Beyond Annual Audit | Strengthening Fraud Oversight in China

Abstract

In recent years, multinational companies operating in China have devoted significant attention to external risk factors such as geopolitical tensions and trade disputes. Yet while external risks command executive focus, internal risks can quietly accumulate. Paul Tan explains the different mandates of external auditors and forensic auditors, the practical implications of those differences, and why deploying the right expertise at the right time materially influences outcomes when concerns arise.

Identifying and managing risk is essential to running a successful business. Senior management teams tend to focus on external risks — risks that are usually visible, widely reported, and often perceived as existential to market access and operational continuity. However, in China it is often misconduct by internal actors — usually in collusion with third parties — that is particularly prevalent when economic conditions are challenging. These issues may remain undetected for extended periods, particularly where there is misplaced reliance on routine audits or assumptions that global compliance programmes will function identically across jurisdictions.  

When internal fraud and misconduct come to light, it is often triggered by external events such as a tax inspection, whistleblower report, business partner dispute, or government investigation rather than as a result of internal control audit procedures. The organisation must not only respond to the external allegations of wrongdoing, but it must also understand why its oversight systems failed to identify the issue.

Contrasting the distinct roles between external auditors and forensic auditors is therefore not merely a technical accounting matter. It is central to how companies design effective oversight frameworks, deploy external resources appropriately, and manage legal, regulatory, and reputational risk in complex environments such as China.

External Auditor or Investigator?

According to the Association of Certified Fraud Examiners (ACFE), external audits detect fewer than 3% of occupational fraud cases.^[1] This limitation stems from the fundamental design of external audits, which focuses on providing reasonable assurance about financial statement accuracy rather than conclusions on comprehensive fraud detection. When specific financial irregularities are suspected or alleged, organisations require specialised investigative expertise that goes beyond traditional audit methodologies.

One way to understand the roles of external auditors and forensic auditors is through the analogy of law enforcement functions:

• External auditors are like patrol officers, focused on routine oversight to maintain order.
• Forensic auditors are like detectives, brought in when something has gone wrong and a thorough investigation is needed.

External Auditors: Routine Oversight for Assurance

Like patrol officers, external auditors maintain oversight through structured procedures. Their work includes:

• Preventive presence: External audits have a deterrent effect by promoting accurate financial reporting, but detection of wrongdoing is not their primary aim.
• Standardised methodology: Auditors follow established procedures, examining financial statements through a combination of risk-based and statistical sampling techniques to evaluate whether financial statements are fairly presented in line with applicable accounting standards.
• Materiality focus: Efforts are concentrated on areas most likely to contain material misstatements for the specific reporting period.

This is akin to patrolling a known high-crime area: visible, structured, but reactive only to observed violations.

Forensic Auditors: Targeted Investigative Specialists

Forensic auditors operate like detectives and are engaged when red flags emerge. Their work differs fundamentally from the role of external auditors:

• Event-driven engagement: Forensic auditors are typically engaged as a result of specific allegations, anomalies, or suspicions of misconduct. Even if used proactively, it is in response to a specific risk or concern.
• Comprehensive examination: Rather than relying on sampling, forensic auditors assess all relevant data to uncover facts — who did what, when, how, and why.
• Legal orientation: Forensic work is conducted with potential legal proceedings in mind. As such, forensic auditors often work under legal privilege and must ensure evidence collection and documentation meet standards for admissibility in litigation or regulatory proceedings. No such privilege exists for external auditors or their underlying audit evidence.

What Sets Forensic Auditors Apart

Different Tools for Different Objectives

Aspect	External audit	Forensic audit
Trigger	Routine, annual process	Reactive to specific allegations or identified risk
Approach	Sampling techniques based on materiality	Comprehensive review of all relevant data
Evidence standards	Sufficient for audit opinion	Must meet legal admissibility standards
Reporting	Opinion on financial statements	Factual findings used by management, regulators, or courts

Internal Investigations: Uncovering the Facts

Organisations engage forensic auditors when specific financial irregularities or other forms of employee misconduct are suspected or alleged. Common scenarios include:

• Asset misappropriation cases: When employees are suspected of theft, unauthorised payments, or creating fictitious transactions for personal benefit.
• Financial reporting fraud: When management may be manipulating financial results through improper revenue recognition, expense manipulation, or other accounting irregularities.
• Corruption and conflicts of interest: When concerns arise about bribery, kickbacks, or undisclosed related-party transactions.

The investigative approach employed by forensic auditors enables them to trace transaction flows, analyse patterns, conduct interviews, and utilise digital forensics techniques that are beyond the scope of traditional external audits. Their training in accountancy and audit principles means they can also support the company and its legal advisors in ensuring the internal investigation is scoped and delivered to meet external auditors’ expectations.

Forensic Auditors Support in Legal and Regulatory Actions

Evidence That Holds Up in Court

Unlike external auditors, forensic auditors tailor their work for potential legal proceedings by ensuring:

• Rigorous documentation: All investigative procedures are thoroughly documented with clear chains of custody for physical and electronic evidence.
• Preservation protocols: Electronic evidence is collected and preserved using forensically sound methods that maintain data integrity.
• Forensic standards: Forensic investigations adhere to professional standards that support the admissibility of findings in litigation or regulatory proceedings.

Interfacing With Regulators

Forensic auditors often serve as intermediaries between organisations and regulatory authorities, helping to:

• Facilitate disclosure: Ensuring that regulatory reporting requirements are met with accurate and complete information about identified misconduct.
• Support cooperation: Providing well-documented findings that demonstrate organisational commitment to addressing compliance issues.
• Expert testimony: Serving as expert witnesses who can explain complex financial matters to regulators, courts, and arbitrators.

A Key Objective of Forensic Audits: Root-Cause Analysis

Forensic audits and internal investigations, if conducted effectively, can serve a range of important functions for companies responding to concerns about fraud, misconduct, or regulatory compliance issues.^[2]

Beyond the immediate objective of identifying internal bad actors and the scale of any misconduct, sound investigations should establish how any issues occurred, why existing controls were ineffective, and whether similar risks exist elsewhere in the business. Only then can organisations take appropriate measures to reduce the likelihood of recurrence.

This root cause analysis is about identifying systemic factors such as control weaknesses, governance gaps, inadequate oversight, problematic incentive structures, or cultural pressures that may have contributed to the problem. Rather than simply asking “who did what,” this analysis examines what combination of factors caused the misconduct to take place and not be detected sooner.

China-Specific Considerations for Internal Investigations

Some important considerations need to be factored in when conducting forensic audits or internal investigations in China, including the following:

• China’s data compliance and sovereignty requirements must be respected. Data preservation, data processing, and cross-border information sharing are distinct stages, each with different legal considerations. A general principle is to keep data review in-country, using onshore data hosting and in-China reviewers. Any data potentially touching state secrets or other sensitive information should be segregated, and a local lawyer should be enlisted to screen data prior to cross-border transfer. Certain data may need to be withheld from export or redacted to comply with relevant laws and regulations.

• The use of personal messaging apps when conducting business is commonplace. Discussions with distributors, agents, vendors, customers, and colleagues routinely occur through mobile messages, voice notes, and group chats on non-company platforms and devices, despite efforts through corporate policies to prevent this. Failure to gain access to such records, with appropriate consent and consideration given to privacy laws, can impose material limitations on internal investigations, which compromise the reliability of their conclusions. Careful consideration therefore needs to be given to data collection scope and the appropriate legal safeguards.

• Information-gathering interviews conducted as part of internal investigations in China require more than technical questioning skills. Cultural calibration, including rapport-building and respectful tone, is important to avoid approaches that could shut down disclosure from interviewees. Caution is also needed to avoid misinterpreting cultural differences and language barriers, such as reserved behaviour, indirect communication styles, or hierarchy-driven reticence, which can otherwise be mistaken for evasiveness or lack of cooperation.

• China’s business environment has become highly digitised, transaction-dense, and platform-driven. For instance, routine use of cash has largely been replaced by digital payments. Organisations generate significant volumes of transactional and activity data across multiple systems and databases. In this environment, traditional reliance on interviews and sample-based testing of financial transactions is often insufficient. Forensic data analytics applied to internal business data — such as micro-payments, system metadata, and user-activity logs — allows internal investigators to identify issues through patterns, trends, and anomalies rather than isolated transactions. This approach helps surface connections and risk indicators that may not be apparent through conventional review techniques.

Conclusion

External audits and forensic audits serve fundamentally different purposes. One provides structured, periodic assurance over financial reporting; the other delivers targeted, fact-based investigation when specific risks or allegations emerge. Confusing the two, or expecting one to substitute for the other, can leave organisations exposed.

In the China context, this distinction becomes particularly important. The regulatory landscape, data compliance requirements, digitised business practices, and cultural dynamics surrounding information gathering all add layers of complexity to internal investigations. Missteps in data handling, evidence preservation, interview execution, or regulatory engagement can exacerbate the original issue and create secondary risks.

For multinational companies, the key is not to assume that fraud detection is embedded automatically within standard audit processes. Rather, it is to recognise that different tools are designed for different objectives. External audits promote financial reporting integrity. Forensic audits uncover facts, establish accountability, and identify systemic weaknesses when concerns arise.

Well-executed forensic investigations do more than determine what happened. They clarify root causes, strengthen governance frameworks, and reduce the likelihood of recurrence. In doing so, they help organisations transition from reactive crisis management to proactive risk mitigation.

In an environment where external scrutiny can arise quickly and unexpectedly, companies that understand these distinctions — and are prepared to mobilise the appropriate expertise — are far less likely to be caught off guard.

This article was originally published in the March/April edition of the European Chamber’s EURObiz magazine.

References

[1] McGowan, D., and McNeil, A., Fighting Fraud: A Shared Responsibility, The Center for Audit Quality, 25^th June 2024, viewed 3^rd March 2026, <https://www.thecaq.org/aia-fighting-fraud-a-shared-responsibility>

[2] It should be noted that all such reviews and investigations are conducted within the scope of corporate authority and established compliance, audit and employment frameworks, and are distinct from any law-enforcement or regulatory authority’s investigation.

^{© Copyright 2026. The views expressed herein are those of the author(s) and not necessarily the views of Ankura Consulting Group, LLC, its management, its subsidiaries, its affiliates, or its other professionals. Ankura is not a law firm and cannot provide legal advice.}