The scam at Satyam Computer Services Ltd (now know as Mahindra Satyam) has cast doubts over the effectiveness of various controls in place to detect and prevent fraud. A lot has been said about the role of the auditors and regulatory bodies, but the role of internal auditors, too, is now coming under scrutiny.

Two recent surveys on the internal audit function, one conducted by Ernst and Young and another by KPMG India and the Bombay Stock Exchange, raise some relevant issues for managements and shareholders.

The basic function of internal audit is to assess internal control systems and identify deficiencies. Based on the two surveys, this role is now being expanded by senior management and audit committees to cover risks, fraud, process improvements and also ways of reducing costs or improving revenue. But a large proportion of firms still do not make identifying the possibility of fraud a key responsibility. A more important aspect is to whom they should report to. Most companies prefer them reporting to the top management, either the chief executive officer or the chief financial officer. But there is a growing school of thought for more independence, by making them accountable to the audit committee of companies. The Securities and Exchange Board of India, too, has proposed some changes in the reporting structure.

The expanding scope of the internal audit will mean that the people manning these functions will need to be re-skilled and equipped with new technology.

Thankfully, both surveys indicate that despite the downturn, there has been no cutback on funding. But the call will be for more investments in the coming years. Internal audits are set to acquire a more powerful role, but can do little if the top management is bent on committing fraud. Even the best of auditors, both external and internal, can be either misled or compromised, as various corporate scams have demonstrated. Investors need to give more weight to management quality in their investment decision making.

Write to us at