PART B

As part of the case study extract it was noted that the chairperson of the supervisory board $($after Markus Jooste resigned$),$ Heather Sonn, acknowledged that while $$accounting irregularities$$ had occurred which led to the $$material overstatement of the income and asset values of the group$,$ Steinhoff$$s focus remained on finalizing a $$restructuring plan$$ for the company and completing the $2017$ audit. She continued saying, $$We want to uncover the truth, show the world what has happened, prosecute any wrongdoing, and reinstate trust in the company.

As the Senior Internal Audit Manager of ABC Advisory, you recently reported the following findings to the audit committee:

$1.$ Aisha a personal assistant to the CEO of Steinhoff downloaded an unauthorised music program onto her work computer. Personal and business information were distributed via emails to the rest of the company, all her contacts as well as some digitally altered $$deepfakes$,$ to several suppliers of the company.

$2.$ The Finance Manager $($FM$)$ received an email from the $$CEO$$ while the CEO was on leave holidaying in Europe. The email requested the FM to transfer R$90,000$ to an account held with the Bank of Belgium. There was a back and forth between the FM and CEO regarding the payment details. The FM prepared all the relevant documentation and took this to the CFO for approval of payment. The payment was made.

During the audit committee meeting, where these matters were reported, the chairman of the audit committee was upset by the blatant and arrogant way the company was defrauded. The chairman of the audit committee stated that the auditors should have picked up on these activities in the year ago and felt that the assurance providers had to explain why the incidents were not detected during previous engagements.

REQUIRED

Marks

$1\mathrm{.}3$

In a memorandum to the chairperson of the audit committee, explain the responsibilities of both internal and external audits with regard to fraud prevention and detection

$10$

$1\mathrm{.}4$

Consider the two scenarios above, indicate the information technology fraud, and fraud risk and recommend appropriate actions

$10$

$1\mathrm{.}5$

Provide the audit committee with a recommendation on how to implement a fraud risk management process indicating what should be done at each stage