Conducting Fraud Risk Assessments Successfully. Mary Breslin MBA, CIA, CFE

Similar documents
Fraud Prevention, Detection and Response. Dean Bunch, Ernst & Young Fraud Investigation & Dispute Services

Fraud Prevention and Deterrence

FRAUD RISK & INTERNAL AUDIT

Making Your Fraud Vision 20 / 20. Thomas R. Strause, CIA, CFE, CBA, CISA, CFSA, CICA Partner FOS tstrause@fosaudit.

Fraud Control Theory

LGMA Qld Governance and Corporate Planning Village Forum

7/22/2014. From Treadway To the Cube ( ) So, Who is COSO? What Does COSO Do?

Fraud-Related Compliance

FRAUD RISK ASSESSMENT

Fraud Risk Management Procedures

Fraud Risk Management

Warning Signs and the Red Flag System

Fraud and the Government Internal Auditor

Glossary 2. About this chapter About fraud and corruption prevention and control 4

Fraud Risk Management and Internal Audting

Guide to Internal Control Over Financial Reporting

APEC General Elements of Effective Voluntary Corporate Compliance Programs

The Upside of Risk: Enterprise Risk Management and Public Real Estate Companies

Policy-Standard heading. Fraud and Corruption Policy

EFFECT OF THE SARBANES-OXLEY ACT OF 2002

1/17/2013 FRAUD RISK MANAGEMENT PROGRAM SESSION OBJECTIVE AND OUTLINE

Deloitte Forensic Fraud Risk Management

What is reputation / reputation risk? What is a reputation risk?

Complying with the U.S. Foreign Corrupt Practices Act

U.S. SQUASH Whistleblower Policy

Fraud Prevention Policy

Advanced Data Analytics, the Fraudsters Worst Enemy

THE LEHMAN BROTHERS CASE

Fraud: Real Stories, Real People, Real Impact

Types of Fraud and Recent Cases. Developing an Effective Anti-fraud Program from the Top Down

Ethics, Fraud, and Internal Control

IPPF Practice Guide. Internal Auditing and Fraud

RISK BASED AUDITING: A VALUE ADD PROPOSITION. Participant Guide

Managing the Business Risk of Fraud: A Practical Guide

Antifraud program and controls assessment grid*

Corporate Governance The Role of the Audit Committee

How To Understand And Understand Forensic Accounting

Proactive Fraud Detection with Data Mining Fear not the computer You play ball with it and it will play ball with you

Fraud Prevention and Detection in a Manufacturing Environment

Fraud Awareness Training

Internal Controls and Fraud Detection & Prevention. Harold Monk and Jennifer Christensen

Office of the Inspector General

Centre for Corporate Governance. Sample listing of fraud schemes

Fraud and Role of Information Technology. September 2008

How To Get A Whistleblower Pass On A Corporation

BKA HERBSTTAGUNG. November 12, 2008

SPG 223 Fraud Risk Management. June 2015

Fraud-Related Compliance

Developing and Implementing a Fraud Risk Assessment. Josh Shilts CPA/CFF, CFE

A Framework for Managing Crime and Fraud

CHAPTER 7 PLANNING THE AUDIT: IDENTIFYING AND RESPONDING TO THE RISKS OF MATERIAL MISSTATEMENT

COSO s 2013 Internal Control Framework in Depth: Implementing the Enhanced Guidance for Internal Control over External Financial Reporting

Sample Financial institution Risk Management Policy 2011

ISOLATE AND ELIMINATE FRAUD THROUGH ADVANCED ANALYTICS. BENJAMIN CHIANG, CFE, CISA, CA Partner, Ernst and Young Advisory Singapore

INTERNATIONAL STANDARD ON AUDITING (UK AND IRELAND) 240 THE AUDITOR S RESPONSIBILITY TO CONSIDER FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS CONTENTS

Managing the Risk of Fraud in Outsourcing. Fernando Cancino, CFE, CIA

FEDERAL HOUSING FINANCE AGENCY ADVISORY BULLETIN AB OVERSIGHT OF SINGLE-FAMILY SELLER/SERVICER RELATIONSHIPS. Purpose

THE U.S. SARBANES-OXLEY ACT OF 2002: REFORMING CORPORATE GOVERNANCE AND DISCLOSURE

FEI Canada. Fraud Prevention. Presented by: Matthew McGuire and Leigh Beijer. Date:

ACFE Toronto Chapter 1

RISK ASSESSMENT CHECKLIST

Guide to Public Company Auditing

Preventing Embezzlement and Fraud in Nonprofit Organizations

TONE AT THE TOP: HOW MANAGEMENT CAN PREVENT FRAUD IN THE WORKPLACE

Fraud Control in Australian Government Entities

KEYS TO AN EFFECTIVE DIRECTOR CORPORATE COMPLIANCE AND INTERNAL AUDIT MULTICARE HEALTH SYSTEM TACOMA, WA

The Sarbanes-Oxley Act : effects on public accounting firms

A STUDY ON FORENSIC ACCOUNTING AND ITS USABILITY By Jyotsana S. Agarwala

Sobel & Co. s Nonprofit and Social Services Group presents. Your Organization is Vulnerable: The Facts About Nonprofits and Fraud

Risk Management Advisory Services, LLC Capital markets audit and control

By Ronald A. Sarachan and Daniel J. T. McKenna

The Compliance and Ethics Essentials Toolkit

Module # 2 Management/Key Employee Assessment

Credit Union Liability with Third-Party Processors

Ishan Rajaram Countywide Mentally Disordered Offender Services Northampton UK

Transcription:

Conducting Fraud Risk Assessments Successfully Mary Breslin MBA, CIA, CFE

Course Agenda One Principals for Managing Fraud Risk in an Organization Two Fraud Risk Assessment Basics Three Fraud Basics Four Conducting a Fraud Risk Assessment Five Prevention and Detection Six Applicable tools Examples of Templates and Documentation 2014 CPEinteractive, Inc.

Learning Objectives Learn how to conduct a fraud risk assessment Understanding basic fraud concepts Learning to identify and assess risks Identifying best practices in fraud risk assessment Understanding the parts of a fraud risk assessment program Learn to utilize appropriate frameworks for assessing fraud risks Commonly used framework, scorecards and reporting templates Familiarization with best practices 2014 CPEinteractive, Inc. 3

FRAUD MANAGEMENT PRINCIPALS 2014 CPEinteractive, Inc. 4

What is a Fraud Risk Assessment? Systematically identify where and how fraud may occur. Identify who may be in a position to commit fraud. Creates a structured process that identifies fraud risk schemes and respective controls that may prevent or detect these schemes. Measures detective and preventative controls to ensure they are designed and operating effectively. 2014 CPEinteractive, Inc. 5

What is a Fraud Risk Assessment? (2) Crucial part of an entity s Enterprise Risk Assessment (ERM) process. Key element to any Anti-fraud Framework. Strengthens an organization s ability to evaluate, mitigate and monitor risks arising from fraud, corruption and misconduct. 2014 CPEinteractive, Inc. 6

What is a Fraud Risk Assessment? (3) Proactively identifying and addressing fraud in an organization. Considers both internal and external threats. It is tailored to the organization and industry. Part art, part science. It is an ongoing continuous process that never ends. 2014 CPEinteractive, Inc. 7

2014 CPEinteractive, Inc. 8

Fraud Risk Management Program Regular Assessment of Fraud Risk Fraud Prevention Techniques Fraud Risk Environment Fraud Detection Techniques Formal Investigation and Reporting 2014 CPEinteractive, Inc. 9

Return As part of an organization s governance structure, a fraud risk management program should be in place, including a written policy (or policies) to convey the expectations of the board of directors and senior management regarding managing fraud risk.

Return Fraud risk exposure should be assessed periodically by the organization to identify specific potential schemes and events that the organization needs to mitigate.

Return Prevention techniques to avoid potential key fraud risk events should be established, where feasible, to mitigate possible impacts on the organization.

Return Detection techniques should be established to uncover fraud events when preventive measures fail or unmitigated risks are realized.

Return A reporting process should be in place to solicit input on potential fraud, and a coordinated approach to investigation and corrective action should be used to help ensure potential fraud is addressed appropriately and timely.

Return Fraud Risk Program Only through diligent and ongoing effort can an organization protect itself against significant acts of fraud.

FRAUD RISK GOVERNANCE 2014 CPEinteractive, Inc. 16

Fraud Governance Components Documented Fraud Risk Program Ethics Programs Defined Roles & Responsibilities 2014 CPEinteractive, Inc. 17

Fraud Risk Program Formally documented. Policy, strategy, outline, etc. Should communicate: Commitment by board & management Fraud Awareness assessment, training, communication Affirmation process Code of Conduct, Fraud Program, Conflict Disclosure Conflict of interest for board, management, employees, contractors 2014 CPEinteractive, Inc. 18

Fraud Risk Program (2) (con t) Should communicate: Fraud Risk Assessment performed on a systematic & reoccurring basis Reporting Procedures & Whistleblower Protection Articulate zero tolerance for fraud Investigation Process Corrective Action termination, arrest, prosecution, report to regulatory agency Quality Assurance periodic review of effectiveness of fraud program Continuous Monitoring 2014 CPEinteractive, Inc. 19

Ethics Programs An effective ethics programs will create and environment in which making the right decision is implicit. It will serve as the foundation for preventing, detecting and deterring fraud. Often part of Code of Conduct. 2014 CPEinteractive, Inc. 20

Roles & Responsibilities Board of Directors Tone at the Top Understand Fraud Risks Maintain oversight of Fraud Risk Assessment Monitor Management s reports on fraud Oversee Internal Controls Engage outside parties regarding fraud when needed External Audit, Experts Audit Committee Proactive involvement 2014 CPEinteractive, Inc. 21

Roles & Responsibilities (2) Management Responsible for design & implementation Create anti-fraud culture Implement adequate controls Ongoing reporting on instances & effectiveness of program Employees / Staff Understand fraud and fraud red flags Understand their roles in controls Report suspicions or instances of fraud Cooperate in investigations 2014 CPEinteractive, Inc. 22

Roles & Responsibilities (3) Internal Audit Objective assurance that fraud program is in place, effective and sufficient. Fraud risk assessment should be part of annual audit plan considerations Participate / conduct fraud risk assessment Understand fraud schemes, scenarios and red flags Dependent on organization, conduct / participate in fraud investigations 2014 CPEinteractive, Inc. 23

3 Part Fraud Protection Detect 2014 CPEinteractive, Inc. 24

Exercise #1 A Little History FRAUD HIT PARADE 2014 CPEinteractive, Inc. 25

Bernie Madoff - $21.2 Billion in Cash Losses We all know that Bernie will spend the rest of his life in prison for orchestrating perhaps the biggest investment scam of all time, but his accountants and aides helped him do the dirty work. David Friehling, Madoff's accountant, plead guilty last year to a number of charges that he issued "rubber stamp" audits. Madoff's right-hand man, Frank DiPascali plead guilty to creating fake trade orders for Madoff and is facing up to 125 years in prison. http://www.huffingtonpost.com/2010/03/17/biggest-accounting-scanda_n_502181.html 2014 CPEinteractive, Inc. 26

Lehman Brothers - $50 Billion in Disguised Loans A bankruptcy examiner's report released last week revealed that Lehman Brothers hid more than $50 billion in loans by classifying them as sales. Execs and auditor, Ernst & Young, allegedly manipulated the firm's balance sheets using an accounting trick called "Repo 105 http://www.huffingtonpost.com/2010/03/17/biggest-accounting-scanda_n_502181.html 2014 CPEinteractive, Inc. 27

HealthSouth - $2.7 Billion Accounting Fraud The rehabilitation provider's former CEO, Richard Scrushy, was convicted of host of criminal and civil charges -- including bribery -- related to a massive accounting fraud that is believed to have lasted seven years. Scrushy is currently serving a seven-year prison sentence. http://www.huffingtonpost.com/2010/03/17/biggest-accounting-scanda_n_502181.html 2014 CPEinteractive, Inc. 28

Tyco Execs Steal $120 Million, Inflate Income by $500 Millions Tyco's former CEO Dennis Kozlowski and former CFO Mark Swartz were convicted of misappropriating hundreds of millions of dollars in company funds. On top of that, the two ex- Tyco execs were involved in a scheme to inflate Tyco's income by more than $500 million. http://www.huffingtonpost.com/2010/03/17/biggest-accounting-scanda_n_502181.html 2014 CPEinteractive, Inc. 29

Satyam - $1 Billion Accounting Fraud In just one quarter, execs at the Indian outsourcing firm Satyam magically boosted revenue by 20 percent -- or $1.04 billion -- by falsifying loans, the New York Times reported last year. Ironically, Satyam maintained back-office accounting functions for several high-profile companies including, General Electric and General Motors. http://www.huffingtonpost.com/2010/03/17/biggest-accounting-scanda_n_502181.html 2014 CPEinteractive, Inc. 30

AIG - $1.7 Billion in Improper Accounting Long before AIG became a maligned bailout recipient, the behemoth insurance company was embroiled in a $1.7 billion accounting scandal involving loans that were improperly booked as revenue. Ex-CEO Hank Greenberg was ousted over the controversy -- and ultimately paid $15 million to settle fraud charges with the SEC. http://www.huffingtonpost.com/2010/03/17/biggest-accounting-scanda_n_502181.html 2014 CPEinteractive, Inc. 31

Waste Management - $1.9 Billion in Fake Earnings While hauling away America's refuse in 1998, Waste Management execs were busy reworking the company's earnings from the previous 5 years to the tune of $1.9 billion. This marked the biggest accounting scandal before Enron took the title in 2001. WM settled the lawsuit with a mere $26.8 million on behalf of its "trashy" execs. http://www.huffingtonpost.com/2010/03/17/biggest-accounting-scanda_n_502181.html 2014 CPEinteractive, Inc. 32

Freddie Mac - $5 Billion in Misstated Earnings A four-year lapse in proper accounting cost Freddie Mac $50 million in fines back in 2007. To keep up with Wall Street expectations, this mortgage financing giant misstated $5 billion in earnings. Then-president David Glenn along with other top executives were removed and fined. http://www.huffingtonpost.com/2010/03/17/biggest-accounting-scanda_n_502181.html 2014 CPEinteractive, Inc. 33

Worldcom - $103.9 Billion Bankruptcy In a scandal that likely cost about 30,000 jobs, WorldCom execs devised an $11 billion accounting fraud, which included former CEO Bernie Ebbers helping himself to hundreds of millions of dollars in personal loans. The total cost to investors: $180 billion. http://www.huffingtonpost.com/2010/03/17/biggest-accounting-scanda_n_502181.html 2014 CPEinteractive, Inc. 34

Enron Shareholders lose $74 Billion Once America s seventh largest company, Enron collapsed in 2001. Executives used special purpose entities which went by names like Whitewing and Raptor -- to keep huge debts off the firm s balance sheet. During an infamous 2001 conference call, then CEO Jeff Skilling attacked an analyst who questioned the firm s creative accounting by calling him an "asshole."ken Lay, Enron's former CEO, and Jeff Skilling were later convicted of a host of criminal charges. (Lay died in 2006 before he could serve time. Skilling was convicted in 2006, and is currently appealing.) http://www.huffingtonpost.com/2010/03/17/biggest-accounting-scanda_n_502181.html 2014 CPEinteractive, Inc. 35

Common Theme or Issues? List as many common issues as you can think of. 1. Pressure to perform Wall Street. 2. Tone at the Top - Arrogance & Greed. 3. Lack of appropriate controls. 4. External Auditors not exhibiting professional skepticism and due care. 5. Where was Internal Audit? 2014 CPEinteractive, Inc. 36

FRAUD RISK ASSESSMENT BASICS 2014 CPEinteractive, Inc. 37

Why Conduct a Fraud Risk Assessment? A Fraud Risk Assessment helps Management understand risks that are unique to its business activities, identify gaps, weaknesses in controls and priorities of controls to manage those risks and develop a realistic plan for targeting the right resources and controls to reduce fraud risks. 2014 CPEinteractive, Inc. 38

Why Conduct a Fraud Risk Assessment? Improve communication and awareness about fraud. Identify where the company is most vulnerable to fraud and what activities put it at the greatest risk. Develop plans to mitigate fraud risk. Develop techniques to monitor and investigate high-risk areas. Assess internal controls. 2014 CPEinteractive, Inc. 39

Why Conduct a Fraud Risk Assessment? (2) Fraud exists in EVERY organization. Fraudsters are becoming more and more sophisticated. And estimated 95% of fraud goes unnoticed unless you are actively looking for it. Should be a component of larger ERM. Comply with regulations and professional standards COSO 2013 Principal 8 2014 CPEinteractive, Inc. 40

COSO 2013 Principal 8 The organization considers the potential for fraud in assessing risks to the achievement of objectives. 2014 CPEinteractive, Inc. 41

Fraud Risk 45% of all US Organizations reported suffering a financial crime in the last two years. 67% of organizations currently, or plan to have, operations in high risk markets. 71% believe organizational fraud is increasing. PWC s 2014 Global Economic Crime Survey 2014 CPEinteractive, Inc. 42

Benefits of a Fraud Risk Assessment Prevent, deter and detect fraud. Prevent financial losses. Prevent potential damage to reputation. Protect Share price. Provide tangible evidence for a culture of integrity. Best Practice 2014 CPEinteractive, Inc. 43

Pitfalls & Obstacles No Fraud here mentality. He / She would never. Believing an individual is a control. Assessment is not risk-based. FRA is too broad, not focused. Approach isn t aligned with corporate culture. Organization does not have appropriate skill sets to perform assessment properly Not systematic and reoccurring. 2014 CPEinteractive, Inc. 44

FRAUD BASICS 2014 CPEinteractive, Inc. 45

Mary s Fraud Cases Lima, Peru $7 million Inventory and Asset Misappropriation fraud - collusion Bamako, Mali Finance Director steals legal entity and all subsequent profits. False employees hired to build his house. $8 Million. Brussels, Belgium Export Fraud Shipping to embargoed countries under falsified sales orders. $5 million + Perth, Australia Vendor overbilling and kick-back scheme. Falsified quality control and inferior parts. Caused death of an employee. Total $ unknown. Salt Lake City, Utah Asset theft. Fleet management auction scheme. $1.8 million. 2014 CPEinteractive, Inc. 46

Me http://www.ogpe.com/news/2014/10/04/foreign-subsidiary-of-texas-oil-firm-pleads-guiltyto-illegally-exporting-drilling-equipment-to-syri.html 2014 CPEinteractive, Inc. 47

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information