Red flags in detecting credit cooperative fraud: the perceptions of internal auditors

Purpose – Red flags are mechanisms that can be used by internal auditors for early detection of possible fraud. In this context, the aim of this study was to identify the relevance credit unions’ internal auditors attribute to red flags in assessing fraud risk. Design/methodology/approach – This article is characterized as descriptive concerning its goals, as a survey as to is procedures, and as quantitative in reference to its approach to the problem. The sample consists of 51 internal auditors working in Credit Union Centers in southern Brazil. Findings – Results indicate that, in the assessment of fraud risk, internal auditors attribute greater importance to red flags referring to operational activities and internal control procedures. In addition, it is suggested that internal auditors are not impartial concerning their perception of relevance of most of the warning signs of the possibility of fraud. Originality/value – The findings contribute by demonstrating to internal auditors the need for greater attention to the use of red flags as auditing tools.


Introduction
Constant market changes mean that the monitoring of organizations' internal controls and processes does not happen in the same proportion, thus exposing them to vulnerability and threat of fraud.Therefore, strict and timely monitoring of structures and internal control processes is necessary to appropriately deter, detect and respond to fraud.
Internal auditing is fundamental because of the responsibility of systematization, control, efficiency and effectiveness of all processes; it highlights the flaws that can lead to fraudulent acts.Boynton, Johnson and Kell (2002) point out that internal auditing assists management in fulfilling its responsibilities, and is a control component of resource allocation (waste and neglect) and a factor in anticipating occurrences (Santos & Vier, 2014).
From this perspective, internal auditing plays an important role in minimizing the occurrence of fraudulent acts, helping goals to be achieved through a systematic and disciplined approach, in order to evaluate and improve the effectiveness of risk management, control and governance processes (Pickett, 2005;Rittenberg & Schwieger , 2005).Similarly, the Brazilian Accounting Standard T 12 (2008) establishes internal auditing as the set of technical procedures used to examine the integrity, adequacy and effectiveness of internal controls and of entities' physical, accounting, financial and operational information.
The function of internal auditing is to adapt, evaluate and confirm the operation of internal control; to establish effective procedures for risk management; and to confirm the quality and reliability of the information generated by management (Pickett, 2005).As well as internal auditing, in 2002 the US government established the Sarbanes-Oxley Act, in order to restore capital markets' and professional auditors' credibility, facing the great amount of fraud in internationally renowned companies.The Sarbanes-Oxley Act created a new environment for corporate governance and a set of responsibilities and sanctions for managers, in order to curb harmful practices.
Despite the existence of mechanisms and laws and of internal auditing to mitigate the occurrence of fraudulent acts, KPMG Forense (2009), in a study of Brazilian companies, indicates that 70% had suffered some kind of fraud over the last two years.In addition, American investigation company Kroll found that 74% of all Brazilian companies had suffered at least one episode of fraud over the last 12 months (Kroll, 2013).
The increase in the occurrence of fraud has expanded the responsibility of internal auditors concerning detection and prevention.In this way, red flags are mechanisms that can be used by internal auditors to anticipate possible frauds.Red flags represent key symptoms to detect fraud, and internal auditing professionals can use them to better identify possible aggressions to organizations' assets (Pinheiro & Cunha, 2003).
Due to the increase in fraud that has been globally reaching public and private companies, and to the importance of red flags to detect fraud through internal auditors, it is necessary to investigate the use of these instruments by internal auditing (Pinheiro & Cunha, 2003).Moreover, the risk of fraud is perceived as dominant in all organizational segments and forms (KPMG, 2009), and it is important to carry out research involving credit unions.
Studies by Murcia, Borba and Schiehll (2008), and by Reina, Nascimento and Reina (2008) discuss red flags to detect fraud in financial statements, and the role of independent auditors, responsible for issuing the auditing report on financial statements, in minimizing these occurrences.This evidence demonstrates the gap in this research, which differs by discussing the warning signs of fraud within management, control and internal organization of credit unions, using the role of internal auditors in the prevention and detection of fraud as a premise.
Auditors' perception of the effectiveness of red flags was observed by Moyes (2011), Moyes, Red flags in detecting credit cooperative fraud: the perceptions of internal auditors Young and Mohamed (2013), Moyes, Lin, Landry and Vicdan (2006), who offer relevant results on fraud in financial reports; nevertheless, they do not discuss the benefits of warning signs in the prevention and detection of fraud referring to the personal aspects of organizational members, of internal controls and of management, amongst others, that occur in the internal environment.Therefore, the contribution and the novelty of this research is that it provides, to internal auditors, warning parameters that are capable of anticipating the occurrence of fraud which is not only referring to financial statements, since they occur throughout the organizational process.
We contribute to the discussion around the fact that internal auditing, used in the prevention and detection of fraudulent acts, is an ex-ante phenomenon to the issuance of auditors' reports, which also aims to observe whether there is possible fraud in financial statements.This study is based on the argument that internal auditors may not be held responsible for the non-identification of fraudulent acts, and that their perception of fraud can be distorted by emotional and professional bonds they have with the organization and its members.As previously stated, the powers and the institutional environment in which internal auditors operate is different from that of independent auditors; they have specific and standardized assignments, without any institutional or personal connections with the audited organizations.
In addition, the subject of assessment and detection of fraud by auditors is incipient in Brazil (Murcia, Borba & Schiehll, 2008).Uretsky (1980) suggests the need for an interdisciplinary approach to the study of fraud and the need for research on the use of red flags as situational indicators.Similarly, the figures presented by KPMG (2009) and Kroll (2013) on cases of fraud in Brazilian companies demonstrate the potential of the Brazilian environment for studies involving the topic of red flags.
Finally, studies on the relevance of red flags in assessing the risk of fraud were focused on external and independent auditors who work in sectors other than financial.Thus, this study is distinguished from the approach focused on the perception of internal auditors about the relevance of red flags to evaluate fraud in Credit Unions.
Credit unions were chosen by their level of importance in promoting growth as well as the economic and social development in Brazil, where the service network of credit unions represents 18% of bank branches, and occupies the 6 th position in the ranking of assets -and is, therefore, among the largest retail financial institutions in the country.Thus, auditing mechanisms are used by credit unions to maintain their integrity and image with members, customers and society, and in to achieve greater reliability when carrying out operations and processes.
In this context, this study aims to determine the relevance internal credit unions' auditors attribute to red flags in assessing the risk of fraud.

I n t e r n a l a u d i t i n g i n t h e prevention and detection of fraud
Internal auditing is designed to add value and improve the operations of an organization, assisting in the achievement of organizational objectives by a systematic and disciplined approach to evaluate and improve the risk management of operational efficiency, control and governance process (Pickett, 2005;Rittenberg & Schwieger, 2005).
Internal auditors have proper knowledge to analyze the possible occurrence of fraud and to conduct routine follow-up investigations.Corroborating the fact, evidence point out that the fraud at WorldCom was detected at first by the internal auditing team (Rittenberg & Schwieger, 2005).
Specifically, with respect to fraud, Cushing and Romney (1994) state that the same runs through the first ownership of an asset.Then the asset is changed so that it can be useful to the agent.Finally, the asset is concealed by adultering documents and/or records.This method is Cristian Baú Dal Magro / Paulo Roberto da Cunha important and leaves a trace that can help auditors uncover the possibility of fraud.
Mo r e ov e r, w h e n t h e r e i s f r a u d , organizations find it difficult to assess the damage; this is justified because not all fraud is discovered and reported, and the victim not always seeks civil or criminal compensation.Evidence indicates that in 68% of cases of fraud there is no recovery of values.Organizations located in Brazil remain passive in relation to acts of fraud, making it a fertile ground for its occurrence (KPMG, 2009).In addition, 55% of organizations consider that the internal auditing is responsible for implementing anti-fraud controls, focusing on technology tools and data analysis to identify red flags (KPMG, 2009).
Inefficiency in internal controls, the country's economy, failure in the banking system, inefficient police, type of business, collusions, management replacement, incompetence and ignorance are some of the factors that can contribute to the occurrence of fraud in organizations (Krambia-Kapardis, 2003).
The factors that favor the occurrence of fraud are relevant, but the steady increase in cases has been attributed to the benefits and impunity, when often organizations fail to prosecute and the fraudsters do not have suffer adequate punishment by Justice.On the other hand, detecting the presence of fraud is difficult because of the flexibility and subjectivity inherent to the implementation of certain standards, as well as the lack of record of all transactions in the so-called official accounting (Murcia et al., 2008).
Doubts about the credibility of auditing do not minimize its importance and usefulness in the discovery of fraud.Auditing provides anticipation and offers actions against fraudulent acts (Pinheiro & Cunha, 2003).Critical sense, auditing technique, document analysis technique, sampling, circularization and survey used by auditors in performing their duties help to identify and minimize the occurrence of fraudulent events (Pinheiro & Cunha, 2003).
Internal controls are also used by auditors in fraud prevention and detection, and reveal information hidden in the accounting system.According to Wells (1990), 20% of fraud is detected by auditors, and they are necessary to the development of procedures or strategies that are focused on fraud detection.In credit unions the effective action of auditing and internal control is perceived by the inspectors as a fraud mitigation factor (Oliveira, 2012).Therefore, the contribution of this study is to identify additional factors -red flags -that can serve as auxiliary mechanisms to internal auditors on the effectiveness of their duties.
The Central Bank of Brazil -BACEN (1998) points out that auditing and internal control must be effective and consistent with the nature, complexity and risk of operations.To Migliavacca (2004), auditing and internal control contribute to safeguarding of assets, business development and increase in operational results.Credit unions' surveillance and monitoring authorities seek to reduce the risks of financial activity, controlling actions by means of regulatory requirements, among which internal auditing and internal control are highlighted (Oliveira, 2012).
Internal auditing has undergone changes, not only evaluating internal controls but also having a senior management advisory role, providing corrective and preventive recommendations on the institutional risk (Santos & Vier, 2014).So that fraudulent activity may be detected, auditors must learn and recognize the symptoms linked to the existence of favorable conditions (Cottrell & Albrecht, 1994).Therefore, a favorable environment for the occurrence of fraud can be identified by red flags or warning signs (Albrecht, 2003).

Red flags in assessing risks of fraud
Auditors have found it hard to identify a case of fraud in advance due because it is often well hidden and usually the discovery occurs by chance.It is important that auditing use red flags to help identify potential fraud.Red flags are either events, situational pressure, opportunities Red flags in detecting credit cooperative fraud: the perceptions of internal auditors or personal characteristics that can cause interest in frauds, whether on behalf of the company itself or for any personal gain (Romney, Albrecht & Cherrington, 1980).
Red flags indicate warning signs to auditors about certain situations occurring in the organizational environment (Uretsky, 1980).Albrecht and Romney (1986), Eining, Jones and Loebbecke (1997), Bell and Carcacello (2000) and Wells (2005) point out that excessive pressure on executives to achieve organizational goals can create a favorable environment to fraud.Although red flags may not necessarily indicate the presence of fraud, they often show commonly present conditions in fraudulent events (Uretsky, 1980).Thus, red flags increase the perception of risk and facilitate auditors' judgment in the discovery of fraud (Kneer, Reckers & Jennings, 1996).
Knowledge of red flags provides a better understanding of the conditions that favor the occurrence of fraudulent acts.However, each individual may have different views about the warning signs, and the different perceptions can be explained by auditors' accounting knowledge, experience in the position or function, gender, age and education (Murcia et al., 2008).Albrecht (2003) points out that red flags are used to assist in mapping a fraudulent environment.Therefore, in organizations with an inadequate or fragile internal control environment the probability of fraud is increased (Albrecht & Romney, 1986;Wells, 2005).Migliavacca (2004) mentions that there are other factors contributing to the provision of warning signs, such as the moral integrity of managers, pressure on top management and favorable conditions.Cottrell and Albrecht (1994) explain that accounting irregularities, deficiencies in controls, analytical anomalies, changes in lifestyle and behavior of managers can be used as red flags for the identification and assessment of fraud risk.
Auditors need to understand the warning signs, and then react with attitude and consistency.To Groveman (1995), the most frequent causes of auditing failure in the identification and evaluation of fraud refer to inexperienced teams and attitudes of indifference as to warning signs.Hackenbrack (1993) argues that inexperienced auditors do not recognize red flags with the same intensity that experienced auditors do.On the other hand, Green and Calderon (1996) suggest that training can improve the perception of auditors concerning the identification of risk factors.
Foster, Karcher and Levitan (2003) found that men and women are equally adept at technology, but differ in the assessment of organizational controls and or warning signs.However, Schwartz and Wallin (2002) reported no differences between males and females in relation to the disclosure rate of fraudulent acts.Finally, Robertson (1997) states that the sharp drop in revenue and market share and unrealistic budget pressures are factors that can determine the occurrence of fraud.Kaplan and Reckers (1995) suggest that the change in lifestyle of the members of management, compensation programs and weaknesses in the audit department are usable red flags in the assessment of fraud risks.

Studies on red flags in the auditing field
National and international studies that have addressed red flags of different s environments and perceptions were found.In this sense, Kaplan and Reckers (1995) investigated the influence of three environmental red flags on actions of auditors referring to accounting estimates.A case describing a customer who changed several accounting estimates during the year was passed on to the auditors .The task of the auditors was to review the changes and indicate whether the various adjustments could preserve an unmodified report.The study indicates that red flags affect the materiality of the auditors on their judgments regarding the issuance of auditing reports.The influence of red flags can be moderated by the beliefs of the auditors regarding the reasons for the management and/or materiality of the amounts involved.
Cristian Baú Dal Magro / Paulo Roberto da Cunha For the construction of the survey instrument, firstly studies on red flags were identified.Secondly, studies mentioning possibilities of useful warning signs to identify fraud were selected.Finally, red flags that were adaptable to the perception of internal auditing were identified, and in addition, liable to check warning signs in financial institutions and credit unions.
Given the above, the first stage of the questionnaire aimed to characterize the respondents (gender, age, academic area, time experience in the position of internal auditor and if the auditor has professionally experienced fraud).
The second stage was used to verify the perception of internal auditors on the relevance of red flags on fraud risk assessment.To clarify the matter to the respondent, the following quote was inferred: According to Parodi (2005), red flags are warning indicators that aim to detect possible fraud.It can be said that these signals serve as a thermometer in the prevention and detection of fraud.It was also made clear to respondents that the questions are assertions of possible occurrences and do not mean that they are actually taking place in the organization where they work.
The questionnaire on the perception of red flags was separated into attributes and the likert scale used was five points ranging from very low (1) to very high (5).Therefore, the first attribute refers to the perception of auditors for possible red flags concerning the structure and environment of the Credit Unions.This attribute was composed of 13 questions adapted from studies referenced below, as shown in Table 1.There is an abnormal turnover of key personnel in the financial and accounting fields.The second attribute refers to the perception of auditors for possible red flags on the characteristics of managers and employees, consisting of 16 questions adapted from studies referenced below, as shown in Table 2.
Red flags in detecting credit cooperative fraud: the perceptions of internal auditors  The third attribute refers to auditors' perception regarding the relevance of red flags as to economic and financial characteristics.This attribute is made up of 8 questions adapted from studies referenced below, as shown in Table 3. Cristian Baú Dal Magro / Paulo Roberto da Cunha The fourth attribute refers to the perception of the auditors regarding red flags as to operational activities (flow of internal processes) and internal control.This attribute is made up of 11 questions adapted from studies referenced below, as shown in Table 4.

Table 4
Research instrument to assess the perception of internal auditors regarding the relevance of red flags as to the characteristics of operational activities and internal control procedures

No
Attributes Authors

38
In the audited branches, there is a significant number of transactions with customers who raise suspicions. (e)

39
In the audited branches, there are inadequate, incomplete files, excessive adjustments in accounting and unrecorded transactions.
(e) 40 In the audited branches, there are transactions that are too complex, especially at the end of the accounting period.
(c) (e) 41 In the audited branches, there is no segregation of duties and there are no basic controls such as double checking and conciliation of automated controls.(a), (d), (f ) 42 In the audited branches, rules providing guidance and support in the execution of tasks between branches are not complied.

43
In the branches audited, the system used does not require a third party to make the confirmation of transactions and credit release to customers.Source: Adapted (a) "The efficacy of a red flags questionnaire for assessing the possibility of fraud", de K. V. Pincus, 1989, Accounting, Organizations and Society, 14, 153-163;(b) Resolução BACEN n. 2554, 1998;(c) "Internal auditors' perceptions of the effectiveness of red flags to detect fraudulent financial reporting", de G. D. Moyes et al., 2006, Journal of Accounting, Ethics & Public Policy, 6, 1-28;(d)  The fifth attribute refers to the perception of internal auditors to possible red flags in the characteristics of the credit union's internal auditing, made up of 3 questions that were adapted from studies referenced below, as shown in Table 5.
Red flags in detecting credit cooperative fraud: the perceptions of internal auditors (d) "Relevância dos red flags na avaliação do risco de fraudes nas demonstrações contábeis: A percepção de auditores independentes brasileiros", de F. D. R Murcia et al., 2008, Revista Universo Contábil, 4, 25-45.The adjustment procedure of the questions required researchers' skills and expertise in identifying red flags which were adaptable to the perception of internal auditors, and ability to check the internal warning signs in credit unions.Although the research instrument had been adapted from several studies, it is innovative because all questions were modified, adapted and revised by researchers and professionals from the field.
The survey instrument was sent by email to two researchers and two professionals working in internal auditing of credit unions.In this case, both of them had to observe the adequacy of the research instrument's questions to the professional reality of credit unions' internal auditors.The answers were returned via electronic files, contemplating suggestions referring to greater emphasis on the inclusion of the term "branches" in the attributes of red flags, as well as the segregation of attributes in sectoral characteristics, as follows: structure and environment; managers and employees; economic and financial; operational activities and internal control procedures; and internal auditing.
Given the above, there was also the need to validate the research instrument; this was carried out by two internal auditors who have worked in credit unions for over 5 years.The most important suggestion was the inclusion of the following sentence, to appear above each group of questions: consider that the questions are assertions of possible occurrences and do not mean that they are actually happening in your organization; therefore, respondents should only infer their perception of the importance given to each red flag, if they were to occur.The inference sought to clarify the respondents that the affirmatives (red flags) are only possibilities of fraud, and that, even without any occurrences, relevance could be attributed according only to their perception if such a fact occurs.
To collect the data, we first checked information about the credit unions in the Southern Region on the sites of OCEPAR, OCESC and OCERGS.Then there was telephone contact with those responsible for audit teams in order to get the email of internal auditors.Later, the access link to the questionnaire was sent via Google Docs to the email of auditors:<https://docs.google.com/forms/d/1UiGdRFqpgOh1ejH1gYtGmkw_ gzJPYlHx0iWnCcnHTOA/viewform>.
The data obtained from the questionnaires were tabulated in spreadsheets.Prior to the analysis, Cronbach's alpha test was prepared in order to measure the reliability of the questionnaire.The Cristian Baú Dal Magro / Paulo Roberto da Cunha test result suggested the deletion of attribute number 1 (the organizational structure of the branch is too complex) referring to the group's structure and environment, of attribute number 14 (a significant part of the remuneration of managers and employees of audited branches is conditioned to achieving aggressive goals), and of attribute number 15 (the managers of audited branches are excessively interested in presenting satisfactory results), both referring to the group of managers and employees' characteristics.Finally, there was the exclusion of the attribute number 32 (the market in which credit unions operate is highly competitive and saturated, generating a reduction in the results of the credit unions), referring to economic and financial characteristics.
Later there was an analysis of attributes (red flags) validated by Cronbach's alpha test using descriptive statistics.Furthermore, in order to identify whether there were differences between the profile responses (characteristics) of respondents, two additional tests were conducted: Mann-Whitney's and Kruskal-Wallis' tests.Finally, we used the Pearson Correlation test to check the strength of the relevant relationship between the groups of the studied attributes.Cronbach's Alpha, Mann-Whitney's, Kruskal-Wallis' and Pearson Correlation tests were applied using SPSS software.

Discussion and analysis of results
First, in order to verify the profile (characteristics) of the internal auditors from the participating credit unions in this research, we established Table 6.We can see in Table 6 that 36 auditors are male and 15, female.Regarding age, there is a predominance of internal auditors between 26 and 30 years old, accounting for 39.22%, and between 30 and 40 years old, representing 31.37% of the sample.The academic background in accounting is prevalent for internal auditing professionals from credit unions, representing 76.47% of the sample.
Experience in the position of internal auditor is not a very long horizon, in which 56.86% have a long experience of 1 to 5 years, consistent with the low age identified in the sample.However, it is possible to infer that, Red flags in detecting credit cooperative fraud: the perceptions of internal auditors despite the limited experience of most internal auditors, 78.43% have experienced fraud in the course of their professional life, demonstrating the validity for the study implementation on warning signs for the occurrence of fraud with internal auditors.Table 7 shows the Cronbach's alpha of the research groups of attributes.We can see in Table 7 that, in the SE attributes groups (Structure and Environment), MANEMP (managers and employees) and ECOFIN (Economic and Financial), it was possible to improve test reliability by excluding attributes of each group.In the SE group, in the first round using 13 attributes, Cronbach's alpha showed a coefficient of 0.901.However, it was found that with the exclusion of attribute number 1 (the organizational structure of the branch is too complex) it is possible to achieve a Cronbach's alpha of 0.916.
In the MANEMP group, first round using 16 attributes, Cronbach's alpha showed a coefficient of 0.900.However, it was found that the exclusion of attribute number 14 (a significant part of the remuneration of managers and employees of branches is conditioned to the achievement of aggressive goals) and attribute number 15 (the managers of branches audited have excessive interest in presenting satisfactory results) provides an increase in Cronbach's alpha to 0.910.
In the ECOFIN group, in the first round using 8 attributes, Cronbach's alpha showed a value of 0.764.However, Cronbach's alpha verified that the exclusion of attribute number 32 (the market in which credit unions operate is highly competitive and saturated, generating reduction in earnings of cooperatives) provides a Cronbach's alpha of 0.823.
Finally, in the OPECONT and INTAUD groups, Cronbach's alpha demonstrated that there is no need to exclude any item in order to improve the consistency of the model.Thus, none of the observed attributes was deleted, keeping the same number of questions contained in the research instrument respectively with 11 and 3.As can be seen in Table 7, in the second round all attributes of groups of red flags demonstrated a Cronbach's alpha consistently greater than 0.80.Table 8 shows the descriptive statistics of the attributes of the structure and environment characteristics group.
Cristian Baú Dal Magro / Paulo Roberto da Cunha It can be seen in Table 8 that attribute 1 (the organizational structure of the branch is too complex) is not in the analysis of the group structure and environment characteristics by the exclusion determined by Cronbach's alpha.
Regarding internal auditors' perception of the relevance of each attribute, item 2 (the credit union does not have a punishment policy for dishonest acts) had an average/median of 4.10/5.00;attribute 7 (the board of directors and/or supervisory board did not adequately monitor operational systems and internal control) showed an average of 3.94.Attribute 4 (there is a strong suspicion that branch managers are in partnerships with people outside the organization) had an average of 3.77, attribute 12 (the Board of Directors or Supervisory Board did not adequately monitor the generation process of accounting reports) averaged 3.75, attribute 3 (communication of ethical and moral values is not performed by superiors, and/or communication of some ethical and moral values are considered inappropriate) had an average of 3.69 and attribute 11 (branches do not adequately comply with regulations, instructions and policies set by the cooperative management bodies) had an average of 3.67.The exposed attributes are highly relevant for the internal auditors of credit unions as signaling mechanisms (red flags) for the possibility of fraud referring to characteristics of the structure and environment in credit unions.
The attributes perceived as less important were 10 (a credit union provides lower benefits to employees) with average/median of 2.37/2.00 and 9 (a credit union provides low investment in employee training) with average/median of 2.49/2.00.Table 9 shows the descriptive statistics of the group characteristics of managers and employees.As for the perception of internal auditors about the relevance of each attribute, item 20 (managers of the branches audited often try to justify the use of operational procedures considered improper) had a mean/median of 3.86/4,00, and 16 (the managers of branches that are audited are dishonest and unethical, have dubious character) had a mean/median of 3.76/5.00.The exposed attributes are highly relevant for the internal auditors of credit unions as signaling mechanisms Red flags in detecting credit cooperative fraud: the perceptions of internal auditors (red flags) for the possibility of any fraud referring to the characteristics of credit unions' managers and employees.
The attributes perceived as less important were 24 (managers of the branches that are audited show gratitude above normal proving highly unselfish interests, solicitous, efficient and thorough in accountability of branches) with an average/median of 2.88/3.00,18 (managers and employees of branches that are audited have low skills and little experience) with average/median of 3.04/3.00and 29 (the board of directors and the supervisory board have excessive interest in maintain and/or increase the disclosure of a growing trend of financial surplus) with average/ median of 3.08/3.00,respectively.Table 10 shows the descriptive statistics of the attributes of the group of economic-financial characteristics.It appears in Table 10 that attribute 37 (there are branches audited making transactions/ operations considered to be dangerous) had the highest perception of relevance, with an average/ median of 3.67/4.00respectively.On the other hand, attributes perceived as less important for signaling the possibility of any fraud were 31 (branches make a significant investment in a range of services that are subject to high interference from government regulation) and 36 (there are internal and external issues in branches audited that cause doubts about the continuity of activities), and the mean/median of 2.94/3.00.Table 11 shows the descriptive statistics of the attributes of the group of characteristics of the operations and internal controls.We can see in Table 11 that, although the median of all the attributes was 4.00, it is possible to infer that, considering the average, attribute 44 (in the branches audited, there are no limits of competence according to the nature and value of the resources involved in a credit release and decisions on credit releases are dominated by a single individual), attribute 43 (in the branches audited, the system used does not require a third party to make the confirmation of transactions Cristian Baú Dal Magro / Paulo Roberto da Cunha and credit releases to customers) and attribute 39 (in the branches audited, there are inadequate and incomplete files, excessive adjustments in accounting and transactions not recorded) had the best averages for the perception of warning signs.Table 12 shows the descriptive statistics of the attributes of the internal auditing group characteristics.It appears in Table 12 that the attributes with greater relevance were 50 (there are formal or informal restrictions on the internal auditors that limit their access to people, information and documents of the branches audited) that showed an average/median 3.69/4.00and 49 (managers of the branches audited have a dominant and influent behavior on the internal auditing) that showed an average/median of 3.53/4.00.On the other hand, the attribute that showed less relevance to this characteristic was 51 (the head of internal auditing of the branches audited is replaced with high frequency) with a mean/median of 2.98/3.00.Table 13 shows the descriptive statistics of perceived relevance of red flag groups.From the results shown in Table 13 it can be inferred that the attribute group with higher perceived relevance by the internal auditors of credit unions was referring to characteristics of the operational activities and internal control procedures (OPECONT).The increased perception of relevance to the possibility of fraud in aspects referring to operational activities and internal control procedures can be explained by the role of internal auditors.According to Migliavacca (2004), CFC NBC (2008), and Santos and Vier (2014), internal auditing is essential for organizations for the constant concern with controls and internal processes.In addition, in the credit unions the action of internal auditing is perceived by the effectiveness of internal control, providing reliability and safety to the cooperative (Oliveira, 2012).
On the other hand, results indicate that the attribute group with lower perception of Red flags in detecting credit cooperative fraud: the perceptions of internal auditors relevance referred to economic and financial characteristics (ECOFIN), averaging 3.13.This result is due to the internal auditing activity focus being less guided to marketing and financial facts.However, as noticed by Santos and Vier (2014), the internal auditing is changing its look, which was only on internal controls, to observing the institutional risks.
Furthermore, in order to identify whether there are statistical differences between the profile responses of internal auditors out two tests were carried out (Mann-Whitney; Kruska-Wallis).Mann-Whitney's test was used to check the independent variables with two samples.Thus, gender characterization was segregated into (male -1, female -2); and the characterization demonstrating whether the auditor experienced a case of fraud while working was segregated in (yes -1, no -2).Table 14 shows the results of the Mann-Whitney's test for the gender variable and the variable that shows whether the auditor has experienced a case of fraud while working.The results in Table 14 show that internal auditors of both genders do not have different perceptions about the significance of red flags, corroborating the evidence by Schwartz and Wallin (2002) and Smith et al. (2005), and contradicting the inference by Foster et al. (2003) on the different perception of the warning signs for male and female auditors.
We can see that the variable experience with a case of fraud presented significance at a level of 5% with the group of red flags referring to structure and environment (SE), managers and employees (MANEMP), economic and financial (ECOFIN) operating activities and internal control procedures (OPECONT), and showed no significance with internal auditing (INTAUD).
The results indicate that internal auditors who have experienced a fraud case have different perceptions about the significance of red flags referring to ESE, MANEMP, ECOFIN and OPECONT in relation to those who have never experienced fraud.On the other hand, the experience with a case of fraud is not a condition for different perception of relevance of red flags referring to INTAUD.Table 15 shows the results of the Mann-Whitney's test variable experience with a case of fraud in red flag groups SE, ECOFIN and OPECONT.
Red flags in detecting credit cooperative fraud: the perceptions of internal auditors involving financial aspects of high risk, need special attention on the subject, and therefore, internal auditors may use the findings to glimpse the search for additional powers to exercise their duties.
Finally, it is recommended to carry out further studies in order to observe the relationship of perceived relevance of red flags in organizations that experienced fraud.Thus, it will be possible to see if the organizations where auditors have a lower perception of warning signs could suffer with higher occurrence of internal fraud and financial statements.Also, there are possibilities of application of the studies in financial institutions to compare the perception of internal and independent auditors about warning signs addressed in several national and international studies.
Koornhof and Du Plessis (2000) conducted a survey of investors and creditors from South Africa on the use of red flags.A questionnaire was sent to bank secretaries (representative of creditors) and portfolio managers (investors' representatives).The results indicated that creditors and investors in South Africa are aware of the benefits offered by red flags as a warning system for fraud detection.Moyes, Lin, Landry and Vicdan (2006) investigated the perception of 82 internal auditors on the effectiveness level of 42 red flags for detecting fraudulent financial reports.The results indicate that 15 red flags were perceived as more effective, 14 as effective and 13 as ineffective.Finally, the results show that internal auditors evaluate red flags labeled as incentives and pressures the most effective ones in detecting fraudulent financial reports.Murcia et al. (2008) analyzed the perception of independent auditors on the relevance of red flags in assessing the risk of fraud in financial statements.They selected 45 red flags which were divided in 6 groups: structure and environment, sector/industry, managers, economic and financial situation, financial reporting and external auditing.The results suggest that 95.56% of red flags show a medium or high risk in the evaluation process of fraud in financial statements.Furthermore, the six groups of red flags showed individually an average greater than or equal to 3.35 with respect to a scale of importance from 1 to 5 points.Moyes (2011) analyzed the different perceptions between internal and external auditors on fraud detection level of 42 red flags.The results indicate that there is no difference in the perception of internal and external auditors concerning red flags.In addition, the study found evidence that 17 red flags have differences in efficacy for fraud detection.For external auditors the use extension and exposure to red flags were predictors of the perception of efficacy.For internal auditors the effectiveness in detecting frauds was due to experience.Finally, female auditors rated the effectiveness of red flags in greater proportion, attributing a higher value to such indicators to fraud warning.Moyes, Young and Mohamed (2013) found the perception of internal and external auditors of Malaysia on 99 red flags used for fraud detection.The Standard Auditing Statement (SAS) from the US and international auditing standards require the external auditors to use red flags in order to detect fraudulent activities in financial reports.The results showed that the external and internal auditors perceive different levels of effectiveness of red flags and differences were found between the perceptions of internal and external auditors on the effectiveness of 12 red flags.The study by Smith, Omar, Idris and Baharuddin (2005) aimed to identify red flags perceived individually by auditors as most important, and explored the demographics of Malaysia's auditors about the impact on the perception of importance of red flags.They concluded that individuals indicated operational category and financial stability as the most important, followed by the features of influenced management on the environment control and some characteristics of the industry itself.The perception of the auditors was not influenced by demographic origins referring to gender, years of experience or type of auditing firm.Red flags in detecting credit cooperative fraud: the perceptions of internal auditors The research population consists of 246 internal auditors working in the Central Credit Union of Southern Brazil, registered with the Organization of Cooperatives in the State of Paraná -Brazil (OCEPAR), the Organization of Cooperatives in the State of Santa Catarina -Brazil (OCESC) and the Organization of Cooperatives in the State of Rio Grande do Sul -Brazil (OCERGS).The survey sample was designed in view of the research instrument return, totaling 51 respondents.
has difficulties in complying with the requirements of regulatory branches (Central Bank of Brazil).(b), (d), (f ) 07 The board of directors and/or supervisory board did not adequately monitor operational and internal control systems.(a) (f ) 08 There is an abnormal difference in the salaries of managers and employees in relation to the same segment entities and/or size.(b) 09 The Credit Union provides low investment in employee training.(b) 10 The Credit Union provides low benefits for employees (childcare, flexible working hours, bonus system and profit sharing, merit increases, etc.).(b)Cristian Baú Dal Magro / Paulo Roberto da Cunha No. Attributes Authors 11 The branches do not adequately comply with regulations, instructions and policies established by cooperative management bodies.(c) 12 The Board of Directors or Supervisory Board did not adequately monitor the generation of financial reports.(a) (f ) 13 In the past, the Credit Union presented problems when publishing financial reports.(a) (f )Source: Adapted (a) "The efficacy of a red flags questionnaire for assessing the possibility of fraud", de K. V.Pincus, 1989, Accounting, Organizations and Society, 14, 153-163; (b) "Changing the model for prevention and detection of fraud", de H. D. Glover e J. Y. Aono, 1995, Managerial Auditing Journal, 10, 3-9; (c) Resolução BACEN n. 2554, 1998; (d) "Red flagging as an indicator of financial statement fraud: The perspective of investors and lenders", de C. Koornhof e D. Du Plessis, 2000, Meditari Accountancy Research, 8, 69-93; (e) "Internal auditors' perceptions of the effectiveness of red flags to detect fraudulent financial reporting", de G. D. Moyes et al., 2006, Journal of Accounting Ethics & Public Policy, 6, 1-28; (f ) "Relevância dos red flags na avaliação do risco de fraudes nas demonstrações contábeis: A percepção de auditores independentes brasileiros", de F. D. R Murcia et al., 2008, Revista Universo Contábil, 4, 25of the remuneration of managers and employees (represented by bonuses, awards and incentives) of audited branches is conditioned to the achievement of aggressive goals.(b) (f ) (g) 15 Managers of audited branches are excessively interested in presenting satisfactory results.(a) (g) 16 Managers of audited branches are dishonest and unethical, presenting dubious character.(d) (g) 17 Managers of audited branches have an aggressive lifestyle (propensity to make decisions involving excessive risk), involving addictions (gambling, drinking and drugs) and intense greed.(a) (g) 18 Managers and employees of audited branches have low skills and little experience.(e) (g) 19 The Board of Directors exerts excessive pressure on managers of audited branches for compliance with financial goals.(f ) (g) 20 Managers of audited branches often try to justify the use of operational procedures (credit release, routine operations, control routines) considered inappropriate.(g) 21 The manager and employees of audited branches do not have adequate knowledge about the importance of the credit union's operational controls and internal policies.(h) 22 Managers and employees of audited branches rarely communicate or identify any deficiencies in operating systems and internal controls.(h) 23 Managers of audited branches have decision-making power to judge changes in the operational system and internal control of the branch and or cooperative.(w) 24 Managers of audited branches show above normal gratitude, presenting highly unselfish interests -and are solicitous, efficient and thorough in showing the accountability of the branches.(e) 25 Managers and employees of audited branches, considered as having key roles, never take vacations.(e) 26 Managers of audited branches show a rapid change in lifestyle and discrepancy between wages and goods/ properties.(e) 27 Managers of audited branches have high personal debts and are unstable (frequent change of business, divorce, etc.).(a) branches have a strong association and friendship or relationship with customers who have large flow of operations at branches.(a) 29 The Board of Directors and the Supervisory Board have excessive interest in maintaining and/or increasing the disclosure of a growing trend of financial surplus.(a) Source: Adapted (a) "Red-flagging management fraud: A validation", de S. Albrecht e M. Rommey, 1986, Advances in Accounting, 3, 323-33; (b) "The efficacy of a red flags questionnaire for assessing the possibility of fraud", de K. V.Pincus,  1989, Accounting, Organizations and Society, 14, 153-163;(c) "Changing the model for prevention and detection of fraud", de H. D. Glover e J. Y.Aono, 1995, Managerial Auditing Journal, 10, 3-9; (d)  "Red flagging as an indicator of financial statement fraud: The perspective of investors and lenders", C.
generally speaking, are going through a time of decline and bankruptcies are increasing, causing losses to the members.(a),(b), (c)31In general, branches make a significant investment in a range of services that are subject to high interference from government regulation.(a), (c)32The market in which credit unions operate is highly competitive and saturated, generating a steady reduction in the results of cooperatives.(a),(c)33In the audited branches, a rapid growth or profitability is noticed, considered unusual for that branch, especially when compared to other branches.of audited branches is generally not considered enough to finance their operations.(a) 36 There are internal and external issues of the audited branches that cause doubts about the continuity of their activities.that are audited making transactions/operations (credit release) considered dangerous.(a)Source: Adapted (a) "The efficacy of a red flags questionnaire for assessing the possibility of fraud", de K. V.Pincus, 1989,  Accounting, Organizations and Society, 14, 153-163; (b)  "Internal auditors' perceptions of the effectiveness of red flags to detect fraudulent financial reporting", de G. D.Moyes et al., 2006, Journal of Accounting, Ethics & Public Policy, 6, 1-28; (c) "Relevância dos red flags na avaliação do risco de fraudes nas demonstrações contábeis: a percepção de auditores independentes brasileiros", de F. D. RMurcia et al., 2008, Revista Universo Contábil, 4, 25-45.
(a), (d), (f ) 44 In the branches audited, there are no limits of competence according to the nature and value of the resources involved in a credit release, and credit release decisions are dominated by a single individual.(a) (f ) 45 The conclusions, recommendations and demonstrations about exams and possible weaknesses in internal controls of branches that are audited are not submitted to the board of directors and do not remain at the disposal of the Central Bank of Brazil for a period of five (5) years.(b) (c) 46 In audited branches, there are inadequacies and/or deficiencies in contracts with customers.(b) 47 Loans and rules for the allowance for doubtful accounts are not made based on consistent and verifiable criteria or supported by the credit risk level of the transaction.(b) 48 Audited branches have an inadequate internal control system (operational) and had problems in the past.(e) (c) branches present dominant and influential behavior over internal auditing.(b), (c), (d) 50 There are formal or informal restrictions on internal auditors that limit their access to people, information and documents of audited branches.(b), (c), (d) 51 The head of internal auditing of the branches is replaced very frequently.(a) (d) Source: Adapted (a) "Red flagging as an indicator of financial statement fraud: The perspective of investors and lenders", C. Koornhof e D. Du Plessis, 2000, Meditari Accountancy Research, 8, 69-93; (b) "Internal auditors' perceptions of the effectiveness of red flags to detect fraudulent financial reporting", de de G. D. Moyes et al., 2006, , Journal of Accounting, Ethics & Public Policy, 6, 1-28; (c) "The differences in perceived level of fraud-detecting effectiveness of SAS No. 99 red flags between external and internal auditors", de G. D. Moyes, 2007, Journal of Business & Economics Research, 5, 9-25;