How to Get Started in Social Media for Art League City
Identifying and Managing Sources of Business Growth
1. Identifying and Managing
Sources of Business
Growth
Arleen Thomas, CPA, CGMA
Senior Vice President, Management Accounting
American Institute of CPAs
Ashok Noah, CPA, FCMA, CGMA
Vice President, External Relations, Management Accounting
American Institute of CPAs
3. What matters most in this
uncertain world?
The Human Dimension, including:
Customer and Supplier Relationships
Talent Development
Intellectual Capital
…………this represents a major shift
4. Greatest value coming from
non-financial sources*
* Extent of value provided - % of respondents selecting 8-10 on a scale of 10.
5. EFFECTIVE HUMAN CAPITAL =
COMPETITIVE ADVANTAGE
1/3+
Over a third of respondents agree:
The ability to effectively attract, retain and deploy the right
talent is THE MAIN competitive advantage for their
organisation.
5
10. LOTS OF DATA, LITTLE VALUE
34% of CEOs, and 40% of CFOs, state their firm has a lot of
data in relation to human capital
BUT its usefulness is questioned:
They also report they do not receive enough data based
insights or analysis to help their firm with human resource
planning.
10
11. HUMAN CAPITAL INSIGHT
Only 12% of CEOs are confident on the
quality of the metrics they receive on
human capital.
11
12. INFORMATION FOR INSIGHT –
BEING PART OF THE SOLUTION
Source: Leading through connections, IBM 12
14. 1 Embed human capital strategy within
the overall business strategy
Develop relevant human capital metrics and KPIs aligned to
support and implement the wider strategy.
The measurement and performance management of such
metrics to have same level of scrutiny, focus and controls as
other key data, e.g. financials.
14
15. 2 Get the right information and translate
it into actionable insight
Insight is essential for effective decision support
Human capital data needs to be credible and accurate
Data needs to be analysed and converted into relevant
management information
Information needs to be translated to provide actionable
insight.
15
16. 3 Leverage the relevant skills to bring credibility
to the data and subsequent actions
Be clear on responsibility, accountability and ownership for
human capital performance management.
Finance already has significant mandate to collaborate and
support in this area
Use the CGMA’s unique skills in uniting financial facts and non-
financial information to provide insight from a base of
independence and objectivity.
16
17. 4 Structure the organisation to encourage
collaboration and partnering
Foster closer collaboration and communication at the
executive and operation levels
Structure for closer partnering, especially between finance
and HR
17
18. Working in collaboration to
connect the dots
CEO’s want people with:
Strong technical skills in their discipline
Multi-disciplinary expertise and ability to collaborate
Skills in management competencies
Strong strategic understanding of the business as a whole
21. The emerging gaps
84%
•Of the organizations translate
insights into action better than
industry peers. *
75%
c •Of the CEOs agree that there is a
need to put more emphasis on non-
financial measures.#
75%
•Of CEOs say collaboration is a key
skill for future success. *
67%
•Of CEOs surveyed identified
communication as key skill for
success. *
43%
•CEOs identify lack of management
of Human Capital is an impediment
to achieving financial targets.+
* IBM’s Leading through connections survey of global CEOs
# Rebooting Business: Valuing the human dimension
+ Talent pipeline draining growth – CGMA Report
22. ………………………..AICPAs response
84%
• Of the organizations translate insights into action
better than industry peers. *
75%
• Of the CEOs agree that there is a need to put more
emphasis on non-financial measures.#
75%
• Of CEOs say collaboration is a key skill for future
success. *
67%
• Of CEOs surveyed identified communication as key
skill for success. *
43%
• CEOs identify lack of management of Human Capital is
an impediment to achieving financial targets.+
– Provide qualifications that meet the needs of the business
– Raising finance knowledge for business managers
– Continuing development to provide skills and competencies
– Provide guidance and tools to members
– Ensuring the profession remains relevant to the future
27. However analytics still provide a rear view
image
Dashboards are backward looking and obstructs a clear view of the
road ahead
28. Finance function has delivered scale benefits
Shared
SCALE
Service Technology
BENEFITS
Centers
Focus on Process and Technology
29. There is potential to deliver greater business
benefits
REAL
INCREASED BUSINESS
BUSINESS
ANALYSIS SUPPORT
BENEFITS
Focus on People and Organization
33. Backdrop
Organizations may be losing as much of 5% of their
annual revenues as a result of fraud.
Small organizations are disproportionately affected by
fraud.
A high percentage of frauds are committed by senior
management and executives.
Fraud perpetrators often work in the finance function.
Fraud losses are not restricted to a particular sector.
The prevalence of fraud is increasing in emerging markets.
Anti-fraud controls help to reduce the cost and duration of
frauds.
33
34. What is fraud?
Deception to make a personal gain dishonestly for
oneself and/or create a loss for another
Examples
Crimes by individuals against consumers, clients or other
business people (e.g. pyramid trading schemes)
Employee fraud against employers (payroll fraud)
Crimes by businesses against investors (financial reporting
fraud)
Crimes against financial institutions (fraudulent insurance
claims)
Crimes by individuals or businesses against government (tax
evasion)
Crimes by professional criminals (money laundering)
E-crime (phishing, hacking)
34
42. Developing a sound ethical culture
Key actions that organizations can take to establish a
sound ethical culture are:
A mission statement that refers to quality, ethics and how the
organization wishes to be seen externally
Clear policy statements on business ethics and anti-fraud, with
explanations about acceptable behavior in risk prone
circumstances
A route through which suspected fraud can be reported
A process of reminders about ethical and fraud policies
An aggressive risk-based audit process
Management which is seen to be committed through its
actions
42
43. Key findings – Ethical Culture
Does your organization provide...
Majority of
organizations have
codes and supporting
infrastructure
43
44. Key findings - Ethical Culture
Does your organization provide...
There is still room for
improvement in the
infrastructure to
enforce the code of
ethics
44
45. Key findings – Ethical Culture
The leadership team have a role – but not as high as we’d hope
Who (else) has formal responsibility for ethical standards across your organization?
45
46. Key findings- Ethical Dilemmas
One third of respondents may feel under pressure from
colleagues or managers to compromise their organizations’
standards
Do you ever feel under pressure from your colleagues or manager to compromise your
organization’s standards of ethical business conduct?
46
47. Key findings – Ethical Dilemmas
Personal Observations
... approximately a quarter have
personally observed conduct that
has violated organizational ethics
standards, policy, or the law in the
last 12 months
47
48. Reporting mechanisms and
whistleblowing
Reporting mechanisms are a key element of a
prevention program, as well as a detection program
Organizations should encourage employees to speak
out
Anti-fraud culture and reporting processes will be a
major influence on potential whistleblowers
Very important for employers to follow up on all
disclosures
Provisions should be made for anonymous reporting
Whistle blowing legislation around the world is complex
and evolving
48
49. Other prevention measures
Periodic assessment of fraud risk
Fraud risks should be evaluated in all areas and processes of a
business
Risks should be assessed in terms of impact and likelihood
In addition to monetary impact, non-financial factors such as
reputation should be considered
Fraud risk training and assessment
Training methods can include formal training sessions, group
meetings, posters, newsletters and intranet content
Communication should be ongoing
A combination of methods is usually most successful
Sound internal controls
A sound system should address fraud red flag areas
An ethical culture complements a system of controls
49
50. Fraud Detection
Key elements of a fraud detection system include:
Exception reporting
Data mining
Trend analysis
Ongoing risk assessments
50
53. Fraud indicators
Warning signs -
Organizational
indicators of fraud risk
Fraud Alerts –
Specific events or red
flags, which may be
indicative of fraud
53
54. Tools and Techniques
Training and experience – the training received by a
management accountant is a very good basis for
implementing an anti-fraud program
Mindset – that fraud is a possibility
Analyzing anomalies - computer based controls as a
key area for improving both fraud prevention and
detection over the next two to five years.
54
55. Fraud Response Plan
• Provides procedures for evidence gathering
• Facilitates informed decision-making
• Helps ensure integrity of evidence, which needs to be
admissible in event of legal action
• Reduces tendency to panic
• Helps company maintain market confidence
• Restricts damage and minimize losses
• Adds a level of deterrence
• Lays out roles and responsibilities
55
56. Follow up action
There are lessons to be learned from every identified
incident of fraud.
The organization’s willingness to learn from experience is
as important as any other response.
Large organizations may consider establishing a special
review to examine the fraud with a view to recommending
improvements to systems and procedures.
Smaller organizations may consider discussing the issues
with some of its more experienced people, with the same
objectives in mind.
It is important that recommended changes are
implemented promptly.
56
58. CGMA Report Fraud Risk
Management – resources included in
the appendix
Examples of common types of internal fraud
Sample fraud policy
Example fraud risk analysis
Sample whistle-blowing policy
16 step fraud prevention plan
Examples of fraud indicators, risks and controls
Outline of a fraud response plan
Example of a fraud response plan
58
...businesses face growing levels of complexity. [pause to allow audience to view quote]
Their overwhelming response from CEO’s was that the human dimensions of business – customer and supplier relationships, talent development, intellectual capital, etc. – will be the focus over the next 18-24 months.Our researchers tell us that this focus on the human dimension represented an important shift for businesses as is further illustrated in this next slide.
The overwhelming business value can be found within the human dimension.Business leaders were asked to rate on a scale of 1-10 the extent that each of the items (customer relationships, knowledge and human capital, etc.) contribute to the overall value of their business. The chart depicts the percentage of respondents who selected a score of 8, 9 or 10 for that item. The majority (68%) of business leaders believe that most of their organisational value is coming from non financial sources. They see people’s ideas, skills, knowledge and relationships as more important than traditional, financial sources of value.
This increasing importance of non-financial value explains why it’s so important that businesses have the ability to capture and measure it. As we see on the right, 75% of our business leaders want to put more emphasis on measuring and demonstrating the non-financial value of their organisations. 76% agree the current reporting system promotes an excessive focus on financials.Interestingly, research shows that in 1975 a total of 83% of the market capitalisation of companies in Standard & Poor’s 500 index was accounted for by tangible assets. And by 2009, the figure was just 19%. This poses a challenge for management accountants.
Indeed, our survey is clear that the performance of many firms are being blighted by their failure to make the most of their human capital.Short-sighted human capital policies appear to be hitting many companies where it hurts; their growth agenda. Over two fifths (43%) respondents in the survey partially attribute the failure of their firms to achieve key financial targets to ineffective human capital managementTwo in five (40%) say it has also reduced their company's ability to innovate.A similar number also report that their firm has been unable to achieve forecasted growth as a result of human capital inadequacies.
Why might this disconnect be happening? A particularly worrying finding from the study reveals that the most senior business leaders – C-level executives – not just disagree with each other on critical aspects of talent management and human capital investment, but they are also not clear who should bear responsibility for these issues in their organisations. Who holds responsibility for measuring the effectiveness of a firm's talent management strategy is unclear. Over three-fifths of CEOs and CFOs agree the Head of Finance has the mandate, but less than a fifth of HR directors seem to agree. Instead, an overwhelming proportion of HR directors (83%) say oversight on talent is, in fact, their own responsibility, a view that is supported by less than 30% of CEOs and CFOs in the survey. The divergence of views makes it quite clear that in most organisations there is room to improve the division of responsibility and accountability on human capital. From the survey findings the majority of CEOs identify the CFO, and therefore finance, as the natural lead in this area. CFOs in turn, should look to the management accountants in their organisations that are able to combine financial and management skill sets to interpret information and data in a way that will assist decision making, strategy development and investment evaluation.
In essence 69% of business leaders feel the financial markets are holding businesses to ransom as many investors show little or no interest in the longer term. This sentiment was felt even more strongly in South East Asia and Asia Pacific than in the UK and US which really surprised us, as short-termism is more commonly associated with Western markets. What is clear is that this must stop. Organisations must aim to measure their full value.Other obstacles include:67% of respondents say current reporting tools are skewed in favour of financial reporting andThere are deficiencies in current information available on non-financialsAnd finally, 28% feel there are challenges from existing and new regulationsFor too long there has been a fixation on short-term financials, short-term reporting and short-term gains and it may be coming at a cost to long-term goals, long-term planning and long-term results.
So are organisations making investments into human capital development activities half-blind at times, without a clear understandingof their performance or effectiveness? A lack of confidence in the human capital data available, and lack of insight for better investment planning/decisions, would point tothis.This leaves a big gap for companies to fill, particularly in ensuring that C-level executives are presented with relevant and high-quality information that is credible in the organisation to support a unifying talent management strategy and decision making.
Firms require accurate data on relevant metrics to be able to make effective decisions and investments across all areas, including talent management. Critically, they need that data translated into actionable insights. The results of the survey point to a staggering area of weakness where management information on human capital is concerned. If this area is weak, it follows that decision making will be less effective.Only 12% of CEOs are confident about the quality of metrics that senior management receives onhuman capital. They are also highly skeptical of data on retention of talent and workforce analytics.This is reinforced by HR directors: 38% claim that their organisation struggles to get accurate dataand metrics on human capital costs, productivity, value and ROI.
So why is credible data and insight so crucial? A 2012 IBM report, Leading through connections, demonstrates why actionable insight is crucial to the sustainable success of an organisation. It looked at organisations in terms of revenue growth and profitability, as rated by their CEOs, and found that 84% of the best performing organisations translate insights into action better than their industry peers.It is often the management accountant with the right tools, and relevant skills that can provide this insight with an objective picture of the organisation’s performance. CGMAs bring an unique perspective having the capability to take non-financial information together with the financials to draw out the business critical analysis to support decision making – from a base of independence and objectivity. In this way, the management accountant supports the business in developing and implementing the right strategic and operational actions.
Given the adverse impact these drawbacks in talent management are having on the performance and competitiveness of organisations, the message to business leaders from this survey is clear. To stay competitive and grow in today’s challenging andvolatile business environment, CIMA and AICPA propose four areas of action for business leaders
Organisations need to develop relevant human capital metrics and KPIs aligned to support and implement the wider strategy. The measurement and performance management of such metrics need to come under the same level of scrutiny,focus and controls of both accuracy and relevancy as other key data, e.g. financials.
Firms must trust the data. Human capital information needs to be credible and accurate.But data alone will not ensure it is useful or relevant when it comes to implementing the organisation strategy. It needs to be analysedand translated into relevant and actionable information and insight to provide more effective decision support.
Organisations must ensure there is clarity on responsibility, accountability and ownership for human capital performance management. The research findings have already highlighted that, for the most part, the CFO has the mandate from the CEO to take responsibility for measuring and managing human capital performance.Firms should look to use the CGMA’s unique skills in uniting financial facts and non-financial information to provide insight from a base ofindependence and objectivity.
Structure for closer collaboration at the executive and operational levels, encouraging in particular partnering between the financefunction and HR. Finance has a helicopter view of the organisation and can therefore ‘connect the dots’ across different units and functions. In forward-thinking organisations, the finance function is evolving from a focus on transactional support and cost-efficiency through increased focus on analytical and decision support to strategic focus and input.The expansion has impacted on the capabilities that finance professionals now need to demonstrate. However, this also creates opportunities for management accountants who can leverage their unique skills to add value to the organisation and also to progress their careers.The CGMA, as an objective and independent professional, is often best placed to partner with and support HR in gaining a better understandingof the wider organisation strategy and its impact on cross-organisational changes and needs. In this partnering role, management accountants can support HR and the firm in making credible human capital investment proposalsand decisions based on robust management information. Many HR directors would clearly welcome and benefit from such closer partnering and support, given the lack of confidence in the current data.
Long-term, sustainable business success will depend on strong, cohesive teams that collaborate effectively. Our in-depth interviews with 17 business leaders told us they want people who:Have core strengths in their own professional discipline or area of expertise; But can look beyond their functional silo to have a multidisciplinary expertise to enable them to collaborate effectively with their colleagues; Have skills in management competences (sometimes referred to as ‘soft skills’) such as communication, influence, team-working, decision-making, negotiation and leadership; Have a good strategic understanding of the business as a whole – ie how the business model works and which are the most significant drivers of value, how strategic decisions are made, what the key trends in the industry and economy are and how these impact the company CGMA’s are well positioned to meet to meet the these needs.
Despite the serious risk that fraud presents to business, many organizations still do not have formal systems and procedures in place to prevent, detect and respond to fraud. While no system is completely foolproof, there are steps which can be taken to deter fraud and make it much less attractive to commit. As one recent survey of 1,265 executives worldwide concluded, “All businesses are confronted with the risk of fraud. How they respond – the nature of their approach to prevention, detection, investigation and disclosure will separate those who manage through the issues from those who suffer significant loss.”This guide aims to help finance professionals and others with an interest in tackling fraud in their organizations to take practical steps towards establishing more robust procedures to tackle fraud, particularly in terms of prevention, detection and response. It is aimed at readers across the world – as the law relating to fraud varies from country to country, we strongly advise readers to ensure that they are familiar with the law relating to fraud in their own jurisdiction. However, the general principles of good fraud risk management are universally applicable and we hope that the emphasis on the practical in this guide will provide plenty of pointers for action.Also included in the guide are insights from the 2011 AICPA Forensic and Valuation Services (FVS) Trend Survey of over 1,000 respondents including both forensic accounting practitioners and senior finance professionals in business and industry. This survey explored a number of issues around fraud, including methods of prevention and detection, as well as types of fraud and departments where frauds took place.
Surveys are regularly carried out to estimate the true scale and cost of fraud to business and society. Findings vary and it is difficult to obtain a complete picture as to the full extent of the issue, but these surveys all indicate that fraud is prevalent within organizations and remains a serious and costly problem for virtually every type of organization in every part of the world. The risks of fraud may only be increasing, as we see growing globalization, more competitive markets, rapid developments in technology and periods of economic difficulty.There is a wealth of surveys and research which demonstrate the extent and effect of corporate fraud. Typical findings are highlighted above.
There is no universal definition of fraud. But it essentially involves using deception to make a personal gain dishonestly for oneself and/or create a loss for another.
The CGMA guide and this presentation focuses on fraud against businesses, typically by those internal to the organization. According to the Association of Certified Fraud Examiners (ACFE), there are three main categories of fraud that affect organizations:• Asset misappropriation, which involves the theft or misuse of an organization’s assets. Examples include: theft of plant, inventory or cash, false invoicing, accounts receivable fraud and payroll fraud.• Fraudulent statements usually in the form of falsification of financial statements in order to obtain improper benefit. It also includes falsifying documents such a employee credentials.• Corruption such as the use of bribes or acceptance of kickbacks, improper use of confidential information, conflicts of interest and collusive tendering.These types of internal fraud are summarized in the chart above. Further information on common types of internal fraud and methods by which they may be perpetrated is included in appendix 1 of the CGMA Report Fraud Risk Management.
In the last AICPA Forensics and Valuation Services Trend survey, survey respondents identified the types of fraud that occurred in their organizations. The survey was conducted with both forensics and valuation services professionals and members in business, industry and government – including CFOs, CEOs and Controllers.Survey results included in this presentation are generally from members in business, industry and government.
There is no single reason behind fraud. A useful model is the fraud triangle which is based on the premise that fraud is likely to result from a combination of three factors: motivation, opportunity and rationalization.• Motivation – typically based on greed or need, eg resulting from financial difficulties.• Opportunity – where there are weak internal controls, poor security, little fear of exposure or likelihood of detection.• Rationalization – some may rationalize fraudulent actions as necessary, especially when done for the business, harmless because the victim was large enough to absorb the impact or justified because the perpetrator had a sense of grievance.One of the most effective ways to tackle fraud is to adopt methods that will decrease motive and opportunity. Rationalization is personal to the individual and harder to combat although a strong organizational ethical culture and values can help.
Surveys often show that fraudsters often work in the finance department or operations/sales. This is reflected in the findings of the AICPA Forensic and Valuation Services (FVS) Trend Survey.Another common finding is that senior management and executives commit a significant number of frauds – and invariably cause greater losses than more junior employees.
Fraud prevention or detection? Fraud prevention and detection both have role to play and it is unlikely that either will fully succeed without the other. Therefore, it is important that organizations consider both fraud prevention and fraud detection in designing an effective strategy to manage the risk of fraud. In fact, an effective strategy has four elements: prevention, detection, response and deterrence.This shows that the various elements of an effective anti-fraud strategy are closely interlinked and each plays a significant role in combating fraud. It is the combination of effective fraud prevention, detection and response measures that create an effective fraud deterrent.
Given the prevalence of fraud and the negative consequences associated with it, there is a compelling argument that organizations should invest time and resources toward tackling fraud. However, there is sometimes debate as to whether these resources should be committed to fraud prevention or fraud detection.One way to deal with fraud is to adopt methods that will decrease motive, restrict opportunity and limit the ability for potential fraudsters to rationalize their actions. The aim of preventative controls is to reduce opportunity and remove temptation from potential offenders. Prevention techniques include the introduction of policies, procedures and controls as well as activities such as training and fraud awareness to stop fraud from occurring.It is profitable to prevent losses, and fraud prevention activities can help ensure the stability and continued existence of a business. However, many organizations do not have a formal approach to fraud prevention and once a fraud has occurred, the likelihood of recovering assets can be very low. Prevention is better than cure when it comes to fraud.
One way to deal with fraud is to adopt methods that will decrease motive, restrict opportunity and limit the ability for potential fraudsters to rationalize their actions. The aim of preventative controls is to reduce opportunity and remove temptation from potential offenders. Prevention techniques include the introduction of policies, procedures and controls as well as activities such as training and fraud awareness to stop fraud from occurring.It is profitable to prevent losses, and fraud prevention activities can help ensure the stability and continued existence of a business. However, many organizations do not have a formal approach to fraud prevention and once a fraud has occurred, the likelihood of recovering assets can be very low. Prevention is better than cure when it comes to fraud.The AICPA Forensic and Valuation Services (FVS) Trend Survey shows the following breakdown of fraud prevention methods.
Attitudes within an organization often lay the foundation for a high or low fraud risk environment. Where minor unethical practices may be overlooked, such as petty theft, larger frauds committed by senior management may also be treated in a similar lenient fashion. In this environment, there may be a risk of total collapse of the organization either through a single catastrophic fraud or through the combined weight of many smaller frauds.organizations which have taken time to consider where they stand on ethical issues often realise that high ethical standards bring long-term benefits as customers, suppliers, employees and members of the community.The definition of good ethical practice is not simple. Ideas differ across cultural and national boundaries and change over time. But corporate ethics statements need not be lengthy to be effective.A code of ethics or an anti-fraud policy is not sufficient to prevent fraud. Ethical behavior needs to be embedded within the culture of the organization. Commitment from senior management and ‘tone at the top’ is key. Employees are more likely to do what they see their senior management doing than follow an ethics policy and it is essential that management does not apply double standards.To demonstrate commitment, resources should be allocated to:• communicating ethics and values to all employees, suppliers and business partners.• providing training programmes where necessary.In addition to encouraging senior management to set ethical examples by their actions, organizations should ensure that senior management is committed to controlling the risks of fraud. Senior managers should be assigned with responsibility for fraud prevention as this sends a message to employees that the organization is serious about fraud and ensures that tackling fraud will be handled at a senior level. Adherence to policies and codes should be regularly monitored and policed by appropriate staff within the organization, such as management and/or internal audit. The documents themselves should also be regularly reviewed and revised.
Globally organizations have increased the provision of ethics codes, policies, training, and hotlines. As shown in the chart, 80% of our survey respondents reported that their organizations have a code of ethics, up from 72% in 2008. This increase is consistent with other research that shows an understood overall stated focus on business ethics and corporate responsibility – particularly in light of the downturn. Research from the Ethics Resource Center in the United States finds that 42% of all employees surveyed said “their company had increased efforts to raise awareness around ethics” and a third “say management now watches them more closely”.The next slides shows how this is broken out across the various countries in our survey.
While we are seeing increases in the instances of hotlines, helplines, and incentives, there is significant room for improvement. Enforcement and incentives should serve to improve compliance.
Key Findings - Ethical CultureThere was a decline from 67% to 60% for the board and from 55% to 49% for the chief executive.Finance-related roles, however, are now seen as having greater responsibility for ethical standards – with the finance director/CFO up from 34% to 39% as well as the head of internal audit – up from 24% to 28%..)However fewer half of respondents (41%) considered that all staff had responsibility for ethical standards. This is troubling in that all staff do have a responsiblity for maintaining ethical standards if we truly expect to embed ethical behavior in the culture.
Respondents who felt pressure either always or sometimes rose from 28% in 2008 to 35% in this survey. The next slide shows that those pressures are most apparent in emerging economies.
In 2008, less than one in six - 16%- witnessed conduct that breached the organization’s ethical standards over the course of a year. By 2011 the overall number of respondents who had observed ethical misconduct over the same time period had risen to 23% - nearly one in four. Reporting ethical misconduct Of the 23% of respondents who observed unethical conduct, a majority (69%) reported it. This is despite just over a quarter, 26%, fearing that they could be regarded as troublemakers. For the minority who didn’t report, the main reason was the perception that reporting would not make a difference (37%). This again highlights that the “tone from the top” – as articulated in ethical statements, codes and policies – may be out of step with practice. Respondents in South Asia (India, Pakistan and Sri Lanka) had a particular fear of repercussions, such as impact on job security. While it is reassuring that ethical misconduct is raised by the majority of finance professionals - reflecting that they see this as part of their role and professional status - it is of concern that there are still those who do not report breaches. This could indicate more fundamental issues related to their operating environment and overall ethical culture as highlighted earlier, and point to conflict of interests or specific ethical threats such as intimidation by management or supervisors. .
Establishing effective reporting mechanisms is one of the key elements of a fraud prevention program and can have a positive impact on fraud detection. Many frauds are known or suspected by others who are not involved. The challenge for organizations is to encourage such employees to speak out and to demonstrate that it is in their own best interest.There may be many conflicting emotions influencing the potential ‘whistle-blower’:• working group/family loyalties• disinterest/sneaking admiration• fear of consequences• suspicion rather than proof.The organization’s anti-fraud culture and reporting processes can be a major influence on the whistle-blower, as it is often fear of the consequences, which has the greatest impact. To the whistle-blower, the impact of speaking out can be traumatic, ranging from being dismissed to being shunned by other employees.Where fraud is committed by senior management – even the Chief Executive, the predicament faced by the whistle-blower is exacerbated. This is where the greatest challenge lies – to convince staff that every employee is responsible for combating fraud and that the good health of the organization, and potentially their future employment, could be at risk from fraud. organizations that encourage openness are likely to benefit in many ways, for example, in being able to detect potential problems early and to ensure that the critical information gets to the right people at the right time to enable them to address issues effectively.While many countries have legislation in place to protect whistle-blowers, legal redress should be a last resort and organizations should strive for a culture that actively encourages employees to speak up and challenge inappropriate behavior. It is also essential that the organization follows up any disclosures. Employees are more likely to speak up if they know that action will be taken in response.A whistle-blowing policy should also make provision for anonymous reporting. In some cases, for example, companies subject to the Sarbanes-Oxley Act are required to do this, but it may be necessary to be aware of relevant data protection legislation, for example, companies operating in Europe must comply with EU rules that state that personal data should only be collected fairly. To cover the breadth of whistle-blowing legislation across the world is beyond the scope of this report and readers are strongly advised to verify the specific situation in their own jurisdiction before establishing a whistle-blowing policy.
Risk Assessmentorganizations should regularly identify and assess fraud risks – perhaps as part of an overall risk management process. Fraud risks should be identified for all areas and processes of the business. They should then be assessed in terms of impact and likelihood. In addition to the monetary impact, the assessment should consider non-financial factors such as reputation. An example of a risk analysis is shown in appendix 3 of the CGMA Report Fraud Risk Management.Training and AssessmentAlmost every time a major fraud occurs, many people who were unwittingly close to it, are shocked that they had no idea it was going on. It is therefore important to raise awareness through education and training. Particular attention should be paid to employees working in high risk areas, such as procurement and finance, and to those with a role in the prevention and detection of fraud, for example human resources.One question often raised is whether fraud training provides employees with the knowledge to commit fraud! However, fraud is often discovered through a tip-off. It is therefore essential that all employees understand what constitutes fraud, how to identify it and how they should respond. On balance, training is more likely to reduce rather than increase the risk of fraud.Internal controls to minimize fraud should address fraud red flags. Examples of controls may be:• Requiring multiple signatories on high value transactions.• Requiring employees to take holiday (this is common in the banking sector).• Restricting belongings that can be brought into the work environment eg USB sticks.• Conducting random searches of employees eg in retail outlets.
As fraud prevention techniques cannot be 100% effective, organizations also need to engage in fraud detection. A fraud detection strategy should involve use of analytical and other procedures to highlight anomalies, and the introduction of reporting mechanisms that provide for communication of suspected fraudulent acts. Fraud detection may identify ongoing frauds that are taking place or that have already occurred. The objective of a detection program should not be limited to potential recovery of losses. Fraudulent behavior should not be ignored just because there is no possibility of asset recovery. Fraud detection also allows for improvement of internal systems and controls, which can enhance fraud prevention.Internal ControlsA strong system of internal controls is considered by the ACFE to be ‘the most valuable fraud prevention device by a wide margin’.Overall responsibility for the organization’s system of internal control must be at the highest level in the organization.An internal control system comprises all those policies and procedures that, taken together, support an organization’s effective and efficient operation. Internal controls typically deal with factors such as approval and authorization processes, access restrictions and transaction controls, account reconciliations, pre-employment screening and physical security. These procedures often include the division of responsibilities as well as checks and balances to reduce risk.Ultimately, the internal control system should be embedded within the culture and operations of the organization. It should also be consistent with the nature and size of the organization.
Methods used by companies in AICPA fraud trend survey.
It is interesting to look at how most frauds are actually detected.The PwC 2011 Global Economic Crime Survey,5 covering 3,877 respondents from 78 countries established that the most prevalent fraud detection methods in reported cases of fraud were:• Internal audit (14% of respondents said that frauds were detected by internal audit).• Internal tip-off (11%) – but only 5% of respondents said frauds were uncovered via whistle-blowing mechanisms.• Fraud risk management measures (10%).• By accident (8%).The AICPA Forensic and Valuation Services (FVS) Trend Survey shows a relatively similar picture.In both cases, a striking feature is the number of frauds that are uncovered either accidentally or as a result of tip-offs. This reinforces the importance of raising general fraud awareness in the organization and emphasizing that it is everyone’s responsibility in the organization to find and report fraud. It is also essential that there are adequate controls and reporting mechanisms to facilitate this activity.However, the PwC survey also noted changing trends in fraud detection, with the number of economic crimes detected by people (eg tip-offs) going down and those detected by computers going up. PwC therefore fears that this could mean more fraud overall going undetected as headcounts fall in control functions.
It will never be possible to eliminate all fraud. No system is completely fraud-proof, since many fraudsters are able to bypass control systems put in place to stop them. However, greater attention paid to some of the most common indicators can provide early warning that something is not quite right and increase the likelihood that the fraudster will be discovered. With that in mind, this section provides details of some of the more common indicators of fraud.SEE PAGES 14 – 17 FOR EXAMPLES OF BOTH WARNING SIGNS AND FRAUD ALERTS.
Two key tools are:• Training and experience – the training received by a management accountant is a very good basis for implementing an anti-fraud programme. The broad understanding of business processes is an important asset as is the knowledge of the systems and procedures that should be in place within an organisation to allow it to operate efficiently and effectively. A further asset is the ability to think and act logically, which the management accountant develops with experience.• The mindset that fraud is always a possibility. A healthy dose of professional skepticism should be maintained when considering the potential for fraud.TECHNIQUES USED TO ANALYZE ANOMALIES….(Also see page 17 of the CGMA Report)Background reading• It is important to keep up to date with fraud trends and issues through the press, technical journals, books and the internet.Benchmarking• Comparisons of one financial period with another; or the performance of one cost center, or business unit, with another; or of overall business performance with industry standards, can all highlight anomalies worthy of further investigation.Ratio analysis• Can be used to identify any abnormal trends or patterns.Specialist software• Such as audit tools for data matching analysis can prove very useful. Other tools allow for analysis such as real time transaction assessment, targeted post-transactional review, or strategic analysis of management accounts.Risk assessment• Undertake a fraud risk assessment and design specific tests to detect the significant potential frauds identified through the risk assessment. Act on irregularities which raise concern.Systems analysis• It is important to examine the systems in place and identify any weaknesses that could be opportunities for the fraudster.Mathematical modeling• Using the ‘sort’ tool on a spreadsheet can help to identify patterns in expenditure etc. There are also specialist mathematical models such as Benford’s Law, a formula which can help identify irregularities in accounts. Database modeling can also be used.Exception reporting• Many systems can generate automatic reports for results that fall outside predetermined threshold values (exceptions), enabling immediate identification of results deviating from the norm. Emails or text alerts can be sent directly to appropriate managers to follow up.17
The fraud response plan should reiterate the organization’s commitment to high legal, ethical and moral standards in all its activities and its approach to dealing with those who fail to meet those standards.One question to consider is publicity relating to exposed fraud. A publicized successful fraud investigation can be a sharp reminder to those who may be tempted and a warning to those who are responsible for the management of controls. While there may be embarrassment for those who were close to the fraud and did not identify it, and an adverse impact on the organization’s public image, there can be advantages in publishing internally the outcome of a successful fraud investigation.In some industries, for example the regulated financial services industry, there are often legal requirements to report financial crime. Other businesses should follow this example and make it clear that they will not sweep fraud under the carpet.
Go to AICPA.org > Interest Areas > Forensic and Valuation > Resources to find a number of resources under the topic of Fraud Prevention, Detection and Response.