Internal audit at Satyam

New charges in the Satyam scandal were laid by India’s Central Bureau of Investigation, for “creating fake invoices to inflate revenues by US$94 million and forging company board resolutions to obtain unauthorised loans worth US$265 million” according to this story in Accountancy Age.

This comes after charges were laid on November 21 against the former Head of Internal Audit, VS Prabhakar Gupta, for the company, for “willful suppression of auditing irregularities.”

A lot of coverage in the blogs (primarily Dennis’ and Francine’s) thus far has focused on the role the external auditor PricewaterhouseCoopers played in the fraud, but Internal Audit arguably should’ve been better able to root out the fraud due to its closer familiarity with business processes.

It’s difficult to detect fraud in the best of circumstances, but when the charges involve suppression of irregularities discovered by internal audit, questions will be raised (and arrests made).

DNA (Daily News & Analysis), an Indian English language newspaper, provided additional detail on the arrest of the former Head of IA:

While the spokesman refused to divulge any further information about Gupta, sources in the agency claimed that the auditor had helped in falsifying accounts including inflating the overseas employees pay bill.

On top of this, the Internal Audit department received the Recognition of Commitment from the Institute of Internal Auditors in 2005, which according to the IIA was “available to all internal audit activities that submitted an application fee and met specific criteria in the areas of quality, outreach and professionalism, based on a point system.” The program was discontinued in 2006.

On the occasion, the now former Head of IA had this to say:

We are extremely happy with the recognition that our Internal Audit team has received on an international platform. Satyam is one of only 26 internal audit departments worldwide receiving this award in 2005 and it reinforces our commitment to meet the international standards in the concepts and approaches to audit function contributing to better corporate governance.

Satyam is now commonly referred to as India’s Enron.

WSJ on why work tech sucks

You’ll have to hurry before Rupert puts it behind a paywall and blocks Google from indexing it, but the WSJ had a good article recently about technology in the workplace.

At the office, you’ve got a sluggish computer running aging software, and the email system routinely badgers you to delete messages after you blow through the storage limits set by your IT department. Searching your company’s internal Web site feels like being teleported back to the pre-Google era of irrelevant search results.

I don’t have a sluggish computer at work (it’s actually newer and better than my personal laptop), but it does run Windows XP still. Email storage limits should be a thing of the past and likely will be in 5-10 years as more businesses take advantage of cloud computing (or are forced to compete with that level of service). And I think we’ve all had bad intranet search experience!

Even more galling, especially to tech-savvy workers, is the nanny-state attitude of employers who block access to Web sites, lock down PCs so users can’t install software and force employees to use clunky programs.

For me, preventing software installation is much more heinous crime than blocking websites. Both treat employees like children, but the former serves to hurt productivity much more so than the latter. Youtube is a bandwidth hog, but explain to me why the default browser is still IE6?

“Virtual machine” software, for example, lets companies install a package of essential work software on a computer and wall it off from the rest of the system. So, employees can install personal programs on the machine with minimal interference with the work software.

This is an interesting idea. Has anyone experienced this method of organizing a work computer? It seems like a good compromise.

When they get fed up with work technologies, employees often become digital rogues, finding sneaky ways to use better tools that aren’t sanctioned by the IT department.

Is this really what the company (or the IT department) wants? Clearly not.

Instant Messaging (IM) is one area where corporations have really dropped the ball. Before I graduated from school I worked remotely part-time for a dotcom and I used MSN to communicate with my manager much more often than email. And it worked superbly. But that type of environment seems like a dream now.

The article talks about the changes Kraft Foods implemented to take better advantage of new technologies and improve worker productivity. They give employees an allowance for a phone and let them choose which one they want (60% chose iPhones). They even let employees choose their own computer, with the rule that they must consult forums for technical support if they choose not to use Windows.

For many of us, our computers and mobile phones are the primary tools we use to do our jobs. Companies that fail to provide their employees with the best tools will not get the best results.

If you enjoy hardware and software freedom at work, tell me about it in the comments!

Google Docs to surpass Office in a year

Now this is interesting. Comments from Google’s president of the enterprise division indicate he believes that Google Docs will “reach a ‘point of capability’ next year that it will serve the ‘vast majority’s needs.'”

He acknowledged that Docs is currently “much less mature” than Google Mail or Calendar. “We know it. We wouldn’t ask people to get rid of Microsoft Office and use Google Docs because it is not mature yet,” he said.

But this is expected to change in about a year, after the company’s introduces another “30 to 50” updates.

Less mature by a long shot in my experience. Every time I’ve tried to edit spreadsheets using the software I’ve thrown my hands up in frustration very early on in each attempt. Granted, I think I’m nearing the stage of “advanced” Excel user (I should hope I am by now anyway), but I find the assertion that Google Docs will be eclipsing Office in only a year’s time to be unbelievable.

We shall see once those 30-50 updates are released into the wild. For now, hang on to your desktop office suite if you’re producing professional documents.

Has anyone else attempted to use Google Docs (or Zoho) to replace Office for professional work? How did it turn out?

Ethics enhanced by clean smells

I wonder if this is something businesses (including accounting firms) might want to look into: A study at Brigham Young University has found that people are “unconsciously fairer and more generous” in clean-smelling environments.

The research found a dramatic improvement in ethical behavior with just a few spritzes of citrus-scented Windex.

The researchers see implications for workplaces, retail stores and other organizations that have relied on traditional surveillance and security measures to enforce rules.

“Companies often employ heavy-handed interventions to regulate conduct, but they can be costly or oppressive,” said [Katie Liljenquist, assistant professor of organizational leadership at BYU’s Marriott School of Management], whose office smells quite average. “This is a very simple, unobtrusive way to promote ethical behavior.”

I wonder if the persistence of a citrus smell at a business would affect the assessment of audit risk for that business? Maybe a cost-effective way to justify reduced audit testing? I can see it now: “Well, the assessment says we test a sample of 25, but does anyone else smell lemons?”

The study is at this point still “soon to be published,” but the article at BYU’s website details the tests performed to support the conclusions.

Continuous auditing

I wanted to draw your attention to an article that recently appeared on CFO.com about continuous auditing, mainly because the topic is one which is as misunderstood as it is trendy.

Continuous auditing is generally held to be an automated approach. Increasingly it is assumed to mean examining all data relevant to the audit being performed, rather than the historical norm of examining supposedly representative samples.

On top of this, the IIA defines it as “any method used to perform audit-related activities on a more continuous or continual basis.”

Rutgers University professor Miklos Vasarhelyi, calls it “an audit that happens immediately after or closely after a particular event.”

The article describes some examples of companies which have attempted to implement continuous auditing. The conclusion one reaches is that no one really audits continuously, but a few companies have managed to put in place some automatic testing using software like ACL that can reduce the work they have to perform on those transactions when they perform their “non-continuous” audits or highlight areas to investigate further.

This, I think, is good enough and valuable in its own right. Letting machines handle the menial tasks and freeing up audit staff to focus on bigger issues is a pattern as old as the industrial revolution.