1. Top 10 Banking Fraud
Practical Discussion of Fraud Schemes by Bank Insiders
and How to Prevent Fraud from Occurring
Top 10 Banking Fraud
ไพรัช ศรีว ไ ลฤทธิ์ pairat@tisco.co.th
ิ 1
9. How Fraud is Committed
Asset misappropriations were most common but low
loss. Fraudulent statements were least common with
highest loss.
Breakdown of All Occupational Fraud Schemes — Median Loss
Top 10 Banking Fraud
ไพรัช ศรีว ไ ลฤทธิ์ pairat@tisco.co.th
ิ 9
10. Bank Most Common Fraud
Greatest percentage (15%) of fraud occurred in banking
and financial services sector.
Top 10 Banking Fraud
ไพรัช ศรีว ไ ลฤทธิ์ pairat@tisco.co.th
ิ 10
11. ปัจ จัย ที่เ ป็น ต้น เหตุท ุจ ริต
ทุจริตในองค์กรไม่วำจะเป็นรูปแบบใดเกิดจำก 3 ปัจจัยที่เรียก
่
ว่ำ สำมเหลี่ยมทุจริต (The Fraud Triangle)
re
Pr ำ ร
su
Op
ก
โ อ rtun
es
tiv ้อ ง
po
ก ำ ity
en ม ต
e/
ส
Inc ค ว ำ
เหตุผ ล
Rationalization / Attitude
Top 10 Banking Fraud
ไพรัช ศรีว ไ ลฤทธิ์ pairat@tisco.co.th
ิ 11
26. How Fraud is Detected
It takes 24 months on average to catch employee fraud
Initial Detection of Occupational Frauds 4
30/07/12
26
27. Key Indicators of Fraud
Tips / Complaints
Missing / Alteration of documents
Duplicate / Unreasonable expenses or reimbursements
Failure of certain employees to take vacations
Failure to follow up on past-due receivables
Unusual write-offs of receivables
Employees on the payroll not sign up for benefits
Excessive purchase of products or services
Common phone numbers / addresses of payees or
customers
30/07/12
27
28. Key Indicators of Fraud
(Continued)
Cash shortages / overages
Stale items on bank reconciliations
Unexplained adjustments / Journal entries
Unusual financial statement relationships i.e.
– Increased revenue vs. decreased receivable
– Increased revenue vs. decreased inventory purchase
– Increased inventory vs. decreased purchase or A/P
Significant increases or decreases in account balances
Significant changes in liquidity, leverage,
profitability or turnover ratios
30/07/12
28
29. Limiting Fraud Losses
Surprise audit and job rotation are still overlooked by many organizations.
30/07/12
29
30. Limiting Fraud Losses
Surprise audit, job rotation, and anonymous reporting showed the greatest impact on fraud
losses.
30/07/12
30
31. Bank Case Symptoms
Supervisory override, unusually large transactions or
with no apparent business purpose
Journal voucher contain only one signature, containing
incorrect information, fund transfer between different
customers' accounts
Deposit slip with missing information, depositor names
incomplete or not match with passbook or acct name.
Frequent, large deposit/withdrawal in Executive account
Deposits and withdrawals on same account on same day
or in a short period of time
Bank checks used to transfer between accounts /
checks with altered date.
30/07/12
31
32. Symptoms ... More
Purported customer signature on withdrawal voucher and
checks
Large negative balances in slush accts or customer accts
Deposit slip of customer funds between accts of different
customers
Deposits of customer check where cash was received
back
CDs closed prematurely with proceeds put into low
interest account, sometimes with penalty
Customer not presented when account was opened,
closed or transacted
Mailing of customer statement to Executive address
30/07/12
32
33. Bank Fraud Trend
Fraud financial cost may be three or more times the
value of loss amount
Fraud is not static. It evolves with each new measures
implemented
New opportunities for employee fraud are emerging
Criminals thwart rules-based systems
“Silo” mentality weakens fraud detection
Top management are moving toward an enterprise
focus on anti-fraud systems
Regulatory expectations are increasing
Solutions require commitment, investment, and talent
30/07/12
33
34. Insider Threat
“Deliberate misuse by those who are authorized to use
computer and networks.”
Insiders include employees, contactors, consultants,
temporary helper, personnel from third-party business
partner, etc.
30/07/12
34
35. Facts about Insider Misuses
Most were not technically sophisticated or complex
Most were thought out and planned in advance
Most were motivated by financial gain
Most perpetrators of banking and finance incidents
– Not hold technical position
– Never engage in technical attack or hacking
– Not necessarily perceived as problem employees
Executed at workplace during normal business hours
Detected by various channels and methods.
30/07/12
35
36. Misuse of Applications
Applications Legitimate Use Misuse
Client/Server Message exchange Unusual exchange to degrade
performance
Connectivity to server Exceedingly connection (DOS)
Execution of tasks Execute privileged procedure
Mail Clients Send and receive e-mails Illegal content / remote attack /
private use / overload network
Browsers / Browse Internet / play files View illegal content
Multimedia View cached file and Display other users’ viewed files
player history and accesses
Programming Develop program Create malware
Tools Display memory segment Access memory segment with
sensitive information
General- Read / write Access temp file for sensitive
purpose information / modify temp file to
Applications change program flow
30/07/12 Input strings Buffer overflow
36
37. Universal of
Internal Computer Fraud
Data Capture
Billing Schemes Errors
Spyware &&
Forged Corruption && Ghost Spyware Duplicate Over
Forged Corruption Ghost Key loggers Duplicate Over Payment to
Endorsement Price initiation Vendor Key loggers Payment to
Endorsement Price initiation Vendor Payments Payments Erroneous
Payments Payments Erroneous
Accomplice Quid Pro Quo && Return Early Missing or Bad Employees
Accomplice Quid Pro Quo Return Employees
Vendor
Vendor Barter Schemes && Voids
Barter Schemes Voids Fund Transfer Early
Payments
Missing or Bad & Vendors
Information & Vendors
Payments Information
Personal Passing of Payment of Invoices Unauthorized
Personal Duplicate Information
Purchase Passing of Payment of Invoices
for Non-existing Suppliers
Unauthorized
Transfer of Funds
Duplicate Information
Purchase for Non-existing Suppliers Transfer of Funds
Program Altering Schemes
Manipulation of Data Input Computer
Computer Changing Program Setting Improper
Changing Program Setting Improper
Data
Data Falsification of
Falsification of Data
Data
Fraud
Fraud
and Data Ownership
and Data Ownership Parameter
Parameter
Integrity Stock Record Suppression Use of Malware Alteration of Program
Integrity Stock Record Suppression
Attack to Cover Theft Use of Malware Alteration of Program
Attack to Cover Theft (e.g. Trojans) and Data File
of Stocks (e.g. Trojans) and Data File
of Stocks
Information Privacy Risk
Loss of Employee
Payroll Schemes Loss of Transmission of
Transmission of Employee
Intellectual Confidential Data Downloading
Check Tampering
Intellectual Confidential Data Downloading
Ghost False Property (i.e. TCP/IP) Hacker Tools
Ghost False Property (i.e. TCP/IP) Hacker Tools Forged Endorsement
Employee Communication Through For ID Theft Forged Endorsement Skimming
Employee Communication Through For ID Theft Skimming
Fraud Employee Purpose
Fraud Employee Purpose Forged Checks Write-off of
Worker’s Falsified Posting Forged Checks Write-off of
Worker’s Falsified Peer-to-peer Posting Employee
Compensation Wages Peer-to-peer Confidential Employee Money Due
Compensation Wages Filing Sharing Confidential Downloads Alter Payee Money Due
Scheme Filing Sharing Company Downloads Alter Payee to Company
Scheme Company && Nefarious
Nefarious to Company
Information
Information Applications
30/07/12 Applications
30/07/12 37 37
38. Types of Application Controls
Access Controls Data Origination / Input Controls
Check Integrity Check whether sources Check ifif data
Authorization
Authorization
Check Integrity
of Data entered Check whether sources Check data
Identification && of Data entered from staff direct input, is within
Identification Into Business from staff direct input, is within
Authentication Accountability Audit Into Business remote by business partner, specified
Authentication Accountability Audit Application remote by business partner, specified
Application or through web-enabled parameter
or through web-enabled parameter
application
Physical Devices (i.e. biometric application
Physical Devices (i.e. biometric
scan, metal locks, hidden path, Ensure accuracy, completeness and Ensure accuracy with optimum
scan, metal locks, hidden path, Ensure accuracy, completeness and Ensure accuracy with optimum
digital signatures, encryption, timeliness of data during conversion computerized validation
digital signatures, encryption, timeliness of data during conversion computerized validation
social barriers, human and automated from original sources into computer and editing,
social barriers, human and automated from original sources into computer and editing,
monitoring systems etc.), data or entry to computer application
monitoring systems etc.), data or entry to computer application
either manual, online input or batch. Error handling procedure
either manual, online input or batch. Error handling procedure
Permit or deny use of an object facilitate timely
Permit or deny use of an object facilitate timely
and accurate resubmission
and accurate resubmission
of all corrected data
of all corrected data
Application
Application
Controls
Controls
Data Processing
Output Control
Ensure accuracy, completeness
Ensure accuracy, completeness
and timeliness of data during Ensure data is accurately Ensure integrity of output and the correct
and timeliness of data during Ensure data is accurately Ensure integrity of output and the correct
either Batch or real-time processed through and timely distribution of output produced
either Batch or real-time processed through and timely distribution of output produced
processing by application. the application either in hardcopy, files to be used as input
processing by application. the application either in hardcopy, files to be used as input
for other system, or information
No data is added, lost or altered during processing for other system, or information
No data is added, lost or altered during processing available for online viewing
available for online viewing
30/07/12
30/07/12 38 38
39. Example of Detection System
General
Ledger
XBRL Business
XBRL Business
Report Engine
Report Engine
Business
Report XSLT
Branch
Branch Spreadsheet
Loan Application
Dataset
Web Application
Main Office
Main Office Web Browser
Web Browser Server Server
XML XML
document document
Branch
Branch XML
SYSLOG Key Fraud Signature
Misuse detection
Rules data & metadata
IDS Engine
Firewall and
Router Log Event Correlation
30/07/12 Database
30/07/12 39 39
55. Managing Insider Threat
Strong authentication / biometric technologies
Role-based access granted on a need-to-have basis
Rotate job function / event log reading
Place server and sensitive equipment in secured area
Restrict physical access / lock / alarm test
Wear badge / background check
Default password / unused port / log-off on absence
Encrypt sensitive data stored on user hard drives
Store sensitive document in secured space
Never issue password over unsecured channels
Top 10 Banking Fraud
ไพรัช ศรีว ไ ลฤทธิ์ pairat@tisco.co.th
ิ 55
56. Aware of Warning Signs
Rogue access point / wireless / remote
Disgruntled employee
A user accesses database or area of network they
have never accessed before
Download spike
Top 10 Banking Fraud
ไพรัช ศรีว ไ ลฤทธิ์ pairat@tisco.co.th
ิ 56
57. Fraud Prevention
Checklist
Good internal control
Employee fraud awareness training / hotline
Analytical review / surprise fraud audits
Review company contracts
Perception of detection / management oversight
Proactive fraud policy and program / prosecution
Mandatory vacations / periodic job rotation
Screen job applicants
Information security review / limit access / audit trail
Management climate / employee support program
Top 10 Banking Fraud
ไพรัช ศรีว ไ ลฤทธิ์ pairat@tisco.co.th
ิ 57
58. Summary
Auditor's roles in combating fraud
Promote culture of honesty and high ethics
Assess and mitigate the risk of fraud
Ensure control adequacy and effectiveness
Use data mining and statistical analysis tools
Analyze financial statements reports
Being alert on predication of fraud
Ensure investigations are properly conducted
Ensure proper follow-up actions are taken
Develop your anti-fraud knowledge and skills
Top 10 Banking Fraud
ไพรัช ศรีว ไ ลฤทธิ์ pairat@tisco.co.th
ิ 58
59. About the ACFE
The Association of Certified Fraud Examiners
Start 1988
Provide anti-fraud training and education
Over 50,000 members in 125 countries
Administrate the Certified Fraud Examiner (CFE)
designation- a certification program for fraud practitioners
recognized by U.S. Department of Defense and FBI
More than 20,000 CFE’s worldwide (5 Thais)
$55 Membership Fee
More information about ACFE
http://www.acfe.com
Top 10 Banking Fraud
ไพรัช ศรีว ไ ลฤทธิ์ pairat@tisco.co.th
ิ 59
60. About CFE Exam
Covers 4 areas
– Criminology & Ethics
– Financial Transactions
– Fraud Investigation
– Legal Elements of Fraud
4 Exam sections of 125 questions each (75%)
Administered via computer / must complete each
section in one sitting (2.6 hr)
Complete all and return to ACFE in 30 days
Must pass Qualifying Points System (40/50)
$250 Application Fee
Top 10 Banking Fraud
ไพรัช ศรีว ไ ลฤทธิ์ pairat@tisco.co.th
ิ 60
61. Q&A
PAIRAT SRIVILAIRIT
SVP Head of Internal Audit
TISCO Financial Group Public Company Limited
Mobile : +668 1903 1457
Office : +66 2633 7821
Email : pairat@tisco.co.th
Microsoft Word
Document
Top 10 Banking Fraud
ไพรัช ศรีว ไ ลฤทธิ์ pairat@tisco.co.th
ิ 61
Hinweis der Redaktion
Three categories of occupational frauds : Asset Misappropriations Involve theft or misuse of organization’s assets i.e. skimming revenues, stealing inventory and payroll fraud. Corruption Wrongfully use influence to gain personal benefit contrary to duty to employer or the rights of another i.e. accepting kickbacks, conflicts of interest. Fraudulent Statements Falsification of organization’s financial statements i.e. overstating revenues and understating liabilities or expenses.
Cash Misappropriations Out of 508 cases in our study, 440 cases (87%) involved some form of cash misappropriation. According to the Fraud Tree, cash frauds fall into one of three categories: • Fraudulent Disbursements, in which the perpetrator causes his organization to disburse funds through some trick or device. Common examples include submitting false invoices or forging company checks. • Skimming, in which cash is stolen from an organization before it is recorded on the organization’s books and records • Cash Larceny, in which cash is stolen from an organization after it has been recorded on the organization’s books and records Approximately three-fourths of the cash frauds in our study involved some form of fraudulent disbursement, making this the most common category by far. Schemes that involved a fraudulent disbursement also had the highest median loss, at $125,000.
Banking and Financial Services Not surprisingly, in the banking and financial services sector, misappropriations of cash on hand were much more common than among all cases. Cash on hand schemes involve the theft of cash maintained on the premises of a victim organization. Banks have significant stores of cash on their premises, which can make them targets for this type of fraud. Cash on hand schemes tend to be relatively low-cost, with a median loss of $35,000 among the cases in our study. Corruption cases, on the other hand, tend to be much more costly; their median loss was $375,000. We reviewed 132 cases that targeted financial institutions, and one-third of those frauds involved corruption, which was a higher rate than among all cases. Conversely, other common forms of occupational fraud like false billing, skimming, non-cash theft, and check tampering were much less common in banking institutions than among all cases reported.
RELATED ARTICLE: Signals of Fraud * Alteration of documents. * Duplicate payments. * Second endorsements on checks. * Stale items on bank reconciliations. * Journal entries without supporting documentation. * Unexplained adjustments to accounts receivable, accounts payable, revenues, or expenses. * Failure of certain employees to take vacations. * Failure to follow up on past-due receivables. * Shortages in delivered goods. * Employees on the payroll who do not sign up for benefits. * Complaints by customers. * Significant increases or decreases in account balances. * Unusual financial statement relationships such as: * Increased revenues with decreased receivables. * Increased revenues with decreased purchases of inventory. * Increased inventory with decreased purchases or payables to vendors. * Unusual write-offs of receivables. * Products or services purchased in excess of needs. * Unreasonable expenses or reimbursements. * Cash shortages or overages. * Common names, telephone numbers, and addresses of payees or customers. * Missing documentation. * Excessive voids or credits. * Tips from employees. * Significant changes in liquidity, leverage, profitability, or turnover ratios.
RELATED ARTICLE: Signals of Fraud * Alteration of documents. * Duplicate payments. * Second endorsements on checks. * Stale items on bank reconciliations. * Journal entries without supporting documentation. * Unexplained adjustments to accounts receivable, accounts payable, revenues, or expenses. * Failure of certain employees to take vacations. * Failure to follow up on past-due receivables. * Shortages in delivered goods. * Employees on the payroll who do not sign up for benefits. * Complaints by customers. * Significant increases or decreases in account balances. * Unusual financial statement relationships such as: * Increased revenues with decreased receivables. * Increased revenues with decreased purchases of inventory. * Increased inventory with decreased purchases or payables to vendors. * Unusual write-offs of receivables. * Products or services purchased in excess of needs. * Unreasonable expenses or reimbursements. * Cash shortages or overages. * Common names, telephone numbers, and addresses of payees or customers. * Missing documentation. * Excessive voids or credits. * Tips from employees. * Significant changes in liquidity, leverage, profitability, or turnover ratios.
This study covers 508 cases of occupational fraud totaling over $761 million in losses. All information was provided by the Certified Fraud Examiners (CFEs) who investigated these cases. • Organizations suffer tremendous costs as a result of occupational fraud and abuse. Participants in this study, anti-fraud specialists with a median 16 years’ experience in the fraud examination field, estimate that the typical U.S. organization loses 6% of its annual revenues to fraud. Applied to the US Gross Domestic Product for 2003, this translates to approximately $660 billion in total losses. • Our data strongly supports Sarbanes-Oxley’s requirement for audit committees to establish confidential reporting mechanisms. Occupational frauds in our study were much more likely to be detected by a tip than through other means such as internal audits, external audits, and internal controls. Among frauds committed by owners and executives, which tend to be the most costly, over half of all cases were identified by a tip. • Confidential reporting mechanisms reduce fraud losses significantly. The median loss among organizations that had anonymous reporting mechanisms was $56,500. In organizations that did not have established reporting procedures, the median loss was more than twice as high. • While Sarbanes-Oxley only requires publicly traded companies to establish confidential reporting mechanisms for employees, our data strongly suggests that these programs should also embrace third-party sources such as customers and vendors. Among cases that were detected by a tip, 60% of the tips came from employees, 20% of the tips came from customers, 16% came from vendors, and 13% came from anonymous sources. Companies that have implemented basic employee hotlines to ensure Sarbanes-Oxley compliance could detect significantly more frauds by making their hotlines available to third parties as well. • More effective internal controls are needed to detect fraud. Internal controls ranked fourth – behind By Accident – in terms of the number of frauds detected in our study. Furthermore, the frauds that were detected by internal controls tended to be relatively small, with a median loss of $40,000, which was by far the lowest of any detection method. More effective types of internal controls are needed to detect fraud, especially larger frauds that may involve senior personnel overriding or circumventing traditional internal controls. • Small businesses suffer disproportionately large losses due to occupational fraud and abuse. The median cost experienced by small businesses in our study was $98,000. This was higher than the median loss experienced by all but the very largest organizations. Small businesses are less likely to be able to survive such losses and should better protect themselves from fraud. • The loss caused by occupational fraud is directly related to the position of the perpetrator. Frauds committed by owners and executives caused a median loss of $900,000, which was six times higher than the losses caused by managers, and 14 times higher than the losses caused by employees. Despite this fact, organizations were less likely to take legal action against owners and executives who had committed fraud than they were against employees and managers. This may remove a useful deterrent and unnecessarily expose such organizations to additional high-dollar frauds. • Most occupational fraudsters are first time offenders. Only 12% of the fraudsters in our study had a previous conviction for a fraud-related offense. Criminal background checks can help organizations make informed hiring decisions, but they will not weed out all fraudsters because most frauds are committed by apparently honest employees. • The most cost-effective way to deal with fraud is to prevent it. According to our study, once an organization has been defrauded it is unlikely to recover its losses. The median recovery among victim organizations in our study was only 20% of the original loss. Almost 40% of victims recovered nothing at all.
This study covers 508 cases of occupational fraud totaling over $761 million in losses. All information was provided by the Certified Fraud Examiners (CFEs) who investigated these cases. • Organizations suffer tremendous costs as a result of occupational fraud and abuse. Participants in this study, anti-fraud specialists with a median 16 years’ experience in the fraud examination field, estimate that the typical U.S. organization loses 6% of its annual revenues to fraud. Applied to the US Gross Domestic Product for 2003, this translates to approximately $660 billion in total losses. • Our data strongly supports Sarbanes-Oxley’s requirement for audit committees to establish confidential reporting mechanisms. Occupational frauds in our study were much more likely to be detected by a tip than through other means such as internal audits, external audits, and internal controls. Among frauds committed by owners and executives, which tend to be the most costly, over half of all cases were identified by a tip. • Confidential reporting mechanisms reduce fraud losses significantly. The median loss among organizations that had anonymous reporting mechanisms was $56,500. In organizations that did not have established reporting procedures, the median loss was more than twice as high. • While Sarbanes-Oxley only requires publicly traded companies to establish confidential reporting mechanisms for employees, our data strongly suggests that these programs should also embrace third-party sources such as customers and vendors. Among cases that were detected by a tip, 60% of the tips came from employees, 20% of the tips came from customers, 16% came from vendors, and 13% came from anonymous sources. Companies that have implemented basic employee hotlines to ensure Sarbanes-Oxley compliance could detect significantly more frauds by making their hotlines available to third parties as well. • More effective internal controls are needed to detect fraud. Internal controls ranked fourth – behind By Accident – in terms of the number of frauds detected in our study. Furthermore, the frauds that were detected by internal controls tended to be relatively small, with a median loss of $40,000, which was by far the lowest of any detection method. More effective types of internal controls are needed to detect fraud, especially larger frauds that may involve senior personnel overriding or circumventing traditional internal controls. • Small businesses suffer disproportionately large losses due to occupational fraud and abuse. The median cost experienced by small businesses in our study was $98,000. This was higher than the median loss experienced by all but the very largest organizations. Small businesses are less likely to be able to survive such losses and should better protect themselves from fraud. • The loss caused by occupational fraud is directly related to the position of the perpetrator. Frauds committed by owners and executives caused a median loss of $900,000, which was six times higher than the losses caused by managers, and 14 times higher than the losses caused by employees. Despite this fact, organizations were less likely to take legal action against owners and executives who had committed fraud than they were against employees and managers. This may remove a useful deterrent and unnecessarily expose such organizations to additional high-dollar frauds. • Most occupational fraudsters are first time offenders. Only 12% of the fraudsters in our study had a previous conviction for a fraud-related offense. Criminal background checks can help organizations make informed hiring decisions, but they will not weed out all fraudsters because most frauds are committed by apparently honest employees. • The most cost-effective way to deal with fraud is to prevent it. According to our study, once an organization has been defrauded it is unlikely to recover its losses. The median recovery among victim organizations in our study was only 20% of the original loss. Almost 40% of victims recovered nothing at all.
This study covers 508 cases of occupational fraud totaling over $761 million in losses. All information was provided by the Certified Fraud Examiners (CFEs) who investigated these cases. • Organizations suffer tremendous costs as a result of occupational fraud and abuse. Participants in this study, anti-fraud specialists with a median 16 years’ experience in the fraud examination field, estimate that the typical U.S. organization loses 6% of its annual revenues to fraud. Applied to the US Gross Domestic Product for 2003, this translates to approximately $660 billion in total losses. • Our data strongly supports Sarbanes-Oxley’s requirement for audit committees to establish confidential reporting mechanisms. Occupational frauds in our study were much more likely to be detected by a tip than through other means such as internal audits, external audits, and internal controls. Among frauds committed by owners and executives, which tend to be the most costly, over half of all cases were identified by a tip. • Confidential reporting mechanisms reduce fraud losses significantly. The median loss among organizations that had anonymous reporting mechanisms was $56,500. In organizations that did not have established reporting procedures, the median loss was more than twice as high. • While Sarbanes-Oxley only requires publicly traded companies to establish confidential reporting mechanisms for employees, our data strongly suggests that these programs should also embrace third-party sources such as customers and vendors. Among cases that were detected by a tip, 60% of the tips came from employees, 20% of the tips came from customers, 16% came from vendors, and 13% came from anonymous sources. Companies that have implemented basic employee hotlines to ensure Sarbanes-Oxley compliance could detect significantly more frauds by making their hotlines available to third parties as well. • More effective internal controls are needed to detect fraud. Internal controls ranked fourth – behind By Accident – in terms of the number of frauds detected in our study. Furthermore, the frauds that were detected by internal controls tended to be relatively small, with a median loss of $40,000, which was by far the lowest of any detection method. More effective types of internal controls are needed to detect fraud, especially larger frauds that may involve senior personnel overriding or circumventing traditional internal controls. • Small businesses suffer disproportionately large losses due to occupational fraud and abuse. The median cost experienced by small businesses in our study was $98,000. This was higher than the median loss experienced by all but the very largest organizations. Small businesses are less likely to be able to survive such losses and should better protect themselves from fraud. • The loss caused by occupational fraud is directly related to the position of the perpetrator. Frauds committed by owners and executives caused a median loss of $900,000, which was six times higher than the losses caused by managers, and 14 times higher than the losses caused by employees. Despite this fact, organizations were less likely to take legal action against owners and executives who had committed fraud than they were against employees and managers. This may remove a useful deterrent and unnecessarily expose such organizations to additional high-dollar frauds. • Most occupational fraudsters are first time offenders. Only 12% of the fraudsters in our study had a previous conviction for a fraud-related offense. Criminal background checks can help organizations make informed hiring decisions, but they will not weed out all fraudsters because most frauds are committed by apparently honest employees. • The most cost-effective way to deal with fraud is to prevent it. According to our study, once an organization has been defrauded it is unlikely to recover its losses. The median recovery among victim organizations in our study was only 20% of the original loss. Almost 40% of victims recovered nothing at all.
This study covers 508 cases of occupational fraud totaling over $761 million in losses. All information was provided by the Certified Fraud Examiners (CFEs) who investigated these cases. • Organizations suffer tremendous costs as a result of occupational fraud and abuse. Participants in this study, anti-fraud specialists with a median 16 years’ experience in the fraud examination field, estimate that the typical U.S. organization loses 6% of its annual revenues to fraud. Applied to the US Gross Domestic Product for 2003, this translates to approximately $660 billion in total losses. • Our data strongly supports Sarbanes-Oxley’s requirement for audit committees to establish confidential reporting mechanisms. Occupational frauds in our study were much more likely to be detected by a tip than through other means such as internal audits, external audits, and internal controls. Among frauds committed by owners and executives, which tend to be the most costly, over half of all cases were identified by a tip. • Confidential reporting mechanisms reduce fraud losses significantly. The median loss among organizations that had anonymous reporting mechanisms was $56,500. In organizations that did not have established reporting procedures, the median loss was more than twice as high. • While Sarbanes-Oxley only requires publicly traded companies to establish confidential reporting mechanisms for employees, our data strongly suggests that these programs should also embrace third-party sources such as customers and vendors. Among cases that were detected by a tip, 60% of the tips came from employees, 20% of the tips came from customers, 16% came from vendors, and 13% came from anonymous sources. Companies that have implemented basic employee hotlines to ensure Sarbanes-Oxley compliance could detect significantly more frauds by making their hotlines available to third parties as well. • More effective internal controls are needed to detect fraud. Internal controls ranked fourth – behind By Accident – in terms of the number of frauds detected in our study. Furthermore, the frauds that were detected by internal controls tended to be relatively small, with a median loss of $40,000, which was by far the lowest of any detection method. More effective types of internal controls are needed to detect fraud, especially larger frauds that may involve senior personnel overriding or circumventing traditional internal controls. • Small businesses suffer disproportionately large losses due to occupational fraud and abuse. The median cost experienced by small businesses in our study was $98,000. This was higher than the median loss experienced by all but the very largest organizations. Small businesses are less likely to be able to survive such losses and should better protect themselves from fraud. • The loss caused by occupational fraud is directly related to the position of the perpetrator. Frauds committed by owners and executives caused a median loss of $900,000, which was six times higher than the losses caused by managers, and 14 times higher than the losses caused by employees. Despite this fact, organizations were less likely to take legal action against owners and executives who had committed fraud than they were against employees and managers. This may remove a useful deterrent and unnecessarily expose such organizations to additional high-dollar frauds. • Most occupational fraudsters are first time offenders. Only 12% of the fraudsters in our study had a previous conviction for a fraud-related offense. Criminal background checks can help organizations make informed hiring decisions, but they will not weed out all fraudsters because most frauds are committed by apparently honest employees. • The most cost-effective way to deal with fraud is to prevent it. According to our study, once an organization has been defrauded it is unlikely to recover its losses. The median recovery among victim organizations in our study was only 20% of the original loss. Almost 40% of victims recovered nothing at all.
This study covers 508 cases of occupational fraud totaling over $761 million in losses. All information was provided by the Certified Fraud Examiners (CFEs) who investigated these cases. • Organizations suffer tremendous costs as a result of occupational fraud and abuse. Participants in this study, anti-fraud specialists with a median 16 years’ experience in the fraud examination field, estimate that the typical U.S. organization loses 6% of its annual revenues to fraud. Applied to the US Gross Domestic Product for 2003, this translates to approximately $660 billion in total losses. • Our data strongly supports Sarbanes-Oxley’s requirement for audit committees to establish confidential reporting mechanisms. Occupational frauds in our study were much more likely to be detected by a tip than through other means such as internal audits, external audits, and internal controls. Among frauds committed by owners and executives, which tend to be the most costly, over half of all cases were identified by a tip. • Confidential reporting mechanisms reduce fraud losses significantly. The median loss among organizations that had anonymous reporting mechanisms was $56,500. In organizations that did not have established reporting procedures, the median loss was more than twice as high. • While Sarbanes-Oxley only requires publicly traded companies to establish confidential reporting mechanisms for employees, our data strongly suggests that these programs should also embrace third-party sources such as customers and vendors. Among cases that were detected by a tip, 60% of the tips came from employees, 20% of the tips came from customers, 16% came from vendors, and 13% came from anonymous sources. Companies that have implemented basic employee hotlines to ensure Sarbanes-Oxley compliance could detect significantly more frauds by making their hotlines available to third parties as well. • More effective internal controls are needed to detect fraud. Internal controls ranked fourth – behind By Accident – in terms of the number of frauds detected in our study. Furthermore, the frauds that were detected by internal controls tended to be relatively small, with a median loss of $40,000, which was by far the lowest of any detection method. More effective types of internal controls are needed to detect fraud, especially larger frauds that may involve senior personnel overriding or circumventing traditional internal controls. • Small businesses suffer disproportionately large losses due to occupational fraud and abuse. The median cost experienced by small businesses in our study was $98,000. This was higher than the median loss experienced by all but the very largest organizations. Small businesses are less likely to be able to survive such losses and should better protect themselves from fraud. • The loss caused by occupational fraud is directly related to the position of the perpetrator. Frauds committed by owners and executives caused a median loss of $900,000, which was six times higher than the losses caused by managers, and 14 times higher than the losses caused by employees. Despite this fact, organizations were less likely to take legal action against owners and executives who had committed fraud than they were against employees and managers. This may remove a useful deterrent and unnecessarily expose such organizations to additional high-dollar frauds. • Most occupational fraudsters are first time offenders. Only 12% of the fraudsters in our study had a previous conviction for a fraud-related offense. Criminal background checks can help organizations make informed hiring decisions, but they will not weed out all fraudsters because most frauds are committed by apparently honest employees. • The most cost-effective way to deal with fraud is to prevent it. According to our study, once an organization has been defrauded it is unlikely to recover its losses. The median recovery among victim organizations in our study was only 20% of the original loss. Almost 40% of victims recovered nothing at all.
RELATED ARTICLE: Signals of Fraud * Alteration of documents. * Duplicate payments. * Second endorsements on checks. * Stale items on bank reconciliations. * Journal entries without supporting documentation. * Unexplained adjustments to accounts receivable, accounts payable, revenues, or expenses. * Failure of certain employees to take vacations. * Failure to follow up on past-due receivables. * Shortages in delivered goods. * Employees on the payroll who do not sign up for benefits. * Complaints by customers. * Significant increases or decreases in account balances. * Unusual financial statement relationships such as: * Increased revenues with decreased receivables. * Increased revenues with decreased purchases of inventory. * Increased inventory with decreased purchases or payables to vendors. * Unusual write-offs of receivables. * Products or services purchased in excess of needs. * Unreasonable expenses or reimbursements. * Cash shortages or overages. * Common names, telephone numbers, and addresses of payees or customers. * Missing documentation. * Excessive voids or credits. * Tips from employees. * Significant changes in liquidity, leverage, profitability, or turnover ratios.
ข้อเท็จจริงเกี่ยวกับผู้ทุจริตและการทุจริต Mr Somkiat allegedly abused his authority as a teller by transferring some 700,000-900,000 baht from GHB's interest accounts into his personal bank accounts every day for a year-and-a-half. He allegedly made about 30 transfers per day, with each transfer amounting to 30,000 baht. Transfers were made via ATMs to numerous accounts Mr Somkiat had opened with several banks located in the Siam Square area of Bangkok's Pathumwan district. According to Mr Khan, Mr Somkiat made the transfers after working hours, a time when GHB had already finished its daily clearing. "Mr Somkiat showed no signs of irregularities at all. He acted like an ordinary office worker who came to work by bus," Mr Khan said.Mr Somkiat had won an award for being an outstanding member of GHB's staff, and he had earned the trust of clients at the branch he worked at, the bank's president said.
จากปัจจัย 2 ประการข้างต้น คณะกรรมการสามารถสรุปได้คือ The fraud evidently coincided with the bank's introduction of a new core banking system, installed by with Datamat/SuperblockInfosys as a subcontractor. Before the new system was introduced, access to the bank's general ledger accounts was open only to level-9 bank staff with verification made by level-11 executives. When the new IT system was introduced, access to the bank's general ledger accounts was incorporated into the system, but without sufficient firewalls and security systems to block unauthorised access, according to the inquiry report. The lack of safeguards allowed staff at all levels to see the accounts within the system, including interest rate policies and even loan contract terms of customers. One executive said the decision to include the general ledger accounts in the core banking system was made to facilitate work at the bank. ''There was nothing necessarily wrong with the core banking system. But it is also necessary to set up sufficient safeguards and access barriers, which evidently was not done,'' he said. Responsibility for the case is likely to fall on the bank's IT staff, internal control officers as well as the manager of the St Louis branch. The role of executives involved in the core banking system 1 . ระบบงานโดยเฉพาะหน้าจอที่ใช้ในการปรับปรุงดอกเบี้ยจ่าย และการทำรายการข้ามสาขา หรือ MENU HXFER เปิดให้พนักงานทุกระดับสามารถทำรายการได้ใน บัญชี GL ของธนาคารโดยไม่มีการ Verify มีสาเหตุมาจาก 1.1 ธนาคารไม่ได้กำหนดสิทธิในการเข้าถึง MENU HXFER ทั้งที่เมนูดังกล่าวสามารถเชื่อมโยงกับงานบัญชี GL ของธนาคาร เนื่องจาก Architecture ของ CBS ระบบเก่าและใหม่ แตกต่างกันอย่างมีสาระสำคัญ คือ ในระบบใหม่ได้รวมระบบ GL เข้าไว้ในระบบ ในขณะที่ระบบเดิมแยกระบบ GL ออกต่างหาก ซึ่งผู้ที่เกี่ยวข้อง รับทราบประเด็นความแตกต่างดังกล่าวหากแต่ไม่ได้ตระหนักถึงความเสี่ยง หรือโอกาสที่จะก่อให้เกิดความเสียหายหากไม่มีระบบการควบคุมที่เหมาะสม 1.2 ภายหลังจากการ GO LIVE แล้ว ธนาคารประสบปัญหาในการให้บริการ โดยเฉพาะธุรกรรมเงินฝากซึ่งระบบคิดดอกเบี้ยเงินฝากประจำที่จ่ายให้ผู้ฝากผิด จึงได้นำ MENU HXFER มาใช้ในการปรับปรุงรายการดอกเบี้ยจ่าย 1.3 ธนาคารได้กำหนดการปิดระบบของสาขา จะเป็นการปิดเปิดระบบจากส่วนกลางพร้อมกันทุกสาขา ซึ่งจะปิดระบบภายหลังจากที่เคาน์เตอร์การเงินปิดให้บริการ แล้วในเวลาประมาณ 20.00 น . จึงเปิดโอกาสให้นายสมเกียรติสามารถเข้าไปทำรายการทุจริตนอกเวลาทำการ
Fraud Prevention Checklist * Increase use of analytical review. * Review company contracts. * Conduct a threat analysis. * Consult a certified fraud examiner. * Create and maintain a fraud policy. * Create an employee fraud hotline. * Impose mandatory vacations. * Create periodic job rotation. * Check employee references twice. * Evaluate password system and use. * Track unsuccessful attempts to access a computer. * Encrypt data files and data transmissions. * Maintain appropriate backup of files. * Use the best virus protection. * Maintain a computer transaction log. * Scan files and diskettes for viruses. * Request an information system security review. * Perform surprise fraud audits.
TOPIC: Combating Fraud: Putting in Place an Effective Audit System to Detect and Prevent Fraud Ø Key indicators of fraud Ø Types of fraud associated with the activities reviewed Ø Prevention aids by internal auditors Ø Techniques for enabling the detection and investigation of fraudulent activities
The Naval Criminal Investigative Service (NCIS), Department of the Navy and the Office of Inspector General of the Port Authority of New York & New Jersey recently recognized the CFE credential for hiring and promotional purposes. Both recognitions are part of the Association of Certified Fraud Examiner’s (ACFE) Law Enforcement Partnership program and have plans to work toward having all current investigators achieve this valuable credential. They also join the ranks of government agencies such as the FBI, the U.S. Postal Inspection Service, the Government Accountability Office and the Department of Defense.
CFE Exam covers four areas Criminology & Ethics - The purpose of this section is to test your knowledge of criminological concepts and to evaluate your understanding of the underlying ethics of the fraud examination profession. This part includes administration of criminal justice, theories of crime causation, theories of fraud prevention, crime information sources, and ethical situations. Financial Transactions - This section tests your knowledge of the types of fraudulent financial transactions incurred in accounting records. To pass this section, you will be required to demonstrate knowledge of these concepts: basic accounting and auditing theory, fraud schemes, internal controls to deter fraud and other auditing and accounting matters. Fraud Investigation - This section includes questions in the following areas: interviewing, taking statements, obtaining information from public records, tracing illicit transactions, evaluating deception and report writing. Legal Elements of Fraud - This section ensures that you are familiar with the many legal ramifications of conducting fraud examinations, including criminal and civil law, rules of evidence, rights of the accused and accuser and expert witness matters.