Building Fraud Risk Assessment Into Planning

Size: px

Start display at page:

Download "Building Fraud Risk Assessment Into Planning"

Elizabeth Stewart
8 years ago
Views:

1 Building Assessment Into Planning (Session M202) The Conference That Counts March 16, 2015 (970)

2 ISSUE Brainstming s: Thinking Like A Thief Hey Boss Questions Three Categies Misappropriation Results Manipulation Cruption Results Manipulation FINANCIAL'RESULTS' OTHER'RESULTS' Examples: Cruption & Shadow Deals 1. Bribery 2. Kickbacks 3. Payoffs 4. Excessive gifts / entertainment 5. Bid-rigging 6. Exttion / blackmail 1"

3 SAS 99 Required audit project team brainstming session Chief'Audit'present'and'ac=ve' Homewk'is'assigned'in'advance' Many' Hey'Boss 'ques=ons' Distrust Planning Target Neutrality Trust Distrust Wk Target Neutrality Trust SAS 99 is mostly a state of mind Audit Psychology begin (plan) with the PRESUMPTION that a fraud incident has occurred Fake Vend: The is from a f services Funds disbursed by check, The check is deposited personal checking account of a The transaction is charged to Consulting Expenses in the accounting system What would it LOOK like? Symptoms Red Flags 2"

4 Steps Fake Vend: The is from a f services Funds disbursed by check, The check is deposited personal checking account of a The transaction is charged to Consulting Expenses in the accounting system looking vend /! Mailboxes,, etc. check f charges on cost center repts Check:! Clears too fast! Funny endsements! Geography (AICPA, ACFE, IIA, others) Fake Vend: The is from a f services looking vend / check f all first time Periodic little known Focus on service Verify receipt of goods services pri to payment ders Segregate duties Build in duplication Detection Steps Detection Fake Vend: The is from a f services looking vend / check f all first time Periodic little known Focus on service Verify receipt of goods services pri to payment ders Segregate duties Build in duplication Reconcile all bank accounts immediately upon receipt of the bank statement Examine all cancelled checks Periodically review all vends and s f existence and legitimacy REVIEW ALL MONTH END TRANSACTION REPORTS 100% Use Computer Data Mining Techniques to Surface Fraud s Fake Vend: The is from a f services Funds disbursed by check, The check is deposited personal checking account of a The transaction is charged to Consulting Expenses in the accounting system looking vend / check f charges on cost center repts Check:! Clears too fast! Funny endsements! Geography all first time Periodic verification of little known Focus on service Verify receipt of goods services pri to payment ders Segregate duties Build in duplication Reconcile all bank accounts immediately upon receipt of the bank statement Examine all cancelled checks Periodically review all vends and s f existence and legitimacy REVIEW ALL MONTH END TRANSACTION REPORTS 100% Use Computer Data Mining Techniques to Surface Fraud s Controls Detection Controls HARD CONTROLS Soft Controls Fraud Risk Fake Vend: The is from a f services looking vend / check f Control To Prevent all first time Periodic little known Focus on service Verify receipt of goods services pri to payment ders Segregate duties Build in duplication Control to Detect Reconcile all bank accounts immediately upon receipt of the bank statement Examine all cancelled checks Periodically review all vends and s f existence and legitimacy REVIEW ALL MONTH END TRANSACTION REPORTS 100% Audit Program Steps Look f indicats Test prevention control Test detection control NATURE, TIMING and EXTENT of AUDIT PROCEDURES 3"

5 Assessment: Key Elements 1. How might a fraud perpetrat exploit weaknesses in the system of controls? 2. How could a perpetrat override circumvent controls? 3. What could a perpetrat do to conceal the fraud? Four Steps 1. Exposure analysis 2. Assess probability and impact 3. Measure and track losses 4. Address identified weaknesses Exposure Assessment Myths 1. Once and done covers it 2. One group can do this alone 3. Cost isn t justified 4. We know our risks 5. It s not my job Say:' Managers''responsible'f'knowing'the' exposures'to'fraud'in'their'as,' and'f'promptly'detec=ng'and'rep=ng' suspected'wrongdoing. ' Managing the Business Risk of Fraud: A Practical Guide Brainstming Team 1. Finance and accounting 2. Business unit and operations 3. Risk management 4. Legal and compliance 5. Internal Audit and Inspect General 6. External consultants with fraud expertise Chief Risk Officer Questions, Comments, Feedback John J. Hall John@JohnHallSpeaker.com (970) "

Fraud Prevention: The Prevention and Detection of Fraud Begins with You

Fraud Prevention: The Prevention and Detection of Fraud Begins with You Takeaways What is fraud? Definition Facts Four factors Fraud risk assessment Four evaluation criteria Common fraud schemes Case studies