Internal Auditor (Risk & Compliance Department)

The Internal Auditor is responsible for providing independent, objective assurance and advisory services to safeguard organizational assets, revenue, and reputation. The role focuses on strengthening internal controls, preventing and detecting fraud, sealing revenue leakages, enhancing operational efficiency, and ensuring compliance with healthcare, financial, and regulatory requirements in alignment with the organization’s strategic objectives.

KEY RESPONSIBILITIES

1. Audit & Assurance

• Develop and implement a risk-based annual internal audit plan aligned with organizational operations and risk profile for approval by the Executive Director.

• Conduct financial, operational, clinical-support, procurement, HR, pharmacy, stores, security, and IT audits.

• Evaluate the adequacy and effectiveness of internal controls, systems, and standard operating procedures across departments.

• Perform routine and surprise audits in high-risk areas including cash points, billing offices, pharmacy, laboratory, theatre, wards, and stores.

• Assess segregation of duties, authorization limits, and system access controls to minimize fraud and operational errors.

2. Financial & Revenue Audits (Anti-Revenue Leakage Focus)

• Audit the full revenue cycle including patient registration, billing, insurance and SHA claims, cash collections, waivers, discounts, credit notes, and write-offs.

• Identify, document, and investigate revenue leakages arising from under-billing, non-billing, unauthorized discounts, commission abuse, or system manipulation.

• Review insurance and SHA claims for accuracy, completeness, and timeliness to reduce rejections and revenue loss.

• Audit procurement processes, supplier vetting, contract management, and payments to prevent collusion, overpricing, and fictitious suppliers.

• Review inventory controls for pharmacy, laboratory reagents, medical supplies, and consumables to prevent pilferage, expiries, theft, and undocumented usage.

• Audit payroll, allowances, overtime, locum payments, and statutory deductions to prevent ghost workers and inflated payments.

3. Fraud Prevention, Investigations & Risk Management

• Conduct regular fraud risk assessments across clinical and non-clinical departments.

• Proactively identify fraud indicators and red flags within billing, procurement, payroll, inventory, and revenue processes.

• Investigate suspected fraud, theft, revenue diversion, collusion, conflict of interest, or unethical conduct as directed by management.

• Support HR and management in disciplinary and corrective actions arising from audit and investigation findings.

• Maintain a fraud and revenue leakage register and track mitigation actions.

4. Compliance & Governance

• Monitor compliance with healthcare regulations, insurance requirements, labor laws, and internal organizational policies.

• Ensure adherence to approved financial policies, procurement guidelines, billing procedures, and commission structures.

• Promote ethical conduct, accountability, and transparency across the organization.

5. Reporting & Follow-Up

• Prepare clear, timely, and actionable audit and investigation reports with practical recommendations.

• Present audit findings to senior management and relevant stakeholders.

• Track implementation of agreed audit recommendations and report on outstanding issues.

6. Advisory & Continuous Improvement

• Advise management on strengthening internal controls to reduce fraud risk and revenue leakage.

• Recommend cost-containment measures and operational efficiencies without compromising service quality.

• Support Continuous Quality Improvement (CQI) initiatives from a risk and control perspective.

• Participate in the review and development of policies related to finance, procurement, billing, commissions, and inventory management.

7. Authority & Independence

• The Internal Auditor shall have unrestricted access to all records, systems, personnel, and premises necessary to perform audit and investigation duties.

• The role operates independently from day-to-day operations to ensure objectivity and professional integrity.

QUALIFICATIONS & EXPERIENCE

• Bachelor’s degree in Accounting, Finance, Business Administration, or a related field.

• Professional qualification such as CPA (K), ACCA, CIA, or equivalent is mandatory or highly preferred.

• Minimum of 3–5 years’ experience in internal audit, preferably within a healthcare or regulated environment.

• Strong knowledge of internal controls, auditing standards, fraud risk management, and healthcare operations.

SKILLS & COMPETENCIES

• High level of integrity, independence, and confidentiality

• Strong analytical, investigative, and problem-solving skills

• Excellent report writing and presentation abilities

• Strong attention to detail and ability to meet strict deadlines

• Effective interpersonal and communication skills

• Proficiency in hospital information systems and Microsoft Excel

KEY INTERACTIONS

Internal Contacts:

• Executive Director

• Senior Management Team

• Clinical and Support Units

External Contacts:

• Regulators

• External Auditors

• Insurance Providers

• Social Health Authority (SHA)