Internal Auditors' Perception on the Efficacy of Fraud Prevention and Detection in the Public Sector

Fraud has become a worldwide issue, impacting a massive number of organizations throughout the globe. The PwC's Global Economic Crime and Fraud Survey 2020 highlighted not only has fraud surged in the private sector, but it has also impacted the public sector causing entities to incur significant financial losses. Motivated by this phenomenon, this study aims to investigate whether fraud awareness, fraud prevention and detection strategies and anti-fraud technology are significantly related to the public auditors’ perceptions of the efficacy of fraud prevention and detection in the public sector. Data were collected through questionnaires, distributed to 180 respondents of public auditors in the Malaysian ministries. 133 usable responses were obtained, generating an effective response rate of 74%. Based on the underpinning fraud triangle theory, the research discovers that fraud awareness, and fraud prevention and detection strategies are positively related to the perceived efficacy of fraud prevention and detection. This study differs from prior studies that primarily examined the prevention and detection of fraud in the private sector, by expanding the scope to include the public sector. Determining whether fraud prevention and detection strategies exist and are properly implemented in the public sector is critical since government bodies continue to be vulnerable to irresponsible people misusing public funds. The research findings offer important insights on the level of fraud awareness among practitioners and the determination of fraud prevention and detection mechanisms and technologies that are perceived to be most effective in public organizations.


Introduction
The 2020 Global Economic Crime Survey by PricewaterhouseCoopers shows fraud and economic crime is on the rise in Malaysia, which consequently, demands urgent actions to be taken. Not only has fraud encroached upon the private sector, but even more worryingly upon the public sector, to the degree that every country seems to experience a form of it [1]. The least developed nations may suffer the most [1] owing to their institutional setting with poor shareholder protection and a weak law enforcement and judicial system [2]. With the rising fraud cases in the public sector, Okoye & Gbegi [1] highlighted that Government spending has always been a significant business, hence the public demand for more transparency from the government to determine whether the tremendous sums of money are being spent appropriately to serve the public.
Malaysia is no exception. Specifically, the Malaysian public sector has long been faced with problems in terms of inefficiency, red tape, intransigence, low transparency and weak performance [3]. Moreover, there is the notion that bribery works well to regulate the public sector in Malaysia [4]. Such a perception has weakened the confidence of the public on the government sector. This is exacerbated by reported cases of corruption in government procurement, misuse of surplus land, and fraudulent transfer of property, together with bribery at the municipal level during business transfers [5,6]. The majority of fraud and corruption cases involved the top management indicating abuse of power [7]. Recent cases include the 1 Malaysia Development Berhad (1MDB) scandal, which came to light in 2015 where the Malaysia's former prime minister, Najib Razak was accused of diverting an estimated amount of US$700 million from 1MDB, a state-owned strategic development company, to his own personal bank accounts [8]. Another case involved the Deputy Director of Sabah Water Department, who was alleged of massive corruption involving RM30 million in bank accounts and RM30 million land titles [9]. The Association of Certified Fraud Examiners (ACFE) in its Report to the Nations (2019) highlighted that the government suffers an average loss of US$200,000 for every single case of government fraud that occurs [10]. Considering that the public pay taxes to the government in return for services provided, constituents will lose confidence in government leadership if fraud is not treated seriously enough. Such issues create an imperative need for the government officials to improve fraud prevention and detection methods to reduce the catastrophic incidence of organizational fraud.
Preventing and detecting fraud remain crucial. Bolton and Hand [11] claim that the detection of fraud emerges when fraud prevention fails, and it takes effect soonest possible once fraud is committed. The emergence of recent high-profile accounting scandals, such as Global Crossing, Worldcom and Enron, have cast doubts on the adequacy and effectiveness of traditional fraud detection methods, such as internal auditing. Combined with a poor internal control, this can lead to fraud incidences being detected late after the transaction has taken place, which will result in the imposition of penalty, triggering a reactive rather than a proactive approach. ACFE (2014) discovered that it commonly takes about 18 months from the start of a fraud case for it to be detected [12]. The longer the time taken to discover fraud, the greater the damage to the company. This implies that the company will lose its viability, eventually leading to firm collapse. The detection of fraudulent cases gets very challenging in view of the contemporary business environment which is very much information-oriented, with complex and dynamic business operations and systems [13]. Hence, fraud detection techniques will need to continuously evolve in tandem with the many new tactics created to perpetrate fraud. One may argue that it is essential to understand and be aware of the catastrophe that fraud or economic crimes may cause because it will lead to the creation of the most effective strategies for detecting and preventing fraud occurrences.
Studies that examine fraud prevention and detection in the public sector is in scarcity [14]. Due to the fraudulent financial reporting cases that have created great concern, fraud prevention and detection in the public sector remain critical. It is the objective of the study to investigate whether fraud awareness, fraud prevention and detection strategies and anti-fraud technology have any significant relationship with the perceived efficacy of fraud prevention and detection in the public sector. Based on feedbacks obtained for the survey performed on 180 internal public auditors, it is found that both variables, i.e. fraud awareness and fraud prevention and detection strategies are positively related to the perceived efficacy of fraud prevention and detection. Findings, however, show an insignificant impact on anti-fraud technology. The result implies the significance of fraud awareness, and possessing the required knowledge and skills among accountants and auditors, as this can crucially contribute towards undertaking the appropriate detection and prevention actions and implementing effective detection and prevention strategies when confronted with fraud cases.

Hypotheses Development
Understanding what fraud risks are may safeguard an entity. Tysiac [15] highlights that fraud education among employees, including accountants and auditors, is the most important factor in preventing fraud and in handling suspicious or malicious activities. This includes the awareness of the various forms of fraud, thereby allowing employees to identify red flags for common types of fraud and to understand how fraud can be detrimental to the company.
The survey by Othman et. al. [14] of Malaysian public-sector internal auditors and accountant reveals that more than half (53% of 51 respondents) did not attend courses and trainings that relates to preventing and detecting fraud on a regular basis. This implies that certain governmental departments did not provide adequate training on detecting and preventing fraud. This creates concern as such training will improve the expertise and skills of accountants and internal auditors in managing fraud issues in their departments.
Instances such as seminars and training are useful strategies to raise fraud awareness and foster knowledge among managers and employees. With proper fraud education, employees and managers can be an effective medium in the identification and prevention of fraud [15]. Training workers to fight against fraud may also assist in establishing moral and ethical practices. ACFE [16] further highlights the importance of identifying employees who can act as informants at various levels, as fraud incidences are mainly discovered from reports made by employees. Based on the above contentions, the first hypothesis is posited below: H1: Fraud awareness is significantly related to the perceived efficacy of fraud prevention and detection.
KPMG [17] documented that fraud prevention methods are considered as the first line of defense and offer an effective form of fraud management in organizations. Certain fraud prevention and detection approaches are employed to minimize the direct cost and indirect cost impacted by fraud. These different strategies are implemented and are not restricted to fraud policies, phone hotlines, workers reference checks, fraud vulnerability surveys, analytical audit (financial ratio analysis), passwords, firewalls, revelation inspection, computer-based examination and various forms of programming innovation [18].
The non-catastrophic fraud typically relies mainly on indefinable counteractive mechanisms, such as a collection of standards or misrepresentation contracts, whereas those suffering heavily from fraud execute more substantial practices, such as whistleblowing and the implementation of fraud prevention and detection actions [19].
KPMG [20] conducted a fraud survey in Malaysia. Based on the result, 62% respondents claimed that fraud was a significant problem among companies in Malaysia. 83% of the total respondents indicated that their business was suffering from fraud. It was identified that the most common reason for fraud was lack of internal controls and coordination between employees and third parties. 29% agreed that the most commonly used methods for detecting fraud, include management investigation, proper internal controls, and internal audit review. As for preventing fraud, the four most common methods include improved internal controls, strengthened security measures, pre-employment screening and the development of a corporate code of conduct / ethics. In relation to this, the second hypothesis proposed by this study is as follows: H2: Fraud detection and prevention strategies is significantly related to the perceived efficacy fraud prevention and detection.
Fraud has become increasingly sophisticated in today's modern technological environment. Fraud is more difficult to detect, particularly when it is performed collusively by the top management who can conceal it. Despite the challenges in detecting fraud, [21] claim that technology innovation has led to more advanced fraud detection strategies that examine data and transactions and identifying fraud warning signals such as patterns, numbers and other related anomalies.
Rahman and Anwar [22] contended that protection software/applications remain a powerful component of fraud prevention technique. They found that security technologies such as filtering software built with password protection and firewalls are effective methods in preventing and detecting fraud among Malaysian banks. Consistently, [23] concurred on the widespread use of password protection, and firewalls to battle fraud. Mcneal [24] further argued that fraud investigators need to match and outperform their allies with modern high-tech tools.
Fraud detection has become one of the industry's and government's best-established applications of data mining, as it is often used to discover and reveal hidden the truths vast amounts of data [25]. This technique strengthens the internal controls of an organization and it specifically facilitates the assessment of current risk of internal fraud [26]. Besides being a feasible and cost saving technique, this approach may help avoid generalizations that are inaccurate based on limited data [27]. Despite receiving high efficiency ratings, the data mining strategy is less frequently used by accountants for anti-fraud techniques [23]. Based on the above contention, the following hypothesis is posited: H3: The use of anti-fraud technology is significantly related to the perceived efficacy of fraud prevention and detection.

Data
The sample for the study focuses on internal public auditors serving the Malaysian public sector organizations. The ACFE and American Institute of Certified Public Accountants (AICPA) (2002) emphasize the critical role of internal auditors in designing a control system that deters and detects fraud by evaluating the sufficiency and effectiveness of internal controls. Gaining their view on fraud awareness, fraud detection strategies and technologies and the perceptions on the corresponding efficacies would provide useful insights and better understanding on fraud prevention and detection since the internal auditors are considered as the first line of defense against corporate fraud. The questionnaire was distributed to internal audit units across all 25 Federal Government Ministries representing 180 internal public auditors as target respondents. The targeted respondents include internal auditors holding various positions, including Professionals and Management, and the Supporting Division of the Internal Audit Unit. The questionnaires were sent to 180 respondents, and only 133 were collected and useable, representing an effective response rate of 74%.
A structured survey questionnaire adopted from [23] was used. It consisted of 43 questions which are broken down into five sections. Section A explored the respondents' profile such as age, gender, level of education, job position and years of experience. Section B examined the degree of respondents' awareness on the occurrence of fraud in their organizations. It is appropriate to determine the auditors' level of fraud awareness based on their work experience in the organizations. Section C examined respondents' knowledge on the presence of different fraud detection and prevention mechanisms being implemented in their organizations. Section D investigated the anti-fraud technology being used for detecting and preventing fraud, whilst Section E examines the perceived efficacy of fraud prevention and detection in the organizations.
Section B to E of the questionnaire adopted a five-point Likert scale. For Section B, C and D, the Likert scale ranges from '1' (Strongly Disagree), '2' (Disagree), '3' (Slightly Agree), '4' (Agree) to '5' (Strongly Agree), whereas Section E analyzes the effectiveness based on a numerical scale from '1' (Completely Ineffective), '2' (Ineffective), '3' (Slightly Effective), '4' (Effective) to 5 (Completely Effective).  Table 2 presents the responses' mean and standard deviation that relate to each item in Section B. The section had nine items aimed at identifying fraud awareness among internal public auditors. With mean scores that varied from 2.92 to 4.17, results indicate that responses generally fall in the range between "slightly agree" and "agree." Item 1, 6, 7, 8 and 9 reported a mean score in the scale of "slightly agree", whereas items 3, 4 and 5 scores "agree". The overall scale mean is 3.72. The Cronbach's Alpha for the scales of Section B is 0.60 indicating an acceptable reliability of the internal consistency of the components. The results suggest that respondents are aware of the monitoring duties and their responsibility in detecting fraud. As for item 2 that scores the least indicates that respondents are generally unsure of whether their company has been a victim of fraud or not.

Fraud Prevention and Detection Strategies
For Section C of the survey, as shown in Table 3, respondents were asked to indicate their level of knowledge on the existence of fraud detection and prevention measures implemented in their organizations. All the statements used for the questionnaire in this section employ a Likert scale ranging from 1 (Strongly Disagree) until 5 (Strongly Agree). Table 3 shows that the overall scale mean is 3.79 and Cronbach's Alpha equivalent to 0.97. The top mean score is for the statement "Internal control review and improvement," which is 4.02. The findings revealed that internal control review and improvement is the most commonly adopted in combatting fraud in corporations. The lowest mean score is for the statement "Organizational use of forensic accountants," which is 3.49. This result indicates that the employment of forensic accountants to detect fraud is not well established among public organizations. Table 4 shows the descriptive results on anti-fraud technology based on section D of the survey with an overall scale mean of 3.77 and Cronbach's Alpha of 0.96. "Continuous Auditing" scores the top mean of 3.98. The result indicates that performing audit on a continuous basis is considered the most common technology medium to prevent and detect fraud in organizations. "Data Mining" shows the least mean score of 3.56 indicating that the use of data mining in public organizations is the least common. There is also a low application of data mining software in performing audit work. Albrecht and Albrecht [27] confirmed that data mining is only appropriate for a small business since data mining technology is inefficient at processing vast amounts of data and does not enable programmers to focus their attention on a particular type of fraud.  Cronbach's alpha 0.96 Table 5.

Statements Mean Score
Std. Deviation FDM1: Performance audit is also done to assess how the auditee uses the resources effectively and efficiently to meet particular project objectives. Cronbach's alpha 0.94 Table 5 presents the descriptive analysis of the respondents' perceptions on the actions they feel would have the greatest impact on an organization's capability to prevent or detect fraud. The Cronbach's Alpha for this variable is 0.94 and a scale mean of 4.25. The highest mean score of 4.40 is reported for "Internal auditors are effective in detecting fraud". Regardless of the fact that auditors' ability to detect fraud is queried, the score result suggests that internal auditors are effective in fraud prevention and detections. This is possible since internal auditing entails a routine and systematic evaluation of risk management processes and organizational order structure with the goal of optimizing firm performance. The lowest mean score of 4.14 is shown for the statement "Operational audits by the internal auditor are expected to minimize fraud practices". Regardless of the lowest mean score, the result indicates that operational audit remains to be one of the effective methods in detecting and minimizing fraud.

Regression Analysis
A hypothesis testing is carried out to test whether the posited relationship in H1, H2 and H3 is true. Table 6 presents results of the multiple linear regression analysis which measures the relationship between the multiple independent variables (fraud awareness, fraud prevention and detection strategies, and anti-fraud technology) and the dependent variable (the perceived efficacy of fraud prevention and detection). The scale of each item is measured at an interval scale and that the multiple regression analysis was done using the mean of the summated scales of the items of the dimension). Below is the multiple regression model adopted by the study: Where: Y = Perceived efficacy of fraud prevention and detection strategies β 0 = Constant X 1 = Fraud awareness X 2 = Fraud prevention and detection methods X 3 = Anti-fraud technology ε = Error term The results document a positive and significant coefficient for fraud awareness (p<0.05), indicating a positive relationship between fraud awareness and the perceived efficacy of fraud prevention and detection. This is in line with the result of the descriptive analysis whereby respondents demonstrate high fraud awareness when they agree to report fraud cases to the higher level authority and acknowledge their responsibility to report on red flags. With fraud awareness, public auditors are more prepared with the required knowledge and skills to handle issue of fraud in their departments. Overall, the result implies that Hypothesis 1 is supported. Table 6 further shows a positive and significant coefficient for fraud detection tools (p<0.10), implying a positive relationship between the fraud prevention and detection methods and their respective perceived efficacy. Various fraud prevention and detection procedures were used by the public auditors, among the most frequently used one include internal control review and improvement, bank reconciliations, operational audits and cash reviews. The understanding and application of the different procedures to prevent and detect fraud is perceived to be effective in detecting red flags and preventing fraud. With this finding, it is shown that Hypothesis 2 is supported.
The coefficient for anti-fraud technology is not significant (p>0.010), suggesting no evidence that anti-fraud technology has any impact on the effectiveness of fraud detection and prevention methods. Although technological advances in fraud detection methods led to more innovative and proactive fraud detection, nonetheless, the insufficient usage of the software and applications among public auditors might have resulted in an insignificant impact on the perceived efficacy of the strategies to prevent and detect fraud. It is thus concluded that Hypothesis 3 is rejected.

Conclusions
This study examined the views of internal public auditors, being government officials who are often regarded as independent and skilled professionals, towards fraud prevention and detection effectiveness. More specifically, this study aims to examine the impact of variables, namely fraud awareness, fraud prevention and detection strategies and anti-fraud technology, on the perceived efficacy of fraud prevention and detection in the Malaysian public sector. This study hypothesizes and finds that fraud awareness has a significant positive impact on the perceived efficacy of fraud detection and prevention. The survey suggests that public auditors exhibit adequate in-depth knowledge of fraud which is perceived to be effective in the attempt to fight against fraud. Nonetheless, there seems to be a dearth of training courses, which need to be promoted among public auditors since they facilitate knowledge acquisition and improve understanding on preventing and detecting fraud.
Consistently, the presence and implementation of fraud prevention and detection strategies were found to have a significantly positive relationship with the perceived efficacy in preventing and detecting fraud. The survey shows that internal control review and improvement, bank reconciliations, operational audits, cash reviews, reference check on employees, increased role of audit committee and inventory observations are regarded as successful approaches perceived by the public auditors in Malaysia. The implementation and application of such strategies within the Malaysian public sector contribute towards successful prevention and detection of fraud occurrences.
No significant result was obtained for the hypothesized impact of anti-fraud technology on the efficacy of fraud detection and prevention strategies. This may be due to the limited application of fraud software and application among public auditors in detecting and preventing fraud.
Overall, the study reveals significant insights that in-depth knowledge on fraud and the implementation of the right anti-fraud mechanisms are essential in the effort to combat and minimize fraudulent acts in public organizations. Based on the survey findings, it is however discovered that forensic accountant expertise is less commonly deployed. Hence, it is recommended that the government also consider establishing a forensic accounting department that can work hand-in-hand with the internal public auditors to ensure a more innovative and effective fraud prevention and detection practices in the public sector. Despite the high ratings on effectiveness, discovery sampling and data mining are less used by the auditors for anti-fraud methods. It is presumed that an increased deployment of such advanced technology-based techniques may have led to a significant impact of anti-fraud technology towards the perceived fraud prevention and detection effectiveness.
In line with [29] and [30], the study is of the view that in addition to implementing the various fraud prevention and detection methods, the efficacy assessment and cost-benefit analyses of the techniques should be conducted proactively in tandem. Various parties at all levels within the organization must take part in combatting fraudulent activities, hence prioritizing self-regulation, rather than the time-consuming law enforcement by the relevant authorities.