INTODUCTION – WHAT IS FORENSIC AUDITING?
Fraud and corruption continue to threaten the success of business entities within South Africa. To add to this, the ever-evolving advancements of information technology contribute to the ease in which perpetrators perform fraudulent activities and conceal their transgressions. This leaves entities susceptible to exploits and crimes that are bound to have damaging financial effects on the functioning and continuation of the business.
Forensic auditing thus contemplates an investigation into an entity’s financial and legal affairs, in an effort to uncover suspicious fraudulent activities that may have taken place within such entity. 1
Such investigations and the findings that transpire, may thereafter be used in legal proceedings instituted in order to prosecute a party for the financial crimes and/or fraudulent conduct perpetrated and recover the funds through the civil courts.
1 Van Wyk, A. C.; Vorster, J. Legal Challenges Facing Forensic Auditing. Available from: http://icsa.cs.up.ac.za/issa/2006/Proceedings/Research/85_Paper.pdf (03/08/2020)
THE ROLE OF THE FORENSIC AUDITOR
It is vital that the collection of evidence in a forensic audit be considered admissible by a court of law, should the entity decide to prosecute the perpetrator/s of such fraudulent conduct. The forensic auditor is thus obliged to ensure that the methods used in the conduct of its investigation falls within the confines of the law of evidence. Accordingly, the role of a forensic auditor may be summarised to include the: 2
- identification of offenders;
- identification of the means used and time period of the fraud;
- determination of the financial impact of such fraud on the entity;
- collection of evidence to allow the entity to take action against the perpetrator/s; and
- advising the entity on the corrective action that may be taken in respect of the failed controls of the entity.
2 Barlow, P. Helberg, S. Large, N. Le Roux, K. 1995. The Business Approach To Internal Auditing. Juta & Co, Ltd. Kenwyn Pg. 37 – 38)
While information technology may be used in the commission and concealment of fraud, it may also be effectively used by a forensic auditor in an attempt to detect possible fraud in an organisation. Technology allows for data analysis to be computerised and applied across an entity’s entire company database, in order to detect transgressions. The reports that are generated by such technology progresses a forensic auditor’s understanding of the business of an entity. This automated method contributes to the conservation of time, resources and audit costs contemplated in the forensic audit. 3
ADMISSIBILITY OF FORENSIC EVIDENCE
The admissibility of evidence, as discovered through a forensic audit, is imperative to the success or failure in the prosecution of perpetrators. Computer generated evidence is considered as ‘hearsay’ evidence in South African courts and, as such, is considered as inadmissible, unless the person upon whose credibility the probative value of such evidence depends, testifies at such proceedings. 4
3 Lanza, R. “How to Use a New Computer Audit Fraud Prevention and Detection Tool“. http://www.isaca.org
4 Section 3(1) of the Law of Evidence Amendment Act 45 of 1988
Accordingly, unless the forensic evidence can be attested to by the individual responsible for generating the data, the courts will deem such evidence inadmissible. It is common that information technology professionals who assist forensic auditors will be required to attest to the accuracy and dependability of the computer-generated evidence in a court of law.
Furthermore, section 3(1) of the Law of Evidence Amendment Act 45 of 1988 (“the Act”) provides that hearsay evidence shall not be admitted as evidence at civil or criminal proceedings, unless the court regards the admission of same to be within the interests of justice. The Electronic Communications and Transactions Act 25 of 2002 (“the ECTA”), which also governs computer evidence in South Africa, provides that the reliability of evidence is largely dependent on the following factors:
- the manner in which the evidence was generated, stored or communicated;
- the reliability of the manner in which the veracity of the evidence was maintained;
- the identification of the originator; and
- other relevant factors.
Additionally, a court is likely to take into account the interference in the custody of such forensic evidence, in assessing whether the admission of same could be prejudicial to a litigating party.
It is evident that a litigating party will need to establish one of the above exceptions, in order to render forensic evidence admissible before a court. However, notwithstanding the general inadmissibility of computer evidence, it is submitted that electronic data is often extremely steadfast and should be conferred the appropriate weight by the South African courts.
The boom in technological development undoubtedly caters for the success of an entity’s business, but also contributes heavily to the ease in which fraudulent activities may be conducted in such entity.
Employing the services of a forensic auditor, who is well-versed in the intricacies of information technology can only assist in the expedited prosecution of perpetrators and the subsequent recovery of any financial losses suffered as a result of their conduct. However, as evidenced above, it is crucial that a forensic auditor is kept abreast of the South African laws of evidence, in order to ensure that the discovered evidence may be effectively used in a court of law.
This is the very basis upon which Schindlers Forensics is established. As such, it is advisable that, when requiring assistance in forensic investigations, that you employ a multidisciplinary team, who understands the workings of auditing, accounting and law, in order to propose tailored solutions and recommendations to ensure compliance and prevent commercial crime within your entity.