More Related Content
Similar to 2016 - Fraud Detection & Prevention with Internal Controls (Updated for 2016 ACFE Study)
Similar to 2016 - Fraud Detection & Prevention with Internal Controls (Updated for 2016 ACFE Study) (20)
More from Ron Steinkamp (17)
2016 - Fraud Detection & Prevention with Internal Controls (Updated for 2016 ACFE Study)
- 2. • Occupational Fraud Defined
• ACFE Fraud Study Results & Recommendations
• Occupational Fraud Categories & Schemes
• Red Flags of Fraud
• Keys to Prevention & Detection
• Essential Internal Controls
2
Agenda
© 2016 All Rights Reserved
Brown Smith Wallace LLP
- 4. The use of one’s occupation for personal enrichment through the
deliberate misuse or application of the employing organization’s
resources or assets.
Violation of trust
Three general categories:
Asset misappropriation
Corruption
Financial statement fraud
4
Definition
© 2016 All Rights Reserved
Brown Smith Wallace LLP
- 5. Perpetrator steals or misuses an organization’s resources.
Examples:
a. Clerk stealing cash receipts.
b. Payroll Clerk creating a ghost employee.
c. Purchasing Clerk creating a fictitious vendor and false
invoice.
d. Employees “borrowing” equipment, tools, etc.
e. Sales person purchasing personal items on the
Company credit card.
f. Falsified expense reports.
5
Asset Misappropriation
© 2016 All Rights Reserved
Brown Smith Wallace LLP
- 6. Employee’s use of influence in business transactions in a way
that violates duty to the employer for the purpose of obtaining
benefit for self or someone else.
Examples:
a. Purchasing Department Manager awarding a contract
to a vendor for a kickback.
b. Human Resources Director hiring unqualified “friends”
to fill positions.
c. City Council member trading votes for personal favors.
6
Corruption
© 2016 All Rights Reserved
Brown Smith Wallace LLP
- 7. Intentional misstatement or omission of material information in
the organization’s financial reports.
Examples:
a. Inflating revenues on the financial statements.
b. Concealing liabilities and expenses.
c. Improperly valuing assets
7
Financial Statement Fraud
© 2016 All Rights Reserved
Brown Smith Wallace LLP
- 8. 2016 ACFE Fraud Study
Results & Recommendations
8
© 2016 All Rights Reserved
Brown Smith Wallace LLP
- 9. World’s largest anti-fraud organization and premier provider of
anti-fraud training and education.
Over 75,000 members in more than 140 countries.
Provides educational tools and practical solutions for anti-fraud
professionals.
Offers its members the opportunity for professional certification
– the CFE credential is preferred by businesses and
government entities around the world and indicates expertise in
fraud prevention and detection.
9
About the ACFE
© 2016 All Rights Reserved
Brown Smith Wallace LLP
- 10. Online survey distributed to over 41,000 CFEs. Received 2,410
usable responses for purposes of the report.
Respondents were asked to provide a detailed narrative of the
single largest fraud case they investigated since January 2014.
Respondents were also presented with 81 questions to answer.
Survey respondents had a median of 10 years of experience in
fraud examination.
10
Study Methodology
© 2016 All Rights Reserved
Brown Smith Wallace LLP
- 11. • Estimated organizations lose 5% of annual revenue to fraud – applied to 2014
estimated Gross World Product, this translates to potential fraud loss of up to $3.7
trillion worldwide.
• Median loss in the study was $150,000 with more than 23.2% of the cases involving
losses over $1 million.
• Fraud lasted a median of 18 months, losses rose with duration of scheme.
• Asset misappropriation schemes (fraudulent disbursements, theft of cash receipts,
other asset misappropriations) were the most common form of fraud, representing
83% of the cases and least costly at a median loss of $125,000.
• Financial statement fraud schemes were the least common form of fraud,
representing less than 10% of the cases and most costly at a median loss at
$975,000.
11
Summary of Findings
© 2016 All Rights Reserved
Brown Smith Wallace LLP
- 12. • Corruption schemes fell in the middle, comprising just over 35% of cases
and causing a median loss of $200,000.
• Occupational frauds are most likely to be detected by tips (40%) followed by
management review (13%) and Internal Audit (16%).
• Small organizations are disproportionately victimized by occupational fraud.
• Banking/financial services, manufacturing and government/public
administration were the most commonly victimized industries.
• Anti-fraud controls appear to help reduce the cost and duration of
occupational fraud schemes.
• High-level perpetrators cause the greatest damage to their organizations.
12
Summary of Findings
© 2016 All Rights Reserved
Brown Smith Wallace LLP
- 13. • More than 75% of frauds were committed by individuals in one of six departments:
• Accounting/Finance
• Operations
• Sales
• Executive/upper management
• Customer service
• Purchasing
• First-time offenders - More than 85% of fraudsters had never been previously
charged or convicted for a fraud-related offense.
• Fraud perpetrators often display warning signs – most common behavioral red flag
reported in the survey were perpetrators living beyond their means (45%) and
experiencing financial difficulty (30%).
• Nearly half of victim organizations do not recover any losses that they suffer due to
fraud.
13
Summary of Findings
© 2016 All Rights Reserved
Brown Smith Wallace LLP
- 16. • Occupational fraud is a global problem – trends in fraud schemes, perpetrator characteristics and
anti-fraud controls are similar regardless of where the fraud occurred.
• Fraud reporting is a critical component of an effective fraud prevention and detection system.
• Organizations over-rely on audits.
• Employee education is the foundation of preventing and detecting occupational fraud. Most frauds
are detected by tips and anti-fraud training for employees and managers results in lower fraud
losses.
• Surprise audits are an effective, yet underutilized, tool in the fight against fraud. Useful in detecting
fraud, but most important benefit is in preventing fraud by creating a perception of detection.
• Small business are particularly vulnerable to fraud due to far fewer controls in place. Need to focus
on hotlines and setting an ethical tone.
• Internal controls alone are insufficient to fully prevent occupational fraud.
16
Conclusions & Recommendations
© 2016 All Rights Reserved
Brown Smith Wallace LLP
- 17. • Fraudsters exhibit behavioral warning signs of their misdeeds. For example:
• Living beyond their means.
• Financial difficulties.
• Exhibiting control issues – unwillingness to share duties.
• Unusually close relationship with vendor/customer.
• Wheeler dealer attitude.
• Family problems.
• Irritability, suspiciousness or defensiveness.
• Addiction problems.
• Refusal to take vacation.
• Etc.
• Auditors and employees should be trained to recognize the common behavioral signs that a fraud
is occurring.
• Effective fraud prevention measures are critical
17
Conclusions & Recommendations
© 2016 All Rights Reserved
Brown Smith Wallace LLP
- 20. • Most common category of occupational fraud –
over 83% of cases reported.
• Least costly – median loss of $125,000.
• Billing schemes were most common and check
tampering the most costly (median loss of
$158,000)
20
Overall Asset Misappropriation Findings
© 2016 All Rights Reserved
Brown Smith Wallace LLP
- 21. – Check Tampering
– Billing
– Non-Cash
– Payroll
– Skimming
– Expense Reimbursements
– Cash Larceny
– Cash on Hand
– Cash Register Disbursements
© 2016 All Rights Reserved
Brown Smith Wallace LLP
21
Asset Misappropriation Schemes
- 22. • Steal employer funds by intercepting, forging or altering
a check drawn on employer bank account.
• Examples:
– Steal blank check stock and make check out to self.
– Steal outgoing check to vendor and deposit into personal
account.
• ACFE Global Fraud Study Findings
– 11.4% of cases.
– $158,000 median loss.
– 24 months median duration.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
22
Asset Misappropriation - Check Tampering
- 23. • Cause employer to issue payment for fictitious goods or
services, inflated invoices or invoices for personal
purchases.
• Examples:
– Create shell company and bill employer for services not
rendered.
– Purchase personal item and submit invoice to employer for
payment.
• ACFE Global Fraud Study Findings:
– 22.2% of cases.
– $100,000 median loss.
– 24 months median duration.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
23
Asset Misappropriation - Billing
- 24. • Employee steals or misuses any non-cash assets of the
organization.
• Examples:
– Steal assets or inventory.
– Steal or misuse confidential organization or customer data.
– Misuse assets or equipment for personal use.
• ACFE Global Fraud Study Findings:
– 19.2% of cases.
– $70,000 median loss.
– 15 months median duration.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
24
Asset Misappropriation - Non-Cash
- 25. • Employee causes employer to issue a payment by
making false claims for compensation.
• Examples:
– Claim overtime for hours not worked.
– Add ghost employees to payroll.
– Inflate wages.
• ACFE Global Fraud Study Findings:
– 8.5% of cases.
– $90,000 median loss.
– 24 months median duration.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
25
Asset Misappropriation - Payroll
- 26. • Employee steals an incoming payment from an
organization before it is recorded on the organization’s
books and records.
• Examples:
– Accept payment, don’t record sale and pocket the money.
– Steal payments on receivables and write-off the account.
– Conceal theft of previous receipts by applying payments from
current receipts (lapping).
• ACFE Global Fraud Study Findings:
– 11.9% of cases.
– $53,000 median loss.
– 22 months median duration.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
26
Asset Misappropriation - Skimming
- 27. • Employee makes a claim for reimbursement of fictitious
or inflated business expenses.
• Examples:
– File a fraudulent expense report.
– Claiming personal travel.
– Nonexistent meals.
• ACFE Global Fraud Study Findings:
– 14% of cases.
– $40,000 median loss.
– 24 months median duration.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
27
Asset Misappropriation - Expense Reimbursements
- 28. • Employee steals cash receipts from an organization after
it has been recorded on the organization’s books and
records.
• Examples:
– Steal cash and checks from daily receipts before they can be
deposited in the bank.
– False voids or refunds.
• ACFE Global Fraud Study Findings:
– 8.4% of cases.
– $90,000 median loss.
– 20 months median duration.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
28
Asset Misappropriation - Cash Larceny
- 29. • Employee steals cash kept on hand at organization.
• Examples:
– Steal cash from company vault.
– Steal from petty cash funds.
• ACFE Global Fraud Study Findings:
– 11.5% of cases.
– $25,000 median loss.
– 15 months median duration.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
29
Asset Misappropriation - Cash on Hand
- 30. • Employee makes false entries on a cash register to
conceal the fraudulent removal of cash.
• Examples:
– Void a sale on the register and steal the cash .
– Ring up a false refund and pocket the cash.
• ACFE Global Fraud Study Findings:
– 2.7% of cases.
– $30,000 median loss.
– 13 months median duration.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
30
Asset Misappropriation - Cash Register Disbursements
- 31. • 35.4% of cases reported.
• Median loss of $200,000.
• Median duration – 18 months.
• Employees acting alone or in collusion with
vendors/contractors.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
31
Overall Corruption Findings
- 32. • Conflicts of Interest
• Bribery
• Illegal Gratuities
• Economic Extortion
© 2016 All Rights Reserved
Brown Smith Wallace LLP
32
Corruption Schemes
- 33. • Employee/agent has an undisclosed personal or
economic interest in a matter that influences decisions
and undermines their professional responsibility to their
organization.
• Types:
– Purchasing
– Sales
© 2016 All Rights Reserved
Brown Smith Wallace LLP
33
Corruption - Conflicts of Interest
- 34. • Undisclosed financial interest in a supplier or contractor.
• Sets up a bogus contractor/vendor or buys through broker or middleman the
employee controls.
• Involved in other business ventures with supplier or contractor.
• Interest in competing business.
• Accepts inappropriate gifts, travel, entertainment or fees (kickbacks) from
vendors.
• Negotiates for or accepts employment with a supplier.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
34
Corruption - Conflicts of Interest - Purchasing
- 35. • Underselling: Employee has hidden interest in an outside company to
which they sell goods or services at below market prices.
• Writing off Sales: Employee tampers with organizations books to decrease
or write-off amounts owed by the company in which the employee has a
hidden interest.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
35
Corruption - Conflicts of Interest - Sales
- 36. • Improper, undisclosed payments made to obtain
favorable treatment.
• Collusion between external and internal parties = makes
it hard to detect.
• Types:
– Invoice Kickbacks
– Bid Rigging
© 2016 All Rights Reserved
Brown Smith Wallace LLP
36
Corruption - Bribery
- 37. • Vendor submits false invoices that either overstate the
cost of goods/services or reflect fictitious sales.
• Vendor pays kickback to employee of victim organization
who either:
– Has approval authority and approves payment of the invoice.
– Lacks approval authority, but circumvents accounts payable
controls.
• Creating a fictitious purchase requisition and/or order.
• Preparing a fraudulent invoice.
• Preparing false vouchers.
• Gaining access to a restricted password in order to authorize payments in
the payables system.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
37
Corruption – Bribery - Kickback
- 38. • Employee receives kickback for directing business to a
vendor.
• Vendor pays kickback to ensure a steady stream of
business.
• Vendor does not have to compete for the business and is
no longer subject to economic pressures of the
marketplace.
• Purchasing organization almost always overpays.
• Vendor may even raise prices to cover cost of kickback.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
38
Corruption – Bribery – Bid Rigging
- 39. • Giving or receiving something of value to reward a
business decision.
• Examples:
– A Real Estate Director negotiated a land development deal with
a group of private investors. After the deal was approved, the
Director and his wife were rewarded with a free international
vacation.
– A Government Purchasing Manager awarded a Government
contract to a new supply company. After the contract was
approved, the Purchasing Manager received World Series
Tickets.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
39
Corruption - Illegal Gratuities
- 40. • Employee, through the wrongful use of actual or
threatened force or fear, demands money or other form
of consideration to make a particular business decision.
• Refusal to pay results in harm to the vendor.
• “Pay up or else…..”
© 2016 All Rights Reserved
Brown Smith Wallace LLP
40
Corruption - Economic Extortion
- 41. • 10% of cases reported.
• Median loss of $975,000.
• Median duration – 24 months.
• Occurs at higher levels/positions in the organization.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
41
Overall Financial Statement Findings
- 42. • Fictitious Revenues
• Timing Differences
• Improper Asset Valuations
• Concealed Liabilities and Expenses
• Improper Disclosures
© 2016 All Rights Reserved
Brown Smith Wallace LLP
42
Financial Statement Fraud Schemes
- 43. • Recording of sales of goods or services that did not
occur.
• Can involve fake or legitimate customers:
– Prepare fictitious invoice (not mailed) for legitimate customer
even though goods not delivered or services not rendered.
– Artificially inflate or alter invoices to reflect higher amounts than
actually sold.
• Typical accounting entry:
Accounts Receivable (Debit) xxx,xxx
Sales (Credit) xxx,xxx
© 2016 All Rights Reserved
Brown Smith Wallace LLP
43
Financial Statement - Fictitious Revenues
- 44. • Recording of sales of revenues or expenses in improper
periods.
• Types:
– Premature revenue recognition: recognize revenue before
realized or realizable and earned. One or more of the following
criteria not met:
• Persuasive evidence of an arrangement exists.
• Delivery has occurred or services have been rendered.
• The seller’s price to the buyer is fixed or determinable.
• Collectability is reasonable assured.
– Sales with Conditions: terms have not been completed or
rights and risks of ownership have not passed to the purchaser.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
44
Financial Statement - Timing Differences
- 45. • Types (continued):
– Long-Term Contracts: Risk is with the percentage-of-
completion method for revenue recognition. Percentage-of-
completion method recognizes revenues and expenses as
measurable progress is made on a project and is vulnerable to
manipulation.
– Multiple Deliverables: Seller completes the earnings process
over a period of time and thus must recognize revenue over this
period as components are delivered (ex. Cell phone and 2 year
service). Managers can manipulate the estimated price of the
individual components to delay or accelerate revenue
recognition.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
45
Financial Statement - Timing Differences
- 46. • Types (continued):
– Channel-Surfing: Sale of an unusually large quantity of a
product to distributors who are encouraged to overbuy through
the use of deep discounts or extended payment terms. Results
in increased short-term earnings. SEC has focused on this
scheme and has brought enforcement actions against major
U.S. corporations including Coca-Cola and McAfee.
– Recording Expenses in Wrong Period: Pressure to meet
budgets can expose organizations to the risk of not timely
recognizing expenses. This results in not properly matching
expenses against the revenue they produce = increased
earnings in the current period and depressed earnings in the
subsequent period.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
46
Financial Statement - Timing Differences
- 47. • Manipulate the valuation of a company’s assets to
strengthen the balance sheet and financial ratios.
• Types:
– Inventory Valuation: Per GAAP, inventory must be valued at
the lower of cost or market. Overstated assets and mismatched
cost of goods sold with revenue could result by:
• Failing to write down or off inventory.
• Manipulation of physical inventory counts.
• Inflation of unit costs.
• Failure to adjust inventory for cost of goods sold.
• Falsely reporting large values of inventory in transit.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
47
Financial Statement - Improper Asset Valuation
- 48. • Types (continued):
– Accounts Receivable:
• Fictitious accounts receivables.
• Failure to write off accounts receivable as bad debt expenses.
– Business Combinations: Companies are required to allocate
the purchase price they have paid to acquire another business to
tangible and intangible assets. The following could occur:
• Over allocation of purchase price to in-process research and development
assets which can be written off immediately.
• Establish excessive reserves for various expenses at time of acquisition with
plans to release the excess reserves into earnings at a future date.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
48
Financial Statement - Improper Asset Valuation
- 49. • Types (continued):
– Fixed Assets: Bogus fixed assets can be created by a variety of
methods:
• Booking fictitious assets.
• Misrepresenting the value of fixed assets.
• Capitalizing non-asset costs (ex. interest and finance charges).
– Understating Assets: Additional funding could be base on asset
amounts (government regulated). Can be done directly or
through improper depreciation.
– Misclassifying Assets: Could be done to meet budget
requirements (ex. Fixed assets reclassified as current assets).
Skews financial ratios and could help with loan covenants or
other borrowing requirements.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
49
Financial Statement - Improper Asset Valuation
- 50. • Understate liabilities and expenses to manipulate financial
statements to make a company appear more profitable.
• Types:
– Liability/Expense Omissions: Fail to record liabilities or expenses.
– Improperly Capitalized Costs: Capitalizing expenses will overstate
income in current period and understate income in subsequent periods
due to depreciation expense.
– Returns and Allowances and Warranties:
• Improper recording of sales returns and allowances = company fails to
properly record the expense associated with sales returns and allowances.
• Improper warranty recording = warranty is offered and warranty expense is
not estimated and accrued.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
50
Financial Statement - Concealed Liabilities and Expenses
- 51. • Types (Continued):
– Using Off-Balance Sheet Entities to Conceal Expenses and
Liabilities: Separate entity created to perform a single business
purpose on the parent company’s behalf. Legal if accounted for
properly. However, not legal if used to hide massive amount of
debt for which parent company is responsible (ex. ENRON).
© 2016 All Rights Reserved
Brown Smith Wallace LLP
51
Financial Statement - Concealed Liabilities and Expenses
- 52. • Management has the responsibility to disclose all
significant (material) information appropriately in the
financial statements. In addition, the disclosed
information must not be misleading.
• Types:
– Liability Omissions: Failure to disclose loan covenants or
contingent liabilities.
– Subsequent Events: Failure to disclose events occurring or
becoming known after the close of the period that could have a
significant effect on the financial position of the entity.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
52
Financial Statement - Improper Disclosures
- 53. • Types (Continued):
– Management Fraud: Failure to disclose significant frauds
committed by officers, executives, and others in positions of
trust.
– Related Party Transactions: Failure to fully disclose when a
company does business with another entity whose management
or operating policies can be controlled or significantly influenced
by the company or by some other party in common.
– Accounting Changes: Failure to disclose accounting changes
related to accounting principles, estimates, or reporting entities.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
53
Financial Statement - Improper Disclosures
- 54. Red Flags of Fraud
54
© 2016 All Rights Reserved
Brown Smith Wallace LLP
- 55. © 2016 All Rights Reserved
Brown Smith Wallace LLP
55
Fraud Triangle
- 56. • Living beyond their means – 45.8%
• Financial difficulties – 30%
• Unusually close association with vendor/customer – 20.1%
• Wheeler-Dealer attitude – 15.3%
• Control issues/unwillingness to share duties – 15.3%
• Divorce/Family problems – 13.4%
• Irritability, suspiciousness, or defensiveness – 12.3%
• Addiction problems – 10%
© 2016 All Rights Reserved
Brown Smith Wallace LLP
56
Behavioral Red Flags – Top 8
- 57. • Middle aged male, employed by the organization for a number of
years and in a position of trust.
• Educated.
• Works in the financial department.
• Member of management.
• Driven by money and opportunity.
IS THIS TRUE?????
© 2016 All Rights Reserved
Brown Smith Wallace LLP
57
Typical Fraudster
- 59. © 2016 All Rights Reserved Brown Smith Wallace LLP
Anti-Fraud Culture
Fraud Policy
Fraud
Awareness/Training
HotlineAssess Fraud Risks
Review/Investigation
Improved Controls
- 60. • Set the tone at the top = Lead by Example
– Responsibility of Directors and Officers
– Behave ethically and openly communicate expectations to employees
– Treat all employees equally
– Zero tolerance
• Create a positive workplace environment
– Focus on employee morale
– Empower employees
– Communicate
• Hire and promote appropriate employees
– Conduct background investigations before hiring or promoting
– Check candidate’s education, employment history, references
– Continuous and objective evaluation of compliance with entity values
– Violations addressed immediately
Anti-Fraud Culture
© 2016 All Rights Reserved Brown Smith Wallace LLP
- 61. • Code of Conduct
– Formalized and founded on integrity
– Defines acceptable employee behavior
– Communicated to all employees
– All employees are held accountable for compliance
• Discipline
– Sends a strong message throughout the entity
– Should be appropriate and consistent
– Consequences of committing fraud clearly communicated throughout
the entity
Anti-Fraud Culture
© 2016 All Rights Reserved Brown Smith Wallace LLP
- 62. • Oversight Process
– Audit Committee or Board of Directors
• Evaluate management’s “tone at the top”, identification of fraud risks and
implementation of anti-fraud controls
• Ensure that management implements anti-fraud measures
• Consider the potential for management override of controls
– Management
• Directs, implements and monitors anti-fraud controls
• Sets the ethical tone
• Trains employees
– Internal Auditor
• Identifies fraud indicators
• Assesses fraud risks
• Evaluates anti-fraud controls
• Recommends actions to mitigate risks
• Investigates potential frauds
• Discipline
– Sends a strong message throughout the entity
– Should be appropriate and consistent
– Consequences of committing fraud clearly communicated throughout
the entity
Anti-Fraud Culture
© 2016 All Rights Reserved Brown Smith Wallace LLP
- 63. • Demonstrate commitment to combating fraud
• Apply to all Directors, Management, employees,
consultants, vendors, contractors, etc.
• Should include:
– Statement of organization’s position on fraud
– Scope of the policy – who does it apply to
– Management’s responsibility for prevention and detection of fraud
– Definition of fraud
– Actions constituting fraud
– Fraud reporting process/procedures
– Fraud investigation process/procedures
– Unit responsible for administration of the policy and investigating fraud
allegations
– Statement on anonymity/confidentiality
– Consequences
Fraud Policy
© 2016 All Rights Reserved Brown Smith Wallace LLP
- 64. • Reviewed and updated regularly.
• Signed off and agreed to by the CEO and Board Chair.
• See the ACFE for an example Fraud Policy
http://www.acfe.com/uploadedFiles/ACFE_Website/Content/documents/Sa
mple_Fraud_Policy.pdf
Fraud Policy
© 2016 All Rights Reserved Brown Smith Wallace LLP
- 65. • All new employees should be trained at time of hiring
on the Code of Conduct and Fraud Policy.
• Training should include:
– Their duty to communicate certain matters
– A list of the types of matters to be communicated along with examples
– How to communicate those matters
– Affirmation from senior management regarding employee expectations
and communication responsibilities
• Refresher training periodically
Fraud Awareness/Training
© 2016 All Rights Reserved Brown Smith Wallace LLP
- 66. • Enable employees, vendors, customers and others to
communicate concerns about known or suspected
wrongdoing.
• Telephone, email, internet.
• Anonymous.
• Adequately publicized.
• Internal or External.
• Complaint monitoring and investigation/resolution.
Hotline
© 2016 All Rights Reserved Brown Smith Wallace LLP
- 67. • Conduct an annual fraud risk assessment.
– Assists management in systematically identifying where and how fraud may
occur and who may be in a position to commit fraud
– Focus on fraud schemes and scenarios to determine the presence of internal
controls and whether or not the controls can be circumvented.
– General steps:
• Identify areas and processes to assess
• Identify potential fraud schemes in each area/process
• Assess likelihood and significant of each scheme
• Map existing anti-fraud controls to potential fraud schemes
• Test operating effectiveness of antifraud controls
• Identify any control gaps and/or deficiencies = Residual risks
• Document and report on the fraud risk assessment
Assess Fraud Risks
© 2016 All Rights Reserved Brown Smith Wallace LLP
- 68. • Mitigate Fraud Risks
– Make changes to activities and/or processes = transfer or eliminate the risks
– Improve anti-fraud controls
• Monitor Fraud Risks
– Develop data analytics for management to use to monitor fraud risks
– Utilize Internal Audit to conduct audits of risk areas.
Assess Fraud Risks
© 2016 All Rights Reserved Brown Smith Wallace LLP
- 69. • All concerns/suspicions of wrongdoing should be reviewed
and determination made whether a fraud investigation is
warranted.
• Develop a policy for fraud reviews and investigations that
specifies:
– Who is responsible for the review/investigation
– Roles of Legal Counsel, Human Resources, Internal Audit, others
– Process for conducting the review/investigation
– Documentation requirements
– Reporting requirements
– When to involve law enforcement
Fraud Review/Investigation
© 2016 All Rights Reserved Brown Smith Wallace LLP
- 70. • Gather sufficient information and perform procedures
necessary to determine:
– Whether fraud has occurred
– Loss or exposure associated with the fraud
– Who was involved and how it happened
• Must prepare, document and preserve evidence sufficient for
potential legal proceedings.
• Include experts = Certified Fraud Examiner (CFE)
Fraud Review/Investigation
© 2016 All Rights Reserved Brown Smith Wallace LLP
- 71. • Use lessons learned from any fraud reviews or investigations
to improve anti-fraud controls.
• All fraud review and investigations should include a report to
management with recommendations for control
improvement.
Improved Controls
© 2016 All Rights Reserved Brown Smith Wallace LLP
- 73. • Utilize electronic payments.
• Properly secure unused checks and equipment.
• Utilize security features on checks.
• Prohibit hand written checks.
• Require two signatures on checks over a certain amount.
• Segregate check preparation from signing.
• Immediately mail checks after signing.
• Establish positive pay controls with the bank.
• Complete independent bank reconciliations timely.
• Review checks issued to employees for irregularities.
• Segregate vendor approval from disbursement responsibilities.
• Perform periodic vendor master file maintenance and review for
irregularities.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
73
Check Tampering Controls
- 74. • Segregate purchasing from accounting and receiving departments.
• Require management approval of purchase requisitions/orders.
• Maintain a master vendor file.
• Require competitive bids.
• 3 way match by accounting of vendor invoice, receiving report and purchase
order.
• Periodically review master vendor file for unusual vendors and addresses.
• Implement automated controls to check for duplicate invoices and purchase
orders.
• Verify vendors with post office boxes.
• Review voucher payments for proper documentation.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
74
Billing Controls
- 75. • Asset policy and procedure manual.
• Tag assets.
• Maintain asset, supply and inventory records.
• Conduct independent periodic inventories of assets, supplies and
inventories.
• Reconcile the physical inventory to asset, supply and inventory records.
• Properly secure and safeguard assets, supplies and inventories.
• Implement an asset, supply and inventory removal policy.
• Store high value items in secure and continuously monitored areas.
• Secure organization, employee and customer data.
• Maintain secure information systems.
• Protect intellectual property, trade secrets, etc.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
75
Non-Cash Controls
- 76. • Maintain personnel records independent of payroll and timekeeping.
• Utilize electronic payroll deposit.
• Periodically review employee payroll list.
• Review paid time off for compliance with policy.
• Periodically compare payroll with personnel records.
• Issue pre-numbered payroll checks in sequential order.
• Payroll bank account reconciled by employee not involved in preparing,
signing or distributing checks.
• Restrict access to payroll check stock and signature stamp.
• Periodically review payroll withholdings.
• Periodically review automatic payroll deposits for duplicates.
• Require salary changes require more than one level of approval.
• Require supervisor authorization of overtime.
• Require supervisors review and approve time.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
76
Payroll Controls
- 77. • Periodic analytical review of revenue.
• Periodic review of accounts receivable for write-offs.
• Periodic review of cash accounts for irregular entries.
• Segregate receipt of cash and checks from deposit and recording functions.
• Restrict cashier from accounts receivable and customer records.
• Immediately restrictively endorse all checks when received.
• Utilize a lockbox service for cash receipts.
• Maintain a safe with restricted access.
• Utilize cameras in cashier areas.
• Deposit cash and checks daily.
• Issue receipts for all transactions.
• Bond employees who handle cash.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
77
Skimming Controls
- 78. • Expense reimbursement policy.
• Require detailed expense reports.
• Supervisory review and approval of expense reimbursement claims.
• Place limits on expenses.
• Require original and detailed receipts.
• Detailed review of expense reimbursement claims.
• Credit/Procurement card policy with limits.
• Safeguards credit/procurement cards.
• Receive and review monthly automated statements from credit/procurement
card companies.
• Require and review monthly detailed credit/procurement card reports from
employees.
• Reconcile credit card statement to employee report.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
78
Expense Reimbursement Controls
- 79. • Independently reconcile cash register tape totals daily to the cash drawer.
• Limit and monitor access to cash draw and safe.
• Properly supervise cashiers.
• Utilize cameras in cashier areas.
• Segregate cash receipts, bank deposit, reconciliation, posting/accounting
and cash disbursement duties.
• Periodic mandatory job rotation for employees who handle cash and
accounting duties.
• Mandatory vacations.
• Surprise cash counts.
• Utilize point of sale system.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
79
Cash Larceny Controls
- 80. • Limit and monitor access:
– Safe.
– Cash handling areas.
– Cash drawer.
– Petty cash.
• Properly supervise cashiers.
• Utilize cameras in cash handling areas.
• Periodic mandatory job rotation for employees who handle cash and
accounting duties.
• Mandatory vacations.
• Surprise cash counts.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
80
Cash On Hand Controls
- 81. • Management approval for refunds, voids, discounts.
• Review refunds, voids and discounts on a periodic basis.
• Require receipts to customers – post sign.
• Record disbursements out of the register and independently reconcile.
• Investigate missing or altered register tapes.
• Daily reconciliation of cash register drawer by independent person.
• Investigate over and short incidents.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
81
Cash Register Disbursement Controls
- 82. • Conflict of interest policy.
• Policy addressing employee receipt of gifts, discounts, and services offered
by suppliers and customers.
• Established procurement/bidding process.
• Pre-Bid solicitation documents reviewed for restrictions on competition.
• Bid solicitation packages numbered and controlled.
• All bids kept confidential.
• Bidder qualifications verified.
• Contracts awarded based on predetermined criteria and documentation of
criteria assessment and award decision maintained.
• Periodic review of purchases for:
– Unreasonable costs.
– Excessive purchases.
– Favored vendors.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
82
Anti-Corruption Controls
- 83. • Proper segregation of duties in purchasing and accounts payable as well as
sales and accounts receivable.
• Purchasing account assignments rotated.
• Periodic comparison of vendor information with employee information.
• Vendors who employ former employees under increased scrutiny.
• Reporting procedure for personnel and other vendors to report concerns
about vendors receiving favored treatment.
• All employees required to complete annual disclosure document that
includes potential conflicts resulting from business ownership and
investment.
• Audit clause in each contract allowing Internal Audit access to audit contract
records and documentation related to contract compliance and
performance.
• Periodic contract audits conducted by Internal Audit.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
83
Anti-Corruption Controls
- 84. • Reduce situational pressures.
• Reduce the opportunity to commit fraud.
• Reduce the rationalization of fraud = strengthen employee personal
integrity.
• Interviews.
© 2016 All Rights Reserved
Brown Smith Wallace LLP
84
Financial Statement Controls
- 85. • Financial statement analysis
– Vertical: analyze relationships between items on an income statement, balance
sheet, or statement of cash flows by expressing components as a percentage of
a base value.
– Horizontal: analyze the percentage of change in individual financial statement
line items from one period to the next.
– Ratio: measuring the relationship between two different financial statement
amounts.
• Current = Current Assets/Current Liabilities
• Quick = (Cash + Securities + Receivables)/Current Liabilities
• Accounts Receivable Turnover = Net Sales on Account/Average Net
Receivables
• Collection = 365/Receivable Turnover
• Inventory Turnover = Cost of Goods Sold/Average Inventory
• Profit Margin = Net Income/Net Sales
• Asset Turnover = Net Sales/Average Assets
© 2016 All Rights Reserved
Brown Smith Wallace LLP
85
Financial Statement Controls
- 86. © 2016 All Rights Reserved
Brown Smith Wallace LLP
86
Questions????
Ron Steinkamp, CPA, CIA, CFE, CRMA, CGMA
Partner, Advisory Services
Brown Smith Wallace LLP
314.983.1238 (Direct)
rsteinkamp@bswllc.com
www.bswllc.com