Generating Copybooks from Consistent Handwriting Styles

Baker Kosmac-Okwir, CFE, CIA, CPA,CGAP,

Fraud and Forensic Unit

Directorate of Internal Audit Services

Ministry of Finance, Planning and Economic Development

October 22, 2009

THE STRATEGIC PLAN 2009-2012

FOR THE FRAUD AND FORENSICS

UNIT (FFU) OF THE DIRECTORATE

OF INTERNAL AUDIT SERVICES The Forensic Tongue

The Fraud and Forensic Audit Unit. THE STRATEGIC PLAN 2009-2012

2

ACRONYMS AND ABBREVIATION IIA Institute of Internal Auditors

ACFE Association of Certified Fraud Examiners

IPPF International Professional Practice Framework

MFPED Ministry of Finance, Planning and Economic Development

FFU Fraud and Forensic Unit

FT The Forensic Tongue

MDAs Ministries Departments and Agencies

GOU Government of Uganda

IAD Internal Audit Services

GRC Governance, Risk Management and Control

CFE Certified Fraud Examiners

IGG Inspector General of Government


3

TABLE OF CONTENTS

Acronyms and Abbreviation .......................................................................................................................... 2

Table of Contents ........................................................................................................................................... 3

Acknowledgement ......................................................................................................................................... 4

EXECUTIVE SUMMARY ........................................................................................................................... 5

INTRODUCTION ......................................................................................................................................... 7

VISION .......................................................................................................................................................... 7

MISSION ....................................................................................................................................................... 8

CORE VALUES ............................................................................................................................................ 8

GOAL .......................................................................................................................................................... 10

STRATEGIC OBJECTIVES ....................................................................................................................... 10

MANDATE ................................................................................................................................................. 11

SCOPE, FUNCTIONS AND KEY ACTIONS ........................................................................................... 12

SWOT ANALYSIS ..................................................................................................................................... 13

ANTI-FRAUDIMPLEMENTATION STRATEGY ................................................................................... 16

OUR REPORTING STRATEGY................................................................................................................ 23


4

ACKNOWLEDGEMENT This strategy paper is a result of combined efforts and contributions from various professionals

and staff who agreed to share their knowledge and skill in Fraud and Forensic Management.

Thanks to Paul Muyanja and Annet Namuddu for their input.


5

EXECUTIVE SUMMARY

This document defines a strategic plan for the Fraud and Forensic Unit (FFU) of the Directorate

of Internal Audit Services (IAD) of the Ministry of Finance planning and Economic Development

(MFPED) in the Government of Uganda (GOU). It covers the strengths, weaknesses, threats and

opportunities; presents a series of fundamental statements relating to the FFU's vision, mission,

values and objectives; and sets out the FFU's proposed strategies, goals and action programs.

This is the first step in developing formalised structures in MFPED to deal with Fraud and

forensics in the MDAs. Fraud is a specialised area that requires specialised and dedicated staff

resources to deal with allegations and development of value adding solutions for preparation

and deterring fraud

The Institute of Internal Auditors (IIA) International Professional Practice Framework (IPPF)

2009 Standard 2120.A2 requires the internal audit activity to evaluate the potential for the

occurrence of FRAUD and how the organisation manages the Fraud risk. Standard 2210.A2

requires internal auditors to consider the probability of significant errors, FRAUD,

noncompliance, and other exposures when development the engagement objectives.

Internal audit is an important component of the government’s financial management system

and expenditure control framework. A strong internal audit function helps ensure that the

government agencies provide the public goods and services in an efficient and effective manner

and that the risks of fraud, waste and misuse of public funds are minimized. Accordingly, the

government internal audit in Uganda can make a valuable contribution to the economic

development of the country which is engaged in the struggle to eradicate poverty and to

achieve a better quality of life for its citizens.

Fraud is inherently dramatic and dynamic with riveting, exciting challenging information to

dissect. It would appear as an ostrich burying its head under the sand yet facing and aware of

the dangers surrounding it. The Government of Uganda is aware of the eminent dangers facing

it in the fraudulent transactions. It has set various institutions (IGG, ETHICS AND

INTERGRITYMINISTRY), yet no clear solutions have emerged. The setting up of the unit in the

Ministry of Finance, Planning and Economic Development (MFPED) is challenged to address this

problem.

Fraud is a field with plenty of publicity that requires devoted resources in the accountability

process to ensure better use of public resources. The creation of Fraud and Forensic unit within


6

the directorate of inspectorate and internal Audit (IIAD) will devote resources to prevention,

investigation, detection and control solutions within the auditable Ministries, Departments and

Agencies (MDA).

It’s therefore, important to have a policy for fighting fraud as internal audit Directorate. The

Forensics and Fraud Unit (FFU) in the Directorate of Internal Audit Services is intended to

strengthen the Government’s anti-fraud efforts by adopting a robust fraud methodology,

developing train and improving inter institutional relations with other public agencies engaged

in fighting fraud. It’s therefore, essential to have a unit entirely and exclusively dedicated to

fraud.

Preparing the internal audit fraud unit to deal with fraud will have significant benefits for the

Accounting Officers and the public administration in the Governance, Risk and Control

assessments as well as capacity to prevent fraud.

The FFU would recommend actions to be taken to discourage the commission of fraud and limit

fraud exposures when it occurs by assessing fraud risks, examining and evaluating the adequacy

and effectiveness of the ministries internal controls system commensurate with the extent of a

potential exposure. This plan provides the foundation for positive change within our operations

and provides a roadmap for our future. We will implement these changes incrementally.

This strategic plan will be used to guide the work of the FFU and to communicate its results. It

will serve as the means for demonstrating how the FFU fulfils its mandate on behalf of

Directorate of Internal Audit Services. In its work, the FFU will be guided by, and comply with,

Uganda Laws, the professional standards established by professional bodies and anti-fraud

audit-related best practices in other jurisdictions.

To implement this strategy, the unit will require Ugx 3.9 billion for the three year period.


7

INTRODUCTION

The IIA defines Fraud as any illegal act characterised by deceit, concealing or violation of

trust.”Fraud encompasses an array of illegularaties and illegal acts characterized by intentional

deception.

It can be perpetrated for the benefit of or to the detriment of the organization and by persons

outside as well as inside the organization the acts are not dependent upon the threat of

violence or physical force. Frauds are perpetrated by parties and organisations to obtain

money, property, or services, to avoid payment or loss of services or to secure personal or

business advantage.

The Forensics and Fraud Unit (FFU) in the Directorate of internal audit will strengthen the

directorate by helping— Identify fraud and the causes of fraud in the Ministries, Departments

and Agencies (MDA); assist ministries in fraud risks assessment (as all ministries are exposed to

a degree of fraud risk). The unit will evaluate the extent to which effective internal controls are

present to prevent and or detect fraud, and the honesty and integrity of those involved in the

process). The FFU will help the Directorate accomplish its objectives by bringing a systematic

disciplined approach to evaluate and improve the effectiveness of risk management, control,

and Governance process in the MDAs.

This document initiates a comprehensive and highly consultative strategic planning process to

identify the priorities and strategies for the FFU over the next three years. This strategic plan

represent a common vision for the FFU that is a result of discussions with all staff along with

the input of key stakeholders.

VISION

To be efficient in providing anti-fraud solutions to the Government of Uganda (GOU) by

coaching for success, motivating, team work, innovation, training, mentoring and aggressive

pursuit of excellence .


8

MISSION

To support the internal audit department to carry out its vision by providing anti-fraud

solutions that will—Prevent, Detect, Investigate and Remedy through—financial accountability,

Advocacy, Education and Enforcement.

CORE VALUES

The FFU values are a statement of the high standards to hold in conducting ourselves and our

work, and of the results we strive to achieve.

Impact FFU will focus on significant issues to make a positive and measurable difference

for the benefit of the MDAs.

We will demonstrate this by:

making decisions and exercising judgment to add value through our work;

using our skills and experience to their fullest potential;

seeking new processes and technology to do our work more effectively and

efficiently;

continuously seeking innovative and better ways of doing things;

building on experience and applying best practices;

working as a team;

consulting with our stakeholders;

seeking and valuing the contribution of all our staff;

conducting and using research to stay informed about current events and

future trends; and

Producing clear, concise and candid reports.


9

Integrity and Ethical FFU will work together and with others in an open, honest, and

trustworthy manner while respecting the confidentiality of the

information we obtain.

We will demonstrate this by:

• open communication with the clients and our staff;

• ensuring transparency;

• respecting one another;

• telling the truth;

• considering different perspectives when making decisions;

• being objective in attitude and decision-making;

• respecting confidentiality; and

• Carrying through on promises.

Independence and

objectivity

FFU will report directly to the appointing authority at a time and

objective in the approach. FFU will adhere to professional codes of

ethics and independence standards, avoiding real and perceived

conflicts in the conduct of our work.

We demonstrate this by:

• adhering to our professional codes of ethics and independence

standards;

• exhibiting independence in fact and in appearance;

• being non-partisan;

• avoiding perceived and real conflicts of interest;

• viewing situations with an appropriate degree of skepticism; and

• building and maintaining appropriate relationships.

•


10

GOAL The priority goal is to be the number one provider of anti-fraud and forensic investigative

solutions in the nation. This goal will be evidenced by:

• Number of Cases Opened for Investigation.

• Number of Arrests.

• Number of Cases Presented for Prosecution.

• Number of Referrals.

• Amount of Court Ordered Restitution

STRATEGIC OBJECTIVES The following strategic objectives will support our goal and the realization of our vision:

1. Developing capacity within the Directorate of internal audit to ensure that—the

government assets and resources are safeguarded and actions and decisions of the

ministries are in compliance with the laws and regulations;

2. Coordinate and supervise all fraud related audits by assigning most provable cases

evidenced through screening & case management.

3. Develop a fraud risk profile for all ministries. Annually the FFU shall carry out fraud risk

assessment and advise the IAD on key areas of focus.

4. Implement and expand anti fraud training to all MDAs. Strategies for improving the FFU

shall include Human resource development through training and exposure, and

resource allocation.

5. Make policy recommendations to the MDA.


11

MANDATE The Accountant General (AG) under the Public Finance and Accountability Act is responsible for

establishing the Internal Audit in accordance with international professional standards. Section

7 (3) (h) of the Public Finance and Accountability Act 2003 (PFAA), requires the Accountant

General to take precautions, by the maintenance of efficient checks, including surprise

inspections, against the occurrence of FRAUD, embezzlement or mismanagement.

Section 7 (3) (c) of PFAA ensure that the system of internal control in every Government

Ministry, department, fund, agency, or other reporting unit required to produce accounts under

section 31 is appropriate to the needs of the organisations concerned and conforms to

internationally recognised standards.

The International Standards for the Professional Practice (IPPF) requires that Internal Auditor to

have sufficient knowledge to identify the indicators of fraud but is not expected to have the

expertise of a person whose primary responsibility is detecting and investigating fraud.

The IPPF requires Internal Auditors to carry out a systematic review and appraisal of all

operations for purposes of advising management as to the efficiency, economy and

effectiveness of internal management policies, practices and controls.

In view of addressing the statutory provision and professional demand, the Directorate of

Inspectorate and Internal Audit formed various units among which is the Fraud and Forensic

(FFU.


12

SCOPE, FUNCTIONS AND KEY ACTIONS

SCOPE

The scope of work of the FFU is fraud examination, a methodology for resolving fraud allegation

from inception to disposition by obtaining evidence and taking statements, writing reports

testifying to finding and assisting in the detection and prevention of fraud. The scope requires

the resolving of specific allegations to determine whether fraud has occurred or is occurring

and to determine who is responsible by document examination, review of outside public data

e.g. other public records and interviews to establish sufficient proof to support or refute a fraud

allegation.

The scope will include Fraud and financial irregularity audits that are designed to verify the

existence and magnitude of suspected fraud and financial irregularities. Fraud and financial

irregularity audits may be conducted at the request of the Management and/or Audit

Committee.

FUNCTIONS

The following summarizes key functions we will be taking to support the implementation of our

strategies:

1. The unit will be charged with the responsibility of stressing the importance of

implementing fraud controls in the MDAs; it is important to note the G O U has set

various institutions (CID, IGG,DPP, AUDITOR GENERAL)that are involved in dealing with

fraud, and other irregularities most of the work carried out by these institutions is

often reactive FFU will have a proactive approach to fraud prevention and

management.

2. Work in conjunction with entity internal auditors to follow up on fraud risk that are

identified;

3. Responsible for the detection, investigation and prevention of fraud and recovery of

assets;

4. Poses a dedicated Forensics data analysis to support complex investigations;

5. Provide continuous and robust fraud prevention program;

6. Review statistical information to capture trends and metrics and share information with

ministries and agencies;

7. Investigating alleged audit failure and trying to assess what happened;


13

8. Identify key performance indicators to improve investigative performance;

9. Carrying out interviews and documenting the memorandum of interview;

10. Advise on policies regarding fraud prevention and detection;

11. Adhering to the standards of reporting on fraud.

KEY ACTIONS

The following summarizes key actions FFU will be taking to support the implementation of our

strategies:

Prepare and implement a work plan;

Establish a consultation process to obtain input from external stakeholders;

Establish communication protocols on all phases of engagements;

Implement a risk-based methodology for selection of fraud audit priorities;

Establish and enhance a methodology based on risk planning of selected engagements;

Determine our needs for specialist expertise and options for meeting them;

Standardize our methodology;

Establish and enhance fraud audit quality assurance processes;

Encourage government to focus on implementation of our recommendations and

improve processes for follow-up on engagement recommendations.

Establish aspects of our management of human resources including improved feedback

on performance and implementation of a comprehensive professional development

plan.

Conduct client satisfaction survey and address any issues identified.

Prepare and implement a long-term information technology strategy and tools for fraud

mapping.

SWOT ANALYSIS SWOT analysis illuminates the FFU’s internal strengths and weaknesses along with external

opportunities and threats. The SWOT is a good indicator of the FFU’s core competencies and

processes.


14

Strategy Selection

The strategy selection for the FFU shall be a hybrid. The strategy shall take components of

differentiation and also from network strategy. By definition differentiation is expressed in a

qualitative performance that results in selection of one group over another. The FFU

differentiation strategy is seeking to differentiate on the basis of service. This service to the

Directorate of Internal Audit is evidenced through the reduction in fraud and the restitution of

funds resulting from cases presented for investigation. The second component of strategy for

FFU will come from the network effect. Success with network effect will depend heavily on

FFU’s ability to get out in front and become dominant on the national level. Alignment between

strategy, service to the MFPED and goals of the unit are absolutely essential.

This goal of becoming number one provider of anti-fraud solution in the nation requires the

realignment of resources, performance metrics and optimization of operational efficiencies as

the actions to achieve excellence. The fishbone diagram on the next page illustrates the actions

without the assignment of personnel.

ANTI-FRAUD IMPLEMENTATION STRATEGY

FRAUD PREVENTION

Table 1: Fraud Prevention

Prevention Audit

committee

Line

management

Internal

audit

compliance Forensic

AUDIT

Employe training

Fraud risk assessment

Anti Fraud measures

communication

Promote culture of honesty

&high ethics

HR guidelines

Mitigate fraud risk

Table 1 shows the role— line management; risk management and compliance can play in the

Prevention process.

Indeed, management is ultimately accountable for the establishment of comprehensive and

compatible systems, sound operations and results and consequently for the prevention of

fraud. Internal audit helps management through its analysis of each observation and its

recommendation while assessing the internal controls, risks management and corporate

governance of the company.

Trainings will be organized to set up the awareness for new people hired. Case studies may be

discussed in order to develop the right attitudes. The FFU will give the training as it will be in

the best position to explain the prevention tools, the right behaviour to adopt and use practical

examples they have seen. The persons in charge of the assessment may vary depending on the

size of the MDA,and the maturity level in terms of fraud. In some circumstances and structures,

management or the FFU may play a bigger role because the awareness is not present yet

among the Line management. Internal Audit may facilitate a comprehensive fraud and

reputation risk assessment. It would be their biggest contribution to prevention. The process

might be facilitated/conducted by management and/or by FFU.


17

When special circumstances arise—newly discovered frauds, changed operating environment,

restructuring, a new assessment should be performed. The communication of anti-fraud

measures may be implemented through intranet messages, very specific messages (for external

fraud), and newsletters with specific information for management.

INTERNAL AUDITOR’S ROLE IN THE MDA

Internal auditors are responsible for assisting MDA to prevent fraud by examining and

evaluating the adequacy and effectiveness of their internal controls' system, commensurate

with the extent of a potential exposure within the MDA. When meeting their responsibilities,

internal auditors should consider the following elements:

I. Control environment. Assess aspects of the control environment, conduct proactive

fraud audits and investigations, communicate results of fraud audits, and provide

support for remediation efforts. In some cases, internal auditors also may own the

whistleblower hotline.

II. Fraud risk assessment. Evaluate management’s fraud risk assessment, in particular,

their processes for identifying, assessing, and testing potential fraud and misconduct

schemes and scenarios, including those that could involve suppliers, contractors, and

other parties.

III. Control activities. Assess the design and operating effectiveness of fraud-related

controls; ensure that audit plans and programs address residual risk and incorporate

fraud audits; evaluate the design of facilities from a fraud or theft perspective; and

review proposed changes to laws, regulations, or systems, and their impacts on

controls.

IV. Information and communication. Assess the operating effectiveness of information and

communication systems and practices, as well as provide support to fraud-related

training initiatives.

V. Monitoring. Assess monitoring activities and related computer software; conduct

investigations; support the audit committees oversight related to control and fraud


18

matters; support the development of fraud indicators; and hire and train employees so

they can have the appropriate fraud audit or investigative experience.

FRAUD DETECTION AND INVESTIGATION

Table 2: Detection Aspects

Detection Audit

committee

Line

management

Internal

audit

compliance Forensic

AUDIT

All process assessment

Anti fraud and detection

fraud process reveiw

Evaluate &test

effectiveness of controls

Fraud detection tools

Fraud auditing

Recommend actions to

improve detection and anti

fraud

Table 2, show the role-the audit committee, line management, internal audit, compliance and

forensic audit, play in the detection process. A great role is done in the fraud auditing and

recommendation stage by all the key players-line management, internal audit compliance with

a significant part played by fraud audit.

INTERNAL AUDITOR’S ROLE IN DETECTION AND INVESTIGATION

Internal Audit has the following role in detection:

Auditing the fraud prevention and detection process (designed by Board,

Forensic Audit, Line Management, Risk Management and Compliance).

Considering fraud risks during the build-up of the audit universe and the

yearly audit planning and during the individual audit itself.


19

Testing anti-fraud controls.

Fraud auditing (extensive testing) in case of missing anti-fraud controls or in

case problems with anti-fraud controls where identified during testing.

Forensic Audit (and Line Management) is responsible for the day-to-day

detection of fraud and Internal Audit for the identification of specific

indications of fraud during audit assignments if red flags are identified.

Line Management, often together with Risk Management, is in charge of the

assessment of the business processes. Line Management should detect

potential fraud schemes while carrying out their periodical controls. Special

Investigation (Forensic Audit) is in charge of the continuous monitoring

(through IT tool). Internal Audit has the responsibility to include fraud

auditing techniques in their audit activities.

During the evaluation and testing of the effectiveness of the controls, FFU will need to address

the possibility that management might seek to circumvent or override controls intended to

prevent or detect fraud.

The degree that fraud may be present in activities covered in the normal course of audit work,

internal auditors have a responsibility to exercise due professional care as specifically defined in

Standard 1220 of the International Standards for the Professional Practice of Internal Auditing

with respect to fraud detection. However, most internal auditors are not expected to have

knowledge equivalent to that of a person whose primary responsibility is detecting and

investigating fraud. Also, audit procedures alone, even when carried out with due professional

care, do not guarantee that fraud will be detected.

A well-designed internal control system should not be conducive to fraud. Tests conducted by

auditors improve the likelihood that any existing fraud indicators will be detected and

considered for further investigation. In conducting engagements, the internal auditor’s

responsibilities in detecting fraud are to—consider fraud risks in the assessment of control

design and determination of audit steps to perform. While internal auditors are not expected to

detect fraud and irregularities, internal auditors are expected to obtain reasonable assurance

that business objectives for the process under review are being achieved and material control

deficiencies whether through simple error or intentional effort are detected.


20

Have sufficient knowledge of fraud to identify red flags indicating fraud may have been

committed. This knowledge includes the characteristics of fraud, the techniques used to

commit fraud, and the various fraud schemes and scenarios associated with the activities

reviewed.

Be alert to opportunities that could allow fraud, such as control weaknesses. If significant

control weaknesses are detected, additional tests conducted by internal auditors should be

directed at identifying other fraud indicators. Some examples of indicators are unauthorized

transactions, sudden fluctuations in the volume or value of transactions, control overrides, .

Internal auditors should recognize that the presence of more than one indicator at any one

time increases the probability that fraud has occurred.

Evaluate the indicators of fraud and decide whether any further action is necessary or whether

an investigation should be recommended. Notify the appropriate authorities within the

organization if a determination is made that fraud has occurred to recommend an investigation.

INVESTIGATION STRATEGY

Table 3: Investigation

Investigation Audit

committee

Line

management

Internal

audit

compliance Forensic

AUDIT

Investigation process

Remedial and preventive

recurrence

Specialised knowledge

and skills to assist

Responding to whistle

blowers

Managing investigation

teams

Assess level of complicity

in fraud investigation


21

Forensic Auditors mainly manage this process.

The investigation process requires highly qualified people and specific skills. Only Forensic

Auditors may conduct such an engagement. They are also the best aware of the legal aspects

and contacts with authorities (legal counsel, regulators…); of not letting disappear evidences

and to conduct due investigations (at charge/at discharge).

In ministry departments and agencies this role will be carried out by the FFU. In this process

the root causes of the fraud will identify in order to define what happened and the impact on

the financial statement, the image… is estimated.

INTERNAL AUDITOR’S ROLE IN INVESTIGATION

The role of internal audit in investigations should be defined in the internal audit charter as well

as the fraud policies. For example, internal audit may have the primary responsibility for fraud

investigations, may act as a resource for investigations, or must refrain from involving itself in

investigations (because they are responsible for assessing the effectiveness of investigations).

Any of these roles can be acceptable, as long as the impact of these activities on internal audit s

independence is recognized and handled appropriately.

To maintain proficiency, fraud investigation teams have a responsibility to obtain

sufficient knowledge of fraud schemes, investigation techniques, and laws. There are programs

that provide training and certifications for investigators and forensic specialists.

If FFU is responsible for ensuring that investigations are conducted, it may conduct an

investigation using in-house staff, outsourcing, or a combination of both. In some cases, FFU

may also use non-audit staff of the MDA as to assist.

The FFU will often assemble the investigation team without delay. If the Directorate of Internal

Services needs external experts, the Chief Government Auditor should consider pre-qualifying

the service provider[s] so that the external resources are available quickly.


22

THE INVESTIGATORS ROLE

An investigation plan shall be developed for each investigation, following the FFU’s

investigation procedures or protocols. The Head of FFU will determine the knowledge, skills,

and other competencies needed to carry out the investigation effectively and assign

competent, appropriate people to the team. This process will include assurance that there is no

potential conflict of interest with those being investigated or with any of the employees of the

organization.

The plan should consider methods to:

o Gather evidence, such as surveillance, interviews, or written statements.

o Document the evidence, considering legal rules of evidence and the business uses of the

evidence.

o Determine the extent of the fraud.

o Determine the scheme (techniques used to perpetrate the fraud).

o Evaluate the cause.

o Identify the perpetrators.

At any point in this process, the investigator may conclude that the complaint or suspicion was

unfounded and follow a process to close the case.

Activities should be coordinated with management, Attorney General, and other specialists,

such as human resources, Police as appropriate throughout the course of the investigation.

Investigators will be trained to be knowledgeable and cognizant of the rights of persons within

the scope of the investigation and the reputation of the MDA itself. The level and extent of

complicity in the fraud throughout the MDA will be assessed.

This assessment will be critical to ensuring that crucial evidence is neither destroyed nor

tainted, and to avoid obtaining misleading information from persons who may be involved.

FRAUD REMEDIATION SOLUTIONS

The remediation involves disciplinary and legal actions. Forensic Audit can play here an

important role in terms of recommendations to improve the internal controls and avoid

recurrence. Therefore, a good communication with Line Management as well as with Internal

Audit must be implemented. Internal Audit will include in its planning an assessment of the

internal controls and risk management of the process or sub-process involved.


23

Responding to whistleblowers will be the responsibility of management, with the assistance of

Forensic Audit as it concerns “specific allegations or suspicions of fraud” and this is the subject

of a fraud investigation. Management is responsible for resolving fraud incidents, not the

internal auditor or FFU.

Resolution consists of determining what actions will be taken by the MDA once a fraud scheme

and perpetrator[s] have been fully investigated, and evidence has been reviewed.

The FFU or Internal Auditors will assess the facts of investigations and advise management

relating to remediation of control weaknesses that lead to the fraud. Internal Auditors shall

design additional steps in routine audit programs or develop auditing for fraud programs to

help disclose the existence of similar frauds in the future.

Management’s fraud policies and procedures should define who has authority and

responsibility for each process. Internal auditors may only be involved as advisors in the

processes.

REPORTING STRATEGY Each special investigation conducted must lead to the issuance of a report stating the facts, the

causes and the recommendation for remedial actions. Regularly, FFU will issue statistics around

the fraud cases.

Periodic reporting will be regularly addressed to the Permanent Secretary/Secretary to the

Treasury and appropriate Audit Committee for oversight and make sure that appropriate

measures are taken in time.

FRAUD AND FORENSIC POLICY

This paper proposes that a Fraud and Forensic policy statement is developed that details the

legal framework to conduct the fraud and forensic in government.

FRAUD AND FORENSIC MANUAL

This paper proposes that a manual will developed to provide generic guideline to the FFU in the

way fraud examination and investigation will be conducted.

CAPACITY BUILDING AND SPECIALISED TRAINING

To achieve the adequate performance and meet expectation of stakeholders, staff will

undertake specialised and professional courses in Fraud and Forensics. These training courses


24

will focus on Fraud Examination Principles, Law and Fraud, Professional interviewing skills, Anti-

money Laundering, Computer Forensics, and Professional Fraud Specialised Examinations. With

a professional staffed unit, creditability is expected from the assignments.

BUDGET IMPLICATION

The strategy will be implemented in three year period at the estimated expenditure budget of

Ugx 3.9 billion, in year 2009 at Ugx 1.3bn, in year 2010 to 1.4billion and dropping in year 2012

to Ugx 1.1 billion. The detailed expenditure budget is annexed in annex I and II.

PROPOSED STRUCTURE OF THE UNIT

The Directorate of Internal Audit in the Ministry of Finance and Economic Development is

headed by the AG Director Internal Audit/ Chief Government Auditor

Generating Copybooks from Consistent Handwriting Styles

Documents