Basics of Fraud - Northern Arizona University
Download
Report
Transcript Basics of Fraud - Northern Arizona University
BASICS OF FRAUD
NORTHERN ARIZONA UNIVERSITY
DECEMBER, 2010
QUOTES FROM THE FIELD
“All the internal auditors I have talked to in large
organizations have told me that employee frauds
increased substantially during the recessionary years
of 2008 and 2009.”
- Tony Bishop, Director
Deloitte Forensic Center
QUOTES FROM THE FIELD
“The percentage of allegations of fraudulent activity
has more than doubled over the past four years.”
-The Network
Corporate Governance and
Compliance Hotline
Benchmarking Report
QUOTES FROM THE FIELD
“Many organizations seem to have moved into
firefighting mode, where people do only what they
consider essential. The risk is skimping on fraud
prevention and detection activities today may create
opportunities for catastrophic frauds tomorrow.”
- Tony Bishop, Director
Deloitte Forensic Center
WHAT WILL WE COVER?
What is fraud?
Fraud triangle/diamond
Who commits fraud?
Fraud facts
Types of fraud
Detection
Red flags
How organizations encourages fraud
Lowering the risk of fraud
Roles in fraud prevention and detection
What to do if you suspect fraud
WHAT IS FRAUD?
The Association of Certified Fraud Examiners
(ACFE) defines the term “occupational fraud” as:
The use of one’s occupation for personal
enrichment through the deliberate misuse or
misapplication of the employing organization’s
resources or assets.
WHAT IS FRAUD?
What does that really mean?
The intentional and wrongful obtainment of a benefit through:
Theft or embezzlement
False statements (documents, grants, applications)
Corruption, kickback, conspiracies, collusion, bribes
Misappropriation of assets (travel expenses, payroll, equipment)
FRAUD TRIANGLE
PRESSURE
FRAUD TRIANGLE - PRESSURE
PRESSURE is the motive for committing fraud.
Lifestyle
Personal debt (debt, financial losses, gambling, drugs)
Illness
Job dissatisfaction
FRAUD TRIANGLE - RATIONALIZATION
RATIONALIZATION is the justification to make their
actions consistent with their personal code of
conduct.
“I’m only borrowing the money – I’ll pay it back.”
“Everyone does it.”
“I’m not hurting anyone.”
“It’s for a good purpose.”
“It’s not that big of a deal.”
“They owe me. I should be paid more.”
FRAUD TRIANGLE - OPPORTUNITY
OPPORTUNITY is the situation that allows fraud to
occur in the first place.
A lack of or inadequate internal controls
Separation of duties
Supervision and review
Management approval
Technology controls
Inability to judge the quality of the work of others
Form over function
Management ignorance or apathy
Focus on “higher priorities”
FRAUD DIAMOND
FRAUD DIAMOND
CAPABILITY is the knowledge to commit the fraud.
Confidence to execute the fraud without getting caught.
Will know the weaknesses in “the system.”
Recognizes the opportunity and can turn it into reality.
Thrill or risk seeking behavior.
WHO COMMITS FRAUD?
How many employees…
Will?
Might?
Won’t?
WHO COMMITS FRAUD?
WON’T
40%
WILL
30%
MIGHT
30%
Source: EideBailly/ACFE
WHO COMMITS FRAUD?
“The vast majority of people who end up stealing from an
organization had no intention of doing so when they
went to work or began contracting relationships there
but loyalty diminishes in tough times, especially after
widespread layoffs and contracting cutbacks, thereby
creating a ‘high-fraud environment.’”
- James Ratley, President
Assoc. Certified Fraud Examiners
WHO COMMITS FRAUD?
Compared to other property offenders, fraudsters…
Have better psychological health
Exhibit more:
Social conformity
Motivation
Optimism
Family harmony
Self Esteem
Social control
Self sufficiency
Kindness
Achievement
Empathy
Source: Fraud Examination by W. Steve Albrecht
WHO COMMITS FRAUD?
How often? How much?
Male or Female?
Employee, manager or executive?
Age?
Length of service?
Criminal background?
Employment background?
WHO COMMITS FRAUD?
80%
70%
67%
60%
50%
40%
33%
30%
20%
10%
0%
MALE
FEMALE
NOTE: Percentages equal at “employee” level but more
predominantly male in “manager” and “owner/exec” levels.
WHO COMMITS FRAUD?
45%
40%
$80K
35%
$200K
30%
25%
20%
15%
$723K
10%
5%
0%
EMPLOYEE
MANAGER
OWNER/EXEC
WHO COMMITS FRAUD?
40%
$124K
35%
$268K
30%
25%
20%
15%
$44K
$359K
10%
$974K
5%
0%
UNDER
30 31 - 40
41 - 50
51 - 60
60+
WHO COMMITS FRAUD?
50%
$114K
45%
40%
35%
30%
25%
$231K
$289K
6 TO 10
10+
20%
15%
10%
$47K
5%
0%
UNDER 1
1 TO 5
WHO COMMITS FRAUD?
100%
90%
86%
80%
70%
60%
50%
40%
30%
20%
8%
10%
6%
0%
NEVER CHARGED
CHARGED WITH NO PRIOR CONVICTION
CONVICTION
WHO COMMITS FRAUD?
90%
82%
80%
70%
60%
50%
40%
30%
20%
10%
8%
10%
PUNISHED BUT NOT
TERMINATED
TERMINATED
0%
NEVER PUNISHED
FACTS ABOUT FRAUD
Typical organization loses 5% of revenue.
Median duration is 18 months before detection.
Asset misappropriation is most common at 90% but
least costly with median loss of 21% of total dollars
lost or $135,000.
Occupational fraud usually detected by tip.
Small organizations have a higher rate of
victimization.
FACTS ABOUT FRAUD
Government/public administration one of the most
commonly victimized sectors.
Anti-fraud controls reduce the cost and duration of
schemes.
85% of fraudsters had no previous charge or
conviction for fraud related offense.
Perpetrators often display warning signs including
living beyond means (43%) and experiencing
financial difficulties (36%).
TYPES OF FRAUD
CORRUPTION
CONFLICT OF
INTEREST
BRIBERY
ILLEGAL
GRATUITIES
ECONOMIC
EXTORTION
ASSET
MISAPPROPRIATION
FRAUDULENT
STATEMENTS
CASH
FINANCIAL
INVENTORY &
OTHER ASSETS
NONFINANCIAL
ASSET MISAPPROPRIATION
CASH
LARCENY
SKIMMING
Cash on
hand
Sales
AR
From
deposit
Unrecorded
Writeoffs
Other
Understated
Lapping
FRAUDULENT
DISBURSEMENTS
Unconceal
Refunds
& other
ASSET MISAPPROPRIATION
FRAUDULENT
DISBURSEMENTS
Billing
Payroll
Expense
Reimb
Check
Tampering
Cash
Register
shell
company
ghost
employees
mischaracterized
forged
maker
false voids
vendor
commissions
overstated
forged
endorser
false
refunds
personal
purchases
workers
comp
fictitious
altered
payee
falsified
wages
multiple
reimb
concealed
checks
authorized
maker
ASSET MISAPPROPRIATION
INVENTORY &
OTHER ASSETS
MISUSE
LARCENY
requisition
& transfers
false sales
& shipping
purchasing
& receiving
unconceal
HOW IS FRAUD DETECTED
0%
IT CONTROLS
CONFESSION
POLICE
MONITORING
EXTERNAL AUDIT
DOCUMENT EXAMINIATION
ACCOUNT RECONCILIATION
BY ACCIDENT
INTERNAL AUDIT
MANAGEMENT REVIEW
TIP
10%
20%
30%
40%
50%
HOW IS FRAUD DETECTED
FRAUDSTER ACQUAINTANCE
2%
COMPETITOR
3%
SHAREHOLDER / OWNER
4%
VENDOR
12%
ANONYMOUS
13%
CUSTOMERS
18%
EMPLOYEES
50%
0%
10%
20%
30%
40%
50%
60%
RED FLAGS OF FRAUD - EMPLOYEE
Lifestyle changes: expensive car, jewelry, home,
clothes
Significant personal debt and credit problems
Behavioral changes: physical appearance,
absenteeism, creative “explanations”, inconsistent or
illogical behavior, forgetfulness.
Refusal to take sick or vacation leave.
Tips or complains from employees.
Overworked employee who will not let others help.
RED FLAGS OF FRAUD - MANAGEMENT
Reluctance to provide information to auditors
Weakness in internal control environment
Decentralization without monitoring
High employee turnover
Other priorities
RED FLAGS OF FRAUD - TRANSACTIONS
Odd timing – days of week, month, year, season
Frequency – too many, too few
Amount – too high, too low, too alike, too different
Use of common names and street addresses
Excess number of exceptions
RED FLAGS OF FRAUD - DOCUMENTS
Source / backup documents cannot be located
Unexplained items on reconciliations
Only photocopied document is available
Alterations on documents
Questionable handwriting on documents
WENDY’S TOP TEN
“Can’t find” documentation
Excessive missing documentation
Form over function
Management override of control
“The rules don’t apply to me” attitude
Lacking of segregation of duties
Protecting an employee by bending the rules
Secretive employees
Turnover
“Clustered” approvals
RISKY TRANSACTIONS
PCard personal purchases
PCard/travel double dip
Cash receipting/depositing process
Computer purchases
Accounts receivable
HOW ORGANIZATIONS ENCOURAGE FRAUD
Hiding incidents of fraud
Poor hiring choices
Not listening to employees concerns
Treatment of whistleblowers
Weak enforcement policy
Hoping for resignation
Management override of controls
Over-reliance on audits
HOW ORGANIZATIONS ENCOURAGE FRAUD
Responsibility, accountability and authority not
established or documented
Goals and objectives neither established or
monitored for success
Lack of proper policies or procedures
Low priority for internal controls
Lack of separation of duties
Inadequate documentation
Form over function for controls
CREATING A LOW FRAUD ENVIRONMENT
Setting the tone
Proper separation of duties
Physical safeguards over assets
Proper documentation
Proper approvals
Adequate supervision
Physical inventories
Reconciliations
Honest, knowledgeable employees
ROLES IN FRAUD PREVENTION AND DETECTION
It is management’s responsibility to institute, establish,
and monitor controls and uncover fraudsters.
ABOR 6-711 “Internal Control Responsibilities”
President
Chief financial or business officer
Provosts, vice presidents, deans and other management
Chief audit executive
All employee
ROLES IN FRAUD PREVENTION AND DETECTION
Management
Sets the tone
Takes responsibility to institute proper controls
Segregates task responsibilities appropriately
Grants employees access only to appropriate resources
Is engaged and interested
Business role in department
Distributes policies and ensures understanding
Compares actual to budget or other system of record
Raises questions and concerns
Performs reconciliations in a timely manner
ROLES IN FRAUD PREVENTION AND DETECTION
Initiator
Understands policy
Gathers required documentation
Provides adequate business purpose
Preparer
Reviews and verifies that all documentation is complete and
attached
Reviews transaction for reasonableness
Reviews transaction for compliance with policy
ROLES IN FRAUD PREVENTION AND DETECTION
Approver
Understands policy
Reviews transactions for compliance with policy, proper
business purpose, timeliness, adequate documentation, etc.
Rejects transactions that are not sufficiently supported
Raises questions and concerns
ROLES IN FRAUD PREVENTION AND DETECTION
Comptroller’s Office
Educate the university community
Answer questions and address concerns
Monitor transactions for compliance and fraud
Suggest improvements to processes and controls
Internal Audit
Perform internal audits on a risk basis
Suggest improvements to processes and controls
Provide reasonable assurance that controls are working as
intended
WHAT TO DO IF YOU SUSPECT FRAUD
Report the concern to
Your supervisor
Financial Controls
Internal Audit
NAUPD online reports (anonymous)
THANK YOU!
[email protected]
Sources
EideBailly
Association of Certified Fraud Examiners
State University of New York at New Paltz
Texas Tech University System
The Institute of Internal Auditors