Rizal Technological University

Brgy. Malamig, Boni Avenue

City of Mandaluyong

MIDTERM:

OPERATIONAL AUDITING

De Vera, John Carlo B.

CBET – 01 – 501A

Professor Markie Grabillo

November 26, 2021

 OPERATIONAL AUDIT CASE 1

A. CASE ANALYSIS

The Anthony Williams is by far one of the most deceitful and most clever fraudulent acts
(Darnton, 1995). The case was able to highlight the lack of disclosure and transparency of
the company. Consenting to a sole signatory and access to a secret bank fund by Anthony
Williams is indeed a disadvantage and risk toward the objectivity of the company's
financial statements. In regards with the case, Darnton (1995) stated in his journal about
the acquisition of several properties of the plaintiff which he then utilized the funds on
the secret bank which supposedly for another purpose. Anthony Williams was able to
easefully move toward the fraudulent act and it definitely reflects the poor and lack
internal control of the company. Just by looking at the case the underlying problem with
it would be the ineffective and lenient internal auditing of the organization. Also, it shows
how proper disclosure of financial statements were missing. Moreover, it also showcases
the lack of responsibility and accountability over the statement of the company which
paved its way for Anthony to do anything with ease.

B. LOOP HOLE ON INTERNAL CONTROL

Subsequently as mentioned above, there are several flaws and loopholes that are in the
company. Since Williams was able to break the rules and the laws of the organization,
then it just put emphasis on how ineffective those policies and procedures were. In
addition, having been able to execute such a deceitful act with millions involved really
puts emphasis on the weakness of their internal control. Moreover, lack of strict control
over the handling of the company's financial statement is also shown in this case which
really should be taken care of. Furthermore, what really lacks in the company would
definitely be the transparency and honesty toward everything not only in terms of finance
but also the management itself that is lacking in it.

C. RISKS ASSESSED
RISK TYPE DESCRIPTION
COMPLIANCE The company has brought up the risk of compliance due to the fact
that they lack transparency. Its poor financial and management
control really reflected in this case due to the fact that they were not
able to immediately notice the scheme. In addition, the plaintiff
was able to control and direct solely the secret bank fund whereby
showcasing how incompetent their organization was which directed
them toward manipulation and robbery of the said fund. Lastly, the
policies and procedures of the company really lacks on
consequences and onerousness of their governing laws.
MEASUREMENT
The scheme that Williams has done was definitely a moderate risk which means that
the effect it has on the company is somehow critical with significant harm or damage
(Murdock, 2017). Due to the fact that he solely used the secret bank funds, only a
significant part of the company may experience disruption of its operations. The
company may still be able to operate within their daily basis but will surely affect their
reputation and profitability for the meantime. Thus, limited impact will occur on their
whole operation and would definitely be back once everything has been re-established.

D. AUDIT PLAN
RISKS PLANS
COMPLIANCE RISKS The company's rules and regulations are really the thing that lacks
in this case. From being able to breach the secret fund by a sole
person into lack of accountability to such a person as well. With
that being said, the company needs to reorganize its organizational
chart to establish responsibility and accountability of their
position. Also, the company also needs to be strict and vigilant in
implementing their governing laws in order to promote
compliance on such matters. Moreover, the company needs to set
up a good and quality accounting team or financial group which
does not consist of sole access or control over its statements and
equity. Ultimately, a well-rounded internal control system should
also be founded in the company to assure that everything will
strictly comply and follow established rules and regulations.

E. SUGGESTIONS

The William scheme is definitely a well-planned fraudulent act where he easily breaches
the secret bank fund of the company. Thus, my recommendations would be, firstly, to
really re-establish the management in order to direct and implement new and onerous
rules and regulations. Secondly, the company needs to also make sure to become strict in
the compliance of their policies and procedures. Moreover, the company should also take
into consideration the transparency and objectivity of every decision whether it is
financial or non-financial in nature to promote honest and accurate information.
Ultimately, the company needs to make sure as well to monitor significant changes that
will be implemented in the company.
 OPERATIONAL AUDIT CASE 2

A. CASE ANALYSIS

The fraudulent case on Robert Maxwell on the looting of millions from the Mirror
Group’s pension fund which is tagged as one of the great frauds in history (Partridge,
2019). Maxwell’s fraud is solely about the fabrication of the funds that the company has
in order to make themselves seem to be profitable and financially liquid. In accordance
with how the statement of the case was constructed, the fraudulent act of Maxwell is also
reflecting the disadvantage of having a long-term relationship with the external auditors
that he has a contact with. Hence, this specific case shows off two relevant things which
is, first, manipulation of the company's statement and second the objectivity of auditors
and clients of the company. 

B. LOOP HOLE ON INTERNAL CONTROL

The case brings up the shallow or unstable internal control of the company, weak policy
and procedures in the company, and lack of objectivity and professionalism in the
company. Looking at the case, the company has poor internal control due to the fact that
Maxwell was able to slip millions of funds in the company without anyone noticing it.
Also, it showcases subtle policy and procedure because the plaintiff was able to easily
make such fraudulent act. And lastly, it also emphasizes the lack of objectivity and
professionality not only on the part of the plaintiff but also on the part of the external
auditors and client who the plaintiff has a connection with. 

C. RISKS ASSESSED
RISK TYPE DESCRIPTION
STRATEGIC Due to the fraudulent act of Maxwell, the strategic risk has
emerged on the company since their proficiency in providing
benefits to their clients and customers are minimized. Also, the
support on their financial capabilities were also decreased due to
the looting that happened. Lastly, the risk of disloyalty and
termination of employees and customers business with the
company.

COMPLIANCE The company’s compliance control toward honest and objective

statement were really shown in this case due to (1) the plaintiff was
able to manipulate the statement of the company to be looks
profitable and liquid, (2) the plaintiff was able to breach certain law
and regulation by partnering with their external auditors to fabricate
and modify their statements, and (3) the plaintiff breach most of the
contract that they have with their customers and clients.
MEASUREMENT
The fraud executed in the company includes millions of investment and money which
definitely a ground for very high risks not only to the company itself but also to the
clients that they have within it. Due to the fact that Maxwell fabricated most of its
statements, arduous risks will be faced by the company not only financially but also
regarding their reputation over the business world. Thus, the risk associated with this
fraudulent act is catastrophic which will have an extreme damage or harm in the
company (Murdock, 2017). 

D. AUDIT PLAN
RISKS PLANS
STRATEGIC RISKS The company’s internal audit committee and the board of directors
needs to consider a lot of things. One of which is to consider
effective and efficient managerial control and financial control by
first establishing a well-rounded organizational chart which will
establish people with rightful power and with significant
responsibilities and accountability. Secondly, reviewing internal
control systems, policies, and procedures is also a must in order to
sufficiently monitor effectiveness of such rules.

COMPLIANCE RISKS The company’s internal control should be reworked in order to fix
the overall performance of every department of the organization.
Firstly, a financial statement should have full disclosure of every
transaction occurring in the operation and management of the
company. Secondly, accountability for every policy, procedures,
and control to ensure segregation of duties. Third, strict
compliance with the laws and regulations not only by the
company but also laws and regulations of the state. Lastly,
professionalism must be accounted in order to establish a
professional and objective environment within and outside the
company.

E. SUGGESTIONS

The second fraudulent case really put emphasis on objectivity and ethics that consists in a
company. Thus, establishing a well-rounded mission, vision, goals, and objectives will
definitely help the company to be on the same track. Also, policies and procedures as
well must have a significant part in the company in order for everyone to comply with it
regardless of the position they have. In regards to the process of internal control, having a
good auditing framework will also be beneficial in the company. There are a lot of
internal control frameworks that were developed by different individuals (Murdock,
2017). Hence, there are a variety of control systems that could govern the process of
 internal control. Lastly, the essence of being honest, objective, and transparent not only in
the establishment of financial statements but also in the process of transacting with
people to do business is indeed vital in the reputation and longevity of the company. It
will result in maintenance of conflict of interest as well as promote loyalty not only from
customers but also to other people who would have a relationship with the company. 

OPERATIONAL AUDIT CASE 3

A. CASE ANALYSIS

The Sellafield nuclear power plant accident was one of the worst nuclear accidents in
Britain. The accident was due to the fact of negligence and incompetence not only by the
site workers but also to the account of the site’s supervisors as well. The major accident
significantly affected the company’s business as well as their profitability. Aside from
that, the accident also affected several lives of people within the area. Hence, the problem
is deeply rooted on the idea of proper management of the site workers which includes
their competencies and abilities to do the job and how the site's supervisor neglected that
fact which resulted in the unwanted accident. 

B. LOOP HOLE ON INTERNAL CONTROL

The case brought up things that the internal control system of the company should have
done. This includes proper employment of competent and well-trained employees and
site workers in order to assess their capabilities in doing the work. Also, it appears that
the company lacks a safety and security plan which will support their management of the
site and also their workers. Lastly, negligence on the part of the supervisor and the
management with regards to the site preparation and safety. 

C. RISKS ASSESSED
RISK TYPE DESCRIPTION
CAPACITY The company has capacity risk when the accident occurred due to
(1) its employees and plant workers were not trained and were not
educated sufficiently on the process or on the nature of their work,
(2) secondly, supervision over those workers as well is lacking
which makes the risks even higher, and (3) inadequate safety
protocol and guidelines were also the reason why the accident
occurred at that time.
NATURAL Due to the accident that occurred, environmental risks emerged due
ENVIRONMENT to it showcase the lack of preparation of the company with such
phenomena. Also, the company has showcased the danger that it
might affect the community and the environment within the area.
MEASUREMENT
With the scope of the accident that occurred, the impact of the risk is definitely
catastrophic due to the fact that major operation of the business will be affected by the
occurrence of such an accident. Also, according to Murdock (2017) very high or
critical impact would affect a very large number of people and it would include
fatalities. Hence, the accident had affected a lot of people within the area where some
got hospitalized and died (Vidal, 2012). With that being said, serious impact not only
to the company but also to the community has resulted due to the accident.

D. AUDIT PLAN
RISKS PLANS
CAPACITY RISKS The company needs to make sure that every single employee that
will be hired in the site should be capacitated and with a
significant and vital skill set needed in doing the intended work.
Also, management should also perform periodic training to
enhance and improve the skill and knowledge of every worker in
the site. Lastly, for the supervisors who handle the site, the
internal control committee should elect people with in-depth
experience on handling the site and people with good directing
ability in order to manage and control the work that is done on the
site. 

NATURAL In regards to environmental risks, the company needs to make sure

ENVIRONMENTAL that they comply with the law and standard in establishing or
RISKS operating a nuclear site. Also, the company should also provide
importance on the safety and the security not only for the people
who work in the company but also to the community residing near
their site. Lastly, periodic monitoring of the safety and security
plan should also need to be considered in order to manage and
oversee the current situation of the site.

E. SUGGESTIONS

The accident is really not intended by the company but due to the negligence of the
certain procedures and policies in the site which caused the occurrence of the accident.
As a suggestion, the company really needs to invest in their people as well in order to
promote safe and secured operation. Also, proper training to its employees is a must in
order to proactively improve their skills and abilities in being effective in the operation.
Moreover, adherence to safety protocol by the state should also be taken into
consideration in order to remove and hedge the risk of accidents in the future. Lastly,
periodic monitoring of the site status will definitely be vital in assessing the capacity and
effectiveness of the people and the policies that were previously established by the
company. 
 OPERATIONAL AUDIT CASE 4

A. CASE ANALYSIS

According to Hosking (2002), the case between FSA and CSFB was one of the biggest
fines in history. The case regarding the fine put up to CSFB by FSA amounting to 4
million euro was due to the misleading financial regulators and scheming a cover-up on
it. The FSA investigated the case and revealed specifically that CSFB tried to mislead
Japanese regulators and tried to cover evidence regarding the transaction with them
(Hosking, 2002). With that being said, the CSFB indeed breach various laws and
contracts in order to proceed with the fraudulent act. They also showcase how dubious
and evil their company was by doing such an act. CSFB also shows how unprofessional
their company is and how evil their intentions are. With that being said, the company's
internal control really needs to change because it does not stop nor restrict the actions that
were executed by the company. Ultimately, it concludes how lacking the company is with
good ethics and professionalism.
B. LOOP HOLE ON INTERNAL CONTROL

In regards to how the internal control of the CSFB machinated the fraudulent act to
breach the Japanese regulators to get their evil intentions. It really shows how immoral
and incompetent their internal control people and system. The fraudulent act of them
really rooted on how their management and control were lacking sufficient decision
makers. In addition, the machinations that the company has done really affect the image
and their reputation. Moreover, their inadequate rules and regulations also were
highlighted. And lastly, the company’s mission, vision, goals and objectives were also
lacking because the company was able to execute such an embarrassing and evil scheme. 

C. RISKS ASSESSED
RISK TYPE DESCRIPTION
STRATEGIC The company has really failed to showcase the good relationship
with their customers and clients which makes them to be fined
more than what they have. Also, the company will experience the
risk of decreasing its fund to support not only their operation but
also the costs they will incur on the fine. 

COMPLIANCE The company’s fraudulent act really brought up because of their

failure to meet certain requirements by governmental laws and
regulations. Also, they failed to also meet their own internal
standards or ethics in executing their purpose. And lastly, they
breached and tried to cover-up the contracts that they have from
their clients. 
MEASUREMENT
The scheme that was plotted by the company certainly has catastrophic or very high
risks that the company will experience. Not only the enormous amount of fine is the
reason it becomes catastrophic but also it will impact the reputation and image of the
company not only in their country but also to other countries as well. A large portion of
businesses in line with their industry will definitely think otherwise in having a
transaction or contract with them. Serious damage and harm will be reflected to their
financial capabilities as well as to their reputation as a company. Lastly, recovery will
definitely be harder on their part due to the fraudulent act that they have executed. 

D. AUDIT PLAN
RISKS PLANS
STRATEGIC RISKS The company was not able to show good relationships toward
their clients or customers. In that sense, they need to re-establish
the internal control system of their company as well as to improve
professionalism and honesty on their business or transaction with
others.
COMPLIANCE RISKS The company really needs to change the governing rules and
regulations of their company in order to promote compliance.
Also, changing the people will also be essential for the old
practices to be removed and re-organized to promote better control
over the whole decision of the company.

E. SUGGESTIONS

We cannot deny that the CFSB really executed a breach of laws and contracts. Hence,
internal control needs to really be re-organized in order to promote that everything will be
in-line with governing laws and regulations. Changing the people with power in the
company will really be vital in order to remove old practices and evil procedures in the
company. In addition, competent and honest people need to really fill in the shoes for the
company’s board and internal audit committee in order to promote better governance
within the company. Moreover, ethical principles and ideology need to be adjusted as
well to successfully promote objectivity and professionalism in the company. And
ultimately, establish a well-developed monitoring system to oversee the changes that
were implemented in the company. 
References
Darnton, J. (1995, May 30). The New York Times. Retrieved from
https://www.nytimes.com/1995/05/30/world/tomintoul-journal-good-lord-scotland-yard-
has-its-pockets-picked.html
Hosking, P. (2002, December 19). This is Money. Retrieved from
https://www.thisismoney.co.uk/money/news/article-1530177/CSFB-hit-by-record-
1634m-FSA-fine.html
Partridge, M. (2019, April 30). Money Week. Retrieved from Money Week:
https://moneyweek.com/505757/great-frauds-in-history-robert-maxwell
Vidal, J. (2012, March 11). The Guardian. Retrieved from The Gurardian:
https://www.theguardian.com/environment/2012/mar/11/sellafield-stories-book-nuclear-
accident