BDO NORDIC. Investigation, fraud prevention and computer forensics. You can guess. You can assume. Or you can know. And knowing is always better.

Transcription

1 BDO NORDIC Investigation, fraud prevention and computer forensics You can guess. You can assume. Or you can know. And knowing is always better.

2 CONTENT OUR SERVICES 3 Investigation - Identifying the facts 6 Fraud prevention 9 Computer forensics 13 OUR TEam 15

3 NORDIC FORENSIC SERVICES // INVESTIGATION, FRAUD PREVENTION AND COMPUTER FORENSICS 3 OUR SERVICES INVESTIGATION Investigations into fraud and irregularities FRAUD PREVENTION Whistleblowing Anti-corruption (UK Bribery Act and FCPA) Ethical Due Diligence/Background Screening forensic Collection Recovery and Review COMPUTER FORENSICS Examination and Analysis Consultancy BDO of Norway, Sweden, Denmark, Finland and Iceland work closely together in order to enhance value for our clients. Together we provide all the competence and skills needed to protect our clients from fraud and irregularities. This publication focuses on the investigation of alleged irregularities and how to prevent such incidents from happening. Contact details for the Nordic area: BDO Norway forensic@bdo.no BDO Sweden forensic@bdo.se BDO Finland forensic@bdo.fi BDO Iceland forensic@bdo.is BDO Denmark forensic@bdo.dk

4 You can guess You can assume Or you can know And knowing is always better

5

6 6 NORDIC FORENSIC SERVICES // INVESTIGATION, FRAUD PREVENTION AND COMPUTER FORENSICS Investigation Identifying the facts the tool for making the right decisions Getting your facts right is the most important basis for making the best possible decision. When difficult decisions are to be made, these decisions need to be based on the best possible factual basis. If there is a suspicion of fraud or any other type of irregularities it is of paramount importance to establish the facts. Most often, major financial assets are at risk. Without having established the actual facts, the risk of making the wrong decisions increase, often resulting in further financial losses. Investigations are all about identifying, establishing and describing all relevant issues in relation to a particular incident. Investigations further point to why incidents occur. An investigation can identify loopholes in your internal control, suggest how to address these and as such reduce both operational and financial risk. Investigations are not only a tool to be used in order to confirm or quash allegations. An investigation will also in most cases provide the answer to whether company policies and regulations are being adhered to, and if internal control measures are in place. It will also provide an overview of the risks for financial irregularities in the organisation. An investigation provides clear insight into your organisation s status within a wide range of important areas. Our staff are trained and experienced as lawyers, police officers, forensic accountants and economists and are among the leading professionals within their areas of expertise. Collectively, we cover all the phases of an investigation from planning and acquiring information, describing facts, making assessments and recommendations and, where relevant, identifying assets and securing possible claims for compensation. Several of our team members have been employed in international organisations and have extensive experience from conducting investigations internationally. BDO s Investigation Methodology BDO s methodology for conducting investigations is based on recognised principles and standards for best practice combined with extensive field experience. In this context it is important to highlight that no investigation scenarios are identical, necessitating a tailored approach to each investigation. Despite the bespoke nature of each investigation, each process comprises a set of elements detailing the methodological basis for its implementation, i.e. how to conduct an investigation.

7 NORDIC FORENSIC SERVICES // INVESTIGATION, FRAUD PREVENTION AND COMPUTER FORENSICS 7 PRELIMINARY STAGE BDO s INVESTIGATIVE METHODOLOGY SECURING OF INFORMATION DOCUMENTATION & ANALYSIS REPORTING Plan Secure assets Collect & analyse relevant documentary evidence Prepare draft report Identify key competencies Secure information Collect & analyse relevant electronically stored evidence Undertake contradiction Select key resources Protect privacy Conduct interviews Deliver final report Evaluate limitations Analyse findings Organise Assess CONTINUOUS QUALITY ASSURANCE Planning When conducting an investigation, the initial planning stage and determination of scope is crucial. Here, foremost investigative resources utilised are consistent with the skills required. Each with a clear understanding of the objectives at hand, his/her respective task(s) and engagement deadlines. The investigation is defined by its engagement terms and any steps undertaken must be deemed relevant to the gathering of information that falls within this scope. Securing Evidence and Assets The securing of evidence to prevent the disappearance, destruction or manipulation of essential information is of paramount importance in the initial stage of an investigation. This applies to both hardcopy documentation as well as electronically stored information. Securing electronically stored information for subsequent analyses must be carried out in a manner that removes any doubt of tampering, to ensure the secured information consequently reviewed is identical to that which was originally secured. One may here consider whether to secure assets for future claims against companies and individuals. The securing of financial assets through legal measures for use in future claims against companies and/or individuals will be considered in cases where deemed relevant. BDO has both the experience and skills required in securing such assets.

8 8 NORDIC FORENSIC SERVICES // INVESTIGATION, FRAUD PREVENTION AND COMPUTER FORENSICS Information Gathering The process of gathering information is carried out through the identification and collection of documents, electronically stored information and through interviews with witnesses and alleged perpetrators. Obtaining expert opinions from recognised specialists may also be relevant and beneficial, depending on the nature of the investigation. Securing and analyzing electronically stored information necessitates particular care and expertise, and must be performed in accordance with applicable laws and regulations, hereunder the Data Protection Act. Information Analysis This analysis consists of the classification of gathered information, and the comparison and evaluation of evidence related to one or more incidents. A continuous assessment of information requirements is conducted, evaluating the sufficiency of the gathered evidence in accurately describing relevant events, and if additional information is required. Should information discrepancies occur when establishing the factual basis for accurately describing relevant events, the possible causes for deviation(s) are evaluated. In such cases, an analysis of current information sources and/or additional individuals who may benefit the investigation by providing further relevant information is carried out. Such analyses often contain numerous components and sources. Report Preparation The drafting and preparation of reports is an ongoing process throughout any investigation. This best ensures the continuous monitoring of the project s status, progress and findings. It also facilitates the timely implementation of necessary quality assurance measures throughout the process. Continuous report preparation also enables a more accurate description of investigation methods employed at each engagement phase, to be presented in the final report to our client. Contradiction Prior to submission of the final report to our client, a contradiction process occurs on behalf of parties who, where applicable, have contributed significant information to the investigation and/or may affect the accuracy of the factual evidence presented in the final report. A process of contradiction is a significant measure in assuring the accuracy of all factual descriptions in the final report, and serves to fortify the integrity of the assessments presented. Final Report The investigation concludes with a final report, comprising the following: A description of the investigation s mandate and scope An overview of the resources utilised A description of the methodology employed to conduct the investigation A detailed description of all relevant factual findings An explanation as to the occurrence of any irregularities Legal (incl. of tort) assessments of identified crime, and contractual assessments as to the possible withholding of means and/or the reimbursement of disbursed funds A summary of the investigation s findings, assessments and recommendations put forth All statements and conclusions in the final report will be thoroughly documented. It is important to highlight the fluid nature of any investigation, whereby phases do not have a distinct end followed by an automatic and definite phase cessation. The implementation of the BDO methodology ensures the continuous search for, evaluation and analysis of additional information prior to the completion of the final report. Specialised Services We also provide the following specialised service lines as a part of our investigative services: Business restructuring & Bankruptcy investigations Insurance claims Litigation support Manipulated accounting Expert witness services

9 NORDIC FORENSIC SERVICES // INVESTIGATION, FRAUD PREVENTION AND COMPUTER FORENSICS 9 FRAUD PREVENTION With full support from an organisation and proper implementation, an effective anti-fraud program may serve to significantly reduce the risk of fraud and increase the likelihood that, if fraud does occur, it will be detected at an early stage. BDO s fraud prevention services assist in promoting best practices designed to promote an environment that reduces the risk of fraud and allows it to be exposed early should it occur. An anti-fraud program can help an organisation identify, remediate and monitor the specific risk factors that set the stage for fraud. Based on BDO s investigative experience, certain conditions involving a lack of awareness or inadequate practices can create a fertile environment for fraud within an organisation. Such conditions include: Lack of awareness of fraud risk factors Inadequate control activities for identified fraud risks Insufficient knowledge of the warning signs of fraud Inadequate screening practices (for employees, suppliers, and customers) Insufficient understanding of ethical duties at all levels Ineffective mechanisms for reporting and investigating fraud Inadequate board and audit committee oversight BDO s fraud prevention services are designed to identify and address the above conditions so that an organisation can proactively manage its fraud risks. An organisation may implement individual fraud prevention elements or a comprehensive anti-fraud program.

10 10 NORDIC FORENSIC SERVICES // INVESTIGATION, FRAUD PREVENTION AND COMPUTER FORENSICS Contigent upon a company s geographical area of operation, most companies are now obligated to introduce anticorruption measures within their organisation in response to current legislation such as the FCPA and the UK Bribery Act. BDO has extensive experience in the effective management of whistleblowing cases, as well as in the establishment of warning systems for clients that ensure compliance with anticorruption measures and legislation. internal communication and is beneficial to an organisation s reputation. Our Whistleblowing Service is tailor-made to each client and operated by experienced personnel, ensuring the best advice available to the client and the individual whistleblower. In close interaction with our client we compose the procedures and assist in the implementation process. BDO Whistleblowing Services BDO provides whistleblowing services to both the private and public sector. Well integrated and quality assured whistleblowing hotlines are recognised as the single most important and effective measure in preventing and detecting illegal or damaging practices in the workplace. An effective whistleblowing mechanism raises awareness, strengthens Our service never stops, and whistleblowers may notify us from any location with an internet connection on a 24/7 basis. We offer multiple channels of communication; meetings in person, telephone, , mail by post or a bespoke web-based reporting system. We guarantee anonymity if requested by the whistleblower, and personal data protection procedures are an accompanying and integrated part of our whistleblowing service package. Whistleblowing Services Whistleblowing Services WHISTLEBLOWER BDO BDO CLIENT CLIENT Electronic web form Receive & register message Consultation & recommendations Internal evaluation Evaluate message Investigation Mail Preventive measures Telephone BDO / CLIENT Meeting Information / feedback to whistleblower (if not anyonymous)

11 NORDIC FORENSIC SERVICES // INVESTIGATION, FRAUD PREVENTION AND COMPUTER FORENSICS 11 Know who you are doing business with! Anti-Corruption (UK Bribery Act and FCPA) It is important to be aware of the increasingly stringent and expanding anti-corruption regulations and the new efforts to bring light to unethical or hidden relationships that involve risk of corruption. You should be sure that you know your customers, your business partners and your employees. BDO aids businesses in developing a strong resistance to corruption and to comply with anti-corruption regulations from government and quasi-governmental authorities. The consequences of police investigations or media attention based on allegations of corruption is often severe and may result in liability, reputational damage, significant fees, criminal penalties and prosecution of individuals and/or the organisation. Building an anti-corruption culture necessitates active involvement by the Board of Directors and top management level in ensuring accountability and quality assurance. Our team of experts has experience from assisting business entities, organisations and the public sector in mitigating the risk, investigating allegations of corruption and designing and implementing anti-corruption policies and the training of staff. Developing procedures to address anti-corruption issues whilst retaining employees, agents, consultants or other business partners is one of several measures necessary to ensure that you know your business partners and employees. We assist business entities in complying with the requirements of the UK Bribery Act / Foreign Corrupt Practices Act (FCPA) and in raising awareness of the increased risk of doing business abroad. BDO provides experts from various jurisdictions to ensure the best results for our clients. Ethical Due Diligence / Background Screening The integrity of existing and potential business partners is of great significance to the majority of organisations. The reputation of a business entity is heavily connected with the performance of its business partners. This is partly why risk to reputation and liability resulting from the performance of business partners are of urgent concern. Our professionals have successfully assisted clients in identifying risk of unethical behaviour prior to entering into agreements with business partners. BDO has developed standards for Ethical Due Diligence and Integrity Audit as tools for assessing the integrity risk when investing, choosing suppliers, hiring employees or engaging in business agreements. The checklists utilised for the examinations made, depends on the aim and the importance of the integrity issues at hand. We recognise that examining the integrity of a new business partner poses different needs and challenges compared to that of investigating a socially responsible investment.

12 12 NORDIC FORENSIC SERVICES // INVESTIGATION, FRAUD PREVENTION AND COMPUTER FORENSICS The tools we use utilise our clients access to knowledge of the following integrity issues for new business partners: General background and reputation for the business and the top management level Code of ethics and implementation of ethical programme Monitoring and assurance of accountability Responsibilities to shareholders and stakeholders In order to identify potential risks prior to entering into important business arrangements, we often perform an enhanced ethical due diligence. This may consist of the following activities (reliant upon the case scenario and the availability of information within a country): Media and internet searches (both domestic and international), checking for adverse publicity impacting reputation Litigation, bankruptcy and law enforcement checks Company records, directors and shareholder checks Global Compliance Checks based on comprehensive databases containing information on individuals and companies being banned, censured or listed by governments, non-governmental agencies or multilateral organisations The provision of business intelligence from informed sources Local investigation We provide our clients with a detailed report that elaborates on the tasks conducted and whether any risks or red flags have been identified. BDO recognises the growing demand for integrity checks and due diligences in ensuring corporate responsibility for environment and health & safety risk as well as the risk for corruption and fraud.

13 NORDIC FORENSIC SERVICES // INVESTIGATION, FRAUD PREVENTION AND COMPUTER FORENSICS 13 COMPUTER FORENSICS It is our experience that important factual documentation, to a large extent is gathered through the identification and review of electronically stored information. Our Computer Forensics services play a major role in supporting investigations and fraud prevention services. We also provide stand-alone Computer Forensics Services to law firms and companies in litigation processes. Computer forensics includes the process of imaging and examining electronic storage media and electronically stored information. The purpose is to identify and analyse available, deleted or hidden information that is essential in order to describe a correctly factual basis. The choice of method and procedure will depend on the situation and purpose of any investigation. BDO has extensive experience in conducting such surveys in private investigation assignments/factual investigations and as expert witnesses. BDO s computer forensics professionals use tools and methods that are accepted and recognised in legal systems worldwide. Chain-of-custody documentation is prepared and maintained and quality control procedures are employed at critical points throughout an engagement. Such documentation will often be crucial for the electronic evidence to be used and accepted in a legal context. Data are generally secured as a mirror copy, which provides an identical copy of the relevant data including deleted material. For each mirror copy a digital checksum (MD5 Hash) will be generated which can be used against the original to verify the copy s integrity. We use state-of-the-art software and equipment used by leading players in the computer forensics segment worldwide, as well as by public regulatory bodies and law enforcement. In a complex investigation or during litigation, having to consider and handle digital evidence may seem like an added layer of complexity you could do without. Our team will manage the process for you, from the preliminary stages of the case through to its conclusion. We will ensure that you make the most of the electronic evidence available, providing maximum benefit in a cost effective manner. Services We Offer Initial Consultancy to ensure that the scope of the investigation is considered at the crucial nascent stages Forensic Collection collecting the evidence in a manner that ensures it is admissible in both criminal and civil courts of law Recovery and Review recovering deleted electronic documents, and provision of these and any other documents for review, including an on-line specialised and easy-to-use hosted platform Investigation and Analysis examining the evidence, such as determining computer usage patterns, recovering passwords and examining internet browsing habits Reporting providing expert testimony detailing our opinion of any analysis performed on the electronic evidence We offer resources with extensive experience from a variety of assignments in computer forensics. Many of our staff have, prior to joining BDO, significant experience from law enforcement and prosecution authorities. We believe that the firsthand knowledge of police tactics and investigation related to computer forensics will benefit our clients to act correctly in an emergency situation. Our staff can also act as an advisor for internal CERTs (Computer Emergency Response Teams). As a supplement to our Nordic computer forensics professionals, we have access to additional resources with high technical expertise on short notice through the international BDO network.

14

15 NORDIC FORENSIC SERVICES // INVESTIGATION, FRAUD PREVENTION AND COMPUTER FORENSICS 15 OUR TEAM NORWAY DENMARK ICELAND FINLAND SWEDEN ERLING GRIMSTAD PER SLOTH TINNA FINNBOGADOTTIR EILA KOIVU ANDERS BJÖRKLUND anders.bjorklund@bdo.se

16 CONTACT: BDO Norway BDO Sweden +46 (0) BDO Denmark BDO Finland This publication has been carefully prepared, but it has been written in general terms and should be seen as broad guidance only. The publication cannot be relied upon to cover specific situations and you should not act, or refrain from acting, upon the information contained therein without obtaining specific professional advice. Please contact BDO to discuss these matters in the context of your particular circumstances. BDO, its partners, employees and agents do not accept or assume any liability or duty of care for any loss arising from any action taken or not taken by anyone in reliance on the information in this publication or for any decision based on it. BDO Norway, BDO Sweden, BDO Denmark, BDO Finland and BDO Iceland are members of BDO International Limited, a UK company limited by guarantee, and forms part of the international BDO network of independent member firms. BDO is the brand name for the BDO network and for each of the BDO Member Firms. BDO Iceland forensic@bdo.is