Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Q1 2016 Fraud Detection, Prevention & Risk Management

1,009 views

Published on

  • Be the first to comment

  • Be the first to like this

Q1 2016 Fraud Detection, Prevention & Risk Management

  1. 1. March 2016 Ron Steinkamp Partner, Advisory Services Brown Smith Wallace LLC 314.983.1238 rsteinkamp@bswllc.com 6 City Place Drive, Suite 900 St. Louis, Missouri 63141
  2. 2. • 2014 ACFE Global Fraud Study • Fraud Categories and Schemes • Red Flags of Fraud • Conducting a Fraud Risk Assessment • Anti-Fraud Controls 2 Agenda © 2016 All Rights Reserved Brown Smith Wallace LLP
  3. 3. 2014 ACFE Global Fraud Study 3© 2016 All Rights Reserved Brown Smith Wallace LLP
  4. 4. The use of one’s occupation for personal enrichment through the deliberate misuse or application of the employing organization’s resources or assets. Violation of trust 4 Definition © 2016 All Rights Reserved Brown Smith Wallace LLP
  5. 5. • Typical organization loses 5% of annual revenue to fraud – applied to 2013 Gross World Product translates to potential fraud loss of more than $3.7 trillion annually • Median loss in the study was $145,000 with more than 22% of the cases involving losses over $1 million • Fraud lasted a median of 18 months • Asset misappropriation schemes (fraudulent disbursements, theft of cash receipts, other asset misappropriations) were the most common form of fraud, representing 85% of the cases and least costly at a median loss of $130,000 • Financial statement fraud schemes were the least common form of fraud, representing 9% of the cases and most costly at a median loss at $1 million 5 Summary of Findings © 2016 All Rights Reserved Brown Smith Wallace LLP
  6. 6. • Corruption schemes fell in the middle, comprising just over 37% of cases and causing a median loss of $200,000 • Occupational frauds are most likely to be detected by tips (40%) followed by management review (15%) and Internal Audit (14%) • Small organizations are disproportionately victimized by occupational fraud • Public Sector was one of the most commonly victimized industries • Anti-fraud controls appear to help reduce the cost and duration of occupational fraud schemes • High-level perpetrators cause the greatest damage to their organizations 6 Summary of Findings © 2016 All Rights Reserved Brown Smith Wallace LLP
  7. 7. • 77% of frauds were committed by individuals in one of six departments: • Accounting/Finance • Operations • Sales • Executive/upper management • Customer service • Purchasing • More than 85% of fraudsters had never been previously charged or convicted for a fraud- related offense • Fraud perpetrators often display warning signs – most common behavioral red flag reported in the survey were perpetrators living beyond their means (36%) and experiencing financial difficulty (27%) • Nearly half of victim organizations do not recover any losses that they suffer due to fraud 7 Summary of Findings © 2016 All Rights Reserved Brown Smith Wallace LLP
  8. 8. 8 How Are Frauds Detected? © 2016 All Rights Reserved Brown Smith Wallace LLP
  9. 9. 9 How Are Frauds Detected? © 2016 All Rights Reserved Brown Smith Wallace LLP
  10. 10. Fraud Categories & Schemes 10© 2016 All Rights Reserved Brown Smith Wallace LLP
  11. 11. 11 ACFE Fraud Tree © 2016 All Rights Reserved Brown Smith Wallace LLP
  12. 12. Employee steals or misuses an organization’s resources. • Most common category of occupational fraud – over 85% of cases reported • Least costly – median loss of $130,000 • Median duration – 12 to 26 months 12 Asset Misappropriation © 2016 All Rights Reserved Brown Smith Wallace LLP
  13. 13. • Check Tampering - Steal employer funds by intercepting, forging or altering a check drawn on employer bank account. • Billing - Cause employer to issue payment for fictitious goods or services, inflated invoices or invoices for personal purchases. • Non-Cash - Employee steals or misuses any non-cash assets of the organization. • Payroll - Employee causes employer to issue a payment by making false claims for compensation. • Skimming - Employee steals an incoming payment from an organization before it is recorded on the organization’s books and records. 13 Asset Misappropriation Schemes © 2016 All Rights Reserved Brown Smith Wallace LLP
  14. 14. • Expense Reimbursements - Employee makes a claim for reimbursement of fictitious or inflated business expenses. • Cash Larceny - Employee steals cash receipts from an organization after it has been recorded on the organization’s books and records. • Cash on Hand - Employee steals cash kept on hand at organization. • Cash Register Disbursements - Employee makes false entries on a cash register to conceal the fraudulent removal of cash. 14 Asset Misappropriation Schemes © 2016 All Rights Reserved Brown Smith Wallace LLP
  15. 15. Employee’s use of influence in business transactions in a way that violates duty to the employer for the purpose of obtaining benefit for self or someone else. • 37% of cases reported • Median loss of $200,000 • Median duration – 18 months • Most common area – Purchasing • Employees acting alone or in collusion with vendors/contractors 15 Corruption © 2016 All Rights Reserved Brown Smith Wallace LLP
  16. 16. • Kickbacks  Bribery - Improper, undisclosed payments made to obtain favorable treatment.  Diverting Business - Employee receives kickback for directing business to a vendor.  Overbilling - Vendor submits false invoices that either overstate the cost of goods/services or reflect fictitious sales. Employee approves and receives kickback.  Other - External party seeks fraudulent assistance from employees of victim organization. • Economic Extortion - Employee, through the wrongful use of actual or threatened force or fear, demands money or other form of consideration to make a particular business decision. 16 Corruption Schemes © 2016 All Rights Reserved Brown Smith Wallace LLP
  17. 17. • Illegal Gratuities - Giving or receiving something of value to reward a business decision. • Conflicts of Interest - Employee/agent has an undisclosed personal or economic interest in a matter that influences decisions and undermines their responsibility to their organization. 17 Corruption Schemes © 2016 All Rights Reserved Brown Smith Wallace LLP
  18. 18. Intentional misstatement or omission of material information in the organization’s financial reports. • 9% of cases reported • Median loss of $1,000,000 • Median duration – 24 months • Occurs at higher levels/positions in the organization 18 Financial Statement Fraud © 2016 All Rights Reserved Brown Smith Wallace LLP
  19. 19. • Fictitious Revenues - Recording of sales of goods/services that did not occur. • Timing Differences - Recording of revenues/expenses in improper periods. • Improper Asset Valuations - Manipulate the valuation of a company’s assets to strengthen the balance sheet and financial ratios. • Concealed Liabilities and Expenses - Understate liabilities/expenses to make a company appear more profitable. • Improper Disclosures - Failure to disclose or properly disclose all significant (material) information appropriately in the financial statements. 19 Financial Statement Fraud Schemes © 2016 All Rights Reserved Brown Smith Wallace LLP
  20. 20. Red Flags of Fraud 20© 2016 All Rights Reserved Brown Smith Wallace LLP
  21. 21. 21 Fraud Triangle © 2016 All Rights Reserved Brown Smith Wallace LLP
  22. 22. 22 Red Flags Pressure Opportunity Rationalization Living beyond their means Inadequate controls Not compensated fairly High personal debt Too “cozy” with suppliers No recent raises Excessive investment speculation Vacation not taken Everyone else does it Excessive gambling Weak management Intend to pay back Substance abuse Ineffective or no internal audit Needed the money Extra-marital affairs No job rotation Felt cheated/wanted revenge Job frustration Always in crisis mode Bribe/kickback too tempting Resentment of superiors Large amounts of cash on hand or processed © 2016 All Rights Reserved Brown Smith Wallace LLP
  23. 23. Conducting A Fraud Risk Assessment 23© 2016 All Rights Reserved Brown Smith Wallace LLP
  24. 24. • Conduct an annual fraud risk assessment. – Assists management in identifying where and how fraud may occur and who may be in a position to commit fraud. – Focus on fraud schemes and scenarios to determine the presence of internal controls and whether or not the controls can be circumvented. – General steps: • Identify areas and processes to assess • Identify potential fraud schemes in each area/process • Assess likelihood and significance of each scheme • Map existing anti-fraud controls to potential fraud schemes • Test operating effectiveness of antifraud controls • Identify any control gaps and/or deficiencies = Residual risks • Document and report on the fraud risk assessment Assess Fraud Risks © 2016 All Rights Reserved Brown Smith Wallace LLP
  25. 25. • Mitigate Fraud Risks – Make changes to activities and/or processes = transfer or eliminate the risks. – Improve anti-fraud controls. • Monitor Fraud Risks – Develop data analytics for management to use to monitor fraud risks. – Utilize Internal Audit to conduct audits of risk areas. Assess Fraud Risks © 2016 All Rights Reserved Brown Smith Wallace LLP
  26. 26. Example Summary © 2016 All Rights Reserved Brown Smith Wallace LLP OCCUPATIONAL FRAUD RISK Potential Occupational Fraud Schemes DEPT A DEPT B DEPT C DEPT E DEPT F DEPT G DEPT H DEPT I Asset Misappropriation - Theft of Cash on Hand. High High Low Low Low High Moderate Low Asset Misappropriation - Skimming (Receipts stolen before recording in books - sales, receivables, refunds/credits). High High Low Low Low High Low Low Asset Misappropriation - Cash Larceny (Receipts stolen after recording in books). High High Low Low Low High Low Low Asset Misappropriation - Check Tampering (Intercept, forge or alter a check drawn on the organization's bank account.). Low Low Low Low Low Low Low Low Asset Misappropriation - Cash Register Disbursements (False entries on cash register to conceal the fraudulent removal of cash). High High Low Low Low High Low Low Asset Misappropriation - Purchasing/Billing (Invoices for fictitious goods or services, inflated invoices or invoices for personal purchases). Moderate Moderate Low Moderate Moderate Moderate Low Low Asset Misappropriation - Payroll (False claims for compensation). Moderate Moderate Low Moderate Moderate Moderate Low Low Asset Misappropriation - Expense Reimbursements (Fictitious or inflated business expenses). Low Low Low Low Moderate Moderate Low Low Asset Misappropriation - Inventory (Theft or misuse of organization inventory) High High Low Low Moderate Low Low Low Asset Misappropriation - Fixed Assets/Supplies/ etc. (Theft or misuse of organization assets) High Moderate Low Moderate High Low Moderate Low Corruption - Conflict of Interest Low Low Low Low Low Moderate Low Low Corruption - Bribery Low Low Low Low Low Moderate Low Low Financial Statement Fraud - Asset/Revenue Overstatement Low Low Low Low Low Moderate Low Low Financial Statement Fraud - Asset/Revenue Understatement. Low Low Low Low Low Moderate Low Low
  27. 27. Anti-Fraud Controls 27© 2016 All Rights Reserved Brown Smith Wallace LLP
  28. 28. • Utilize electronic payments • Properly secure unused checks and equipment • Utilize security features on checks • Prohibit hand written checks • Require two signatures on checks over a certain amount • Segregate check preparation from signing • Immediately mail checks after signing • Establish positive pay controls with the bank • Complete independent bank reconciliations timely • Review checks issued to employees for irregularities • Segregate vendor approval from disbursement responsibilities • Perform periodic vendor master file maintenance and review for irregularities 28 Check Tampering Controls © 2016 All Rights Reserved Brown Smith Wallace LLP
  29. 29. • Segregate purchasing from accounting and receiving departments • Require management approval of purchase requisitions/orders • Maintain a master vendor file • Require competitive bids • 3 way match by accounting of vendor invoice, receiving report and purchase order • Periodically review master vendor file for unusual vendors and addresses • Implement automated controls to check for duplicate invoices and purchase orders • Verify vendors with post office boxes • Review voucher payments for proper documentation 29 Billing Controls © 2016 All Rights Reserved Brown Smith Wallace LLP
  30. 30. • Asset policy and procedure manual • Tag assets • Maintain asset, supply and inventory records • Conduct independent periodic inventories of assets, supplies and inventories • Reconcile the physical inventory to asset, supply and inventory records • Properly secure and safeguard assets, supplies and inventories • Implement an asset, supply and inventory removal policy • Store high value items in secure and continuously monitored areas • Secure organization, employee and customer data • Maintain secure information systems • Protect intellectual property, trade secrets, etc. 30 Non-Cash Controls © 2016 All Rights Reserved Brown Smith Wallace LLP
  31. 31. • Maintain personnel records independent of payroll and timekeeping • Utilize electronic payroll deposit • Periodically review employee payroll list • Review paid time off for compliance with policy • Periodically compare payroll with personnel records • Issue pre-numbered payroll checks in sequential order • Payroll bank account reconciled by employee not involved in preparing, signing or distributing checks • Restrict access to payroll check stock and signature stamp • Periodically review payroll withholdings • Periodically review automatic payroll deposits for duplicates • Require salary changes require more than one level of approval • Require supervisor authorization of overtime • Require supervisors review and approve time 31 Payroll Controls © 2016 All Rights Reserved Brown Smith Wallace LLP
  32. 32. • Periodic analytical review of revenue • Periodic review of accounts receivable for write-offs • Periodic review of cash accounts for irregular entries • Segregate receipt of cash and checks from deposit and recording functions • Restrict cashier from accounts receivable and customer records • Immediately restrictively endorse all checks when received • Utilize a lockbox service for cash receipts • Maintain a safe with restricted access • Utilize cameras in cashier areas • Deposit cash and checks daily • Issue receipts for all transactions • Bond employees who handle cash 32 Skimming Controls © 2016 All Rights Reserved Brown Smith Wallace LLP
  33. 33. • Expense reimbursement policy • Require detailed expense reports • Supervisory review and approval of expense reimbursement claims • Place limits on expenses • Require original and detailed receipts • Detailed review of expense reimbursement claims • Credit/Procurement card policy with limits • Safeguards credit/procurement cards • Receive and review monthly automated statements from credit/procurement card companies • Require and review monthly detailed credit/procurement card reports from employees • Reconcile credit card statement to employee report 33 Expense Reimbursement Controls © 2016 All Rights Reserved Brown Smith Wallace LLP
  34. 34. • Independently reconcile cash register tape totals daily to the cash drawer • Limit and monitor access to cash draw and safe • Properly supervise cashiers • Utilize cameras in cashier areas • Segregate cash receipts, bank deposit, reconciliation, posting/accounting and cash disbursement duties • Periodic mandatory job rotation for employees who handle cash and accounting duties • Mandatory vacations • Surprise cash counts • Utilize point of sale system 34 Cash Larceny Controls © 2016 All Rights Reserved Brown Smith Wallace LLP
  35. 35. • Limit and monitor access: – Safe – Cash handling areas – Cash drawer – Petty cash • Properly supervise cashiers • Utilize cameras in cash handling areas • Periodic mandatory job rotation for employees who handle cash and accounting duties • Mandatory vacations • Surprise cash counts 35 Cash On Hand Controls © 2016 All Rights Reserved Brown Smith Wallace LLP
  36. 36. • Management approval for refunds, voids, discounts • Review refunds, voids and discounts on a periodic basis • Require receipts to customers – post sign • Record disbursements out of the register and independently reconcile • Investigate missing or altered register tapes • Daily reconciliation of cash register drawer by independent person • Investigate over and short incidents 36 Cash Register Disbursement Controls © 2016 All Rights Reserved Brown Smith Wallace LLP
  37. 37. • Conflict of interest policy • Policy addressing employee receipt of gifts, discounts, and services offered by suppliers and customers • Established procurement/bidding process • Pre-Bid solicitation documents reviewed for restrictions on competition • Bid solicitation packages numbered and controlled • All bids kept confidential • Bidder qualifications verified • Contracts awarded based on predetermined criteria and documentation of criteria assessment and award decision maintained • Periodic review of purchases for: – Unreasonable costs – Excessive purchases – Favored vendors 37 Anti-Corruption Controls © 2016 All Rights Reserved Brown Smith Wallace LLP
  38. 38. • Proper segregation of duties in purchasing and accounts payable as well as sales and accounts receivable • Purchasing account assignments rotated • Periodic comparison of vendor information with employee information • Vendors who employ former employees under increased scrutiny • Reporting procedure for personnel and other vendors to report concerns about vendors receiving favored treatment • All employees required to complete annual disclosure document that includes potential conflicts resulting from business ownership and investment • Audit clause in each contract allowing Internal Audit access to audit contract records and documentation related to contract compliance and performance • Periodic contract audits conducted by Internal Audit 38 Anti-Corruption Controls © 2016 All Rights Reserved Brown Smith Wallace LLP
  39. 39. • Reduce situational pressures • Reduce the opportunity to commit fraud • Reduce the rationalization of fraud = strengthen employee personal integrity • Financial Statement Analysis 39 Financial Statement Controls © 2016 All Rights Reserved Brown Smith Wallace LLP
  40. 40. 40 Questions © 2016 All Rights Reserved Brown Smith Wallace LLP

×