SlideShare a Scribd company logo

ACCA-IIA Singapore Seminar 2015 Part 3 Fraud Risk Assessment

BillyCheuk
BillyCheuk

Leveraging your internal control process to prevent and manage internal fraud part 3

Business
1 of 29
ACCA-IIA Singapore Seminar Part 1  Part 3 Fraud Risk Management  Leveraging your internal control process to prevent and manage internal fraud  Tuesday, 6 October 2015  9:00am – 5:00pm 1
Principle 2 Fraud risk exposure should be assessed periodically by the organization to identify specific potential schemes and events that the organization needs to mitigate. 2
Key Principles 3 1. Fraud Risk Management Program 2. Fraud Risk Assessment 3. Fraud Prevention 4. Fraud Detection 5. Escalation, Investigation and Correction Fraud Risk Assessment • Risk Identification • Probability and Impact Analysis • Response
Fraud Risk Assessment  How might a fraud perpetrator exploit weaknesses in the system of controls?  How could a perpetrator override or circumvent controls?  What could a perpetrator do to conceal the fraud? 4
Fraud Risk Assessment 3 Key Elements Identify inherent fraud risk Gather information to obtain the population of fraud risks that could apply to the organization. Included in this process is the explicit consideration of all types of fraud schemes and scenarios; incentives, pressures, and opportunities to commit fraud; and IT fraud risks specific to the organization. Assess likelihood and significance of inherent fraud risk Assess the relative likelihood and potential significance of identified fraud risks. Based on historical information, known fraud schemes, and interviews with staff, including business process owners. Respond to reasonably likely and significant inherent and residual fraud risks Decide what the response should be to address the identified risks and perform a cost-benefit analysis of fraud risks over which the organization wants to implement controls or specific fraud detection procedures. 5
Fraud Risk Assessment Framework Identified Fraud Risks and Schemes Likelihood Significance People and/or Department Existing Anti-fraud Controls Controls Effectiveness Assessment Residual Risks Fraud Risk Response Financial reporting Revenue recognition -Backdating agreements -Channel stuffing - Inducing distributors to accept more product than necessary -Holding books open - Via recording detail transactions in a sub-ledger -Via recording top-side journal entries -Additional revenue risks Management estimates -Self insurance - Altering underlying detail claims and estimate data - Fraudulently changing underlying assumptions in estimation of liability - Allowance for bad debts - Altering underlying A/R aging to manipulate computation - Fraudulent input from sales persons or credit department on credit quality -Additional estimates Disclosures -Footnotes 6
Fraud Risk Assessment Framework Identified Fraud Risks and Schemes Likelihood Significance People and/or Department Existing Anti-fraud Controls Controls Effectiveness Assessment Residual Risks Fraud Risk Response Misappropriation of assets Cash/check - Point of sale -Accounts receivable application process -Master vendor file controls override - Additional risks -Inventory -Theft by customers -Theft by employees -Other assets at risk Corruption -Bribery -Aiding and abetting Other Risks 7
Risk Assessment Team  Accounting/finance personnel, who are familiar with the financial reporting process and internal controls.  Nonfinancial business unit and operations personnel, to leverage their knowledge of day-to- day operations, customer and vendor interactions, and general awareness of issues within the industry.  Risk management personnel, to ensure that the fraud risk assessment process integrates with the organization's ERM program.  Legal and compliance personnel, as the fraud risk assessment will identify risks that give rise to potential criminal, civil, and regulatory liability if the fraud or misconduct were to occur. 8
 Internal audit personnel, who will be familiar with the organization's internal controls and monitoring functions. In addition, internal auditors will be integral in developing and executing responses to significant risks that cannot be mitigated practically by preventive and detective controls.  If expertise is not available internally, external consultants with expertise in applicable standards, key risk indicators, anti-fraud methodology, control activities, and detection procedures.  Management, including senior management, business unit leaders, and significant process owners (e.g., accounting, sales, procurement, and operations) should participate in the assessment, as they are ultimately accountable for the effectiveness of the organization's fraud risk management efforts. 9
FraudRisk Identification Brainstorming Incentives Pressures Opportunities to commit fraud Risks of management override of controls The population of fraud risks relevant to the organization Regulatory and legal misconduct and reputation risk IT on fraud risks Risk Assessment Team 10
Population of FraudRisk  Understanding the organization's business processes  Identifying potential fraud schemes 1. through interviewing of staff; 2. brainstorming with staff; 3. reviewing complaints from the whistleblower hotline; 4. performing analytical procedures. 11
Major Categories of Fraud Fraudulent Financial Statement Misappropriation of Assets Corruption 12
Fraud Risk Assessment Source (4) How to identify possible misappropriation of assets TANGIBLE INTANGIBLE Q (1) What are the necessary “controls” relevant to the prevention and detection of misappropriation of assets? Q. (2) What are the relevant questions to ask? Group Discussion 13
Fraud Risk Assessment Source(4) Corruption = Misuse of entrusted power for private gain • US Foreign Corruption Practice Act 1977 – Apply to whom? • UK Bribery Act • National Law – Singapore ??? (Prevention of Corruption Act) PRC ??? (刑法 Criminal Law) Hong Kong – Prevention of Bribery Ordinance Group Discussion • Does US Foreign Corruption Practice Act or UK Bribery Act apply to your organization? • What are the controls to prevent and detect corruption? • What are the Corruption Perception Index in your country, your overseas operations? (See Transparency International Website) (p26) 14
Types of Fraud 1)Intentionalmanipulationoffinancialstatements,whichcanleadto: a) Inappropriately reported revenues. b) Inappropriately reported expenses. c) Inappropriately reflected balance sheet amounts, including reserves. d) Inappropriately improved and/or masked disclosures. e) Concealing misappropriation of assets. f) Concealing unauthorized receipts and expenditures. g) Concealing unauthorized acquisition, disposition, and use of assets. 15
2)Misappropriationof: a) Tangible assets by: i) Employees. ii) Customers. iii) Vendors. iv) Former employees and others outside the organization. b) Intangible assets. c) Proprietary business opportunities. 3) Corruption including: a) Bribery and gratuities to: i) Companies. ii) Private individuals. iii) Public officials. b)Receiptofbribes,kickbacks,andgratuities. c)Aidingandabettingfraudbyotherparties(e.g.,customers,vendors). 16
Information Technology and Fraud Risk Fraudulent Financial Reporting  Unauthorized access to accounting applications  Override of system controls Misappropriation of Assets  Theft of tangible assets  Theft of intangible assets Corruption  Misuse of customer data Examples of IT risks by area include: 17
Other Risks Regulatory and Legal Misconduct  Regulatory and legal misconduct includes a wide range of risks,  such as conflicts of interest, insider trading, theft of competitor trade secrets, anti-competitive practices, environmental violations, and trade and customs regulations in areas of import/export.  Depending on the particular organization and the nature of its business, some or all of these risks may be applicable and should be considered in the risk assessment process. 18
Other Risks Reputation Risk  Reputation risk is evaluated differently by different individuals, either as a separate risk or the end result of other risks (e.g., operational, regulatory, or financial reporting).  Fraudulent acts can damage an organization's reputation with customers, suppliers, and the capital markets. For example, fraud leading to a financial restatement damages an organization's reputation in the capital markets, which could increase the organization's cost of borrowing and depress its market capitalization. Because the board is responsible for the longevity of the organization and has responsibilities to multiple stakeholders, it should evaluate its performance regularly with respect to reputation risks and ensure that consideration of reputation risk is part of the organization's risk assessment process. 19
Assessing Likelihood and Significance of Potential Fraud Risk 0. 0.3 0.5 0.8 1. 1.3 0. 0.3 0.5 0.8 1. Likelihood Significance Department / People 20
#6 #3 #4 #1 #2 #5 #7 Likelihood and significance (grey = higher risk) Risks #1 –Shell company scheme #2 – Overpayment scheme #3 – Phony contractor scheme #4 – Personal travel expenses #5 – Fraudulent auditor/ inspector expenses #6 – Check Tampering #7 – Orders for personal supplies Likelihood Source : How Internal Auditing Can Help with a Company’s Fraud Issues QFINANCE by Gail Harden 21
Fraud Risk Assessment Accounts Receivable Process Owner: <Insert Process Owner Name> Fraud Risk Likelihood Significance Control Activity Preventive or Detective Has Audit tested Control? Date tested Result Action Plan Theft of cash receipts and. written off as bad debts High High Reconciliation of bad debt expense reserve With supervisory review. Detective Yes 1/10/06 OK Person posting Receivables does not also have system Access to make Journal entries to bad debt expense. Preventative Yes 1/10/06 OK Procedure exists and is followed to turn over delinquent Accounts to a third- party collections agency. Preventative Yes 1/10/06 OK Source : How Internal Auditing Can Help with a Company’s Fraud Issues QFINANCE by Gail Harden 22
Fraud Risk Likelihood Significance Control Activity Preventive or Detective Has Audit tested Control? Date tested Result Action Plan Accounts Receivables reconciled to the general ledger by Individual with no conflicting duties. Detective Yes 1/10/06 OK Accounting Manager authorization required to write off uncollectible accounts. Preventative Yes 1/10/06 OK Rebilling of past due items to change the # of days past due (To change DSO’s for example). Medium Medium Policy disallows cancelling And rebilling Invoices unless the Original was billed to the wrong client, or some other extenuating circumstances. Preventative Yes Source : How Internal Auditing Can Help with a Company’s Fraud Issues QFINANCE by Gail Harden23
Fraud Risk Likelihood Significance Control Activity Preventive or Detective Has Audit tested Control? Date tested Result Action Plan All credits require the use of a request form and approval from management According to an authorization matrix. Preventative Yes 1/10/06 OK Duties to input billing and credits to the AR system, approvals for credits, and Collections Activities are segregated. Preventative Yes 1/10/06 OK Source : How Internal Auditing Can Help with a Company’s Fraud Issues QFINANCE by Gail Harden24
Fraud Risk Likelihood Significance Control Activity Preventive or Detective Has Audit tested Control? Date tested Result Action Plan Kitting – writing Checks against Insufficient funds or unavailable funds and hoping the funds are Deposited or become available before the checks clear the account. Medium Low The Accounting Manager has a “cash card” where cash Receipts and Disbursements are logged. He Monitors the cash level and Transfers money from Savings when Necessary to cover disbursements. The Controller Approves the disbursement Batches and also has access to monitor the daily cash position. Preventative Yes 1/10/06 OK Source : How Internal Auditing Can Help with a Company’s Fraud Issues QFINANCE by Gail Harden 25
Fraud Risk Likelihood Significance Control Activity Preventive or Detective Has Audit tested Control? Date tested Result Action Plan ZBA Accounts – type of bank Account where funds are Transferred from a deposit Account to a disbursement account as disbursements Are Presented for payment. Preventative Company does not currently use ZBA accounts. Positive pay set up with the bank. This is a practice where the Company sends a file to the bank of all the disbursements Generated and the bank will only pay those that are on the file. Preventative Company is in Progress to set up this type of arrangement. Source: http://www.qfinance.com Source : How Internal Auditing Can Help with a Company’s Fraud Issues QFINANCE by Gail Harden 26
Response to Residual Fraud Risks  Depending on risk tolerance  Varies from organization to organization a. Accepting the risks? b. Increasing the controls over the area to mitigate the risk? c. Designing internal audit procedures to address specific fraud risks 27
Fraud Risk Management 28 Identity Potential Inherent Risk Assess Likelihood of the Identified Fraud Risk Evaluate Potential Suspects Evaluate their possible methods Identify & map out the existing prevention and detective controls to reduce fraud risks Evaluate whether the identifier controls are operating effectively & efficiently Identify & evaluate fraud risks regarding ineffective or non- existent controls Respond to residual fraud risks Source: Managing the business risk of fraud 2008 ACFE
Source: Managing the business risk of fraud 2008 ACFE 29 Physical Controls to Defer Theft & Fraud KEY EMPLOYEES Senior Executives Fraudulent Financial Reports Skimming Schemes Cash Larceny Scheme Theft of Proprietary Information Theft of Inventory & Equipment Cheques Tempering Schem Expenses Scheme Cash Register Scheme Corruption and FCPA Purchasing and Billing Scheme Payroll Scheme Ghost Workers Conflict of Interest Fraud Risk Assessment

Recommended

Fraud Risk Assessment- detection and prevention- Part- 2,
Fraud Risk Assessment- detection and prevention- Part- 2, Fraud Risk Assessment- detection and prevention- Part- 2,
Fraud Risk Assessment- detection and prevention- Part- 2,
Tahir Abbas
 
Fraud Risk Assessment
Fraud Risk AssessmentFraud Risk Assessment
Fraud Risk Assessment
Tahir Abbas
 
Fraud Prevention, Detection and Investigation in the Payday Advance Industry
Fraud Prevention, Detection and Investigation in the Payday Advance IndustryFraud Prevention, Detection and Investigation in the Payday Advance Industry
Fraud Prevention, Detection and Investigation in the Payday Advance Industry
DecosimoCPAs
 
Types of fraud in Accounting
Types of fraud in AccountingTypes of fraud in Accounting
Types of fraud in Accounting
Muhammad Qasim
 
Fraud Risk and Control
Fraud Risk and ControlFraud Risk and Control
Fraud Risk and Control
WeaverCPAs
 
Fraud risk management
Fraud risk managementFraud risk management
Fraud risk management
EMAC Consulting Group
 
Fraud Risk
Fraud RiskFraud Risk
Fraud Risk
F a h a d Z a f a r (Bradford MBA)
 
Red flags fraud
Red flags fraudRed flags fraud
Red flags fraud
Good Light Massage Center
 

Recommended

Fraud Risk Assessment- detection and prevention- Part- 2,
Fraud Risk Assessment- detection and prevention- Part- 2, Fraud Risk Assessment- detection and prevention- Part- 2,
Fraud Risk Assessment- detection and prevention- Part- 2,
Tahir Abbas
 
Fraud Risk Assessment
Fraud Risk AssessmentFraud Risk Assessment
Fraud Risk Assessment
Tahir Abbas
 
Fraud Prevention, Detection and Investigation in the Payday Advance Industry
Fraud Prevention, Detection and Investigation in the Payday Advance IndustryFraud Prevention, Detection and Investigation in the Payday Advance Industry
Fraud Prevention, Detection and Investigation in the Payday Advance Industry
DecosimoCPAs
 
Types of fraud in Accounting
Types of fraud in AccountingTypes of fraud in Accounting
Types of fraud in Accounting
Muhammad Qasim
 
Fraud Risk and Control
Fraud Risk and ControlFraud Risk and Control
Fraud Risk and Control
WeaverCPAs
 
Fraud risk management
Fraud risk managementFraud risk management
Fraud risk management
EMAC Consulting Group
 
Fraud Risk
Fraud RiskFraud Risk
Fraud Risk
F a h a d Z a f a r (Bradford MBA)
 
Red flags fraud
Red flags fraudRed flags fraud
Red flags fraud
Good Light Massage Center
 
Fraud Investigation
Fraud InvestigationFraud Investigation
Fraud Investigation
Salih Islam
 
Employee Fraud Prevention and Remedies
Employee Fraud Prevention and RemediesEmployee Fraud Prevention and Remedies
Employee Fraud Prevention and Remedies
SSDlaw
 
PRESENTATION ON FINANCIAL STATEMENT FRAUDS
PRESENTATION ON FINANCIAL STATEMENT FRAUDSPRESENTATION ON FINANCIAL STATEMENT FRAUDS
PRESENTATION ON FINANCIAL STATEMENT FRAUDS
RATAN AGARWALA
 
Forensic audit
Forensic auditForensic audit
Forensic audit
sandesh mundra
 
Business Intelligence For Anti-Money Laundering
Business Intelligence For Anti-Money LaunderingBusiness Intelligence For Anti-Money Laundering
Business Intelligence For Anti-Money Laundering
Kartik Mehta
 
Fraud Awareness For Managers
Fraud Awareness For ManagersFraud Awareness For Managers
Fraud Awareness For Managers
rickycfe
 
7 Keys to Fraud Prevention, Detection and Reporting
7 Keys to Fraud Prevention, Detection and Reporting7 Keys to Fraud Prevention, Detection and Reporting
7 Keys to Fraud Prevention, Detection and Reporting
Brown Smith Wallace
 
Fraud & Risk Management - A Guide to Good Practice
Fraud & Risk Management - A Guide to Good PracticeFraud & Risk Management - A Guide to Good Practice
Fraud & Risk Management - A Guide to Good Practice
Arianto Muditomo
 
Fraud investigations session 1 slides
Fraud investigations session 1 slidesFraud investigations session 1 slides
Fraud investigations session 1 slides
Zeeshan Shahid
 
Presentation-on-Fraud-Reporting.txt.ppt
Presentation-on-Fraud-Reporting.txt.pptPresentation-on-Fraud-Reporting.txt.ppt
Presentation-on-Fraud-Reporting.txt.ppt
pramodmurkya13
 
Fraud Detection presentation
Fraud Detection presentationFraud Detection presentation
Fraud Detection presentation
Hernan Huwyler
 
7 keys to fraud prevention
7 keys to fraud prevention7 keys to fraud prevention
7 keys to fraud prevention
Ron Steinkamp
 
Fraud principles1
Fraud principles1Fraud principles1
Fraud principles1
Sevisa Isufaj
 
Fraud Risk Awareness
Fraud Risk AwarenessFraud Risk Awareness
Fraud Risk Awareness
Adnan Khuram Hayat
 
Fraud analytics
Fraud analyticsFraud analytics
Fraud analytics
Simran Mondal
 
Types of Fraud.pptx
Types of Fraud.pptxTypes of Fraud.pptx
Types of Fraud.pptx
Suchita Rawat
 
forensic accounting india
forensic accounting indiaforensic accounting india
forensic accounting india
Mayank Garg
 
Fraud Prevention
Fraud PreventionFraud Prevention
Fraud Prevention
Gerald Johnson
 
Fraud risk management and interrogation techniques part ii
Fraud risk management and interrogation techniques part iiFraud risk management and interrogation techniques part ii
Fraud risk management and interrogation techniques part ii
EMAC Consulting Group
 
Fraud risk management training - Elsam Management Consultants
Fraud risk management training - Elsam Management ConsultantsFraud risk management training - Elsam Management Consultants
Fraud risk management training - Elsam Management Consultants
EMAC Consulting Group
 
Smarter Safety: Flere data, færre kriminelle handlinger, Mauritz Gilberg & St...
Smarter Safety: Flere data, færre kriminelle handlinger, Mauritz Gilberg & St...Smarter Safety: Flere data, færre kriminelle handlinger, Mauritz Gilberg & St...
Smarter Safety: Flere data, færre kriminelle handlinger, Mauritz Gilberg & St...
IBM Danmark
 
CyberSource MRC Survey - Top 9 Fraud Attacks and Winning Mitigating Strategie...
CyberSource MRC Survey - Top 9 Fraud Attacks and Winning Mitigating Strategie...CyberSource MRC Survey - Top 9 Fraud Attacks and Winning Mitigating Strategie...
CyberSource MRC Survey - Top 9 Fraud Attacks and Winning Mitigating Strategie...
Visa
 

More Related Content

What's hot

Fraud Awareness For Managers
Fraud Awareness For ManagersFraud Awareness For Managers
Fraud Awareness For Managers
rickycfe
 
7 keys to fraud prevention
7 keys to fraud prevention7 keys to fraud prevention
7 keys to fraud prevention
Ron Steinkamp
 
forensic accounting india
forensic accounting indiaforensic accounting india
forensic accounting india
Mayank Garg
 

What's hot (20)

Fraud Investigation
Fraud InvestigationFraud Investigation
Fraud Investigation
 
Employee Fraud Prevention and Remedies
Employee Fraud Prevention and RemediesEmployee Fraud Prevention and Remedies
Employee Fraud Prevention and Remedies
 
PRESENTATION ON FINANCIAL STATEMENT FRAUDS
PRESENTATION ON FINANCIAL STATEMENT FRAUDSPRESENTATION ON FINANCIAL STATEMENT FRAUDS
PRESENTATION ON FINANCIAL STATEMENT FRAUDS
 
Forensic audit
Forensic auditForensic audit
Forensic audit
 
Business Intelligence For Anti-Money Laundering
Business Intelligence For Anti-Money LaunderingBusiness Intelligence For Anti-Money Laundering
Business Intelligence For Anti-Money Laundering
 
Fraud Awareness For Managers
Fraud Awareness For ManagersFraud Awareness For Managers
Fraud Awareness For Managers
 
7 Keys to Fraud Prevention, Detection and Reporting
7 Keys to Fraud Prevention, Detection and Reporting7 Keys to Fraud Prevention, Detection and Reporting
7 Keys to Fraud Prevention, Detection and Reporting
 
Fraud & Risk Management - A Guide to Good Practice
Fraud & Risk Management - A Guide to Good PracticeFraud & Risk Management - A Guide to Good Practice
Fraud & Risk Management - A Guide to Good Practice
 
Fraud investigations session 1 slides
Fraud investigations session 1 slidesFraud investigations session 1 slides
Fraud investigations session 1 slides
 
Presentation-on-Fraud-Reporting.txt.ppt
Presentation-on-Fraud-Reporting.txt.pptPresentation-on-Fraud-Reporting.txt.ppt
Presentation-on-Fraud-Reporting.txt.ppt
 
Fraud Detection presentation
Fraud Detection presentationFraud Detection presentation
Fraud Detection presentation
 
7 keys to fraud prevention
7 keys to fraud prevention7 keys to fraud prevention
7 keys to fraud prevention
 
Fraud principles1
Fraud principles1Fraud principles1
Fraud principles1
 
Fraud Risk Awareness
Fraud Risk AwarenessFraud Risk Awareness
Fraud Risk Awareness
 
Fraud analytics
Fraud analyticsFraud analytics
Fraud analytics
 
Types of Fraud.pptx
Types of Fraud.pptxTypes of Fraud.pptx
Types of Fraud.pptx
 
forensic accounting india
forensic accounting indiaforensic accounting india
forensic accounting india
 
Fraud Prevention
Fraud PreventionFraud Prevention
Fraud Prevention
 
Fraud risk management and interrogation techniques part ii
Fraud risk management and interrogation techniques part iiFraud risk management and interrogation techniques part ii
Fraud risk management and interrogation techniques part ii
 
Fraud risk management training - Elsam Management Consultants
Fraud risk management training - Elsam Management ConsultantsFraud risk management training - Elsam Management Consultants
Fraud risk management training - Elsam Management Consultants
 

Viewers also liked

CyberSource MRC Survey - Top 9 Fraud Attacks and Winning Mitigating Strategie...
CyberSource MRC Survey - Top 9 Fraud Attacks and Winning Mitigating Strategie...CyberSource MRC Survey - Top 9 Fraud Attacks and Winning Mitigating Strategie...
CyberSource MRC Survey - Top 9 Fraud Attacks and Winning Mitigating Strategie...
Visa
 
FORUM 2013 Entreprise risk management: fact or fiction
FORUM 2013 Entreprise risk management: fact or fictionFORUM 2013 Entreprise risk management: fact or fiction
FORUM 2013 Entreprise risk management: fact or fiction
FERMA
 
Approach note on internal audit [compatibility mode]
Approach note on internal audit [compatibility mode]Approach note on internal audit [compatibility mode]
Approach note on internal audit [compatibility mode]
Deep Kumar Mendiratta
 
Employees And Fraud Risks - UiTM Masters in Accounting Special Lecture
Employees And Fraud Risks - UiTM Masters in Accounting Special LectureEmployees And Fraud Risks - UiTM Masters in Accounting Special Lecture
Employees And Fraud Risks - UiTM Masters in Accounting Special Lecture
Kenny Ong
 
Phx Fraud And Abuse Training Module
Phx Fraud And Abuse Training ModulePhx Fraud And Abuse Training Module
Phx Fraud And Abuse Training Module
PHXONLINE
 

Viewers also liked (18)

Smarter Safety: Flere data, færre kriminelle handlinger, Mauritz Gilberg & St...
Smarter Safety: Flere data, færre kriminelle handlinger, Mauritz Gilberg & St...Smarter Safety: Flere data, færre kriminelle handlinger, Mauritz Gilberg & St...
Smarter Safety: Flere data, færre kriminelle handlinger, Mauritz Gilberg & St...
 
CyberSource MRC Survey - Top 9 Fraud Attacks and Winning Mitigating Strategie...
CyberSource MRC Survey - Top 9 Fraud Attacks and Winning Mitigating Strategie...CyberSource MRC Survey - Top 9 Fraud Attacks and Winning Mitigating Strategie...
CyberSource MRC Survey - Top 9 Fraud Attacks and Winning Mitigating Strategie...
 
FORUM 2013 Entreprise risk management: fact or fiction
FORUM 2013 Entreprise risk management: fact or fictionFORUM 2013 Entreprise risk management: fact or fiction
FORUM 2013 Entreprise risk management: fact or fiction
 
2014 march falcon business fraud classification model (3attendees)
2014 march falcon business fraud classification model (3attendees)2014 march falcon business fraud classification model (3attendees)
2014 march falcon business fraud classification model (3attendees)
 
Payroll Fraud by Andrew Firth, Forensic Accountant
Payroll Fraud by Andrew Firth, Forensic AccountantPayroll Fraud by Andrew Firth, Forensic Accountant
Payroll Fraud by Andrew Firth, Forensic Accountant
 
Approach note on internal audit [compatibility mode]
Approach note on internal audit [compatibility mode]Approach note on internal audit [compatibility mode]
Approach note on internal audit [compatibility mode]
 
Acfe jan 2017 cs ppt
Acfe jan 2017 cs pptAcfe jan 2017 cs ppt
Acfe jan 2017 cs ppt
 
Fraud Risk Consulting - Falcon Hawk, Gurgaon, India
Fraud Risk Consulting - Falcon Hawk, Gurgaon, IndiaFraud Risk Consulting - Falcon Hawk, Gurgaon, India
Fraud Risk Consulting - Falcon Hawk, Gurgaon, India
 
Leveraging Technology Using Keyword Analytics in Fraud and Compliance Monitoring
Leveraging Technology Using Keyword Analytics in Fraud and Compliance MonitoringLeveraging Technology Using Keyword Analytics in Fraud and Compliance Monitoring
Leveraging Technology Using Keyword Analytics in Fraud and Compliance Monitoring
 
McKonly & Asbury Webinar - Fraud Prevention and Detection: Surprise Fraudster...
McKonly & Asbury Webinar - Fraud Prevention and Detection: Surprise Fraudster...McKonly & Asbury Webinar - Fraud Prevention and Detection: Surprise Fraudster...
McKonly & Asbury Webinar - Fraud Prevention and Detection: Surprise Fraudster...
 
The Wells Fargo Fraud and Brand Culture Disconnect
The Wells Fargo Fraud and Brand Culture Disconnect The Wells Fargo Fraud and Brand Culture Disconnect
The Wells Fargo Fraud and Brand Culture Disconnect
 
Tips for Recognizing Fraud
Tips for Recognizing FraudTips for Recognizing Fraud
Tips for Recognizing Fraud
 
Employees And Fraud Risks - UiTM Masters in Accounting Special Lecture
Employees And Fraud Risks - UiTM Masters in Accounting Special LectureEmployees And Fraud Risks - UiTM Masters in Accounting Special Lecture
Employees And Fraud Risks - UiTM Masters in Accounting Special Lecture
 
Forensic line - fraud prevention and detection tool
Forensic line - fraud prevention and detection toolForensic line - fraud prevention and detection tool
Forensic line - fraud prevention and detection tool
 
Risk culture presentation
Risk culture presentationRisk culture presentation
Risk culture presentation
 
Risk Culture, Risk What?
Risk Culture, Risk What?Risk Culture, Risk What?
Risk Culture, Risk What?
 
Phx Fraud And Abuse Training Module
Phx Fraud And Abuse Training ModulePhx Fraud And Abuse Training Module
Phx Fraud And Abuse Training Module
 
Fight Fraud with Employee Fraud Training
Fight Fraud with Employee Fraud TrainingFight Fraud with Employee Fraud Training
Fight Fraud with Employee Fraud Training
 

Similar to ACCA-IIA Singapore Seminar 2015 Part 3 Fraud Risk Assessment

09/16/2009 Meeting - Fraud In A Downturn
09/16/2009 Meeting - Fraud In A Downturn09/16/2009 Meeting - Fraud In A Downturn
09/16/2009 Meeting - Fraud In A Downturn
acfesj
 
Fraud Management ppt.pptx
Fraud Management ppt.pptxFraud Management ppt.pptx
Fraud Management ppt.pptx
jaramulat
 
ComplianceOnline PPT Format 2015 Developing an Effective Fraud Risk Managemen...
ComplianceOnline PPT Format 2015 Developing an Effective Fraud Risk Managemen...ComplianceOnline PPT Format 2015 Developing an Effective Fraud Risk Managemen...
ComplianceOnline PPT Format 2015 Developing an Effective Fraud Risk Managemen...
Craig Taggart
 

Similar to ACCA-IIA Singapore Seminar 2015 Part 3 Fraud Risk Assessment (20)

Improving and Implementing Internal Controls
Improving and Implementing Internal ControlsImproving and Implementing Internal Controls
Improving and Implementing Internal Controls
 
Doculabs 2014 risk and compliance practice introduction finance
Doculabs 2014 risk and compliance practice introduction financeDoculabs 2014 risk and compliance practice introduction finance
Doculabs 2014 risk and compliance practice introduction finance
 
09/16/2009 Meeting - Fraud In A Downturn
09/16/2009 Meeting - Fraud In A Downturn09/16/2009 Meeting - Fraud In A Downturn
09/16/2009 Meeting - Fraud In A Downturn
 
Fraud Management ppt.pptx
Fraud Management ppt.pptxFraud Management ppt.pptx
Fraud Management ppt.pptx
 
Fraud Training for Auditees (1).pptx
Fraud Training for Auditees (1).pptxFraud Training for Auditees (1).pptx
Fraud Training for Auditees (1).pptx
 
A Paradigm Shift in Audit Process
A Paradigm Shift in Audit ProcessA Paradigm Shift in Audit Process
A Paradigm Shift in Audit Process
 
How to assess risk for a company
How to assess risk for a companyHow to assess risk for a company
How to assess risk for a company
 
Kenya AMC Presentation 2
Kenya AMC Presentation 2Kenya AMC Presentation 2
Kenya AMC Presentation 2
 
How to Assess Integrity Risks for a Company ?
How to Assess Integrity Risks for a Company ?How to Assess Integrity Risks for a Company ?
How to Assess Integrity Risks for a Company ?
 
Fraud, bribery and corruption: Protecting reputation and value
Fraud, bribery and corruption: Protecting reputation and valueFraud, bribery and corruption: Protecting reputation and value
Fraud, bribery and corruption: Protecting reputation and value
 
Dr haluk f gursel fraud examination rises to distinction article grcj 2010 1_v3_
Dr haluk f gursel fraud examination rises to distinction article grcj 2010 1_v3_Dr haluk f gursel fraud examination rises to distinction article grcj 2010 1_v3_
Dr haluk f gursel fraud examination rises to distinction article grcj 2010 1_v3_
 
Setting Up and Managing an Anonymous Fraud Hotline
Setting Up and Managing an Anonymous Fraud HotlineSetting Up and Managing an Anonymous Fraud Hotline
Setting Up and Managing an Anonymous Fraud Hotline
 
ComplianceOnline PPT Format 2015 Developing an Effective Fraud Risk Managemen...
ComplianceOnline PPT Format 2015 Developing an Effective Fraud Risk Managemen...ComplianceOnline PPT Format 2015 Developing an Effective Fraud Risk Managemen...
ComplianceOnline PPT Format 2015 Developing an Effective Fraud Risk Managemen...
 
Financial crime compliance
Financial crime complianceFinancial crime compliance
Financial crime compliance
 
Society of Corporate Compliance and Ethics SCCE 2015 developing an effective ...
Society of Corporate Compliance and Ethics SCCE 2015 developing an effective ...Society of Corporate Compliance and Ethics SCCE 2015 developing an effective ...
Society of Corporate Compliance and Ethics SCCE 2015 developing an effective ...
 
AML Meets ABC Webinar Deck 2-19-14
AML Meets ABC Webinar Deck 2-19-14AML Meets ABC Webinar Deck 2-19-14
AML Meets ABC Webinar Deck 2-19-14
 
Case study on forensic audit
Case study on forensic auditCase study on forensic audit
Case study on forensic audit
 
Anti fraud program
Anti fraud programAnti fraud program
Anti fraud program
 
E-book: How to manage Anti-Money Laundering and Counter Financing of Terroris...
E-book: How to manage Anti-Money Laundering and Counter Financing of Terroris...E-book: How to manage Anti-Money Laundering and Counter Financing of Terroris...
E-book: How to manage Anti-Money Laundering and Counter Financing of Terroris...
 
Fraud Risk Management | Fraud Risk Assessment - EY India
Fraud Risk Management | Fraud Risk Assessment - EY IndiaFraud Risk Management | Fraud Risk Assessment - EY India
Fraud Risk Management | Fraud Risk Assessment - EY India
 

More from BillyCheuk

HKLPA - CK CHO's Presentation on Internal Control Framework
HKLPA - CK CHO's Presentation on Internal Control FrameworkHKLPA - CK CHO's Presentation on Internal Control Framework
HKLPA - CK CHO's Presentation on Internal Control Framework
BillyCheuk
 

More from BillyCheuk (6)

ACCA-IIA Singapore Seminar 2015 Part 5 Investigation
ACCA-IIA Singapore Seminar 2015 Part 5 InvestigationACCA-IIA Singapore Seminar 2015 Part 5 Investigation
ACCA-IIA Singapore Seminar 2015 Part 5 Investigation
 
ACC-IIA Singapore Seminar 2015 Part 4 Prevention and Detection
ACC-IIA Singapore Seminar 2015 Part 4 Prevention and DetectionACC-IIA Singapore Seminar 2015 Part 4 Prevention and Detection
ACC-IIA Singapore Seminar 2015 Part 4 Prevention and Detection
 
ACCA-IIA Singapore Seminar 2015 part 2 fraud risk governance
ACCA-IIA Singapore Seminar 2015 part 2 fraud risk governanceACCA-IIA Singapore Seminar 2015 part 2 fraud risk governance
ACCA-IIA Singapore Seminar 2015 part 2 fraud risk governance
 
ACCA-IIA Singapore Seminar 2015 Part 1 Introduction
ACCA-IIA Singapore Seminar 2015 Part 1 IntroductionACCA-IIA Singapore Seminar 2015 Part 1 Introduction
ACCA-IIA Singapore Seminar 2015 Part 1 Introduction
 
Fighting Corruption: Changing the Systems and Processes
Fighting Corruption: Changing the Systems and ProcessesFighting Corruption: Changing the Systems and Processes
Fighting Corruption: Changing the Systems and Processes
 
HKLPA - CK CHO's Presentation on Internal Control Framework
HKLPA - CK CHO's Presentation on Internal Control FrameworkHKLPA - CK CHO's Presentation on Internal Control Framework
HKLPA - CK CHO's Presentation on Internal Control Framework
 

Recently uploaded

Pre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptxPre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptx
Roofing Contractor
 
Challenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
Challenges and Opportunities: A Qualitative Study on Tax Compliance in PakistanChallenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
Challenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
vineshkumarsajnani12
 
GUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book now
GUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book nowGUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book now
GUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book now
kapoorjyoti4444
 
Mckinsey foundation level Handbook for Viewing
Mckinsey foundation level Handbook for ViewingMckinsey foundation level Handbook for Viewing
Mckinsey foundation level Handbook for Viewing
Nauman Safdar
 
Jual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan Cytotec
Jual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan CytotecJual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan Cytotec
Jual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan Cytotec
ZurliaSoop
 
Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentation
uneakwhite
 
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al MizharAl Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
allensay1
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
daisycvs
 

Recently uploaded (20)

How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League City
 
Pre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptxPre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptx
 
Challenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
Challenges and Opportunities: A Qualitative Study on Tax Compliance in PakistanChallenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
Challenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
 
Falcon Invoice Discounting: Empowering Your Business Growth
Falcon Invoice Discounting: Empowering Your Business GrowthFalcon Invoice Discounting: Empowering Your Business Growth
Falcon Invoice Discounting: Empowering Your Business Growth
 
Marel Q1 2024 Investor Presentation from May 8, 2024
Marel Q1 2024 Investor Presentation from May 8, 2024Marel Q1 2024 Investor Presentation from May 8, 2024
Marel Q1 2024 Investor Presentation from May 8, 2024
 
New 2024 Cannabis Edibles Investor Pitch Deck Template
New 2024 Cannabis Edibles Investor Pitch Deck TemplateNew 2024 Cannabis Edibles Investor Pitch Deck Template
New 2024 Cannabis Edibles Investor Pitch Deck Template
 
WheelTug Short Pitch Deck 2024 | Byond Insights
WheelTug Short Pitch Deck 2024 | Byond InsightsWheelTug Short Pitch Deck 2024 | Byond Insights
WheelTug Short Pitch Deck 2024 | Byond Insights
 
Putting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptxPutting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptx
 
GUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book now
GUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book nowGUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book now
GUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book now
 
Horngren’s Cost Accounting A Managerial Emphasis, Canadian 9th edition soluti...
Horngren’s Cost Accounting A Managerial Emphasis, Canadian 9th edition soluti...Horngren’s Cost Accounting A Managerial Emphasis, Canadian 9th edition soluti...
Horngren’s Cost Accounting A Managerial Emphasis, Canadian 9th edition soluti...
 
JAJPUR CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN JAJPUR ESCORTS
JAJPUR CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN JAJPUR ESCORTSJAJPUR CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN JAJPUR ESCORTS
JAJPUR CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN JAJPUR ESCORTS
 
Berhampur Call Girl Just Call 8084732287 Top Class Call Girl Service Available
Berhampur Call Girl Just Call 8084732287 Top Class Call Girl Service AvailableBerhampur Call Girl Just Call 8084732287 Top Class Call Girl Service Available
Berhampur Call Girl Just Call 8084732287 Top Class Call Girl Service Available
 
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGBerhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
 
Mckinsey foundation level Handbook for Viewing
Mckinsey foundation level Handbook for ViewingMckinsey foundation level Handbook for Viewing
Mckinsey foundation level Handbook for Viewing
 
Jual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan Cytotec
Jual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan CytotecJual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan Cytotec
Jual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan Cytotec
 
Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentation
 
PHX May 2024 Corporate Presentation Final
PHX May 2024 Corporate Presentation FinalPHX May 2024 Corporate Presentation Final
PHX May 2024 Corporate Presentation Final
 
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al MizharAl Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
 
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 MonthsSEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
 

ACCA-IIA Singapore Seminar 2015 Part 3 Fraud Risk Assessment

  • 1. ACCA-IIA Singapore Seminar Part 1  Part 3 Fraud Risk Management  Leveraging your internal control process to prevent and manage internal fraud  Tuesday, 6 October 2015  9:00am – 5:00pm 1
  • 2. Principle 2 Fraud risk exposure should be assessed periodically by the organization to identify specific potential schemes and events that the organization needs to mitigate. 2
  • 3. Key Principles 3 1. Fraud Risk Management Program 2. Fraud Risk Assessment 3. Fraud Prevention 4. Fraud Detection 5. Escalation, Investigation and Correction Fraud Risk Assessment • Risk Identification • Probability and Impact Analysis • Response
  • 4. Fraud Risk Assessment  How might a fraud perpetrator exploit weaknesses in the system of controls?  How could a perpetrator override or circumvent controls?  What could a perpetrator do to conceal the fraud? 4
  • 5. Fraud Risk Assessment 3 Key Elements Identify inherent fraud risk Gather information to obtain the population of fraud risks that could apply to the organization. Included in this process is the explicit consideration of all types of fraud schemes and scenarios; incentives, pressures, and opportunities to commit fraud; and IT fraud risks specific to the organization. Assess likelihood and significance of inherent fraud risk Assess the relative likelihood and potential significance of identified fraud risks. Based on historical information, known fraud schemes, and interviews with staff, including business process owners. Respond to reasonably likely and significant inherent and residual fraud risks Decide what the response should be to address the identified risks and perform a cost-benefit analysis of fraud risks over which the organization wants to implement controls or specific fraud detection procedures. 5
  • 6. Fraud Risk Assessment Framework Identified Fraud Risks and Schemes Likelihood Significance People and/or Department Existing Anti-fraud Controls Controls Effectiveness Assessment Residual Risks Fraud Risk Response Financial reporting Revenue recognition -Backdating agreements -Channel stuffing - Inducing distributors to accept more product than necessary -Holding books open - Via recording detail transactions in a sub-ledger -Via recording top-side journal entries -Additional revenue risks Management estimates -Self insurance - Altering underlying detail claims and estimate data - Fraudulently changing underlying assumptions in estimation of liability - Allowance for bad debts - Altering underlying A/R aging to manipulate computation - Fraudulent input from sales persons or credit department on credit quality -Additional estimates Disclosures -Footnotes 6
  • 7. Fraud Risk Assessment Framework Identified Fraud Risks and Schemes Likelihood Significance People and/or Department Existing Anti-fraud Controls Controls Effectiveness Assessment Residual Risks Fraud Risk Response Misappropriation of assets Cash/check - Point of sale -Accounts receivable application process -Master vendor file controls override - Additional risks -Inventory -Theft by customers -Theft by employees -Other assets at risk Corruption -Bribery -Aiding and abetting Other Risks 7
  • 8. Risk Assessment Team  Accounting/finance personnel, who are familiar with the financial reporting process and internal controls.  Nonfinancial business unit and operations personnel, to leverage their knowledge of day-to- day operations, customer and vendor interactions, and general awareness of issues within the industry.  Risk management personnel, to ensure that the fraud risk assessment process integrates with the organization's ERM program.  Legal and compliance personnel, as the fraud risk assessment will identify risks that give rise to potential criminal, civil, and regulatory liability if the fraud or misconduct were to occur. 8
  • 9.  Internal audit personnel, who will be familiar with the organization's internal controls and monitoring functions. In addition, internal auditors will be integral in developing and executing responses to significant risks that cannot be mitigated practically by preventive and detective controls.  If expertise is not available internally, external consultants with expertise in applicable standards, key risk indicators, anti-fraud methodology, control activities, and detection procedures.  Management, including senior management, business unit leaders, and significant process owners (e.g., accounting, sales, procurement, and operations) should participate in the assessment, as they are ultimately accountable for the effectiveness of the organization's fraud risk management efforts. 9
  • 10. FraudRisk Identification Brainstorming Incentives Pressures Opportunities to commit fraud Risks of management override of controls The population of fraud risks relevant to the organization Regulatory and legal misconduct and reputation risk IT on fraud risks Risk Assessment Team 10
  • 11. Population of FraudRisk  Understanding the organization's business processes  Identifying potential fraud schemes 1. through interviewing of staff; 2. brainstorming with staff; 3. reviewing complaints from the whistleblower hotline; 4. performing analytical procedures. 11
  • 12. Major Categories of Fraud Fraudulent Financial Statement Misappropriation of Assets Corruption 12
  • 13. Fraud Risk Assessment Source (4) How to identify possible misappropriation of assets TANGIBLE INTANGIBLE Q (1) What are the necessary “controls” relevant to the prevention and detection of misappropriation of assets? Q. (2) What are the relevant questions to ask? Group Discussion 13
  • 14. Fraud Risk Assessment Source(4) Corruption = Misuse of entrusted power for private gain • US Foreign Corruption Practice Act 1977 – Apply to whom? • UK Bribery Act • National Law – Singapore ??? (Prevention of Corruption Act) PRC ??? (刑法 Criminal Law) Hong Kong – Prevention of Bribery Ordinance Group Discussion • Does US Foreign Corruption Practice Act or UK Bribery Act apply to your organization? • What are the controls to prevent and detect corruption? • What are the Corruption Perception Index in your country, your overseas operations? (See Transparency International Website) (p26) 14
  • 15. Types of Fraud 1)Intentionalmanipulationoffinancialstatements,whichcanleadto: a) Inappropriately reported revenues. b) Inappropriately reported expenses. c) Inappropriately reflected balance sheet amounts, including reserves. d) Inappropriately improved and/or masked disclosures. e) Concealing misappropriation of assets. f) Concealing unauthorized receipts and expenditures. g) Concealing unauthorized acquisition, disposition, and use of assets. 15
  • 16. 2)Misappropriationof: a) Tangible assets by: i) Employees. ii) Customers. iii) Vendors. iv) Former employees and others outside the organization. b) Intangible assets. c) Proprietary business opportunities. 3) Corruption including: a) Bribery and gratuities to: i) Companies. ii) Private individuals. iii) Public officials. b)Receiptofbribes,kickbacks,andgratuities. c)Aidingandabettingfraudbyotherparties(e.g.,customers,vendors). 16
  • 17. Information Technology and Fraud Risk Fraudulent Financial Reporting  Unauthorized access to accounting applications  Override of system controls Misappropriation of Assets  Theft of tangible assets  Theft of intangible assets Corruption  Misuse of customer data Examples of IT risks by area include: 17
  • 18. Other Risks Regulatory and Legal Misconduct  Regulatory and legal misconduct includes a wide range of risks,  such as conflicts of interest, insider trading, theft of competitor trade secrets, anti-competitive practices, environmental violations, and trade and customs regulations in areas of import/export.  Depending on the particular organization and the nature of its business, some or all of these risks may be applicable and should be considered in the risk assessment process. 18
  • 19. Other Risks Reputation Risk  Reputation risk is evaluated differently by different individuals, either as a separate risk or the end result of other risks (e.g., operational, regulatory, or financial reporting).  Fraudulent acts can damage an organization's reputation with customers, suppliers, and the capital markets. For example, fraud leading to a financial restatement damages an organization's reputation in the capital markets, which could increase the organization's cost of borrowing and depress its market capitalization. Because the board is responsible for the longevity of the organization and has responsibilities to multiple stakeholders, it should evaluate its performance regularly with respect to reputation risks and ensure that consideration of reputation risk is part of the organization's risk assessment process. 19
  • 20. Assessing Likelihood and Significance of Potential Fraud Risk 0. 0.3 0.5 0.8 1. 1.3 0. 0.3 0.5 0.8 1. Likelihood Significance Department / People 20
  • 21. #6 #3 #4 #1 #2 #5 #7 Likelihood and significance (grey = higher risk) Risks #1 –Shell company scheme #2 – Overpayment scheme #3 – Phony contractor scheme #4 – Personal travel expenses #5 – Fraudulent auditor/ inspector expenses #6 – Check Tampering #7 – Orders for personal supplies Likelihood Source : How Internal Auditing Can Help with a Company’s Fraud Issues QFINANCE by Gail Harden 21
  • 22. Fraud Risk Assessment Accounts Receivable Process Owner: <Insert Process Owner Name> Fraud Risk Likelihood Significance Control Activity Preventive or Detective Has Audit tested Control? Date tested Result Action Plan Theft of cash receipts and. written off as bad debts High High Reconciliation of bad debt expense reserve With supervisory review. Detective Yes 1/10/06 OK Person posting Receivables does not also have system Access to make Journal entries to bad debt expense. Preventative Yes 1/10/06 OK Procedure exists and is followed to turn over delinquent Accounts to a third- party collections agency. Preventative Yes 1/10/06 OK Source : How Internal Auditing Can Help with a Company’s Fraud Issues QFINANCE by Gail Harden 22
  • 23. Fraud Risk Likelihood Significance Control Activity Preventive or Detective Has Audit tested Control? Date tested Result Action Plan Accounts Receivables reconciled to the general ledger by Individual with no conflicting duties. Detective Yes 1/10/06 OK Accounting Manager authorization required to write off uncollectible accounts. Preventative Yes 1/10/06 OK Rebilling of past due items to change the # of days past due (To change DSO’s for example). Medium Medium Policy disallows cancelling And rebilling Invoices unless the Original was billed to the wrong client, or some other extenuating circumstances. Preventative Yes Source : How Internal Auditing Can Help with a Company’s Fraud Issues QFINANCE by Gail Harden23
  • 24. Fraud Risk Likelihood Significance Control Activity Preventive or Detective Has Audit tested Control? Date tested Result Action Plan All credits require the use of a request form and approval from management According to an authorization matrix. Preventative Yes 1/10/06 OK Duties to input billing and credits to the AR system, approvals for credits, and Collections Activities are segregated. Preventative Yes 1/10/06 OK Source : How Internal Auditing Can Help with a Company’s Fraud Issues QFINANCE by Gail Harden24
  • 25. Fraud Risk Likelihood Significance Control Activity Preventive or Detective Has Audit tested Control? Date tested Result Action Plan Kitting – writing Checks against Insufficient funds or unavailable funds and hoping the funds are Deposited or become available before the checks clear the account. Medium Low The Accounting Manager has a “cash card” where cash Receipts and Disbursements are logged. He Monitors the cash level and Transfers money from Savings when Necessary to cover disbursements. The Controller Approves the disbursement Batches and also has access to monitor the daily cash position. Preventative Yes 1/10/06 OK Source : How Internal Auditing Can Help with a Company’s Fraud Issues QFINANCE by Gail Harden 25
  • 26. Fraud Risk Likelihood Significance Control Activity Preventive or Detective Has Audit tested Control? Date tested Result Action Plan ZBA Accounts – type of bank Account where funds are Transferred from a deposit Account to a disbursement account as disbursements Are Presented for payment. Preventative Company does not currently use ZBA accounts. Positive pay set up with the bank. This is a practice where the Company sends a file to the bank of all the disbursements Generated and the bank will only pay those that are on the file. Preventative Company is in Progress to set up this type of arrangement. Source: http://www.qfinance.com Source : How Internal Auditing Can Help with a Company’s Fraud Issues QFINANCE by Gail Harden 26
  • 27. Response to Residual Fraud Risks  Depending on risk tolerance  Varies from organization to organization a. Accepting the risks? b. Increasing the controls over the area to mitigate the risk? c. Designing internal audit procedures to address specific fraud risks 27
  • 28. Fraud Risk Management 28 Identity Potential Inherent Risk Assess Likelihood of the Identified Fraud Risk Evaluate Potential Suspects Evaluate their possible methods Identify & map out the existing prevention and detective controls to reduce fraud risks Evaluate whether the identifier controls are operating effectively & efficiently Identify & evaluate fraud risks regarding ineffective or non- existent controls Respond to residual fraud risks Source: Managing the business risk of fraud 2008 ACFE
  • 29. Source: Managing the business risk of fraud 2008 ACFE 29 Physical Controls to Defer Theft & Fraud KEY EMPLOYEES Senior Executives Fraudulent Financial Reports Skimming Schemes Cash Larceny Scheme Theft of Proprietary Information Theft of Inventory & Equipment Cheques Tempering Schem Expenses Scheme Cash Register Scheme Corruption and FCPA Purchasing and Billing Scheme Payroll Scheme Ghost Workers Conflict of Interest Fraud Risk Assessment