MIS 5208 Week 2 Fraud Detection & Prevention

Similar documents
Detecting Fraud Through Data Analytics

Week 3: Fraud, Procure to Pay Process Controls

Using Data Analytics as a Management Tool to Identify Organizational Risks

Managing Fraud Risks. Procurement & Contacting. John J. Hall, CPA (970)

STUDY UNIT TEN INTERNAL AUDIT RESPONSIBILITIES FOR FRAUD

FRAUD SCHEMES. South Carolina HFMA Finance & Reimbursement Forum. November 13, 2012 WITH RELATED INTERNAL CONTROLS

OUTSMART FRAUD. Strategic Internal Controls to Prevent Business Fraud

The Role of Analytics in Auditing The Importance of What the Numbers Indicate and Lack to Indicate

AUDIT STATUS. Continuous Auditing Ideas and Priority Ranking Draft: 8/7/2012

716 West Ave Austin, TX USA

CPA REVIEW SCHOOL OF THE PHILIPPINES M a n i l a. AUDITING THEORY Risk Assessment and Response to Assessed Risks

Fraud Prevention, Detection, and Internal Controls

Detecting Fraud Through Vendor Audits

Common Frauds Found in Not-for- Profit Organizations

Fraud Risk Management

Post-Conference Auditing and Investigating Fraud Seminar

Consideration of Fraud in a Financial Statement Audit

OVERVIEW 4/19/10. Internal Controls and the Audit Process May 4, 2010 OVERVIEW. Definition and historical perspective of internal auditing

ACL ESSENTIALS. Get insight into your ERP process health, compliance & financial exposure SEGEREGATION OF DUTIES

Fraud and Fraud Detection

AUDIT RISK ASSESSMENT AND RESPONSES TO ASSESSED RISK BY Geoffrey Byamugisha Partner, Ernst & Young. Lessons on Audit Risk. Responding to fraud risk

INTERNAL CONTROL HANDBOOK

Fraud and the Small Business Owner

COPYRIGHTED MATERIAL. Index. Page references followed by f indicate an illustrated figure.

Using Transactional Analysis for

EMPLOYEE FRAUD OPPORTUNITIES CHECKLIST

Fraud Risk Management

Financial Statement Close Process

The Best of Crimes, the Worst of Crimes: Fraud Stories That Prove the Truth Is in the Transactions

FRAUD RISK FACTORS CHECKLIST (Source: New AU Section 240, Appendix A)

Cash Reconciliations and Cash Handling

Leveraging Data Analytics to Expand Audit Coverage and Add Organizational Value

Managing Risk in Your P2P Process: 10 Ways that Automation Can Help Mitigate Risk

Due: Tuesday, May 1, 2007 by 5:45 p.m.

Eric Anderson, City Manager. Scottie Nix, Internal Auditor

Scope of this SA Effective Date Objective Definitions Sufficient Appropriate Audit Evidence... 6

International Standard on Auditing (Ireland) 500 Audit Evidence

Chapter 7 Internal Controls

Auditing Standards and Practices Council

INTERNATIONAL STANDARD ON AUDITING 315 UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT CONTENTS

Contract and Procurement Fraud. Fraud in Procurement without Competition

Seattle Public Schools The Office of Internal Audit

Chapter 16. Auditing Operations and Completing the Audit. McGraw-Hill/Irwin. Copyright 2012 by The McGraw-Hill Companies, Inc. All rights reserved.

Data Analytics: Where Do I Start?

ACL ESSENTIALS. Get insight into your ERP process health, compliance & financial exposure ACCOUNTS PAYABLE

FOUNDATIONS IN ACCOUNTANCY Paper FAU (UK) Foundations in Audit (United Kingdom)

Melinda J. DeCorte, CPA, CFE, CGFM, PMP

What does an external auditor look for in SAP R/3 during SOX 404 Audits? Ram Bapu, CISSP, CISM Sandra Keigwin, CISSP

Internal Control Evaluation

Internal Controls Dealerships Should Have but May Not Have Thought About

CPA REVIEW SCHOOL OF THE PHILIPPINES M a n i l a AUDITING THEORY PROFESSIONAL AND LEGAL RESPONSIBILITIES

STATEMENT OF AUDITING STANDARDS 500 AUDIT EVIDENCE

Audit Evidence This section is effective for audits of financial statements for periods ending on or after December 15, 2012.

McGraw-Hill/Irwin. Copyright 2013 by The McGraw-Hill Companies, Inc. All rights reserved.

Audit of the Acquisition and Payment Cycle: Tests of Controls, Substantive Tests of Transactions, and Accounts Payable. Chapter 18

S12 - Guidelines for Planning an IS Audit Christopher Chung

Internal Audit Report

2/27/2017. Segregation of Duties/ Internal Controls. Objectives. Agenda

Journal of Forensic & Investigative Accounting Volume 9: Issue 3, Special Issue, 2017

Loch Lomond and The Trossachs National Park Authority. Key Controls Report

Chapter 4. Risk Assessment. Copyright 2012 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin

Predictive Analysis Risk Analysis

Paper FAU (UK) Foundations in Audit (United Kingdom) FOUNDATIONS IN ACCOUNTANCY. Monday 18 June 2012

Monterey County Office of Education

Butte County Office of Education

IAASB Main Agenda (March 2005) Page Agenda Item 12-C

Comprehensive List of Fraud Indicators

Energy Future Holdings (EFH)

Internal Controls Integrating COSO

VERSION #1 WRITE ON YOUR SCANTRON!!!

PAYROLL CHECK-OFF AUDIT

Effective implementation of COSO s new anti-fraud guidance

Chapter 12: The Revenue Cycle

TACKLING HEALTH CARE FRAUD, WASTE, AND ABUSE WHERE DO YOU START?

Assurance Hand Note Professional Stage-Knowledge Level By: Shafique Ahmed-Sr. Officer (Internal Audit-BSRM) Assurance

FRAUD IN GOVERNMENT AN OPEN DISCUSSION. Presented By William Blend, CPA, CFE

Chapter 11 The Revenues, Receivables and Receipts Process

INTERNAL CONTROLS AND FRAUD DETECTION. Jill Reyes, Director Laura Manlove, Manager

CHAPTER 5 INFORMATION TECHNOLOGY SERVICES CONTROLS

Internal Audit Policy and Procedures Internal Audit Charter

Data-Driven Approaches to Identifying Risk and Indicators of Fraud November 2013

38 Years of Excellent Client Service New COSO Model and How Internal Controls Help to Reduce Opportunity for Fraud

Journal of Business & Economics Research January 2006 Volume 4, Number 1

Kianoff & Associates Crystal Clear Reports for Sage 100

INTERNATIONAL STANDARD ON AUDITING (NEW ZEALAND) 500

Several unallowable expenditures and exceptions to policy were noted.

You can easily view comparative data and drill through for transaction details.

Fundamentals Level Skills Module, Paper F8. Section B

McGraw-Hill/Irwin. Copyright 2013 by The McGraw-Hill Companies, Inc. All rights reserved.

Guide to Internal Controls

MODULE 2: Engagement Planning (11% 17%)

Auditing Standards and Practices Council

CIA Test Preparation Part I

Company owners and managers may hesitate to admit it, but fraud could be taking

INTERNATIONAL STANDARD ON AUDITING 530 AUDIT SAMPLING AND OTHER MEANS OF TESTING CONTENTS

BIG LOTS, INC. CODE OF BUSINESS CONDUCT AND ETHICS

Year-End Close Checklists

Auditing & Assurance Services, 7e (Louwers) Chapter 2 Professional Standards

GUIDE FOR END-OF-YEAR AP BEST PRACTICES

Design of Apps for Armchair Auditors to Analyze Government Procurement Contract

Transcription:

MIS 5208 Week 2 Fraud Detection & Prevention Introductions, Course Outline, and Other Administration Issues Ed Ferrara, MSIA, CISSP eferrara@temple.edu

Fraud Awareness & Internal Controls Awareness Internal Controls Understand Fraud Symptoms Behaviors Data sources Alert Fraudulent behaviors Operational & Control Environment Separation of Duties Account treatments Cybersecurity controls Assess Risk & Exposures Fraud Detection Identify Potential Data Sources for Fraud Detection

Risk Factors For Fraud Employee Relationships Attractive Assets Competitive Business Environment Internal Controls Management Environment Fraud Integration of duties

Fraud Exposure Fraud Risk Assessment Risk assessment is a sometimes and controversial issue We will have an entire section on risk assessment Examine the risks and exposures to identify process and system weakness Develop Categories of Risk External environment Legal Regulatory Governance Strategy Operational Information Human resources Financial Technology Determining Fraud Exposure Sources of risk Review existing risk assessments Review risk assessment process Business Impact Analysts Types and sources of fraud External environment Governance Legal Regulatory Operational Strategy

Risk Factors for Fraud Management Environment Unrealistic Financial Targets Unrealistic Performance Standards Corporate Culture Emphasizing Win At All Costs Evaluate: Company production figures for reasonableness, financial targets, and management s position on same. Competitive & Business Environment Misstatement of Inventory Positions Fraudulent Orders Off Balance Sheet Transactions Evaluate: Recalculate the value of of inventory ensuring it is correctly valued. Employee Relationships Nepotism Insider Trading Collusion Evaluate: Look for nepotism, matching employee and vendor addresses. Attractive Assets Intellectual Property Theft Insider Abuse of Privilege Customer Contact Center Fraud Evaluate: Monetize both physical and information assets for financially based risk assessment. Internal Controls Inadequate internal controls Inventory markdowns Trading Practices Evaluate: Computer systems have necessary corresponding controls, privileged user abuse protection, etc. Separation of Duties Related to Above Reduced Staff Fraud Opportunity Evaluate: Ensure necessary policies, procedures, guidelines and standards are in place.

Fraud Schemes A Data Driven Approach Control Weaknesses Approach Examine key controls Determine vulnerabilities System Process Key Fields Focus on data entry Which data can be changed? What is the impact?

Control Weakness Internal / External parties Example: Received quantity less than ordered quantity but payment made for full amount Key Fields Data manipulation Privileged user abuse Example: Create fictitious vendors, changing address and bank account.

Case Study - Sunbeam

Fraud Exposure Identification Control Weakness Perpetrator Data Fields Data Analysis (Tests) Control Weakness Data of Interest

Key Data Vendor Name, Address, Bank Information Who Why Controls Test Clerks & Vendor Duplicate Payments, Fictitious Vendors & Payments Vendor creation, modification, Evaluate: Look for blanks in key fields, look for duplicates in vendor table. Unit Prices Clerk Direct Payments Vendor modification; system log files Evaluate: Look for disparities in unit price and contracted price. Quantities Contracting Officer, Vendor Kickbacks Invoice matching, on order quantity Evaluate: Look for disparities between ordered and delivered quantities. Transaction Amounts Clerk, vendor Overpayment to obtain funds or kickbacks, overcharges Invoice matching, contract amounts Evaluate: Look for disparities between contract and invoice amounts. Dates Clerk, vendor Backdate payment, due dates, backdate to obtain earlier payment Invoice matching, invoice and goods received date Evaluate: Look for transactions where invoice date is less than good receipt.

Case Study Conde Nast http://www.forbes.com/sites/williampbarrett/2011/04/03/conde-nast-paid-8-million-to-scammer-who-sent- one-email/print/

Fraud Standards

Investigating Fraud Which of these is true? An audit will: Detect all material errors and irregularities in the financial statements Discover all illegal acts committed by the client Ensure the financial health of the entity

Auditors Responsibilities Errors - Unintentional misstatements Mistakes in gathering or processing accounting data Incorrect accounting estimates Mistakes in the application of accounting principles Irregularities - Intentional misstatements, manipulation, falsification, or alteration of accounting records & supporting documents Misrepresentation or intentional omission of events, transactions, or other significant information Intentional misapplication of accounting principles

Software Accounting Standards SAS 1 and 22 Plan and perform the audit to provide reasonable assurance that financial statements are free of material misstatements caused by error or fraud. SAS 47 Audit risk, materiality and misstatements in financial statements SAS 54 Detection of illegal acts (AU Section 317) Section 301 of the Private Securities Litigation Reform Act Private Securities Litigation Reform Act of 1995 Section 10(a) of the Exchange Act Requires the inclusion of certain procedures in accordance with generally accepted accounting standards (GAAS). Audit procedures provide reasonable assurance of detecting illegal acts Audit procedures will identify related party transactions material to financial statements Evaluate of there is substantial doubt about the ability of the can stay in business. SAS 82 Auditor s responsibility related to fraud in a financial statement Provides guidance on what auditors should do to meet these responsibilities Describes: Fraudulent Financial Reporting Misappropriation of Assets

SAS 82 Requirements Consider the presence of fraud risk factors. - SAS No. 82 provides examples (detailed below) of risk factors an auditor may consider for fraud related to a) fraudulent financial reporting, and b) misappropriation of assets misstatements. An auditor should become familiar with these risk factors and be alert for their presence at the client s. Assess the risk of material misstatement of the financial statements due to fraud. SAS No. 82 requires an assessment as to the risk of material misstatement due to fraud. This assessment is separate from but may be performed in conjunction with other risk assessments (for example, control or inherent risk) made during the audit. SAS No. 82 also requires reevaluation of assessments if other conditions are identified during fieldwork. Develop a response. Based on assessments of risk, SAS No. 82 requires development of appropriate audit response. In some circumstances, an auditor s response may be that existing audit procedures are sufficient to obtain reasonable assurance that the financial statements are free of material misstatement due to fraud. In other circumstances, auditors may decide to extend planned audit procedures. Document certain items in work papers. SAS No. 82 requires auditors to document evidence of the performance of their assessment of risk of material misstatement due to fraud. Documentation should include risk factors identified as being present as well as the auditor s response to these risk factors. Communicate to management. If it is determined that there is evidence that a fraud may exist, an auditor should apprise the appropriate level of management, even if the matter may be considered inconsequential. SAS No. 82 also requires an auditor to communicate directly with the audit committee (or equivalent) if the matter involves fraud that would materially misstate the financial statements or fraud committed by senior management

Fraud Investigation

Fraud Types Billing - Cash Larceny Cash on Hand Check Tampering Corruption Financial Statement Fraud Non-Cash Payroll Register Disbursements Skimming

Fraud Analysis: Useful Information Issues Conflicts of interest Unknown relationships Abnormal patterns of activity Errors in key processes Control weaknesses Hindsight, insight, foresight Business Operations and Expense Areas Accounts payable Claims Damaged Goods Healthcare Insurance Loss Expense reimbursement General Ledger Travel and Entertainment

Vendor Attribute Capture Total number of vendors Vendors without: Addresses TAX ID Are they receiving payment? Electronic transfers Paper checks

Vendor Activity Assessment Number of Vendors Frequency of Use Number of Active Users Compared Against Total Vendors Unused Vendors can be source of internal abuse Vendor Identity Abuse

Name Mining Looking for Fictitious Vendors Fictitious Names Use their initials in the name of a vendor Anagrams Others Substitution Insertion and Omission Transposition Number Substitution

E mp lo y e e V e n d o r R e latio n s h ip s Employee and Vendor Name are Different Common Addresses Addresses that are different but are at the same geographic location: 201 College Avenue 669 West Chestnut Street Phone Number TAX ID Zip Codes

Proximity Analysis Mailbox Services Anonymous These mail drop have the appearance of a physical address Proximity location of vendor to actual employees Employee Addresses Vendor Addresses Proximity Analysis

Vendor Trending Analysis Accounts Payable Claims Payable Fraud Payment Acceleration Small initial amounts of fraud Amounts and frequency increases Test Phase Confidence Phase Greed Phase Trend Payments to Vendors Valley and Spike Payment Patterns Long periods of inactivity between periods of very high activity Unusually high periods of activity

Payment Trend Analysis Calendar By Day of Week By Day of Month By Month Checks created on weekends (Saturdays and Sundays) Date created Date posted Benford s Law The first digit should be a 1 (30% of the time)

Benford s Law McGinty, J. C. (2014). Accountants Increasingly Use Data Analysis to Catch Fraud - Auditors Wield Mathematical Weapons to Detect Cheating. The Wall Street Journal. (Web Site)

Check Sequence Analysis G/L Cash Receipts Identify Gaps in Check Sequences

Expense, Payroll, and Vacation Controls Analysis of Overtime Hours Reasonableness Consistent with role Holiday Hours Reasonableness Consistent with role Purchasing Cards Spending over approval limits Split transactions to avoid limit Collusion between subordinate and supervisor to avoid approval scrutiny Vacation Hours Reasonableness Consistent with role Large amounts of vacation outside of guidelines

Other Analysis Areas System Access Logs Maintenance Files Social Media The Price is Right Fraud Physical Investigations Surveillance

Continuous Auditing Programmatic Auditing System Based Source: Cser, A. (2010).Market Overview: Fraud Management Solutions - Seven Tenets Of Effectively Combating Fraud Costs. Forrester Research.

Thank you.

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback