RED FLAGS OF FRAUD MAY 13, 2014 IIA AUSTIN CHAPTER



Similar documents
Red Flags for Fraud. Thomas P. DiNapoli. Steven J. Hancox Deputy Comptroller Division of Local Government and School Accountability

Fraud Awareness Training

Is There Anyway to Prevent Fraud? Bill Gady, CGA CPA Partner

Fundamentals of Computer and Internet Fraud WORLD HEADQUARTERS THE GREGOR BUILDING 716 WEST AVE AUSTIN, TX USA

Fraud and internal controls, Part 3: Internal fraud schemes

Internal Controls and Fraud Detection & Prevention. Harold Monk and Jennifer Christensen

716 West Ave Austin, TX USA

Steven Boyer Vice-President, Gallagher Bassett Services Inc.

Sharon Kurek, CPA, CFE Director of Internal Audit

Fraud Prevention Training

Fraud Prevention: The Prevention and Detection of Fraud Begins with You

September 28, Audit s Role in Governance, Risk Management and Internal Control

Making Your Fraud Vision 20 / 20. Thomas R. Strause, CIA, CFE, CBA, CISA, CFSA, CICA Partner FOS tstrause@fosaudit.

Module # 2 Management/Key Employee Assessment

INTRODUCTION TO FRAUD EXAMINATION

How To Prevent Fraud On A Credit Card

ACCOUNTING RECORDS: HOW THEY ARE USED TO CONCEAL FRAUD. ROSANNE TERHART, CFE, CA Senior Manager BDO Canada LLP Vancouver, British Columbia Canada

Fraud Checklist. From the enquiries made and procedures performed in completing Part B of this checklist we consider the risk of irregularities to be

Accounts Payable Best Practices

Internal Controls for Small Organizations. Jen Parker, CPA Director of Accounting & Finance US Youth Soccer

Understanding Business Fraud Presenter Paul A. Rodrigues, CPA, MST, CFE, CFF, Principal Presenter David G Friedman, CPA, CFF, CFE, Partner

KEYS TO AN EFFECTIVE DIRECTOR CORPORATE COMPLIANCE AND INTERNAL AUDIT MULTICARE HEALTH SYSTEM TACOMA, WA

Sobel & Co. s Nonprofit and Social Services Group presents. Your Organization is Vulnerable: The Facts About Nonprofits and Fraud

Fraud Control Theory

Fraud Prevention and Detection in a Manufacturing Environment

716 West Ave Austin, TX USA

TITLE: Fraud Prevention and Detection Program IDENTIFIER: S-FW-LD-1008 APPROVED: Executive Cabinet (Pending)

THE ABC S OF DATA ANALYTICS

INTERNATIONAL STANDARD ON AUDITING (UK AND IRELAND) 240 THE AUDITOR S RESPONSIBILITIES RELATING TO FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS

INTERNATIONAL STANDARD ON AUDITING 240 THE AUDITOR S RESPONSIBILITIES RELATING TO FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS CONTENTS

GLOBAL PORTS INVESTMENTS PLC

Presented by: Donald F. Conway, CPA Mercadien, P.C., Certified Public Accountants. Forensic Accounting, Political Corruption & White Collar Offenses

5 Important Controls to Mitigate Employee Fraud

HOW TO DETECT AND PREVENT FINANCIAL STATEMENT FRAUD (SECOND EDITION) (NO )

The Auditor s Responsibilities Relating to Fraud in an Audit of Financial Statements

INTERNATIONAL STANDARD ON AUDITING (UK AND IRELAND) 240 THE AUDITOR S RESPONSIBILITY TO CONSIDER FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS CONTENTS

Strong Corporate Governance & Internal Controls: Internal Auditing in Higher Education

1/17/2013 FRAUD RISK MANAGEMENT PROGRAM SESSION OBJECTIVE AND OUTLINE

TECHNOLOGY YOU CAN USE AGAINST THOSE WHO USE TECHNOLOGY FRAUD ANALYTICS: TAKING DATA ANALYSIS TO THE NEXT LEVEL

7/22/2014. From Treadway To the Cube ( ) So, Who is COSO? What Does COSO Do?

Corporate Fraud: Understanding What Puts Your Organization at Risk and How to Prevent It

Avoiding Theft in Your Nonprofit Ohio Attorney General Mike DeWine

The auditors responsibility to consider fraud in an audit of financial statements

Asset Misappropriation Research White Paper for the Institute for Fraud Prevention

PREPARING AUDITORS IN THEIR USAGE OF DATA ANALYTICS TOOL IN FRAUD PREVENTION PROGRAM

Types of Fraud and Recent Cases. Developing an Effective Anti-fraud Program from the Top Down

Conversion. Concealment methods. Example #1: Skimming. Example #2: Skimming GASBO Conference. Thomas Buckhoff, Ph.D.

MEMORANDUM. Municipal Officials. From: Karen Horn, Director, Public Policy and Advocacy; and Abby Friedman, Director, Municipal Assistance Center

Financial Services Group

Internal Control Requirements December 11, 2002

Detecting, Preventing, and Reporting FRAUD

Preventing Fraud and Abuse of Public Funds: Local Governments Need to Do Better

Internal Controls Best Practices

Communicating Internal Control Related Matters Identified in an Audit

ACL EBOOK. Detecting and Preventing Fraud with Data Analytics

Office of the Inspector General

Ethics, Fraud, and Internal Control

Anomaly and Fraud Detection with Oracle Data Mining

Fraud Risks in Higher Education

Perp Poetry. Fraud & Embezzlement: Lessons From the Trenches. Presented by. acumen insight. ideas attention reach. expertise depth agility talent

Tips to Prevent and Detect Workplace Fraud

Fraud Prevention, Detection and Response. Dean Bunch, Ernst & Young Fraud Investigation & Dispute Services

FRAUD RISK ASSESSMENT

Advanced Data Analytics, the Fraudsters Worst Enemy

Chapter 18 Auditing Investments and Cash Balances

FRAUD PREVENTION STRATEGIES FOR HEALTH CARE A FORENSIC ACCOUNTANT S PERSPECTIVE

Discovering the Secrets of Detecting Fraud in Accounts Receivable

Fraud: Real Stories, Real People, Real Impact

INTERNAL CONTROL QUESTIONNAIRE OFFICE OF INTERNAL AUDIT UNIVERSITY OF THE VIRGIN ISLANDS

Chapter 12 Solutions to Problems

Fraud Prevention and Deterrence

REPORT TO THE NATIONS ON OCCUPATIONAL FRAUD AND ABUSE

Chapter 9 The Study of Internal Control and Assessment of Control Risk

ACFE FRAUD PREVENTION CHECK-UP

Centre for Corporate Governance. Sample listing of fraud schemes

How To Prevent Fraud In The United States

Introductions, Course Outline, and Other Administration Issues. Ed Ferrara, MSIA, CISSP Copyright 2015 Edward S.

Module #9 Payroll Schemes

Fraud Prevention and Deterrence

How To Handle A Fraud At Psc

White Paper. 10 Ways to Prevent Business Expense Fraud and Abuse

Antifraud program and controls assessment grid*

Auditing Standard ASA 240 The Auditor's Responsibilities Relating to Fraud in an Audit of a Financial Report

Outdoor Retailer Conference Financial Statement Fraud. August 2, 2010 Derk G. Rasmussen.

Mark Barwick Reinsurance Large Commercial Programme Director, ACORD

Transcription:

MAY 13, 2014 IIA AUSTIN CHAPTER

2014 by the Association of Certified Fraud Examiners, Inc. Revised: 3/26/14 No portion of this work may be reproduced or transmitted in any form or by any means electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system without the written permission of the Association. WORLD HEADQUARTERS, THE GREGOR BUILDING 716 WEST AVENUE AUSTIN, TX 78701-2727 USA TEL: (800) 245-3321 +1 (512) 478-9000 FAX: +1 (512) 478-9297 WWW.ACFE.COM DISCLAIMER Every effort has been made to ensure that the contents of this publication are accurate and free from error. However, it is possible that errors exist, both typographical and in content. Therefore, the information provided herein should be used only as a guide and not as the only source of reference. The author, advisors, and publishers shall have neither liability nor responsibility to any person or entity with respect to any loss, damage, or injury caused or alleged to be caused directly or indirectly by any information contained in or omitted from this publication. Printed in the United States of America.

JAMES D. RATLEY, CFE President and CEO Association of Certified Fraud Examiners Austin, TX James D. Ratley graduated from the University of Texas at Dallas, with a Bachelor's Degree in Business Administration. In 1971, he joined the Dallas Police Department as a police officer. Mr. Ratley was assigned to several police department divisions, including vice, child abuse, and internal affairs. He was a member of numerous department task forces which concentrated on major fraud cases. In 1986, Mr. Ratley left the police department to join Wells & Associates, a forensic accounting practice, where he was in charge of fraud investigations. He handled investigations regarding internal frauds, conflicts of interest, and litigation support. In 1988, he was named Program Director for the Association of Certified Fraud Examiners and oversaw all aspects of the ACFE's training and education programs. In 2005, Mr. Ratley was awarded the Association of Certified Fraud Examiners' Cressey Award. The Cressey Award is the ACFE's highest honor. It is bestowed annually for a lifetime of achievement in the detection and deterrence of fraud. In 2006, Mr. Ratley was named President of the ACFE. In this role, he works to promote the ACFE to the public and other professional organizations and continues to assist in the development of anti-fraud products and services to meet the needs of the ACFE's members. In addition to his executive duties, Mr. Ratley serves as a member of the ACFE's faculty, and teaches regularly at workshops and conferences on a variety of fraud-related subjects. Mr. Ratley was named One of the Top 100 Most Influential People in Accounting by Accounting Today in 2012, with the magazine praising his leadership in a "changing, growing and evolving" accounting landscape. He was also selected as one of Security magazine's Most Influential Security Executives for 2010. This honor is bestowed each year to the top security executives who positively impact the security industry, their organizations, their colleagues and their peers. Mr. Ratley is a member of the Association of Certified Fraud Examiners, Austin Chapter, and a member of the Board of Advisors for the Institute for Bank Director Education. He was also a Visiting Scholar at the University of Nebraska in Lincoln. In addition, he has been certified as a Master Peace Officer by the Texas Commission on Law Enforcement Standards and Education.

The Detection of Fraud Fraud is generally detected by one of four means: Tips or complaints Internal controls The perpetrator turning himself/herself in Assessment of red flags Tips or Complaints Tips or complaints have been known to be some of the best means of fraud detection and should be taken seriously. In fact, research consistently shows that tips from employees, customers, vendors, and other sources are the method by which the most frauds are detected. Although occasionally the motives of the complainant may be suspect, the allegations usually have merit and warrant further investigation. Internal Controls Certain internal controls, such as management review, surveillance and monitoring activities, account reconciliations, and document examinations, are designed to detect errors and fraud. Likewise, internal and external audits serve as important controls in uncovering potential fraudulent acts. Perpetrator Turning Himself/Herself In Committing a fraud and keeping the crime hidden takes a continuing effort on the part of the fraudster. Because of the increased likelihood of detection, fraudsters aren t able to take vacations or sick time. Although it may not be a common occurrence, some fraudsters find that they cannot deal with the emotional expense of the fraud and may eventually turn themselves in, choosing to face the consequences of fraud over continuing the effort of concealment. Page 5

Assessment of Red Flags A red flag is a circumstance, or set of circumstances, that is unusual in nature or varies from the normal activity. It is a signal that something is out of the ordinary and should be further investigated. If you analyze a fraud case, you will usually uncover the presence of red flags, which, had employees or auditors noticed or reported, might have resulted in the fraud being detected earlier. Frauds committed by employees and management frequently involve obvious signs of fraud if those around the perpetrator know what to look for. General Red Flags Typically, the fraud will result in symptoms that can signal other employees or auditors to the crime. Warning signs relating to potential fraud can be broken down into several categories. These categories are: Accounting anomalies Internal control weaknesses Analytical anomalies Operational anomalies Behavioral anomalies Accounting Anomalies Accounting anomalies are unusual deviations from the standard accounting practice. They involve irregularities in the accounting system, such as: Missing, altered, or photocopied documents Stale items on reconciliations Increased or excessive past due accounts Unexplained or confusing journal entries Inaccuracies in the ledger accounts Unexplained changes in financial statements Page 6

Internal Control Weaknesses Common internal control weaknesses that can serve as red flags of fraud are: Lack of segregation of duties Lack of physical safeguards Lack of independent checks Lack of proper authorization on documents and records Overrides of existing controls Inadequate accounting system Analytical Anomalies Analytical anomalies are relationships, procedures, and events that don t make sense either common or business or that appear to be unreasonable. These include transactions that happen at odd times or places, transactions that involve people who would not normally be a part of the event, transactions that involve amounts that are too small or too big, and transactions that occur too often or too rarely. Examples of analytical anomalies include: Company assets sold under market value Excessive number of checking accounts Frequent changes in banking accounts Use of several different banks Significant downsizing in a healthy market Unexpected overdrafts or declines in cash balance Operational Anomalies Operational anomalies are unusual events concerning the company s operations. Such circumstances may or may not be within the control of management, but they do merit consideration as a red flag for possible fraud. Some of these anomalies are: Page 7

RED FLAGS OF FRAUD Operating on a crisis basis Insufficient capital Dependence on only one or two products Frequent changes in legal counsel Frequent changes in executive management and directors High employee turnover, especially in areas that are more vulnerable to fraud Continuous rollover of loans A compensation program that is out of proportion to profits Unusual organizational structure (e.g., having the internal audit department report to the finance department) Severe obsolescence of assets Problems with government regulators Behavioral Anomalies The vast majority of fraudsters display some sort of behavioral symptoms of their scheme symptoms that co-workers or supervisors might have picked up on without realizing that they were connected to fraudulent actions. The ACFE s 2014 Report to the Nations on Occupational Fraud and Abuse examines 1,483 cases of occupational fraud in an effort to identify common threads and trends in white-collar crimes. According to the Report, at the time of their frauds: 44% of perpetrators were living beyond their means. 33% of perpetrators were experiencing financial difficulties. 22% of perpetrators had an unusually close association with a vendor or customer. Page 8

RED FLAGS OF FRAUD 21% of perpetrators displayed control issues or an unwillingness to share duties. 17% of perpetrators had experienced a recent divorce or family problems. 15% of perpetrators displayed unusual irritability, suspiciousness, or defensiveness. 12% of perpetrators had addiction problems. Red Flags in Specific Transactions and Functions Certain business functions are particularly susceptible to fraudulent acts. It is therefore vital to review these functions with specific red flags of fraud in mind. Red Flags in Cash /Accounts Receivable Since cash is the asset most often misappropriated, fraud examiners should pay close attention to warning signs of cash theft, including: Excessive number of voids, discounts, and returns Unauthorized bank account in a company name Sudden activity in a dormant banking account Customer complaints that they are receiving notices for non-payment on account Discrepancies between bank deposits and deposits posted to the company books Abnormal number of expense items or reimbursements by employee Presence of employee checks in petty cash for the employee who oversees petty cash Excessive or unjustified cash transactions Large number of write-offs of accounts receivable Bank accounts that are not reconciled on a timely basis Page 9

Red Flags in Payroll Red flags that show up in a payroll are generally worthy of examination. Payroll is usually an automated function, but it is a vulnerable area, especially if collusion is involved. Red flags in this area include: Inconsistent overtime hours for a cost center Overtime charged during a slack period Overtime charged for employees who normally would not have overtime wages Budget variations for payroll by cost center Employees with duplicate Social Security numbers, names, and addresses Employees with few or no payroll deductions Red Flags in Purchasing/Inventory Because purchasing is the major source of cash outflows within most companies, this area is extremely vulnerable to fraud. Likewise, an organization s inventory can be very susceptible to misappropriation by dishonest employees. Warning signs that the purchasing and inventory functions are being manipulated include: Increase in number of complaints about products or service Increase in purchasing inventory but no increase in sales Abnormal inventory shrinkage Increase in scrap materials and then reorders for the same items Lack of physical security over assets/inventory Sales without shipping documents Payments to vendors who aren t on an approved vendor list High volume of purchases from new vendors shortly after they attain vendor status Page 10

RED FLAGS OF FRAUD Purchases that bypass the normal procedures Vendors without physical addresses Vendor addresses that match employee addresses Excess inventory and inventory that is slow to turn over Purchasing agents that pick up vendor payments rather than having them mailed Red Flags in Financial Reporting The motivations for manipulating the financial reporting function are quite different than those for stealing company assets. However, red flags are often present in financial statement frauds, just as they are in asset misappropriation schemes. The following are some of the warning signs of financial statement fraud: Unusual or large and profitable transactions near the ends of accounting periods Recurring negative cash flows while reporting earnings or earnings growth Expenses increasing faster than revenues Urgent need to report favorable earnings Significant transactions with related parties Reluctance to provide auditors with corporate data needed for their audits Frequent changes in external auditors How to Evaluate Red Flags In many cases, conducting a post-mortem after a fraud examination will show that red flags were present. If the auditor or employees in the affected area had recognized these warning signs, then a loss might not have occurred or would, at least, have been substantially reduced. Page 11

Cressey s Hypothesis: The Fraud Triangle Donald Cressey published what remains the classic model for occupational offenders in Other People s Money: A Study in the Social Psychology of Embezzlement. In subsequent years, Cressey s work has come to be associated with a term called the fraud triangle, which explains the nature of fraud. While the specific components of the fraud triangle may vary, it is basically set up as follows: Non-sharable Financial Problem Rationalization Opportunity The non-sharable financial problem, or pressure, may be anything from gambling debts to the desire for a new sports car. Rationalization is a crucial component of most frauds because most people have a need to reconcile their behavior with commonly accepted notions of decency and trust. The opportunity to commit and conceal the fraud, of course, is the only element over which the fraud examiner has significant control. Many believe that if one of the three legs of the triangle is taken away, fraud will not be committed. The fraud triangle forms a foundational framework that can be used to evaluate and understand the red flags of Page 12

fraud: most red flags are directly traceable to one of the three legs of the triangle. Analyzing and Responding to Red Flags Being aware of red flags isn t enough for the fraud examiner. Once a red flag has been identified, action must be taken to determine its effect: is there fraud, do errors result, or is there no effect on the business? Evaluating the red flag may involve financial analysis or observation. Once the analysis is complete, action must be taken to correct the situation and educate the parties in the responsible area about the warning signs that were missed. PERFORM FINANCIAL ANALYSIS Financial analysis can be used to determine the full financial impact the situation has on the business. For example, how much has already been lost as a result of the red flag? What is the potential future loss related to the red flag? What is the cost to prevent a potential loss from occurring? What will it cost to recoup the loss identified? OBSERVE THE EFFECT OF THE RED FLAG Direct observation is the method of choice to determine the effect a red flag has on an organization. For example, if analysis of overtime for an area suggests that one person is falsifying timecards, observing the person s start and stop times is important. Observation may prove useful when employee lifestyle changes are noted, or to get an understanding of how an area works. Does the Page 13

employee in fact drive a new Jaguar on a salary that clearly wouldn t support it? Are there lax security procedures and physical safeguards? CORRECT THE SITUATION Whether it is fraud or an error, action should generally be taken to prevent the act from occurring again. That is, unless the cost of prevention is more than the loss suffered; in such a situation, the decision may be to not to take action at all. EDUCATE THE RESPONSIBLE AREA In any case, educating the affected area is a prudent thing to do. If people don t know how to spot a potential red flag, then it may never be caught. This is true for both the internal audit staff and employees in the user area. Education involves all levels, from the lowest level to the highest level. Two Cautionary Notes Do not ignore a red flag Sometimes an error is just an error Do Not Ignore a Red Flag Studies of fraud cases consistently show that red flags were present, but either were not recognized or were recognized but not acted upon by anyone. Once a red flag has been noted, management should take action to investigate the situation to determine if a fraud has been committed. Sometimes an Error is Just an Error As discussed above, red flags should lead to appropriate action. However, sometimes an error is just an error and no fraud has occurred. Just as action is important, so is Page 14

avoiding overreaction. Respect for employees which is itself a vital part of detecting and deterring fraud demands avoiding assumptions that fraud has taken place in the absence of evidence. It further requires that investigations not be conducted unprofessionally or with unwarranted hostility. Responsibility for follow-up investigation of a red flag should be placed in the hands of a measured and responsible person. Conclusion Red flags are warnings that something could be or is wrong. Fraud examiners, employees, and management need to be aware these warning signs of fraud in order to, at the very least, monitor the situation, and to correct it as needed. Employees who notice that red flags are ignored may mistakenly believe that it is okay to game the system or that they won t get caught. A small fraud soon becomes a large fraud if left to grow. Page 15

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information