View
325
Download
1
Tags:
Embed Size (px)
DESCRIPTION
Webinar series from FraudResourceNet LLC on Preventing and Detecting Fraud in a High Crime Climate. Recordings of these Webinars are available for purchase from our Website fraudresourcenet.com This Webinar focused on the subject in the title FraudResourceNet (FRN) is the only searchable portal of practical, expert fraud prevention, detection and audit information on the Web. FRN combines the high quality, authoritative anti-fraud and audit content from the leading providers, AuditNet ® LLC and White-Collar Crime 101 LLC/FraudAware.
Citation preview
Copyright © 2013 FraudResourceNet™ LLC
“Fraud Risk Assessment: An Expert’s Blueprint”
July 26, 2013
Special Guest Panelist:Kevin Doyle, CPA, CFE, CFF
Marriott International
Copyright © 2013 FraudResourceNet™ LLC
About Peter Goldmann, MSc CFE
President and Founder of White Collar Crime 101
Publisher of White-Collar Crime FighterDeveloper of FraudAware® Anti-Fraud
Training Monthly Columnist, The Fraud Examiner, ACFE Newsletter
Member of Editorial Advisory Board, ACFE
Author of “Fraud in the Markets”Explains how fraud fueled the financial crisis.
Copyright © 2013 FraudResourceNet™ LLC
About Jim Kaplan CIA CFE
President and Founder of AuditNet®, the global resource for auditors
Auditor, Web Site Guru,
Internet for Auditors Pioneer
Recipient of the IIA’s 2007 Bradford Cadmus Memorial Award.
Author of “The Auditor’s Guide to Internet Resources” 2nd Edition
Copyright © 2013 FraudResourceNet™ LLC
About Kevin Doyle CPA CFE CFF
Lead financial and accounting fraud investigations, and other instances of malfeasance on a worldwide basis
Champion ethics awareness via training, communication platforms and education venues
Marriott has been recognized multiple times as one of the “World’s Most Ethical Companies”by the Ethisphere Institute
Copyright © 2013 FraudResourceNet™ LLC
Webinar Housekeeping
This webinar and its material are the property of FraudResourceNet™ LLC. Unauthorized usage or recording of this webinar or any of its material is strictly forbidden. We will be recording the webinar and you will be provided access to that recording within five-seven business days. Downloading or otherwise duplicating the webinar recording is expressly prohibited.
You must answer the polling questions to qualify for CPE per NASBA.
Please complete the evaluation to help us continuously improve our Webinars.
Submit questions via the chat box on your screen and we will answer them either during or at the conclusion.
If GTW stops working you may need to close and restart. You can always dial in and listen and follow along with the handout.
Copyright © 2013 FraudResourceNet™ LLC
Disclaimers
The views expressed by the presenters do not necessarily represent the views, positions, or opinions of FraudResourceNet™ LLC (FRN) or the presenters’ respective organizations. These materials, and the oral presentation accompanying them, are for educational purposes only and do not constitute accounting or legal advice or create an accountant-client relationship.
While FRN makes every effort to ensure information is accurate and complete, FRN makes no representations, guarantees, or warranties as to the accuracy or completeness of the information provided via this presentation. FRN specifically disclaims all liability for any claims or damages that may result from the information contained in this presentation, including any websites maintained by third parties and linked to the FRN website
Any mention of commercial products is for information only; it does not imply recommendation or endorsement by FraudResourceNet LLC
5
Copyright © 2013 FraudResourceNet™ LLC
Today’s Agenda
Introduction
Fraud Statistics
The Auditor’s Role in Fraud Detection
Why Conduct a Fraud Risk Assessment?
Setting the Right Objectives for your FRA
The Phased Process of Doing a Successful
Fraud Risk Assessment
Questions & Answers
Copyright © 2013 FraudResourceNet™ LLC
Fraud: The Big Picture
According to major accounting firms, professional fraud examiners and law enforcement:
Fraud jumps significantly during tough economic times
Business losses due to fraud increased 20% in last 12 months, from $1.4 million to $1.7 million per billion dollars of sales. (Kroll 2010/2011 Global Fraud Report)
Average cost to for each incident of fraud is $160,000 (ACFE) Of Financial Statement fraud: $2 million
Approx. 60% of corporate fraud committed by insiders (PwC)
Approx. 50% of employees who commit fraud have been with their employers for over 5 years (ACFE)
Copyright © 2013 FraudResourceNet™ LLC
The Auditor’s Role
1200: Proficiency and Due Professional Care
1220: Due Professional Care
2060: Reporting to Senior Management and the Board
2120: Risk Management
2210: Engagement Objectives
Copyright © 2013 FraudResourceNet™ LLC
Practice Guide
A fraud risk assessment is often a critical component of an organization’s larger enterprise risk management program.
Copyright © 2013 FraudResourceNet™ LLC
Auditor’s Role
Why do a Fraud Risk Assessment? Comply with standards
It’s the right thing to do
Most importantly:To Proactively Detect and
Prevent Fraud in Your Organization
Copyright © 2013 FraudResourceNet™ LLC
Why Perform This Initiative?
In addition to the introductory statistics: Over 43% of international businesses were victims of
fraud, average loss per company over a 2 year period $2.4m (that amount excludes undetected losses and indirect costs),
85% of companies globally suffered at least one fraud in the past 3 years.
Incidents of fraud damage reputational valueWorth repeating in context of FRA: IIA Standards 2120 and 2210: “must” (was “should”) evaluate potential of fraud…Internal auditors “must” consider probability of significant errors, fraud etc. in developing engagement objectives.
Copyright © 2013 FraudResourceNet™ LLC
Phased Process
I. Create Strategic Fraud Risk Assessment Team
II. Create Survey Beta Execution Team
III. Fraud Benchmarking Phase
IV. Survey Phase
V. Evaluation Phase
VI. Time Commitment
Copyright © 2013 FraudResourceNet™ LLC
I. Strategic Fraud Risk Assessment Team
Team members reflect a wide spectrum of knowledge, skills, and perspectives Recommended Members of Team:
Internal Audit Risk Management Legal/Compliance CounselHuman ResourcesInformation TechnologiesBusiness Unit LeadersExternal Consultants
Continued…
Copyright © 2013 FraudResourceNet™ LLC
I. Strategic Fraud Risk Assessment Team(continued)
Key Activities of Strategic TeamAssess different types of risk –i.e. employee fraud,
management fraud, illegal act, books and records, bribery etc.
Identify universe of fraud risks Assimilate results Evaluate existence and adequacy of controls to
mitigate risksDevelop remediation plan to correct control gaps
Strategic Team time commitment Establish firm expectations – both time & commitment As best possible create milestone schedule;
communicate well inadvance Strategic team support is key toward success!
Copyright © 2013 FraudResourceNet™ LLC
II. Create “BETA”/Brainstorming Teams
Team members should be reflective of the following “demographics”: Your particular corporate reporting structure The intended results of the survey (i.e. next steps/action plans) International (“boots on the ground”) vs. domestic Finance, operations, information technology, HR, Sales and Marketing, Research and Development etc.
Copyright © 2013 FraudResourceNet™ LLC
II. Create BETA Execution Teams (continued)
Beta Team duties: Participate in pre-arranged
meetings/calls/update Via leveraging their experience, Beta team
members add/subtract/modify universe of fraud “Scenarios Types” Refer to external resources as well (industry news,
publications, trade organizations, etc.) Consider interviewing business unit leaders/key
stakeholders This is an iterative process
Copyright © 2013 FraudResourceNet™ LLC
II. Create BETA Execution Teams (continued)
Beta Team duties (cont’d): Facilitate dialogue on “Potential Warning Signs” Provide input around participant selection process Provide feedback on effectiveness of fraud tool such
as:− Clarity of instructions; how will survey translate?− Survey look, feel, functionality− “Malleable-ity” of results, survey tool− Other feedback
Copyright © 2013 FraudResourceNet™ LLC
II. Create BETA Execution Teams (continued)
Quantify population of fraud risks, including, but not limited to: Intentional manipulation of books and records Misappropriation of assets –hard and intangibleAt times intangible assets and “fall below the
radar” Corruption Bribes (FCPA/UK Bribery Act) Kickbacks
Regulatory or Legal Reputational
Copyright © 2013 FraudResourceNet™ LLC
Polling Question 1
Your fraud risk assessment team should include…
A. Chief Audit Executive B. Director of Financial Fraud C. Director of InvestigationsD. Senior Finance Leaders E. All of the above
Copyright © 2013 FraudResourceNet™ LLC
III. Fraud Experience Benchmarking Phase
Benchmark fraud prevention and detection against other companies to better understand latest trends in fraud and to build fraud resource network within the business community.
Schedule periodic calls with industry peers and host round table discussions.
Copyright © 2013 FraudResourceNet™ LLC
IV. Survey Phase
Communicate, communicate, communicate!(then communicate some more!) Include Strategic Team/stakeholders in survey roll-out Announcement from IAD will not likely engage
participants Consider pre-announcement from Strategic
Team/stakeholders Encourage completion by sending “friendly” reminders Connectivity is key!
continued…
Copyright © 2013 FraudResourceNet™ LLC
IV. Survey Phase (continued)
Fraud survey must be circulated to a wide enough audience to identify trends and assess possible unreported frauds or control weaknesses (blind spots!)
IAD to aggregate the data to assess risks perceived by those in the field is, and where unknown risk may lie.
Copyright © 2013 FraudResourceNet™ LLC
V. Evaluation Phase
Compiling results:Add value to businessIncrease awareness of your company’s
susceptibilities and vulnerabilities to specific fraudsLeverage results for proactive
remediation; training purposesImplement results/survey as part of
business unit risk assessment tool
Copyright © 2013 FraudResourceNet™ LLC
V. Evaluation Phase
Compiling results (continued):Use survey feedback to identify
regions/disciplines/ processes/business units that may have significant unreported risk.Implement corrective action plans to
mitigate the risk of potential fraud. Corrective plans may include increasing
controls or designing audit proceduresto address specific risks
Create a documented benchmark of comparing industry. Develop a systematic plan for integrating
fraud detection into the audit plan
Copyright © 2013 FraudResourceNet™ LLC
Polling Question 2
The main goal of the survey phase is to…
A. Gather information on potential fraudstersB. Learn how to conduct fraud investigationsC. Predict potential future areas of fraudD. Identify trends and get a better idea of unreported
frauds
Copyright © 2013 FraudResourceNet™ LLC
Results By Scenario
4
1228
4022
534 32
3 10 23 25 2 42 18 35 16 29 13 21 19 11 39 41 31 20 37 1 14 24 17 36 38 43 26 46 27 30 15 6 7 33 98 44 47 45
0
2
4
6
8
4 5 23 35 19 20 17 46 7 47
Question #KD1
Copyright © 2013 FraudResourceNet™ LLC
Polling Question 3
Compiling the results of your Fraud Risk Assessment should (choose all that apply)
A. Increase awareness of company’s vulnerabilities to specific fraudsB. Leverage results for proactive remediation; training purposes A. Identify regions/processes/business units that may have significant unreported risk.B. All of the above
Slide 27
KD1 leave in?Doyle, Kevin, 7/18/2013
Copyright © 2013 FraudResourceNet™ LLC
VI. Time Commitment Metrics
Strategic Team:Quarterly update meetings (1-2 hrs/QTR)Champion completion of BETA and live surveys (as
needed) Beta Team and related participants:
Initial set up: Initial meetings/review survey/provide feedback
(4hrs/MO – 1st 2-3 MOs) Goal for Beta team is to not create
data/documents but to review well conceived ideas and data and provide opinions on how to make survey efficient and effective)
Copyright © 2013 FraudResourceNet™ LLC
VI. Time Commitment Metrics
Thereafter – refine BETA/Go Live Monthly update meetings thereafter (1 hr/MO) Champion completion of BETA and live surveys
(1 Hr/MO) Provide technical/property level support
suggestions (1hr/MO)
Copyright © 2013 FraudResourceNet™ LLC
Polling Question 4
As part of the Evaluation Phase, it is generally important to integration fraud detection into the:
1. Internal controls process2. Survey process3. Audit plan4. Post-incident remediation
Copyright © 2013 FraudResourceNet™ LLC
Timeline
EvaluationPhase
SurveyDue Date
Go Live
BenchmarkDiscussions
BETA Test
BETA Team / Monthly Updates
Rollout plan to Stakeholders
Strategic Team / Quarterly Updates
Q3-Yr1 Q4-Yr1 Q1-Yr2 Q2-Yr2 Q3-Yr2 X Q4-Yr2 Q1-Yr3 Q2-Yr3 Q3-Yr3
Execute Beta TestFeedback, Edits, Revisions
Quarters
Mileston
es
X – Determine final population, recipients
Q4-Y1 – Q1-Y2
Q1-Y2 - Q2-Y2
Q2-Y3
Q4-Y1 Q1-Y2 Q2-Y2 Q3-Y2 Q4-Y2 Q1-Y3
Develop Risks, Beta Tests, Revisions
Stakeholder Meetings
Q2-Y4
Peer Calls
Copyright © 2013 FraudResourceNet™ LLC
Reporting Results
Background Executive Summary Summary of Recommend Action Plans Detail Summary of Results Other related information
Copyright © 2013 FraudResourceNet™ LLC
Polling Question 4
As part of the Evaluation Phase, it is generally important to integration fraud detection into the:
1. Internal controls process2. Survey process3. Audit plan4. Post-incident remediation
Copyright © 2013 FraudResourceNet™ LLC
Key Lessons
Introduce fraud awareness as an important discipline and “room” needs to be made at the table with the other long standing business disciplines such as HR, R&D, Legal, Sales and Marketing etc. Fraud must be addressed in a proactive vs reactive
manner. Your FRA allows you to do that. Be prepared to argue cost and return on investment
Develop key relationships – need “buy-in”
Be prepared to answer – “what’s in it for me?” “Begin with the End in Mind” (Steven Covey)
Know the “who, what, where, when” in advance
Copyright © 2013 FraudResourceNet™ LLC
Polling Question 5
As part of the Evaluation Phase, it is generally important to integration fraud detection into the:
1. Internal controls process2. Survey process3. Audit plan4. Post-incident remediation
Copyright © 2013 FraudResourceNet™ LLC
Questions?
Copyright © 2013 FraudResourceNet™ LLC
Thank You!
Website: http://www.fraudresourcenet.com
Jim KaplanFraudResourceNet™
800-385-1625 [email protected]
Peter GoldmannFraudResourceNet™
Kevin Doyle, CPA, CFE, CFFSenior Director, Internal Audit
Global Financial FraudMarriott International, [email protected]
Copyright © 2013 FraudResourceNet™ LLC
Coming Up….
"Quick Response Fraud Detection using Data Analytics: Hitting the Ground Running using Technology in a Suspected Fraud Case”, July 31