Increasing Your Awareness of Fraud: Definitions, Roles and Responsibilities, Methodologies and Tools Cherilyn Montminy, CMA CFE CRMA Audit Manager Internal Audit and Evaluation Bureau Presentation for FMI PD Week November 28, 2013
Objective Understanding fraud in the federal context: Definition Roles and Responsibilities Methodologies and Tools 2
Definitions of Fraud In Canada, the legal definition of fraud is: Criminal Code section 380(1) definition: Every one who, by deceit, falsehood or other fraudulent means, whether or not it is a false pretence within the meaning of this Act, defrauds the public or any person, whether ascertained or not, of any property, money or valuable security or any service,... 3
Definitions of Fraud (continued) For the Government of Canada additional definitions which have to be considered: Criminal Code section 121 definition (frauds on the government) Treasury Board Directive on Losses of Money or Property definition 4
What is Fraud? Some common denominators: Intent Deceit Concealment Examples: Bid rigging Creation of ghost employees Submitting multiple reimbursements for same item Fake employment credentials 5
Areas of Roles and Responsibilities Prevention and Detection To increase awareness of fraud, methodologies and tools are discussed as part of Prevention and Detection roles and responsibilities Reporting Investigation 6
Roles and Responsibilities: Prevention and Detection Deputy Head/Board of Directors/Senior Management: Provide strong ethical leadership Establishment, maintenance and monitoring of departmental system of internal controls Develop a fraud awareness program Establish mechanism(s) for reporting fraud Management: Establish and monitor internal controls within areas of responsibility Identify any potential fraud risks within areas of responsibility Discuss with employees any issues related to fraud Employees: Be familiar with organization s code of conduct Be familiar and comply with internal controls and procedures Assist in the identification of any potential fraud risks Immediately notify the appropriate parties when he/she has knowledge or believes a fraud has occurred 7
Roles and Responsibilities: Detection Internal auditors Main responsibility is to provide assurance that an organization s risk management, governance and controls processes are operating effectively. External financial auditors Main responsibility is to express an opinion on whether an organization s financial statements are presented fairly in accordance with the applicable accounting standards Includes detecting any material misstatements in the financial statements due to error or fraud Fraud auditors Main responsibility is to determine if there are any exceptions or accounting irregularities that led or could lead to the intentional material misrepresentation on the financial statements. Fraud audits can be performed if a fraud is suspected or can be performed as part of a detection program. 8
Reducing the Risk of Fraud: Effective internal controls Fraud awareness program 9
Treasury Board Policy on Internal Control Internal Control is generally recognized as a set of means that organizations put in place to mitigate risks and provide reasonable assurance in the following broad categories: The effectiveness and efficiency of programs, operations and resource management, including safeguarding of assets; The reliability of financial reporting; and Compliance with legislation, regulations, policies and delegated authorities. 10
Effective Internal Controls Segregation of duties (e.g. procurement officer cannot issue payments) Reconciliation of bank accounts on a regular basis Safeguards for petty cash Financial policies and procedures are in writing, approved by appropriate party and communicated to employees Background checks before hiring employees Code of conduct for the organization 11
Fraud Awareness Program Ethical tone at the top Code of conduct Background checks Processes to report fraud Risk assessments Awareness training 12
Fraud Triangle Opportunity Rationalization Pressure Source: How to Detect and Prevent Business Fraud by W. Steve Albrecht et al. published in 1981. Modified based on factors originally developed by Donald Cressey in the 1940s. 13
How to Identify Fraud Red flags are warning signals about the possibility of fraud. The existence of red flags does not mean that a fraud has occurred. Their existence means that further review is required to determine fraud. 14
Reporting on Fraud Two perspectives: 1. Reporting of a potential fraud to the appropriate group 2. Reporting investigation results and fraudrelated topics (e.g. effectiveness of fraud awareness program) 15
Who Needs to Know? Deputy Head/Chief Executive Officer Audit Committee Executive Committee Head of Security Head of Human Resources Labour Relations Senior management 16
Who Investigates Fraud? Security Personnel Dedicated Investigation group Internal Audit External Contractor 17
Conclusion Fraud is everyone s business! 18
Contact information Cherilyn Montminy, CMA CFE CRMA Audit Manager Internal Audit and Evaluation Bureau cherilyn.montminy@tbs-sct.gc.ca 613-996-9618 19