LGMA Qld Governance and Corporate Planning Village Forum



Similar documents
Northern Grampians Shire Council FRAUD CONTROL PLAN

Internal Controls for Small Organizations. Jen Parker, CPA Director of Accounting & Finance US Youth Soccer

Policy-Standard heading. Fraud and Corruption Policy

Fraud and the Government Internal Auditor

Fraud Prevention Policy

AGA Kansas City Chapter Data Analytics & Continuous Monitoring

What is an integrated fraud control strategy, what are the implementation challenges

Commonwealth Fraud Control Guidelines Annual Reporting Questionnaire

FRAUD RISK IN PUBLIC PROCUREMENT NATIONAL PUBLIC ENTITIES RISK MANAGEMENT FORUM

Risk Management Strategy and Policy. The policy provides the framework for the management and control of risk within the GOC

Types of Fraud and Recent Cases. Developing an Effective Anti-fraud Program from the Top Down

FRAUD RISK ASSESSMENT

Risk Management Policy and Framework

The PNC Financial Services Group, Inc. Business Continuity Program

FEI Canada. Fraud Prevention. Presented by: Matthew McGuire and Leigh Beijer. Date:

SPG 223 Fraud Risk Management. June 2015

TITLE: Fraud Prevention and Detection Program IDENTIFIER: S-FW-LD-1008 APPROVED: Executive Cabinet (Pending)

Corporate Risk Management Policy

A Framework for Managing Crime and Fraud

COM-B-001. Group Standard Title: Business integrity standard. Function: Rio Tinto Compliance. No. of Pages: 20. Effective: Approved by ExCo:

Deloitte Forensic Fraud Risk Management

Mitigating and managing cyber risk: ten issues to consider

ACE elite fraudprotector

Fraud Control Theory

FRAUD RISK & INTERNAL AUDIT

Being protected Using data analytics to detect fraud

Does Fraud Matter? ASIS Middle East Security Conference and Exhibition Dubai, February 16, Torsten Wolf, CPP Head of Group Security Operations

Cyber Security - What Would a Breach Really Mean for your Business?

Confronting the changing face of economic crime

FRAUD PREVENTION STRATEGY FOR UGU DISTRICT MUNICIPALITY (UGU)

We believe successful global organisations can confront fraud, corruption and abuse PwC Finland Forensic Services

Audit Advisory Tax. RISK ADVISORY SERVICES GUARDING AGAINST FRAUD, THEFT AND CORRUPTION Forensic Services. The Leader for Exceptional Client Service

Fraud Prevention and Deterrence

Operational Risk Publication Date: May Operational Risk... 3

Supply Chain Fraud. CIPS Australasia

Fraud risk management. Report to Parliament 9 :

Operational Risk Management Policy

Care Providers Protecting your organisation, supporting its success. Risk Management Insurance Employee Benefits Investment Management

Cyber Security Evolved

Forensic Accounting: An Introduction

Informing the audit risk assessment Enquiries to those charged with governance Calderdale Council. Year ended 31 March 2013

Anti-Bribery and Corruption Policy

A GOOD PRACTICE GUIDE FOR EMPLOYERS

V1.0 - Eurojuris ISO 9001:2008 Certified

ENTERPRISE RISK MANAGEMENT POLICY

COMMONWEALTH FRAUD CONTROL FRAMEWORK 2014

Information Technology

Safety Management Systems (SMS) guidance for organisations

SCOTTISH CHILDREN S REPORTER ADMINISTRATION

Fraud Prevention, Detection and Response. Dean Bunch, Ernst & Young Fraud Investigation & Dispute Services

MEMORANDUM. Municipal Officials. From: Karen Horn, Director, Public Policy and Advocacy; and Abby Friedman, Director, Municipal Assistance Center

LOCAL GOVERNMENT MANAGEMENT ASSESSMENT OVERVIEW AND QUESTIONNAIRE

Compliance. Compliance Toolkit. Protecting Charities from Harm. Chapter 2 Due Diligence, Monitoring and Verification of End Use of Charitable Funds

RISK MANAGEMENT POLICY

IFAD Policy on Enterprise Risk Management

OIG Hotline. Overview Examples of Allegations That Should Be Reported to the OIG Hotline Guidelines for Reporting Fraud...

Securing Internet Payments across Europe. Guidelines for Detecting and Preventing Fraud

DRAFT. Informing the audit risk assessment for Cheshire Fire Authority. Year ending 31 March 2013 xx April 2013

INSURANCE ACT 2008 CORPORATE GOVERNANCE CODE OF PRACTICE FOR REGULATED INSURANCE ENTITIES

EXPANDING THE USE OF PURCHASING CARDS

Diploma in Forensic Accounting (Level 4) Course Structure & Contents

Sustainable Supply Chain Management Policy

Charities & Not for Profit Protecting your organisation, supporting its success. Risk Management Insurance Employee Benefits Investment Management

Office of the Inspector General

Business Plan 2012/13

White Paper: The Seven Elements of an Effective Compliance and Ethics Program

Risk Management guide

Process Control Optimisation with SAP

Ethics and Compliance Training

WFP ENTERPRISE RISK MANAGEMENT POLICY

Services for professional procurement. Be better informed, make better decisions. Trading House Qualification System (THQS)

FINAL NOTICE Nationwide has confirmed that it will not be referring the matter to the Financial Services and Markets Tribunal.

ENTERPRISE RISK MANAGEMENT FRAMEWORK

Achieve. Performance objectives

Misplaced Trust: Vendor Fraud. IIA/ACFE Conference Patrick Mitchell, Managing Director Sharon Delgado, Senior Manager

Fraud Risk Management Procedures

Presented by: Donald F. Conway, CPA Mercadien, P.C., Certified Public Accountants. Forensic Accounting, Political Corruption & White Collar Offenses

Corporate Resiliency Managing g the Growing Risk of Fraud and Corruption

PROCEDURES RISK MANAGEMENT FRAMEWORK AND GUIDELINES PURPOSE INTRODUCTION. 1 What is Risk?

Policy : Enterprise Risk Management Policy

GLOBAL PORTS INVESTMENTS PLC

Business Ethics Code August 2015

REGULATIONS ON OPERATIONAL RISK MANAGEMENT OF THE BUDAPEST STOCK EXCHANGE LTD.

Case Study Success with a. into a Corporate Integrity Agreement (CIA)

Board of Directors Meeting 12/04/2010. Operational Risk Management Charter

Cyber Insurance Presentation

Introductions, Course Outline, and Other Administration Issues. Ed Ferrara, MSIA, CISSP Copyright 2015 Edward S.

Glossary 2. About this chapter About fraud and corruption prevention and control 4

Guidelines for Financial Institutions Outsourcing of Business Activities, Functions, and Processes Date: July 2004

The task of Orava s risk management is also to support in adapting to the changes in business and risk environment.

Managing General Agents (MGAs) Guideline

Transcription:

www.pwc.com.au Fraud Risk Management Fraud Risk Assessments LGMA Qld Governance and Corporate Planning Village Forum March 2015

Agenda Introductions Fraud Risk Management Fraud Statistics s Global Economic Crime Survey 2014 Fraud Risk Assessment Enterprise Wide Fraud Risk Assessment Case Studies February Liability 2015limited by 2

Fraud Risk Management Fraud may be defined as dishonestly obtaining a benefit by deception or other means. This includes behaviour such as theft, providing false information, corruption, bribery or abuse of office. Custodians of public funds and other people s money must take their responsibilities seriously and ensure suitable procedures are in place to deter misuse of funds and guard against fraud. Fraud can occur when least expected. It can be disruptive to the daily activity and morale of Councils, as well as clients and staff and can be devastating both from a financial and reputational perspective. 3

Fraud Risk Management - s 2014 Economic Crime Survey 2014 Results of the recent 2014 Economic Crime Survey show there are often a number of economic crimes that are occurring with increasing volume, frequency and sophistication. The Big 5: - Procurement - Cybercrime - Asset misappropriation - Bribery and corruption - Accounting Fraud 57% surveyed Austn organisations experienced economic crime in the past 24 months 47% surveyed Austn organisations experienced in excess of 10 fraud incidents in the past 24 months 36% surveyed Austn organisations suffered losses in excess of $1m AUD in the past 24 months 4

Fraud Risk Management While there is a no foolproof method in preventing fraud and corruption, the risk can be minimised by taking a proactive, systematic approach to its management. As fraud negatively impacts on Councils in many ways financial, reputational, and through psychological and social implications it is important for Councils to have a strong fraud program that includes awareness, prevention and detection programs, as well as a fraud risk assessment process to identify risks within Council. Important to set the right tone from the top and ensure that Executives and staff understand their particular fraud risks and profile and that these risks are on the radar and treated seriously. 5

Fraud Risk Assessment (FRA) - Overview A fraud risk assessment (FRA) is often a critical component to Council s larger enterprise wide risk management framework. It helps to: - Identify current and emerging risks and implement enhanced controls. An important role of management is to provide oversight for the completion of an FRA so that management has a better understanding of fraud risks and the controls in place to mitigate those risks An FRA assists management and internal auditors in systematically identifying where and how fraud may occur and who may be in a position to commit fraud Councils need to reach their own conclusion with respect to the cost of controlling a risk compared to the benefits of mitigating or eliminating that risk. 6

Fraud Risk Assessment (FRA) - Types Three types of common fraud assessments: 1. Enterprise Wide Fraud Risk Assessment - provides a comprehensive identification of fraudulent activities facing an organisation. Focuses on the internal control environment for assessing the likelihood of the risk occurring 2. Business process fraud risk assessment - designed to identify specific fraud threats at the business process level and link the specific internal control procedures to the fraud risk inherent to the process. Focuses on internal control procedures, monitoring controls and the information and communication controls 3. Fraud prevention assessment designed to identify the most likely location of a fraudulent transaction in a specific account, transaction type and business location. 7

Enterprise Fraud Risk Assessment - Key steps A fraud risk assessment generally includes the following key steps: 1. Identify relevant fraud risk factors fraud risks to which operations are exposed 2. Identify potential fraud threats and prioritise them based on risk (i.e. evaluating risks for significance and likelihood of occurrence) 3. Map existing controls to potential fraud threats and identify gaps identify and evaluate controls (if any) in place to mitigate key risks 4. Document and report the fraud risk assessment Fraud risk assessments should be followed by the development of a fraud control plan, including nominating a person responsible for addressing the risk, implementing systems to address the risk, and considering alternative controls to mitigate the risks 8

Fraud Risk Assessment - How to approach? 1. Review key policies and procedures in place for fraud management 2. One on One meetings with management/senior executives (fraud risk focus and buy in ) 3. Conduct risk storm workshops with a wide cross section of Council employees, to discuss and identify fraud risk and complete the fraud risk assessment 4. Develop a Heat Map of inherent fraud risk, based on the outcomes of the meetings and workshops 5. Consider current and emerging risks and level of assurance in place throughout Council (3 lines of defence) 9

Fraud Risk Assessment Example Heat Map Current and emerging fraud risk 1. Land disposals/acquisitions 2. Contractor performance 3. Conflicts of Interest 4. Contract tendering 5. Insurance claims 6. Loss/misuse of resources/procurement 7. Cash handling 8. Payroll 9. Professional negligence 10. Finance related fraud 11. Technology/IP related fraud 12. Bank guarantee fraud 13. Abuse of private/public partnerships 14. Capital infrastructure management 15. Regulatory reporting misuse 10

Fraud Risk Assessment Example Heat Map This chart shows the risk assessment of 5 key areas, considered fraud threats by workshop participants. 11

Fraud Risk Assessment - Summary Adopt a thorough fraud risk assessment to identify a range of risks Address identified risks by corresponding fraud prevention plan strategies Consider the level of assurance coverage throughout Council (3 lines of defence) Update and review fraud assessments with any change in the business, such as the addition of a new structure or business unit, deployment of a new program, heightened risk or change in incident levels 12

Case Study One: Industry: National Healthcare Company Financial impact: $400,000 Details: Male IT engineer 7 fictitious vendors, 25 corporate credit card transactions and 146 false invoices Cause: Failure to adequately identify fraud risks and mitigate - Vendor due diligence False ABNs /legitimate ABNs of different companies - IT security Utilised access to three Regional Managers email accounts to send 50% of the invoices to accounts payable. 13

Case Study Two: Industry: International Mining and Construction Company Financial impact: $550,000 Details: Female procurement employee 3 legitimate + 3 fictitious vendors, 58 false invoices Cause: Failure to adequately identify fraud risks and mitigate - Employee screening and due diligence 10 year history of fraud related offences - Procure to pay system controls No approval process or workflow governing changes to vendor bank account details / system audit trail able to be switched on and off by all users / no email notification or reporting of bank account changes 14

Any Questions? Fraud Risk Assessments February 2015 15

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information