Conducting a Fraud Risk Assessment
|
|
- Ashley Rice
- 5 years ago
- Views:
Transcription
1 Conducting a Fraud Risk Assessment Approach, Pitfalls and Recommendations IAAIA Istanbul October 10-13, 2010 Jean Pierre Garitte, CIA, CCSA, CISA, CFE, RFA May 2010
2
3 Introduction and Overview Why Conduct a Fraud Risk Assessment? An Approach to Conducting a Fraud Risk Assessment Common Pitfalls in Conducting Fraud Risk Assessments Recommendations in Conducting Fraud Risk Assessments 2
4 Why Conduct A Fraud Risk Assessment?
5 Why Conduct A Fraud Risk Assessment? Traditional risk assessments link risks to the organization s key objectives. Fraud can be overlooked during this type of review if it is not considered a core company objective. A fraud risk assessment expands upon traditional risk assessment. It is scheme and scenario based rather than based on control risk or inherent risk. Assessment teams must be able to identify the potential schemes and scenarios impacting the industries and geographic markets in which the organization conducts business. Key Approach Evaluate fraud risk factors Identify possible fraud schemes and scenarios Prioritize identified fraud risks Evaluate whether mitigating controls exist or are effective Document the risk assessment process and conclusions Conduct periodic reviews and updates 4
6 Conducting A Fraud Risk Assessment Approach, Pitfalls and Recommendations
7 Planning the Fraud Risk Assessment Pitfalls Management does not take responsibility for the FRA The FRA is not risk-based The FRA is too broadly based Recommendations Management should own the FRA and have significant input into the FRA. Educate the Board on the FRA - get their support/buy-in The FRA should be risk-based The FRA should be focused on the higher risk areas 6
8 Planning the Fraud Risk Assessment Pitfalls The planned approach is contrary to the organizational culture The organization does not have the necessary skill sets to perform the FRA The FRA process does not include the appropriate people The FRA is not systematic and recurring Recommendations The planned approach should fit into the organizational culture consider a mixed approach, e.g., interviews and group brainstorms Hire in the necessary skill sets (employees/consultants) Consider who should be involved as part of the planning process The FRA should be systematic and recurring 7
9 Fraud Risk Assessment Overview Step Approach Output 1 Identify & Evaluate Fraud Risk Factors Identify fraud risk factors Schedule of fraud risk factors Sound knowledge of fraud risk environment Identify Possible Fraud Schemes & Scenarios Analyze and Prioritize Fraud Risks Evaluate Control Design & Implementation Identify fraud risks Identify specific fraud schemes Identify account balances and potential errors related to each fraud risk Analyze the likelihood and significance of possible fraud schemes Link fraud schemes to mitigating controls & evaluate control design and implementation Evaluate the results of fraud risk analysis against established criteria and prioritize risks for treatment List of fraud risks Catalog of fraud schemes Inherent Risk Rating (IRR) of entity Catalog of existing controls Fraud Control Risk Rating Fraud Risk Related Control Gap Analysis Residual Risk Rating (RRR) Identification of fraud risks requiring further treatment Fraud risks prioritized COMMUNICATION WITH MANAGEMENT 5 Risk Treatment Prepare Fraud Risk Action Plan Implement Plan Fraud Risk Action Plan Fraud Risks Treated 8
10 Conducting the FRA Step 1 Key Worksteps 1 Identify and Evaluate Fraud Risk Factors 1. Schedule interviews and develop approach 2. Identify fraud risk factors at the entity level, significant locations, significant accounts and business process level. Consider whether each fraud risk factor indicates the existence of an incentive / pressure, opportunity or attitudes / rationalizations. 3. For each identified fraud risk factor, identify the account balances and potential errors that may be affected and assess the fraud risks. 9
11 1. Identify and Evaluate Fraud Risk Factors Pitfalls Fraud Risk Factors are not considered Existing controls are considered The potential for management override of controls is not considered Interviews are not value-added Recommendations Use the Fraud Triangle to explain the significance of fraud risk factors and to initiate thinking Do not consider controls EXCEPT when considering the potential for management override Develop interview approach that matches area and culture 10
12 Conducting the FRA Step 2 Key Worksteps 2 Identify Possible Fraud Risks, Schemes and Scenarios 1. Identify fraud risks and determine if the fraud risks are pervasive or specific. 2. Brainstorm specific fraud schemes that could result from the specific risks identified. 3. For each fraud scheme, identify internal and external parties who could be involved with reference to incentives / pressure, opportunities, attitudes and rationalizations. 11
13 2. Identify Possible Fraud Risks Pitfalls The schemes are too general, not allowing for sufficient consideration of risks and preventing appropriate level of mapping to controls The schemes do not consider the potential for management override of controls The schemes do not consider the potential for collusion Recommendations Detail the schemes by considering: Why? Who? What? (assets, financial reporting) Where (locations, accounts) When? How? 12
14 IAAIA WORKSHOP 2010: CONSOLIDATED KEY FRAUD RISKS IN AIRLINE 1. Abuse of procurement process 2. Excess baggage / Ancillary revenue fraud 3. Theft includes in-flight, baggage, third party 4. Third party/ Supplier fraud billing, pricing, service level 5. Cargo false documentation include Weight / Description 6. Lost baggage fake claims 7. Seat allocation / unauthorised upgrades 8. Misuse of system access internal and external (hacking) 9. Misappropriation of company assets include disposal process 10. Payroll manipulation 13
15 IAAIA WORKSHOP 2010: CONSOLIDATED KEY FRAUD RISKS IN AIRLINE 11. Financial statement / reporting fraud / false disclosures 12. Revenue loss through abuse of position 13. Unauthorised use of credit cards (1 st and 3 rd party) 14. Frequent flyer programme abuse 15. Inventory / booking class manipulation 16. Agents making fictitious bookings (GDS) 17. Tariff / rate abuse (Cargo) 18. Abuse of travel benefits 19. Abuse of medical leave / unauthorised absence 20. Obtaining and retaining employment through deceptions 21. Employee expenses (falsification of claims) 14
16 ADDITIONAL FRAUD RISKS IN AIRLINE 1. Bribery of government officials 2. Theft of confidential information 3. Segregation of duties in outstations 4. Relationship with third parties 5. Override procurement process 6. Single supplier 7. Manipulation of bidders 8. Free of charge tickets 9. Gifts 15
17 Conducting the FRA Step 3 Key Worksteps Evaluate possible fraud schemes by: 3 Prioritize Identified Fraud Risks - Type - Likelihood - Significance - Pervasiveness Consider Inherent Risk Rating (IRR) 16
18 3. Prioritize Identified Fraud Risks Pitfalls All fraud risks are considered equally important Recommendations Prioritize the identified fraud risks based on likelihood and significance 17
19 3. Prioritize Identified Fraud Risks Evaluate possible fraud schemes by type, likelihood, significance and pervasiveness. Arrive at inherent risk level for each scheme. LIKELIHOOD SIGNIFICANCE PERVASIVENESS Remote More Than Remote Likely Inconsequential More Than Inconsequential Material Not Pervasive Pervasive INHERENT RISK RATING* Low Medium High * (Factor of Likelihood and Significance) 18
20 Conducting the FRA Step 4 Key Worksteps 4 Evaluate Whether Existing Controls Exist / Are Effective 1. Link fraud schemes to mitigating controls. Assess whether each mapped or linked control activity is preventative or detective in nature. 2. Evaluate the effectiveness of controls to determine if they sufficiently mitigate the risk of the identified fraud schemes (control gap analysis). 3. Evaluate the residual fraud risk. 19
21 4. Evaluate Mitigating Controls Antifraud control activities can be preventative or detective in nature. Special consideration should be given to the risk of override of controls by management. Some programs and controls that deal with management override include: active oversight from the audit committee whistle-blower programs and a system to receive and investigate anonymous complaints; and reviewing journal entries and other adjustments for evidence of possible material misstatement due to fraud. 20
22 4. Evaluate Mitigating Controls Pitfalls Where gaps are identified, no remediation efforts are made Future changes in risk are not incorporated into the FRA and remediation is not performed Effectiveness of controls is not evaluated Mapping is done inefficiently and without consideration of existing controls and documentation Recommendations Design and implement controls to close identified gaps The FRA should be iterative and should be reassessed at least annually as well as when there is a significant change in the control environment Evaluating the effectiveness of the controls Only map those controls identified as significant Identify entity level controls that will assist in mitigating remaining residual risk Leverage off existing efforts and controls 21
23 4. Control Risk Rating Evaluate the Control Risk Rating Evaluate controls to determine if they sufficiently mitigate the identified fraud risks and schemes or if additional emphasis should be placed on existing controls or new controls are required Consider both the design and the implementation of the control in mitigating the fraud risk Consider possible management override of controls Effective CONTROL RISK RATING Partially Effective Ineffective 22
24 Establish Residual Risk Rating High Medium Low RESIDUAL RISK RATING Residual risk is the risk remaining after factoring the inherent risk rating and control effectiveness rating for each identified fraud risk. A High rating would indicate immediate action is required and that item should be included in a fraud risk action plan. A Medium rating would indicate that attention is required to the fraud risk and control and that item may be included in a fraud risk action plan, depending on the control effectiveness rating. A Low rating would indicate that the item should be factored into ongoing monitoring plans. 23
25 Conducting the FRA Step 5 Key Worksteps 1. Prepare a Fraud Risk Action Plan to treat and mitigate fraud risk schemes requiring attention. 2. Implement Fraud Risk Action Plan. 5 Risk Treatment 24
26 5. Risk Treatment Prepare a Fraud Risk Action Plan to treat and mitigate fraud risk schemes requiring attention. Controls should be implemented or enhanced for identified fraud schemes where controls are not already present, inadequately designed or poorly implemented. Ensure overall responsibility is assigned to a senior manager to monitor control implementation as detailed in the Fraud Risk Action Plan. This responsibility could be defined in the Fraud Control Policy of the entity or specified elsewhere. The Audit Committee should oversee the entire process. 25
27 Conclusion
28 1. Identify and Evaluate Fraud Risk Factors Sample FRA Documentation 27
29 1. Identify and Evaluate Fraud Risk Factors For each identified fraud risk factor, identify the account balances and potential errors that may be affected and assess the fraud risks. Sample FRA Documentation 28
30 2. Identify Possible Fraud Risks Sample FRA Documentation 29
31 2. Identify Possible Fraud Schemes Sample FRA Documentation 30
32 3. Prioritize Identified Fraud Risks Sample FRA Documentation 31
33 4. Evaluate Mitigating Controls Sample FRA Documentation 32
34 4. Control Risk Rating Sample FRA Documentation 33
35 4. Establish Residual Risk Rating Sample FRA Documentation 34
36 Fraud risk register The Fraud Risk Register tailored to each organization summarizes and collates the outputs from each step of the fraud scenario risk assessment process. Below is a sample Fraud Risk Register filled out to indicate how a completed Register might look. Fraud Risk Register Reference Number Fraud Risk Probability Consequence Inherent Risk Rating Control Activities Control Risk Rating Residual Risk Rating Further action/ treatment required 1. Monitoring by country representatives Misappropriation / misuse of partner's program 1 Possible Major High 2. Certificate of expenditure Very Effective Medium No funds 3. Programme officer and field visits 1. Formal clearance process for creating Contracts (Procurement, legal and accounts) 2 Misappropriation / misuse of funds Unlikely Major Medium 2. Approval from project manager and Accounts for invoices Very Effective Low No before payment 1. Formal procedures for variations in place 3 Theft of petty cash Likely Major High Marginally Effective High Yes 1. All employees sign a confidentialy agreement at the time of joining 4 Breach of Confidentiality Possible Major High 2. Documented data privacy policies Marginally Effective High Yes 1. Ovetime claims to be approved by project managers 5 Payroll and expense cliam fraud Likely Moderate High Partially Effective High Yes 35
37 Approach and methodology Sample fraud risk treatment plan The starting point for the plan is a collation of the key findings from the previous steps in the risk assessment. These findings, along with discussion with senior management will determine how and where the organization will position its risk mitigation. Risk mitigation activities are the implementation of additional controls or the enhancement of existing controls where controls are not already present, inadequately designed or poorly implemented. The fraud risk treatment plan details the new controls and controls enhancements. Ensuring that time frames, cost and accountability are addressed and agreed upon by senior management is an important step in designing effective treatment plans. The following diagrams illustrate the progression in analyses throughout the fraud risk analysis, concluding at a post treatment plan scenario. Sample Fraud Risk Treatment Plan Reference Number 3 Fraud Risk Misappropriation / misuse of funds Residual Risk Rating Reason for Treatment Proposed Actions and Comments Person Responsible Due by Revised Residual Rating 1. Variation application and apporval to be authorise and reviewed by Contracts Pressure to process unapproved variations Medium section Contracts section Ongoing Low which lead to excess payments 4 5 Breach of Confidentiality Payroll and expense cliam fraud High High Loss or inappropriate dissemination of confidential information Employees may manipulate hours on monthly timesheets to claim overtime 1. Enforce clear desk policy 2. Create awareness regarding protecton of confidential information 3. Implement access controls for IT systems 1. Standard hours imposed on employees 2. Project manager to report hours in excess of budgeted hours for project HR, IT and Compliance HR, IT and Project Manager 2 months from date Ongoing Medium Medium 36
38 Airline testimonial
39 Questions?
40 Conducting a Fraud Risk Assessment Approach, Pitfalls and Recommendations IAAIA Istanbul October 10-13, 2010 Jean Pierre Garitte, CIA, CCSA, CISA, CFE, RFA May 2010
Agenda 11/26/13. Updated COSO Framework
Updated COSO Framework Danny M. Goldberg, Founder Agenda COSO Update Overview History/Background Changes Overview Five Control Objectives 17 Control Principles Case Study: Developing a Checklist for Your
More informationManaging the Business Risk of Financial Fraud for Higher Education Providers
Part II Practical lconsiderations i for Managing the Business Risk of Financial Fraud for Higher Education Providers Mark Albers Deloitte FAS LLP April 23, 2010 Discussion Themes I. Fraud Why it Matters
More informationAnti-Fraud Programs and Control Policy
Anti-Fraud Programs and Control Policy OVERVIEW This document provides an overview of the programs and controls Tahoe Resources Inc. ( Tahoe ) follows in order to evaluate fraud risk as it pertains to
More informationCOSO Updates and Expectations. IIA San Diego Chapter January 8, 2014
COSO Updates and Expectations IIA San Diego Chapter January 8, 2014 Agenda Overview of 2013 Internal Control-Integrated Framework and Companion Guidance 2013 Framework General Enhancements by Component
More informationFRAUD AWARENESS UPDATE
Tammy Michaud, CPA, Principal Sarah Belliveau, CPA, Senior Manager FRAUD AWARENESS UPDATE berrydunn.com CATEGORIES OF FRAUD Asset misappropriations (stealing) Theft or misuse of assets Corruption Inappropriate
More information201 Fraud Risk Assessment April 19, 2010 Monday 1:30 2:30 pm Paul M. Baran Mark P. Ruppert, CPA, CIA, CISA, CHFP. Round Up!
201 Fraud Risk ment April 19, 2010 Monday 1:30 2:30 pm Paul M. Baran Mark P. Ruppert, CPA, CIA, CISA, CHFP Director, Internal Audit Director, Internal Audit Fraud Risk ment Round Up! Why? What is Fraud
More informationPresented by Ed Williamson and Erica Bailey
Presented by Ed Williamson and Erica Bailey Internal Controls & Fraud Detection Objectives Background on internal controls Review of organizational and functional level controls Fraud prevention and risk
More informationAN AUDIT OF INTERNAL CONTROL THAT IS INTEGRATED WITH AN AUDIT OF FINANCIAL STATEMENTS: GUIDANCE FOR AUDITORS OF SMALLER PUBLIC COMPANIES
1666 K Street, NW Washington, D.C. 20006 Telephone: (202) 207-9100 Facsimile: (202) 862-8430 www.pcaobus.org PRELIMINARY STAFF VIEWS AN AUDIT OF INTERNAL CONTROL THAT IS INTEGRATED WITH AN AUDIT OF FINANCIAL
More informationWho Owns Fraud Uniting Corporate Executives to Manage Your Anti-Fraud Program
Who Owns Fraud Uniting Corporate Executives to Manage Your Anti-Fraud Program Monday June 13, 2011 10:20 11:40 San Diego, California Who owns fraud why is it important? Many companies struggle to determine
More informationFraud Prevention, Detection and Control. Elizabeth Coles, CPA Aldrich CPAs + Advisors LLP
Fraud Prevention, Detection and Control Elizabeth Coles, CPA Aldrich CPAs + Advisors LLP 1 Agenda Who and Why? Fraud Schemes and Risks Fraud Prevention what can you do? 3 Who Commits Fraud? Long time,
More informationFRAUD RISK FACTORS CHECKLIST (Source: New AU Section 240, Appendix A)
Page 136 of 174 FRAUD RISK FACTORS CHECKLIST (Source: New AU Section 240, Appendix A) RECOGNIZING RISK FACTORS THAT SHOULD GET YOUR ATTENTION How to use the checklist: 1. Review this checklist towards
More informationMANAGING FRAUD RISK. Teresa D. Thamer, CPA, CFE Brenau University
MANAGING FRAUD RISK Teresa D. Thamer, CPA, CFE Brenau University Overview I. Understanding what Fraud is and is not II. Identifying and assessing key fraud risk areas III. Developing a Comprehensive Fraud
More informationAUDIT RISK ASSESSMENT AND RESPONSES TO ASSESSED RISK BY Geoffrey Byamugisha Partner, Ernst & Young. Lessons on Audit Risk. Responding to fraud risk
AUDIT RISK ASSESSMENT AND RESPONSES TO ASSESSED RISK BY Geoffrey Byamugisha Partner, Ernst & Young ICPAU Page 1 COURSE CONTENT Lessons on Audit Risk Identification of audit risk and audit risk assessment
More informationIn Control: Getting Familiar with the New COSO Guidelines. CSMFO Monterey, California February 18, 2015
In Control: Getting Familiar with the New COSO Guidelines CSMFO Monterey, California February 18, 2015 1 Background on COSO Part 1 2 Development of a comprehensive framework of internal control Internal
More informationInternal Financial Control (IFC)& Internal Financial Controls over Financial Reporting (IFCoFR)
Internal Financial Control (IFC)& Internal Financial Controls over Financial Reporting (IFCoFR) Origin of IFC The first significant focus on internal control certification related to financial reporting
More informationInternal controls over Financial Reporting Key concepts. Presentation by Jayesh Gandhi at WIRC
Internal controls over Financial Reporting Key concepts Presentation by Jayesh Gandhi at WIRC Page 1 ICFR Key Concepts WIRC 28 May 2016 Agenda Scope and requirements Overview of internal controls as per
More informationFraud Prevention, Detection, and Internal Controls
Fraud Prevention, Detection, and Internal Controls Budget, Accounting and Reporting Council May 28, 2015 Sherrie Ard, CPA, CFE Financial Management Specialist Local Government Performance Center Local
More informationAnnual Audit and Other Financial Matters
Getting Ready for Your Annual Audit and Other Financial Matters by Donna M. Ingram, CPA, CFE, Cr.FA, CFF Donna M. Ingram, CPA, PC dingram@cablelynx.com Role of the Auditor The role of the independent auditor
More informationSEGREGATION OF DUTIES for SAP
SEGREGATION OF DUTIES for SAP SEGREGATION-OF-DUTIES In todays modern, technology driven world, segregation-of-duties (SoD) is enforced through business applications and ERP s, but highlighting breakdowns
More informationEntity level controls Design/implementation 530 Page 1 of 9
Page 1 of 9 Entity Period ended Objective: To document the design and implementation of the following elements of internal control: Environment Assessment Financial Reporting (part of information systems)
More informationCHAPTER 6 GOVERNMENT ACCOUNTABILITY
Kern County Administrative Policy and Procedures Manual CHAPTER 6 GOVERNMENT ACCOUNTABILITY Section Page 601. General Statement... 1 602. Definitions... 1 603. Fraud, Waste, and Abuse... 1 604. Fraud Protocol...
More informationAn Overview of the 2013 COSO Framework. August 2013
An Overview of the 2013 COSO Framework August 2013 Introduction Dean Geesler, KPMG Senior Manager Course Objectives Summarize the key changes from the 1992 Framework to the 2013 Framework including the
More informationInternal Controls: Providing an Effective Control Environment. Why This Session Is Needed. Lesson Overview & Module Objectives
Internal Controls: Providing an Effective Control Environment Internal Controls 1 Why This Session Is Needed Uniform Guidance has expanded the requirements and increased the focus on internal controls
More informationEffective implementation of COSO s new anti-fraud guidance
Effective implementation of COSO s new anti-fraud guidance In September 2016, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) published a new Fraud Risk Management Guide (Anti-fraud
More informationFRAUD SCHEMES. South Carolina HFMA Finance & Reimbursement Forum. November 13, 2012 WITH RELATED INTERNAL CONTROLS
FRAUD SCHEMES WITH RELATED INTERNAL CONTROLS South Carolina HFMA Finance & Reimbursement Forum November 13, 2012 2 Fraud Facts: Estimated loss of 5% of annual revenues to occupational fraud Financial statement
More informationConsideration of Fraud in a Financial Statement Audit (Redrafted) *
STATEMENT ON AUDITING STANDARDS Consideration of Fraud in a Financial Statement Audit (Redrafted) * Statement on Auditing Standards (SAS) Consideration of Fraud in a Financial Statement Audit (Redrafted)
More informationMoving the Needle: Fighting Fraud from the Inside Through Audit. Mary Breslin, CFE, CIA President Empower Audit Training and Consulting
Moving the Needle: Fighting Fraud from the Inside Through Audit Mary Breslin, CFE, CIA President Empower Audit Training and Consulting Moving the Needle Fighting Fraud from the Inside Through Audit Mary
More informationFraud: Welcome to Your Worst Nightmare
Fraud: Welcome to Your Worst Nightmare Fraud: It can happen to you A Not-For-Profit Fraud Survey conducted by BDO in 2014 highlighted the following facts concerning fraud in Australia & New Zealand among
More informationWeek 3: Fraud, Procure to Pay Process Controls
Edward Beaver Edward.Beaver@temple.edu ff MIS 5121: Business Processes, ERP Systems & Controls Week 3: Fraud, Procure to Pay Process Controls Video: Record the Class Discussion v Something really new,
More informationAlyssa G. Martin, CPA Brandon Tanous, CIA, Using the COSO CFE, CGAP, CRMA Framework to Develop a Strong and Preventive Control Environment
Speakers Using the COSO Framework to Develop a Strong and Preventive Control Environment Weaver Public Sector CPE Event Alyssa G. Martin, CPA Dallas Executive Partner, Advisory Services 25+ years of public
More informationAudit Training-of-Trainers Workshop, November 2014, Vienna Components of internal control within organization
Audit Training-of-Trainers Workshop, 18-19 November 2014, Vienna Components of internal control within organization Andrei Busuioc, Senior Financial Management Specialist, CFRR Session objectives The session
More informationPolicy Analysis: Internal Controls #1.11 1/2009
Policy Objective: To ensure that University funds are used in a responsible and appropriate manner consistent with the University s mission, applicable law, and ethical practice. Applies To: Any and all
More information2/20/2014. Agenda. Allen Still & Ryan Merryman March 31, CLAconnect.com CliftonLarsonAllen LLP Continuous Auditing Programs
Continuous Auditing Programs Allen Still & Ryan Merryman March 31, 2014 CLAconnect.com Agenda Presentation Objectives Defining Continuous Auditing Programs The Benefits of Continuous Auditing Demonstration
More informationCan You Spot Fraudsters?
Can You Spot Fraudsters? CACUBO Workshop March 22, 2018 Eric Conforti, CPA, CFE 1 Who Are We? A One-Firm Firm: Over 2,200 industry experts to partner with when specific industry knowledge is needed during
More informationUsing the Fraud Risk Framework In Audits: CMS Example
Using the Fraud Risk Framework In Audits: CMS Example Applying the Framework GAO-18-88: CMS Example (11:00 11:45) CMS context Risk profile Commit Assess Design and Implement Evaluate and Adapt GAO forum
More informationOCCUPATIONAL FRAUD IN GOVERNMENT AND STEPS TO PREVENT AND DETECT IT
OCCUPATIONAL FRAUD IN GOVERNMENT AND STEPS TO PREVENT AND DETECT IT This session will explore government fraud risks as well as common areas of abuse and corresponding red flags. It will also provide ideas
More informationContract and Procurement Fraud. Fraud in Procurement without Competition
Contract and Procurement Fraud Fraud in Procurement without Competition Sole-Source Awards Noncompetitive procurement process through the solicitation of only one source Procurement through sole-source
More informationEric Kinsherf, CPA MMAAA Conference June 12, 2018
Eric Kinsherf, CPA MMAAA Conference June 12, 2018 Agenda Overview What is Fraud? How does Fraud happen? How to Detect and Prevent Fraud Summarize Objectives Gain better Understanding of Fraud Risk Illustrate
More informationInternal Control Questionnaire and Assessment
Bureau of Financial Monitoring and Accountability Florida Department of Economic Opportunity September 15, 2016 107 East Madison Street Caldwell Building Tallahassee, Florida 32399 www.floridajobs.org
More informationContract and Procurement Fraud
Contract and Procurement Fraud Fraud in Procurement Without Competition 2018 Association of Certified Fraud Examiners, Inc. Sole-Source Awards The procurement process is noncompetitive through the solicitation
More information38 Years of Excellent Client Service New COSO Model and How Internal Controls Help to Reduce Opportunity for Fraud
38 Years of Excellent Client Service New COSO Model and How Internal Controls Help to Reduce Opportunity for Fraud Presented By William Blend, CPA, CFE Session Overview Review the new COSO model on internal
More informationInternal Audit Work Plan
Internal Audit Work Plan Fiscal Year 2018 Department of Management and Finance 1 Internal Audit Services Arlington County s Internal Audit Division is organizationally located in the Department of Management
More informationPresent and functioning: Fine-tuning your ICFR using the COSO update
Present and functioning: Fine-tuning your ICFR using the COSO update November 2014 With the COSO s 1992 Control Framework being superseded by the 2013 updated edition on December 15, 2014, now is the time
More informationFraud Risk Management
Fraud Risk Management Specific Anti-Fraud Controls (Process or Transaction Level) 2017 Association of Certified Fraud Examiners, Inc. Discussion Questions 1. Does your organization have adequate staffing
More informationSTUDY UNIT TEN INTERNAL AUDIT RESPONSIBILITIES FOR FRAUD
STUDY UNIT TEN INTERNAL AUDIT RESPONSIBILITIES FOR FRAUD 1 10.1 Fraud -- Nature, Prevention, and Detection..................................... 1 10.2 Fraud -- Indicators........................................................
More informationInternal Control Questionnaire and Assessment
Bureau of Financial Monitoring and Accountability Florida Department of Economic Opportunity September 30, 2017 107 East Madison Street Caldwell Building Tallahassee, Florida 32399 www.floridajobs.org
More informationIf an adequate segregation of duties does not exist, the following could occur:
Segregation of Duties Safeguarding Assets Review and Approval Accounting Policies and Procedures Efficiency and Effectiveness Reporting Timeliness Segregation of Duties Duties within the department or
More informationAlfa Laval (India) Limited Whistle Blower Policy
Alfa Laval India Limited expects employees and Business Associates* to report breaches, or suspected breaches of the law, Alfa Laval Business Principles, policies and/or any violation of Alfa Laval Code
More informationOffice of the City Manager
Office of the City Manager TO: FROM: Finance/Audit Committee Ruthe Holden, Internal Audit Manager SUBJECT: Final Fraud Risk Assessment Report-Phase 1 Recommendation This report is for information only.
More information2/20/15. Trevor Stewart, CPA Director of Business Services Source documentation includes CCIA and FCMAT
2/20/15 Trevor Stewart, CPA Director of Business Services Source documentation includes CCIA and FCMAT The Fraud Triangle factors that influence the commission of fraud The Fraud Tree occupational fraud
More informationCorporate Governor. Providing vision and advice for management, boards of directors and audit committees Winter 2015
Corporate Governor Providing vision and advice for management, boards of directors and audit committees Winter 2015 COSO 2013 framework boosts fraud risk assessment and prevention Fraud is among the most
More informationIAASB Main Agenda (December 2008) Page Agenda Item
IAASB Main Agenda (December 2008) Page 2008 2669 Agenda Item 2-C PROPOSED INTERNATIONAL STANDARD ON AUDITING 265 COMMUNICATING DEFICIENCIES IN INTERNAL CONTROL (Effective for audits of financial statements
More informationFinance & Audit Committee Meeting
Finance & Audit Committee Meeting Third Quarter Fiscal Year 2017 January 25, 2017 Page 1 Page 2 Audit Update Risk Management Framework (Prior Meeting Follow up) A sustainable risk management framework
More informationContract and Procurement Fraud
Contract and Procurement Fraud Performance Schemes 2018 Association of Certified Fraud Examiners, Inc. Invoicing Schemes Vendor submits fraudulent invoices to generate false payments. False invoices Inflated
More informationPurpose. CSU Benefits. Objective
Purpose The risk assessment tool is designed to help Chicago State University (CSU) identify and document our critical risk categories. In an effort to administer an effective, efficient, and World Class
More informationKey Elements of Antifraud Programs and Controls
Key Elements of Antifraud Programs and Controls A White Paper This white paper provides general or summary information about aspects of the Sarbanes-Oxley Act of 2002 and current and proposed rules, regulations
More informationCash and Internal Controls For SDA Organizations
Cash and Internal Controls For SDA Organizations 1 P R E S E N T A T I O N F O R T R E A S U R E R S E U R O - A S I A D I V I S I O N J U L Y 1 7, 2 0 1 3 Ann Gibson, PhD, CPA Andrews University Purpose
More informationDepartment of Biology
THE UNIVERSITY OF TEXAS-PAN AMERICAN OFFICE OF AUDITS & CONSULTING SERVICES Department of Biology Report No. 14-10 OFFICE OF INTERNAL AUDITS THE UNIVERSITY OF TEXAS - PAN AMERICAN 1201 West University
More informationMIS 5208 Week 2 Fraud Detection & Prevention
MIS 5208 Week 2 Fraud Detection & Prevention Introductions, Course Outline, and Other Administration Issues Ed Ferrara, MSIA, CISSP eferrara@temple.edu Fraud Awareness & Internal Controls Awareness Internal
More informationACCTG 533: Module 14: Asset Misappropriation Fraud. [Slide Content]: Asset Misappropriation Fraud. [Jeanne H. Yamamura]: Asset Misappropriation Fraud
ACCTG 533: Module 14: Asset Misappropriation Fraud Asset Misappropriation Fraud Asset Misappropriation Fraud Asset Misappropriation Fraud Theft or misuse of company assets Most common type of fraud Every
More informationIntegrity. Purpose of the Checklist. Description
Integrity Purpose of the Checklist To guide and support public procurement practitioners in reviewing, developing and updating their procurement framework, according to the 12 principles of the Recommendation
More informationIntroductions. An Overview of the COSO 2013 Framework. Christian Peo Sharon Todd. An Overview of the 2013 COSO Framework.
An Overview of the 2013 COSO Framework An Overview of the COSO 2013 Framework August 8, 2013 Introductions Christian Peo Sharon Todd Marc Wittenberg Module Name/SL/1 firms Course Objectives By the end
More informationDECISION. mb a5 EFSA Internal Control Framework. Internal Control Framework of the European Food Safety Authority. Decision No.
mb171212-a5 EFSA Internal Control Framework LEGAL & ASSURANCE SERVICES DECISION EFSA European Food Safety Authority Internal Control Framework of the European Food Safety Authority Effective Date: 1 January
More informationDiving into the 2013 COSO Framework. Presented by: Ronald A. Conrad
Diving into the 2013 COSO Framework Presented by: Ronald A. Conrad 2 Objectives Obtain an understanding of why the COSO Framework has been updated Understand how the framework has changed Identify the
More informationFraud in the Insurance Industry How it Can Impact Your Agency
A MarshBerry Publication Volume XXIX, Issue 4 APRIL 2013 Authored by Molly McCarthy, Senior Consultant 440.392.6584 email: Molly.McCarthy@MarshBerry.com Fraud in the Insurance Industry How it Can Impact
More informationFraud Prevention Training
Fraud Prevention Training The Massachusetts Collectors and Treasurers Association Sixty-Sixth Annual Education Conference June 15, 2015 Presented By: Eric Demas, CFE Melanson Heath edemas@melansonheath.com
More informationFRAUD POLICY. Lesley Carnegie, Governance & Assurance Manager. Blackwood Managers will be made aware of updated policy by .
FRAUD POLICY Version Number Issue 4.0 Date Revision Complete Policy Owner Author Reason for Revision Data Protection Equalities Impact Assessment Is it required? Yes/No Proof Read 2 nd March 2018 Head
More informationChapter 7 Internal Controls
Chapter 7 Internal Controls Establishment of and adherence to internal controls is a major part of managing an organization. Internal controls serve as the first line of defense in safeguarding assets
More informationThe Blue Sage Group. Sarbanes-Oxley. 404 Compliance Program. The Blue Sage Group
The Blue Sage Group Sarbanes-Oxley 404 Compliance Program The Blue Sage Group Agenda The Blue Sage Group 404 Compliance Challenges Meeting the 404 Challenges TBSG 404 Compliance Program Assessment and
More informationOUTSMART FRAUD. Strategic Internal Controls to Prevent Business Fraud
OUTSMART FRAUD Strategic Internal Controls to Prevent Business Fraud GrowthForce LLC 800 Rockmead Drive Suite 200 Phone 281.358.2007 Fax 281.358.4120 OUTSMART BUSINESS FRAUD Using statistical data from
More informationPresentation Overview
International Fraud, Ethics and Culture Seen Through the Lens of a Fraud Examiner Steve C. Morang, CFE CCEP CIA CRMA Copyright Steve C. Morang, All rights reserved. Presentation Overview Introduction Understanding
More informationORACLE ADVANCED FINANCIAL CONTROLS CLOUD SERVICE
ORACLE ADVANCED FINANCIAL CONTROLS CLOUD SERVICE Advanced Financial Controls (AFC) Cloud Service enables continuous monitoring of all expense and payables transactions in Oracle ERP Cloud, for potential
More informationInternal Control in Higher Education
Internal Control in Higher Education Daniel Adams Office of Audit Services Audit Services Mission To provide assurance and advisory services that are independent, objective and risk-based in order to protect
More informationManaging the Risk of Fraud in the Conversion to IFRS
Managing the Risk of Fraud in the Conversion to IFRS Fernando Cancino, CFE, CIA BPO Executive Americas Amicorp A Road Frocked with Risk Conversion to IFRS Conversion Risk of Fraud Risk Mitigation Strategy
More informationBy David Gnanadass Ag Chief Internal Auditor, Malaysia Airlines
FRAUD PREVENTION OR CONTROL TECHNIQUES By David Gnanadass Ag Chief Internal Auditor, Malaysia Airlines Agenda Promoting integrity culture in an organization setting the right tone from the top Sharing
More informationJoseph Stepp, CPA CIA CGAP CGFM CFE Audit Director. Higher Education Programs. April 2011
Auditor of Public Accounts Update Joseph Stepp, CPA CIA CGAP CGFM CFE Audit Director Higher Education Programs April 2011 Higher Education Programs Specialty Team 2 Discussion Topics APA Audit Initiatives
More informationLONDON PUBLIC LIBRARY POLICY
PURPOSE: The purpose of the Fraud Policy and its accompanying Risk Management Plan is to establish a framework by which London Public Library (LPL) will practice the highest level of business integrity
More informationTHE UNIVERSITY OF TEXAS-PAN AMERICAN OFFICE OF AUDITS & CONSULTING SERVICES. Department of Communication Report No
THE UNIVERSITY OF TEXAS-PAN AMERICAN OFFICE OF AUDITS & CONSULTING SERVICES Report No. 15-02 OFFICE OF INTERNAL AUDITS THE UNIVERSITY OF TEXAS - PAN AMERICAN 1201 West University Drive Edinburg, Texas
More informationFraud Avoidance Policy
Rooks Heath College Fraud Avoidance Policy Introduction This policy replaces any previous policy and follows the DfE regulations. All members of staff are affected by and expected to adhere to this policy.
More informationInternal Audit Work Plan First Half of Fiscal Year Department of Management and Finance
Internal Audit Work Plan First Half of Fiscal Year 2019 Department of Management and Finance 1 Internal Audit Services Arlington County s Internal Audit Division is organizationally located in the Department
More informationInternal Audit s Role in Preventing, Deterring and Detecting Fraud Working as Part of a Fraud Management Team The Way Forward
Internal Audit s Role in Preventing, Deterring and Detecting Fraud Working as Part of a Fraud Management Team The Way Forward Ottawa, ON 11/26/2015 Introduction and Objectives The main objectives of today
More informationDeterrence and detection
Deterrence and detection A growing concern A report by Fraud Investigation & Dispute Services Even before the Indian businesses and industry could recover from the negative impact of big scams from last
More informationInterpreting the Energy Risks from EY s 2016 Global Fraud Survey
Interpreting the Energy Risks from EY s 2016 Global Fraud Survey SCCE Utilities & Energy Compliance and Ethics Conference Washington D.C. 2016 Global Fraud Survey - Approach Between October 2015 and January
More informationCommittee for Senior Business Administrators. Segregation of Duties
Committee for Senior Business Administrators Segregation of Duties Presented by: Tammy R. Hoskens and Margaret (Peggy) B. Zapalac University Risk and Compliance May 21, 2009 Segregation of Duties Segregation
More informationAccounting 408 Exam 2, Chapters 3, 4, 5, 6, E, F
Accounting 408 Exam 2, Chapters 3, 4, 5, 6, E, F Summer 2017 Name Row Multiple Choice Questions. (2 points each, 100 points total) Read each question carefully and indicate the one best answer to each
More informationAn Audit of Internal Control Over Financial Reporting Performed in Conjunction with An Audit of Financial Statements
Page A 1 Standard Appendix Auditing Standard No. 2 AUDITING AND RELATED PROFESSIONAL PRACTICE STANDARDS Auditing Standard No. 2 An Audit of Internal Control Over Financial Reporting Performed in Conjunction
More information1 C. The Chief Executive Officer Affiliate Class of Services are 2 Provided at a Reasonable Cost
1 C. The Chief Executive Officer Affiliate Class of Services are 2 Provided at a Reasonable Cost 3 Q. Are the costs of the Chief Executive Officer affiliate class of services 4 reasonable? 5 A. Yes. The
More informationSA 265 COMMUNICATING DEFICIENCIES IN INTERNAL CONTROL
Part I : Engagement and Quality Control Standards I.169 SA 265 COMMUNICATING DEFICIENCIES IN INTERNAL CONTROL TO THOSE CHARGED WITH GOVERNANCE AND MANAGEMENT (EFFECTIVE FOR ALL AUDITS RELATING TO ACCOUNTING
More informationAppendix A. Simplified Sample Entity-Level Control Matrices
Control Strategies: A Mid to Small Business Guide By Julie Harrer Copyright 2008 Hamlet ing Corp. Appendix A Simplified Sample Entity-Level Control Matrices Control Environment Possible Controls Integrity
More informationEMPLOYEE FRAUD OPPORTUNITIES CHECKLIST
Page 128 of 174 EMPLOYEE FRAUD OPPORTUNITIES CHECKLIST Recognizing Warning Signs and Preventing Problem Situations Why are consistent internal controls important? Management decisions, financial reports,
More informationChapter 2 IWK Health Centre: Financial Management Controls and Governance
Chapter 2 IWK Health Centre: Financial Management Controls and Governance OGANS Overall Conclusions The Board of Directors and management of the IWK Health Centre did not effectively govern and oversee
More informationAn Audit of Internal Control Over Financial Reporting Performed in Conjunction with An Audit of Financial Statements
AUDITING STANDARD No. 2 An Audit of Internal Control Over Financial Reporting Performed in Conjunction with An Audit of Financial Statements March 9, 2004 AUDITING AND RELATED PROFESSIONAL PRACTICE STANDARDS
More informationName: Chapter 12 Revenue- and Inventory-Related Financial Statement Frauds MULTIPLE CHOICE
Name: Chapter 12 Revenue- and Inventory-Related Financial Statement Frauds Instructions: There are 46 multiple choice questions on this quiz. You may choose any 25 (but only 25) questions to answer. Please
More informationImplementation Tool for Auditors
Implementation Tool for Auditors CANADIAN AUDITING STANDARDS (CAS) DECEMBER 2017 STANDARD DISCUSSED CAS 315, Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity
More informationDetecting & Preventing Procurement Fraud Using Data Analysis to Detect Improper Disbursements
Detecting & Preventing Procurement Fraud Using Data Analysis to Detect Improper Disbursements April 29, 2014 2:00 3:00pm ET Andrew Simpson, MBA Chief Operating Officer, CaseWare Analytics Paul Soos, CFE,
More informationWhat Happens When Internal Controls Fail
What Happens When Internal Controls Fail 1 Your Presenters Brian Sanvidge Principal Baker Tilly Ellen Labita Partner Baker Tilly Danielle Callaci Manager Baker Tilly 2 Today s Agenda > What are Internal
More informationCatching Fraud During a Recession Through Superior Internal Controls. FICPA s 25 th Annual Accounting Show. J. Stephen Nouss September 29, 2010
Catching Fraud During a Recession Through Superior Internal Controls FICPA s 25 th Annual Accounting Show J. Stephen Nouss September 29, 2010 1 Session Objectives Fraud Facts (2008 Association of Certified
More informationChapter 01 Page 1 of 5
Chapter 01 Page 1 of 5 Q 01_01 A 01_01 Describe the task of Marketing Research. An increased emphasis is being placed on the importance of sound managerial decision making. It is the task of marketing
More informationAudit of Core Management Controls. Internal Audit Sector
Audit of Core Management Controls Internal Audit Sector November 4, 2014 This page is left blank to allow for double sided printing. Correctional Service Canada Internal Audit Sector Page ii Table of Contents
More informationInternal Controls Overview
UMBC Management Advisory Services Internal Controls Overview /mas What Is Internal Control? A process designed to provide reasonable assurance regarding the achievement of the following objectives: Effectiveness
More information