Employee Embezzlement and Fraud. Defending Against Insider Threats

Similar documents
Office of the Inspector General

Fraud Awareness Training

Sharon Kurek, CPA, CFE Director of Internal Audit

REPORT TO THE NATIONS ON OCCUPATIONAL FRAUD AND ABUSE

SMIC Business Ethics Statement

Steven Boyer Vice-President, Gallagher Bassett Services Inc.

Types of Fraud and Recent Cases. Developing an Effective Anti-fraud Program from the Top Down

ANTI-FRAUD POLICY Adopted August 13, 2015

Internal Controls and Fraud Detection & Prevention. Harold Monk and Jennifer Christensen

Assessment for Establishing a Whistleblower Hotline:

Antifraud program and controls assessment grid*

Evergreen Solar, Inc. Code of Business Conduct and Ethics

BARRICK GOLD CORPORATION

Is There Anyway to Prevent Fraud? Bill Gady, CGA CPA Partner

REPORT TO THE NATIONS ON OCCUPATIONAL FRAUD AND ABUSE 2012 GLOBAL FRAUD STUDY

U.S. SQUASH Whistleblower Policy

SCHOOLS FRAUD RESPONSE PLAN

Presented by: Donald F. Conway, CPA Mercadien, P.C., Certified Public Accountants. Forensic Accounting, Political Corruption & White Collar Offenses

Fraud Prevention, Detection and Response. Dean Bunch, Ernst & Young Fraud Investigation & Dispute Services

TITLE: Fraud Prevention and Detection Program IDENTIFIER: S-FW-LD-1008 APPROVED: Executive Cabinet (Pending)

GLOBAL PORTS INVESTMENTS PLC

Fundamentals of Computer and Internet Fraud WORLD HEADQUARTERS THE GREGOR BUILDING 716 WEST AVE AUSTIN, TX USA

Perp Poetry. Fraud & Embezzlement: Lessons From the Trenches. Presented by. acumen insight. ideas attention reach. expertise depth agility talent

by: Scott Baranowski, CIA

REPORT TO THE NATIONS ON OCCUPATIONAL FRAUD AND ABUSE

Fraud Prevention: The Prevention and Detection of Fraud Begins with You

Fraud Prevention Training

CUBIC ENERGY, INC. Code of Business Conduct and Ethics

POLICY AND PROCEDURES MANUAL FRAUD, WASTE, AND ABUSE

Deloitte Forensic Fraud Risk Management

Internal Controls for Small Organizations. Jen Parker, CPA Director of Accounting & Finance US Youth Soccer

COUNCIL TAX REDUCTION, DISCOUNT & EXEMPTION ANTI- FRAUD POLICY

OIG Hotline. Overview Examples of Allegations That Should Be Reported to the OIG Hotline Guidelines for Reporting Fraud...

Diploma in Forensic Accounting (Level 4) Course Structure & Contents

Fraud Prevention Checklist for Small Businesses

Fraud Prevention Policy

KEYS TO AN EFFECTIVE DIRECTOR CORPORATE COMPLIANCE AND INTERNAL AUDIT MULTICARE HEALTH SYSTEM TACOMA, WA

Reports of Compliance Concerns and Violations

Fraud Control Theory

5 Important Controls to Mitigate Employee Fraud

Fraud Prevention DEFINITIONS

Fraud-Related Compliance

White Paper: The Seven Elements of an Effective Compliance and Ethics Program

Prepared by: The Office of Corporate Compliance & HIPAA Administration

How To Handle A Fraud At Psc

Our vision. A company where the best people want to work.

FINAL May Guideline on Security Systems for Safeguarding Customer Information

FRAUD PREVENTION STRATEGIES FOR HEALTH CARE A FORENSIC ACCOUNTANT S PERSPECTIVE

716 West Ave Austin, TX USA

Johnson Electric Group Code of Ethics and Business Conduct

HIPAA Security Training Manual

Leveraging Big Data to Mitigate Health Care Fraud Risk

Business Case. for an. Information Security Awareness Program

Mental Health Resources, Inc. Mental Health Resources, Inc. Corporate Compliance Plan Corporate Compliance Plan

B. Prevent, detect, and respond to unacceptable legal risk and its financial implications. C. Route non-compliance issues to appropriate areas.

False Claims Act Policy Effective Date 01/01/2007 Compliance Manual

Customer-Facing Information Security Policy

Message from the Co-Chairmen and Chief Executive Officers

September 28, Audit s Role in Governance, Risk Management and Internal Control

How To Prevent Fraud On A Credit Card

BUSINESS CONDUCT POLICY

Fraud Risk Management Procedures

MALAYSIAN TECHNOLOGY DEVELOPMENT CORPORATION SDN. BHD.

Data Security Incident Response Plan. [Insert Organization Name]

Fraud Awareness and Prevention Program Report

Information Security Awareness Training and Phishing

Financial Services Group

Centre for Corporate Governance. Sample listing of fraud schemes

Procurement Fraud Identification & Role of Data Mining

YMCA of High Point Whistleblower Policy and Procedure

Revised 05/22/14 P a g e 1

UNIVERSAL INSURANCE HOLDINGS, INC. CODE OF BUSINESS CONDUCT AND ETHICS. Revised as of March 3, 2014

Copyright 2012, General Dynamics Information Technology. All Rights Reserved.

ACFE FRAUD PREVENTION CHECK-UP

SCAN Health Plan Policy and Procedure Number: CRP-0067, False Claims Act & Deficit Reduction Act 2005

Commonwealth Fraud Control Guidelines Annual Reporting Questionnaire

Internal Control Risks Associated with Information Technology. Kevin M. Bronner, Ph.D.

INTERNATIONAL STANDARD ON AUDITING (UK AND IRELAND) 240 THE AUDITOR S RESPONSIBILITY TO CONSIDER FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS CONTENTS

The Merchant. Skimming is No Laughing Matter. A hand held skimming device. These devices can easily be purchased online.

Fraud, Waste and Abuse Prevention and Education Policy

Whistleblowing Policy. Page 2 of 15. Copyright statement. United Gulf Bank B.S.C. 2011

INTRODUCTION. Identity Theft Crime Victim Assistance Kit

The Whistle Blower Policy

SEKO Logistics Anti-Corruption and Foreign Corrupt Practices Act Policy

CORPORATE GOVERNANCE

OMNI TECHNICAL SOLUTIONS. Business Ethics, Compliance, Anti-Corruption and Anti-Money Laundering Policy

FRAUD RISK IN PUBLIC PROCUREMENT NATIONAL PUBLIC ENTITIES RISK MANAGEMENT FORUM

Transcription:

Employee Embezzlement and Fraud Defending Against Insider Threats

Today s Approach An open dialogue and sharing of information regarding a common threat of internal losses. There is no guarantee that any or all of the measures discussed will eliminate fraud. The goal is to provide information that will assist in increasing the level of awareness that is necessary to reduce exposure to employee embezzlement and fraud.

Agenda Who and what is at risk? Who are the suspects? What methods are used? What is the average loss experience? How is fraud/embezzlement detected? What can be done to prevent it? Establishing and/or enhancing a Secure Business Culture within your organization.

Who is at risk? According to the latest study published by the Association of Certified Fraud Examiners (ACFE) in 2010, the most common victims of fraud were the banking/financial services, manufacturing and government/public administration sectors. Small businesses were more vulnerable due to a lack of anti-fraud controls.

What is at risk? Assets Cash, equipment, supplies, services, resources, personal property, etc. Information Networks & Data Intellectual property Company reputation & profitability.

Who are the suspects? Occupational Fraud is defined by the Association of Certified Fraud Examiners (ACFE) as: The use of one s occupation for personal enrichment through the deliberate misuse or misapplication of the employing organization s resources or assets.

Who are the suspects? According to the ACFE study, more than 80% of the frauds in their study were committed by individuals in one of six departments: accounting, operations, sales, executive/upper management, customer service or purchasing. In reality, fraud is committed by someone who has motive, means and opportunity.

What methods are used? Asset Misappropriation is the most common. Skimming cash. Falsifying expense reports. Forging company checks. Financial Statement Fraud is less common. Recording fictitious revenues. Concealing liabilities or expenses. Artificially inflating reported assets.

What methods are used? Corruption falls somewhere in the middle. Bribery Extortion Conflict of interest

Occupational Fraud and Abuse Classification System 2010 Association of Certified Fraud Examiners, Inc. 10

Average Loss Experience The ACFE fraud study included dollar loss and frequency numbers. The following two charts are based on 1,843 fraud reports that were received in connection with the study and of those, 1,822 included dollar amounts.

Occupational Frauds by Category (U.S. only) Frequency 4 4 The sum of percentages in this chart exceeds 100% because several cases involved schemes from more than one category. 2010 Association of Certified Fraud Examiners, Inc. 12

Occupational Frauds by Category (U.S. only) Median Loss 2010 Association of Certified Fraud Examiners, Inc.

How is fraud detected? Tips were the most common method of detection. Information came from employees, customers, vendors and competitors. Hotlines that offer anonymous reporting are considered one of the best options for tips. Internal and/or external audits, management review and account reconciliation. Accidentally

What can be done? Policies & Procedures Create and/or maintain clear standards regarding confidentiality and accountability. Obtain written acknowledgements of receipt and understanding. Clear up any questions or confusion before rather than after an incident. I didn t know that was against the rules. I didn t know we couldn t do that.

What can be done? Fraud Awareness Training for Everyone New hires and existing employees must be educated and made aware of the importance of working together to combat potential fraud. They must be told what to be on the look out for and how to report any suspicions, observations or concerns. They should be made aware of the consequences for those who commit fraud or steal from the company.

What can be done? Fraud Training for Managers Establish baselines and exceptions and ensure they are maintained. Be observant and question anomalies. Investigate, document and report any violations or incidents promptly to the appropriate individuals. Create /Maintain an Anti-Fraud Environment Encourage and promote honesty and integrity among employees, customers, vendors, etc. Set positive examples of the right way to do things at all levels of the organization.

What can be done? Create /Maintain an Anti-Fraud Environment Encourage and promote honesty and integrity among employees, customers, vendors, etc. Set positive examples of the right way to do things at all levels of the organization. Don t allow or take short cuts to avoid the right way. Don t accept everybody else does it as an excuse.

What can be done? Regularly conduct meetings with employees and encourage open communication with management about concerns or issues. Consider a hotline for anonymous reporting. If available, promote Employee Assistance Programs (EAP). Use bulletin boards, e-mail and/or corporate intranet to send out important reminders.

What can be done? Background Checks First line of defense Physical Security Controlled access to facilities and sensitive areas. Consider CCTV monitoring. Intrusion detection with quick response to violations. Ensure there is adequate lighting around the facility.

What can be done? Information Security Establish and maintain specific polices with regard to access and use of corporate network and company issued equipment. Require sign-offs from all employees with regard to these policies. Conduct the same level of background checks on independent contractors or agency employees having similar access to your network. They should also adhere to and acknowledge policies as described above. Investigate and resolve immediately any reported or discovered violations or intrusions.

What can be done? Review & Audit The effectiveness of policies and procedures should be measured before an incident occurs. Some form of ongoing monitoring should be in place to ensure that employees are adhering to these policies. Periodic and/or random internal and/or external audits should be conducted. Any violations found should be documented and corrected immediately and must include appropriate disciplinary action if warranted.

What can be done? In order to establish and/or maintain an antifraud program which includes employee participation at all levels, it must considered an integral component of the workplace environment. Some suggestions to help establish a secure business culture in support of this goal : Promote adherence to existing policies that work and fix the ones that don t.

Secure Business Culture If your office door and filing cabinets have locks, use them. Don t share your passwords or access cards/keys. Be careful not to leave papers or other identifying information in automobiles in plain view. Never leave personal property unattended in a public place or in vehicles even when locked. Keep confidential information confidential.

Secure Business Culture When it comes to concerns about an employee who is exhibiting unusual behavior or there are signs of wrongdoing, trust your instincts and don t second guess yourself. Don t look the other way. Don t intervene unless it is your responsibility to do so. Question and/or report things that don t look right no matter how trivial you may think it is. Encourage others to do the same.

Summary Preventing fraud and embezzlement is a process not a product. Effective security requires: Partnership, collaboration and cooperation All parties are serving a common interest Ineffective security results from: Resistance, disagreement, disapproval, disregard and disinterest which in most cases leads to program failure.

Thank You Questions or Comments? Alexander C. Sparaco CPP Baker St. Associates P.O. Box 5091 67 Federal Road Brookfield, CT 06804 203-775-1200 Al.sparaco@bakerstassoc.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information