31 January — Recent corruption investigations involving senior civil servants have once again shaken public trust in Malaysia’s public institutions. While each case comes with its own legal and factual complexities, the persistence of such scandals points to serious governance challenges. Fraud and corruption in the public sector are rarely caused solely by individual wrongdoing. They often reflect weaknesses in oversight, accountability and risk management. Addressing these vulnerabilities requires not only ethical leadership but also strong governance systems supported by modern data-driven audits.
Good governance is fundamentally about managing public resources. It is based on transparency in decision-making, clear assignment of authority, effective internal controls and reliable assurance mechanisms. When these factors are strong, opportunities for fraud are suppressed. However, areas where they are weak, particularly high-value and discretionary areas such as procurement, defense spending, and major infrastructure projects, can increase the risk of corruption. A recent Malaysian incident involving a senior army officer shows that gaps in governance, rather than a lack of rules, often create conditions for abuse.
Machine learning tools can learn from past fraud incidents to improve risk scoring and flag transactions and entities that deviate from expected behavior. — Reuters Photo
Auditing is the cornerstone of this governance framework. However, in a public sector characterized by complex transactions, digital systems, and large amounts of data, traditional approaches that emphasize retrospective compliance checks are no longer sufficient. International research consistently shows that audit quality improves when auditors adopt a risk-based approach supported by data analysis. Instead of sampling a limited number of transactions, auditors can analyze entire populations of payments, contracts, payroll records, and asset registers to identify anomalies that indicate potential fraud risk.
Data analysis allows auditors to detect red flags such as split procurement to circumvent approval standards, repeated awarding of bids to related vendors, unusual price fluctuations, unusual payment timing, and discrepancies between contract terms and actual deliveries. When combined with historical data, analytics can also identify emerging risk patterns across agencies, allowing auditors to prioritize high-risk programs before losses escalate. In this sense, analytics moves auditing from a reactive to a proactive function.
Artificial intelligence (AI) further enhances this capability. Machine learning tools can learn from past fraud incidents to improve risk scoring and flag transactions and entities that deviate from expected behavior. Network analysis can reveal hidden relationships between suppliers, authorities, and intermediaries that are difficult to detect through manual review. AI-powered continuous audit systems enable near real-time monitoring, reducing the lag between fraud and corrective action, a key element in stopping fraud.
Malaysia’s public audit institutions are beginning to move in this direction. The National Audit Office has publicly emphasized the introduction of technology-driven and data analytics-based audits to improve the efficiency, accuracy, and impact of audits, along with faster reporting and stronger follow-up of audit findings. These efforts reflect an important recognition that modern public sector risks require modern assurance tools, especially as public funds are increasingly managed through digital platforms.
However, technology alone cannot solve everything. Research shows that data analytics and AI do not work as standalone solutions. Rather, it reflects and strengthens the underlying strengths of the governance system. If governance structures are robust, these tools can enhance monitoring and early detection. Weak governance simply exposes existing deficiencies, rather than fixing them, and may even make them worse. To be effective, digital audit tools must be embedded within healthy organizational arrangements.
Therefore, several policy directions deserve priority. First, the audit plan must be clearly risk-based, with a high degree of discretion and a continued focus on high-value activities. Second, investments in analytics and AI must be matched with investments in auditor competency, professional judgment, and ethical training. Third, integrating data across procurement, finance, human resources, and asset systems is essential to ensure reliable analytics. Fourth, audit findings must be accompanied by mandatory follow-up and results management. This ensures that red flags lead to corrective action rather than repeated observations. Finally, leadership commitment and a strong tone from the top remain essential to creating an organizational culture that does not tolerate corruption.
After all, combating fraud and corruption in Malaysia’s public sector is not just a technical challenge, but also a governance issue. By aligning strong governance principles with risk-based auditing and the responsible use of data analytics and AI, Malaysia can move beyond reactive incidents to a more resilient proactive integrity system. Although such an approach may not completely eliminate corruption, it can significantly raise the cost of wrongdoing and, in doing so, help restore public confidence in the institutions entrusted with state resources.
*Noor Adwa Sulaiman is an Associate Professor in the Department of Accounting, Faculty of Business and Economics, University of Malaya, and can be contacted at: [email protected]
*This is the personal opinion of the author or publication and does not necessarily represent the views of the author or publication. Malay email.
