Please be advised, I will not be providing a job description of a Fraud Auditor. Rather, the thought process that is necessary to find the right person, with the right skill set.
I know this is a good technical question, but I do not know if there is a good technical answer. With that said, my suggestion to the CAE’s of the world would be to look for someone with the “Passion for the subject knowledge of fraud risk.” The passion would be for both the science of fraud risk and the passion for the practical application of fraud auditing. I say this because, with any new profession, the person must have the passion to create, build, and polish the fraud audit approach. I am sure that this person will get pushback from the traditional auditor. I know I have.
Now, before you say CFE, I do not believe that this person has the right skills or thought process to be a fraud auditor. Yes, there may be CFE’s who would make a wonderful fraud auditor, but in my opinion, CFE’s investigate fraud, whereas the fraud auditor assists management with the management of fraud risk. A big difference. I will be curious to see what pushback I receive. Remember, my job is to make you think.
Internal Audit Standards 2025: Fraud Responsibilities
I searched on “new IIA standards and fraud responsibilities summary” and here is what the AI provided.
The new IIA (Institute of Internal Auditors) Global Internal Audit Standards place a significant emphasis on internal auditors actively assessing and mitigating fraud risk within an organization, requiring them to take a more proactive approach to fraud detection and incorporate a deeper understanding of potential fraud schemes into their audit planning and execution; this aligns with the broader responsibility of the internal audit function to support strategic objectives and contribute to the organization's overall success beyond just financial controls.
Fraud Auditor Traits
So, where do I start in describing the fraud auditor. Recently I started to play with AI and the subject of fraud risk. I am working with someone skilled in the use of AI and have knowledge of fraud risk. Jennifer Powell is my editor for all my blogs and my associate in using AI to build fraud risk assessments.
Our inquiry was regarding ghost employee schemes. In my opinion, a very simple fraud risk statement to understand. AI produced 30 different risk statements. Notice, I said risk statements rather than fraud risk statements. Here is what I noticed: a hodgepodge of statements ranging from errors, internal control weaknesses, red flag statements and the list goes on. In my opinion, AI did not produce a comprehensive listing of fraud risk statements, for a ghost employee but rather it created a listing of random ideas. My interpretation of the results is that there is a lack of structured knowledge on the world wide web regarding fraud risk statements or ghost employee schemes. This leads me to the first trait of a frau auditor:
1. Superior knowledge of fraud risk.
No truer words were spoken than “a deeper understanding of potential fraud schemes”. However, in the same sense, what exactly does this mean? I always try to use simple words to explain my fraud concepts. Here goes: How and where? The how relates to an understanding of “HOW” the fraud risk statement could occur in your organization. This is why my definition of fraud risk uses the phrase: natural vulnerabilities that exist in your internal control system”. The “where” would relate to the most likely location in your organization where the fraud risk statement would occur. So, here is my second trait:
2. Superior knowledge of how and where a fraud risk statement can occur.
On more than one occasion, I have spoken about the importance of fraud data analytics. The current approach to auditing is not designed to detect fraud. Yes, you may trip across fraud, your keen observation skills may spot a fraud scenario, but in an organization the size of Amazon, you will detect fraud within the audit process only through the use of fraud data analytics. But it is more than how to use software. To clarify, I could not have found fraud scenarios throughout my career without the help of Jill, Carol, Paul, and others who were very skilled in the use of software. However, it is about the knowledge of data. Consider something as simple as an address field. , I believe there are at least 15 different categories of address fields. You need to have knowledge of how the address field relates to specific fraud risk statements or how the address relates to fraud scenarios on a global basis. So, here is my third trait.
3. Superior knowledge of how data relates to fraud identification.
Fraud auditing is not something that is cut and dry, like SOX testing. In my opinion, the fraud auditor needs to be a good researcher and good at debating. Auditing starts with a transaction supported by a document. Either the transaction or the document will have indicators that require research. Let’s go back to the address field. Most transactions either have an address field embedded in the transaction or connect to a database with an address. Let’s assume the transaction in question has a suite number in the address. The fraud auditor must research the address and determine if a real business operates at that address or a front company for a fraud scenario. Based on the research, you fraud auditor needs to build a convincing argument for the conduct of a forensic investigation. So, here is my fourth trait.
4. Superior research skills and superior debating skills.
Fraud audit test procedures are all about gathering evidence to support the conclusion that there either is or is not creditable evidence that a fraud risk statement is occurring in your core business system. The fraud auditor will need a keen understanding of the rules of evidence for authenticity, reliability and sufficiency as it relates to providing a convincing argument that a fraud risk statement is occurring. Remember, so many times it is circumstantial evidence that leads us to the fraud scenario. So, here is my fifth trait.
5. Superior skills in using the rules of evidence in creating their audit program.
A critical element of any and all fraud theory is that the fraudulent act involves deceit, concealment or omission of a material fact. The fraud auditor must be able to observe the concealment technique and pierce the fraudster’s concealment technique to reveal the truth about the transaction. Over the years. we have offered guidance in how to integrate the concealment theory into your audit programs. So, here is my sixth trait.
6. Superior skills in fraud concealment theory.
If you remember, I said “fraud auditor,” not “fraud investigator”. Simply stated, the fraud auditor must have sound auditing skills, plus everything else we discussed.
It is crucial to understand that fraud auditing is just a different way of thinking. Traditional auditing wants to gather evidence that an internal control is in place and operating. In contrast, the fraud auditor is not fooled by the existence of internal control. Their job is to offer an opinion on whether or not there is evidence to suggest that a fraud risk statement is occurring. So, here is my seventh trait.
7. Superior audit skills
Please note that I specifically stressed the word “superior”.
April 1 Trivia Answers
1. What is the origin of April Fool’s Day? April fools, no one is sure!
2. Is it true that each country has its own customs regarding April 1? It is true.
3. Is it true that the story of Noah’s Ark may have been the inspiration for April Fool's Day?
Some authorities gravely go back with it to the time of Noah and the ark. The London Public Advertiser of March 13, 1769, prints the following paragraph concerning this theory:
"The mistake of Noah sending the dove out of the ark before the water had abated, on the first day of April, and to perpetuate the memory of this deliverance it was thought proper, whoever forgot so remarkable a circumstance, to punish them by sending them upon some sleeveless errand similar to that ineffectual message upon which the bird was sent by the patriarch." Bertha R. McDonald (1908 Source Wiki
4. What hoax did the BBC play on its viewers in 1957? The spaghetti tree. You must Google this story.
5. Which technology company had a history of April I pranks? Google
6. Why did that technology company stop the historical practice? Covid 19 - they were concerned about all the hoaxes being published around the disease.
May Fraud Trivia
1. Who was known as the great impostor?
2. What was Elizabeth Bigley, aka Cassie Chadwick, famous for?
3. Who: Her 2008 memoir, Can You Ever Forgive Me? It later became an Academy Award–nominated movie starring Melissa McCarthy.
4. Who was reportedly paid $320,000 by Netflix for the rights to turn her adventures into the 2022 limited series Inventing Anna, with Julia Garner portraying her onscreen. This person also competed on the ABC reality competition show Dancing with the Stars in 2024.
5. This story also earned the Netflix treatment in the form of the 2022 documentary The Tinder Swindler. While the exposure led to his expulsion from dating sites and a lawsuit filed by a family known as the Diamond Family, this person has since signed with a Hollywood agent and wants to appear on his own dating show.
