Bank L 18/668 x 400 = 11
13 Bank M 71/668 x 400 = 42
14. Bank N 81/668 x 400 = 49
15. Bank O 13/668 x 400 = 8

Total Sample Size = 400

Source: Researcher’s Proportion of the 400 sample size to each of the banks’
population

74
3:5 Sources of Data

This study made use of questionnaires which were used to collect primary data that were

answered by fraud audit staff, internal audit staff and accountant staff. The first

questionnaire was divided into two different sections. Section 1 asks question about the

personal data of the respondents while section 2 was used to elicit information from the

respondents to address the four objectives of this study. This section of the questionnaire

is based on Likert Scale response format of Strongly Agree (5 points), Agree (4 points),

Strongly Disagree (3 points), Disagree (2 points), and Undecided (1 points).

The researcher distributed the questionnaire to the respondents and others were

distributed through agents. He collected some by himself, while others were collected

through his agents and the rest through mails.

The second questionnaire was a structured interview of yes or no responses. This was

conducted with the various internal auditors of the banks. The internal auditors were met

one on one to find their various opinions on whether there is or not an application of

internal audit function variables in their bank‟s fraud risk management. There was a

greater response of Yes than No. This is highlighted during the discussions of the

findings. The interview format is included in the appendixes.

The third questionnaire was used to collect the population of employed staff of internal

auditors, fraud auditors and accountants from each of the fifteen banks studied. The

sample is also included in the appendixes.

3:5 Methods of Data Collection

Only questionnaires correctly filled and returned were used for analysis. In order to

determine the degree of respondents‟ position in each of the variables of interest, normal

values were assigned to the options in each variable as has been stated above, that is 5, 4,
75
3, 2, and 1. A cut off was determined by finding the mean of the nominal values assigned

to the options in each variable using the formula: = , where,

= Mean,
X = the score,
n = number of items.

Thus we have = = = 3. Our decision rule, therefore, is that any mean

within 3.0 and above was considered as significant by the respondents, while a mean

that is below 3.0 is taken as not significant.

To further strengthen the empirical analyses and test the posited hypotheses, ANOVA

was employed to test the equality or otherwise of the perceptions of the three categories

of staff, namely, the fraud auditors, the internal auditors and the accountants on the

application of internal audit function as an instrument for fraud risk management in

Nigeria Banks. SPSS statistical analyses software was employed to carry out the

ANOVA analyses.

3:6 Procedures for Data Analysis

3:6:1 Data Analysis

Here described the data analyses that were used to examine the data and answer the

research questions.

Likert Scale was used to measure the extent of the respondents‟ agreement on each

variable factor. Descriptive statistics of percentage, mean and standard deviation were

applied in the study.

To further strengthen the empirical analyses and test the posited hypotheses, ANOVA

was employed to test the equality or otherwise of the perceptions of the three categories
76
of staff, namely, the fraud audit staff, the internal audit staff and the accountant staff on

the application of internal audit function as an instrument for fraud risk management in

Nigeria Banks. SPSS statistical analyses software was employed to carry out the

ANOVA analyses.

3:6:2 Validity of the instrument

Validity has been defined as the degree to which a method or instrument is able to

measure what the researcher intends to measure.

This research used both face and content validity to check whether the instrument

covered what were required and the appropriateness of the measuring instrument on the

study. The appropriateness of the face and content was validated by the researcher‟s

supervisor and other experts (Uzoagulu, 1998). This was certified to be used to carry out

the study

3:6:3 Reliability of the Instrument

Reliability of the instrument was established. Reliability is defined as the consistency of

repeated measurements taken under similar conditions (Nunally, 1967; Cronback, 1951).

The Cronback Alpha correlation of items calculated yield, 0.852 which is very high

above the minimum stated by Cronback. The table of the reliability of the instrument of

the study is found in appendix, (See appendix 2).

3:7:1 ANOVA Analysis.

This research applied parametric analyses, within which analysis of variance (ANOVA)

was also applied. This was used to analyze and test the hypotheses of the study and the

mean perceptions of the fraud audit staff, internal audit staff and the accountant who were

the respondents. The application of ANOVA was denoted by the formula

77
 Σ= Vb

Where V1 or ∫ = the variance of the scores for all the groups combined into one

composite group known as the total group ∫ or Vw = the mean values of the variance of

each group computed separately known within groups of variance

V ß or ∫ 1 (∫ -∫ = the difference between the total groups variance and within group

variance.

3:8 Justifications for Method of Data Analysis Applied In the Study

1.) Parametric techniques of data analysis

One of the reasons why the research used parametric data analysis is that it allows for

independence of score (Uzoagulu, 1998; Jerry, 2013). The collection of the data for

the study was based on the responses of the respondents‟ independent perception.

There was no influence of scores. Parametric techniques data analyses are required

when the scores assume independence (Uzoagala, 1998; Jerry, 2013; Amir, 2008;

Kerlinger, 1997).

2.) One way ANOVA analysis method.

This research applied one way Analyses of Variances ANOVA because the

perception outcomes for each group were normally distributed with a common

variance. The error I.e., deviations of individual outcomes from the population group

means were assumed to be independent. ANOVA analysis is suggested as one of the

powerful and the appropriate statistical techniques for testing significance of sample

means between three or more groups (Uzoagulu, 1998; Elaine & Seaman, 2007;

Dimitra, 2016).

78
(3) Likert Scale method

The research applied Likert scale analysis as one of the method applicable to data

collection when it is coded strongly agree, Agree, etc. or when the respondent are

required to state the extent of agreement or disagreement. Parametric test is also one of

the appropriate statistical techniques that could be used to analyze Likert Scale responses,

(Sullivan & Anthony, 2003).

79
 CHAPTER FOUR
DATA PRESENTATION AND ANALYSIS
4:1 Introduction

This chapter is focused on the presentation and analysis of the respondents and their

responses to the instrument. The response data set from this study met with the

assumptions of parametric techniques. This data presentation and analyses are presented

in this section as follows:

Outcome of the Questionnaire Instrument

Table (3) Questionnaire Responses

Items Number %
Total administered instrument 400 100
Instrument not returned 169 42
Returned but invalid 18 5
Valid copies returned 213 53
Total 100

Source: Researchers report of instrument survey, 2016

The report from the table 3 above showed that 400 questions were distributed, and 213

(53%) were returned valid, while 169 (42%) were not returned and 18 (5%) were also

returned but were invalid due to irregularities found in the responses

80
4.2.1 Frequencies and Percentages of Respondents Demography

Table 4 Frequency distribution or Gender status of the Respondents

Frequen Perce Valid Cumulative Percent

cy nt Percent
Female 116 54.5 54.5 54.5
Valid Male 97 45.5 45.5 100.0
Total 213 100.0 100.0

Source: Researchers report on Gender survey, 2016.

Report from table 4 indicated that the frequency distribution of male respondents were 97

(45.5%), while the female frequency distribution were 116 (54.5%). There were more

female responses than male respondents

Table 5 Frequency Distribution of Job Description

Frequency Percent Valid Cumulative

Percent Percent

internal auditor 41 19.2 19.2 19.2

fraud auditor 52 24.4 24.4 43.7

Accountant 120 56.3 56.3 100.0

Total 213 100.0 100.0

Source: Researchers report on Job Description survey, 2016

Job description survey report in table 5 depicts a frequency distribution of 41 (19.2%) of

internal auditors 52 (24.4%) of fraud auditors and 120 (56.4%) of Accountant that

responded to the study.

81
Table 6 Frequency Distribution of Academic qualification

Frequency Percent Valid Percent Cumulative

Percent

HND 83 39.0 39.0 39.0

BSc 42 19.7 19.7 58.7

MSc 39 .9 .9 59.6
Valid
MBA 47 22.1 22.1 81.7

PhD 2 18.3 18.3 100.0

Total 213 100.0 100.0

Researcher’s Analysis from Field Work, 2016.
Table 6 above showed the academic qualification of the respondents. The frequency
distribution of those with HND was 83 (39%), BSC, 42 ((19.7%), MSC 39 (18.3%),
MBA 47 (22.1%) and PhD 2 (0.9%).
Table 7 Frequency Distribution of Years of Work Experiences

Frequency Percent Valid Percent Cumulative

Percent

5 years or less 68 31.9 31.9 31.9

6-10 years 63 29.6 29.6 61.5

Valid
above 10 years 82 38.5 38.5 100.0

Total 213 100.0 100.0

Source: Researchers Report on Years of Work Experience Survey,2016

The information on the table 7 shows that 68(31.9%) of the respondents have 5 years or

less work experience in their job, 63 (29.6%) have 6-10 years work experience and 82

(38.5%) have 10 years and above work experience within their fields.

Table 8. Frequency Distribution of Professional Membership.

Frequency Percent Valid Percent Cumulative
Percent

ICAN 31 42.3 42.3 42.3

ANAN 56 26.3 26.3 68.5

AIB 13 6.1 6.1 74.6

Valid
ACCA 23 10.8 10.8 85.4

Others 90 14.6 14.6 100.0

Total 213 100.0 100.0

Source: Researchers report on professional membership survey, 2016

82
From the above table 8, professional membership distribution of frequency and

percentage of responses were Others 90(42.3%), ANAN 56 (26.3%), AIB 13 (6.1%),

ACCA 23 (19.8%) and ICAN 31(14.6%). This shows that there were more of ICAN

member respondents than other professional members.

Table 9 Frequency Distribution on Job Specification

Frequency Percent Valid Percent Cumulative

Percent

Auditors 124 58.2 58.2 58.2

Valid Accountants 89 41.8 41.8 100.0

Total 213 100.0 100.0

Source Researcher’s report on Industry specification survey, 2016

Analysis of table 9 above indicates that 124 (58.2%) are in the bank audit are among the

respondents while a total of 89(41.8%) responses are Accountants within industry. Thus

there were more respondents from banking accounting staff than from their auditing staff.

4.3 Research Question One Analyses

Question 1: To what extent do you agree that the application of internal audit data

mining tool combats fraud risk in banks?

Table 10 Extent of Respondents agreement that data mining audit interrogation is a

tool that combats fraud risk in banks.

Job description To what extent do you agree that data mining function controls
fraud risk in banks
strongly
disagree disagree undecided agree strongly agree Total
Internal auditor 2 1 2 17 19 41
4.9% 2.4% 4.9% 41.5% 46.3% 100.0%
Fraud auditor 0 1 7 25 19 52
.0% 1.9% 13.5% 48.1% 36.5% 100.0%
Accountant 3 8 4 48 57 120
2.5% 6.7% 3.3% 40.0% 47.5% 100.0%

83
 Source: Researcher’s responses analysis using Likert scale, survey, 2016.

Responses above show that only, 2 internal auditors representing the frequency mode of 4.9%

and the accountants who disagreed that data mining tool combats fraud risk, and that 3(2.5%)

accountant also disagreed while no fraud auditor disagreed. The extent of disagreement

represented 2.4% for internal auditors and 1.9% for fraud auditors, but with a higher 6.7%

represented from accountants. The undecided opinions represented the mode of 4.9% of

internal auditors, 13.5% of fraud auditors and a lesser 3.3% for accountants. The respondents

who rated agreed and strongly agreed that data mining control fraud risk were as follows:

Internal auditors had a frequency mode of agree and strongly agree of 41.5% and 46.3%

respectively. The fraud auditors‟ responses also showed a high percentage mode of 48.1% and

36.5% respectively for both “agreed and strongly agreed”. But, Accountants‟ responses had a

high rating mode of 40% and 47.5% for “agreed and strongly agreed respectively. Fraud

auditors had a higher understanding of “agreed” opinion with a mode of 48.1% that data

mining audit interrogation is a tool that combats fraud risk in banks.

Table 11 Extent of Respondents Agreement that neural network as a data mining

function combats fraud risk in banks
Job description To what extent do you agree that neural networks as data
mining function combats fraud risk in banks
strongly
disagree disagree undecided agree strongly agree Total
internal auditor 1 2 6 18 14 41
2.4% 4.9% 14.6% 43.9% 34.1% 100.0%
fraud auditor 1 2 11 27 11 52
1.9% 3.8% 21.2% 51.9% 21.2% 100.0%
accountant 3 10 18 55 34 120
2.5% 8.3% 15.0% 45.8% 28.3% 100.0%

Source: Research’s response analysis in Likert scale Survey, 2016

Respondents‟ opinion from table 11 above showed how confident they are that neural

networks is a data mining tool that combats fraud risk. The extent of the high rating on

84
“agreed” and “strongly agreed” by the respondents revealed their conviction within the

three job descriptions. Internal auditors who “agreed” had 43.9%, “strongly agreed”

34.1% and fraud auditors who “agreed” had 57.9%, strongly agreed scored 21.2% while

the Accountants who “agreed” had a rating frequency mode of 45.8% and strongly

agreed had 28.3%.. These all had a higher rating indicating their confident in neural

network as being able to control fraud risk. Those that stood on the “undecided” position

had 14.8%, 21.2% and 15% among Internal and Fraud auditors and Accountants

respectively.

Table.12 Extent of respondent’s agreement that machine learning techniques is a

data mining tool that combats fraud risk in banks.
Job description To what extent do you agree that machine learning techniques
as data mining function combats fraud risk in banks
strongly
disagree disagree undecided agree strongly agree Total
internal auditor 1 0 5 22 13 41
2.4% .0% 12.2% 53.7% 31.7% 100.0%
fraud auditor 1 4 5 25 17 52
1.9% 7.7% 9.6% 48.1% 32.7% 100.0%
accountant 3 4 14 59 40 120
2.5% 3.3% 11.7% 49.2% 33.3% 100.0%
Source: Researchers Responses Analysis in Likert Scale, survey 2016.
Researcher’s Response Analysis Using Likert Scale, 2016.
Analysis above indicated that 53.7% of internal auditors agreed, and 48.1% of fraud

auditors also agreed, while 49.2% accountants also agreed that data mining machine

learning techniques combats fraud risk. Internal auditors who strongly agreed were 13

with 31.7% mode and fraud auditors were 17 with 32.7% mode, while accountant were

40 representing 33.3% who stated strongly agreed. Internal auditors who stood in

undecided position showed 12.2% and fraud auditors showed 9.6% while accountant had

11.7%. The responses of strongly disagreed showed internal auditors with 2.4%, fraud

auditors had 1.9% and accountant scored 2.5%, while disagreed respondents showed 0%,

85
7.7% and 3.3% respectively for internal auditors, fraud auditors and accountants

respectively.

Table13. Extent of the agreement of the respondents who stated that data mining
algorithm technique is a tool that combats fraud risk in banks.

Job description To what extent do you agree that data mining algorithm
techniques combats fraud risk in banks
strongly
disagree disagree undecided agree strongly agree Total
internal auditor 1 3 6 16 15 41
2.4% 7.3% 14.6% 39.0% 36.6% 100.0%
fraud auditor 1 0 13 22 16 52
1.9% .0% 25.0% 42.3% 30.8% 100.0%
accountant 1 6 14 60 39 120
.8% 5.0% 11.7% 50.0% 32.5% 100.0%

Source: Researchers response analysis using Likert Scale, survey, 2016.

Analysis above indicated that 39% 0f internal auditors agreed and 42.3% of external

auditors and 50% of accountants agreed also that data mining algorithm techniques is a

tool that combats fraud risk. Internal auditors who strongly agreed were 15 with 36.6%

mode and fraud auditors were 17 with a mode of 30.8%, while accountants had 39

responses representing 32.5% of those who strongly agreed. The internal auditors who

stated undecided were 6 representing 14.6%, and fraud auditors were 13 representing

25%, while accountants also had 14 with 11.7%. Respondents who strongly disagreed

was only one internal auditors with 2.4%, one fraud auditors representing 1.9% and one

accountants with 5%. The rest who stated disagreed were 3 internal auditors representing

7.2%, and nobody disagreed among fraud auditors, while 6 accountants with 5% also

disagreed.

86
Table14: Extent of the agreement of the respondents that data mining business
intelligence is a tool that combats fraud risk in banks.
Job description To what extent do you agree that data mining business intelligence
techniques combats fraud risk in banks
strongly
disagree disagree undecided agree strongly agree Total
Internal auditor 1 3 4 16 17 41
2.4% 7.3% 9.8% 39.0% 41.5% 100.0%
Fraud auditor 2 1 4 26 19 52
3.8% 1.9% 7.7% 50.0% 36.5% 100.0%
Accountant 3 2 8 56 51 120
2.5% 1.7% 6.7% 46.7% 42.5%
Source:
100.0%
Researcher’s response analysis using Likert Scale survey, 2016.
Source: Researchers response analysis using Likert Scale, survey, 2016.

Reports on table 14 above revealed that internal auditors had strongly agreed rate of

2.4%, disagreed position of 10.3 with 7.3%, undecided opinions were 4 with (9.8%),

agreed responses had 16 representing 39% and strongly agreed responses were also 17

with 41.5%. Further, fraud auditors who strongly agreed were 2 responses with 3.8%, one

person disagreed with 1.9%, undecided responses had 4 with 7.7% mode, agreed

responses were 26 with 50% and strongly agreed responses were up to19 representing

36.5%. Accountants who responded strongly disagreed totaled 3 with 2.5%, while

disagreed opinions had a total of 2 with 1.7%, undecided total score were 8 with 6.7%,

agreed respondents had a total of 56 responses with 46.7% and strongly agreed rate of 54

with 42.5% mode. From the table showing the scores, accountants had more stand that

data mining business intelligence techniques is a tool that combats fraud risk in banks.

87
Table 15 Extent of the agreement of respondents that data mining link analysis
techniques is a tool that combats fraud risk in bank.

Job description To what extent do you agree that data mining link analysis
techniques combats fraud risk in banks
strongly
disagree disagree undecided agree strongly agree Total
internal auditor 2 2 3 18 16 41
4.9% 4.9% 7.3% 43.9% 39.0% 100.0%
fraud auditor 1 3 4 27 17 52
1.9% 5.8% 7.7% 51.9% 32.7% 100.0%
accountant 2 4 13 51 50 120
1.7% 3.3% 10.8% 42.5% 41.7% 100.0%

Source: Respondents Responses Analysis in Likert scale survey, 2016.

From the table above, 2 internal auditors with 4.9% mode strongly disagreed that data

link analysis techniques combats fraud risk, another 2 respondents disagreed with a

corresponding 4.9%, 3 respondents representing 7.3% stated undecided, 18 responses

indicated agreed with 43.9%, while 16 respondents strongly agreed with 39%. Fraud

auditors who strongly disagreed was only one with 1.9%, 3 persons disagreed with 5.8%

mode, 4 respondents who indicated that they were undecided had 7.7%, and 27

respondents agreed with a corresponding 57.9%, while strongly agreed persons were 17

with 32.7%. The accountants‟ positions seemed stronger having a total strongly agreed

response of 50 represented by 41.7%, agreed responses of 51 with 42.5% and a high rate

of undecided response of 13 with 10.8%. The rest of the accountants had a total of 2

responses with a corresponding 1.7% who strongly disagreed and 4 disagreed opinions

corresponding to 3.3% that data mining link analysis techniques combats fraud risk in

banks.

88
 4.3.2 Individual and group means scores and standard Deviations using
question one.

Reinstate Question I: To what extent do you agree that the application of internal audit
data mining tool combats fraud risk in banks?

Table 16: Individual and group mean and standard deviation scores on data
mining functions as a tool that combats fraud risk in Nigeria bank.
Variables Internal Auditors Fraud Auditors Accountants

Mea Std N Mea Std N Mean Std N

Data mining audit interrogation 4.35 0.75 41 4.13 0.87 52 4.06 0.95 120

Data mining Neural Net works 4.30 0.91 41 3.85 1.30 52 4.85 0.60 120

Data mining machine learning 4.12 0.94 41 3.97 1.19 52 4.93 0.10 120

Data mining Algorithms 4.05 0.96 41 3.91 1.01 52 4.90 0.16 120

Data mining Business Intelligence 4.22 0.80 41 4.07 0.99 52 4.07 0.98 120

Data mining link analysis 3.97 1.06 41 4.17 0.85 52 4.01 0.99 120

TOTAL 4.15 0.90 4.00 1.04 4.33 0.60

Source: Researchers analysis from survey, 2016.

Information from table 16 above showed that all the mean scores of the respondents were

above 3.00 which is the mean score acceptance limit set for the study. Accountants

scored the highest mean of 4.43 with the least standard deviation of 0.10 indicating that

data mining machine learning is one of the main variable tools that combats fraud risk in

banks. Fraud auditors had the least mean scores of 3.85 with the highest standard

deviation of 1.30.

If you compare the mean of the various groups within this job description, you will notice

that accountants had the highest mean scores of 4.33 and the smallest standard deviation

of 0.60 indicating homogeneity in agreement among them than the other groups

(Uzoagulu, 1998; Albelson, 1985). Fraud auditors scored second with a mean of 4.16 and

a standard deviation of 0.90 showing that the score are tightly clustered around the mean
89
(Bartz, 1963). The standard deviation of the internal and fraud auditors and accountants

do not differ much in variability (Bartz, 1963). In order words, the individual persons

within the three groups of job description were united in their opinion that internal audit

data mining function combats fraud risk in banks. The opinion of the three groups of job

description did not differ much in the mean and standard deviation.

4.3.3 Research Question II Analyses

To what extent do you agree that the application of internal audit proactive function
combats fraud risk in banks?

Table 17. Extent of respondent’s agreement that internal audit proactive function
combats fraud risk in banks.

Job Description To what extent do you agree that involvement in more financial
reporting as internal audit proactive function positively controls
fraud risk in banks
strongly
disagree disagree undecided agree strongly agree Total
internal auditor 0 3 2 19 17 41
.0% 7.3% 4.9% 46.3% 41.5% 100.0%
Fraud auditor 0 2 4 29 17 52
.0% 3.8% 7.7% 55.8% 32.7% 100.0%
accountant 2 4 10 54 50 120
1.7% 3.3% 8.3% 45.0% 41.7% 100.0%

Source: Researcher’s response analysis survey, 2016.

Both internal and fraud auditors did not record respondents who strongly disagreed that

internal audit proactive function combats fraud risk. There were 2 respondents of

accountants with 1.7% mode who strongly disagreed. But disagreed opinion had 3

respondents from internal auditors with a corresponding 7.3%, 2 respondents having

3.8% from fraud auditors and 4 respondents of accountants having 3.3%. Those who

stated undecided were as follows: 2 internal auditors having 4.9%, 4 fraud auditors

having 7.7% and accountants having 8.3%. This result showed that those who agreed

90
were more than those who strongly agreed. Internal auditors who agreed to the subject

matter were 19(46.5%), while those who strongly agreed were 17(41.5%). Fraud auditors

who agreed had a total of 29 with 46.3%, while those who strongly agreed had a total

frequency of 17 with 32.7%. Further, accountants who agreed were more than internal

and fraud auditors who agreed. From the analysis they had 54 responses corresponding

with a frequency of 45% and strongly agreed total of 50 with 41.7%. These indicated that

more respondents believed that internal audit involvement in more financial reporting i.e.

sustainability and none financial communications as internal audit proactive function

combats fraud risk.

Table 18 Extent of Respondents agreement that focus on risk processes as internal

audit proactive function combats fraud risk in banks.

Job Description To what extent do you agree that focus on risk processes as internal
audit proactive function positively controls fraud risk in banks
strongly
disagree disagree undecided agree strongly agree Total
Internal auditor 1 3 5 16 16 41
2.4% 7.3% 12.2% 39.0% 39.0% 100.0%
Fraud auditor 0 2 6 32 12 52
.0% 3.8% 11.5% 61.5% 23.1% 100.0%
Accountant 4 6 9 53 48 120
3.3% 5.0% 7.5% 44.2% 40.0% 100.0%

Source: Researcher’s responses analysis with Likert scale survey; 2016.

The analysis above showed that accountants had more assertion that focuses on risk

process such as IT management, analysis and corporation risk as a proactive internal

audit function combats fraud risk. Accountants who responded agreed were 53

representing 44.2% and strongly agreed responses were 48 representing 40%. Fraud

auditors who agreed had a total of 32 respondents representing 61.5%, while internal

auditors who agreed came up to 16 representing 39%. Internal auditors who agreed and

91
those who strongly agreed had an equal rating of 16 representing equal 39%. Undecided

respondents were 5 internal auditors representing 12.2%, 5 fraud auditors representing

11.6% and 9 accountants representing 7.2%. Both strongly disagreed and disagreed were

1 internal auditor representing 2.4% and 3 representing 7.3%, fraud auditors had nobody

who strongly disagreed but had 2 disagreed persons representing 3.8%, while 4

accountants strongly disagreed with 3.3% and had 6 disagreed respondents representing

5%.

Table 19 Extent of Respondents agreement that focus on emerging risk such as IT

risk is an internal audit proactive function that combats fraud risk.

Job Description To what extent do you agree that focus on emerging risk such as IT
risk etc as internal audit proactive function positively controls fraud
risk in banks
strongly
disagree disagree undecided agree strongly agree Total
Internal auditor 2 2 3 22 12 41
4.9% 4.9% 7.3% 53.7% 29.3% 100.0%
Fraud auditor 0 3 8 24 17 52
.0% 5.8% 15.4% 46.2% 32.7% 100.0%
Accountant 3 9 9 52 47 120
2.5% 7.5% 7.5% 43.3% 39.2% 100.0%

Source: Researcher’s response analysis with Likert scale, survey 2016.

Responses from the above table revealed the extent of respondents believe that focus on

emerging risk such as IT risk, as internal audit proactive function combats fraud risk.

Internal auditors who strongly agreed were 12 representing 29.3% and 32 fraud auditors

who had 32.7%, while accountants had 47 responses with a corresponding 39.2%.

Internal auditors had a total of 22 representing 53.7%, fraud auditors 24 representing

46.2% and accountants were 52 representing 43.3%. The undecided opinion were 3

internal auditors with a frequency of 7.3% and fraud auditors who had 3 respondents had

a mode of 15.4% while accountants had 9 responses with a mode of 7.5%. Further,
92
internal auditors who strongly disagreed were 2 responses with 4.9%, while those who

disagreed were 2 persons with a corresponding 4.9%. Fraud auditors had zero strongly

disagreed and 3 persons who disagreed with a corresponding 5.8%. Accountants who

strongly disagreed were 3 represented by 2.5% and those who disagreed were 9 persons

represented by 7.5%.

Table 20 Extent of respondent agreement that advisory roles and decision making
processes as internal audit proactive function combats fraud risk.

Job Description To what extent do you agree that advisory roles and decision making
processes as internal audit proactive function positively combats
fraud risk in banks
strongly
disagree disagree undecided agree strongly agree Total
Internal auditor 3 3 3 16 16 41
7.3% 7.3% 7.3% 39.0% 39.0% 100.0%
Fraud auditor 2 2 4 18 26 52
3.8% 3.8% 7.7% 34.6% 50.0% 100.0%
Accountant 3 6 8 53 50 120
2.5% 5.0% 6.7% 44.2% 41.7% 100.0%

Source: researcher’s response analysis with lacer survey 2016.

Respondents‟ opinions from the table above showed that there were more opinions on

strongly agreed. Internal auditors were 16 represented by 39% and fraud auditors had 26

opinions corresponding to 50%, while accountants were 50 corresponding to 41.7%.

Those who agreed were as follows: Internal auditors 16, represented by 39%, fraud

auditors had 18 with 34.6%, accountants had 53 with a 44.2%. Undecided responses by

internal auditors were 3 with a 7.3% and fraud auditors had 4 represented by 7.7%, while

accountants got 3 with a total of 8.7%. The internal auditors who indicated strongly

disagreed and disagreed had an equal response of 3 representing 7.3%. Fraud auditors

also had an equal response of 2 with a corresponding 3.8% respectively for strongly

agreed and disagreed opinions.

93
4.3:3 Individual and group means and standard deviations scores on internal audit
proactive function using question two

Reinstate Question II: To what extent does the application of internal audit proactive
function combats fraud risk in banks?

Table 21 Individual and group mean and standard deviation scores of

respondents on internal audit proactive function.
Internal auditors Fraud Auditors Accountants Total

Variables Mea Std N Mean Std N Mea Std N Mea Std N

Involvement in more finical 4.27 0.81 41 4.20 0.86 52 4.01 0.98 120 4.16 0.88 213
reporting –sustainability and
none financial reporting

Focus on risk processes such as 4.13 0.95 41 4.40 0.84 52 3.69 1.01 120 3.95 0.93 213
management, analysis and
corporate risk

Focus on emerging risk such as 4.22 0.83 41 4.00 0.97 52 4.05 0.97 120 4.07 0.92 213
IT risk, new product risk
international operations and
corruptions etc

Advisory roles and decision 3.88 1.11 41 4.24 0.83 52 4.02 0.99 120 4.05 0.98 213
making processes

TOTAL
4.12 0.93 4.21 0.87 3.94 0.98

Source: Researchers response analysis from survey, 2016.

The mean responses of the fraud auditors showed 4.21 and the standard deviation was

0.97, internal auditors‟ mean was 4.12 with a standard deviation of 0.93, while

Accountants had a mean of 3.94 with a standard deviation of 0.98. It was only the mean

of the various groups that differed a little, though they fall within the acceptance range of

above 3.00. But the standard deviations of the three job groups indicated just a little

variability showing that majority of the scores were tightly clustered around the mean

(Bartz, 1963). Therefore, the groups have homogeneity in their various individual and

group opinions that data mining proactive function combats fraud risk.

94
4:3:4 Research Question III Analyses.

To what Extent do you agree that internal audit ongoing function combats fraud risk in
banks?

Table 22 Extent of Respondents agreement that assessment processes support audit

plan and design as an internal audit ongoing function that combats fraud risk in
banks.

Job Description To what extent do you agree that assessment processes to support
audit plan and design as internal audit ongoing function combats
fraud risk in banks
strongly
disagree disagree undecided agree strongly agree Total
Internal auditor 3 2 2 11 23 41
7.3% 4.9% 4.9% 26.8% 56.1% 100.0%
Fraud l auditor 1 2 6 25 18 52
1.9% 3.8% 11.5% 48.1% 34.6% 100.0%
Accountant 3 4 4 57 52 120
2.5% 3.3% 3.3% 47.5% 43.3% 100.0%

Source: Researcher’s response analysis with Likert scale survey 2016.

Respondents opinion of strongly disagree from the table above showed that internal

auditors had 3 responses representing 7.3% and fraud auditors had one responses

representing 1.9% while accountants had 3 persons with a corresponding 2.5%.

Disagreed respondents were 2(4.9%) for internal auditors, 2(3.8%) for fraud auditors and

4(3.3%) for accountants. Those who stated undecided were 2 persons representing 4.9%

for internal auditors, 6 respondents representing 11.5% for fraud auditors, while

accountants had 4 responses representing 3.3%. Respondents who agreed stood as

follows: internal auditors got 11 responses representing 26.8% and fraud auditors got 25

responses representing 48.1%, while accountants had 52 responses corresponding to

43.3%. Internal auditors who strongly agreed had the highest frequency of 56.1% with 23

responses and followed by the fraud auditors who had 18 responses representing 34.6%,

95
while accountants followed in the opinion of strongly agreed with the highest responses

of 52 representing 43.3%.

Table 23 Extent of Respondents agreement that periodic audit summaries and

reporting as internal audit ongoing function is a tool that combats fraud risk in
banks.

Job Description To what extent do you agree that periodic audit summaries and
reporting as internal audit ongoing function combats fraud risk in
banks
strongly
disagree disagree undecided agree strongly agree Total
Internal auditor 1 1 1 11 27 41
2.4% 2.4% 2.4% 26.8% 65.9% 100.0%
Fraud auditor 2 5 3 19 23 52
3.8% 9.6% 5.8% 36.5% 44.2% 100.0%
Accountant 3 1 9 51 56 120
2.5% .8% 7.5% 42.5% 46.7% 100.0%

Source: Researchers responses analysis with Likert Scale, Survey, 2016.

Only 1 respondent with 2.4% strongly disagreed as an internal auditor. But fraud auditors

had 2 respondents represented by 3.8%, while accountants were 3 responses represented

by 2.5%. One fraud auditor represented with 2.4% disagreed, 5 fraud auditors represented

by 9.6% also disagreed, while 1 person represented by 8% from accountants disagreed on

the subject matter completely. Undecided respondents stood as follows: internal auditors

got a person represented by 2.4%, fraud auditors had 3 respondents represented by 5.8%

and accountants got the highest undecided respondents of 9 persons represented by 7.5%.

Again, 11 internal auditors represented by 28.8% agreed that periodic audit summaries

and reporting is an internal audit ongoing function that controls fraud risk in bank. 19

fraud auditors represented by 26.9% and 51 accountants represented by 42.5% also

agreed on the subject matter. But there were more people who stated strongly agreed than

other opinions. These were 27 internal auditors represented by 56.5%, and 23 fraud

96
auditors represented by 44.2% and finally 56 accountants represented by 46.7%

frequency.

Table 24 Extent of Respondents agreement that updated risk assessment as internal

audit ongoing function that combats fraud risk in banks.

Job Description To what extent do you agree that updated risk assessment as
internal audit ongoing function combats fraud risk in banks
strongly
disagree disagree undecided agree strongly agree Total
Internal auditor 3 5 2 17 14 41
7.3% 12.2% 4.9% 41.5% 34.1% 100.0%
Fraud auditor 2 3 5 23 19 52
3.8% 5.8% 9.6% 44.2% 36.5% 100.0%
Accountant 2 5 8 55 50 120
1.7% 4.2% 6.7% 45.8% 41.7% 100.0%

Source: Researchers responses analysis with Likert scale survey, 2016.

Internal auditors who strongly agreed were 14 persons represented by 34.1% frequency.

Fraud auditors got 19 respondents represented by 38.5%, while accountants had 50

respondents represented by 41.7%. Also, internal auditors who agreed came up to 17

responses represented by 41.5%. Then, the fraud auditors who agreed were 23 opinions

represented by 41.5%, while 55 accountants with 45.8% agreed as well. Undecided rating

were 2(4.9%) by internal auditors, 5(9.6%) rated for fraud auditors, while 8(6.7%) came

from the accountants. Strongly disagreed and disagreed responses were 3(7.3%), 5(12.2)

respectively for both internal auditors and fraud auditors. Those who strongly agreed

were 2(3.8%) and disagreed respondents were 3(3.5%) as well.

97
Table 25 Extent of Respondents agreement that audit performance of scope, work
papers, reporting and tracking as internal audit ongoing function combats fraud
risk in banks.

Job Description To what extent do you agree that audit performance

including scope, work papers, report and tracking as
internal audit ongoing function combats fraud risk in bankss
disagree undecided agree strongly agree Total
Internal auditor 5 5 18 13 41
12.2% 12.2% 43.9% 31.7% 100.0%
Fraud auditor 1 4 26 21 52
1.9% 7.7% 50.0% 40.4% 100.0%
Accountant 2 7 63 48 120
1.7% 5.8% 52.5% 40.0% 100.0%

Source: researcher response analysis with Likert scale, survey, 2016.

18 internal auditors represented by 31.7% firmly agreed that audit performance that

includes covering the scope, work papers, reporting and tracking is an internal audit

ongoing function that controls fraud risk. 26 fraud auditors represented by 50% agreed in

the same matter. 63 accountants represented by 52.5% also agreed, and 13 internal

auditors representing 31.7% strongly agreed, 21 fraud auditors representing 40.4% also

strongly agreed, while 48 accountants having 40% strongly agreed, but 5 persons having

12.2% out of the 41 internal auditors declared undecided and 7 accountants with

corresponding 5.8% stated undecided. Internal auditors who disagreed were 5 opinions

representing 12.2%, fraud auditors who also disagreed was only 1 person representing

1.9%, while accountants who disagreed were two persons representing 1.7%. Therefore,

the respondents who strongly disagreed, who disagreed and those who stated undecided

were insignificant when compared to those who agreed and those who strongly agreed

that audit performance of scope, work papers, reporting and tracking is an internal audit

ongoing function that combats fraud risk in banks.

98
4.3.5. Individual and group means and standard deviations scores in internal audit
ongoing function in fraud risk using question three.

Reinstate Question III: To what extend do you agree that the application of internal
audit ongoing function combats fraud risk in banks?.

Table 26 Individuals and groups mean and standard deviation scores in internal
audit ongoing function in fraud risk in Nigeria bank.

Internal Auditors Fraud Auditors Accountants Total

Variables Mean Std N Mean Std N Mean Std N Mean Std N

Assessment 4.10 0.92 41 4.19 0.93 52 4.60 0.41 120 4.30 0.75 213
processes to support
audit plan and
design

Period audit 4.15 0.88 41 4.24 0.86 52 4.35 0.27 120 4.25 0.76 213
summaries, and
reporting

Updated risk 3.85 1.03 41 4.09 0.96 52 4.03 0.98 120 0.99 0.99 213
assessment

Audit performance 4.00 0.96 41 4.20 0.88 52 3.98 1.11 120 4.06 0.98 213
which includes
scope, work papers
report and tracking

TOTAL
4.03 0.95 4.18 0.90 4.24 0.77

Source: Researchers response analysis from survey, 2016.

The mean and standard deviation scored from the above table showed homogeneity in

mean scored but differences in standard deviations. Group of internal auditors had a mean

of 4.03 with a standard deviation of 0.95; the group of fraud auditors had the mean of

4.18 and a standard deviation of 0.90, while the group of accountants had a mean of 4.24

and a standard deviation of 0.77. The standard deviations scores of the individuals

showed differences in variability. But, the standard deviation of each group has a small

value within the group that suggested a little variability thus, showing that majority of the

scores of individual respondents scores were tightly clustered around the group mean
99
(Bartz, 1963). Therefore, the mean scores indicated that each group accepted that internal

audit ongoing function is a tool that combats fraud risk in banks.

4.3.6 Research Question IV Analysis:

To what extent do you agree that internal audit Interactive function combats fraud risk in
banks?

Table 27 Extent of Respondents agreement that internal audit interactive function

with senior management and executive is a tool that combats fraud risk in banks.

Job Description To what extent do you agree that internal audit function interacting
with senior management/executives as internal audit interactive
function that combats fraud risk in banks
strongly
disagree disagree undecided agree strongly agree Total
Internal auditor 2 1 3 21 14 41
4.9% 2.4% 7.3% 51.2% 34.1% 100.0%
Fraud auditor 0 2 1 29 20 52
.0% 3.8% 1.9% 55.8% 38.5% 100.0%
Accountant 2 2 8 42 66 120
1.7% 1.7% 6.7% 35.0% 55.0% 100.0%

Source: Researcher’s response Analysis with Likert scale, survey, 2016.

Responses above showed that internal and fraud auditors and accountants agreed that

internal audit interacting with the management and executive combats fraud risk. Greater

number of fraud auditors agreed on the matter and they had a frequency mode of

29(55.8%) which was more than scores of internal auditors who had a mode of

21(51.2%) to come second while accountants came third with a frequency mode of

42(35%). On the other hand, the accountants scored more on strongly agreed with a

frequency mode of 66(55.00) than the internal and the fraud auditors who scored a

frequency mode of 14(34.1%) and 20(38.5) respectively. On the other hand, 8

accountants representing 6.7% stated undecided, while 3 internal auditors with 7.3% and

one fraud auditor with 1.9% respectively stated undecided. Internal auditors who had a

frequency mode of 2(4.9%) and 1(2.4%) frequency mode stated strongly disagreed and
100
disagreed respectively. Fraud auditors who strongly agreed had a frequency mode of

0(0%) and those who disagreed had 2(3.8%). The opinions of accountants on strongly

disagreed and disagreed were also represented by a frequency mode of 2(17%) and

2(1.7%) as well.

Table 28 Extent of Respondents agreement that internal audit interacting with the
audit committee combats fraud risk

Job Description To what extent do you agree that internal audit function interacting
Source: Researcher’s response analysis
with the with Likert
audit committee scale,
as internal survey, function
audit interactive 2016.
function combats fraud risk in banks
strongly
The report from above disagree
showed that18 internal
disagree auditorsagree
undecided representing 43.9%
strongly agree of Total
the total
Internal auditor 2 5 2 14 18 41
respondents; 13 fraud auditors4.9% representing
12.2% 25%
4.9% of 34.1% the total respondents
43.9% and 47
100.0%
Fraud auditor 1 4 4 30 13 52
1.9% 7.7% 7.7% 57.7% 25.0% 100.0%
accountants
Accountant
representing 39.2% 3
of the total
3
respondents
6
strongly
61
agreed that 47
internal120
2.5% 2.5% 5.0% 50.8% 39.2% 100.0%

Source: Researcher’s response Analysis with Likert scale, survey, 2016.

From the above table, internal audit interacting with the audit committee combats fraud

risk. The results show 14 internal auditors represented by 34.1% and 30 fraud auditors

represented by 57.7%, while 61 accountants represented by 50.8% all agreed on the

subject matter as well. Further, 2 internal auditors representing 4.9% and 4 fraud auditors

representing 7.7% and 6 accountants representing 5% stated undecided on the subject

matter.

The other opinions of 5 internal auditors representing 12.2% and 4 fraud auditors

representing 7.7% and 3 accountants representing 2.5% also categorically disagreed with

the opinion while 4 internal auditors representing 4.9%, while one of the fraud auditors

representing 1.9% and 3 accountants representing 2.5% strongly disagreed on the subject

matter.

101
Table 29 Extent of Respondents agreement that internal audit interacting with the
chief audit executive (CAE) combats fraud risk in banks

Job Description To what extent do you agree that internal audit function interacting
with the chief audit executive as internal audit interactive function
combats fraud risk in banks
strongly
disagree disagree undecided agree strongly agree Total
Internal auditor 1 1 6 18 15 41
2.4% 2.4% 14.6% 43.9% 36.6% 100.0%
Fraud auditor 0 3 8 24 17 52
.0% 5.8% 15.4% 46.2% 32.7% 100.0%
Accountant 3 6 11 61 39 120
2.5% 5.0% 9.2% 50.8% 32.5% 100.0%

Source: Researchers response analysis with Likert scale, survey, 2016.

The analysis above revealed that 15 internal auditors representing 36.6% and 17 fraud

auditors representing 32.7% and 39 accountants representing 32.5%, all declared that

they strongly agreed that internal audit interacting with Chief Audit Executive controls

fraud risk in bank. Again, 18 internal auditors representing 43.9%, and 24 fraud auditors

representing 46.2% while 61 accountants representing 60.8% agreed on the opinion.

Further, 6 internal auditors representing 14.6%, and 8 fraud auditors representing 15.4%,

while 11 accountants, declared undecided on the matter. Furthermore, an internal auditor

representing 2.4%, and 3 fraud auditors representing 5.8 and 6 accountants representing

5% disagreed. Finally on the matter, one internal auditor with 2.4% and 3 accountants

with 2.5% strongly disagreed on the opinion, while there was no fraud auditor who

strongly disagreed.

102
Table 30 Extent of respondents’ agreement that internal audit interacting with

external auditors combats fraud risk in banks.

Job Description To what extent do you agree that internal audit function interacting
with the fraud auditors as internal audit interactive function
combats fraud risk in banks
strongly
disagree disagree undecided agree strongly agree Total
Internal auditor 2 1 5 17 16 41
4.9% 2.4% 12.2% 41.5% 39.0% 100.0%
Fraud auditor 2 2 4 27 17 52
3.8% 3.8% 7.7% 51.9% 32.7% 100.0%
Accountant 2 5 6 48 59 120
1.7% 4.2% 5.0% 40.0% 49.2% 100.0%

Sources: researcher response analysis with Likert scale, survey, 2016.

The table above revealed that 16 internal auditors representing 39%, and 17 fraud

auditors representing 32.7% and 59 accountants representing 49.2% strongly agreed that

internal audit function interact with the fraud auditors to control fraud risk in bank. Also,

17 internal auditors representing 41.5%, and 27 fraud auditors representing 51.9% and 48

accountants representing 40% agreed that internal audit function interact with the fraud

auditors to control fraud risk in bank. Those who stated undecided were 5 internal

auditors representing 12.2% and 4 fraud auditors representing 7.7% and also, 6

accountants representing 5%. One internal auditor representing 2.4% and 2 fraud auditors

representing 3.8% and also 5 accountants representing 4.2% disagreed on the matter.

Further, 2 internal auditors representing 4.9%, and 2 fraud auditors representing 3.8% and

finally 2 accountants representing 1.7% strongly disagreed that internal audit function

interacting with fraud auditors combats fraud risk in banks.

103
4:3.7 Individuals and groups mean and standard deviation scores in internal audit
interactive function using question four.

Reinstate Question IV: To what extent do you agree that internal audit interactive
function combats fraud risk in banks?

Table 31 Individual and group means and standard deviations scores in internal
audit interactive function in Nigeria banks.
INTERUAL FRAUD AUDITORS ACCOUNTANTS TOTAL
AUDITORS
VARIABLES
Mean Std N Mean Std N Mean Std N Mean Std N

The senior 4.15 0.92 41 4.37 0.78 52 4.35 0.69 120 4.28 0.80 213
management
The Audit 4.05 0.98 41 3.96 0.99 52 4.66 0.27 120 4.31 0.85 213
committee
The chief 4.03 0.97 41 4.09 0.99 52 4.33 0.75 120 4.22 0.90 213
Audits
Executive
(CAE)
The external 4.96 0.09 41 4.11 0.90 52 4.01 0.98 120 4.36 0.65 213
Auditors
TOTAL 4.31 0.74 4.13 0.92 4.33 0.67

Source: Researchers response analysis from survey, 2016.

Respondents mean and standard deviation analysis above revealed that internal auditors

had the highest mean of 4.96 and the lowest standard deviation of 0.09. The group mean

of internal auditors was 4.31 with a standard deviation of 0.74 and fraud auditors had a

group mean of 4.13 with a standard deviation of 0.92, while accountants had a group

mean of 4.33 with a standard devotion of 0.67. But the group who had the highest mean

score was the accountants. They also had the lowest standard deviation of 0.67 showing

that they had a more homogeneity in their agreement on the subject matter than the rest of

the other groups. The scores of internal auditors and fraud auditors also revealed a very

small value of standard deviation showing a little variability. Therefore, the mean and

standard deviation do not differ in variability among the groups opinion showing that

internal audit interactive function controls fraud risk in banks.

104
4:4. Hypotheses Testing.

There were four hypotheses formulated for this study. This very section will test these

hypotheses for the study. It was stated in chapter 3 that ANOVA Parametric Statistical

Techniques would be used to test the hypothesis, (Stephen, 1994; Diagostino, 1990).

Hypotheses 1

H1: There is a significant difference in the perception of internal auditors, fraud

auditors and accountants on the question of whether Application of internal audit

data mining tool is a significant factor in the management of fraud risk in Nigerian

banks

Decision Rule:

If the p value observed is less than 0.05 i.e. p value < 0.05; then it is significant.

But if the P value is greater than 0.05 i.e. P value > 0.05 it is not significant. Therefore if

P value<0.05 then reject the Ho1. But if P value > 0.05, Accept Ho1.

105
Table 32 ANOVA Hypothesis 1

Sum of Squares df Mean Square F Sig.

To what extent do you Between Groups 5.101 4 1.275 0.04 .0.97

perceive that data mining Within Groups 177.528 208 .854
tools combats fraud risk in
Total 182.629 212
banks
To what extent do you Between Groups 8.705 4 2.176 0.37 .0.69
perceive that neural networks Within Groups 184.601 208 .888
as data mining tool combats
Total 193.305 212
fraud risk in banks
To what extent do you Between Groups 4.295 4 1.074 0.15 .0.86
perceive that machine Within Groups 165.648 208 .796
learning techniques as data
mining tools combats fraud Total 169.944 212
risk in banks
To what extent do you Between Groups 5.277 4 1.319 0.23 .0.79
perceive that data mining Within Groups 160.253 208 .770
algorithm techniques
Total 165.531 212
combats fraud risk in banks
To what extent do you Between Groups 2.996 4 .749 .0.57 .0.78
perceive that data mining Within Groups 170.112 208 .818
business intelligence
techniques combats fraud Total 173.108 212
risk in banks
To what extent do you Between Groups 1.220 4 .305 .0.25 .0.78
perceive that data mining link Within Groups 178.555 208 .858
analysis techniques combats
Total 179.775 212
fraud risk in banks

Source Researches Analysis of Data from field work

The ANOVA output of SPSS demonstrated that all the P values of 0.97, 0.69, 0.86, 0.79,

0.56 and 0.78 were more than the significance of 0.05 which was chosen as a base for the

study. The overall P value is 0.775. Applying the decision rule P value 0.775 > 0.05, we

therefore reject the null hypothesis and accept the alternate hypothesis that the application

is significant in fraud risk management and further conclude that there is no significant

106
difference among the perception of internal auditors, fraud auditors and accountants that

internal audit data mining tool is significant in combating fraud risk in banks.

Hypotheses 11

H2: There is a significant difference in the perception of internal auditors, fraud

auditors and accountants on the question of whether Application of Internal audit

proactive function significantly combats fraud risk in Nigerian banks,

Decision Rule

If the p value observed is less than 0.05 i.e. p value < 0.05; then it is significant.

But if the P value is greater than 0.05 i.e. P value > 0.05 it is not significant. Therefore if

P value <0.05. Reject the Ho.

But, if P value > 0.05. Then, Accept Ho.

107
Table 33 ANOVA Hypothesis 11

Sum of Squares Df Mean Square F Sig.

To what extent do you Between Groups 10.916 4 2.729 0.06 .0.95

perceive that involvement in Within Groups 133.995 208 .644
more financial reporting as
internal audit proactive
Total 144.911 212
function positively combats
fraud risk in banks
To what extent do you Between Groups 4.382 4 1.096 0.20 .0.82
perceive that focus on risk Within Groups 178.923 208 .860
processes as internal audit
proactive function positively Total 183.305 212
combats fraud risk in banks
To what extent do you Between Groups 4.549 4 1.137 0.22 .0.80
perceive that focus on Within Groups 191.657 208 .921
emerging risk such as IT risk
etc as internal audit proactive
Total 196.207 212
function positively combats
fraud risk in banks
To what extent do you Between Groups 6.177 4 1.544 0.36 .0.36
perceive that advisory roles Within Groups 212.311 208 1.021
and decision making
processes as internal audit
Total 218.488 212
proactive function positively
combats fraud risk in banks
Source: Researchers Analysis of Data from field work.

The output of ANOVA using SPSS gave the valued of P as 0.95, 0.82, 0.80 and 0.36

with the overall value of 0.733 at a significance of 0.05.Then, applying the decision rule.

P value 0.733 > 0.05, we therefore conclude with the decision rule and reject the null

hypothesis and accept the alternate hypothesis that the application is significant in fraud

risk combats and thus declare that there is no significant difference among the perception

of internal auditors, fraud auditors and accountants that internal audit proactive function

significantly combats fraud risk in banks.

108
Hypothesis 111

H3: There is a significant difference in the perception of internal auditors, fraud

auditors and accountants on the question of whether Application of Internal audit

ongoing function is a significant factor in combating fraud risk in Nigerian banks,

Decision Rule

If the p value observed is less than 0.05 i.e. p value < 0.05; then it is significant.

But if the P value is greater than 0.05 i.e. P value > 0.05, it is not significant. Therefore if

P value < 0.05. Reject the Ho3.

But, if the P value > 0.05. Then, accept Ho3.

109
TABLE 34: ANOVA Hypothesis 111

Sum of Squares Df Mean Square F Sig.

To what extent do you Between Groups 3.184 4 .796 .0.0.53 0.59

perceive that assessment Within Groups 187.727 208 .903
processes to support audit
plan and design as internal
Total 190.911 212
audit ongoing function
combats fraud risk in banks
To what extent do you Between Groups 7.070 4 1.768 0.45 .0.08
perceive that periodic audit Within Groups 176.460 208 .848
summaries and reporting as
internal audit ongoing
Total 183.531 212
function combats fraud risk in
banks
To what extent do you Between Groups 3.097 4 .774 .0.23 .0.09
perceive that updated risk Within Groups 207.832 208 .999
assessment as internal audit
ongoing function combats Total 210.930 212
fraud risk in banks
To what extent do you Between Groups 4.413 4 1.103 0.51 .0.08
perceive that audit Within Groups 113.850 208 .547
performance including
scope, work papers, report
and tracking as internal audit Total 118.263 212
ongoing function combats
fraud risk in banks
Source: Researchers analysis of data from field work, 2016

The output of ANOVA using SPSS gave the valued of P as 0.59, 0.08, 0.09 and 0.08 and

the overall p value of 0.21 at 0.05 significance. Applying the decision rule for the study P

value 0.21> 0.05, we therefore reject null hypothesis and accept the alternate hypothesis

that the application is significant in fraud risk combats and therefore we conclude that

there is no significant difference among the perception of internal auditors, fraud auditors

and accountants that internal audit ongoing function is a significant factor in the

combating of fraud risk in banks.

110
Hypothesis iv:

H4: There is a significant difference in the perception of internal auditors, fraud

auditors and accountants on the question of whether Application of Internal audit

interactive function significantly combats fraud risk in Nigerian banks.

Decision Rule

If the p value observed is less than 0.05 i.e. p value < 0.05; then it is significant.

But if the P value is greater than 0.05 i.e. P value > 0.05, Then, it is not significant.

Therefore if P value <0.05. Reject the Ho4.

But, if P value > 0.05, Then, Accept Ho4.

111
 Table 35: ANOVA Hypothesis iv

Sum of Squares df Mean Square F Sig.

To what extent do you Between Groups 1.464 4 .366 .521 0.720

perceive that internal audit Within Groups 146.085 208 .702
function interacting with
senior
management/executives as
Total 147.549 212
internal audit interactive
function combats fraud risk
in banks
To what extent do you Between Groups 2.990 4 .748 .0.048 .0.73
perceive that internal audit Within Groups 186.305 208 .896
function interacting with the
audit committee as internal
Total 189.296 212
audit interactive function
combats fraud risk in banks
To what extent do you Between Groups 5.219 4 1.305 0.636 0.970
perceive that internal audit Within Groups 165.861 208 .797
function interacting with the
chief audit executive as
internal audit interactive Total 171.080 212
function combats fraud risk
in banks
To what extent do you Between Groups 4.850 4 1.213 0.385 0.740
perceive that internal audit Within Groups 182.060 208 .875
function
interacting with the external
auditors as internal audit Total 186.911 212
interactive function combats
fraud risk in banks

Source: Researchers Analysis of Data from field work

ANOVA analysis using SPSS gave the P values as follows 0.720, 0.730, 0.970 and 0.740.

Then the overall P value is 0.79. Applying the decision rule where the P value 0.79 >

0.05, we therefore reject the null hypothesis and accept the alternate hypothesis and

conclude that the application is significant in combating fraud risk and conclude that

there is no significant difference among the perception of internal auditors, fraud auditors

112
and accountants that the application of internal audit interactive function significantly

combats fraud risk in banks.

4:5 Discussions of Findings

Discussions of the findings of the study are hereby presented.

Hypothesis 1:

H1: There is a significant difference in the perception of internal auditors, fraud

auditors and accountants on the question of whether Application of internal audit

data mining tools is a significant factor in the management of fraud risk in

Nigerian banks

Findings: After the analysis, the testing of the hypothesis showed that the null hypothesis

was rejected, i.e. the alternative was accepted. Data mining is significant in combating

fraud. In other words, the respondents perceived that the application of internal audit data

mining function is significant in combating fraud risk.

Discussion:

Table4:4:1 showed that the null hypothesis was rejected. This is a proof that the

respondents accept that the application of data mining tool combats fraud risk. In other

words, they were united in both individual and group perception on the subject matter.

Any observed difference in their opinions was due to chance (Uzoagulu, 1989).

The result does not in any way differ from the findings of (Alleyme, Persaud, Greenidge

& Searly, 2010; Thiruved & Patel, 2011; Gill & Gupta, 2009; Kotsiantis, Kouthanakos,

113
Tszolepis & Tompakos, 2006; Guo & Victor, 2008) who found that application of data

mining detect and prevent fraudulent activities.

This result also differ from the conclusion of (Gill & Gupta, 2009), who applied data

mining tool only on fraudulent financial reporting and (Liou, 2006) who also applied it

only on fraudulent financial reporting and loss on production.

Other factors that made the application of data mining tool effective in fraud risk

management that were agreed by both the individual and the group opinions, stated that

the application would have to include; data mining audit interrogation, data mining neural

networks, data mining machine learning techniques, data mining algorithms, data mining

business intelligence and data mining link analysis.

This findings do not differ in any form from the opinion of (Nonyelum & Chibueze,

2009), who found that data mining neural network detect fraud direction and (Xu, Sung

& Liu, 2007), who also found out that data mining algorithm detect fraudulent

transaction.

The findings do not differ from the findings of (Graham & Patel, 2006; Sanver &

Karahova, 2009; Kolther & Maloof, 2006; Burnaby, Howe & Muehlman, 2013) who also

agreed with the result that application of data mining combats fraud risk.

It is stated that this finding, by the perceptions of respondents that the application of

internal audit data mining tools, when applied in fraud risk, combats fraud risk, is

therefore not misleading, (Muhammed, Ghambari & Einakian, 2014; Burnaby, Howe &

Muehlman, 2013; Wang & Yang, 2009).

114
If we discuss this finding considering the mean and standard deviation scores of the

individual and group responses on the items within the data mining tools, we will see that

they were very high. Their mean scores were found to be above the study chosen limit of

3.0. Also, the standard deviations were reducing significantly to proof harmony in both

the individual and group responses. However, considering the result of the Likert Scale

analysis findings in all the items within the data mining; showed that respondents had

greater opinions of „„strong and strongly agreed‟‟ opinions of responses.

To support this result, the outcome of the interviews with the actual internal auditors of

the various banks showed that if banks apply all the data mining tool variables in fraud

risk management they assist to combat fraud in their daily transaction.

The literature reviews, also, indicated that the application of data mining is significant in

fraud risk management. As we consider it along with one of the findings of (Kirkos,

Spathis & Manolopoulos, 2007), we see that the application of data mining-neural

networks had 80% success in detection of fraud. The finding of (Lious, 2006) also agreed

that the application of data mining algorithms specify how to solve identified fraudulent

financial reporting in audit and predicting business failures. It was concluded in

(Nonyelum & Chibueze, 2009), that the application of neural networks helps to detect

fraudulent transaction and the wrongful classification in which genuine transaction is

considered fraudulent.

There are others, for instances, (Xu, Sung & Liu, 2007) who were of the opinion that data

mining algorithm identifies customer behaviour in detecting fraudulent transaction in an

115
online, then, (Fraham & Patal, 2006), also, found that audit interrogation can identify

abnormal behaviors by detecting any derivation from normal activity.

Further, (Koltler & Maloof, 2006) suggested that machine learning can discover and

classify malicious executables; more so (Mukkamala, Sung & Abraham, 2005), agreed

that neural networks can be a good intrusion detection in terms of classification accuracy,

while (Wang & Zaven, 2009; Patal & Zaven, 2010; Burnaby, Howe & Muechlmen, 2013;

Muhammed, Ghanbari & Einakian, 2014; Sanver & Karahoca, 2009), all suggested that

the application of data mining combats fraud.

Hypothesis 11

H2: There is a significant difference in the perception of internal auditors, fraud

auditors and accountants on the question of whether Application of Internal audit

proactive function significantly combats fraud risk in Nigerian banks,

Findings:

The findings of the study after the analysis and the testing of the hypothesis showed that

the null hypothesis was not upheld, i.e. was rejected. This implied that the respondents

perceived categorically that the application of internal audit proactive function is

significant in combating fraud risk in banks.

Discussions:

Table 4:4:2 depicted that the null hypothesis was rejected by the respondents. Any

observed difference in their opinion was due to chances (Uzoagulu, 1998).

116
The findings in respect of the hypothesis two is in consonant with the findings of

(Sinason, Hillison & Pacini, 2001; Ernest & Young, 2010; Kuenkaikaew & Rutgers,

2013) who were of the opinion that the application of proactive function ensures that

fraud risk analysis is dynamic and that transactions are blocked prior to fraudulent

executions.

Also, this findings support the views of (Bullen, 1995) that internal audit function in

fraud risk should not be seen as identifying errors that have already occurred and

reviewing the procedures that are already in place but, should be a focus on addressing

the future issues that causes weakness that exposes corporations to fraud, theft and profit

increase.

The opinion of (Ernest & Young, 2011) also agreed with the finding that the application

of proactive function extends more than the normal audit function.

This finding may be attributed to several factors, some of which are inherent in the

operations of the application of proactive function as perceived by the respondents and

also stated in (Ernest &Young, 2011). Some of these factors includes more involvement

in non-financial reporting matters such as sustainability and non-financial reporting; a

sharper focus on emerging risks such as information technology risks, new product risks,

international operations and corruption, business continuity and crises management; a

greater advisory role in governance matters through involvement in cooperate

governance, through examination of management decision making processes and by

advising an audit committee effectiveness in (a) educating the audit committee, (b)

helping shape audit committee charters and agenda (c) guiding the executives on how to

present the audit committee (Kuenkaikaew & Rutgers, 2013; KPMG, 2006).
117
In further discussion, we found that all the individual and group mean scores were all

very high above 3.0 study limits. Also the Likert analyses had high percentages of agreed

and strongly agreed responses in the tables to support the subject matter.

The information we got from the interview showed that banks do actually apply these

proactive variable factors in fraud risk management. We also found out that two of the

banks were of the views that their own banks do not emphasize on some of these variable

factors namely: the management of the identification processes set in place and also that

they do not ensure that there is a dynamic risk analysis in fraud risk management. Very

few also suggested that internal audit is not given freedom to examine every aspect of

business initiation and this could give way to fraud. They also agreed that their

management do not permit the internal audit function to examine the management

decision processes in the organizations.

There are emphasis that have been laid on some literatures that suggested that advising

the audit committee effectiveness such as training and improving them in the fraud risk

management and examining the management decision processes in the organization are

some of the key areas to proactively manage fraud risk (Ernst & Young, 2011; Basel

Committee, 2012). In agreement, (Dionne & Searly, 2010), described some of the key

several areas audit committee could become more effective especially in fraud risk

combats. One of the key areas is educating the audit committee and communicating to

them the vital part of what they do and some important areas and some changes in the

fraud risk management strategies. Internal audit proactive function helps to slope audit

committee charter and agenda by coordinating with all the parties in the company and

gathering all the information they want to project for the year and keep track of the

118
agenda and distribute them to everyone. This cannot be achieved where the internal

auditors are not given freedom to intimate the audit committee by the management

provisions.

Further, the statement of (Ernst and Young, 2009) was that internal audit function should

ensure that the risk assessment identifies those risks that are presenting the most

significant risk and communicating them appropriately. Part of the advisory management

decision role was to facilitate risk management decision across the organization. It was

also agreed in (IIA 2011, Global Internal Audit Survey, 2011) that internal audit function

understood fraud risk management concepts and the value preposition better than most

employees and is the bases for allowing them to function without restriction. The survey,

therefore, further agreed that the chief Audit executive (CAE) should in the proactive

function, educate the audit committee and management on the values of effective fraud

risk management.

Furthermore, Ernst & Young, 2006; IIA, Global Survey, 2009), also agreed that internal

audit proactive function should get more involvement in corporate governance processes

and procedures that includes ethics and strategies. Internal audit function should ensure

good governance proactively. Some of the advisory roles that were agreed are

involvement in corporate governance processes, examination of management decision

making and advising the audit committee effectiveness. These were considered as a

strong means of proactively managing fraud risk. But, the result of the interview with the

internal auditors of the banks revealed that they do not give room for that and thus they

do not accept that this very variable factor is a means of combating fraud proactively.

119
Hypothesis III

H3: There is a significant difference in the perception of internal auditors, fraud

auditors and accountants on the question of whether Application of Internal audit

ongoing function is a significant factor in combating fraud risk in Nigerian banks,

Findings:

After the analysis, the testing of the hypothesis showed that the null hypothesis was not

upheld, .i.e. it was rejected. This was an indication and evidence that the respondents

unanimously perceived that internal audit ongoing function is a tool that combats fraud

risk in banks.

Discussions:

The findings from table 4:4:3 revealed that the null hypothesis was not accepted because

the application is significant. The perception of the respondents did not vary significantly

that the application of internal audit ongoing function is significant in combating fraud

risk. Any observed difference in their opinion was due to chances (Uzoagulu, 1989).

The findings revealed that the application of internal audit ongoing function will have to

include among other things such as: (a) assessment processes to support adjustment to the

audit plan which will include effective monitoring in other to ensure consistent

application of processes brought by the organization (b) periodic audit summaries and

rearing (c) updated risk assessment and adhering to other factors which included internal

audit scope, internal audit work papers, audit report and issue tracking (Malaesca &

Sulton, 2013).

120
It was observed from this finding: that the application of internal audit ongoing function

is significant in fraud risk management, also agreed with the opinions of (PWC, 2003;

KPMG, 2006; Albrecht & Romney, 1987; Carnes & Keithley, 1993).

Further, this finding is also in agreement with the findings of (Eden & Morriah, 1996)

who stated that the application of ongoing function of internal audit helps to detect

weakness in management operations and provides a basis for correcting deficiencies that

have eluded the first line of defense before those deficiencies become uncontrollable or

exposed in the external auditors report.

Let us see the result from the mean, the standard deviation and the interview outcome.

The individual and group mean were above the accepted limits of the research and

likewise their standard deviation was tending very small as an evidence of uniform

agreement on the subject matter.

Internal auditors also agreed during the interviews that if this is given full application in

the banks‟ operations it will ensure fraud combats. Majority opinions of the interviewed

internal auditors responded “Yes” that their operation follow a strict adherence to laid

down rules in fraud risk management; while they also agreed that their function ensure

that there is a timely communicated audit report; issuing assessment processes,

supporting and ensuring that risk assessment is updated and ensuring that there is always

audit performance that covers audit plan and design. Majority also said “Yes”, that the

areas that could constitute a major weakness to fraud risk combats in banks, is not

completely complying with strict adherence to laid down rules in fraud risk management.

121
In the various policy statement, made by various (11A), the emphasis have been that

ongoing internal audit function in fraud risk management should comply with all policies,

procedures, rules, guidelines, directives, laws and regulation that are applicable to audit

function. The IIA also, stated that internal audit should have a good relationship with

audit committee and function with or in independence, objectivity and professional

proficiency. Thus any shift from the application as seen from the interview suggestions

could mar with the objective of combating fraud risk.

Hypothesis IV

H4: There is a significant difference in the perception of internal auditors, fraud

auditors and accountants on the question of whether application of internal audit

interactive function significantly combats fraud risk in Nigerian banks.

Findings:

The result of the analysis showed that the testing of the null hypothesis was not accepted.

This was the evident that the respondents perceived that the application of internal audit

interactive function significantly combats fraud risk, when it is applied in banks‟ fraud

risk management.

Discussions:

The result of table 4:4:4 was significant and evidenced that there was no significant

difference from the respondents‟ opinion. Thus, the response that the application of

internal audit interactive function is significant in combating fraud risk in banks, did not

change based on their individual and collective perceptions. Any observed difference in

their opinion was due to chance (Uzagulu, 1989).

122
From their various perceptions this result attested that the application of internal audit

interacts with: (a) senior management to establish, maintain internal system, and reviews,

develop frame work; ensure actions on new development on risk and provide sufficient

resources (b) with the audit committee to install appropriate effective internal audit

function that reviews, focuses on audit plan, significant industry and higher risk issues (c)

with the chief audit executive (CAE) to produce quality assurance and improvement on

all risks assessment program.(d) and with the external auditors to produce synergy on

both internal and external risk management and internal control systems.

The findings do not agree with the opinion of (Hutchinson & Mazlina, 2009); Abbot,

Daughert, Parker & Garry, 2015) who suggested a different variable that interact with

internal audit function in the management of fraud risk.

But, findings on internal audit interactive function with directors to combat fraud risk,

agrees with the views of (Bou-Read, 2000; Ernest & Young, 2008; IPPF) and also the

findings of interactive function with the audit committee tally with the suggestions of

(ICEW, 2004; Gramling,Malleta,Schneider & Church,2004; Paape, George, Panagiotes,

Rani & Evanthia, 2003; Godwin, 2003:Christopher, Sorens & Leueng, 2010; Perrin,

2001; Baesley, 1993; McMullen,1996).

Also, the findings of internal audit interactive function with the chief audit executive

(CAE) do not differ from the findings of (Leung, Cooper & Robertson, 2004; Saren &

Christopher, 2010; George et al, 2013; Beasley, Clune & Hermanson, 2005a; Sharma,

2004) who agreed that internal audit combats fraud risk with an effective interaction with

the chief audit executive.

123
There is no significant difference with the findings that: internal audits interact with the

external audits to produce synergy on both internal and external risk management and

also internal control systems as seen in the findings of the following authors; (Malaesca

& Sulton, 2013; Wallace & Kreutzfeldt, 1991; Apostolou et al, 2001; KMG, 1999;

Krambia-Kapardis, 2001; Curam et al, 2011). Therefore, the findings that the application

of internal audit interactive function being perceived as an effective tool of fraud risk

combats is not misleading from the above references.

From another dimension, internal audit interaction with the Chief Audit Executive (CAE)

to ensure quality audit performance in all fraud risk management, had, both the group and

the individual mean scores above 3.00 and the standard deviation reduced significantly to

show uniform acceptance that the application of this interactive function combats fraud

risk. The opinions during the interviews indicated that there is an application of

interactive function by the various banks.

In literature, a strong relationship with the audit committee was strongly suggested by

(PWC, 2015) to be effective in fraud risk management and at this, they agreed that many

audit committee find value in ensuring that there is an open line of communication

between the committee and the internal audit function. Therefore, companies require the

head of internal audit to report directly to the audit committee, rather than to management

and this represent the best practice in fraud risk combats.

The audit committee chair and the head of internal audit function should have regular

contact outside audit committee meetings. The audit committee should also encourage a

positive relationship between internal audit and external auditor, to ensure effective

relationship between them in realization of fraud risk combat objective.

124
But, the entire findings contradict the findings of some research (Badara & Saiden, 2014;

Salamu & Agbeja, 2007) who found out that internal audit function in fraud risk

management is not effective. This could be as a result of the information of the interviews

with the internal auditors, who have a different opinion that some of these variables,

which we found their application to be significant in combating fraud risk in banks, are

not practically applied in fraud risk management in the establishment that was studied.

4:6. Summary of the Findings

The findings of this study revealed that all the answer to the four questions which were

asked during the study had greater percentage of strongly agreed and agreed responses

from the respondents. All their mean scores were high and above the research chosen

limit point of (3.00). Also, their various standard deviations were so small to show

homogeneity in their agreement such that they did not differ much in their mean

perception scores: therefore they unanimously perceived that the application of internal

audit function combats fraud (Bartz, 1963).

The four research hypotheses formulated were tested. Result of the four hypothesis

indicated that there were no significant difference in the perception of the respondents in

all the variables suggested in the study objectives. In other words, the internal auditors,

fraud auditors and accountants perceived that the application of internal audit data mining

tools combats fraud risk in banks. They view it that the application is an effective tool in

combating fraud risk in banks. Also, the respondents perceived that proactive function is

an effective tool to combats fraud in banks.

125
Further, they perceived that internal audit ongoing function could be used as a tool that

combats fraud risk in banks. Finally, they perceived that internal audit interactive

function could combats fraud risk in banks as well.

The information from the interviews with the actual internal auditors of the various banks

suggested that many of the banks do apply these key variables that could tackle fraud

risk.

Somehow, the results differ from the earlier findings of some researches (Bardara &

Saisen, 2014; Salamu & Agbaia, 2007) who found that the application of internal audit

function in fraud risk is not effective. This reason could be that their study was carried

out on a different industry instead of banking industries.

126
 CHAPTER FIVE

SUMMARY OF FINDINGS, CONCLUSIONS AND RECOMMENDATIONS

5.1 Summary of Findings

This research was conducted to bridge the gap in the scarcity of academic studies and

knowledge in the area of the application of internal audit function IAF in fraud risk

combats. This was done by applying a systematic search for and empirical reviews of the

factors and variables that have been found by scholars of academic literatures that are

applicable in fraud risk combats that have not yet been systematically explored and

reviewed in respect of this study.

The populations of the study were made up of 21 commercial/money deposit banks, out

of which 15 banks were chosen based on systematic sampling techniques selected

through balloting (Uzoagulu, 1998). The population records of 668 were made up of

elements of internal audit staff, fraud audit staff and accountant staff in each of 15 banks

in Enugu banking Zone. Taro Yamane‟s formulae were applied to determine the sample

size of the study which gave a total number of 400 sample size for the study. The valid

responses from the returned instrument used for the analyses to guide this study were 213

respondents. Likert Scale was used to analyze the responses in strongly agreed, agreed,

strongly disagreed, disagreed, and undecided. Descriptive statistics of percentages, mean

and standard deviation were applied on the respondent‟s demography, mean and standard

deviation. ANOVA parametric analysis was employed to test the four hypotheses of the

respondent‟s perceptions.

127
The study results revealed that all null hypotheses tested were rejected and the alternate

hypotheses were accepted. The perceptions of the respondents were that: applications of

internal audit data mining tools are significant in combating fraud risk in banks. But this

data mining tools would have to include data mining audit interrogation, neural networks,

machine learning, algorithms, business intelligence and link analysis.

In the second hypotheses, the respondents also perceived that the application of internal

audit proactive function in fraud risk management is significant in combating fraud risk.

But, such application of the proactive function would have to include (a) getting involved

in a more financial reporting, sustainability and none financial reporting, (b) focus on risk

processes such as management, analysis and corporate risk (c) focus on emerging risk

such as IT risk, new product risk, international operations and corruption, business

continuity, crises management and contractor due diligence (d) greater advisory role and

decision making processes.

The respondents also perceived in the third hypotheses that: internal audit ongoing

function is significant in combating fraud risk in banks. From their perception, the

ongoing function must have to include (a) assessment processes to support audit plan and

design, (b) periodic audit summaries and reporting, (c) updated risk assessment and (d)

audit performance which included scope, work paper, reporting and tracking issues.

Their perception in fourth hypotheses also showed that interactive function is significant

in combating fraud risk and this involves a consolidated effort of internal audit team

working with the senior management, the audit committee, the chief audit executive

(CAE) and the external auditors.

128
These findings were not at variance with the findings of other researchers in the similar

studies.

The interviews with the main internal auditors of the various banks suggested that

majorities of these variables are in application in various Nigerian banks fraud risk

management.

Our study findings also suggest that internal audit function in fraud risk management in

Nigeria could be significant in fraud risk combats in contrast to earlier finding of

(Bandara & Saidan, 2014, Salam & Agbaja, 2017), if only these objective variables

which are perceived to be significant are properly applied in fraud risk management in

banks.

5.2 Implications of the Findings

The results of this study have a far-reaching implication for banks, business owners,

future entrepreneurs, other financial institutions etc. From the findings, we point out that

special attention has to be directed towards the four identified variables that were

perceived to have significant effect in fraud risk management. This is viewed to prevent

fraud and prevent entities from collapsing or having distress periods. Therefore, banks

and other financial institutions should be aware from the findings that there are several

things to be considered as found in the variables factors. These things should be

considered not only in the operations of the existing business plans but also in getting

involved in new ventures and loan applications.

Several business entities have collapsed both in Nigeria and elsewhere due to improper

fraud risk management (Onogun, 2009; Adedeji, 2005; Osisioma, 2012; Owolabi, 2010;
129
Adeyemi, 2012; Robu, Chesan, Mironiuc & Cap, 2012). But, in the analysis of the study,

it was found that data mining audit interrogation, neural networks, machine learning

techniques, algorithms, business intelligence and link analysis were perceived as tools

that are combined with other factors to combat fraud risk. These views were supported in

the findings of various literatures on internal audit function in fraud risk management

(Alleyne, Persuade, Greenidge & Searly, 2010; Thiruvad & Patel, 2011; XU, Sung &

Liu, 2009). In other words, entities that hope to stand the chance of surviving distress will

possibly have to curb fraud by trying to incorporating some or all of the suggestions of

this study in the management of their fraud risk factors. The whole factors of the

variables are perceived to be important and applicable in fraud combats and banks should

try to apply them

It was perceived that internal audit proactive function positively contributes to fraud risk

managements. Internal audit proactive function was perceived to include: propelling

managements of corporations to get involved by proactively delving in the future affairs

of business management by expanding their visions for expansion in profit maximization

instead of digging in for fraud in the day to day business activities. Therefore it suggested

that entities should get involved in more (a) Financial reporting, sustainability and none

financial communications, (b) focus on risk processes such as its management, analysis

and corporate risk, (c) focus in emerging risk such as IT risk, new product risk,

international operations and corruption.

Further, it was found that the mean score indicated a higher agreement that internal audit

ongoing function combats fraud risk. Internal audit ongoing function in fraud risk

management was perceived to be significant in the testing of the hypothesis. This implies

130
that entities should try to see how to inculcate internal audit ongoing function in their

fraud risk management. Several literature findings are of the opinions that internal audit

ongoing function combat fraud risk (Albrecht & Romney, 1987; Carnes & Keithley,

1993; PWC, 2003; KPMG, 2006).

Finally, the findings from this study have increased the understanding of how internal

audit variables and its factors could influence fraud risk management and increase:

business survival and profit maximization. Therefore, the implication for entities is to

translate the findings into business practice. But, care must be taken in the application of

these findings, because these are only academic research finding, that have not been fully

implemented in real business life.

5.3 Conclusions of the study

The major findings of this study serve as a basis for making the following conclusions.

1. There is, indeed a paucity of academic studies that have applied a systematic

empirical review that had been specifically centered on internal audit function in

fraud risk management. Thus our study found four variables that were perceived to

be significant in combating fraud risk in banks by our three group of respondents

(fraud auditors, internal auditors and accountants), these are:

2. Internal audit data mining tools variable is significant in combating fraud risk in

banks,

3. Internal audit proactive function variable is significant in combating fraud risk in

banks,

131
 4. Internal audit ongoing function variable is significant in combating fraud risk in

bank,

5. Internal audit interactive function variable is also significant in combating fraud

risk in banks.

6. Some of the findings of this study have agreed with the findings of several other

researchers in the similar field and some findings of some researchers did not

completely agree with the findings of this study.

5.4 Recommendations

This study makes the following recommendations based on the findings:

i. Application of internal audit function in fraud risk management can be

brought down to the grassroots of every management cadre by ensuring that a

functioning internal audit is put in place,

ii. Banks and other financial institutions that are susceptible to more fraud risk

factors are encouraged to adapt and fully try to apply these four discovered

internal audit function and their variable factors that are perceived by this

study to see if their application could significantly impact their own fraud risk

management,

iii. Companies will have to ensure that internal audit function in fraud risk

management, should no longer be based on traditional function of discovering

frauds from audited paper works and accounting records but should include

an ongoing function that support audit plan design, period audit summaries,

reporting, updated risk assessment and audit performance that track an ongoing

fraud, and fraud intentions,

132
iv. Every entity that desires to survive the present economic depression should

broaden their horizon in internal audit fraud risk management processes and

include proactive function in their approach to fraud risk combats. This would

ensure that management get more involved in sustainability, international

operations, business continuity, focus on emerging risk and more focus on

other emerging business areas,

v. Finally, every corporation will have to ensure that there is an effective fraud

risk management in internal audit function by embracing the internal audit

interactive function with senior management, audit committee, chief audit

executive and the external auditors,

5.5 Current Research Contributions

The followings are considered as the current contributions of this study.

a. This study found four variables and gave a construction of a new conceptual

framework that showed how internal audit combats fraud risk in banks. Formerly,

the conceptual framework of some available researches on the subject matter did

not provide holistic approach to fraud risk management and many of them were

focused in one aspect of fraud risk management. But, the conceptual framework of

this study suggested a broad view that covered more aspect of internal audit

function in fraud risk management.

b. This research brought about the qualitative study of management of fraud risk by

selecting, quantifying and measuring the key identified variables that are

perceived to combating fraud risk.

133
 c. The study also in its contributions, have indeed bridged the gap of the paucity of

academic studies and provided a systematic empirical reviews of literatures

covering internal audit function variables in fraud risk management which may

also serve as a reference to other researchers.

d. Lack of methodology in application of fraud risk principles in planning internal

audit function was found by (Coetzee & Lubee, 2013; Bayon & Reinstain, 2001;

Grazioli, Jamal & Johnson, 2006). But, the methodological contribution of this

research is found on the design, comparative methods, systematic techniques and

systematic analysis that were employed in the study.

e. Finally, it provided a more understanding of the various application factors that

combats fraud risk through the suggestions of the research findings, implications,

and recommendations. These would also serve as a guide to business growth and

entity sustainability.

5:6 Suggestions for Further Study

We suggest here that further study can be carried out on the same topic application of

internal audit function in fraud risk management choosing a different industry instead of

banking. The study can be conducted in a manufacturing industry to see whether it be

perceived significant in combating fraud risk in the industry.

Another study can also be carried out to determine the impact of internal audit function in

fraud risk management instead of the application.

134
 REFERENCES
Abbott, L.J., Parker, S. & Park Y. (2000). The effect of audit committee activity and
independence on corporate fraud. Managerial Finance 26(11): 55-67.

Abbott, L. J.,Brian, D., Susan, P. & Garry, F. P. (2015). Importance of independence and
competence. Accounting Research Journal Vol. 54 no 1 March 2016, USA.

Abushaiba, 1. A., & Zainuddin, Y. (2012). Performance measurement system design,

competitive capability and performance consciences. A Conceptual like
International Journal of Business and Social Science 3(11), 184-193.

Abushaiba, I.A., & Zainuddin, Y. (2012). Performance measurement systems in central

and eastern europe: A synthesis of the empirical literature, pp: 88-103.

ACC, (2013). Detecting and preventing fraud with data analytics.

ACFE. (2010). Report to nation (RTTN). Online @ http://www.acfe.com /rttn.aspx.

Ahmad, N., Othman, R., & Jusoff.(2009). The effectiveness of internal audit in Malasian
public sector. Journal of modern Accounting and Auditing, 5(9), 784-790.

AICPA. (2005). Fraud and the responsibilities of the audit committee: An overview.

Aksoy, T. & Kahyaoglu, S. (2013). Measuring the internal audit performance: Tips for
successful implementation in Turkey. American International Journal of
Contemporary Research, 3(4). 71-82.

Albrecht, W.S., Albrecht, C.D., Albrecht, C.C. & Zimbelmain, M.F. (2011). Fraud
examination. 4th Edn. South Western Cengale Learning Manson, Ohw.

135
Abelson, R.I (1985). Statistic as principled argument: Hillsondale, NJ Erlbaum isbn 0-
8058-0528-1

Allen,E.I & Seaman, C. A. (2007). Quality Progress. 2007, July edition.

Allyne, P.,Persaud, N., Greenidge, D & Sealy, P.(2010). Perceived effectiveness of fraud
detection and procedures in astock and warehousing cycle: Addition evidence
from Babados. Managerial Auditing Journal 25(6), 553-568.

Anderson, D., Francis, J.R. & Stokes, D.J. (1993). Auditing, directorship and the demand
for monitoring. Journal of Accounting and Public Policy, 12(4). 353-375.

Anuntakalakul, A. (2010). The achievement in risk management and governance of

public sector organization in thailand: The empirical evidence of internal auditing
efforts. EABR & ETLO Conference Proceedings Dublin. Ireland, pp:99-104.

Anyanwu, F.A. (2002). Introduction to insurance. Cremo Publishers 67 Doughas Road,

Owerri.

Apostolou, B.A., Hassel, J.M., Webber, S.A. & Summers, G.E. (2001). The relative
importance of management fraud risk factors. Behavioral Research in Accounting
13:1-24.

Arena, M. A. & Azzona, G. (2009). Identifying organization drivers for internal audit
effectiveness. International Journal of Auditing (13),43-69.

Badara, M.S., & Saidin, S. Z. (2014). Empirical evidence of antecedent of internal audit
effectiveness from Nigerian perspective. Middle-East Journal of Scientific
Research 19(4), 460-471.

136
Bayon, M.E. & Reinstein, A. (2001). A systematic views of fraud explaining its
strategies, anatomy and process. Critical Perspective on Accounting, 12(4): 383-
465.

Bartz, A. E. (1963). Elementary statistics method for educational measurement. Burges:

Burgess Pub. Co.

Beasley, M.S. (1996). An empirical analysis of the relation between the board of director
composition and financial statement fraud. The Accounting Review 71 (4), 443-
465.

Beasley, M.S., Clume, R. & Hermanson, D.R. (2006). The impact of enterprise risk
management on the internal audit function. The Accounting Review

Beasley, M.S., Clune, R. & Hermanson, D.R. (2005a). E.R. M.A. status report. Internal
Auditor. pp. 67-72.

Beasley, M.S., Clune, R. & Hermanson, D.R. (2005b). E.R.M. an empirical analysis of
factors associated with the extent of implementation. Journal of Accounting and
Public Policy. (24), 423-531.

Becker, R.A., Volinsky, C., & Wilks, A.R. (2010). Fraud detection in
telecommunications: History and lessons learned. Technometrics (52),20-33.

Belay, Z. (2007). A study on effective implementation of internal audit function to

promote good governance in the public sector.

Belloli, P. (2006). Fraudulent overtime. The Internal Auditor 63 (3), 91-95.

137
Benaroch, M., Lichtenstein, Y., & Robinson, K. (2006). real options in information
technology risk management: An empirical validation of risk option relationship
management. Information System Research Centre, Quarterly 30 (4), 827-564.

Bologna, G.J. & Linduist, R.J. (1987). Fraud auditing and forensic accounting: New tools
and techniques. New York John Wiley & Sons .

Bota – Avram, C., Popa, L., & Stefanescu, C. (2010). Methods of measuring the
performance of internal audit.

Boynton, W.C., & Kell W.G. (1996). Modern auditing. 6th Edition,USA John Willey *
Sons Inc., pp: 839.

Brandon., & Mueller. (2006). The influence of client importance on juro evaluation of
auditor liability. Behavioral Research in Accounting, (18)1-18.

Buhovac, A.R., & Groff, M.Z. (2012). Contemporary performance measurement systems
in central and eastern european: A synthesis of the empirical literature pp. 88-
103.

Burnaby, S., Howe, M., & Muehlmann, B. (2013). Detecting fraud in the orgnaization:
An internal audit perspective. Journal of Forensic & Investigative Accounting
3(1),195 -233.

Campbel, K. W., & Foster, J.D. (2007). The narcissism self: Background, an extended
agency model, and ongoing controversies.

Campbell, W.K., Rudich, E., Sedikudes, C. (2002). Narcissism, self-esteem, and the
positivity of self views: Two portrait of self-love. Personality and Social
Psychology Bulletin 28(3), 958-68. Online dot: 10.1177/01461677 202286006.
http:// dx.doi.org Accessed5/4/2014 1.03. pm.

138
Carcelllon, J.V., Hermanson, D.R. & Raghunandan, K. (2005). Factors associated with
U.S. public companies investment in internal auditing. Accounting Horizon 19(2),
69-84.

Carey, P., Subramania, N. & Ching, K.C.W. (2006). Internal audit outsourcing in
australia. Accounting and Finance 46(1), 11-30.

Carnes, K.C. & Keirthley, J.P. (1993). Does the limited tenure of internal auditors hampa
fraud detection. Business & Professional Ethics Journal 12(3), 3-29.

Carpenter, T.D. (2007). Audit team brainstorming, fraud risk identification and fraud
risk assessment: Implication of SAS no 99. The Accounting Review 82(5), 1119-
1140.

Castanberia, N., Rodrigues, L.L., & Craig, R. (2010). Factors associated with the
adoption of risk based internal auditing. Managerial Auditing Journal, 25(1), 35-
39.

Chaveerug, A. (2011). The role of accounting information system knowledge on audit

effectiveness of cpas in Thailand. Journal of Accounting-Business and
Management 20(1),46-58.

Christopher, J., Sarens, G. & Leung, P. (2009). A critical analysis of the independence of
the internal audit function: Evidence from australia. Accounting, Auditing &
Accountability Journal 22(2), 200-220.

Church, B.K., McMillan, J.J. & Schneider, A. (2001). Factors affecting internal auditors
consideration for fraudulent financial reporting during analytical procedures,
auditing. A Journal of Practice & Theory 20(1), 65-50.

139
CIMA. (2009). Fraud risk management: A guide to good practice. Chartered Institute of
Management Accountants.

Coderre, D.( 2010). The changing face of internal audit. Treasury Board of Canada’s
Secretariat
.
Coderre. D. R. (2005). Continous auditing:Implications for assessment, monitoring, and
risk assessment. www. Searchsecurity.com/Beridview. 20/3/2014

Coetzee, P. & Lubbe, D. (2013). The use of risk management principle in planning an
internal audit engagement. African Journal of Business Management, 3(13). 959-
968

Coetzee, P., & Fourier, H. (2009). Perception on the role of the internal audit function in
respect of risk. African Journal of Business Management, 2(09). 959-968.

Coetzee, P., Coetzee, G.P. & Fourie, H. (2009). Perception on the role of the internal
audit function in respect of risk. Economics & Management Science.

Cohen, A. & Sayag, G.L. (2010). The effectiveness of internal auditing: An empirical
examination of its determinants in israeli organizations. Australian Accounting
Review 54 (2), 3.

Cohen, J., Krishmamoorthy, G. & Wright, A. (2002). Corporate governance and the
audit process. Contemporary Accounting Research, 19(4): 573-594.

Cohen, J. (1989). Statistical power analysisfor the behavioural research sciences. 2nd
Edition Hillson, NJ. Erlbaum.

140
Collier, P., Dixon, R. & Marston, C. (1991). The role of internal auditors in the
prevention and detection of computer fraud. Public Money & Management 11(4),
53-61.
Colquitt, L.L., Huyt, R.E. & Lee, R.B. (1999). Integrated risk management and the role
of the risk manager. Risk Management and Insurance Review(2), 43-61.

Companies and Allied Matter Decree CAMD, (1990). With the Amendment.

Cooper, D. & Schindler, P. (2003). Business research methods (8th Ed). New York:
McGraw hill Comp.

Cooper, R., & Schindler, S. (2006). Business research methods and data. New Delhi,
Mcgraw-Hill Publishing Company Ltd.

Coram, P. Ferguson, C. & Moroney, R. (2011). The importance of internal audit in fraud
detection.

Coram, P., Ferguson, G. & Moroney, R. (2008). Internal audit, alternative internal audit
structure and the level of misappropriation of assets fraud. Accounting and
Finances, 48(4), 543-559.

CPA. (2011). Employee fraud: A guide of reducing the risk of employee fraud and what
to do after a fraud is detected. Published by CPA Australia Ltd CAN 008392452.

Cronback, L. J. (1960). Essentials of psychological testing. New York: Harper and

Brothers Publishers.

Cronbach, L. J., & Meehl, P. E. (1955). Construct validity in psychological tests.

Psychological Bulletin, 52, 281-302.Retrieval from doi: 10.1037/h0040957 15/6/14.

141
David, S., William, H & Carl, P. (2001). The government internal auditors role in
implementing SAS 82. Journal of Public Budgeting Accounting and Finance pg
512

Dela Rosa, S. (2008). How to effectively review your organization‟s risk management
process. Johannesburg, Institute of Internal Auditors Training Programme.

Deloitte. (2010). The changing role of internal audit. (Accessed Online Lahttp:// www.
Deloitte.com/view/in. June 2013).

Deloitte. (2010). The inside story: The changing role of internal audit in dealing with
financial fraud, deloitte london, Online @
http:.//www.deloitte.comm/assets/DcomUnitedkingdom/local/620/Assets
/Document/ services/CF/Uk CF Deloitte internal Audit Fraud Survey 2010 pdf
(accessed June 15th 2013).

Deloitte. (2012). The Internal Audit fraud Challenge; Prevention, protection, Detection
(Accessed Online Lahttp:// www. Deloitte.com/view/in. June 2013).
.
Dezoort, T., & Harrison. (2008). The effects of fraud types and accountability pressure on
audit fraud detection responsibility and brainstorming performance. Working
paper.

DeZoort, T., & Harrison, P. (2008). An evaluation of internal auditor responsibility for
fraud detection. The Institute of Internal Auditors Research Foundation.

DeZoort, T. Harrison, P.,& Taylor, M. (2006). Accountability and auditors‟ materiality

judgments: The effects of differential pressure on conservatism, variability, and
effort. Accounting, Organizations and Society 31 (415), 373-390.

D'agostino, R. B., Belanger, A., & D'Agostino R. B., Jr. (1990). A suggestion for using

142
 powerful and informative tests of normality. The American Statistician,
44, 316-321.

Dikinson, G. (2011). Enterprise risk management: Its origins and conceptual foundation.
The general papers on risk and Insurance Issues and Practice 26(3): 360-366.
Online @ http://www.jstor.org/stable/41952578 (Accessed 24/04/ 2014, 11:00.

Dimitra, D. (2016). Joost. De Winter Retrieval Deft, University of Technology.

Dittenhofer, M. (2001). Internal auditing effectiveness: An expansion of present methods.

Management Auditing Journal, 16(8), 443-450.

Dominic, S.B.S., & Nonna, M. (2011). The internal audit function: perception of internal
audit roles, effectiveness and evaluation. Management Auditing Journal 26(7),
605-622.

Dordavic. M, & Dukic. T, (2015). Contribution of internal audit in the fight against fraud.
Facaulty of Economics, University of NIS Serbia.

Duffield. G., Grabosky, P. (2001). The psychology of fraud. Australian Institute of

Criminology, Trends and Issues.

Dunn, P. (2004). The impact of insider power on fraudulent financial reporting. Journal
of Management 30(3), 397-412.

Durtschi, C., Hillison W., & Pacini, C. (2004). The effective use of benfords law to assist
in detecting fraud in accounting data. Journal of forensic Accounting pp. 17-34.

Dycus, D.E. (2002). Auditing for fraud. In Association of Certified Fraud Examiners
Training Seminar. Association of Certified Fraud Examiners . Available Fac..
(Accessed on May 2014).
143
Ebad, E.S. (2011). Internal auditing function: An Exploratory Study from Egyptian Listed
Firms. International Journal of Law and Management 53(2),108-28.

Ebimobowei, A. & Kereotu, O.J. (2011). Role theory and the concept of audit
expectation gap in south-south, nigeria. Current Research Journal of Social
Sciences 3(6) 445-452.

Endaya, K.E. & Hanefah, M.M. (2013). Internal audit effectiveness: an approach
proposition to develop the theoretical framework. Research Journal of Finance
and Accounting 4(10), 92-202.

Enofe, A.O., Mgbame, C.J., Osa-Erhabor, V.E. & Ehiorobo, A.J.(2013). The role of
internal audit effectiveness management in public sector Research Journal of
Finance and Accounting 4(6), 162-168.

Ernest & Young. (2007). Global internal audit survey: A current state analysis with
insight into future trends and leading practices. (Accessed online at www.
Theia.org// download cfm? File=31923.

Ernst & Young. (2008). Escalating the role of internal audit: Ernst & Young Global
Internal Audit Survey. (Accessible online @ http>//www.eg.com/global
/content.nst /Internation/AABS. Advisory-Escalating the role of Internal audit
June 2013).

Ernst & Young. (2012). The evolving role of internal audit: A proactie catalyst
(Accessed online at www. Theia.org// download cfm? File=31923.

Fabiani. T, & Smirth. C, (2014). Strategic proactive fraud risk management and scenario
assessment, ACFE.

144
Faul, F., Erdfelder, E., Lang, A. G., & Buchner, A. (2007). G* Power 3: A flexible
statisticalpower analysis program for the social, behavioral, and biomedical
sciences. Behaviorresearch methods, 39, 175-191.

Ferguson, C. J. (2009). An effect size primer: A guide for clinicians and researchers.
Professional Psychology: Research and Practice, 40, 532.

Friedberg, A. (1998). Ethical aspect of internal auditing. Journal of Business Ethics 17(
8), 895-904.

Gavious, I. (2007). Alternative perspective to deal with auditor‟s agency problem.

Critical Perspective on Accounting, 18(4), 451-467.

George, D., Panagirotis., Rania, V., & Evanthia, K. (2013). Assessment of corporate
governance via internal audit.

Gbegi, D.O. & Adebisi, J.F. (2013). The new fraud diamond model: How can it help
forensic accountants in fraud investigations in nigeria. european journal of
accounting, auditing and finance research 1(4), 129-138.

Gbanbari, M.K. & Einakiam, M. (2014). Using data mining to detect frauds of internal
audits. Proceedings of 9th International Business and Social Science Research
conference 6-8 January, Novotel World Trades Centre, Dubai. UAE.

Ghoshi, M. (1993). Internal audit function and role of accounting education. Economic
and Political Weekly 28 (48), M169-M171-M173-M176.

Gill, N.S. & Gupta, R. (2009). Prevention and detection of financial statement fraud: A
data mining approach. Journal of System Manager (7),55-68.

145
Glein, N.I. (2004). CIA review part 1: Internal audit role in governance, risk and control
11th edition. Florida, Glein Publication.

Glein, N.I. (2004). CIA Review part ii: conducting the internal audit engagement, florid
11th edition. Glein Publication.

Godwin-Stewart, J., & Kent, P. (2006). The use of internal audit by australian companies.
Managerial Auditing Journal (2) 18-101.

Goetzee, P.G. (2004). The effect of the hiv/aids on the control environment: An internal
audit perspective. University of Pretoria.

Goodwin, J. (2003). The relationship between the audit committee and the internal audit
function: Evidence from australia and new zealand. International Journal of
Auditing 7(3), 263-278.

Gorden, L.A., Loeb, M. P. & Tseng, C. (2009). enterprise risk management and firm
performance: a contingency perspective. Journal Accountancy Public Policy (28),
301-327.

Graham, J., & Patel, S. (2006). Internet-Based security monitoring and control for utility
companies and process plants: Data technology review. International Journal of
Business IT (3),28-33.

Gram, P., Ferguson, C., & Moroney, R. (2006). The value of internal audit in fraud
detection.

Gramling, A.A., Maletta, M.U., Schneider, A. & Church B.K. (2004). The role of the
internal audit function in corporate governance: A synthesis of the extent internal
auditing literature and direction for future research. Journal of Accounting
Literature (23), 194-244.

146
Gramling, A.A. & Myers. P. (2006). The role of internal audit function in enterprise wide
risk management. Working Paper.

Grant Thornton. (2008). Managing fraud risk: The audit committee perspective.
Gray, I., & Manson, S. (2000). The audit processes, principles, practice and case, 2nd
edition, U.S. Thomson Learning.

Grazuoli, S., Jamal, K., & Johnson, P.E. (2006). Cognitive approach to fraud detection.
Journal of Forensic Accounting (7),65-88.

Griffiths, D. (2006a). Risk-based internal auditing: An introduction, 15/03/2006, version

2.0.3. Online from http://www.internalaudit.biz/supporting-pages/ resources htm
(assessed 15 May 2014).

Griffiths, D. (2006b). Risk-based internal auditing: Three views on implementation,

15/03/2006, version 1.0.1. Online from http://www/internalaudit. bit/sup-porting-
pages/resources. htm. (Accessed 15 May 2014).

Guo, H. & Viktor, H./L. (2008). Learning form skewed class multi-relation database,.
Fundamental Information (89),69-94.

Guy, D. M., Alderman, W.C., & Winters, A.J. (1996). Auditing, 4th edition, U.S. The
Dryden Press.

Hamilton, D. I., Gabriel, J. M.O. (2012). Dimension of fraud in nigeria quoted firms.
American Journal of Social and Management Sciences.

Heaston, P, H., Cooper, R. W. & Frank, G. L. (1993). The ethical environment of the
internal auditor. Internal Auditor (June),18-23

147
Hodges, A. (2000). Emergency risk management. Risk Management 2(4), 7 – 18.
Published by Palamgrave Macmillan .

Hoffman, V.B. (1997). Discussion of the effects of sas no 82 on auditors attention to

fraud risk factors and audit planning decisions. Journal of Accounting Research,
Vol. 35,99-104.

Hua, J., Patel, S. &Zaven, J. (2009). Securing business information system from cyber-
attacks. Journal Digital Business (3),35-53.

Huang, S.M., Yen, D.C., Yang, L.W. & Hua, J.S. (2008). An investigation of zipf‟s law
for fraud detection. Decision Support System (46),70-83.

Huang, H.W. & Thiruvaid, S. (2010). Audit committee characteristics and corporate
fraud. International Journal of Public Information System, (6),71-82.

Hutchinson, M. & Zain, M. M. (2009). Internal audit quality, audit committee

independence, growth opportunity and firm ownership and control. University of
Tech. Brisborn

Ibrahim El-Sayed L.L. Bad. (2011). Corporate governance practice and auditors client
acceptance decision: Empirical evidence.

Igbataya, S.(2011). The challenges of the global economic, crisis and nigerian‟s financial
markets stability. Journal of Emerging Trends in Economics and Management
Sciences (JETEMS) 2(6), 497-503.

Imemda, S. (2014). Is there a conceptual difference between theoretical and conceptual

framework. J. SOC. SCi, 38 (3), 185-195.

11A. (2007). Balanced scorecard approach to internal auditing: GAIN bench marking.

148
11A. (2010). Measuring internal audit effectiveness and efficiency:IPP-Practice guide.
The Institute of Internal Auditors. . Online @ www.theiia.org/guidance/ quality/9a
manual -6th-edition.

11A. (2009). Gain global audit information network, knowledge report. . Online @
www.theiia.org/guidance/ quality/9a manual -6th-edition.

11A. (2009). GAIN, measuring internal audit performance, knowledge report. . Online @
www.theiia.org/guidance/ quality/9a manual -6th-edition.

11A.(2009). Annual benchmarking study. . Online @ www.theiia.org/guidance/

quality/9a manual -6th-edition.

11A. (2010). The 11A‟s quality assessment manual for internal audit activities. Online @
www.theiia.org/guidance/ quality/9a manual -6th-edition.

11A., AICPA., ACFE. (2009). Managing the business risk of fraud: a practical guide.
Online @ www.theiia.org/guidance/ quality/9a manual -6th-edition.
.
Institute of Internal Auditors Birmingham Chapter BBVA. (2012). Fraud and internal
audit: Current views, examples, and resources. Online @
www.theiia.org/guidance/ quality/9a manual -6th-edition.

Institute of Internal Auditors . (2009a). Global technology audit guide: Fraud prevention
and detection in an automated world, Altamonte Springs, FL.

Institute of internal Auditors IIA. (2004). The role of internal auditing in enterprise-wide
risk management. Global Headquarters 247 Mariland Avenue Sydneys.

149
Intakhan, P. & Ussahawanitchakit, P. (2010). Roles of audit experience and ethical
reasoning in audit professionalism and audit effectiveness through a moderator of
stakeholders pressure: An empirical study of tax auditors in thailand. Journal of
Academy of Business and Economics 10(5), 1-15.

James, K.L. (2003). The effects of internal audit structure on perceived financial
statement fraud prevention. Accounting Horizons 17(4), 315-327.

Kangarlouei, S.K., Motavasse, M., & Mohammadzadeh, V. (2013). Evaluation of

internal audit effectiveness in tehran stock exchange. International Journal of
Advances in Management and Economics 2(1), 77-82.

Kaplan, R.S., Norton, D.P. (1996). Using balance scorecard as a strategic managerial
system. Harvard Business Review pp, 75-85.

Karagiorgos, T., Drogalas, G., Christodoulou, P., & Pazarskil, M. (2010). Conceptual
framework, development trends and future prospects of internal audit: Theoretical
approach.

Karmbia-Kapardis, M. (2002). Enhancing the auditor‟s fraud detection ability: An

interdisciplinary approach. Available Online at http:/www. Peterlang.com/
index.cfm? Event. Cst.ebook.datasheet & id = 21612 (Assessed may 2014).

Kassem, R., & Higson, A. (2012). The new fraud triangle model. Journal of Emerging
Trends in Economics and Management Sciences 3(3), 191-195.

Kaya, C. T. & Tez, N. E. (2014). Implementing the efficatious functioning IIA system in
coping with fraud: A closer look at proposed continous auditing structure set forth
by aguinot. International Journal of Research in management and Business
Studies 1(1) Jan.- March, 2014

150
Keete, S.A. (2011). Covering the bases, risk assessment and legal issues at a cross roads:
How risk management can save capitalism ,ACFE.

Kirkos, E.C., Spathis, C. & Manolopoulos, Y. (2007). Data mining techniques for the
detection of fraudulent financial statement. Expert System Application (32), 995-
1003.

Koletar., J.W. (2003). Fraud exposed: What you don‟t know could cost your company
millions. New Jessey John Willey & Sons Inc. Hoboken .

Kolter, J.Z., & Maloof, M.A. (2006). Learning to detect and classify malicious exactness
in the wild. Journal of Machine Learning Research (7), 2712-2744.
Konrath, L.F. (1996). Audit concepts and application 3rd edition. USA West Publishing
Company pp. 730.

Kothari. C.K. (2004). Research methodology methods and techniques. New Delhi, New
Age Int. Publishers.

Kotsiantis, S., Koumanakos, E., Tzehepis, D., Tampakas V. (2006). Forecasting

fraudulent financial statement using data mining. International Journal of
Computational Intell. (3), 104-110.

Kou, G., Peng, X., Chen, Z. & Shi, Y. (2007). Multiple criteria mathematical
programming for multi-class classification in network intrusion detection.
Information Society (179), 371-381.

KPMG. (2003). Leveraging data analytics and continuous auditing processes for
improved audit planning, effectiveness and efficiency. Online at
www.sopac.org.au /Document-Library/fac. (Accessed on May 2014).

151
KPMG, L.L.P. (1994, 1995, 2013, 2014). Fraud survey. Montvale, N.J; KPMG. Online at
www.sopac.org.au /Document-Library/fac. (Accessed on May 2014).

KPMG, LLP. (1994. 1993). Fraud survey. Montvale. Available Online at http:/www.
Peterlang.com/ index.cfm? Event. Cst.ebook.datasheet & id = 21612 (Assessed
may 2014).

KPMG, LLP. (1999, 1998). Fraud survey. Montvale, N.J. Available Online at
http:/www. Peterlang.com/ index.cfm? Event. Cst.ebook.datasheet & id = 21612
(Assessed may 2014).

KPMG. (2006). Fraud risk management: Developing a strategy for prevention, detection
and response. Available Online at http:/www. Peterlang.com/ index.cfm? Event.
Cst.ebook.datasheet & id = 21612 (Assessed may 2014).

KPMG. (2007). The evolving role of the internal auditor: Value creation and preservation
from an internal audit perspective. Available Online at http:/www. Peterlang.com/
index.cfm? Event. Cst.ebook.datasheet & id = 21612 (Assessed may 2014).

KPMG. (2016). Top ten key risk in 2016: Banking and capital market. Retrieval
@(kpmg.com May 2017).

Kraemer, H. C. & Theimann, S (1987). How many subjects? Statistical power analysis in
research. Newbery Park CA. USA.

Lee, T., Alip, A., & Gloeck, J.D. (2008). A study of auditors‟ responsibility for fraud
detection in malasia, southern african. Journal of Accounting and Auditing
Research (8), 27-34.

Leshem, S., & Trafford, V. (2007). Overlooking the conceptual framework. Innovation
in Education and Teaching International 44 (1), 93-105.

152
Leung, P., Cooper, B.J. & Roberson, P. (2004). The role of internal auditors in corporate
governance and management, Melboume Rmild Publishing

Lewis, D., Joseph, S.C., & Roach, K.Q. (2011). The implications of the current global
financial economic crisis on integration: The Caribean experience.

Liao, N., Tain S. & Wang, T. (2009). Network forensics based on fuzzy logic and expert
system. Computer Communication (32) 1991-1892.

Liou, F. M. (2006). Fraudulent financial reporting, detection and business failure

prediction models: A comparism. Management Auditing Journal (23), 650-662.

Loftus, L. (2011). Internal audits role in fraud prevention and detection. Online at
www.sopac.org.au /Document-Library/fac. (Accessed on May 2014).

Luehlfing, M.S., Daily, C.M., Philips, T.J., & Smith, L.M. (2003). Cyber crimes
intrusion, detection and computer forensic. Internal Auditing 18 (5), 9-13.

Magid, A., Ferdinand, A.G., Judy, S.U.T. (2001). An analysis of hong kong auditors
perception of the importance of selected red flag factors in risk assessment.
Journal of Business Ethics 32 (3), 263-274.
Malaesca, I. & Sutton, S. G. (2013). The reliance of external auditors on internal audit
use of continuous audit.

Marden, R., & Edward, R. (2005). Employee fraud in the casino and gaining industry.
Internal Auditing 20 (3), 21-30. Online at www.sopac.org.au /Document-
Library/fac. (Accessed on May 2014).

Martin, A.G. (2013). Fraud risk assessment. Online at www.sopac.org.au /Document-

Library/fac. (Accessed on May 2014).

153
Martin, M.J., & Markus, A. (2009). A systematic framework for risk visualization in risk
management and communication 11 (20), 67-89.

Mihret, D. G., James, K., & Joseph, M.M. (2010). Antecedents and organizational
performance implications of internal audit effectiveness: Some propositions and
research agents. Pacific Accounting Review 22 (3), 224-252.

Mihret, D.G., Yismaw, A.W. (2007). Internal audit effectiveness: An ethiopean public
sector: Case study. Managerial Auditing Journal 22 (5), 470-484.

Muhammed, K., Ghambari, M. (2014). Using data mining to detect frauds of internal
audit. Proceedings of 9th international business and social sciences research
conference Dubai UAE

Mui, G. (2010). Factors that ,impact on internal auditors, fraud detection capabilities.
A Report for the Institute of Internal Auditors. Australia. Online at
www.sopac.org.au /Document-Library/fac. (Accessed on May 2014).

Mukkamala S., Sung, A.H., & Abraham, A. (2005). Intrusion detection using an
ensemble of intelligent paradigms. Journal of Network Computer Application (28),
167-182.

Mukkamala S., Janoski, G. & Sung, A. (2002). Intrusion detection using neural networks
and support vector machines. Proceedings of IEEE International Joint Conference
on Neural Network pp. 1702-1707.

Murphy, K. R & Myors, B. (2003). Statistical power analysis: A sample and general
model for traditionaland modern hypothesis tests. 2nd Edition,Lawrence Eribean
Associates

154
Na Ranong, P. & Phuenngam, W. (2009). Critical success factors for effective risk
management procedures in financial industries. A Study from the Perspective of
the Financial Institutions in Thailand.

Namee, M.D., & George, M. (2008). Risk management: The internal auditors paradigm.
Florida Institute Of Internal Auditors Research Foundation.

Nunnally, J. C., Bernstein, I. H., & Berge, J. M. F. (1967). Psychometric

theory (Vol. 2): NewYork, NY: McGraw-Hill.

Nonyelum, O.F., & Chibueze, I. H. (2009). Credit card fraud detection using artificial
neural networks with a rule-based components KFAI University Journal of Science
Technology (5), 40-47.

Norman, C.S., Rose, A.M., & Rose, J.M. (2010). Internal audit reporting lines, fraud risk
decomposition, and assessing of fraud risk. Accounting, Organizations and Society
35 (5) 546-557.

Nwana, O. C. (1981). Introductory to educational research. Ibadan: Heinemann

educational books ltd.

Nzewi, U.C. (2004). Financial and investment analysis. Onitsha Noben Press Ltd.

Obazee, J. O. (2012). Financial reporting council (FRC): A vehicle for improving

corporate financial reporting in Nigeria.

O‟Connell, J.J. (1977). Now tools for risk management research. The Journal Issues and
Practices 1(1), 16-20 Online@ http://www.jstorrorg/stable/ 41942935./ Accessed
April; 2014.

155
Omar, N., and Abubakar, K.M. (2012). Fraud prevention mechanisms of malasian
government linked companies: An assessment of existence and effectiveness.
Journal of Modern Accounting and Auditing 8(1), 15-31.

Orogun, W. (2009). Bank distress in history. Nigeria, Burning Pot Com-Burning

Port.Com.

Osisioma, B. C. (2012). Prevention in nigeria : Applying the forensic accounting. Three-

Day workshop on the effective accounting officer in the current financial
challenges. University of Portharcourt 2012.

Osisioma, B. C. (2012). Combating fraud and white collar crime: Lessons from Nigeria.
2nd annual fraud & corruption African summit 2012.

Osisioma, B. C. (2012). Nigeria transition to international financial reporting standards:

Challenges and implications.

Owolabi, A.I. (2012). Best practices for internal control roles and audit efficiency. Being
a paper Presented by ICAN president at 2012 Annual Retreat of the Internal
Control and Audit Division Fidelity Bank Plc.

Owolabi, S.A. (2013). Fraud and fraudulent practices in Nigeria banking industry.
African Review 4(3), 24-256.

Patel, S. & Zaveri, J. (2012). A Risk assessment model for cyber attacks on
information systems. Journal of Computation (5),352-359.

Passmore, D. L., & Baker, R. M. (2005). Sampling strategies and power analysis.
Research in organizations: Foundations and methods of inquiry, 45-56.

156
PCAOB. (2007). Auditing standard no. 5: An audit of internal control over financial
report that is integrated with an audit of financial statements.Online at
www.sopac.org.au /Document-Library/fac. (Accessed on May 2014).

Penton J. (2014). The role of data analytics in fraud prevention. Online at

www.sopac.org.au /Document-Library/fac. (Accessed on May 2014).

Pickett, S.H. K. (2005). The essential handbook of internal auditing. London: John Willy
and Sons Ltd.

Pickett. S.H.S., Pickett. J. (2005). Auditing for managers: the ultimate risk management
tool. London: John Willey and Sons, Ltd.

Pornupatham, S. (2006). An empirical examination of earnings management, audit

quality and corporate governance. Thailand.

Practice Advisory 1210. A2-1. (2006). Auditors responsibilities relating to fraud risk
assessment, prevention, and detection. Interpretation of standard 1210az from the
international standard for the professional practice of internal auditing, Revised
4/27/2006.

PricewaterhouseCoopers. (2010). State of internal audit profession, (Accessed online @

http://www.pwc.com /us/en/ Internal-audit/Publications/2010-study-internal –
audit-profession htm/June 2013).

PricewaterhouseCoopers. (2003). Building a strategic internal audit function: A ten step

frameworks. . (Accessed online @ www. Knowledge leader.com. vol. vi June
2013).

157
Protivit, Knowledge Leader. (2010). Internal auditing around the world: Profiles of
technology-enabled internal audit functions. @ Leading International Companies,
Protivit knowledge leader. (Accessed online @ www. Knowledge leader.com. vol.
vi June 2013).

Protivit. (2013). Internal audit capabilities and needs survey report. . (Accessed online @
www. Knowledge leader.com. vol. vi June 2013).

PWC. (2011). Global economic crime survey (gecs) Online @

http://www.pwc.com/gx/en/weconomic-rime-survey/index. jhtm 5th June 2014l.

PWC. (2004). The emerging role of internal audit in mitigating fraud and repudiating
risk. . (Accessed online @ www. Knowledge leader.com. vol. vi June 2013).

Kurkos, E., Spathis, C. & Manolopoulos, Y. (2007). Data mining techniques for the
detecting of fraudulent financial statements. Expert System Application (32), 995-
1003.

Radu, M. (2012). Corporate governance, internal audit environmental audit-the

performance tools in romanian companies. Accounting and Management
Information Systems 11 (1), 112-130.

Rammamoorti, S. (2008). The psychology and sociology of fraud: integrating the

behavioral sciences component into fraud and forensic accounting curricula. Issues
in Accounting Education 23 (4), 521-533.

Rammamoorti S. (2003). Internal auditing: history, evolution, and prospects. The Institute
of Internal Auditors Research Foundation. Online @
http://www.pwc.com/gx/en/weconomic-rime-survey/index. jhtm 5th June 2014l.

158
Reding, K.F., Sobel, P.J., Anderson, U.L., Head, M.J., Ramamoorti, S. & Salamaslck.
(2007). Internal auditing: Assurance & consulting services. The Institute of
Internal Auditors Research Foundation, Altamonte Spring, FL.

Robu, Loan-B., Chesan, Lonela –C., Mironiac, M., & Carp, M. (2012). Empirical study
on the assessment of the auditors responsibility regarding the risk of financial
fraud. Communication of IIBIMA, Vol. I.

Rousseau, D. M. & Tijoriwala, S .A. (1998). Assessing psychological contracts issues,

alternatives and measures. Journal of Organisational Behavior vol. 19.

Rousseau, D .M & Mclean, P. J. (1993). The contract individuals and organizations.

Research On Organisational Behavior (15), 1-43.

Saad, E, B. & Cedric, L. (2009). Why are auditors over blamed in accounting fraud.
Online @ http://www.pwc.com/gx/en/weconomic-rime-survey/index. jhtm 5th
June 2014l.

Salameh, R., Al-Weshah, G., Al-Nsour, A. & Al-Hiy- ari, A. (2011). Alternative internal
audit structure and prevention: Effectiveness of internal audit in fraud prevention:
Evidence from jordan banking industry. Canadian Social Science 7(3), 40-50.

Salawu, R. S. & Agbeja, O. (2007). Auditing and account ability in the public sector.
International Journal of Applied Economics and Finance 1(1), 45 -54.

Samciukas, M., & Iyer. (2013). A short guide to fraud risk: Fraud resistant and
detection. Edited by Helenne Doody.

Sanver, M. & Karahoca, A. (2009). Using fraud detection: An adaptive neuro-fuzzy

inference system in mobile telecommunication networks. Journal of multiple-
valued Logic Soft Compute (155), 155-179.

159
Sarens, G. & Christopher, J. (2010). The association between corporate governance
guidelines and risk management and internal control practices evidence from
comparative study. Management Auditing Journal 25 (4), 288-308.

Selehi, M., & Azary, Z. (2008). Fraud detection and audit expectation gap: Empirical
evidence from iranian bankers. International Journal of Business and
Management 3 (10), 65-77.

Service Matters. (2013). Adding value: The new role of internal audit. . (Accessed online
@ www. Knowledge leader.com. vol. vi June 2013).

Sharma, V.D. (2004). Board of directors characteristics: Institutional ownership and

fraud: Evidence from australia, auditing. A Journal of Practice & Theory 23 (3),
105. Online @ http://www.pwc.com/gx/en/weconomic-rime-survey/index. jhtm
5th June 2014l.

Shortreed, J., Fraseer, J., Purdy, G., & Schanfied, A. (2012). The future role of internal
audits in enterprise risk management. . (Accessed online @ www. Knowledge
leader.com. vol. vi June 2013).

Shu, L., Mina, P., Mark, V., Bardthan, I.R. (2001). The role of the internal audit function
in the disclosure of materials weakness. The Accounting Review 86 (1), 287-323.

Silverstone, H., & Sheetz, M. (2005). Forensic accounting and fraud investigations. .
(Accessed online @ www. Knowledge leader.com. vol. vi June 2013).

Siripan, K. & Rutgers. (2013). The predictive audit framework. The State University of
New Jersey. Online @ http://www.pwc.com/gx/en/weconomic-rime-survey/index.
jhtm 5th June 2014l.

160
Sonnier, B.M., Lasser, S.S., & Lasser, W.M. (2012). An examination of the influence of
audit firms size and industry specialization on juror evaluation of liability. Journal
of Forensic Investigative Accounting vol. 4(1).

Staciokas, R, & Rupsys, R. (2005). Application of internal audit in enterprise risk

management. Engineering Economics 2(42). Online @
http://www.pwc.com/gx/en/weconomic-rime-survey/index. jhtm 5th June 2014l.

Stephens, M. A. (1974). EDF statistics for goodness of fit and some comparisons.
Journal of the American Statistical Association,
69, 730-737.

Stein, W. & Crawford, M. (2015), The changing role of internal auditor. Glasgow
Caledonian University. Journal of Finance and Management in Public Service
vol.4(244).

Stoneburner G., Goguen., Feringa, A. (2002). Risk management guide for information
technology systems. Recommendations of the National Institute of Standards and
technology, Special Publication.

Stribu, D., Moraru, M., Farcane, N., Blidset, R., & Popa, A (2009). Fraud and error in
auditors‟ responsibility levels. Annales University Apulensis Series Occonomica,
11(1),5.

Sulivan, G. M., & Anthoney, R. A. (2013). J. Grad . Med. Educ. Dec 5(4) 541-542
Taylor, J. (2011). Forensic accounting. England, Ft Prentice Hall.

The Institute of Chartered Accountants of England and Wales (ICAEW), (2004). The
internal audit function guide for audit committee. online@ http://www.the iia.org.

161
The Institute of Internal Auditors, 11A. (2014). Internal audit quality assessment
presented to world intellectual property organization. online@ http://www.the
iia.org.

Theofanis, K., Drogals, H., Giovanis, N. (2011). Evolution of the effectiveness of internal
audit in greek hotel business. International Journal of Economics Sciences and
Applied Research 4 (1), 19-34.

Thiruvadi, S., & Patel, S.C. (2011). Survey of data-mining techniques used in fraud
detection and prevention. Information Technology Journal, (10) 710-716.

Thomas, C.W. & Clement, C.E. (2002). The internal auditor‟s role in the detection and
prevention of fraud: A post-sas no 82 analysis. online@ http://www.the iia.org.

Truman, E.M. (2009). The global financial crises: Lessons learned and challenges to
developing countries. Remarks at the Eighteenth Cycle of Economics Lectures,
Banco De Guatemate.

Tucker, R.R., & Kasper, J. (1998). Pressures for change in environmental auditing and in
the role of the internal auditor. Journal of Management Issues 10 (3), 340-354.

Turner, J. L., Mock, T.J., & Srivastava, R. P. (2003). An analysis of the fraud triangle.
online@ http://www.the iia.org 20/5/14

Unegbu, A. O., & Kida, M.I. (2011). Effectiveness of internal audit as instrument of
improving public sector and management sciences 2(4), 304-309.

United Nation. Conference on Trade and Development. 2010. Responding to the

challenges posed by the global economic crisis to debt and development finance.
United Nations New York General.

162
Uzoagulu, A.E. (1998). Practical guide to writing research project report in tertiary
institutions. Enugu, John Jacob’s Classic Publishers Ltd.

Vasile, E., Croitora, I. & Mitran, D. (2012). Risk management in the financial and
accounting activity. Internal Auditing and Risk Management Annual 1 (25), 13-24.

Walker, P.L., Shelnkir, W.G. & Barton, T.L. (2002). E.R.M: Putting it all together.
Altamonte Springs, FL, Institute of Internal Auditors Research Foundation.

Wallace, W. & Kreutz Feldt, R. (1991). Distinctive characteristics of entities with an

internal audit department and the association of the quality of such departments
with errors. Contemporary Accounting Research 7 (2), 485-512.

Wang, J. & Yang, J.G.S. (2009). Data mining techniques for auditing attestation function
and fraud detection. Journal of Forensic & Investigative Accounting 1 (1).
Welch, S., Holmes, S. A. & Straver, R. H. (1996). The inhibiting effect of inernal
auditors on fraud. Internal Auditing 12 (2), 23-32.

Williams, E.J. (2002). The impact of globalization on internal auditors: The evolution of
internal auditing. Brigham Young University. online@ http://www.the iia.org
20/5/14

WIPO (2010). evaluation of internal audit function. WIPO General Assembly, thirty-
Ninth 20th Extraordinary Session Geneva. online@ http://www.the iia.org 20/5/14

Wolfe, J.B. (2012). Effective data mining for financial service companies. The 11A
Research foundation report. Third Quarter. online@ http://www.the iia.org
20/5/14

163
Woods, M. (2009). A contingency theory perspective in the risk management control
system within birmingham city council. Management Accounting Research (20),
69-81.

XU, J., Sung, A.H., & Liu, Q. (2007). Behavior mining for fraud detection. Journal of
Research and Practice Information Technology (39), 3-18.

Ziengenfuss, D. E. 2000. Measuring performance. The Internal Auditor 57 (1), 36-40.

online@ http://www.the iia.org 20/5/14

164
 APPENDIX 1

QUESTIONNAIRE

Ugwu Ikeckukwu .V.

Dept of Accountancy
Nnamdi Azikiwe University
Awka, Anambra State
08058687142.
February, 2016.
Dear Respondent,

Topic: “Application of Internal Audit Function in Fraud Risk Management-An Empirical

Study”

This study is part of my work for the award of doctoral degree in accountancy. I plead
with you to assist me in completing this questionnaire for this study. I will treat the
information provided confidentially. Tick your opinion and comment where necessary.

I therefore appreciate your kind urgent response to this. Thanks.

Instructions:
i) Please tick ( √ ) in your opinion as provided in each of the questions.
ii) State other comments if need be.

SECTION 1
PERSONAL DATA

i) Gender Status: Male Female

ii) Job Description: [Fraud Auditor] [ Internal Auditor]
[Accountant]
iii) Present Academic Qualification: [B.Sc.], [HND], [PhD], [MBA], [MSC].
iv) Years of experience (not more than 5 years), (6 – 10 years), (Above 10 years)

v) Professional membership if any? (ICAN), (ANAN), (AIB), (ACCA),(Others)

supply………………………………………………………

vi) Industry specification. Banking ( ), Chartered Accountant ( )

Fraud risk management is defined as a function of internal audit data-mining function

,internal audit proactive function, internal audit ongoing function and internal audit
interactive function as an independent assessment to assist corporations attain its
165
objectives in a systematic and disciplined approach to evaluate and improve the
effectiveness of risks management and internal control systems with corporate governance
in compliance with the law.

Please, indicate the extent to which you agree or disagree using the key. Key: SA =
Strongly Agree; A = Agree; SD = Strongly Disagree; D = Disagree; U =
Undecided. 1
To what extent do you agree that the following Internal Audit function combats
fraud risk in banks:
SA A UN D SD
A Data-mining function
1 -Employment of a type of a computer that uses a systematic
sentence enquiry? (Data-mining audit interrogation)
2 - Make use of different computer programs that work together
through trial and error in audit to detect fraud? (Data-mining
neural networks)
3 -Include capable programmed languages that identify fraud
patterns in an audit functions? (Data-mining machine learning
techniques)
4 -Include capable programmed languages that identify fraud
patterns in an audit functions? (Data-mining machine learning
techniques)
5 -Employ a technique that reveals where errors and frauds are
hidden in large information? (Data-mining link analysis)
6 -Employ a technique that reveals where errors and frauds are
hidden in large information? (Data-mining link analysis)
B Proactive Function
7 Managing the risk identification processes set in place and also
ensures a dynamic risk analyses?
(reports on sustainability and none financial communications).
8 -Internal audit is given freedom to examine every aspect of
business initiations and report on their finding?
9 -Working with a new mind set towards everyday risk
development: from the use of computer technology, from new
products, from international business initiations and from the
award of contracts in the organization?
10 -Advising the audit committee effectiveness such as training
them and improving in the risk control and - examining the
management decision processes in the organization? (Advisory
roles and decision making processes).
C Ongoing Function
11 -Strict adherence to laid down rules in risk management?
12 -Assigning groups or individual auditors in continual fraud risk
audit and summery and,
-Ensuring timely communicated internal audit report?
13 -Issuing assessment processes, supporting audit plan, design and,
166
 -Ensuring that risk assessment is updated?
14 -Ensure that there is always audit performance that covers the
audit scope and work design?
D Interactive Function
15 the senior executive to establish internal control, maintain and
review existing internal control to discover new development
and ensure ways to manage them?
16 Interaction with audit committee to establish appropriate and
effective internal audit function?
17 -Interaction with Chief Audit Executive to ensure quality and
effective audit performance in all risk control?
18 The External Auditors (-to produce synergy on both internal and
external risk management and internal control systems).

APPENDIX 2

Reliability Statistics

Cronbach's
Alpha N of Items

.822 6

Item-Total Statistics on data mining function

Corrected Cronbach's
Scale Mean if Scale Variance Item-Total Alpha if Item
Item Deleted if Item Deleted Correlation Deleted

22.73 46.064 .873 .699

Audit Interrogation

23.20 46.209 .730 .813

Neural networks

Machine learning 22.89 47.101 .756 .710

Algorithm
23.36 43.689 .863 .898

Business Intelligence
23.00 44.318 .821 .803

Data mining link 22.73 50.291 .529 .833

167
 APPENDIX 3
Reliability Statistics

Cronbach's
Alpha N of Items

.699 4

Item-Total Statistics on Proactive Function

Corrected Cronbach's
Scale Mean if Scale Variance Item-Total Alpha if Item
Item Deleted if Item Deleted Correlation Deleted

Involvement in more
financial reporting 27.96 44.862 .726 .677

Focus on risk processes

such as its management 27.78 46.859 .646 .685

Focus on emerging risk

such as IT, new product
risk , international
operations, etc 27.69 47.674 .768 .692

Advisory roles and

decision making
processes 28.11 52.419 .691 .728

168
 APPENDIX 4

Reliability Statistics

Cronbach's
Alpha N of Items

.714 4

Item-Total Statistics on Ongoing Function

Cronbach's
Scale Mean if Scale Variance if Corrected Item- Alpha if Item
Item Deleted Item Deleted Total Correlation Deleted
Assessment processes to
Support audit plan and design 26.09 54.356 .757 .600

Periodic audit summaries,

reporting 26.82 48.649 .663 .790

Updated risk assessment 25.69 58.083 .624 .711

Audit performance which

includes scope, work papers,
report and tracking 26.47 52.073 .755 .750

169
 APPENDIX 5

Reliability Statistics on
Interactive Function

Cronbach's
Alpha N of Items

.739 4

Item-Total Statistics on Interactive Function

Corrected Cronbach's
Scale Mean if Scale Variance Item-Total Alpha if Item
Item Deleted if Item Deleted Correlation Deleted
The Senior / Executives 34.96 85.180 .857 .727

The Audit Committee 34.96 84.953 .854 .727

The Chief Audit

34.84 85.407 .794 .730
Executives CAE

The external Auditor 35.64 82.280 .877 .726

170
 Appendix 6

QUESTIONNAIRE/INTERVIEW FOR INTERNAL AUDITORS

From the following statement, please identify the application common in your
organization’s internal audit fraud risk combats.
-Employment of a type of a computer that uses a systematic sentence enquiry? (Data- yes No
mining audit interrogation)

- Make use of different computer programs that work together through trial and error in
audit to detect fraud? (Data-mining neural networks)

-Include capable programmed languages that identify fraud patterns in an audit

functions? (Data-mining machine learning techniques)

-Employ a program that uses a precise rule that specify how to solve identified problems
in audit? (Data-mining business intelligence)

-Employ a technique that reveals where errors and frauds are hidden in large
information? (Data-mining link analysis)

-Employ a type of auditing machine that is used to detect fraud in audit?

-Managing the risk identification processes is set in place and also ensures a dynamic
risk analyses?

-Internal audit is given freedom to examine every aspect of business initiations and
report on their finding?

-Working with a new mind set towards risk development everyday, from the use of
computer technology, from new products, from international business initiations and
from the award of contracts in the organization?

- Advising the audit committee effectiveness such as training them and improving in the
risk control?
- Examine the management decision processes in the organization?

-Strict adherence to laid down rules in risk management?

-Assigning groups or individual auditors in continual fraud risk audit and summery?

-Ensuring timely communicated internal audit report?

-Issuing assessment processes and support audit plan and design?

-Ensure that risk assessment is updated?

-Ensure that there is always audit performance that covers the audit scope and work
design?

171
-Often have meetings with the senior executive to establish internal control, maintain and
review existing internal control to discover new development and ensure ways to manage
them?

-Interaction with audit committee to establish appropriate and effective internal audit
function?

-Interaction with Chief Audit Executive to ensure quality and effective audit performance
in all risk control?

-Interaction with external auditors on better management of fraud risk?

172
REQUEST

Ugwu Ikeckukwu .V.

Dept of Accountancy
Nnamdi Azikiwe University
Awka, Anambra State
08058687142.
February, 2016.
Dear Respondent,

REQUEST FOR THE FIGURES (NUMBERS) OF THE FOLLOWING STAFF IN

YOUR BANK TO FORM THE POPULATION FOR MY PhD STUDY.

The topic of my study is “Application of Internal Audit Functionj in Fraud Risk

Management: An Empirical Review.”

This study is part of my work for the award of doctoral degree Ph.D in accountancy. I
plead with you to assist me in giving me the accurate number of the following staff in all
your branches within Enugu zone. Also, kindly state the number of functioning branches
you have within the zone. I promise that the name of your bank will not be stated and that
any information shall be treated private and shall not in any form be divulged.

No of Permanent staff No of contract staff

1) Control (fraud)Officers, -------------------------- --------------------------

2) Internal Auditors, --------------------------- ---------------------------

3) Accounting Officers, --------------------------- ---------------------------

4) Customer Service Officers. ---------------------------- ---------------------------

5) Number of functioning branches you have within Enugu Zone ---------------------------

I therefore appreciate your kind urgent response to this. Thanks.

Yours Faithfully

--------------------------------
Ugwu Ikechukwu Virginus

Reg. 2011387012f
173