Fraud & Embezzlement
Download
Report
Transcript Fraud & Embezzlement
Fraud & Embezzlement
Presenters:
Kirk B. Leoni, CPA (Principal) [email protected]
Kelli Boyle, CPA (Manager) [email protected]
Why are we here?
The median response indicated that the typical US
organization loses 7% of its annual revenue to
fraudulent activity.
This percentage applied to the estimated 2008 GDP of
$14.2 trillion would project that roughly $994 billion
would be lost to fraud in 2008.
Source: 2008 Report to the Nation on Occupational Fraud and
Abuse by the Association of Certified Fraud Examiners
How is Fraud Detected?
50%
40%
30%
2008
2006
20%
10%
0%
Tip
By
Internal
Accident
Audit
Internal External Notified
Controls
Audit by Police
Which Organizations Reported the Most Fraud?
40%
35%
30%
25%
2008
2006
20%
15%
10%
5%
0%
Private Co.
Public Co.
Government
Not-for-Profit
Control Weaknesses that Contributed to Fraud
(only selected weaknesses shown)
40%
35%
30%
25%
20%
15%
10%
5%
0%
Lack of IC Lack of Mgmt Ov erride of Poor Tone at Lack of
Rev iew
Controls
the Top
ov ersight
Lack of
Indep.
Checks/audit
Most important contributing factor
Occupational Fraud Schemes by Accounting
Personnel
40%
35%
30%
25%
Accounting
20%
All Cases
15%
10%
5%
0%
ion
ru pt
r
o
C
Billi
ng
t
ts
l
y
d
g
g
sh
en ts
yrol
men
min
me n La rce n
Ha n
erin
a
m
-Ca
e
e
p
e
m
t
s
n
n
P
i
r
s
a
o
m
o
k
a
h
S
N
bu
h
St
bur
Ca s
ck T
e im
Ca s
Dis
len t
e
R
u
r
h
d
e
e
C
u
ist
en s
Fra
Re g
Exp
Fraud Triangle
OPPORTUNITY
PRESSURE / INCENTIVES
RATIONALIZATION
10% of employees will never steal
10% of employees will always steal
80% of employees will steal if given the right opportunity, motivation or justification
Behavioral Red Flags
Living beyond means
Financial difficulties
Wheeler-dealer attitude
Control issues
(unwilling to share duties)
Divorce / Family problems
Unusually close association
with vendor / customer
Addiction problems
Refusal to take vacations
Excessive pressure from
within the organization
# of cases
370
327
195
% of cases
38.6%
34.1%
20.3%
Median Loss
$250k
$111k
$405k
179
164
18.7%
17.1%
$250k
$118k
146
128
65
15.2%
13.3%
6.8%
$410k
$225k
$250k
62
6.5%
$388k
What is the objective of an Audit?
The expression of an opinion about whether your
financial statements are fairly presented, in all
material respects, in conformity with U.S.
GAAP......not to detect fraud.
(According to the ACFE report to the nation, less than 10% of
fraud is discovered by an External Audit)
Limitations of an Audit
Designed to obtain reasonable assurance, not absolute
assurance about whether the financial statements are
free from material misstatement (caused by error or
fraud)
Not designed to detect immaterial errors or fraud.
Not designed to provide assurance about IC or identify
deficiencies
However, SAS 112 requires written communication of those
deficiencies the auditor becomes aware of
Audit vs. Review vs. Compilation
Compilation – lowest level of service – your account
balances assembled into financial statement format
Review – use of analysis as opposed to tracing to source
documents
Reviews & Compilations do not contemplate obtaining an
understanding of IC or the assessment of risk.
Reviews & Compilations cannot be relied upon to disclose errors,
fraud or illegal acts that may exist.
No requirement to communicate IC deficiencies
Agreed upon procedures – another option?
Audit Responsibilities (1 of 3)
Auditors
Conduct the audit in accordance with GAAS
(Generally Accepted Auditing Standards)
Ensure those charged with governance are aware
of IC related matters required to be communicated
Ensure independence
Audit Responsibilities (2 of 3)
Governing Body (Audit Committee)
Oversee the reliability of financial reporting including
effectiveness of internal controls
Review financial statements and determine whether they are
complete and consistent
Understand risks and exposures
Understand the scope of the audit
Audit Responsibilities (3 of 3)
Management
Properly record transactions in the accounting records,
establish and maintain internal controls
Make original accounting records and related information
available
Allow access to personnel to whom we may direct inquiries
Provide written representations regarding the financial
statements and the effectiveness of IC
Ensure compliance with laws & regulations
Recent Developments
SAS 104-111 “Risk Assessment Standards”
Designed to improve the effectiveness of audits
More rigorous assessment of risk
Linkage between risks and audit procedures
SAS 114 “The Auditor’s Communication with those
Charged with Governance”
Emphasizes our audit requirements and communicates
significant findings to the appropriate level of governance
Recent Developments (continued)
SAS 112 “Communicating Internal Control related
Matters Identified in an Audit”
New definitions of significant deficiencies and material
weaknesses (less room for auditor judgment)
Requires written communication of significant deficiencies
and material weaknesses
SAS 112 – Definitions
Control Deficiency
Exists when the design or operation of a control does not
allow for prevention or detection of a misstatement on a
timely basis
Deficiency in design – a control is missing or not properly
designed
Deficiency in operation – when a properly designed control does
not operate as designed or when the person performing the
control doesn’t have the necessary authority or qualifications
SAS 112 – Definitions (continued)
Significant Deficiency
A control deficiency (or combination of control deficiencies)
which result in a more than remote likelihood that a
misstatement that is more than inconsequential (magnitude)
will not be prevented or detected
Material Weakness
A significant deficiency (or combination of significant
deficiencies) that results in a more than remote likelihood that
a material misstatement (magnitude) will not be prevented or
detected
SAS 112 Examples
Management letter comment
Significant Deficiency
Petty cash is not reconciled – likelihood of misstatement is more than remote;
the magnitude would be inconsequential
Failure to perform monthly reconciliations of significant accounts in a timely
manner (AR, AP) – likelihood is more than remote however other related
procedures (bank statement review, budget vs. actual analysis etc.) would
reduce the magnitude to less than material but more than inconsequential
Material Weakness
Same individual receives the bank statement, prepares reconciliation and has
check signing authority. There is no formal review of the bank reconciliations –
likelihood is more than remote; magnitude could be material
Fraud Examples “in the News”
Payroll & Compensation
Fictitious employees: San Jose, CA – employee embezzled
$11m from her employer by providing false payroll data to a
processing company and forging signatures
People behave the way you pay them to behave
Dominos – Driver ran red light speeding to make 30-minute delivery.
Woman received $750k in actual damages & $78m in punitive
damages.
Commissions based on gross sales only (billing schemes)
Fraud Examples “in the News”
Lack of oversight
Portland, ME – partner in Verrill Dana, LLP was
fired for stealing money from the firm and clients
Managed private trusts and bank accounts
Over billed clients
Stole money from private accounts
Redirected funds to himself that should have gone to the
firm
Stole over $400k
Fraud Examples “in the News”
White-Collar Crime: “Honest Person Turned Felon”
(embezzled over $250,000)
CPA at local accounting firm in North Carolina
Handled Trusts and Retirement accounts for corporate and
individual clients
Felt the need to “keep up with the Joneses” by spending
money they didn’t have
“Poster boy for the Fraud Triangle”
Action Steps
Independent review of bank statements
Conduct a “brainstorming session” with appropriate staff and board
members to identify risk areas
Review “Understanding Internal Control” document*
Review “Audit Organizer” for proactive tips your organization can use
to be prepared for an audit*
Establish a whistleblower protection policy
Conduct background checks on employees
Utilize internal control checklists to help identify weaknesses
Provide employee training
Monitor internal controls!
*available at nathanwechsler.com
(under Resources > NW Insights)