Audit
Audit
Audit
Student’s Name
Professor’s Name
Course
Date
Auditing Project
Introduction
The credibility and success of business organizations are closely linked to the trust and
noncompliance are critical factors, which can affect the success of an organization by damaging
its reputation. Considering the effect of these factors, it is important for organizations to establish
appropriate policies to mitigate their impact. The ISO 37001 standard provides an effective
reference for implementing anti-bribery and non-compliance management systems. In the current
scenario, the case company is not complying with government and internal policies while at the
same time conducting business with unauthorized people. As such, an anti-bribery and
compliance management system is required to restore the credibility of the organization. This
paper includes the identification of red flags and risks, the scope of the anti-bribery and
Various red flags can be identified from the case company. For instance, there was a significant
currency gap in the exchange rates whereby the government rate was 10 pesos/USD while the
black market rate was 20 pesos/USD. This gap is indicative of extortion and corruption whereby
Surname 2
the transacting entities overcharge clients. The gap can also indicate the existence of bribery
whereby the officials take advantage of their monopoly for personal gain. Another key red flag is
the collection of PESOS and invoicing USDS with unauthorized clients. Such clients may be
may involve in bribery so that their transactions can be accepted. The final red flag is the
acceptance of endorsement cheques, which is against the policy of the case company. Failure to
follow procedures is indicative of non-compliance and other bribery aspects such as fraud.
The risks associated with the case company can be classified into compliance and bribery
risks. Compliance risks relate to reputational damage, regulatory or legal sanctions, and financial
loss arising from failure to adhere to laws and regulations. For instance, there is a high likelihood
of reputational damage when the public becomes aware of the corrupt dealings of the case
company. Furthermore, the trade license of the company may be withdrawn resulting in financial
loss from future revenues. Finally, the company may subject to sanctions from financial
regulators. Risks, on the other hand, include fraud, kickbacks, and price-fixing. Fraud involves a
deliberate attempt to illegally obtain a benefit. For instance, the employees of the case company
can fail to record some transactions – especially those from unauthorized clients. Kick-backs
involve collusion whereby authorized agents get personal benefits by facilitating the transactions.
Finally, there is potential for price-fixing considering that there is a wide gap between the
business. The bribery risks encountered in an organization vary according to organizational size,
the operational environment, and the complexity and scale of organizational activities. As such,
risks encountered. Regarding the case company, a generic anti-bribery framework should be
implemented focusing on all organizational activities. Such a framework should consider all
stakeholders including internal employees and clients. The risks of focus include fraud,
kickbacks, and price-fixing. In this case, the framework should provide for the detection and
resolution of fraud activities while ensuring that the government exchange rate is applied. All
clients should also be vetted to ensure that they are authorized to transact. Other risks such as
money laundering should also be monitored because they form the basis for kickbacks. Finally,
A compliance management system is developed to ensure that delivered services are consistent
with the requirements of a business and stakeholders. Since the compliance risks span both
internal and external policies, the scope of the compliance management system should capture
both policies. Internally, the system should ensure that all policies are followed including the
prohibition of endorsement cheques. Internal policies span multiple aspects including personal
conduct, tort, utilization of resources, and others. Externally, the compliance management system
should ensure that the company adheres to laws and regulations. For instance, it is important to
ensure that only authorized clients can transact with the company. Furthermore, the system
should ensure that only acceptable transactions – as opposed to black market deals – are
Surname 4
complete in the organization. Regardless of the scope defined in this section, it is important to
ensure that the system is consistent with the ISO 37001 standard. The ISO 37001 standard
Non-compliance and bribery are closely linked aspects, which influence each other. For instance,
a client can bribe an official to breach a law or regulation. A good example is a context whereby
unauthorized clients are allowed to transact with the case company. Such transactions are likely
to be facilitated after the exchange of benefits. Furthermore, the exchange rate may be varied
depending on the kickbacks given to the employees of the case company. As such, the
integration of the anti-bribery and compliance management systems could be a valuable solution.
Integration of the systems should be completed in compliance with the ISO 37001
improvement. The ISO 37001 standard specifies that the leadership of an organization should
demonstrate commitment to the anti-bribery and compliance management system. In this case,
the management of the case company should ensure that the integrated anti-bribery and
compliance management system is allocated adequate resources. The system should also allocate
roles and responsibilities through appropriate policies. Regarding planning, the anti-bribery and
compliance management system should group compliance and anti-bribery together to improve
administration. The compliance and anti-bribery objectives should be designed in such a way
System support and operations are the key areas where integration is required.
Operational aspects mainly reflect the aspects of controls, due diligence, commitment, reporting,
and investigations. In this case, the integrated anti-bribery and compliance management system
should provide a holistic framework, which can be used to the progression of all organizational
activities with the goal of detecting issues related to bribery and non-compliance. Whenever an
support, documentation for the association between noncompliance and anti-bribery should be
done. Finally, evaluation and improvement should be integrated to ensure that the identified
Reporting
Organization name
Organization members
Auditor Team:
Date
Time
Location
Stage 1 | Stage 2
Audit objectives: To identify the bribery and non-compliance instances in the case company.
Audit scope: The audit covers core transactions relating to USD payments and collections. The
audit covers Revenue growth, sales growth, performance surge, competitor growth, financial
Executive summary: Following the restriction of USD payments and collections, some
anomalies have been identified in the case company. For instance, there was a significant
currency gap in the exchange rates whereby the government rate was 10 pesos/USD while the
black market rate was 20 pesos/USD. There are also some transactions involving unauthorized
clients while other clients are paying through endorsement cheques, which is against the policy
of the company. Such anomalies show the potential for bribery and non-compliance. The
identified non-compliance and bribery issues could result in fraud, kickbacks, price-fixing,
regulatory or legal sanctions, and financial loss. As such, an integrated anti-bribery and
compliance management systems. The objective of the system is to detect and address the
Non-conformities:
Observations
Conclusions: Bribery and non-compliance can lead to reputational damage, regulatory or legal
sanctions, and financial loss. Furthermore, bribery and non-compliance can create an
Surname 8
environment for fraud, money laundering, price-fixing, and kick-backs in USD payments and
collections. It is important to institute a framework for detecting and addressing bribery and non-
compliance. Since bribery and non-compliance are intertwined, integrated anti-bribery and
compliance management systems could be useful in addressing the identified issues. While a
generic framework is proposed, the aspects of focus should be Revenue growth, sales growth,
performance surge, competitor growth, financial statement, payment methods, and applicable
laws/regulations/policies.
and collections are completed in accordance with the applicable policies, laws, and regulations.
Any incident of non-compliance should form the basis for bribery investigation.