INTRODUCTION TO FRAUD EXAMINATION

Prepared by : Dr. Sudarwan, Ak., MAcc,. CIA., CCSA Risk Management Control Audit

Agenda

HARI I II SESI I II III IV I II III IV MATERI UNDERSTANDING FRAUD UNDERSTANDING FRAUD FRAUD SYMPTOM FRAUD AUDITING KETERANGAN SLIDE 3 - 20 SLIDE 3 - 20 SLIDE 21 -26 SLIDE 28 - 40 FRAUD CLASIFICATION MODUS OPERANDI, DETECTION & PREVENTION MODUS OPERANDI, DETECTION & PREVENTION MODUS OPERANDI, DETECTION & PREVENTION SLIDE 41 - 46 SLIDE 47 - DST III I II III IV MODUS OPERANDI, DETECTION & PREVENTION MODUS OPERANDI, DETECTION & PREVENTION MODUS OPERANDI, DETECTION & PREVENTION FRAUD DETECTION TECHNIQUE Risk Management Control Audit

Risk Management Control Audit

Fraud (Kecurangan)

Definisi Fraud

Fraud adalah suatu tindakan melawan hukum yang meliputi, pencurian, penyalah gunaan kedudukan, perekayasaan suatu fakta atau informasi, pelanggaran ikatan perjanjian dan penyalah gunaan aset, dengan maksud menipu dan merugikan pihak lain serta menguntungkan pelaku atau pihak lain yang terkait dengan pelaku.

Risk Management Control Audit

Unsur-unsur Fraud

• • • • • • • •

terdapat salah saji (misrepresentation) masa lampau (past) atau sekarang (present) fakta bersifat material (material fact) kesengajaan atau tanpa perhitungan (make-knowingly or recklessly) dengan maksud (intent) adanya pihak yang dirugikan dari salah saji tersebut menimbulkan kerugian.

menguntungkan pelaku atau pihak lain yang terkait dengan pelaku Risk Management Control Audit

Klasifikasi Fraud

1. Tindak kecurangan atas

(Financial Statement Fraud),

Laporan Keuangan 2. Tindak kecurangan atas penyalahgunaan aset (Asset

Missapropriation),

3. Korupsi, yang dalam konteks ini jauh lebih luas dari pengertian korupsi sebagaimana dimaksud dalam UU No. 31/1999 (termasuk penyempurnaannya).

Risk Management Control Audit

Pelaku dan sarananya

Ditinjau dari sudut pelaku dan sarana yang dipergunakan tindak kecurangan dapat mencakup:

–

Pelaku:

•

Internal:

– Manajemen – Staf/non manajemen •

Eksternal

– Mitra kerja – Pelanggan – Pihak luar yang tidak terkait hubungan bisnis –

Sarana:

•

Konvensional

•

Cyber Fraud Risk Management Control Audit

Penyebab Fraud

PRESSURE OPPORTUNITY

Risk Management Control Audit

FRAUD TRIANGLE RATIONALISATION

PRESSURE

• • • •

Financial Pressures Vice Work Related Pressures Other Pressures Risk Management Control Audit

Financial Pressures

• • • • • • •

Greed Living beyond one’s means High personal debt High medical bills Poor credit Personal financial losses Unexpected financial losses Risk Management Control Audit

• • • •

Gambling Drugs Alcohol Expensive life style

Vice

Risk Management Control Audit

Work Related

• • • • •

Little recognation for job performance Feeling of job satisfaction Fearing of losing one’s job Being overlooked for a promotion Feeling underpaid Risk Management Control Audit

Other Pressure

• •

Family/environment pressures Challenge to beat system Risk Management Control Audit

OPPORTUNITY

• •

Control Factor Noncontrol Factor Risk Management Control Audit

Control Factor

Lack of control that prevent and/or detect fraudulent behavior :

–

Control environment

– – – –

Risk assessment Accounting/information system Control procedures Monitoring Risk Management Control Audit

Control Environtment

• • • • •

Management role’s and examples Management communication Appropriate hiring Clear organization structure and assigned responsibility Effective internal audit departement Risk Management Control Audit

Risk Assessment

• • • •

Identification Measurement Prioritization Mitigation Risk Management Control Audit

Accounting System

Recorded transaction are :

–

Valid

– –

Properly authorized Complete

– – – –

Properly classified Reported in proper period Properly valued Summarized correctly Risk Management Control Audit

Control Procedures

• • • • •

Segregation of duties or dual custody System of authorization Independent checks Physical safeguards Documents and records Risk Management Control Audit

Monitoring

• •

Internal review:

–

Ongoing review

–

Periodical review External review:

–

External audit

– Financial audit – Special audit –

ISO audit Risk Management Control Audit

Noncontrol Factor

• • • • •

Inability to judge quality of work Lack of disciplinary action Asymmetric information Ignorance and apathy No audit trail Risk Management Control Audit

RATIONALIZATION

• • • • • •

Common rationalization : The organization owes it to me I am only borrowing the money and will pay it back Nobody will get hurt I deserve more It’s for a good purpose Something has to be sacrified Risk Management Control Audit

Gejala Fraud (Fraud Symptom)

• • •

Employee Management Investment Risk Management Control Audit

Employee

• • • • • •

Accounting anomalies Internal control weaknesses Analytical anomalies Extravagant lifestyle Unusual behavior Tips and complaints Risk Management Control Audit

Management

• • • •

Operating performaces anomalies Management characteristic that indicate possible motives Organization structure anomalies Irregularities in relationship with other parties Risk Management Control Audit

Invesment

• • • • • • •

Numerous investment scams : Unreasionable promised rates of return Invesment that do not make sound business sense Pressure to get in early on investment Tax avoidance schemes Investment that not suiteable for your risk Pressure to put all your saving into a particular invesmet etc Risk Management Control Audit

Jenis, Korban dan Pelaku Fraud

Jenis Fraud Pencurian oleh pekerja Kecurangan Manajemen Scams Investasi Kecurangan Pemasok Korban Pelaku Penjelasan/Contoh Pemberi kerja Organisasi yang membeli barang atau jasa Pekerja Pemegang saham, pinjaman dan pihak lain yang mengandalkan poran keuangan Investor Manajemen puncak Perorangan/perus haan Organisasi atau individu Pekerja secara langsung atau tidak langsung mencuri dari pemberi kerja Manajemen puncak menyajikan informasi yang salah pada laporan keuangan Perorangan mengelabui investor untuk menanamkan uangnya pada investasi yang tidak menguntungkan (Alam Membebankan biaya yang tinggi atau tidak mengirim barang meskipun telah terjadi pembayaran Kecurangan Organisasi yang menjual barang atau jasa Pembeli Pembeli membayar kuran dari yang seharusnya Risk Management Control Audit

Indikasi Perilaku Fraud

Perilaku seseorang yang perlu mendapat perhatian kemungkinan adanya fraud:

–

Perubahan perilaku secara signifikan, misal menarik diri, tidak seperti biasanya, gaya hidup mewah.

– – – – –

Sedang mengalami trauma emosional di rumah atau tempat kerja Penjudi berat Peminum berat Sedang dililit utang Temuan audit atas kekeliruan (error) atau ketidakberesan (irregularities) dianggap tidak material ketika ditemukan

–

Bekerja tenang, bekerja keras, bekerja melampaui jam kerja, sering bekerja sendiri

–

Gaya hidup di atas rata-rata

–

Mobil atau pakaian mahal tetapi tidak sesuai pendapatannya.

Risk Management Control Audit

Finansial Auditing dan Fraud Auditing

Risk Management Control Audit

Financial Auditing

Finansial Auditing adalah suatu proses dimana seorang yang kompeten dan independen mengumpulkan dan mengevaluasi bukti-bukti keuangan. (Joseph T Wells) Finansial auditing dimaksudkan untuk mengungkapkan penyimpangan-penyimpangan dan variances yang material dari standar-standar praktek auditing dan akuntansi yang lazim dan dapat digolongkan dalam pemeriksaan umum. Risk Management Control Audit

Fraud Auditing/Examiner

Fraud Auditing merupakan suatu disiplin yang dipergunakan untuk menghambat, melihat dan mendokumentasikan penyimpangan-penyimpangan tersebut.

Risk Management Control Audit

Carl Jung Taxonomy

Left Hemisphere………… Right Hemisphere

Sensation/ Thingking Intuition/ Thingking Financial Auditpr Fraud Auditor Sensation/ Feeling Intuition/ Feeling Teacher Artist Risk Management Control Audit

Overt vs Covert Aspect

• •

Finansial auditing memandang kejadian, transaksi dan lingkungan sehubungan dengan ‘overt aspect’ mereka Fraud auditing cenderung melihat kepada kejadian, transaksi dan lingkungan sehubungan dengan ‘covert aspect’ mereka Risk Management Control Audit

The Iceberg Theory of Fraud

Risk Management Control Audit Overt Aspect

Hierarchy Financial Resources Goal of organization Skill and abilities of personnel Technological State Performance standards Efficiency Measurement

Covert Aspect

Attitude Felling Values Norm Interaction Supportiveness Satisfaction Struktural consideration waterline Behavioral consideration

13 Prinsip Fraud Auditing

1.

2.

3.

4.

5.

6.

7.

8.

9.

10.

11.

12.

13.

Fraud Auditing lebih mengarah kepada pola pikir dari pada metodologi.

Fraud auditor fokus pada pengecualian, keanehan, ketidakberesan akuntansi, dan pola tingkah laku bukan pada kesalahan dan kelalaian Fraud auditing biasanya dipelajari melalui pengalaman, bukan dari buku maupun kertas kerja yang lalu.

Dari perspektif fraud auditing, fraud adalah kesengajaan dalam menyajikan ‘fakta keuangan’ yang salah bukan ‘sesuatu yang material’ Fraud dilakukan dengan alasan ekonomi, egosentris, idiologi dan psikologi Fraud cenderung mencakup “theory structure around motive, opportunity, and benefit” Fraud pada lingkungan akuntansi berbasis komputer, dapat dilakukan pada tiap tahapan proses (input, trouhput atau output) Skema kecurangan yang dilakukan oleh level pekerja biasanya berhubungan dengan pengeluaran.

Skema kecurangan yang dilakukan oleh level manajer biasanya berhubungan dengan ‘profit smoothing’ (meningkatkan pendapatan).

Tipe ‘accounting fraud’ sering disebabkan oleh ketiadaan kontrol dibandingkan dengan kekurangan kontrol.

Kejadian fraud tidak berkembang secara eksponensial, tetapi dampaknya berkembang secara eksponensial.

Accounting fraud sering ditemukan secara tidak sengaja dibandingkan dengan yang melalui tujuan dan disaign finansial audit Pencegahan fraud lebih mengarah pada kecukupan kontrol dan penciptaan lingkungan kerja yang memberikan nilai pada kejujuran personel dan perlakuan yang adil Risk Management Control Audit

• •

Kualifikasi Fraud Auditor

Auditor harus memahami standar (kriteria) yang digunakan.

Auditor harus mempunyai pengetahuan tentang kemungkinan fraud dan dapat menghubungkan dengan berbagai segmen Sistem Akuntansi dan operasi bisnis.

•

Auditor harus mengetahui cara/prosedur terbaik untuk menyelidiki suatu informasi yang belum/tidak mempunyai bukti/data pendukung.

•

Auditor harus memperhatikan motivasi karyawan dan lingkungan kerja tempat karyawan beroperasi untuk menentukan, jika ada hal yang perlu diperhatikan.

•

Auditor harus memiliki sensitifitas atas kemungkinan kecurangan, terutama sekali terhadap peluang terjadinya kecurangan.

•

Auditor harus memperoleh bukti yang cukup untuk memastikan apakah benar telah terjadi kecurangan seperti yang diisukan atau diperkirakan.

Kompetensi Yang Harus Dimiliki Fraud Auditor

• • • • •

Legal Organizational Audit Investigative Risk Management Risk Management Control Audit

Legal

• • • • • •

Criminal, civil and contactual fraud Theft and embezzlement Material and immaterial misrepresentation Error and irregularities Mistake and mistatement Conspiracies and individually repetrated fraud Risk Management Control Audit

Organizational

• • • • • •

Fraud commited or against the company Insider and outsider fraud Insiders in conspiracies with outsiders High level and low level employe fraud Longterm and shortterm performance criteria Fraud in high-trust and low-trust organization Risk Management Control Audit

Audit

• • • • • •

Internal and external auditor responsibilities Statement and transaction fraud Overstated and understated records On-book and off-book fraud Financial and fraud auditing ect Risk Management Control Audit

Investigative

• • • •

Compromising control and personel Motivation on fraud Detection and prevention of fraud Psycho-social characteristic Risk Management Control Audit

Risk Management

• • •

Risk prevention, transfer and assumption High risk companies, industries, occupatios, personalities Red flags Risk Management Control Audit

JENIS-JENIS FRAUD DARI SISI AKUNTANSI

• • •

Corporate Fraud Audit Failure Fraudulent Financial Reporting Risk Management Control Audit

Corporate Fraud

Economic crime, biasanya dilakukan oleh pejabat,eksekutif, dan manajer pusat laba (profits centre managers) dan perusahaan publik untuk memuaskan kebutuhan ekonomis jangka pendek.

Risk Management Control Audit

Audit Failure

Suatu kegagalan audit merupakan risiko yang dihadapi oleh auditor berkaitan dengan kemungkinan pelaksanaan audit yang tidak memenuhi standar kualitas yang telah ditetapkan. Kegagalan audit akan mengakibatkan Kantor Akuntan Publik berhadapan dengan litigasi yang mahal dan kehilangan reputasi.

Risk Management Control Audit

Frauddulent Financial Reporting

Amerika serikat mendefinsikan Fraudulent Financial Reporting sebagai “intentional of reckless conduct, whether act or omission, that result in materially misleading financial statements”. Contoh kecurangan laporan keuangan antara lain:

–

Memanipulasi

–

Menyembunyikan pengaruh transaksi yang lengkap dari catatan/ dokumen.

– – –

Mencatat transaksi tanpa substansi Salah menerapkan kebijakan akuntansi Gagal mengungkapkan informasi yang signifikan.

Risk Management Control Audit

TANDA-TANDA ADANYA FRAUD

• • • • • •

Fraud auditor harus jeli melihat tanda-tanda: Ada selisih antara saldo-saldo tahun ini dan sebelumnya Selisih buku besar dan buku tambahan Perbedaan yang terungkapkan dari hasil konfirmasi Transaksi yang tidak didukung oleh bukti yang memadai Transaksi yang tidak dicatat, baik yang khusus maupun yang umum Terdapat perbedaan kepentingan ( conflict of intrest ) Risk Management Control Audit

OCCUPATIONAL FRAUD AND ABUSE

• • •

Corruption Asset Misappropriation Fraudulent Statement Risk Management Control Audit

Summary Occupational Fraud And Abuse Fraud and Abuse Risk Management Control Audit

CORRUPTION

• • • •

Bribery Conflicts of interst Illegal Gratuities Economic extortion Risk Management Control Audit

• •

Invoice kickback Bid rigging

Bribery

Risk Management Control Audit

Kickback Scheme

• • •

Diverting business to vendor Overbilling schemes

– –

Employess with approval authority Fraudster lacking approval authority Slush fund Risk Management Control Audit

Kickback Modus

Kickback-overbilling Risk Management Control Audit

Bid-rigging Scheme

• • •

Can be catagorized based on stage of bidding The pre-solicitation phase

– –

Need recognition schemes Specification schemes The solicitation phase

–

Bid pooling

– –

Fictitious suppliers Other methods The submission phase

–

Preferential treatment Risk Management Control Audit

Bid rigging

Bid-rigging Modus

Risk Management Control Audit

Bribery Detection

Red flags that may indicate that employee are involce in a bribery scheme :

– –

General purchasing Prebid solicitation

– – –

Bid solicitation Bid or contrac acceptance Behavior profile of bribery recipient Risk Management Control Audit

General purchasing

• • • •

Material ordered at optimal reorder point ?

Made from the same vendor ?

Establish bidding policies being followed ?

Cost of material out of line ?

Risk Management Control Audit

Prebid solicitation

• • • • • • •

Tailoring specification and statement Using “prequalification” procedures to restrict competition Noncompetitive procurement justification Buyer provide to contractor information on a preferential basis Use information provide by contractor who will be permitted to bid Permitted consultant who assisted in preparing biding document Spitting cost into separate contract Risk Management Control Audit

Bid solicitation

• • • • • • • • • •

Limiting time for submission Revealing information to contractor Permit improper communication between contractor Failure to ensure a sufficient number of potential competitors Bid solicitations are vague Inadequate internal control over Improper communication by purchaser Financial interest by purchaser Assistance by purchaser etc Risk Management Control Audit

Bid or contract acceptance

• • • • • • • •

Restricting procurement to exclude any qualified contractor Improper acceptance of late bid Falsification of document Change in a bid after other bidder’s price known Withdrawal of low bidder who may become a subcontractor to the higher bidder who gets the contract Collution between bidders Revealing one bidder’s price to another False certification by contractor.

Risk Management Control Audit

Behavior profile of bribery recipient

• • • • • • • •

A drug and/or alcohol addition Personal financial problems A gambling habit Extravagant lifestyle Loan shark or other private debt Family supported by the subject Extraordinary medical expense Significant cash expense for entertainment and/or travel Risk Management Control Audit

Bribery Prevention

•

Bribery prevention policy A company policy that specifically addresses the problems and illegalities associated with bribery and related offense, such

– –

Gift Reporting gift

– –

Discount Business meeting Risk Management Control Audit

Conflicts of interst

• • •

Purchase schames Sales schames Other schames Risk Management Control Audit

Purchase schames

• •

Over billing for Unique asset Turnaround sales Risk Management Control Audit

Sales schames

• •

Underbillings Writing off sales Risk Management Control Audit

Other schames

• • •

Business diversions Resource diversions Financial disclosure Risk Management Control Audit

Conflict of Interest Modus

purchase scames Risk Management Control Audit

Conflict of Interest Detection

• • • • •

Method can be use : Tips and complaints Comparison of vendor addresses with employee addresses Review of vendor ownership Review of exit interviews and comparison of vendor addresses to addresses of subsequent employers Interviews of purchasing personnel for favorable treatment of one or more vendors Risk Management Control Audit

Conflict of Interest Prevention

• •

A policy that requiring employee to complete an annual disclosure statement of conflict of interest Communication with employee regarding their other business interest Risk Management Control Audit

Asset Misappropriation

• •

Cash Inventory and all Other Assets Risk Management Control Audit

CASH

• • •

Skimming Cash larceny Faudulent disbursement Risk Management Control Audit

Skimming Schames

• • • •

Unrecorded sales Understated sales and receivables Theft of checks trough the mail Shorterm skimming Risk Management Control Audit

Skimming Schames

Skimming scheme Risk Management Control Audit

Unrecorded sales

• • • •

Register manipulation Skimming during non business hours Skimming of “Off-site Sales” Poor collection procedures Risk Management Control Audit

Unrecorded sales Modus

Unrecorded sales Risk Management Control Audit

Understated sales and receivables

• • •

Difference between actual purchase price than cash register record Difference between actual purchase item than cash register record False discount Risk Management Control Audit

Understated sales and receivables Modus Understated sales Risk Management Control Audit

Theft of checks trough the mail

• •

Single employee is in charge of opening the mail and recording the receipt of payment Taking checks received in the mail, failling to record these check, and substituting them for collection of currency Risk Management Control Audit

Theft of checks trough the mail modus Theft of incomming checks Risk Management Control Audit

Shorterm skimming

• •

Converting Stolen Check Concealing the Fraud Risk Management Control Audit

Converting Stolen Check

• • • •

Dual endorsement False company account Altered payee designation Check for currency substitution Risk Management Control Audit

Concealing the Fraud

• •

Destroying or altering records of the transaction Concealing receivables skimming scheme

– – –

Lapping Stolen statements False account entries

• • •

Debit accounts Debiting existing or fictitious accounts Writing off account balances

–

Inventory padding Risk Management Control Audit

Shorterm skimming modus

Short Term Skim Risk Management Control Audit

Skimming Detection

Some detection methods that may be effective in detecting skimming schames are :

– – –

Receipt or Sales Level detection Check convertion detection Journal entry review Risk Management Control Audit

Receipt or Sales Level detection

• • •

Key analytical procedures, such vertical and horizontal analysis of sales account Ratio analysis Detail inventory control procedures Risk Management Control Audit

Check convertion detection

Red flag arise when employee attempt to convert a stolen check.

–

Question of validity of the check

– –

Dual endorsement is not allowed Canceled checks with dual endoresement should be scutinized

– –

A forget endorsement is discovered Employee has opened a bank account with a name similar to the victim company

–

An alteration of check payee or endorsement is discovered

–

etc Risk Management Control Audit

Journal entry review

• • • •

Journal entry that should be exemine : False credit to inventory to conceal unrecorded or understated sales Other write-off of inventory for reason of lost, stolen or obsolete product Write-off of account receivable account Irregular entries to cash account Risk Management Control Audit

Skimming Prevention

• • • •

Received of sales level control Check conversion control General control Skimming controls Risk Management Control Audit

Received of sales level control

• •

Internal control procedures for received of sales Management communication to employee Risk Management Control Audit

Check conversion control

• •

Work in cooperatives effort with the bank Check tampering and convertion control Risk Management Control Audit

General control

Poliy and procedures of general control of sales entry and general ledger access will cover:

– –

Appropriate segregation of duties Transaction must be properly record

– –

Proper safeguard measures Independent reconciliation Risk Management Control Audit

Skimming controls

• • • • • • • •

Red flag for detecting : Mail open by someone independent Delevey of unopened businiss mail prohibited to employee Lock box used Cash receipt pre number Check reconciliation Cash receipt deposit daily Employe who handle receipt bonded etc Risk Management Control Audit

Cash larceny

• • •

Theft of cash from the register Other larceny of sales and receivables Cash larceny from the deposit Risk Management Control Audit

Theft of cash from the register

• • • •

Personal check Reversing transaction Altering cash counts Destroying register tapes Risk Management Control Audit

Theft of cash from the register modus Cash larceny from the register Risk Management Control Audit

Other larceny of sales and receivables

•

Post all record but stolen the money received and :

–

Plan to pay the money back

– –

Make unsupported entries Destroy all the record Risk Management Control Audit

Other larceny of sales and receivables modus Other Cash Larceny Risk Management Control Audit

Cash larceny from the deposit

• •

Deposit lapping Deposit in transit Risk Management Control Audit

Cash larceny from the deposit modus

Cash larceny from the deposit Risk Management Control Audit

Cash larceny detection

• • • •

Receipt recording Analytical review Register detection Cash account analysis Risk Management Control Audit

Receipt recording

• • •

Depth analysis for : Mail and register receipt point Jounalizing and recording of receipt The security of the cash from receipt to deposit Risk Management Control Audit

Analytical review

•

Analyzing relationship between sales, cost of sales and return and allowances can detect inappropriate refunds and discount.

Risk Management Control Audit

Register detection

• • • • •

Access to the register must be closely monitored Independent person for preparing register count sheet and aggreed them to register total Popular concealment methods must be watched for.

Complete register documentation and cash etc Risk Management Control Audit

Cash account analysis

•

Reviwing and analyzing all journal entries made to account cash Risk Management Control Audit

Cash larceny prevention

• • • •

Segregation of duties Assigment rotation and mandatory vacation Surprise cash count and procedures supervision Phisical security of cash Risk Management Control Audit

Fraudulent Disbursemet

• • • • •

Check Tampering Register disbursement Billing Payroll Expense reimbursement Risk Management Control Audit

Check Tampering

• • • • •

Forged maker schemes Forged endorsement schemes Altered payee schemes Concealed check schemes Authorized maker schames Risk Management Control Audit

Check Tampering

check Tampering Schemes Risk Management Control Audit

Forged maker schemes

• • • • •

Obtaining the check

–

Employee with accses to company checks

–

Employee lacking accses to company checks To whom is check made payable

–

To the perpetrator

–

To an accomplice

– –

Payable to “cash” Payable to vendor Forging the signature

–

Free hand forgery

–

Photocopied forgery

–

Authomatic check-signing instruments Miscoding fraudulent checks Converting the check Risk Management Control Audit

Forged maker modus

Forged Maker Schemes Risk Management Control Audit

Forged endorsement schemes

• •

Intercepting check before delivery

–

Employee involve in delivery of check

– – –

Poor control of signed check Theft of returned check Re-routing the delivery of check Converting the stolen check Risk Management Control Audit

Forged endorsement modus

Forged Endorsement Schemes Risk Management Control Audit

Altered payee schemes

• • •

Altering check prepared by other :

–

Inserting a new payee

–

Taking on Altering check prepared by the fraudster :

–

Eresable ink

–

Blank check Converting altered check Risk Management Control Audit

Altered payee modus

•

Altering Check Risk Management Control Audit

Concealed check schemes

• •

Employee prepares a fraudulent check and submits it Marker sign the check quickly and without adequate review Risk Management Control Audit

Concealed check modus

Concealed Check Risk Management Control Audit

Authorized maker schames

• • • •

Overriding control through intimidation Poor control Special project account Tampering with signature card Risk Management Control Audit

Authorized maker modus

Authorized Marker Risk Management Control Audit

Check Tampering Detection

• • • •

Account analysis through cut-off statement Bank reconciliation Bank confirmation Check tampering red flag

–

Voided check

–

Missing check

– – – – – –

Check payablee to employee Altered endorsement or dual endorsement Return check Altered payee Duplicate check etc Risk Management Control Audit

Check Tampering Prevention

• • • •

Check disbursement control Bank assisted control Phisical tampering prevention Check theft control procedures Risk Management Control Audit

Register disbursement

• •

False refund False Voids Risk Management Control Audit

False refund

• • •

Fictitious refund Overstated refund Credit card refund Risk Management Control Audit

False refund

False refund modus

Risk Management Control Audit

False void

•

Employee withold the customer’s receipt at the time of sales.

Risk Management Control Audit

False Void

False void modus

Risk Management Control Audit

Register disbursement detection

• •

Fictitious refund and void sales

–

Closely examine the documentation submitted with cash receipt Register schame red flag

–

Inapropriate employee segregation

– –

Cashier have acces to control key Register refund not methodically review

– – –

Personal check from cashier found in register Missing register tapes Inventory total appear forced Risk Management Control Audit

Register disbursement prevention

• • • • •

Review the segregation of duty Access to register must be closely Maintain supervisor near area of the cash register Review supporting document for void and refund Review the numerical sequence and completeness of cash register tapes Risk Management Control Audit

Billing

• • •

Invoicing via shell companies Invoicing via nonaccomplice vendor Personal purchase with company funds Risk Management Control Audit

Invoicing via shell companies

• • • • • • • •

Forming a shell company Submitting false invoices Self approval of fraudulent invoices “Rubber stamps” supervisors Reliance on false document Collusion Purchase of service rather than goods Pass-through schemes Risk Management Control Audit

Invoicing via shell companies modus

False Billing from Shell Companies Risk Management Control Audit

Invoicing via non-accomplice vendor

Risk Management Control Audit

Risk Management Control Audit

Risk Management Control Audit

Risk Management Control Audit

Fraudulent Statement

• •

Financial Non-financial Risk Management Control Audit

TEKNIK MENDETEKSI FRAUD:

( Melalui pemeriksaan atas catatan pembukuan gejala manipulasi dpt diidentifikasikan)  ANALISIS TREND  PENGUJIAN KHUSUS ATAS KEGIATAN YG BERESIKO TINGGI  ANALISIS VARIANCE (EXCEPTIONAL ANALYSIS) ( Jika seseorang bekerja pada suatu jabatan ttt, tindakan negatif apa yg dpt dilakukan ?)  RISK ASSESSMENT ANALYSIS  PELAKU POTENSIAL

Risk Management Control Audit

TEKNIK MENDETEKSI KECURANGAN: CRITICAL POINT AUDITING:

-teknik dimana melalui pemeriksaan atas catatan pembukuan, gejala suatu manipulasi dapat diidentifikasikan -hasilnya berupa gejala atau kemungkinan terjadinya kecurang an yg pada gilirannya mengarah kepada penyelidikan yang lebih rinci -semakin akurat dan komprehensif suatu catatan, semakin e fektif teknik ini dlm mengetahui gejala kecurangan -pendeteksian yg lazim dilakukan dgn teknik ini adalah: * Analisis Trend * Pengujian Khusus terhadap kegiatan-kegiatan yg memiliki re siko tinggi seperti: pembelian, penjualan dan pemasaran, persediaan

Risk Management Control Audit

JOB SENSITIVITY ANALYSIS (JSA)

 Didasarkan pada suatu asumsi bhw bila seseorang/sekelompok karyawan bekerja pada posisi tertentu, peluang/tindakan negatif (kecurangan) apa saja yang dapat dilakukan  Teknik ini merupakan analisis dengan resiko kecurangan dari sudut “PELAKU POTENSIAL”  Hal-hal yg perlu dilakukan dlm menggunakan teknik ini adalah: * metode pendekatan: - mengidentifikasikan semua posisi pekerjaan dengan mengamati: struktur organisasi, uraian tugas, manual dan formulir yang ada, dan pendelegasian wewenang - menyiapkan analisis setiap pejabat * pengawasan rutin (utk mempersulit pelaku kejahatan menjalankan operasinya * karakter pribadi seperti kekayaan yg tidak dapat dijelaskan, pola hidup mewah, pegawai yg sering merasa kecewa/tidak puas, sifat egois dari karyawan, karyawan yg sering mengabaikan instruksi, karyawan yang merasa dianggap paling penting * Tindak Lanjut: hasil analisis akan memberikan gambaran ttg jenis peker jaan mana yang beresiko tinggi dan metode fraud yg bagaimana yg se baiknya diterapkan

Risk Management Control Audit

THEFT ACT INVESTIGATE METHOD:  Surveilance & Copert Operation (Pengamatan thp op. perush)  Invigilation (Kewaspadaan )  Physical Evidence CONCEALMENT INVESTIGATE METHOD: (Penyembunyian)  Document Examination  A u d i t  Computer Searches  Physical Asset Count CONVERSION INVESTIGATIVE METHOD:   Public Record Searches Net Worth Analysis INQUIRY INVESTIGATIVE METHODS:  Interviewing & Interogation  Honestly Testing

Risk Management Control Audit

TESTIMONIAL EVIDENCE EVIDENCE SQUARE PHYSICAL EVIDENCE

Risk Management Control Audit

DOCUMENTARY EVIDENCE PERSONAL OBSERVATION