Fraud Risk Management

Similar documents
Presented by Ed Williamson and Erica Bailey

Effective implementation of COSO s new anti-fraud guidance

Fraud Prevention, Detection and Control. Elizabeth Coles, CPA Aldrich CPAs + Advisors LLP

Developing an Integrated Anti-Fraud, Compliance, and Ethics Program

Fraud Risk Management

AUDIT RISK ASSESSMENT AND RESPONSES TO ASSESSED RISK BY Geoffrey Byamugisha Partner, Ernst & Young. Lessons on Audit Risk. Responding to fraud risk

OVERVIEW. Common Personality Traits of Fraudsters. Common Sources of Pressure. Changes in Behavior

Fraud and Business Analytics

Alyssa G. Martin, CPA Brandon Tanous, CIA, Using the COSO CFE, CGAP, CRMA Framework to Develop a Strong and Preventive Control Environment

Community College Audit and Compliance Workshop. VAVRINEK, TRINE, DAY & CO., LLP April 15, 2014

Fraud incident handling management. Meeting the challenges of fraud

2/20/15. Trevor Stewart, CPA Director of Business Services Source documentation includes CCIA and FCMAT

2013 COSO Internal Control Framework Update. September 5, 2013

FRAUD SCHEMES. South Carolina HFMA Finance & Reimbursement Forum. November 13, 2012 WITH RELATED INTERNAL CONTROLS

Fraud Prevention Training

ACCTG 533: Module 14: Asset Misappropriation Fraud. [Slide Content]: Asset Misappropriation Fraud. [Jeanne H. Yamamura]: Asset Misappropriation Fraud

Standards for Internal Control in New York State Government 2016 Update

Protecting your private business from fraud

MANAGING FRAUD RISK. Teresa D. Thamer, CPA, CFE Brenau University

A Discussion About Internal Controls February 2016

Internal Control Integrated Framework. An IAASB Overview September 2016

Internal Control Integrated Framework. An IAASB Overview September 2016

In Control: Getting Familiar with the New COSO Guidelines. CSMFO Monterey, California February 18, 2015

Office of the Utah Legislative Auditor General. Fraud Prevention. Utah Government Finance Officers Association. Spring 2017 Conference

Fraud Awareness Jennifer Murtha Clara Ewing

Anti-Fraud Programs and Control Policy

Eric Kinsherf, CPA MMAAA Conference June 12, 2018

Fraud Prevention, Detection, and Internal Controls

Fraud in the Insurance Industry How it Can Impact Your Agency

An Overview of the 2013 COSO Framework. August 2013

Virginia Association of School Business Officers Getting Reacquainted with Internal Controls Presented by John S. Aldridge, CPA

Agenda 11/26/13. Updated COSO Framework

STUDY UNIT TEN INTERNAL AUDIT RESPONSIBILITIES FOR FRAUD

CREATING A FRAUD RISK ASSESSMENT AND IMPLEMENTING A CONTINUOUS MONITORING PROGRAM

Corporate Governor. Providing vision and advice for management, boards of directors and audit committees Winter 2015

Auditing for Fraud. Planning & Approaches

Bribery and Corruption

Integrating COSO s Fraud Risk Management Guide on an Enterprise Scale

Fraud in Today s Economic Environment

Fraud Detection and Prevention

Fraud Risk Management

SAMPLE BEC SuperfastCPA Review Notes

Global Expectations for Addressing Fraud Risk and the Investigative Process

Introductions. An Overview of the COSO 2013 Framework. Christian Peo Sharon Todd. An Overview of the 2013 COSO Framework.

Internal Control Integrated Framework. May 2013

LONDON PUBLIC LIBRARY POLICY

Internal Audit s Role in Preventing, Deterring and Detecting Fraud Working as Part of a Fraud Management Team The Way Forward

Fraud Prevention and Detection Michael Schulstad, CPA/CFF/CGMA/FBI (ret)

Catching Fraud During a Recession Through Superior Internal Controls. FICPA s 25 th Annual Accounting Show. J. Stephen Nouss September 29, 2010

Internal Control 2015 Training

13-A. Fraud Phase II Issues Paper

Fraud prevention, detection and investigation

Managing Fraud Risk: New Professional Guidance

ACFE FRAUD PREVENTION CHECK-UP ASSOCIATION OF CERTIFIED FRAUD EXAMINERS

RED FLAGS- CONCEPTS AND TECHNIQUES. P r e s e n t e d b y : B y : J o h n E k a d a h

Diving into the 2013 COSO Framework. Presented by: Ronald A. Conrad

2012 GUIDELINES MANUAL

Consideration of Fraud in a Financial Statement Audit (Redrafted) *

Answering the Call. Increased Ethics, Governance & Compliance through the implementation of a Whistleblower Hotline.

Interpreting the Energy Risks from EY s 2016 Global Fraud Survey

Increasing Your Awareness of Fraud: Definitions, Roles and Responsibilities, Methodologies and Tools

Forensic Accounting. The What, Why and How Fraud Detection and Prevention Ulrike Hugl Nov 16 17_2017

DECISION. mb a5 EFSA Internal Control Framework. Internal Control Framework of the European Food Safety Authority. Decision No.

Internal Controls. They Are Everyone s Business. Valdosta State University Office of Internal Audits June 2016

9. Internal control Internal control, as defined in accounting and auditing, is a process for assuring achievement of an organization's objectives in

ABS Consulting Group

PREVENTING FRAUD. Take-and-Use Guidelines for Chubb Crime Insurance Customers

B U S I N E S S R I S K M A N A G E M E N T L T D

International Standards for the Professional Practice of Internal Auditing (Standards)

COMPLIANCE AT LARGER INSTITUTIONS. November 11 13, Robert F. Roach Chief Compliance Officer New York University

npliance IN 2008, MICROSOFT CORP. WAS FINED 899 MILLION Auditing for

The New COSO Framework: Avoiding Deficiencies and Driving Change

Annual Audit and Other Financial Matters

Auditors Fraud Primer

McGraw-Hill/Irwin. Copyright 2013 by The McGraw-Hill Companies, Inc. All rights reserved.

Presentation Overview

Bearing the Bad News Reporting to the Board on Internal Corruption. Peter Dent, National Leader Deloitte Forensics September 11, 2013

Moving the Needle: Fighting Fraud from the Inside Through Audit. Mary Breslin, CFE, CIA President Empower Audit Training and Consulting

Auditing for Fraud. Planning & Approaches

Key Elements of Antifraud Programs and Controls

Waheed Alkahtani, CFE and CCEP-I March, 2017 Copyright 2016, Saudi Aramco. All rights reserved.

Fraud in focus March Fraud & Corruption in the Victorian Public Sector learnings and insight for 2017 and beyond

STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL

Establishing and Implementing an Effective Nursing Facility Compliance and Ethics Program

Can You Spot Fraudsters?

OCCUPATIONAL FRAUD IN GOVERNMENT AND STEPS TO PREVENT AND DETECT IT

Internal Control at OSU COSO & Enterprise Risk Management. Oregon State University Board of Trustees Executive & Audit Committee Educational Session

Changing Your Paradigm on Risks and Controls

INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS)

INTRODUCTION WHY DO YOU NEED VETTING SERVICES?

Fraud in Construction Companies: Lessons From the Trenches

Fraud and the Small Business Owner

Fraud Risk Management Review March 18, 2010

STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL

IIA ACFE Conference April 17, 2015

FRD510. Principles of Fraud Examination - 20 hours. Objectives

Protecting Your Organization Against Fraud

38 Years of Excellent Client Service New COSO Model and How Internal Controls Help to Reduce Opportunity for Fraud

Fraud Control Policy. Enriching Futures

Contract and Procurement Fraud. Detection and Prevention

Transcription:

Fraud Risk Management Introduction Bethmara Kessler, CFE, CISA Campbell Soup Company 2017 Association of Certified Fraud Examiners, Inc.

CPE Information 2017 Association of Certified Fraud Examiners, Inc. 2 of 27

Discussion Questions 1. On a scale of 1 to 10 (1 being lowest and 10 being highest), how much emphasis does your organization place on preventing fraud? Detecting fraud? Investigating known instances of fraud? 2017 Association of Certified Fraud Examiners, Inc. 3 of 27

Discussion Questions 2. Think of an instance of fraud that occurred at your organization (or another organization, if necessary). What were the indirect costs and effects of the fraud? 2017 Association of Certified Fraud Examiners, Inc. 4 of 27

Discussion Questions 3. Which departments or business activities in your organization present the highest risk of employee theft? 4. What business activities at your organization are most prone to fraudulent misstatements? 2017 Association of Certified Fraud Examiners, Inc. 5 of 27

Learning Objectives Introduction Define fraud and its components. Identify different types of fraud. Examine the impact of fraud on organizations. Understand why people commit fraud. Examine the relationship between anti-fraud initiatives and risk management. 2017 Association of Certified Fraud Examiners, Inc. 6 of 27

Foundational Guidance for Managing Fraud Risks Enterprise Risk Management Integrated Framework (2004 COSO) Enterprise Risk Management Aligning Risk with Strategy and Performance (2016 exposure draft COSO) Fraud Risk Management Guide (2016 COSO and ACFE) Managing the Business Risk of Fraud: A Practical Guide (2008 IIA, AICPA, and ACFE) Internal Control Integrated Framework (2013 COSO) ISO 31000: 2009 Risk Management: Principles and Guidelines (2009 ISO) ISO 31010:2009, Risk Management Risk Assessment Techniques (2009 ISO) ISO 37001: Anti-Bribery Management Systems (2016 ISO) 2017 Association of Certified Fraud Examiners, Inc. 7 of 27

What Is Fraud? A knowing misrepresentation of the truth or concealment of a material fact to induce another to act to his or her detriment 2017 Association of Certified Fraud Examiners, Inc. 8 of 27

Elements of Fraud A material false statement Knowledge that the statement was false when it was uttered Reliance on the false statement by the victim Damages resulting from the victim s reliance on the false statement 2017 Association of Certified Fraud Examiners, Inc. 9 of 27

Components of Fraud The act The concealment The conversion 2017 Association of Certified Fraud Examiners, Inc. 10 of 27

Types of Fraud Internal/occupational fraud Asset misappropriation (embezzlement) Corruption Financial statement fraud External fraud Dishonest vendors Dishonest customers Unknown third parties 2017 Association of Certified Fraud Examiners, Inc. 11 of 27

The Impact of Fraud All organizations are susceptible to fraud. Fraud is a human problem, not an accounting problem. 2017 Association of Certified Fraud Examiners, Inc. 12 of 27

ACFE 2016 Report to the Nations The typical organization loses 5% of its annual revenue to fraud. Potential total fraud loss of $3.7 trillion worldwide. Median loss caused by occupational fraud is $150,000. 23% of the frauds involved losses of at least $1 million. 2017 Association of Certified Fraud Examiners, Inc. 13 of 27

ACFE 2016 Report to the Nations Asset misappropriation schemes Most common 83% of cases Least costly median loss of $125,000 Financial statement frauds Least common 10% of cases Most costly median misstatement of $975,000 Corruption schemes 35% of cases Median loss of $200,000 2017 Association of Certified Fraud Examiners, Inc. 14 of 27

The Indirect Fallout Impact extending well beyond the actual dollar amount stolen Loss of employee confidence Loss of productivity Decline in company image and reputation 2017 Association of Certified Fraud Examiners, Inc. 15 of 27

Why Do People Commit Fraud? Opportunity Fraud Triangle Pressure Rationalization 2017 Association of Certified Fraud Examiners, Inc. 16 of 27

Why Do People Commit Fraud? 2017 Association of Certified Fraud Examiners, Inc. 17 of 27

When Does the Fraud Triangle Not Apply? Predatory employees those with a premeditated intent of stealing from the employer Need for rationalization often dissipates after the first offense 2017 Association of Certified Fraud Examiners, Inc. 18 of 27

When Does the Fraud Triangle Not Apply? 2017 Association of Certified Fraud Examiners, Inc. 19 of 27

Why Sanctions Alone Don t Deter Fraud Perpetrators do not anticipate getting caught. Perpetrators rationalize their conduct so that it seems legal or justified and thus should not be sanctioned. The greatest threat perpetrators face is the detection of their crime. 2017 Association of Certified Fraud Examiners, Inc. 20 of 27

Fraud and Risk Management Risk is the effect (positive or negative) of uncertainty on an organization s objectives. 2017 Association of Certified Fraud Examiners, Inc. 21 of 27

Fraud and Risk Management Risks are normally grouped into the following categories to facilitate risk mitigation: Strategic Operational Reporting Compliance Fraud might be a compliance, financial, or operational risk. 2017 Association of Certified Fraud Examiners, Inc. 22 of 27

Fraud and Risk Management What is risk management? COSO: a process... designed to identify potential events that might affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives ISO 31000: coordinated activities to direct and control an organization with regard to risk 2017 Association of Certified Fraud Examiners, Inc. 23 of 27

Fraud and Risk Management Many risk management professionals underestimate the role of fraud in or even exclude fraud risks from the scope of their professional duties. 2017 Association of Certified Fraud Examiners, Inc. 24 of 27

Fraud and Risk Management This course explains how to integrate anti-fraud and risk management initiatives to: Identify, assess, and manage fraud risks. Support fraud risk management by establishing an anti-fraud culture and promoting fraud awareness. Develop a system of internal controls to address fraud risks. Address and respond to identified fraud. 2017 Association of Certified Fraud Examiners, Inc. 25 of 27

Fraud Risk Management and Internal Control Internal Control Fraud Risk Management Enterprise Risk Management 2017 Association of Certified Fraud Examiners, Inc. 26 of 27

COSO Definition of Internal Control Internal control is a process, effected by an entity s board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives relating to operations, reporting, and compliance. 2017 Association of Certified Fraud Examiners, Inc. 27 of 27

Objectives of Internal Control Operations objectives: the effectiveness and efficiency of the organization s operations Reporting objectives: the reporting of financial and nonfinancial information to internal and external parties Compliance objectives: the organization s adherence to the laws and the regulations to which it is subject 2017 Association of Certified Fraud Examiners, Inc. 28 of 27

COSO Internal Control Integrated Framework Control environment Risk assessment Control activities Information and communication Monitoring 2017 Association of Certified Fraud Examiners, Inc. 29 of 27

Control Environment Sets the moral tone and provides foundation for all other control components Principles: 1. Commitment to integrity and ethical values 2. Independent board that oversees development and performance of internal control 3. Appropriate structures, reporting lines, and authorities and responsibilities 4. Commitment to attract, develop, and retain competent individuals 5. Accountability for internal control responsibilities 2017 Association of Certified Fraud Examiners, Inc. 30 of 27

Risk Assessment Dynamic and iterative process that forms the basis for determining how risks will be managed Principles: 6. Set sufficiently clear objectives to enable the identification and assessment of risks. 7. Identify and analyze risks to the achievement of objectives across the entity. 8. Consider potential for fraud in assessing risks to the achievement of objectives. 9. Identify and assess changes that could significantly impact the system of internal control. 2017 Association of Certified Fraud Examiners, Inc. 31 of 27

Control Activities Policies and procedures that enforce management s directives Principles: 10.Select and develop control activities that mitigate risks to acceptable levels. 11.Select and develop general control activities over technology. 12.Deploy control activities through policies that establish what is expected and procedures that put policies into action. 2017 Association of Certified Fraud Examiners, Inc. 32 of 27

Information and Communication The exchange of information in a way that allows employees to carry out their responsibilities and achieve objectives Principles: 13.Obtain or generate and use relevant, quality information to support the functioning of controls. 14.Internally communicate information, including objectives and responsibilities, necessary to support the functioning of internal control. 15.Communicate with external parties regarding matters affecting the functioning of internal control. 2017 Association of Certified Fraud Examiners, Inc. 33 of 27

Monitoring The process that assesses the effectiveness of the control system over time Principles: 16.Select, develop, and perform ongoing or separate evaluations to ascertain whether the components of internal control are present and functioning. 17.Evaluate and communicate control deficiencies in a timely manner to those parties responsible for taking corrective action. 2017 Association of Certified Fraud Examiners, Inc. 34 of 27

Business Case for Managing Fraud Risk Organizations that deny the true possibility of fraud are at the greatest risk. 2017 Association of Certified Fraud Examiners, Inc. 35 of 27

Business Case for Managing Fraud Risk The typical organization stands to lose an estimated 5% of its annual revenues to fraud. Recovery is typically very little, if any. Additional time and money invested in: Investigating how frauds happened Pursuing action against perpetrators Remediating system weaknesses 2017 Association of Certified Fraud Examiners, Inc. 36 of 27

Business Case for Managing Fraud Risk Median Loss Based on Presence of Anti-Fraud Controls (Source: ACFE 2016 Report to the Nations) 2017 Association of Certified Fraud Examiners, Inc. 37 of 27

Business Case for Managing Fraud Risk Median Duration of Fraud Based on Presence of Anti-Fraud Controls (Source: ACFE 2016 Report to the Nations) 2017 Association of Certified Fraud Examiners, Inc. 38 of 27

Business Case for Managing Fraud Risk A proactive fraud risk management program: Sends a clear anti-fraud message Demonstrates a sound business strategy Enhances the organization s image and reputation Promotes goodwill Ensures compliance with laws and regulations Directly increases the bottom line 2017 Association of Certified Fraud Examiners, Inc. 39 of 27

Federal Sentencing Guidelines: Elements of a Compliance Program 1. Have policies defining standards and procedures that the organization s agents and employees must follow. 2. Assign specific high-level personnel who have ultimate responsibility to ensure compliance. 3. Use due care not to delegate significant discretionary authority to people whom the organization knew or should have known to have a propensity to engage in illegal activities. 2017 Association of Certified Fraud Examiners, Inc. 40 of 27

Federal Sentencing Guidelines: Elements of a Compliance Program 4. Communicate standards and procedures to all agents and employees and require participation in training programs. 5. Take reasonable steps to achieve compliance; for example, by use of monitoring and auditing systems and by having and publicizing a reporting system where employees can report criminal conduct without fear of retribution (hotline or ombudsman program). 2017 Association of Certified Fraud Examiners, Inc. 41 of 27

Federal Sentencing Guidelines: Elements of a Compliance Program 6. Consistently enforce standards through appropriate discipline, ranging from dismissal to reprimand. 7. After detection of an offense, the organization must have taken all reasonable steps to respond to this offense and prevent further similar offenses including modifying its program and appropriately disciplining individuals responsible for the offense and those who failed to detect it. 2017 Association of Certified Fraud Examiners, Inc. 42 of 27

Federal Sentencing Guidelines The organization shall periodically assess the risk of criminal conduct and shall take appropriate steps to design, implement, or modify each requirement set forth in [the seven elements] to reduce the risk of criminal conduct identified through this process. 2017 Association of Certified Fraud Examiners, Inc. 43 of 27

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback