• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Business risk, control systems and risk of fraud whitin bison hospitality ltd
 

Business risk, control systems and risk of fraud whitin bison hospitality ltd

on

  • 256 views

Business risk, control systems and risk of fraud within bison hospitality ltd

Business risk, control systems and risk of fraud within bison hospitality ltd

Statistics

Views

Total Views
256
Views on SlideShare
256
Embed Views
0

Actions

Likes
0
Downloads
1
Comments
0

0 Embeds 0

No embeds

Accessibility

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Business risk, control systems and risk of fraud whitin bison hospitality ltd Business risk, control systems and risk of fraud whitin bison hospitality ltd Presentation Transcript

    • BUSINESS RISK, CONTROL SYSTEMS AND RISK OF FRAUD WHITIN BISON HOSPITALITY LTD. PREPARED BY SHEIK SHAMI ULLAH CHOWDHURY (ID 2012121015) KAZI NEHAL AHMED (ID 2011421015) MD. ISMAIL HOSSAIN (ID 2012121010) PREPARED FOR MR. KHWAJA ARAFAT ABDULLAH CO-ORDINATOR AND FACULTY SCHOOL OF BUSINESS, BAC
    • Components of Business Risk 2 An organizations board of directors implements internal control System in order to assure : o Reliability of Financial Information. o Effectiveness and Efficiency of Operation. o Compliance with Applicable Laws & Regulations. Not only that, an effective internal control system also helps protect assets from misappropriation or mishandling and it also minimize the potential for waste & loss.
    • Risks & Limitations of Internal Controls 3 All internal controls have some limitations which reduce their effectiveness. Caused By:  Human Error (Carelessness, Inexperience or Error in Judgment)  Breakdowns (Failure to capture unusual activities within system)  Management Override (Senior management ignoring Policies)  Collusion (employees bypassing control by working with outsiders)
    • Identification & Assessment 4  In order to perform an audit, an auditor needs to understand the organization’s internal control system.  The auditor can then plan and define the scope of the audit.  Based on preliminary evidence, the auditor assesses the internal controls as being at maximum risk, below the maximum and effective, or below the maximum and somewhat effective.  Finally the auditor determines how much and what types of testing to plan for in the audit.
    • Standards for Auditors on Assessing Audit Risk 5 According to SAS (Statement of Auditing Standard) Audit Risk has Three Components:  Inherent risk – Means that there is susceptibility of an account balance or class of transactions leading toward material misstatement.  Control risk – Arises when misstatement in balances or classes, are not being prevented, or detected and corrected by the accounting and internal control systems.  Detection risk – The possibility that the auditors’ substantive procedures are not detecting a material misstatement in the records.
    • LEVEL OF RISK WHITIN BISON HOSPITALITY LTD. 6 In case of Bison Hospitality Ltd. Internal Control Risk can be assessed as being Maximum. Because,  The risk of a material misstatement being present in the financial reports are High.  The risk that the control will fail to operate as designed are critical as well. This means, no Tests of Controls are needed since the internal control procedures are ineffective. However, we should plan to perform a large amount of Substantive Tests to see whether the financial statement’s objectives are met or not.
    • The Control Systems Of Bison Hospitality Ltd. 7
    • Some more picture of Ideas Manzil – Bison Hospitality Ltd. 8
    • Bison Hospitality Ltd. through COSO Framework ‘Lens’ Control Environment Vision is clearly set, written objectives missing, policies are missing/not being implemented therefore expectations not met. Operations have an ‘adhoc’ feel. Risk Assessment As the objectives are not clearly set, risk assessments are based on managerial skills/initiative rather than system, no written protocols at play Internal Controls Active but not synced together. (Details given in the internal control activities) Information & Communication Internal communication is based on one to one meets, Requisitions with implications on finance follows predefined routes and requires authorization. Job responsibilities needs to be drawn up which will assist in the disbursement of information throughout the hierarchy. Monitoring Monitoring is usually one dimensional (downward), interventions required to formalize the monitoring process, reports etc. 9
    • Bison Hospitality Ltd. – Internal Control Activities Segregation of duties Job Responsibilities not in writing, jobs are verbally delegated, overlapping of duties observed primarily amongst the front and mid level staff. Authorization Follows this route – requisition goes into accounts, passes to get recommendation from General Manager, passes to get clearance from Managing Director, comes back to be disbursed or explained why withheld from the accounts. Lacking: Often funds are disbursed directly by the managing director instead of following the route. Documentation & record keeping Documentation are properly done and in place. Vouchers and bills are properly kept and monitored. Market assessed randomly for price justifications. Even though unavailability of pre done formats of requisitions, leave forms etc often creates excess work load for the accountant. Physical control Access to information is strictly limited. Hard copies are kept in locked cabinets and access of soft copies protected through passwords. Entry of physical items are cleared in the entrance and cross checked with the requisition whereas outgoing items require gate pass/es from the General Manager. Objective performance checks Monitoring depends on the initiatives of the managers as proper guidelines, objectives and therefore a proper framework is not in place. Monitoring therefore is also ‘adhoc’. 10
    • Recommendation 11 Further tests are recommended to be carried out to assess the internal control procedures and possible fraud.
    • Fraud 12  In criminal law, a fraud is an intentional deception made for personal gain or to damage another individual.
    • Corporate Fraud 13  Fraud occurring within an organisation is known as corporate fraud.  This involves:  Deliberate dishonesty to deceive the public, investors or lending companies.  Usually resulting in financial gain to the criminals or organisation.
    • According to CNN 14  At least, 67% of firms that had at least one incident of fraud in the past year laid the blame on insiders such as junior employees, senior managers and agents of the company.
    • Corporate Frauds can Include: 15  Account takeover  Insurance fraud  Application fraud  Intellectual property fraud  Bankruptcy-related fraud  Long and short firm fraud  Betting scams  Mobile phone fraud  Business directory fraud  Mortgage fraud  Charitable publication scams  Office supply scams  Cheque fraud  Payment fraud  Cheque overpayment fraud  Personnel management  Domain name scams  Plastic card fraud  Exploiting assets and information  Ponzi schemes  Fake invoice scams  Premium rate phone line scams  False accounting  Procurement fraud  Fixed line fraud  Pyramid schemes  Government agency scams  Receipt fraud
    • Types of Frauds 16 There are three types of fraud: Misappropriation of corporate assets. ii. Manipulation of accounting information. iii. Deception of a specific party. i.
    • Most Common or Popular Frauds 17
    • Fraudulent Trading 18 Fraudulent trading is where a company carries on a business with the intention of defrauding creditors or for any fraudulent purposes. Fraudulent trading is normally done for:  The company has ceased trading.  The company is in the process of being wound up.
    • Share Ramping 19 Share ramping (also known as 'pump and dump' and 'book ramping') is where criminals influence the share price of a company and then take advantage of it. Share ramping is normally done for:  It is commonly done by bringing a company to the market with false expectations of its profitability.  Alternatively it can be done by buying shares in a company when they are at a low price and then starting a rumor that the company is being taken over. When the share price rises, the shares are sold at a profit.
    • Asset stripping 20 Asset stripping is taking company funds or assets of value while leaving behind the debts. Stripping of company assets is normally done for two main reasons:  The fraudsters deliberately target a company or companies to take ownership, move the assets and then put the stripped entity into liquidation.  "Phoenixing" - directors move assets from one limited company to another to 'secure' the benefits of their business and avoid the liabilities. Most or all the directors will usually be the same in both companies.
    • Publishing False Information 21 Publishing false information is a type of fraud committed when a criminal creates, destroys, conceals, or falsifies an account, record or report which is deliberately misleading on the company's financial position.  This is usually done to mislead investors and creditors and to keep a failing company trading.
    • Top 5 Most Expensive Corporate Frauds of the 20th & 21st Centuries 22
    • Enron & Arthur Anderson 23  Enron’s collapse in 2001 from a company worth $63.4 billion, to one seeking bankruptcy reorganization, came as a shock to the general public. Considered to be a major accounting failure, it led to the dissolution of Arthur Anderson, one of the world’s largest accounting farms also. Over 15,000 employees of the corporate had most of their savings in stock, which fell from $83.01 in early 2001 to $0.01 in October 2001.
    • Bernie Madoff 24  June 29, 2009, Bernie Madoff was sentenced to 150 years in prison, the maximum sentence that could be given to anyone convicted of corporate fraud. He ran an amazing ‘Ponzi” scheme for his clients, showing falsified profits, and gains with the money that they had given him for investment. SEC authorities believe the actual net fraud will be between $ 14 & $17 billion.
    • Subprime Mortgage Crisis 25  This was not the crisis of a single corporate but it led to the demise of many other corporate. The repercussions can still be felt throughout the US and even Europe. It has had an adverse effect on most of the banks and financial institutions, and has led to large scale reform in the financial sector rules and regulations.
    • Satyam Computers 26  India’s biggest corporate scam was disclosed when Ramalinga Raju, the CEO of Satyam Computers declared that the company’s profits had been overstated for many years. Inflated bank figures, understated liabilities and over 10,000 non-existent employees were among the many fraudulent practices being indulged in to cross 7000 crone rupees.
    • Worldcom 27  July 21, 2002, when Worldcom filed for bankruptcy under Chapter 11, it was USA’s largest corporate failure. The accounting scandal covered $ 11 billion and it seems the workings of the company were masked by painting a false picture of growing profits and margins. In 2004, it emerged from the bankruptcy proceedings with $5.7 billion in debt and $ 6 billion in cash.
    • Frauds of Bison Hospitality Ltd. 28  Maybe Bison Hospitality Ltd. does two types of fraudulence. Misappropriation of corporate assets. ii. Deception of a specific party. i.
    • Misappropriation of corporate assets 29  Take extra credit for buying service materials.  Fake invoice scams.  Payment fraud.  Receipt fraud.
    • Deception of a specific party 30  They do it on their financial statements.  To show less profit to the tax practitioner.  So that they can pay small amount of tax.
    • References: 31 Risk Management – Defining Inherent Risk vs. Residual Risk. Retrieved on 12.12.12 From http://www.savidtech.com/blog/it-security/riskmanagement-defining-inherent-risk-vs-residual-risk/ II. Internal Control. Retrieved on 12.12.12 From http://www.cliffsnotes.com/study_guide/InternalControl.topicArticleId-21081,articleId-21006.html III. Assessing Fraud Risk. Retrieved on 12.12.12 From http://www.journalofaccountancy.com/Issues/2007/Oct/A ssessingFraudRisk.htm I.