SlideShare ist ein Scribd-Unternehmen logo
1 von 25
Downloaden Sie, um offline zu lesen
Making Your Business Secure: What’s Enough?



   Internal Controls from a Non-IT Perspective

                 Presented By
             Michelle Pyan, LPI, MBA
           Commercial Investigations LLC



                                           September 22, 2011
His presentation
Making Your Business Secure: What’s Enough?
   Internal Controls from a Non-IT Perspective
       BACKGROUND INVESTIGATIONS
 Check references
 and do background
 checks before hiring
 employees.
 • Your Employees
 • Your Client’s Employees
Making Your Business Secure: What’s Enough?
   Internal Controls from a Non-IT Perspective
          BACKGROUND INVESTIGATIONS
 • Making the Case
    –   Discourages Undesirable Applicant’s
    –   Encourages Open Communication
    –   Eliminates Uncertainty
    –   Demonstrates Due Diligence
    –   Promotes Workplace Safety
    –   Excellent Return on Investment
Making Your Business Secure: What’s Enough?
   Internal Controls from a Non-IT Perspective
         BACKGROUND INVESTIGATIONS
   • ROI / Cost Benefit
     –   Employee Pilferage
     –   Commercial Bribery
     –   Embezzlement
     –   Vandalism
     –   Burglary
     –   Insurance/Workers Compensation fraud
     –   Arson
     –   Computer Fraud
Making Your Business Secure: What’s Enough?
   Internal Controls from a Non-IT Perspective
       BACKGROUND INVESTIGATIONS
 • Credit Reports
    – Determine if employee is living within their means
    – Deters employee fraud
    – Must be job related
       • Crucial for Payroll Handling Employees
       • Crucial for management or any other executive
         involved in signing off on payroll documentation
Making Your Business Secure: What’s Enough?
   Internal Controls from a Non-IT Perspective
       BACKGROUND INVESTIGATIONS

 • Drug Testing
    – Employee Habits Such as Drug Abuse can
      Induce Fraud
    – A Complete Background Check will Include
      a Drug Test
Making Your Business Secure: What’s Enough?
   Internal Controls from a Non-IT Perspective
                PAYROLL FRAUD
 • Ghost Employee
 • False Wage Claim
 • False Expense
Making Your Business Secure: What’s Enough?
   Internal Controls from a Non-IT Perspective
               PAYROLL FRAUD
 • Ghost Employee
    – What
Making Your Business Secure: What’s Enough?
   Internal Controls from a Non-IT Perspective
                   PAYROLL FRAUD
 • Ghost Employee
    – How
      •   Add to Payroll
      •   False Time Sheet
      •   Issue Wage Payment
      •   Collect the Payment
Making Your Business Secure: What’s Enough?
   Internal Controls from a Non-IT Perspective
                    PAYROLL FRAUD
 • Ghost Employee
    – Prevent
      •   No Cash Payments
      •   Supervisors Approve Payroll
      •   Add Employees Only with Approval
      •   Performance Reviews Based on Payroll Register
      •   Rotate Responsibility for Payroll Functions
      •   Have Management Check the Payroll
Making Your Business Secure: What’s Enough?
   Internal Controls from a Non-IT Perspective
               PAYROLL FRAUD
 • False Wage Claim
    – What
Making Your Business Secure: What’s Enough?
   Internal Controls from a Non-IT Perspective
                  PAYROLL FRAUD
 • False Wage Claim
    – How
      • Altering Time Sheets
         – How are the Hours Recorded
Making Your Business Secure: What’s Enough?
   Internal Controls from a Non-IT Perspective
                  PAYROLL FRAUD
 • False Wage Claim
    – Prevent
      • Move Employees to Salary
      • Strict Controls on Overtime
      • Control the Recording of Hours Actually Worked
Making Your Business Secure: What’s Enough?
   Internal Controls from a Non-IT Perspective
                   PAYROLL FRAUD
 • False Expense
    – What
      •   Mischaracterized Expenses
      •   Inflated Expenses
      •   False Expenses
      •   Multiple Claims
Making Your Business Secure: What’s Enough?
   Internal Controls from a Non-IT Perspective
                   PAYROLL FRAUD
 • False Expense
    – How
      •   Mischaracterized Expenses
      •   Inflated Expenses
      •   False Expenses
      •   Multiple Claims
Making Your Business Secure: What’s Enough?
   Internal Controls from a Non-IT Perspective
                 PAYROLL FRAUD
 • False Expense
    – Who
      • Employees who are Reimbursed
      • Employees that Process Expense Claims
Making Your Business Secure: What’s Enough?
   Internal Controls from a Non-IT Perspective
                 PAYROLL FRAUD
 • Lessons Learned
    – Not all Frauds Involve Employees Directly Stealing
      Money or Assets
    – Not all Frauds Occur Once and in Large Amounts
    – Employees Charged with Protecting the Payroll
      System are Best Placed to Defraud the System and
      Hide the Evidence
Making Your Business Secure: What’s Enough?
   Internal Controls from a Non-IT Perspective
                PAYROLL FRAUD
 • Anonymous Hotlines
    – More Frauds are Uncovered via Tips than any
      other Method
    – Accidental Discovery is the Second Most Common
      Method of Detecting Fraudulent Activity
Making Your Business Secure: What’s Enough?
   Internal Controls from a Non-IT Perspective
              CLIENT VETTING
 Does the company
 exist in state corporate
 records?
 Is the signatory a
 principal of the
 company?
Making Your Business Secure: What’s Enough?
   Internal Controls from a Non-IT Perspective
                CLIENT VETTING
   • Tips
     – Cursory searches
        •   White Pages
        •   Google
        •   Pipl
        •   Etc. . . .
     – Experian Biz Apps Reports
     – Third Party Site Inspection
Making Your Business Secure: What’s Enough?
   Internal Controls from a Non-IT Perspective
             CLIENT VETTING

 Screen your
 prospects.
Making Your Business Secure: What’s Enough?
   Internal Controls from a Non-IT Perspective
     QUESTIONS AND ANSWERS
Making Your Business Secure: What’s Enough?
   Internal Controls from a Non-IT Perspective

                  DISCLAIMER
 The information provided in this presentation
 does not constitute legal or accounting advise.
 It is for information and discussion purposes
 only. This presentation may not be reproduced
 without the written consent of the author.
Making Your Business Secure: What’s Enough?
   Internal Controls from a Non-IT Perspective


                 THANK YOU!
             Michelle L. Pyan, LPI MBA
                     President
             Commercial Investigations LLC
                 Licensed Private Investigative Agency
          www.commercialinvestigationsllc.com
                  (800) 284-0906
            michellepyan@commercialinvestigationsllc.com

Weitere ähnliche Inhalte

Ähnlich wie Internal Controls

Accountability And Auditing In Professional Practice
Accountability And Auditing In Professional PracticeAccountability And Auditing In Professional Practice
Accountability And Auditing In Professional PracticeSyed Hassan Ali
 
Fraud Prevention, Detection and Investigation in the Payday Advance Industry
Fraud Prevention, Detection and Investigation in the Payday Advance IndustryFraud Prevention, Detection and Investigation in the Payday Advance Industry
Fraud Prevention, Detection and Investigation in the Payday Advance IndustryDecosimoCPAs
 
Red Flags You’re Missing: How Manufacturers Can Detect and Prevent Employee F...
Red Flags You’re Missing: How Manufacturers Can Detect and Prevent Employee F...Red Flags You’re Missing: How Manufacturers Can Detect and Prevent Employee F...
Red Flags You’re Missing: How Manufacturers Can Detect and Prevent Employee F...Gross, Mendelsohn & Associates
 
2014-06-11 Nonprofit Fraud - What You Need to Know Part III - The Prevention
2014-06-11 Nonprofit Fraud - What You Need to Know Part III - The Prevention2014-06-11 Nonprofit Fraud - What You Need to Know Part III - The Prevention
2014-06-11 Nonprofit Fraud - What You Need to Know Part III - The PreventionRaffa Learning Community
 
China's collections and financial risk kirkendall sept 2018
China's collections and financial risk   kirkendall sept 2018China's collections and financial risk   kirkendall sept 2018
China's collections and financial risk kirkendall sept 2018Kimberly Kirkendall, CPA
 
Fraud risk management lahore oct 15
Fraud risk management lahore oct 15Fraud risk management lahore oct 15
Fraud risk management lahore oct 15Tahir Abbas
 
Binary Scam Watch Monitor | Restriction Of Online Scam
Binary Scam Watch Monitor | Restriction Of Online ScamBinary Scam Watch Monitor | Restriction Of Online Scam
Binary Scam Watch Monitor | Restriction Of Online ScamBinaryScamWatchMonitor
 
How Secure is your Business? Fraud Risk Analysis and Security Management
How Secure is your Business? Fraud Risk Analysis and Security ManagementHow Secure is your Business? Fraud Risk Analysis and Security Management
How Secure is your Business? Fraud Risk Analysis and Security Managementwhbrown5
 
How to prepare for your first anti fraud review
How to prepare for your first anti fraud reviewHow to prepare for your first anti fraud review
How to prepare for your first anti fraud reviewJim Kaplan CIA CFE
 
Steps for setting up Internal Audit Function / Department in Small / Medium S...
Steps for setting up Internal Audit Function / Department in Small / Medium S...Steps for setting up Internal Audit Function / Department in Small / Medium S...
Steps for setting up Internal Audit Function / Department in Small / Medium S...Pritesh Hirapara
 
Financial Shenanigans I.pptx
Financial Shenanigans I.pptxFinancial Shenanigans I.pptx
Financial Shenanigans I.pptxAdityaPTripathi
 
Red Flags of Municipal Fraud: Preventing Employee Dishonesty
Red Flags of Municipal Fraud: Preventing Employee DishonestyRed Flags of Municipal Fraud: Preventing Employee Dishonesty
Red Flags of Municipal Fraud: Preventing Employee DishonestySikich LLP
 
Cdic 2009 fraud audit pairat 4
Cdic 2009 fraud audit pairat 4Cdic 2009 fraud audit pairat 4
Cdic 2009 fraud audit pairat 4Pairat Srivilairit
 
Combating Fraud : Putting in Place an Effective Audit System to Detect and Pr...
Combating Fraud : Putting in Place an Effective Audit System to Detect and Pr...Combating Fraud : Putting in Place an Effective Audit System to Detect and Pr...
Combating Fraud : Putting in Place an Effective Audit System to Detect and Pr...Pairat Srivilairit
 
Flagship payroll
Flagship payrollFlagship payroll
Flagship payrollPaige Marie
 
Internal Control Assessment For A Company Essay
Internal Control Assessment For A Company EssayInternal Control Assessment For A Company Essay
Internal Control Assessment For A Company EssayMary Brown
 

Ähnlich wie Internal Controls (20)

2013 12-12 Nonprofit Fraud Part 3
2013 12-12 Nonprofit Fraud Part 32013 12-12 Nonprofit Fraud Part 3
2013 12-12 Nonprofit Fraud Part 3
 
Accountability And Auditing In Professional Practice
Accountability And Auditing In Professional PracticeAccountability And Auditing In Professional Practice
Accountability And Auditing In Professional Practice
 
Fraud Prevention, Detection and Investigation in the Payday Advance Industry
Fraud Prevention, Detection and Investigation in the Payday Advance IndustryFraud Prevention, Detection and Investigation in the Payday Advance Industry
Fraud Prevention, Detection and Investigation in the Payday Advance Industry
 
Red Flags You’re Missing: How Manufacturers Can Detect and Prevent Employee F...
Red Flags You’re Missing: How Manufacturers Can Detect and Prevent Employee F...Red Flags You’re Missing: How Manufacturers Can Detect and Prevent Employee F...
Red Flags You’re Missing: How Manufacturers Can Detect and Prevent Employee F...
 
Forensic accounting session
Forensic accounting sessionForensic accounting session
Forensic accounting session
 
2014-06-11 Nonprofit Fraud - What You Need to Know Part III - The Prevention
2014-06-11 Nonprofit Fraud - What You Need to Know Part III - The Prevention2014-06-11 Nonprofit Fraud - What You Need to Know Part III - The Prevention
2014-06-11 Nonprofit Fraud - What You Need to Know Part III - The Prevention
 
China's collections and financial risk kirkendall sept 2018
China's collections and financial risk   kirkendall sept 2018China's collections and financial risk   kirkendall sept 2018
China's collections and financial risk kirkendall sept 2018
 
Fraud risk management lahore oct 15
Fraud risk management lahore oct 15Fraud risk management lahore oct 15
Fraud risk management lahore oct 15
 
Binary Scam Watch Monitor | Restriction Of Online Scam
Binary Scam Watch Monitor | Restriction Of Online ScamBinary Scam Watch Monitor | Restriction Of Online Scam
Binary Scam Watch Monitor | Restriction Of Online Scam
 
How Secure is your Business? Fraud Risk Analysis and Security Management
How Secure is your Business? Fraud Risk Analysis and Security ManagementHow Secure is your Business? Fraud Risk Analysis and Security Management
How Secure is your Business? Fraud Risk Analysis and Security Management
 
How to prepare for your first anti fraud review
How to prepare for your first anti fraud reviewHow to prepare for your first anti fraud review
How to prepare for your first anti fraud review
 
Steps for setting up Internal Audit Function / Department in Small / Medium S...
Steps for setting up Internal Audit Function / Department in Small / Medium S...Steps for setting up Internal Audit Function / Department in Small / Medium S...
Steps for setting up Internal Audit Function / Department in Small / Medium S...
 
Financial Shenanigans I.pptx
Financial Shenanigans I.pptxFinancial Shenanigans I.pptx
Financial Shenanigans I.pptx
 
Red Flags of Municipal Fraud: Preventing Employee Dishonesty
Red Flags of Municipal Fraud: Preventing Employee DishonestyRed Flags of Municipal Fraud: Preventing Employee Dishonesty
Red Flags of Municipal Fraud: Preventing Employee Dishonesty
 
Cdic 2009 fraud audit pairat 4
Cdic 2009 fraud audit pairat 4Cdic 2009 fraud audit pairat 4
Cdic 2009 fraud audit pairat 4
 
Combating Fraud : Putting in Place an Effective Audit System to Detect and Pr...
Combating Fraud : Putting in Place an Effective Audit System to Detect and Pr...Combating Fraud : Putting in Place an Effective Audit System to Detect and Pr...
Combating Fraud : Putting in Place an Effective Audit System to Detect and Pr...
 
Flagship payroll
Flagship payrollFlagship payroll
Flagship payroll
 
Isa 2
Isa 2 Isa 2
Isa 2
 
Payro
PayroPayro
Payro
 
Internal Control Assessment For A Company Essay
Internal Control Assessment For A Company EssayInternal Control Assessment For A Company Essay
Internal Control Assessment For A Company Essay
 

Kürzlich hochgeladen

Harvard Business Review.pptx | Navigating Labor Unrest (March-April 2024)
Harvard Business Review.pptx | Navigating Labor Unrest (March-April 2024)Harvard Business Review.pptx | Navigating Labor Unrest (March-April 2024)
Harvard Business Review.pptx | Navigating Labor Unrest (March-April 2024)tazeenaila12
 
Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024Borderless Access
 
Fabric RFID Wristbands in Ireland for Events and Festivals
Fabric RFID Wristbands in Ireland for Events and FestivalsFabric RFID Wristbands in Ireland for Events and Festivals
Fabric RFID Wristbands in Ireland for Events and FestivalsWristbands Ireland
 
Live-Streaming in the Music Industry Webinar
Live-Streaming in the Music Industry WebinarLive-Streaming in the Music Industry Webinar
Live-Streaming in the Music Industry WebinarNathanielSchmuck
 
AMAZON SELLER VIRTUAL ASSISTANT PRODUCT RESEARCH .pdf
AMAZON SELLER VIRTUAL ASSISTANT PRODUCT RESEARCH .pdfAMAZON SELLER VIRTUAL ASSISTANT PRODUCT RESEARCH .pdf
AMAZON SELLER VIRTUAL ASSISTANT PRODUCT RESEARCH .pdfJohnCarloValencia4
 
Project Brief & Information Architecture Report
Project Brief & Information Architecture ReportProject Brief & Information Architecture Report
Project Brief & Information Architecture Reportamberjiles31
 
Data skills for Agile Teams- Killing story points
Data skills for Agile Teams- Killing story pointsData skills for Agile Teams- Killing story points
Data skills for Agile Teams- Killing story pointsyasinnathani
 
7movierulz.uk
7movierulz.uk7movierulz.uk
7movierulz.ukaroemirsr
 
Slicing Work on Business Agility Meetup Berlin
Slicing Work on Business Agility Meetup BerlinSlicing Work on Business Agility Meetup Berlin
Slicing Work on Business Agility Meetup BerlinAnton Skornyakov
 
IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...
IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...
IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...AustraliaChapterIIBA
 
Developing Coaching Skills: Mine, Yours, Ours
Developing Coaching Skills: Mine, Yours, OursDeveloping Coaching Skills: Mine, Yours, Ours
Developing Coaching Skills: Mine, Yours, OursKaiNexus
 
NewBase 25 March 2024 Energy News issue - 1710 by Khaled Al Awadi_compress...
NewBase  25 March  2024  Energy News issue - 1710 by Khaled Al Awadi_compress...NewBase  25 March  2024  Energy News issue - 1710 by Khaled Al Awadi_compress...
NewBase 25 March 2024 Energy News issue - 1710 by Khaled Al Awadi_compress...Khaled Al Awadi
 
TalentView Webinar: Empowering the Modern Workforce_ Redefininig Success from...
TalentView Webinar: Empowering the Modern Workforce_ Redefininig Success from...TalentView Webinar: Empowering the Modern Workforce_ Redefininig Success from...
TalentView Webinar: Empowering the Modern Workforce_ Redefininig Success from...TalentView
 
BCE24 | Virtual Brand Ambassadors: Making Brands Personal - John Meulemans
BCE24 | Virtual Brand Ambassadors: Making Brands Personal - John MeulemansBCE24 | Virtual Brand Ambassadors: Making Brands Personal - John Meulemans
BCE24 | Virtual Brand Ambassadors: Making Brands Personal - John MeulemansBBPMedia1
 
Ethical stalking by Mark Williams. UpliftLive 2024
Ethical stalking by Mark Williams. UpliftLive 2024Ethical stalking by Mark Williams. UpliftLive 2024
Ethical stalking by Mark Williams. UpliftLive 2024Winbusinessin
 
Cracking the ‘Business Process Outsourcing’ Code Main.pptx
Cracking the ‘Business Process Outsourcing’ Code Main.pptxCracking the ‘Business Process Outsourcing’ Code Main.pptx
Cracking the ‘Business Process Outsourcing’ Code Main.pptxWorkforce Group
 
The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...
The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...
The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...Brian Solis
 
Intellectual Property Licensing Examples
Intellectual Property Licensing ExamplesIntellectual Property Licensing Examples
Intellectual Property Licensing Examplesamberjiles31
 
Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024Borderless Access
 

Kürzlich hochgeladen (20)

Harvard Business Review.pptx | Navigating Labor Unrest (March-April 2024)
Harvard Business Review.pptx | Navigating Labor Unrest (March-April 2024)Harvard Business Review.pptx | Navigating Labor Unrest (March-April 2024)
Harvard Business Review.pptx | Navigating Labor Unrest (March-April 2024)
 
Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024
 
Fabric RFID Wristbands in Ireland for Events and Festivals
Fabric RFID Wristbands in Ireland for Events and FestivalsFabric RFID Wristbands in Ireland for Events and Festivals
Fabric RFID Wristbands in Ireland for Events and Festivals
 
Live-Streaming in the Music Industry Webinar
Live-Streaming in the Music Industry WebinarLive-Streaming in the Music Industry Webinar
Live-Streaming in the Music Industry Webinar
 
Investment Opportunity for Thailand's Automotive & EV Industries
Investment Opportunity for Thailand's Automotive & EV IndustriesInvestment Opportunity for Thailand's Automotive & EV Industries
Investment Opportunity for Thailand's Automotive & EV Industries
 
AMAZON SELLER VIRTUAL ASSISTANT PRODUCT RESEARCH .pdf
AMAZON SELLER VIRTUAL ASSISTANT PRODUCT RESEARCH .pdfAMAZON SELLER VIRTUAL ASSISTANT PRODUCT RESEARCH .pdf
AMAZON SELLER VIRTUAL ASSISTANT PRODUCT RESEARCH .pdf
 
Project Brief & Information Architecture Report
Project Brief & Information Architecture ReportProject Brief & Information Architecture Report
Project Brief & Information Architecture Report
 
Data skills for Agile Teams- Killing story points
Data skills for Agile Teams- Killing story pointsData skills for Agile Teams- Killing story points
Data skills for Agile Teams- Killing story points
 
7movierulz.uk
7movierulz.uk7movierulz.uk
7movierulz.uk
 
Slicing Work on Business Agility Meetup Berlin
Slicing Work on Business Agility Meetup BerlinSlicing Work on Business Agility Meetup Berlin
Slicing Work on Business Agility Meetup Berlin
 
IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...
IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...
IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...
 
Developing Coaching Skills: Mine, Yours, Ours
Developing Coaching Skills: Mine, Yours, OursDeveloping Coaching Skills: Mine, Yours, Ours
Developing Coaching Skills: Mine, Yours, Ours
 
NewBase 25 March 2024 Energy News issue - 1710 by Khaled Al Awadi_compress...
NewBase  25 March  2024  Energy News issue - 1710 by Khaled Al Awadi_compress...NewBase  25 March  2024  Energy News issue - 1710 by Khaled Al Awadi_compress...
NewBase 25 March 2024 Energy News issue - 1710 by Khaled Al Awadi_compress...
 
TalentView Webinar: Empowering the Modern Workforce_ Redefininig Success from...
TalentView Webinar: Empowering the Modern Workforce_ Redefininig Success from...TalentView Webinar: Empowering the Modern Workforce_ Redefininig Success from...
TalentView Webinar: Empowering the Modern Workforce_ Redefininig Success from...
 
BCE24 | Virtual Brand Ambassadors: Making Brands Personal - John Meulemans
BCE24 | Virtual Brand Ambassadors: Making Brands Personal - John MeulemansBCE24 | Virtual Brand Ambassadors: Making Brands Personal - John Meulemans
BCE24 | Virtual Brand Ambassadors: Making Brands Personal - John Meulemans
 
Ethical stalking by Mark Williams. UpliftLive 2024
Ethical stalking by Mark Williams. UpliftLive 2024Ethical stalking by Mark Williams. UpliftLive 2024
Ethical stalking by Mark Williams. UpliftLive 2024
 
Cracking the ‘Business Process Outsourcing’ Code Main.pptx
Cracking the ‘Business Process Outsourcing’ Code Main.pptxCracking the ‘Business Process Outsourcing’ Code Main.pptx
Cracking the ‘Business Process Outsourcing’ Code Main.pptx
 
The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...
The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...
The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...
 
Intellectual Property Licensing Examples
Intellectual Property Licensing ExamplesIntellectual Property Licensing Examples
Intellectual Property Licensing Examples
 
Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024
 

Internal Controls

  • 1. Making Your Business Secure: What’s Enough? Internal Controls from a Non-IT Perspective Presented By Michelle Pyan, LPI, MBA Commercial Investigations LLC September 22, 2011
  • 3. Making Your Business Secure: What’s Enough? Internal Controls from a Non-IT Perspective BACKGROUND INVESTIGATIONS Check references and do background checks before hiring employees. • Your Employees • Your Client’s Employees
  • 4. Making Your Business Secure: What’s Enough? Internal Controls from a Non-IT Perspective BACKGROUND INVESTIGATIONS • Making the Case – Discourages Undesirable Applicant’s – Encourages Open Communication – Eliminates Uncertainty – Demonstrates Due Diligence – Promotes Workplace Safety – Excellent Return on Investment
  • 5. Making Your Business Secure: What’s Enough? Internal Controls from a Non-IT Perspective BACKGROUND INVESTIGATIONS • ROI / Cost Benefit – Employee Pilferage – Commercial Bribery – Embezzlement – Vandalism – Burglary – Insurance/Workers Compensation fraud – Arson – Computer Fraud
  • 6. Making Your Business Secure: What’s Enough? Internal Controls from a Non-IT Perspective BACKGROUND INVESTIGATIONS • Credit Reports – Determine if employee is living within their means – Deters employee fraud – Must be job related • Crucial for Payroll Handling Employees • Crucial for management or any other executive involved in signing off on payroll documentation
  • 7. Making Your Business Secure: What’s Enough? Internal Controls from a Non-IT Perspective BACKGROUND INVESTIGATIONS • Drug Testing – Employee Habits Such as Drug Abuse can Induce Fraud – A Complete Background Check will Include a Drug Test
  • 8. Making Your Business Secure: What’s Enough? Internal Controls from a Non-IT Perspective PAYROLL FRAUD • Ghost Employee • False Wage Claim • False Expense
  • 9. Making Your Business Secure: What’s Enough? Internal Controls from a Non-IT Perspective PAYROLL FRAUD • Ghost Employee – What
  • 10. Making Your Business Secure: What’s Enough? Internal Controls from a Non-IT Perspective PAYROLL FRAUD • Ghost Employee – How • Add to Payroll • False Time Sheet • Issue Wage Payment • Collect the Payment
  • 11. Making Your Business Secure: What’s Enough? Internal Controls from a Non-IT Perspective PAYROLL FRAUD • Ghost Employee – Prevent • No Cash Payments • Supervisors Approve Payroll • Add Employees Only with Approval • Performance Reviews Based on Payroll Register • Rotate Responsibility for Payroll Functions • Have Management Check the Payroll
  • 12. Making Your Business Secure: What’s Enough? Internal Controls from a Non-IT Perspective PAYROLL FRAUD • False Wage Claim – What
  • 13. Making Your Business Secure: What’s Enough? Internal Controls from a Non-IT Perspective PAYROLL FRAUD • False Wage Claim – How • Altering Time Sheets – How are the Hours Recorded
  • 14. Making Your Business Secure: What’s Enough? Internal Controls from a Non-IT Perspective PAYROLL FRAUD • False Wage Claim – Prevent • Move Employees to Salary • Strict Controls on Overtime • Control the Recording of Hours Actually Worked
  • 15. Making Your Business Secure: What’s Enough? Internal Controls from a Non-IT Perspective PAYROLL FRAUD • False Expense – What • Mischaracterized Expenses • Inflated Expenses • False Expenses • Multiple Claims
  • 16. Making Your Business Secure: What’s Enough? Internal Controls from a Non-IT Perspective PAYROLL FRAUD • False Expense – How • Mischaracterized Expenses • Inflated Expenses • False Expenses • Multiple Claims
  • 17. Making Your Business Secure: What’s Enough? Internal Controls from a Non-IT Perspective PAYROLL FRAUD • False Expense – Who • Employees who are Reimbursed • Employees that Process Expense Claims
  • 18. Making Your Business Secure: What’s Enough? Internal Controls from a Non-IT Perspective PAYROLL FRAUD • Lessons Learned – Not all Frauds Involve Employees Directly Stealing Money or Assets – Not all Frauds Occur Once and in Large Amounts – Employees Charged with Protecting the Payroll System are Best Placed to Defraud the System and Hide the Evidence
  • 19. Making Your Business Secure: What’s Enough? Internal Controls from a Non-IT Perspective PAYROLL FRAUD • Anonymous Hotlines – More Frauds are Uncovered via Tips than any other Method – Accidental Discovery is the Second Most Common Method of Detecting Fraudulent Activity
  • 20. Making Your Business Secure: What’s Enough? Internal Controls from a Non-IT Perspective CLIENT VETTING Does the company exist in state corporate records? Is the signatory a principal of the company?
  • 21. Making Your Business Secure: What’s Enough? Internal Controls from a Non-IT Perspective CLIENT VETTING • Tips – Cursory searches • White Pages • Google • Pipl • Etc. . . . – Experian Biz Apps Reports – Third Party Site Inspection
  • 22. Making Your Business Secure: What’s Enough? Internal Controls from a Non-IT Perspective CLIENT VETTING Screen your prospects.
  • 23. Making Your Business Secure: What’s Enough? Internal Controls from a Non-IT Perspective QUESTIONS AND ANSWERS
  • 24. Making Your Business Secure: What’s Enough? Internal Controls from a Non-IT Perspective DISCLAIMER The information provided in this presentation does not constitute legal or accounting advise. It is for information and discussion purposes only. This presentation may not be reproduced without the written consent of the author.
  • 25. Making Your Business Secure: What’s Enough? Internal Controls from a Non-IT Perspective THANK YOU! Michelle L. Pyan, LPI MBA President Commercial Investigations LLC Licensed Private Investigative Agency www.commercialinvestigationsllc.com (800) 284-0906 michellepyan@commercialinvestigationsllc.com

Hinweis der Redaktion

  1. SMILEIntroduce Myself – Bio Highlights
  2. Check references and do background checks before hiring employees who will have access to sensitive data.
  3. • Risk of an Unsuitable Hire Outweighs Screening CostsThe (FDIC) guidance points out that although there are costs associated with an effective screening process, hiring someone without such screening can carry significantly heavier financial consequences. Depending on the extent of the background check, the cost per employee could run from $25 for a basic search to $150 and up for a complete set of searches. Comparatively, the cost to replace an unsuitable hire averages more than $7,000, and a settlement stemming from a negligent hiring lawsuit averages more than $1.6 million.
  4. How Useful?Employment screening will:Insure the safety of all your employees and customers Increase company productivity Reduce turnover and training costs Protect you and your company from liability in a lawsuit Reduce Costs By Conducting Background ChecksIt costs $7,000 to replace a salaried employee, $10,000 to replace a mid-level employee, and $40,000 to replace a senior executive. - Recruiting Times The average organization loses more than $9 per day, per employee, and 6% of its annual revenue to fraud and abuse. - Association of Certified Fraud Examiners The American Management Association reported losses to U.S. Business due to:Employee pilferage over $10 billion. Commercial bribery over $10 billion. Embezzlement over $4 billion Vandalism over $2.5 billion Burglary over $2.5 billion Insurance/Workers Compensation fraud over $2 billion. Arson over $1.3 billion. Computer Fraud over $1 billion.
  5. Due Diligence Background Investigation Report – 02052009.Drug TestCredit ReportMVR
  6. This is fraud that attacks the payroll system of a business. It includes schemes against salaries and wages payment systems and expense reimbursement systems. Payroll frauds can be categorized into three general areas;1. ghost employee frauds2. false wage claim frauds3. false expense reimbursement frauds The first two frauds attack the actual wage payment system, the third type attacks the expense reimbursement system
  7. Any employee can commit payroll fraud, but how they would do so will depend upon the role they have within the business.To commit a ghost employee fraud, the employee will need to be able to add the ghost employee to the payroll register and collect payments to it. GHOST EMPLOYEE FRAUDSWhat is a ghost employee?A ghost employee is someone recorded on the payroll system, but that does not work for the business. The ghost can be a real person that (knowingly or not) is placed into the system, or a fictitious person invented by the fraudster.The aim of the fraud is to have a wage paid to the ghost and collected by the fraudster. The system does not require an accomplice but, depending on the method of payment (cash, check or direct deposit of wages), an accomplice may make the fraud easier to conduct, as it will eliminate the need to convert the payment from the ghost to the fraudster.
  8. How is this fraud done?There are four basic steps to a ghost employee fraud.1. Add the ghost to the payroll system; - this may be as simple as using the “add Employee” function in the payroll system. In this way ghosts can be added without the normal authorization paperwork.2. Generate false time sheet or wage information to create a payment to the ghost;3. Issue a wage payment to the ghost;4. Collect the payment and if necessary converted it into a useable form. Adding ghost employees to the register may be as simple as using the 'Add Employee' function in the payroll system, where these employees may be added without the normal authorization paperwork.Ghost employees may be paid by salary - not requiring any time sheets or other wage information - or by wage where this information will have to be created as required. It is easier to make the ghost a salaried employee or similar so that constant maintenance of the fraud is not required. Once the ghost has been added to the system, the wage payment should be automatically generated.The payment needs to be collected in a way that does not raise suspicion. If the payment cannot be collected, the fraud cannot work. Cash payments may be difficult to collect but are also difficult to trace after the fact. Cheques may be mailed to the fraudster, but they leave a paper trail that may be followed. A lot of businesses pay employees by direct deposit into bank accounts. While this is the easiest way for the fraudster to get the money, it leaves the most direct paper trail.
  9. How do you prevent this fraud?Six controls may reduce the likelihood of ghost employee frauds. They will not guarantee the frauds will not be committed but will reduce the opportunity for them to start and increase the chance of detection.1. Do not make cash payments to employees as these are easily taken and leave no trail to the fraudster once the scheme is detected.2. Have non-payroll supervisors approve payroll payments to their direct employees on a random basis. This should highlight names on the payroll register that nobody recognizes.3. Add and remove employees only with approval and verification by a number of people, or at least someone outside the payroll department. Ideally this person will be the manager under which that the employee will or did work.4. Organize performance reviews to occur personally with all employees on the payroll register, not organized for particular sites. Ghost employees do not work on a site and therefore will be missed by this review process. Not all businesses require performance reviews but similar checks should be implemented.5. Rotate responsibility for payroll functions.6. Have management check the payroll listing from time to time looking for suspicious names and addresses, and randomly meet employees on the payroll register.
  10. False wage claim frauds are generally committed by employees working on an hourly or a piecemeal basis. It is difficult for salaried workers to make such claims as their pay is not dependent upon any one variable factor. What is false wage claim fraud?False wage claim fraud is falsely adding extra hours or other relevant factors to wage information to increase remuneration. Some employees are paid on an hourly rate, or have to clock in and out from work. They are remunerated for the standard hours worked and any overtime that they undertake. Casual employees are only paid for hours worked. These employees may add extra hours to their time sheet to get extra pay.Some employees are paid on another piecemeal basis (e.g. number of parts produced). They may have the opportunity to falsely record extra work performed. The fraud is the same as false hours fraud, but just use another type of standard to calculate remuneration.
  11. How does the fraud work?The fraud is done simply by altering time sheets, the time recording system directly, or any other factor that determines the level of remuneration. The initial factor to consider is how the hours of other factors are recorded.Some employers use time clocks that record the start and finish times. Some do not record the normal working week, but only record overtime. Hours are recorded by the employee themselves on the honor system, and some by supervisors who may or may not be present when the work is done. Some overtime must be requested by management, some can be done on the authority of the employee themselves. It is important to determine the method of recording the hours to know how the system can be manipulated.This fraud can be transposed to other systems of remuneration. Employees that are remunerated by sales commissions may have the opportunity to falsify sale records to increase commissions. In effect, any employee that is remunerated against a standard may be able to manipulate that standard to increase their remuneration.
  12. How do you prevent this fraud?Salaried employees generally do not have the opportunity to commit this fraud. It may be possible to move some non-salaried employees to salaries to reduce that opportunity.The fraud has two variances, that may be used together. The first is to add overtime hours to the time sheet when those hours are not worked. Stricter control over overtime will make this scheme harder to perpetrate. Requiring all overtime to be authorized beforehand and having the employee clocked off by management immediately thereafter will lessen the opportunity, but will add a layer of cost to the business. The method of recording the hours must be controlled in a manner appropriate to the business.The second variance is to record the normal hours, but not work them. This can be done by having someone else clock an employee out at the usual time, when the employee is not there. The method of recording the hours actually worked has to be controlled in a manner appropriate to the business.The same approach may be taken with recording any other standard used to pay employees.
  13. FALSE EXPENSE REIMBURSEMENT FRAUDSFalse expense frauds can be committed by any employee entitled to make claims for reimbursement of expenses or by people processing these claims. What is false expense reimbursement fraud?False expense reimbursement fraud is the making of improper claims for the reimbursement of business expenses. There are four major types this fraud.Mischaracterized expenses,(b) Inflated expenses,(c) False expenses, and(d) Multiple claims.
  14. How does this fraud work?The different variances of the fraud work as follows:1. Mischaracterized expenses are non-business expenses that the employee claims as a business expense. They could be dinners with friends that are claimed as client dinners, holidays that have been claimed as business trips, etc.2. Inflated expenses are legitimate business expenses that have been inflated in size. The increase is the profit kept by the employee. This can be done as easily as having the person issuing the receipt make it out to an inflated amount, or the fraudster may falsify the receipt themselves.3. False expenses are purely fictitious expenses made up by the employee to obtain a reimbursement when there has been no expenditure, business related or not. Receipts can be generated or stolen by the employee.4. Multiple claims are making the same business expense claim more than once, through different people or against a client's account and again against the business. They double the payment for the one expense.
  15. Who commits these frauds?Any employee that has the right to claim for reimbursement of business expenses may commit these frauds. Also the people that process these claims have the opportunity to process false or inflated claims under the names of other (innocent) employees.
  16. LESSONS TO BE LEARNED1. Not all frauds involve employees directly stealing money or assets. Payroll frauds occur when employees have the business pay them amounts to which they are not entitled, and have the payment recorded as a legitimate expense.2. Not all frauds occur once and in large amounts. Payroll frauds are generally continuous and for small amounts. The business will generally not miss smaller amounts of money as quickly as larger amounts, but will eventually add up to a significant amount.3. Employees charged with protecting the payroll system are best placed to defraud the system and hide the evidence.
  17. “Organizations with fraud hotlines cut their fraud losses by approximately 50% per scheme. Internal audits, external audits, and background checks also significantly reduce fraud losses.”Association of Certified Fraud ExaminersGlobal Compliance:* Sarbanes-Oxley requires public companies to have a confidential and anonymous employee reporting mechanism* Employee hotlines support ethics and compliance concerns ranging from harassment reporting to company fraud reporting* Employee hotlines are the #1 channel for fraud detection – accounting for over 30% of all tips* Organizations with hotlines decrease their median loss by over 60%
  18. You'd be surprised how often I receive a signed contract from a new client, only to find that the contract is completely unenforceable. Why? It's usually due to one of these reasons:* The official name of the company does not exist in the corporate records of the state or region in which the contract needs to be enforceable.* The signatory is signing on behalf of a legitimate company, but is not listed as a principal of that company.
  19. Client Validation / Authentication ProcessVerify the client holds a valid business license by searching Department of State or Secretary of State business directory.Conduct a basic cyber investigation to verify client information found online.Verify business contact information and location with information found in the telephone directory.Conduct site inspection of client location via Google EarthThird Party InspectionCI utilizes On-site Verification service from Global Compliance™ which enables time efficient, cost-effective, on-site physical evaluations and inspections ensuring compliance with data protection legislation. In line with the Fair Credit Reporting Act (FCRA), On-site verification enables verification of the legitimacy and business purpose of prospective clients desiring access to consumer data.When a company "checks out clean", don't think that your investment in their history check is wasted -- you've simply bought some security for yourself and eliminated a risk factor from your business.
  20. A good goal is to make sure that the client is who they say they are, confirm that the signatory is authorized to sign on behalf of the company, and verify that the company is legal and doing real business. Consider things such as:* Have there been any bankruptcies? When? * Is it currently in litigation with other clients or partners? Have other vendors had legal proceedings with this company? * Has the company been late on its state or federal tax filings? This is found on the Secretary of State site in some cases. * Is the business's corporate status ok? A corporate status of 'forfeit' or 'deferred' might be major a warning sign. * Are any of the principals involved in other litigation? Perform a name check on all the principals to see if they are litigant or otherwise problematic business people. * Are there any sales/size estimations or reporting? DnB sometimes provides this information, but be sure to note if the data is reported or was simply estimated by Dunn and Bradstreet. * Does the company's self-description correspond to the records you're finding? * Has the company been involved in successor corporations, complex stock dealings, or other activities not consistent with their size or business type? * Are there any liens, judgments, lawsuits, or injunctions about the company? If so, look for the Website of the court that holds the information about that event -- they might have publicly available records, too.