Management Override:
Common Tactics and How
to Audit For Red Flags
November 14, 2013
Special Guest Presenter:
David Zweigh...
About Jim Kaplan, MSc, CIA, CFE
President and Founder of
AuditNet®, the global resource for
auditors (now available on Ap...
Webinar Housekeeping


This webinar and its material are the property of FraudResourceNet.
Unauthorized usage or recordin...
Today’s Agenda









Introduction
Fraud Statistics: The Growing Fraud Threat
Authoritative Guidance
Management ...
Management Override:
Introduction

Copyright © 2013 FraudResourceNet™ LLC

What is Management Override?
The term ‘manageme...
Copyright © 2013 FraudResourceNet™ LLC

Authoritative Guidance – SAS 99
Prevention

Deterrence

Detection

 Tone at the t...
PCAOB Audit Standard #12
69.
Consideration of the Risk of Management Override of
Controls. The auditor's identification of...
Polling Question 1
The three main elements of guidance for fighting
management override according to SAS 99 are (choose al...
Assessing the Risk of
Management Override
Management override is very difficult to detect.
However, an audit committee can...
Common Characteristics of
Management Override
 Top Side Journal Entries – Timing, amounts,

nature of the accounts and co...
Polling Question 2
Maintaining a healthy level of skepticism will do little to
help the audit committee address the risk o...
Testing for Journal Entries
Indicators of inappropriate journal entries may include
entries:
 made to unrelated, unusual,...
Collusion
What is COLLUSION?
In order for there to be collusion there must be present:
(1) a secret agreement,
(2) involve...
Basis for Undue Influence
(cont’d)
…The answer is power, influence and coercion
 Reward power - The fraudster’s ability t...
Management Override –
Examples

Ripped from the Headlines

Copyright © 2013 FraudResourceNet™ LLC

Real World Examples
WHO...
Real World Examples (cont’d)

WHO

J/Es

Collusion

Influence

Other

No. of
Participants

Worldcom







Many

Enron
...
Case Study
Background
 The Out-of-Control Controller
 Perpetrator failed to reconcile accounts
 Cost to the Company: $6...
Case Study Background
 The Out-of-Control Controller

(cont’d)

Additional Tests – Segregation of Duties
 Matching Journ...
Demo – Access and
Authorization Controls Testing
Demo: Matching Data Fields for Segregation of
Duties Testing
Learn How to...
Additional Tests (cont’d)
When the Journal Was Entered
 Extract journal entries posted on weekends and holidays.
 Extrac...
Polling Question 5
Among the most important preventive measures with
regard to M/O is:
A. Board oversight
B. Segregation o...
Thank You!
Website: http://www.fraudresourcenet.com
Jim Kaplan
FraudResourceNet™
800-385-1625
jkaplan@fraudresourcenet.com...
Upcoming SlideShare
Loading in …5
×

Management Override: Common Tactics and How to Audit For Red Flags

6,879 views

Published on

Webinar series from FraudResourceNet LLC on Preventing and Detecting Fraud in a High Crime Climate. Recordings of these Webinars are available for purchase from our Website fraudresourcenet.com
This Webinar focused on the subject in the title
FraudResourceNet (FRN) is the only searchable portal of practical, expert fraud prevention, detection and audit information on the Web.
FRN combines the high quality, authoritative anti-fraud and audit content from the leading providers, AuditNet ® LLC and White-Collar Crime 101 LLC/FraudAware.

Published in: Economy & Finance, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
6,879
On SlideShare
0
From Embeds
0
Number of Embeds
24
Actions
Shares
0
Downloads
58
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Management Override: Common Tactics and How to Audit For Red Flags

  1. 1. Management Override: Common Tactics and How to Audit For Red Flags November 14, 2013 Special Guest Presenter: David Zweighaft CPA/CFF, CFE Copyright © 2010 White-Collar Crime 101 LLC and AuditNet LLC Copyright © 2013 FraudResourceNet™ LLC About Peter Goldmann, MSc., CFE  President and Founder of White Collar Crime 101 Publisher of White-Collar Crime Fighter Developer of FraudAware® antifraud training courses Monthly columnist, The Fraud Examiner, ACFE Newsletter  Member of Editorial Advisory Board, ACFE  Author of “Fraud in the Markets” – Explains how fraud fueled the financial crisis. Copyright © 2013 FraudResourceNet™ LLC
  2. 2. About Jim Kaplan, MSc, CIA, CFE President and Founder of AuditNet®, the global resource for auditors (now available on Apple and Android devices) Auditor, Web Site Guru, Internet for Auditors Pioneer Recipient of the IIA’s 2007 Bradford Cadmus Memorial Award. Author of “The Auditor’s Guide to Internet Resources” 2nd Edition Copyright © 2013 FraudResourceNet™ LLC About David Zweighaft CPA/CFF, CFE  Principal at DSZ Forensic Accounting & Consulting Services LLC  David has been practicing Litigation Consulting and Forensic Accounting for over 20 years  Assisted the US Dept of Justice in identifying and tracing asserts  He managed the largest Swiss bank Holocaust Asset investigation in New York for the NYS Banking Department Copyright © 2013 FraudResourceNet™ LLC
  3. 3. Webinar Housekeeping  This webinar and its material are the property of FraudResourceNet. Unauthorized usage or recording of this webinar or any of its material is strictly forbidden. We are recording the webinar and you will be provided access to that recording within 5 business days after the webinar. Downloading or otherwise duplicating the webinar recording is expressly prohibited.  Please complete the evaluation questionnaire to help us continuously improve our Webinars.  You must answer the polling questions to qualify for CPE per NASBA.  Submit questions via the chat box on your screen and we will answer them either during or at the conclusion.  If GTW stops working you may need to close and restart. You can always dial in and listen and follow along with the handout. Copyright © 2013 FraudResourceNet™ LLC Disclaimers  The views expressed by the presenters do not necessarily represent the views, positions, or opinions of FraudResourceNet LLC (FRN) or the presenters’ respective organizations. These materials, and the oral presentation accompanying them, are for educational purposes only and do not constitute accounting or legal advice or create an accountant-client relationship. While FRN makes every effort to ensure information is accurate and complete, FRN makes no representations, guarantees, or warranties as to the accuracy or completeness of the information provided via this presentation. FRN specifically disclaims all liability for any claims or damages that may result from the information contained in this presentation, including any websites maintained by third parties and linked to the FRN website Any mention of commercial products is for information only; it does not imply recommendation or endorsement by FraudResourceNet LLC Copyright © 2013 FraudResourceNet™ LLC 5
  4. 4. Today’s Agenda         Introduction Fraud Statistics: The Growing Fraud Threat Authoritative Guidance Management Override: WHY? HOW? WHAT? Ripped from the Headlines Case Study and Demo Your Questions Conclusion Copyright © 2013 FraudResourceNet™ LLC Fraud: The Big Picture According to major accounting firms, professional fraud examiners and law enforcement:  Fraud jumps significantly during tough economic times  Business losses due to fraud increased 20% in last 12 months, from $1.4 million to $1.7 million per billion dollars of sales. (Kroll 2010/2011 Global Fraud Report)  Average cost to for each incident of fraud is $160,000 (ACFE) Of Financial Statement fraud: $2 million  Approx. 67% of corporate fraud committed by insiders (Kroll)  Approx. 50% of employees who commit fraud have been with their employers for over 5 years (ACFE) Copyright © 2013 FraudResourceNet™ LLC
  5. 5. Management Override: Introduction Copyright © 2013 FraudResourceNet™ LLC What is Management Override? The term ‘management override’ is used in ISA 240 on fraud to refer to the ability of management and/or those charged with governance to manipulate accounting records and prepare fraudulent financial statements by overriding these controls, even where the controls might otherwise appear to be operating effectively. From “Right First Time with Clarified ISAs Module 4”, © ICAEW 2010 Copyright © 2013 FraudResourceNet™ LLC
  6. 6. Copyright © 2013 FraudResourceNet™ LLC Authoritative Guidance – SAS 99 Prevention Deterrence Detection  Tone at the top  Value system (“Code of Ethics / Conduct”)  Positive workplace environment  Hiring, promoting and retaining appropriate employees  Training and awareness programs  Confirmation / affirmation of Code of Conduct or Ethics  Ombudsman programs  Whistleblower programs  Incident response / case management processes  Investigative procedures  Discipline, prosecution and recovery guidelines  “Active” oversight by Board and/or Audit Committee – Fraud risk assessment and related measures – Code confirmation / affirmation process – Management’s involvement in financial reporting process and override of control – Process to receive, retain and treat complaints of fraud / unethical conduct – Internal and external audit effectiveness  Internal audit – Evaluation of adequacy / effectiveness of internal controls  Disciplinary examples  Identification and measurement of fraud risk (“fraud risk assessment”)  Processes and procedures to mitigate identified fraud risk  Effective internal controls at entity and process level  On-going monitoring activities  Computer-assisted audit techniques  Investigation of: – Internal control weaknesses / breaches – Non-response to Code confirmation / affirmation – Reported issues Copyright © 2013 FraudResourceNet™ LLC
  7. 7. PCAOB Audit Standard #12 69. Consideration of the Risk of Management Override of Controls. The auditor's identification of fraud risks should include the risk of management override of controls. Note: Controls over management override are important to effective internal control over financial reporting for all companies, and may be particularly important at smaller companies because of the increased involvement of senior management in performing controls and in the period-end financial reporting process. For smaller companies, the controls that address the risk of management override might be different from those at a larger company. For example, a smaller company might rely on more detailed oversight by the audit committee that focuses on the risk of override. Copyright © 2013 FraudResourceNet™ LLC PCAOB Audit Standard #12 73. Controls that address fraud risks include (a) specific controls designed to mitigate specific risks of fraud, e.g., controls to address risks of intentional misstatement of specific accounts and (b) controls designed to prevent, deter, and detect fraud, e.g., controls to promote a culture of honesty and ethical behavior. Such controls also include those that address the risk of management override of other controls. Copyright © 2013 FraudResourceNet™ LLC
  8. 8. Polling Question 1 The three main elements of guidance for fighting management override according to SAS 99 are (choose all that apply) A. Detection B. Awareness C. Deterrence D. Investigation E. Prevention Copyright © 2013 FraudResourceNet™ LLC Copyright © 2013 FraudResourceNet™ LLC
  9. 9. Assessing the Risk of Management Override Management override is very difficult to detect. However, an audit committee can take actions to address the risk of management override of controls:  Maintaining an appropriate level of skepticism,  Strengthening committee understanding of the business,  Brainstorming about fraud risks,  Using the code of conduct to assess financial reporting culture,  Ensuring the entity cultivates a vigorous whistleblower program, and  Developing a broad information and feedback network. Management Override of Internal Control: The Achilles’ Heel of Fraud Prevention © 2005, AICPA Copyright © 2013 FraudResourceNet™ LLC Assessing the Risk of Management Override (cont’d)  It is impossible to have controls In place that are sufficient to totally eliminate the Risk of Management Override (RMO)  Controls to prevent, or detect and correct, such risks must be in place to minimize the risk, such as controls over the authorization and processing of journals and other adjustments to the financial statements.  May include incentives or pressures for individuals to misrepresent the results or financial position of the entity such as:  for personal gain (salary, promotion, bonuses, continued employment, etc);  for gain on disposal of the entity or its business;  to meet expectations or targets;  to avoid tax;  to obtain finance or to satisfy the requirements of lenders or other third parties. Copyright © 2013 FraudResourceNet™ LLC
  10. 10. Common Characteristics of Management Override  Top Side Journal Entries – Timing, amounts, nature of the accounts and complexity of the entries  Collusion – Related to the size if the entity  Undue Influence over Accounting/Financial Reporting Staff – Use of system access and authorization controls Copyright © 2013 FraudResourceNet™ LLC Testing for Journal Entries When selecting items for testing, the auditor must consider:  Whether there are any fraud risk factors that may help the auditor identify specific classes of  Journal entries and other adjustments for testing;  The effectiveness of controls over the preparation and posting of journal entries and other adjustments.  This may reduce the extent of substantive testing necessary, provided that the auditor has tested  the operating effectiveness of the controls;  the characteristics of fraudulent journal entries or other adjustments. Copyright © 2013 FraudResourceNet™ LLC
  11. 11. Polling Question 2 Maintaining a healthy level of skepticism will do little to help the audit committee address the risk of management override. A. True B. False Copyright © 2013 FraudResourceNet™ LLC Copyright © 2013 FraudResourceNet™ LLC
  12. 12. Testing for Journal Entries Indicators of inappropriate journal entries may include entries:  made to unrelated, unusual, or seldom-used accounts or without identifying account numbers;  made by individuals who typically do not make journal entries  recorded at the end of the period or as post-closing entries that have little or no explanation or description  containing round numbers or consistent ending numbers.  the nature and complexity of the accounts. Copyright © 2013 FraudResourceNet™ LLC Testing for Journal Entries (cont’d) Inappropriate journal entries or adjustments may be applied to accounts that:  contain transactions that are inherently complex or unusual in nature;  contain significant estimates and period-end adjustments;  have been prone to misstatements in the past;  have not been reconciled on a timely basis or contain unreconciled differences;  contain inter-company transactions; and  are otherwise associated with an identified risk of material misstatement due to fraud. Copyright © 2013 FraudResourceNet™ LLC
  13. 13. Collusion What is COLLUSION? In order for there to be collusion there must be present: (1) a secret agreement, (2) involve two or more persons, (3) the intent to defraud a third party and (4) give a deceptive appearance of the transaction they engage in. Copyright © 2013 FraudResourceNet™ LLC Basis for Undue Influence The 5 basis of power (http://learnaboutfraud.wordpress.com/2011/09/16/5-bases-ofpower-influencing-to-collude/) In relation to the perpetration of a fraud scheme, the alleged fraudster will desire to carry out their fraud scheme (their will), along with convincing another individual to do the alleged fraudster’s bidding, without regard towards the other individual’s wishes (resistance). So how does a fraud perpetrator accomplish getting another person to participate in their fraud scheme? The answer is ……. Copyright © 2013 FraudResourceNet™ LLC
  14. 14. Basis for Undue Influence (cont’d) …The answer is power, influence and coercion  Reward power - The fraudster’s ability to provide a benefit to the accomplice.  Coercive power - The fraudster’s ability to punish the accomplice if there is resistance.  Expert power - The fraudster’s perceived expertise or knowledge.  Legitimate power - The fraudster’s legitimate right to exercise authority over the accomplice.  Referent power - The extent of the accomplice to identify with the fraudster. Copyright © 2013 FraudResourceNet™ LLC Polling Question 3 Red flags of possible M/O include (choose all that apply) A. Entries made by individuals who typically do not make journal entries B. Entries recorded at the end of the period or as post-closing C. Entries containing round numbers or consistent ending numbers. D. All of the above Copyright © 2013 FraudResourceNet™ LLC
  15. 15. Management Override – Examples Ripped from the Headlines Copyright © 2013 FraudResourceNet™ LLC Real World Examples WHO SCHEME TYPE OF OVERRIDE HOW DISCOVERED Worldcom Improper Capitalization of Expenses Collusion, J/Es, Influence Internal Audit Enron Off-Balance Sheet Special Purpose Entities Collusion, J/Es, Influence Internal Audit Computer Associates 35-day Accounting Periods Collusion, J/Es Tip to the NY Times Barings Bank Unrecorded Trading Losses No Segregation of Duties Regulatory Investigation Cendant Inflated Revenues, Improper Charges Against Reserves Collusion, J/Es Post Acquisition Comptronix CEO, COO, CFO Overstated Income and Inventory Collusion, J/Es Confession to Board Copyright © 2013 FraudResourceNet™ LLC
  16. 16. Real World Examples (cont’d) WHO J/Es Collusion Influence Other No. of Participants Worldcom    Many Enron    Many Computer Associates   Many Barings Bank  Cendant   5 Comptronix   3 No SoD 1 Copyright © 2013 FraudResourceNet™ LLC Data Analysis - Forensic Audit Data Analysis Techniques Copyright © 2013 FraudResourceNet™ LLC
  17. 17. Case Study Background  The Out-of-Control Controller  Perpetrator failed to reconcile accounts  Cost to the Company: $6.8 M over 4 years  Fraudster Profile  Financial Operations Sr VP; Male  Prepared fictitious support for account reconciliations  Directed staff to post fraudulent J/Es to the G/L  No monitoring or oversight of his work Copyright © 2013 FraudResourceNet™ LLC Case Study: Undue Influence & Segregation of Duties E-mail Copyright © 2013 FraudResourceNet™ LLC
  18. 18. Case Study Background  The Out-of-Control Controller (cont’d) Additional Tests – Segregation of Duties  Matching Journal Entry originators to authorizers  Identifying emails to staff instructing them to post fictitious Journal Entries Copyright © 2013 FraudResourceNet™ LLC Polling Question 4 Management power is an essential element to override of controls. Such power can come in which of the following forms (choose all that apply) A. Reward power B. Coercive power C. Expert power D. Legitimate power E. All of the above Copyright © 2013 FraudResourceNet™ LLC
  19. 19. Demo – Access and Authorization Controls Testing Demo: Matching Data Fields for Segregation of Duties Testing Learn How to: Match Journal Entry Initiators to Authorizers to Identify Segregation of Duty Violations Copyright © 2013 FraudResourceNet™ LLC Additional Tests Who Entered the Journal  Summarize journal entries based on who entered the journal (i.e., the person listed as the one who typed in the journal entry) to determine if he or she is authorized to do so. Identifying who entered the data can become a bit complicated if data entry clerks are inputting the information rather than an authorized manager. What Was Entered     Summarize journal entries by account and repetitive extracts (e.g., more than 50 instances) and unique account sequences used in the journal entry based on the first five debit and credit postings. Extract nonstandard or manual journal entries for further analysis rather than extracting an entry from a created system, such as an accounts payable ledger posting. Stratify the size of journal entries based on the journal entry amount, using the debit side of the transaction. Summarize general ledger activity on the amount field based on the absolute value of the debit or credit to identify top occurring amounts. Copyright © 2013 FraudResourceNet™ LLC
  20. 20. Additional Tests (cont’d) When the Journal Was Entered  Extract journal entries posted on weekends and holidays.  Extract journal entries that were made immediately following the end of the fiscalyear. Summarize journal entry credits and debits processed by day, month, and year. Where the Journal Was Entered  Extract journal entries made to suspense accounts and summarize them based on the person entering the journal entry and their corresponding account numbers.  Extract journal entries to general ledger accounts that are problematic or complex based on past issues at the company or the industry in general (e.g., accounting journal errors subsequently corrected by accounting staff or auditors) by reviewing previous audits or by asking management to determine past issues.  Extract debits in revenue and summarize them by their corresponding general ledger accounts. Copyright © 2013 FraudResourceNet™ LLC Additional Tests (cont’d) Why the Journal Was Entered  Extract all general ledger transaction amounts, such as debits or credits, that exceed the average amounts for the general ledger account by a specified percentage — five times the average is the default.  Extract journal entries that equate to round multiples of 10,000, 100,000, and 1,000,000.  Extract journal entries using key texts, such as "plug" and "net-to-zero," anywhere in the record. Extract JE’s that are made just below set accounting department approval limits, especially multiple entries of amounts below such limits.  Extract journal entries illustrating reclassification of expenses either by credit to an expense account and no corresponding debit to another expense account, or debit to the revenue account and no corresponding credit to another revenue account.  Extract journal entries with other major classification changes in the area of assets, liabilities, net worth, and unbalanced fund transfers.  Extract other major classification changes in the area of assets, liabilities, net worth, and unbalanced fund transfers. Copyright © 2013 FraudResourceNet™ LLC
  21. 21. Polling Question 5 Among the most important preventive measures with regard to M/O is: A. Board oversight B. Segregation of duties C. Delegation of authority D. Job rotation Copyright © 2013 FraudResourceNet™ LLC Questions?  Any Questions? Don’t be Shy! Copyright © 2013 FraudResourceNet™ LLC
  22. 22. Thank You! Website: http://www.fraudresourcenet.com Jim Kaplan FraudResourceNet™ 800-385-1625 jkaplan@fraudresourcenet.com Peter Goldmann FraudResourceNet™ 800-440-2261 pgoldmann@fraudresourcenet.com David Zweighaft dzweighaft@dszforensic.com 212-699-0901 Copyright © 2013 FraudResourceNet™ LLC Coming Up This Month  Using Data Analysis to Detect and Prevent P-Card Fraud, Nov. 20 Copyright © 2013 FraudResourceNet™ LLC

×