The Strategy to Optimize the Role of Government Internal Supervisory Apparatus (APIP) in Procurement Fraud Risk Management in Industry 4.0

Many challenges confront the efforts to build procurement fraud risk management in Industry 4.0. This study aims to assess the risk of procurement fraud in industry 4.0 and disclose strategies to optimize the role of internal auditors in mitigating these risks. The mixed-method has been conducted with data on procurement fraud risks generally accepted by government agencies. A survey involving 140 respondents and interviews with five experts have been completed. The risk assessment in the research findings involved seven procurement fraud risks, with "collusion between providers in e-tendering" ranking the highest. Procurement management must detect and prevent fraud by creating anti-hacker applications, conducting data analytics on business ownership, and ongoing monitoring. Internal auditors must undertake fraud prevention by improving their ability in data analytics, encouraging probity plans, and procurement assistance. Fraud detection is carried out through performance audits using computer-assisted audit techniques, probity audits, information technology governance audits, continuous audits, data analytics, and internal auditor integrity assessments through surveys to the auditee.


INTRODUCTION
Governance, risk management, and internal control (GRC) should be established and implemented to support the achievement of organizational goals. Internal auditors play a critical role in assessing the effectiveness GRC process and contributing to its development (Anderson, Head, Ramamoorti, Riddle, Salamasick, & Sobel, 2017). In 2014, the Audit Standard for the Indonesian Government Internal Auditor (Standar Audit Auditor Intern Pemerintah Indonesia, SAAIPI) granted credentials to the Government Internal Supervisory Apparatus (hereinafter referred to as APIP). The mandate is to evaluate the GRC of government agencies, including government procurement and activities (Kamal & Nasarudin, 2020). However, one of the research findings showed that the role of APIP in evaluating GRC only constituted 52.5% of the SAAIPI mandate (Purnomo, 2017). Furthermore, the Finance and Development Supervisory Agency (Badan Pengawasan Keuangan dan Pembangunan, BPKP) monitoring results as of June 2019 showed that APIP's capability falls under the category of Level 3, constituting 54.14% (Elim, 2019). This implies that most APIP has not been able to play an essential role in risk management. Risks are potential events that could negatively influence the achievement of goals, for instance, fraud committed by employees (Anderson et al., 2017). The condition of APIP's current capability level confirms the result of a survey conducted in 2016 demonstrating that internal auditors have not been performing optimally in disclosing fraud (ACFE, 2017). Meanwhile, the ineffectiveness of APIP could fall under the opportunity component in the fraud triangle (Mackevičius & Giriūnas, 2013).
In terms of locus, the result of the survey revealed that finance, operations, and procure-ment departments ranked the highest as three fraud perpetrators in the workplace (ACFE, 2017). Those three departments represent the procurement environment. Corrupt practices manifest themselves in various forms, including fraud (ACFE, 2020). Corruption in procurement ranks second as a criminal act. There are 21.20% or 188 out of 887 corruption-related cases in procurement, with an increasing trend gradually from 2014 to 2018 (KPK, 2019).
The trend is still potentially increasing due to performance target (including in procurement), which is under pressure to be achieved or due to risk factors in the fraud triangle (Free, 2015;Vona, 2008). More than 60% of risk owners (which constitute the highest) in procurement risk are leaders (Kamal & Elim, 2018) who will be accountable for performance achievement. However, the evidence reveals that 40.3% (the highest) of fraud perpetrators are managers (ACFE, 2017). In addition, lack of leadership commitment to enforcing the Government Internal Control System (Sistem Pengendalian Intern Pemerintah, SPIP) also becomes an obstacle in increasing the SPIP's maturity level (BPKP, 2016). Such problems bring consequences. Monitoring results by BPKP in June 2019 disclosed that 60.19% of central government or local government agencies have SPIP's maturity levels below level 3. Most of those agencies have not yet understood and undertaken a risk assessment, an element in SPIP (Kamal, 2020). An ineffective internal control system can be viewed as an element that is classified as the opportunity element in the fraud triangle (Kassem & Higson, 2012;Didi & Kusuma, 2018;Subagio, 2016;Vona, 2008).
The explanation given above reflects that the existing APIP capability has not yet been ideal in handling the corruption trend of the Procurement of Public Goods and Services (Pengadaan Barang dan Jasa Pemerintah/ PBJP, hereinafter referred to as public procurement) and the weak maturity level of SPIP in most government agencies. Portrait of trident weaknesses (APIP, Public Procurement, and SPIP) became empirical evidence of fraud theories. Fraud cases in the past are a part of the fraud triangle's opportunity that will affect the increasing occurrences of fraud cases in the future (Vona, 2008). The phenomenon and the survey result showed an increase in the average duration of the frauds since they occurred until their detection, which lasted for 12 months in 2016 (ACFE, 2017) to 14 months in 2019 (ACFE, 2020). The government sector is often the ones most harmed by fraudulent activities (ACFE, 2017).
Given the preceding, this presents a significant challenge for the APIP to undertake a substantial role to "add value" and improve operations (Anderson et al., 2017) to reduce organizational weaknesses. Therefore, the role of APIP in handling frauds in public procurement must be strengthened. In this case, it is highly recommended for public procurement management to implement governance, risk management, and internal control. Risk management development should consider public procurement policy and the government procurement ecosystem (Kamal & Elim, 2018). Provisions on public procurement are outlined in Presidential Regulation Number 16 of 2018 (Perpres 16/2018) on Public Procurement and regulate the use of information technology and e-marketplace development. Perpres 16/2018 introduces the digital era for public procurement.
Big data is a business process characteristics in the digital era. Data-based management has changed the type of transaction evidence types and the capacity or volume of data (Wibowo, 2020). The traces of computer information processing are not always in paper form but in the form of soft media that can be read through computers (Panuntun, 2020). The use of information technology opens access to information technology risk (Anderson et al., 2017;Panuntun, 2020). An error in establishing a database connection or when a database server is down is one example of the highest risk (Rilyani, Firdaus, & Jatmiko, 2015). The industry revolution development of 4.0 drives the transformation of internal auditors' role in assuring management (Asad, Tarjo, & Musyarofah, 2019). Auditors should pay attention and consider risk management of inherent fraud risk of public procurement within the digital business process.
There was research on the risk of public procurement fraud and internal auditors. Sixtysix fraud risks were identified in the public procurement (Alfian, 2015). Meanwhile, according to Kamal's (Kamal, 2019) research, the public procurement fraud risks map revealed 58 risk identification factors and their risk. However, neither research has linked public procurement with the industry 4.0 and has not touched upon the role of APIP in that regard.
Fraud risk assessment needs to be undertaken prior to the procurement implementation (Jackson, 2013). A "Fraud Risk Management in COSO Framework" was developed in 1992, 2013(Hussaini & Bakar, 2017. From the point of view of internal auditors, APIP has not undertaken risk management evaluation for any assignments (Purnomo, 2017) even though improving public procurement's governance process requires strengthening audit and control (Kamal & Elim, 2018). Control structure should be implemented by applying the Three Lines of Defense approach (Asad et al., 2019).
The use of analytical audit (information technology) increases internal auditor performance (Li, Dai, Gershberg, & Vasarhelyi, 2018), albeit only a few governments inter-nal auditors have the competence in technology information (Panuntun, 2020). That being said, there are IT risks (Rilyani, Firdaus, & Jatmiko, 2015) and an evil conspiracy in etendering (Muniroh & Kamal, 2018). However, the fraud risk assessment in public procurement has not been put into effect accordingly.
Based on the explanation above, a conclusion has been drawn that there are two gaps between APIP's mandate to assess fraud risks and APIP's current capability. Therefore, research on the role of APIP in the management of fraud risk in public procurement in industry 4.0 was conducted. With this in mind, the following research questions were developed: 1. How was risk assessment for fraud risk in public procurement in industry 4.0 conducted? 2. What is the highest fraud risk level of public procurement in industry 4.0? 3. What are the strategies undertaken by the procurement practitioners to mitigate fraud risk in public procurement in industry 4.0? 4. What are the strategies undertaken to optimize the role of APIP in mitigating fraud risk in public procurement in industry 4.0?
Thus the objectives of this study are to assess the fraud risk of public procurement in industry 4.0 and determine the highest fraud risk level of public procurement in industry 4.0. Furthermore, to determine strategies that procurement practitioners require in mitigating fraud risk and strategies in optimizing the role of APIP in mitigating fraud risk of public procurement in industry 4.0. This study is expected to make a valuable contribution to the relevant parties. This study may serve as scientific literature for the academic community, particularly on studies related to fraud risk management and their approach to mitigating fraud risks in public procurement. This study could refer to fraud risk management in public procurement and strategies to mitigate fraud risks for procurement practitioners. Concerning BPKP and APIP, this study could be utilized as an input in supervising SPIP's maturity level, enhancing APIP capability, and developing an audit program to audit public procurement. In connection with central and local government agencies, this study could contribute to developing governance policies related to anti-fraud, credibility, and accountability of public procurement.

LITERATURE REVIEW
In this research, three theories are applied: the Fraud Triangle, Fraud Risk Management, and Internal Audit Roles. The fraud triangle theory revealed three components of Cressey's fraud triangle, notably: pressure, opportunity, and rationalization (Anderson et al., 2017;Free, 2015;Mackevičius & Giriūnas, 2013;Mohd-Nassir, Mohd-Sanusi, & Ghani, 2016;Vona, 2008). The occurrence of fraud is driven by the existence of the components mentioned earlier, both individually and collectively (Mohd-Nassir, Mohd-Sanusi, & Ghani, 2016). An example of fraud driven by pressure is a performance target that must be achieved individually and by the organization (Clinton, 2015;Vona, 2008).
Opportunity as a component of the fraud triangle can be understood as follows, first, historical fact of fraud experience (Vona, 2008). Secondly, lack of management commitment in assessing fraud risk management (Vona, 2008). The implementation of risk management can reduce corruption occur in the future (Rieneke, 2017). Thirdly, ineffective internal control system (Kassem, & Higson, 2012;Didi & Kusuma, 2018;Subagio, 2016;Vona, 2008), and finally, ineffective supervision by the supervisor or the Government
Based on the development of some opportunity aspects of the Fraud Triangle, fraudulent acts can be reduced by putting fraud risk management into effect. Therefore, fraud risk management theory is necessary to develop public procurement of goods and services fraud risk management. Fraud risk management of public procurement in industry 4.0 can be undertaken utilizing adopting risk management theory developed by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). The fraud risk management of the CO-SO Framework was developed in 1992, 2013, and 2016 correspondingly, and there are five steps in the "2016 COSO Fraud Risk Management Guide" (Hussaini & Bakar, 2017;Anderson et al., 2017). Those steps include establishing fraud risk governance policies, performing a fraud risk assessment, designing and deploying fraud detective and preventive control activities, conducting investigations, and monitoring and evaluating the fraud risk management program.
Fraud risk management should be supported by organizational policy. Perpres No. 16/2018 governs the use of information technology and e-marketplace within the public procurement policy. The consequence of utilizing both the information technology and emarketplace is the exposure of information technology risk (Anderson et al., 2017;Panuntun, 2020). For that reason, consideration must be given to IT risks in the 4.0 era. Furthermore, ethical conduct of public procurement also revealed that procurement practitioners must not under any circumstances be involved in any conflict of interest. If a conspiracy in e-tendering or eselection transpires, the Selection Working Group has the authority to cancel or abort a bidder involved in the collusion. Auditors must always take into account any fraud risk that might occur. Public procurement, a part of government governance, must also be established according to the Government Internal Control System (according to the mandate under Government Regulation Number 60 of 2008). Looking at the maturity level of SPIP and the level of corruption trend, the auditors shall conclude that government agencies must take public procurement fraud risk assessment very seriously.
Assessing fraud risk is a second element of the "2016 COSO Fraud Risk Management Guide" process. The initial focus of risk assessment is the inherent fraud risk within the business process (Vona, 2008). The business process of public procurement is currently in digital form in conformity with mandatory information technology requirements and e-marketplace. As a result, the development of fraud risk management must capture any inherent risk in the digital process of public procurement.
There are two risk identification approaches, namely prospective and retrospective. Prospective risk is a risk identification that has not happened yet but has a chance of happening in the future. Retrospective risk is an event that has already occurred before. The sources of retrospective risk can be found in the audit report, accident lists, professional media (BPKP, 2010). Literature review (reports and previous studies) can be used to identify public procurement risk fraud in industry 4.0.
Moreover, the effectiveness of risk management is a critical area that must be evaluated by the internal auditor (Anderson et al., 2017). This matter indicates that APIP must assess fraud risk management of public procurement. Fraud theory must be embedded in the audit program arranged by internal auditors (Vona, 2008). From this point forward, the internal audit theory should be disclosed in fraud risk manage-ment in the context of public procurement of goods and services. The definition of internal auditing from the Institute of Internal Auditor version is as follows.
"Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes." (Anderson et al., 2017).
Based on the definition, there are two keywords that one should take note of: to add value and improve the organization's operation in risk management, control, and governance process. Given the context of public procurement, the questions that should be raised are: First, how can internal auditors add value in practicing public procurement fraud risk management? Secondly, what kind of improvement can internal auditors contribute to in the operation of public procurement to achieve the government agencies' objectives? Thirdly, what kind of roles can the internal auditors play in order for organizations to achieve good public procurement governance? The three questions above are key areas that internal auditors must consider to add value and improve operations (Anderson et al., 2017) in public procurement fraud risk management in industry 4.0.
The role of internal auditors in Enterprise Risk Management (ERM) is divided into two: core internal audit concerning ERM and legitimate internal audit role with safeguards (Anderson et al., 2017). The first role is related to assurance activities. The second role is related to consulting activities. Some examples of assurance activities are assuring the risk management process, ensuring that risks have been evaluated correctly, evaluating the risk management process, evaluating key risks reports, and reviewing key risks management. Some examples of consulting activities are (1) Facilitating risks identification and evaluation; (2) Coaching risks responses; (3) Coordinating ERM activities; (4) Consolidating risks reports; (5) Developing risk management framework; (6) Work towards the establishment of organizational risk management; and (7) Developing ERM strategy for the top management's approval.
Information technology has changed everything from the strategy the operation to decision making. Information technology brings consequences to the transformation of GRC. Without using information technology, internal auditors would not evaluate governance, risk management, and internal control effectively. The internal auditor must understand better the control map of business process and risk organization in industry 4.0, as seen in Figure 1. Strategies undertaken by APIP should follow the quadrant of the condition map. In the government sector, the function of internal auditors in providing assurance should undergo evolutionary developments, such as in the business environment. The development of industrial revolution 4.0, such as new technology, geopolitics, and cybersecurity, brings consequences that compel APIP to transform audits (Asad et al., 2019).

RESEARCH METHOD
This study uses a mixed-method with triangulation approach to answering four research questions, as illustrated in Figure 2. Triangulation can be performed in several ways, including triangulation theory, source of triangulation, and triangulation method/ procedure (Bachri, 2010;Weyers, Strydom & Huisamen, 2008). The purpose of triangulation is to contribute through the study of phenomena from multiple perspectives and is expected to produce new findings with deeper dimensions. A combination of qualitative and quantitative methods can be used in triangulation. Various data collection techniques are used by study documents, questionnaires, interviews, and observations, whereas data analysis can use content analysis, descriptive and/or inferential methods, and statistics (Abdalla, Oliveira, Azevedo, & Gonzalez, 2018). Primary and secondary data are used in this research. Sources of pri-mary data are verbal data from informants relating to research, while secondary data sources are data obtained from graphic documents and others that can enrich primary data (Arikunto, 2014).
Figure 2 revealed four stages in the research process: theoretical studies, literature studies, and previous research studies, data processing surveys, and interviews with experts. The review of the theories, as mentioned earlier, has been elaborated in the literature review. Literature studies and previous research studies were conducted to provide a clear and robust scientific footing and determine the positioning of this study in the field of research. From several previous studies, it was revealed that this research had an important positioning in novelty research with arguments as follows: 1. Research on the role of APIP in public procurement fraud risk management in industry 4.0 has never been conducted;
2. The triangulation methods in fraud risk management research have never been applied (in the triangulation of theories, data, and methods).
Fraud risk data on public procurement were obtained from literature studies and previous researches. The risks description obtained is general or potential risks in all government agencies in the e-government era. Public procurement in question is limited to processes that have been in e-marketplaces, especially e-tendering. The risk description will be a core part of the questionnaire. The focus of the question is on the likelihood and the impact levels of risk. The risk level assessment criteria will use a Likert scale of 1 to 5 (Anderson et al., 2017). Respondents will assess fraud risk in public procurement through an online survey using a google form. Respondents were selected from stakeholders related to public procurement (Kamal, 2019).
The survey questionnaire results will be tested, such as normality of the distribution of answers, reliability, and validity using the SPSS application. The result would constitute public procurement fraud value level in industry 4.0 and its rankings. The level of risk handled is a level of risk that exceeds risk appetite. This study uses the assumption of risk appetite for fraud according to the Minister of Finance Regulation Number 12 of 2016 (PMK No. 12/2016), which is "≥ 4".
The risk assessment results will be used as information for experts to determine the appropriate procurement of goods and services fraud risk management strategy. Experts in fraud, risk management, and/or internal audit are needed to provide opinions in handling public procurement fraud risks in industry 4.0. Experts were interviewed using Google online forms with open questions. The interview technique was also used in this research on reorienting the role of APIP in eradicating corruption (Asad et al., 2019).

Identification of Public Procurement Fraud Risk in Industry 4.0
Public procurement fraud risk identification in industry 4.0 covers public procurement fraud risk areas performing digitalization.
Those seven risks will be analyzed for their likelihood and impact levels through a questionnaire. There are three groups of questions, which encompasses: 1. Assessment of the seven public procurement fraud risks levels in industry 4.0; 2. The role of APIP, which is critical in the development of public procurement fraud risk management in industry 4.0; and 3. APIP's experience utilizing Computer Assisted Audit Techniques (CAAT) and most needed CAATs in public procurement audit in industry 4.0.

The Results of Survey
One hundred forty respondents completed the google form within four days between 28 to 31 of May 2020. Demographic data of respondents are presented in Appendix 1. The SPSS histogram graph of answers from 140 respondents demonstrated a normal distribution occurring on questionnaire entries. Meanwhile, the reliability test revealed Cronbach's Alpha of 0.940 > 0.6 (minimum value of Cronbach's Alpha). This suggests that the research instrument is reliable.
In addition, the validity test of the questionnaire, as a whole, shows that 14 questions of likelihood and impact factors of the seven public procurement fraud risks have been significantly valid. The survey indicated that 37.14% (52 out of 140 respondents) believed that there had been fraudulent and corrupt acts in their institutions. The remaining 30% (42 of 140 respondents) had not yet joined any training in risk management. The descriptive statistics showed the mean of each likelihood and impact risk from 140 respondents. The result can be used to proxy the public procurement fraud risk's likelihood and impact levels, as shown in Table 1.
The table showed that the highest fraud risk level of public procurement in industry 4.0 was a collusion between providers in etendering/e-selection (9,06). The lowest fraud risk level of public procurement in industry 4.0 was cybercrime, piracy, hacker or vandalism in e-tendering/e-selection (5,41). Ministry of Finance Regulation Number 12 of 2016 regulated that tolerable risk was 4.0. Based on Table 1, the seven fraud risks were higher than 4.0. Therefore, all the fraud risks must be mitigated by prevention and detection efforts.

The Role of APIP is Most Needed by Procurement Practitioners
The survey revealed what is most needed from APIP in developing fraud risk management. The result showed that the role of APIP was the most needed (59,3%) by procurement practitioners by way of assisting in developing public procurement fraud risk management in industry 4.0, as shown in Figure 3.

Computer Assisted Audit Technique (CAAT)
The survey showed that APIP needs CAAT in conducting public procurement audits.

APIP Experience using CAAT Application
The survey results related to APIP CAAT competencies are presented in Figure 5. The result showed that 32.1% of respondents (or 45 of 140) did not understand APIP's experience in using CAAT. In comparison, 28,6% of respondents (or 40 of 140) did not have any experience in using CAAT. The remaining 26,4% of respondents (or 37 of 140) have had the experience using CAAT with SPSE 4.3 audit application.
The last survey result was unique. Given the pooling results in Figure 4 (116 respondents believe that APIP needs "SPSE 4.3 audit"), hence from the results in Figure 5, it can be concluded that there are 79 (116 -37) respondents who reveal that APIP requires  "SPSE 4.3 audit," but such has not been used accordingly. Furthermore, if viewed from the respondents' demographic data (Appendix 1), it can be revealed that there are 59 APIPs, while 37 mixed respondents or 26.43% revealed that they had used the SPSE 4.3 LKPP auditor module ( Figure 5). How many APIPs have used the SPSE 4.3 LKPP auditor module? The authors consider it necessary to explore this. The authors trace these results by sorting respondents who are only APIP (59 APIP in Appendix 1) from the raw data to strengthen the analysis of "APIP competency signals." Table 2 reveals that 17 APIPs have used the SPSE 4.3 LKPP auditor module, and 33 APIP respondents do not have CAAT competencies.

Expert Opinion of Public Procurement Fraud Risk in Industry 4.0
Furthermore, the risk assessment results were reviewed by experts through interviews. Interviews are done using google form with four open questions. Expert opinion is needed to provide insight for each description of procurement fraud risk. Five expert respondents were interviewed on June 1 and 2, 2020, and the data of expert respondents is presented in Appendix 2. The results of expert interviews regarding public procurement fraud risk in industry 4.0 revealed that experts provide opinions on risk management that are not directly related to each description and level of fraud risk. Expert opinion is more open to all public procurement fraud risks in industry 4.0.
Following the public procurement fraud risk assessment results in Table 1, four questions were given to the experts. The expert's answers for each question are categorized and presented in the Appendix. First, "what are the efforts/strategies of public procurement management undertaken to design public procurement fraud prevention controls?" The authors categorize the expert's answers as shown in Appendix 3. There are several fraud prevention strategies for public procurement management mentioned by the experts. Among others are (1) Formal and Substantial Integrity Treaty; (2) Development of applications for price surveys, antihacker and competition control in tenders; and (3) Strick sanctions for violations of public procurement's integrity, ethics, and principles.
The second question is, "what are the efforts/strategies undertaken by public procurement management to design public procurement fraud detection controls?" The authors categorize the expert opinion in Appendix 4. There are several frauds detecting controls for public procurement management. According to experts, fraud-detecting strategies for public procurement management include the development of whistleblower system application and data analytics, implementing data analytics with proper person and analysis of business social network ownership, and routine assessment by expert and continuous monitoring.
The third question is, "what are the efforts/ strategies for APIP to optimize its role in preventing public procurement fraud?" The expert's answers are categorized in Appendix 5. There are three strategies for APIP in preventing public procurement fraud in industry 4.0 due to the expert's opinion. Namely, developing competency of the APIP on CAAT, improving probity plan and fraud prevention organization structure, also assisting public procurement processing and documenting activities. The next question is, "what are the efforts/strategies for APIP to optimize its role in detecting public procurement fraud?" The authors categorize expert opinion in Appendix 6. There are several roles of APIP in detecting public procurement fraud, such as GRC performance audit with CAAT, probity, IT governance, continuous IT SPSE; APIP competency in identifying fraud and data analytics; and integrity assessment of APIP in the assignment, such as survey from auditee.
The expert opinion regarding the role of APIP in handling public procurement fraud risk is in line with the theory that supervisory institutions must be strengthened to prevent fraud (Mackevičius & Giriūnas, 2013). Internal auditors must have competencies in data analytic, big data, fraud data mining (Vona, 2008). They must keep up with the information technology development to play its core role, such as auditing (Anderson et al., 2017) with CAAT.
The Expert opinion is also in line with the result of the survey comprising 140 respondents, which reveals that APIP's primary role is to assist in public procurement fraud risk management. The majority of APIP also undertook training in CAAT competency ( Figure 3). In addition, expert opinion is also in line with the result of the research that APIP must transform by strengthening their capabilities in information technology (Asad et al., 2019) to improve its performance (Li et al., 2018).

CONCLUSION
Fraud risk assessment in public procurement in industry 4.0 can be performed in several stages. Identification of fraud risk is made through literature and regulations studies. Risk level analysis is held through surveys of government procurement stakeholders. There are seven types of fraud risks in public procurement with levels exceeding the appetite for fraud risk. The highest level of fraud risk is a conspiracy between providers in etendering/e-selection. This finding is in line with previous research, which has revealed that fraud risk assessment needs to be enforced prior to the procurement implementation (Jackson, 2013). The survey also proves that the majority of APIP requires CAAT development competency. This finding is in line with previous research, which revealed that supervisory institutions must be strengthened to prevent fraud (Mackevičius & Giriūnas, 2013), and internal auditors must have strong competencies in data analytics, big data, and fraud data mining (Vona, 2008) Fraud risk management strategies for management and APIP can be further developed. Experts reveal that management must take preventive measures by revitalizing integrity threats, building price surveys and antihacker applications, and enforcing strict sanctions for those committing violations against public procurement's integrity, ethics, and principles. Regarding the detection aspect, public procurement management must apply a whistleblower mechanism and analytical data on business ownership and social networks, along with expert reviews and ongoing monitoring.
APIP must increase its role in preventing and detecting public procurement fraud. Prevention measures undertaken by APIP could be done by increasing its ability to use CAAT, encouraging public procurement management for probity plans, and assisting in the processing and documenting of public procurement. APIP should play a critical role in fraud detection by auditing through CAAT for GRC performance, probity, IT govern-THE STRATEGY TO OPTIMIZE THE ROLE OF GOVERNMENT INTERNAL ... Mustofa Kamal, John Elim ance, and continuous IT SPSE. APIP should also enhance their ability to identify fraud and data analytics and assess the integrity of APIP through surveys to the auditor.
This finding has several implications. In terms of practical implications, APIP must improve their capability in order to "add value" and "improve operations" in organizations in industry 4.0, especially in handling public procurement fraud. Concerning theoretical implications, the findings of this study are an important contribution in the field of fraud risk management research in government agencies. In addition, further research on the evaluation and handling of fraud risk is very much needed.
This study has its limitations concerning the research object. The preceding does not directly represent the locus of government agencies. The selected public procurement fraud data were closely related to the digitalized public procurement process. Such limitation offers possibilities for further research.