Fraud survey-2009

1,333 views

Published on

Published in: Business, Economy & Finance
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,333
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Fraud survey-2009

  1. 1. ADVISORY KPMG FORENSIC Fraud Survey 2009
  2. 2. 1 Remarks of Deputy Attorney General David W. Ogden at the Compliance Week Keynote Address. Available at: http://www.usdoj.gov/dag/speeches/2009/dag-speech-090604.html 2 Address to Practising Law Institute’s “SEC Speaks in 2009” Program. Available at: http://www.sec.gov/news/speech/2009/ spch020609mls.htm We will protect investors and our capital markets by vigorously attacking securities fraud. We will ensure that recipients of federal financial rescue funds do not obtain them through fraud, or use them for improper purposes. And we will make sure that federal stimulus funds are well-spent by vigilantly protecting the integrity of federal procurement and grant processes.1 David W. Ogden Deputy Attorney General, Department of Justice June 4, 2009 A strong and reinvigorated SEC will be on the beat like never before to catch wrongdoers. But there needs to be a new era of responsibility on Wall Street and throughout our markets to ensure that wrongs don't occur in the first place.2 Mary Schapiro Chairman, Securities and Exchange Commission February 6, 2009
  3. 3. Contents KPMG Forensic Leadership Message 1 Detailed Findings 2 Prevalence, Nature, and Impact of Fraud and Misconduct Risks 2 Prevalence of Perceived Fraud and Misconduct Risks 2 Nature of Perceived Fraud and Misconduct Risks 2 Potential Impact of Fraud and Misconduct 4 Future Fraud and Misconduct Risk 5 Effectiveness of Fraud Risk Management Efforts 7 Enablers of Fraud and Misconduct 7 Knowledge of Fraud and Misconduct Risks 7 Detecting Fraud and Misconduct 8 Responding to Fraud or Misconduct 9 Areas for Improvement in Fraud Risk Management 9 Funding to Combat Fraud and Misconduct 11 Anticipated Assistance from External Advisors 11 Methodology 12
  4. 4. Fraud Survey 2009 1 KPMG Forensic Leadership Message Amidst the current economic downturn, and the pledges of renewed vigor of regulatory enforcement, our 2008–2009 Fraud Survey reveals serious challenges confronted by leaders in the public and private sectors. Since the latest economic downturn began, vast sums of market capitalization have been wiped out. Trillions more have been committed to stabilizing financial institutions, injecting liquidity into the capital markets, and jumpstarting the economy through infrastructure spending programs. The aftermath of the downturn has further uncovered numerous Ponzi schemes that caused investors to watch billions more vanish. Aside from questioning where yesterday’s money went, many remain concerned about where tomorrow’s money is going. To be sure, record levels of government spending may usher in record levels of fraud, waste, and abuse. Deals made to offload toxic assets may be exposed to self-dealing. In those industries outside the center of direct government intervention, managers may face downward pressure to do whatever it takes to “make the numbers” as analysts and creditors scrutinize financial results. And for those companies operating outside the United States, increased investigation and prosecution of anti-bribery and corruption laws mean employees and agents may trigger risks like never before. Our survey reveals the perceptions of senior executives across this new landscape as they consider the nature of fraud and misconduct risks in their organizations going forward, and the challenges they confront in their efforts to prevent, detect, and respond to such risks. Among our key findings: Nearly a third of executives expect some form of fraud or misconduct to rise in their organizations. Roughly• one-third of respondents (32 percent) said at least one of the categories of fraud (misappropriation of assets, fraudulent financial reporting, and other illegal or unethical acts) was going to increase during the next 12 months in their organization. The majority of executives cite fraud and misconduct as posing significant risks to their industry today.• Nearly two-thirds of executives (65 percent) reported that fraud and misconduct is a significant risk for their industry. If such wrongdoing were to be experienced, the greatest concern for over two-thirds of executives (71 percent) is the potential for a loss of public trust when market confidence is at a premium. Executives expect the threat of fraud to remain steady or rise in the coming year. About three out of four• executives believed that fraud and misconduct risks, such as misappropriation of assets and fraudulent financial reporting, will either stay the same or increase over the next 12 months (85 percent and 74 percent, respectively). Inadequate internal controls or compliance programs heighten the risks of fraud and misconduct. Two-• thirds of executives (66 percent) reported that inadequate internal controls or compliance programs at their organizations enable fraud and misconduct to go unchecked. Gaps exist in plans in place to address allegations of wrongdoing. Roughly a quarter of respondents• (27 percent) lack effective protocols on how investigations should be conducted and at what point the board of directors should be alerted to potential concerns. Likewise, roughly a third (33 percent) lacked protocols on how to remedy control breakdowns. Executives acknowledge room for improvement across most elements of their antifraud efforts. Those• areas where respondents cited the most amount of improvement needed include employee communication and training, technology-driven continuous auditing and monitoring techniques, and fraud and misconduct risk assessment (with 67 percent, 65 percent, and 60 percent of respondents, respectively, identifying at least moderate improvements needed). Succeeding in these turbulent times requires business leaders to ensure their controls are up to the challenge of confronting the fraud and misconduct risks in today’s environment. While lawmakers consider the possibility of systemic changes in regulations (and regulators), those companies that lead through better self- regulation will be equipped to shine their own light on a way forward. For more information about how the KPMG Forensic practice can help, please call 877-679-5764. Richard H. Girgenti National Practice Leader KPMG Forensic
  5. 5. 2 Fraud Survey 2009 Detailed Findings Prevalence, Nature, and Impact of Fraud and Misconduct Risks Perceived Fraud and Misconduct Risks We began by asking senior executives whether they viewed fraud and misconduct to be significant risks within their industry. Nearly two-thirds (65 percent) of all respondents answered in the affirmative. Q. Do you perceive fraud and misconduct to be a significant risk for your industry today? % Yes 65% No 34% May not add to 100% due to rounding. These results dovetail with the results from KPMG Forensic’s 2008–2009 Integrity Survey, wherein 74 percent of employees nationally reported that they had personally observed or had first-hand knowledge of wrongdoing within their organization during the previous 12 months.1 Nature of Perceived Fraud and Misconduct Risks Next, we sought to examine which categories of fraud and misconduct that executives believed pose the most significant risk to their organizations, allowing respondents to select from one of four categories, as shown in the table below. Q. Which of the following categories of fraud and misconduct pose the most significant risk to your organization? The nature of perceived fraud and misconduct risks varied by industry, for example, executives from consumer markets were more likely to cite asset misappropriation as a concern, whereas respondents from healthcare and pharmaceuticals tended to cite other illegal and/or unethical acts (such as bribery, corruption, market rigging, or conflicts of interest) as threats. % Misappropriation of assets (e.g., theft of cash, inventory, or intellectual property) 35% Other illegal or unethical acts (e.g., bribery, corruption, market rigging, or conflicts of interest) 31% Fraudulent financial reporting (e.g., intentional misstatement of revenue, assets, or liabilities) 14% All three are an equal threat 20% 1 See KPMG Forensic Integrity Survey 2008–2009. Available at www.us.kpmg.com.
  6. 6. Fraud Survey 2009 3 Q. Which of the following categories of fraud and misconduct pose the most significant risk to your organization? (Results by industry) As we bring cases in industries that were not previously a focus of FCPA enforcement actions, that does have the effect of causing a lot of players in that industry to wake up and pay attention.2 Mark Mendelsohn Deputy Chief, Fraud Section, Criminal Division U.S. Department of Justice 2 Portfolio.com, “Peeking Under the Table,” June 6, 2008 May not add to 100% due to rounding.
  7. 7. 4 Fraud Survey 2009 Potential Impact of Fraud and Misconduct To gauge the potential impact of fraud and misconduct, we asked senior managers what their organizations would be most concerned about, if fraud and misconduct were to occur. As the table below shows, more than two-thirds of executives – 71 percent – reported that they were most concerned about a potential loss of public trust resulting from fraud and misconduct within their organizations. A lower number, and yet more than half of respondents, reported being concerned about potential legal fines/sanctions (54 percent) or loss of new or existing customers (52 percent). Q. In addition to the direct dollar costs, which of the following would your organization be most concerned about if it were to experience fraud or misconduct?
  8. 8. Fraud Survey 2009 5 Future Fraud and Misconduct Risk Looking ahead over the coming year, we asked executives about the direction in which they expected fraud and misconduct risks to be headed. On the whole, most executives believed that fraud and misconduct risks will either stay the same or increase over the next twelve months. Q. During the next 12 months, do you see the following types of risks increasing, decreasing, or staying the same in your organization? Anticipated Direction of Fraud and Misconduct Risks in Specific Categories Stay the same Decrease Increase MISAPPROPRIATION OF ASSETS 25% 15% 60 % Stay the same Decrease Increase FRAUDULENT FINANCIAL REPORTING 8% 24% 66 % Stay the same Decrease Increase 20% 20% 60 % OTHER ILLEGAL OR UNETHICAL ACTS Stay the same Decrease Increase 20% 20% 60 % OTHER ILLEGAL OR UNETHICAL ACTS Does not add to 100% due to rounding. Of the categories of risk respondents cite as going up, we find anticipated increases in asset misappropriation (25 percent), other illegal and unethical acts (20 percent) and fraudulent financial reporting (8 percent). When we examine the percentage of respondents who cited at least one form of fraud and misconduct risk as increasing (i.e., regardless of specific category), we find the nearly one-third (32 percent) anticipate some type of increase. Anticipated Increase of Fraud and Misconduct Risk Across All Categories
  9. 9. 6 Fraud Survey 2009 Experience suggests that periods of economic downturn can bring about elevated conditions for fraud and misconduct. Typically referred to as a “fraud triangle,” these conditions include pressures, opportunities, and rationalizations for committing fraud. In the current environment, these increased risks may manifest themselves in the financial statement in multiple ways. Examples of red flags that gate keepers may wish to consider include: Revenue Recognition. It is helpful if corporate overseers understand how sale• transactions can be manipulated. When is a sale a temporary revenue-generating slight-of-hand that will come back for credit? Credit memos can provide indications of abuse. Credit memo activity reviews should occur throughout the year, and it may help to graph them to look for patterns. “Bill and hold” transactions have very specific tests that need to be met in order to record revenue. Specific controls and monitoring should be in place to ensure appropriate timing of revenue recognition. Large or unusual transactions near the end of a quarter should be flagged for specific review to be sure that revenue recognition criteria is met. Loan Covenants. The pressure becomes obvious when operating results or key• ratios approach loan covenant thresholds. Corporate gate keepers should pay close attention to financial data that affects covenants, and monitor when corporate loans come due for renewal. What are the covenants? What are potential trouble spots? What reported numbers are most sensitive to change and how can they impact covenants? What situations can lead to financial manipulation? Liability Accruals. There have been situations where companies have earnings per• share above market expectations, but choose to report lower earnings per share to match competitors. This allows the company to establish a rainy-day reserve. Audit committees may wish to inquire about unusual or unexpected changes in operating results, liabilities, or subjective contra accounts (i.e., positive or negative). An added proactive step is to ask for after-the-fact monitoring reports to establish if management’s estimates are reasonable. Subjectivity in the Balance Sheet. To understand how susceptible data is to• manipulation, directors should consider drilling down on subjective balance sheet accounts and their underlying assumptions and key drivers. Corporate overseers may wish to monitor valuation allowances, assumed rates of returns on pension assets, processes to value illiquid assets, contingency accruals, and environmental reserves. It is often helpful to think about these account movements in subjective areas in the context of what it takes to move earnings per share.
  10. 10. Fraud Survey 2009 7 Effectiveness of Fraud Risk Management Efforts Enablers of Fraud and Misconduct Management’s efforts to prevent, detect, and respond to fraud must be informed not only by its prevalence and nature, but also by the root causes of such misconduct. As such, we asked executives what factors may allow instances of fraud and misconduct to occur within their organizations. The most commonly cited were inadequate internal controls or compliance programs. Similarly, almost half of executives surveyed cited management override of controls, inadequate director oversight over management, and collusion between employees and third parties. A lower number of respondents, almost a third, cited collusion between management and third parties or between employees and management. Q. In your opinion, what most enables fraud and misconduct to occur within organizations today? % Inadequate internal controls or compliance programs 66% Management override of internal controls 47% Inadequate oversight by directors over management 44% Collusion between employees and third parties 43% Collusion between management and third parties 32% Collusion between employees and management 27% Other factors 4% Knowledge of Fraud and Misconduct Risks An organization’s ability to manage fraud risk can be facilitated by institutional knowledge of the ways in which such misconduct may occur. As such, we asked respondents to describe the level of knowledge within various functions with respect to the ways in which fraud and misconduct may occur. The vast majority of executives surveyed responded that their organization’s internal audit, legal, or compliance functions, as well as members of the audit committee and management, were at least moderately knowledgeable. Slightly fewer executives believed that employees were similarly knowledgeable in this respect. Q. How would you describe the level of knowledge of the following groups with regard to the ways in which fraud and misconduct can occur in your organization? High Moderate Low 11% 22% 67 % INTERNAL AUDIT FUNCTION High Moderate Low 12% 25% 63% LEGAL OR COMPLIANCE FUNCTION 27% 59% High Moderate Low 13% AUDIT COMMITTEE High Moderate Low 21% 58% 21% EMPLOYEES Does not add to 100% due to rounding.
  11. 11. 8 Fraud Survey 2009 High Moderate Low 10% 39% 50% MANAGEMENT High Moderate Low 21% 58% 21% EMPLOYEES Detecting Fraud and Misconduct We also asked executives through which sources they believed fraud and misconduct would mostly likely be uncovered within their organizations. Almost half of respondents believed their organization’s Internal Audit, Legal, or Compliance personnel were most likely to uncover fraud and misconduct. The next most likely sources, by a wide margin, were employee whistleblowers or line managers. Few executives (3 percent) believed that government regulators or law enforcement would be most likely to uncover fraud or misconduct. Q. Through which source do you believe your organization would be most likely to uncover fraud or misconduct? % Internal Audit, Legal, or Compliance personnel 47% Employee whistleblowers 20% Line managers 13% External auditors 9% Customers or suppliers 4% Government regulators or law enforcement 3% Other means 2% 3 Association of Certified Fraud Examiners 2008 Report to the Nation on Occupational Fraud and Abuse. Available at: http://www.acfe.com/resources/publications.asp While nearly half of the survey respondents believed frauds would most likely be discovered by their organizations’ Internal Audit, Legal, or Compliance functions, other data suggests that this may not be the case. For instance, according to survey data based on actual fraud cases from the Association of Certified Fraud Examiners, frauds were more likely to come to light through whistleblower tips than through audits, controls, or any other means.3 In addition, employees nationally who responded to KPMG Forensic’s 2008–2009 Integrity Survey cited Internal Audit as among the least likely channels to which they would feel comfortable reporting misconduct. Does not add to 100% due to rounding. Does not add to 100% due to rounding. High Moderate Low 21% 58% 21% EMPLOYEES
  12. 12. Fraud Survey 2009 9 Responding to Fraud or Misconduct We asked executives whether their organizations had effective protocols in place to address how their organizations respond when allegations of fraud arise. The majority of respondents reported having such protocols; however, some gaps arguably remain. For example, roughly a quarter of respondents lack effective protocols on how investigations should be conducted and at what point the board of directors should be alerted to potential concerns. Likewise, roughly a third lacked protocols on how to remedy control breakdowns. Q. In the event of the discovery of possible fraud or misconduct, which of the following does your organization have effective protocols to address? % Who should perform the investigation 80% How the investigation should be performed 73% When the board of directors should be notified 73% How to administer disciplinary action 70% How to determine the remedial action 67% When a voluntary disclosure to the government should be made 62% No formal protocols exist for how to respond to alleged fraud or misconduct 10% Areas for Improvement in Fraud Risk Management Although antifraud controls have increasingly become common within organizations, the degree to which they have been effectively designed and implemented often remains at issue. As such, we asked executives to opine on the extent to which they believed their organization’s approach to mitigating the risks of fraud and misconduct can be improved. Respondents acknowledged room for at least moderate improvement across the majority of their antifraud efforts. Those areas where respondents cited the most amount of improvement needed include employee communication and training, technology-driven continuous auditing and monitoring techniques, and fraud and misconduct risk assessment.
  13. 13. 10 Fraud Survey 2009 Q. How much room for improvement do you perceive in your organization’s approach to mitigate fraud and misconduct risks? Would you say minor, moderate, or significant room for improvement exists in the following areas? Minor Moderate Significant Employee communication and training 32% 52% 15% Technology-driven continuous auditing and monitoring techniques 31% 43% 22% Fraud and misconduct risk assessment 36% 46% 14% Strengthening controls to prevent similar instances of fraud or misconduct from reoccurring 43% 42% 14% Process-specific antifraud controls (e.g., procurement, sales) 44% 45% 9% Protocols for conducting due diligence on retaining third-party agents, consultants, or distributors 42% 42% 11% Executive and line management support 46% 43% 9% Protocols for administering discipline or holding individuals accountable 47% 35% 15% Protocols for voluntarily disclosing discovered instances of fraud and misconduct to the government 50% 34% 10% Internal audit and compliance functions 50% 35% 12% Protocols for conducting due diligence in hiring, retaining, and promoting employees 51% 35% 12% Protocols for conducting internal investigations 52% 35% 11% Standards of conduct, policies, and procedures 55% 30% 13% Board or audit committee oversight 54% 29% 12% Channels for reporting concerns about fraud or misconduct (e.g., hotlines) 59% 26% 12% May not add to 100% due to rounding.
  14. 14. Fraud Survey 2009 11 Anticipated Assistance from External Advisors We also sought to understand the top areas of assistance where executives believed their organization’s external advisors may be called upon to provide assistance. More than a third of respondents anticipated that external advisors may be called upon to assist in leveraging technology to identify fraud and misconduct risks, evaluating the effectiveness of compliance programs and related antifraud controls, and providing assistance with electronic discovery in response to litigation or regulatory inquiries. Q. What type of assistance, if any, do you anticipate seeking from external advisors in the next 12 months? % Leveraging technology to identify fraud and misconduct risks 39% Evaluating the effectiveness of compliance programs and antifraud controls 38% Electronic discovery and preservation of documents pursuant to regulatory inquiries or litigation 37% Providing fraud and misconduct awareness training 30% Conducting fraud and misconduct risk assessments 25% Conducting complex investigations in response to allegations of fraud or misconduct 22% Funding to Combat Fraud and Misconduct We also wanted to understand whether executives believed that their organization’s funding to combat fraud and misconduct would change in the upcoming year. The majority of respondents (75 percent) expected the amount of funding to remain the same. Only 9 percent expected the funding to decrease. Q. In the next 12 months, do you expect the amount of funding your organization dedicates to combating fraud to increase, decrease, or stay the same? % Stay the same 75% Increase 16% Decrease 9%
  15. 15. 12 Fraud Survey 2009 Methodology KPMG retained an independent research firm to conduct telephone interviews with executives of U.S. organizations with annual revenues of at least $250 million. The interviews took place from November to December 2008. KPMG was not identified to the participants as being associated with the survey. The survey respondents represented a cross-section of entities, industries, and senior executive positions, as shown in the tables below. Overall Sample Telephone interviews conducted Confidence level Precision level (margin of error) 204 95% +/- 7% Respondents’ Organizational Type % Private 46% Public 41% Public Sector/Government 14% Respondents’ Organization’s Annual Revenue % At least $250 million but less than $1 billion 55% At least $1 billion but less than $5 billion 25% At least $5 billion but less than $10 billion 13% $10 billion or more 4% Does not add to 100% due to rounding. Does not add to 100% due to rounding.
  16. 16. Fraud Survey 2009 13 Respondents’ Industry Representation % Healthcare and Pharmaceuticals 24% Consumer Markets 19% Industrial Markets 17% Government/Public Sector 15% Information, Communication, & Entertainment 13% Financial Services 11% Respondents’ Level of Responsibility % CEO/CFO/Executive Officer 30% Chief Risk Officer 20% Chief Accounting Officer/Controller 13% Chief Audit Executive/ Internal Audit Director 13% Chief Compliance Officer/Ethics Officer 12% Head of Security 6% General Counsel/In-House Counsel 5% Does not add to 100% due to rounding. Does not add to 100% due to rounding.
  17. 17. 14 Fraud Survey 2009 About KPMG Forensic KPMG ForensicSM is a global practice comprising multidisciplinary professionals from member firms of KPMG International that assist clients in achieving the highest levels of business integrity through the prevention, detection, and investigation of fraud and misconduct and by avoiding and resolving disputes. Our professionals not only help clients discover the facts underlying concerns about fraud and misconduct, but they also assist our clients in assessing and mitigating the vulnerabilities to such activities. We also deliver a broad range of services to help prevent and resolve commercial disputes including the assessment of damages, the resolutions of accounting, audit, and finance-related issues, and expert witness services. Using a wide-range of sophisticated technology tools, KPMG Forensic helps organizations address the risks and costs involved with evidence and discovery management as well as the acquisition, management, and analysis of large data sets. Our professionals work alongside clients to handle information from its creation to its preservation, collection, analysis, and presentation in discovery. We also apply computer forensic and data analysis techniques to assist with detecting fraud and misconduct. To support these services, member firms of KPMG International operate secure data centers in the United States, Canada, and the United Kingdom. Professionals in KPMG’s Forensic practice draw upon extensive experience in forensic accounting, law enforcement, fraud and misconduct control assessments, legal damage quantification and analysis, expert witness testimony, international arbitration, asset tracing, computer forensics, and forensic data analysis. KPMG Forensic professionals are well positioned to provide consistent service to global clients. By sharing common global methodologies, KPMG International member firms can readily assemble multinational teams who possess a breadth and depth of technical skills and industry knowledge to address fraud, misconduct, and dispute concerns. Service offerings are subject to legal and regulatory restrictions. Some services may not be available to KPMG’s financial statement audit or other attest service clients. SpecialThanks Without implying his endorsement, KPMG would like to thank Dr. Jagdish S. Gangolly, Associate Professor, College of Computing & Information, State University of New York at Albany, for his contributions in producing this survey. Acknowledgements Major KPMG contributors Richard Girgenti Timothy Hedley Scott Avelino Brad Sparks Jaime Jue Ori Ben-Chorin David Hilton Robert Wade Lilanthi Alahendra Charles Garbowski Marshall Bain Hasan Dajani For more information about how KPMG Forensic can help, please call the KPMG Forensic Hotline at 1-877-679-5764 or visit us at www.us.kpmg.com/forensic.
  18. 18. us.kpmg.com © 2009 KPMG LLP, a U.S. limited liability partnership and a member firm of the KPMG network of independent mem- ber firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in the U.S.A. KPMG and the KPMG logo are registered trademarks of KPMG International, a Swiss cooperative. 21001NSS KPMG Forensic is a service mark of KPMG International.

×