Professional Documents
Culture Documents
Management Centre
Contents
Contents..................................................................................................................................................................2
Introduction........................................................................................................................................................1
What is Fraud....................................................................................................................................................5
Lifestyle Fraud.................................................................................................................................................14
2
..
.
Other Fraud Danger .Signals.............................................................................................................................21
..
..
.
Next Steps ...................................................................................................................................................... 22
Conclusion ......................................................................................................................................................27
Fraud Theory...................................................................................................................................................41
Introduction......................................................................................................................................................48
Initial Enquiries.................................................................................................................................................49
3
..
..
..
Police Involvement........................................................................................................................................... 53
.. .................................................................................................................................53
Company Fraud Register
.
Fraud Response Plan review............................................................................................................................53
Case Study............................................................................................................................................................61
Sales Controls.................................................................................................................................................61
Purchase Controls...........................................................................................................................................62
Bank Controls..................................................................................................................................................63
Resources.......................................................................................................................................................63
4
Overview of “Creative Accounting” Techniques and the Red-Flags of
Fraud
Introduction
Why didn’t you see it? There was fraud and you missed it. Conducting a “should of” after a
fraud happens may show that red flags were present. If you had only recognized the
warning signs, then that loss may not have occurred or been substantially reduced. Based
on a recent survey by the Association of Certified Fraud Examiners (ACFE), occupational
fraud substantially increases organizational costs. It is a myth that fraud is a big scheme
that should have been uncovered sooner and easy to detect. Fraud starts small and just
gets bigger and bigger, until something becomes noticeably different or unusual.
According to a report from BDO Stoy Hayward companies’ trusted internal management
and the people they do business with every day are behind hundreds of millions of pounds
worth of losses every year. Management are robbing you bind says Simon Bevan.
The combination of spiralling debts and desperate employees spells real danger for
business warns Bevan.
Fraud damages the economy. It is not victimless, but it is indiscriminate, hitting both rich
and poor. Fraud is not just about share support operations: it has an impact on individuals
and on the economy as a whole. Fraud involves no violence, and leaves no tangible
visible scars, but it can be devastating in its effects. It is said that 16 people committed
suicide as a result of losses incurred over the Barlow Clowes fraud. It is undoubtedly
costly. The Head of the City of London Fraud Squad recently looked at the historical
picture and discovered that the economic cost of fraud to the UK economy was
While, the most recent comprehensive study, the third report of the Fraud Advisory Panel,
put the annual economic cost at £14 billion per year; and the authors believed that even
this was an underestimate. This equates to some £230 per head of population
There is also a strong likelihood that a significant amount of commercial fraud is never
reported by companies for fear of gaining a bad reputation. Anecdotally, I have learned
that at least one major insurance company "routinely" receives claims against fraud
insurance policies exceeding £50million, but that these are never reported to the police or
elsewhere.
I believe that we must be seen to tackle fraud effectively, for economic, social,
international and moral reasons.
Economic justification for eliminating Fraud
I have already mentioned cost, both to individuals and the economy as a whole. There is
also another economic aspect. Fraud corrodes confidence: it has a negative economic
effect. It undermines confidence and the standing of our financial services industry and our
global reputation as a place where clean business can be done. If investors lose
confidence in our ability to police our markets, they may take their business elsewhere.
The fact is that a successful economy requires a healthy and well-regulated marketplace
to retain and increase investment. Tackling fraud effectively is important for the reputation
of UK markets.
There is a social dimension as well. Social equality requires that we bear down on white
collar crime as effectively as on benefit fraud. Since 1997, the number of Benefits Agency
investigations resulting in successful prosecutions or cautions and penalties as an
alternative to prosecution has risen from 11,700 to 26,958, and over a similar period the
level of fraud and error in Income Support and Job Seekers’ Allowance has reduced by
£180million, or roughly 18%. This work is now undertaken by Job Centre Plus. We need
to match this approach in white collar crime. Tackling fraud effectively demonstrates an
even-handed approach to justice: dealing with white collar criminals as well as those
responsible for the bulk of crime.
We are determined to play our part in the worldwide effort to tackle international terrorism
and drug trafficking. Fraud, money laundering and the use of the proceeds of crime to
finance further crime are inextricably linked.
Finally, there is an issue about the distribution of the resources of the state – where public
money is siphoned off through fraud; that means less money to go to the pensioner,
disabled person or low-income family who really need it.
In summary, tackling fraud effectively fits in to our wider economic, social and international
agenda.
In this country we have developed a sophisticated set of mechanisms for regulating the
markets and tackling City and company fraud. Principal among these, in the regulated
sector, is the Financial Services Authority with a wide range of powers of investigation,
and an impressively creative series of sanctions available to it, ranging from withdrawal of
authorisation through to fine, public censure, injunctions, restitution, prohibition orders and
banning orders. The DTI, in its policing of the company sector, has available to it the
nuclear weapon of applying for the winding up of a company, and the ability to bring
disqualification proceedings. The revenue departments are able to exact harsh financial
penalties for revenue fraud.
2
No-one should doubt the effectiveness of these sanctions, or the impact on individuals.
The disqualification proceedings in Barings were heavily fought at a cost of hundreds of
thousands of pounds. In the City, the loss of one’s reputation, and the inability to secure
similar employment, are devastating consequences of being caught out.
But I do believe that there is a range of cases where these sanctions are not by
themselves sufficient, and the public rightly expects:
2. A penalty of the kind that might be applied to any other individual guilty of
criminal behaviour. In some cases, prison will be appropriate. The courts are fully
conscious of the devastating blow of conviction and imprisonment for a
professional man. But where individuals abuse their privilege and trusted position
in order to carry out a fraud, relying in fact upon their previously impeccable
character to mask their wrong-doing, prison will often be appropriate. Equally,
courts have chosen to mark the fact that certain frauds, such as insurance
frauds, deserve imprisonment because they are difficult to discover and involve
detailed and carefully planned dishonesty, and that therefore a sentence of
imprisonment is required as a deterrent. The courts also draw a distinction
between cases of honest businesses falling into difficulties, causing a director or
controller to resort in desperation to fraud, with a situation in which a scheme
was from the start a fraudulent enterprise and substantial sums of money and
property were obtained. In such circumstances, quite severe sentences are
passed.
So there are cases where it is clear from the start that a response by a criminal
investigation and prosecution agency is required.
As some of you will know the SFO was established in 1988 as a result of a
recommendation in the Roskill report for the creation of a unified fraud investigations and
prosecution agency which would be responsible for serious and complex fraud cases
The Criminal Justice Act 1987 created the SFO. The distinctive feature was that powers of
investigation and prosecution were given to the Director of the SFO.
The SFO has not always had a fair press, so let me state unequivocally: the record of the
SFO is impressive and it has more than proved its worth.
In its 14 years of operation, the SFO has prosecuted more than 237 cases involving 516
defendants. 366 (71%) were convicted. In the period under Rosalind Wright, 69 cases
have been prosecuted involving 134 defendants. 115 (86%) were convicted. There are no
recidivists in SFO cases: convicted defendants do not reoffend. It is well known that SFO
prosecutions have a deterrent effect. Yet the SFO is delivering these lengthy and highly
complex cases on small resources – an average of 2½ staff per case.
A successful SFO deters fraud as well as prosecutes it and helps to maintain confidence
in the probity of business and financial services in the UK.
3
Other countries model themselves on the SFO approach.
Multi-disciplinary investigations:
In the SFO, forensic accountants play a vital role in supporting investigations both
internally and as external appointees. They provide a perspective that other investigators
do not have and are often chosen for their specific experience of the sector which is being
investigated (i.e. insurance on Independent). Forensic accountants also bring not just
numeracy but an inquiring minds (not just what happened but why). They enable the SFO
to focus investigations on issues that are important to a successful investigation rather
than issues which appear curious to an outsider.
Often it is the thoroughness of the work undertaken by forensic accountants which tips the
balance in cases. It is now rare for their work to be challenged because of the painstaking
and methodical approach that they take. Yet they are often the most compelling of
witnesses because they are able to distil the facts down to their lowest sensible level and,
when aided by suitable graphics, are able to show the "whole" picture in clear and simple
terms. They are often used in this respect to tie the case together by showing the
movement of money and documents which makes sense of the other factual evidence
which shows why people do what they are doing.
The SFO uses a considerable number of forensic accountants and many external firms at
any one time. This experience aids both them and the SFO. They get excellent
experience and an appreciation of the criminal process and the SFO gets a cadre of
persons who understand what it wants when it does get involved in cases.
Another key component of the team is the forensic computer and IT experts, who
decipher, explore, and recover computer material
Finally, of course there are the lawyers: the SFO case controller (Lawyer) responsible for
the direction of the investigation and then throughout the prosecution, supported by
assistant case controllers and investigation lawyers
And Counsel appointed to prosecute in the Crown Court who is generally involved early in
the life of the case
4
Bad Cellular
The Arthur Anderson partner was on his cell phone when he said "Ship the Enron
documents to the Feds."
What is Fraud
“The use of one’s occupation for personal enrichment, through the deliberate misuse or
misapplication of the employing organisation’s resources or assets.” Fraud encompasses
an array of irregularities and illegal acts characterized by intentional deception.
5
The five elements of fraud are:
• Which is believed,
There are four elements that must be present for a person or employee to commit fraud:
• Opportunity
According to the ACFE Report to the Nation on Occupational Fraud and Abuse, U.S.
businesses will lose an estimated $652 billion in 2006 due to fraud. The average
organization loses 5 percent of revenue to fraud and abuse. In addition, based on the
ACFE’s survey of more than 1,100 occupational fraud cases, approximately 24 percent of
these cases resulted in losses of $1 million or more.
Collusion: This ranges from employees describing goods as damaged so they can
benefit, to employees colluding to falsify accounting evidence so that they can deceive
external bodies such as auditors, shareholders or banks.
Customer Fraud: A customer pays with stolen cheques or credit cards. A more
sophisticated fraudster may make and pay for a number of small purchases to build up a
credit rating and then place a large order they do not intend to pay for.
6
Phantom Employee: The fraudster fails to notify the payroll department when an
employee leaves the firm, or notifies the payroll department of a fictitious employee and
then arranges for the salary to be paid into their bank account or that of an accomplice.
Supplier Fraud: Most commonly and employee crates a fictitious supplier with a similar
name to an existing supplier, and then arranges for the payment of its invoices.
The classic model for fraudsters continues to be Other People’s Money: A Study in the
Social Psychology
of Embezzlement. The Fraud Triangle is a term, which is used to describe and explain the
nature of fraud.
While the specific components of each fraud may differ, the fraud triangle may be defined
as this:
•Separation of duties
•Management approval
•System controls
The opportunity to commit and conceal the fraud is the only element over which the local
government has significant control.
Pressure may be anything from unrealistic deadlines and performance goals to personal
vices such as gambling or drugs.
•“I really need this money and I’ll put it back when I get my pay cheque”
7
•“I just can’t afford to lose everything – my home, car, everything”
Occupational fraud can be detected through a number of different methods. The ACFE’s
2006 Survey disclosed that 34.2 percent of frauds were detected through tips, 25.4
percent by accident, and 20.2 percent through internal audits.
A red flag is a set of circumstances that are unusual in nature or vary from the normal
activity. It is a signal that something is out of the ordinary and may need to be investigated
further. Remember that red flags do not indicate guilt or innocence but merely provide
possible warning signs of fraud.
The American Institute of Certified Public Accountants has issued a Statement on Auditing
Standards (SAS) No. 99 - Consideration of Fraud in a Financial Statement Audit - that
highlights the importance of fraud detection. This statement requires the auditor to
specifically assess the risk of material misstatement due to fraud and it provides auditors
with operational guidance on considering fraud when conducting a financial statement
audit. SAS 99’s approach is also valuable for other types of audits.
Being able to recognize red flags is necessary not only for public accountants but also for
any auditor working in the public sector where the potential for fraud to occur exists
Studies of fraud cases consistently show that red flags were present, but were either not
recognized or were recognized but not acted upon by anyone. Once a red flag has been
noted, someone should take action to investigate the situation and determine if a fraud as
been committed. Sometimes an error is just an error. Red flags should lead to some kind
of appropriate action, however, sometimes an error is just an error and no fraud has
occurred. You need to be able to recognize the difference and remember that
responsibility for follow-up investigation of a red flag should be placed in the hands of a
measured and responsible person.
8
The Types of Red Flags for Fraud
Now that we have discussed what red flags and fraud are, it is time to talk about the types
of red flags and fraud that, unfortunately, are common in the workplace today.
What are the red flags that are common to most types of fraudulent activity? Red flags that
are common to most types of fraudulent activity can be categorized as employee and
management red flags. Before we give you examples of employee and management red
flags, it is important to understand more about employee and organizational profiles of
fraud perpetrators. According to the 2006 ACFE survey of more than 1,100 occupational
fraud cases, perpetrators have the following characteristics:
• Too must trust and responsibility placed in one employee - improper separation of
duties.
• Laptops and digital cameras are left out in the open in unlocked offices.
• Supervisors set a bad example by taking supplies home, borrowing equipment for
personal use, padding their expense reimbursements, not paying for personal
long distance phone calls, not recording leave.
9
Fraud Perpetrator Profile:
The majority of occupational fraud cases (41.2 percent) are committed by employees.
However, the median loss for fraud committed by managers was $218,000, which is
almost three times greater than the loss resulting from an employee scheme.
Approximately 61 percent of the fraud cases were committed by men. The median loss
resulting from fraud by males was $250,000, which is more than twice the median loss
attributable to women.
Most fraud perpetrators (87.9 percent) have never been charged or convicted of a crime.
This supports previous research which has found that those who commit occupational
fraud are not career criminals.
Nearly 40 percent of all fraud cases are committed by two or more individuals. The
median loss in these cases is $485,000, which is almost five times greater than the
median loss in fraud cases involving one person.
The median loss attributable to fraud by older employees is greater than that of their
younger counterparts. The median loss by employees over the age of 60 was $713,000.
However, for employees 25 or younger, the median loss was $25,000.
Organizational Profile:
Most costly abuses occur within organizations with less than 100 employees.
Government and Not-for-Profit organizations have experienced the lowest median losses.
• High employee turnover, especially in those areas which are more vulnerable to
fraud
10
Management Red Flags
• Any financial transaction that doesn’t make sense - either common or business
11
• Give away your passwords and approval access codes or store them on the
desktop.
• Since cash is the asset most often misappropriated, local government officials
and auditors should pay close attention to any of these warning signs.
12
• Sudden activity in a dormant banking accounts
• Presence of employee checks in the petty cash for the employee in charge of
petty cash
Red flags that show up in payroll are generally worthy of looking into. Although payroll is
usually an automated function, it is a vulnerable area, especially if collusion is involved.
• Overtime charged for employees who normally would not have overtime wages
13
• Vendors without physical addresses
• Purchasing agents that pick up vendor payments rather than have it mailed
Analytical review that Petrol costs did not correlate with the number of
vehicles in stock in a car rental company. After further substantive
testing, it was revealed that the company was re-cycling petrol bills via
false petty cash claims.
In a recent assignment I noticed that the gross profit levels were not in
line with the budget. After investigating the production records I noticed
that production wastage was low whereas the finished goods wastage
was circa 10%. Further investigation revealed that stock was sent FOC to
companies on the instruction of the MD.
Lifestyle Fraud
Lifestyle Fraud is often committed by trusted employees whom management know well,
so it is important to be on the look out for employee lifestyle issues that may be “red flags”
indicating a fraud risk.
• Some embezzlers are secretive. They don’t want to be caught and will “stash” stolen
funds and be extremely careful with their spending. Other “aspiring” embezzlers want to
14
use, enjoy, share, and show off their fraudulently gained money. Explanations of “new
found” wealth may include:
“I have a few little investments that have been doing really, REALLY well.”
“Great Aunt Ethel passed away and I was totally surprised – she left us quite a nice little
nest egg.”
“I finally decided to get rid of some property that’s been in the family for years.”
Fact: In many cases of fraud, perpetrators openly live beyond their means.
Lifestyle Problem Fraud deals with addictions. Someone who is dependent on drugs,
alcohol, gambling or other addictions typically experience a slow tightening noose of
financial pressures. Desperation fuels monetary needs and, therefore, the need arises to
“borrow” funds to ease the financial dilemma. Employees with addiction problems may be
tough to spot. Many people with addictions can function at fairly high or normal levels of
behaviour during work hours. Presented are a few patterns to look for:
• Absenteeism
• Family problems
Financial Pressures are faced by everyone at some period of time. For a number of
reasons, perhaps beyond their control, employees may find themselves in financially
stressful situations due to a variety of factors. These may include:
• Medical bills
• Family responsibilities
• Divorce
• Debt requirements
15
• College tuition fees
• Gambling debts
• Illicit affairs
Obviously not everyone who faces undue pressure commits fraud, but the higher the
stress level, the more distracted and desperate an employee may become. Fact:
Researchers conclude that the most common reason employees commit fraud has to do
with motivation – the more dissatisfied the employee, the more likely he or she will engage
in criminal behaviour.
•Pilfering stamps
•Stealing of any kind (e.g., cash, petty cash, supplies, equipment, stock, tools, data,
records, etc.)
•Forgery (not just cheque forgery, e.g. forging department head signatures on
purchase orders)
Fraud perpetrated through override of existing controls and for the benefit of the individual
16
•Failing to end personnel assignments for terminated employees and collecting the
pay cheques
• Suppressing debit notes from customers
A few years ago I was told of a fraud. Fictitious invoices from suppliers
were being posted to suspense/expense accounts; the supplier accounts
were then cleared by payments and set off against cash receipts. The
Fraud went concealed for two years because the relevant accounts did
not show up on the Sage accounting system. The Sage TB did not show
nominal accounts where the balance was zero.
At the time, stock counts were performed at the month end but there
was no gross profit analysis undertaken on a day-to-day basis. There was
no stock system and there were no random counts of stock or formal
method of agreeing the stock system to the physical stock. Although
stock was kept in a locked room, there were times when it was
accessible to other members of staff.
17
The managing director implemented the recommendations of the
management report:
I revealed that there was fraud and that two engineers were stealing the
stock from the stock room and taking it out via the back of the building.
These engineers were required to resign. Following their resignation, the
gross profit analysis agreed to the gross profit margin on the
management accounts and the firm once again became profitable.
The Fraud Section obtained an FCPA guilty plea from a former executive
of an international subsidiary of Willbros Group, Inc., a provider of
engineering and other services to the oil and gas industry, who admitted
that he arranged for payment of approximately $1.5 million in cash in
Nigeria. This payment was part of at least $6 million in corrupt payments
promised to Nigerian officials to obtain and retain gas pipeline
construction business in Nigeria. The defendant also admitted that he
participated in a conspiracy involving the submission of fictitious invoices
to fund corrupt payments to Nigerian officials, as well as a conspiracy to
pay at least $300,000 to Ecuadoran officials to obtain a gas pipeline
rehabilitation project in Ecuador.
18
Three former senior executives of General Re Corporation and a former
senior executive of AIG were indicted on conspiracy, securities fraud, and
other charges stemming from a scheme to manipulate AIG’s financial
statements through, among other things, false statements in reports
filed with the SEC. The Fraud Section and the USAO for the Eastern
District of Virginia executed an agreement with AIG in which the
company accepted responsibility for its actions, resolved its criminal
liability, and agreed to pay$25 million in penalties and to cooperate with
the continuing criminal investigation
After doing a stock check of vehicles, the main Asset I discovered a large
discrepancy between the assets values and numbers in the balance
sheet and the physical count. Sales invoices were being suppressed to
reduce VAT, and money being banked into another company as receipts
from insurance claims or elsewhere.
• Use of the Company’s assets for private use (Tools, rooms, and computers and
software)
• Rental of facilities
There are many cases of people installing office software on home PC’s
without prior agreement from the Company.
19
Fraud perpetrated through third party intervention
These sales frauds may also involve collusion between the salespeople and the customer,
or the customer may be another victim. In each of these frauds, however, the ultimate
victim is always the trading entity that employs the manager or the salesperson.
The motive for their actions was that these managers would have
benefited personally from the increased sales from the new account. Eric
certainly didn't benefit, but was in fact, penalized by the extra work
required to clean up the mess created by others.
20
bank says family problems and mental fragility led its rogue trader to
squander €4.9bn in succession of illegal deals
•Conflicts of Interest
•Nepotism
•Breach of Duty
•Favouritism
Company Policy must require all cash shortages and other discrepancies
to be signed off by a departmental head
Two consultants who openly argued with each other in a company, and
showed a complete resentment for each other surprised everyone. They
handed their notices in together and set up in competition to the
Company.
21
A member of staff had problems with his computer. While the in-house
office manager was fixing his PC, she discovered that he had been
raising personal invoices to a customer who had been inactive.
Next Steps
Being aware of red flags is only step one and is usually not enough for the local
government. Once a red flag is identified, you must take action to determine its
effect. Evaluating the red flag may be accomplished by financial analysis,
observation or by any other technique that tests an apparent weakness. Once the
analysis is complete it’s time to move on to correct the situation.
What is the effect on the business at hand? Sometimes red flags that have no
financial impact may not require a change in procedure. Remember though, that a
red flag is a warning that something is or could be wrong. If you discover fraud,
then an investigation is usually the next step. If it is just an error, then
steps should be taken to correct the error and a procedure or follow up should be
initiated to prevent it from occurring again. Financial analysis has several
applications when red flags are present. The most common is to determine what
effect it has on the conduct of the local government. For example, what is the
potential as well as the historical loss as the result of the red flag? What is the cost
to prevent a potential loss from occurring and what will it cost to recoup the
identified loss?
Computer technology gives auditors a new set of techniques for examining the
automated business environment. In fact, the detection of fraud is a perfect
application for computer-assisted audit tools and techniques (CAATTs).
As early as 1982 CAATTs was a powerful audit tool for detecting financial errors.
In recent years, analytical techniques have become not only more powerful but
also more widely used by auditors. But it is only in the last 10 years that the use of
computer-assisted tools and auditing techniques has become standard practice.
22
Audit software can highlight those individual transactions or red flags that
contain characteristics often associated with fraudulent activity. With audit
software, millions of files can be examined, previous years' data can be used to
identify anomalies, and comparisons can be made between different locations.
Also, computer-based data analysis tools can prove invaluable when addressing
suspected fraud situations.
The techniques and types of data interrogations in modern audit software are
almost unlimited. For example, audit software has many commands that support
the auditor's requirement to review transactions for fraud such as the existence of
duplicate transactions, missing transactions, and anomalies. Some examples of
these routines/reports that will highlight red flags include--
* identifying vendors with more than one vendor code or more than one mailing
address;
* sorting payments by amount to identify transactions that fall just under financial
control on contract limits.
*Taxpayer complaints
23
Audit software can be used to interrogate a company's data files and identify data
patterns associated with fraud. may indicate fraudulent activity. Auditors can use
these data patterns to develop a "fraud profile" early in their review of operations.
The patterns can function as auditor-specified criteria; and transactions fitting the
fraud profile can trigger auditor reviews. Systems can even be built to monitor
transactions on an ongoing basis. Continuous monitoring is a proactive approach
to the early detection of fraud.
Computerized techniques and interactive software can help auditors focus their
efforts on the areas of greatest risk. Auditors can choose to exclude low risk
transactions from their review and to focus on those transactions that contain a
higher probability of fraud.
Audit software also provides auditors with the ability to extract information from
several files, with different database management systems, in order to search for
underlying patterns or relationships among data. For example, reviewing data
from the accounts payable and the contracting databases may reveal a
concentration of contracts with one vendor all initiated by the same contracting
officer, leading to concerns about possible kickbacks.
Today's audit software makes "what if" analysis easy to formulate and perform.
Auditors can form an initial hypothesis, test that hypothesis, and revise it as
necessary based on the results of interactive analyses.
Another simple digital analysis technique is to search for invoices with even
sterling/dollar amounts, such as 200.00 or 5,000.00. The existence of particular
even amounts may be a symptom of fraud and should be examined.
24
Case Study: Even Amounts
For a particular quarter, three procedures had ratios higher than 1.30,
the highest being 1.42. A filter was used to identify the records related to
the three procedures in question, and additional analysis was performed.
This quickly determined that one doctor was charging significantly more
than the other doctors for the same procedures. A comparison of
charges from the billing system with payments in the accounts
receivable system revealed that the doctor was skimming off the patient
payments. The amount recorded in the receivable system was in line
with the usual billing amount for the procedures. The doctor was unable
to justify the higher prices or explain the difference in the billing and the
receivable systems.
25
Jonathan, one of the contracting officers, had devised a great win/win
kickback scheme. The auditors decided to use digital analysis as part of
their review of the contracting section. One of the analyses calculated
the total contract amount by supplier for each of the past two years. A
ratio of current year to previous year was calculated and the minimum,
maximum, average, and highest and lowest five ratios were displayed.
While the average was close to 1.0, the highest and lowest five values
showed that some companies had significant decreases in business,
while others had experienced significant increases in business.
The auditors reviewed the details of all companies that had a ratio of less
than 0.7 or more than 1.30. Totals were calculated by a contracting
officer. For companies with an increase in business, the results revealed
that Jonathan had raised many of the contracts. In comparison, Jonathan
had raised no contracts with the companies that had seen a decrease in
business. The auditors learned of Jonathan’s kickback scheme when they
interviewed salesmen from the companies that had ratios less than 0.7.
Interviews with salesmen from the firms that had increased sales by 1.30
or more added credence to the fraud accusations. Both groups of
salesmen said that they were told they would only get business if they
paid Jonathan a kickback.
Classifying on the contracting officer for all contracts with 49 as the first
two digits determined that the contracting manager was raising
contracts for $49,000$49,999 to avoid contracting regulations. Contracts
under $50,000 could be sole-sourced; contracts greater than $50,000
had to be submitted to the bidding process. He was raising contracts just
under the financial limit and directing them to a company owned by his
wife. *
Direct observation is the method of choice to determine the effect a red flag has on
an organization. For example, if analysis of overtime for an area suggests that one
26
person is falsifying time cards, observing the person’s start and stop times is
important. Observation is also useful when employee lifestyle changes are noted,
or to get an understanding of how an area works. Does the employee in fact drive
a new Jaguar on a salary that clearly wouldn’t support it? Whether it is fraud or an
error, action should be taken to prevent the act from occurring again.
Reporting Fraud
Conclusion
Red flags are warnings that something could be or is wrong. Auditors, employees,
and management need to be aware of red flags in order to monitor the situation
and then take corrective action as needed. Employees who notice that red flags are
ignored may mistakenly believe that it is okay to game the system or that they
won’t get caught. A little fraud soon becomes a large one if left to grow.
27
Week 2 – Day 1 – 13th October
Common Factors
There are internal control weaknesses that are common elements of fraud or
embezzlement and we must make necessary revisions to internal controls:
Lack of board approved policies - for areas such as lending, investing, borrowing, and
operating expenses;
Lack of segregation of duties - concentrating the control over all phases of a transaction in
one dominant controlling manager, often a single person operation;
Lack of mandatory vacation policy - embezzlements usually require the embezzler's ongoing
attention; therefore, policies that require managers and employees to take at least
one and preferably two weeks' vacation (not a day here and there) reduce the risk
of embezzlements;
Failure to maintain adequate audit trails - audit trails enables the tracing of any given item
through the credit union's books;
Inactive supervisory committees - the committee is the most important single element in
the internal control structure;
Repeated record keeping problems - inaccurate or incomplete records are often used to
hide fraud;
Yield on loans far less than stated loan rate in credit unions with low delinquency;
28
Alternative Testing Procedures
Fraud and embezzlement schemes are not solely a problem of larger credit unions. In
fact, the very size of small credit unions creates opportunities for a weak internal control
structure and fraud. Officials of smaller credit unions must work within their organizations
to develop methods that will safeguard their members' accounts and reduce the
opportunity for fraud. Suggested reviews and alternative testing methods that the
supervisory committee members or someone independent of the credit union staff should
perform include:
Review of maintenance reports showing loan due date changes - unwarranted changes to
loan due dates may disguise a fictitious loan or loans not receiving regular payments;
Review of reports showing loans by interest rate - reveals unusually low loan rates;
Review of the reconciliation of cash receipts to cash deposits - daily receipts should be
promptly deposited in amounts readily traceable to the bank deposits.
Conclusion
Internal audit officials are responsible for implementing a system of sound internal controls
and for ensuring that the controls are regularly followed by management and staff.
Although fraud may be uncovered, the annual audit and regulatory examination are not
intended to detect fraud.
The purpose of internal controls is not to entrap employees; rather, good internal controls
provide a working environment in which good employees are not tempted to do something
they would not ordinarily do.
The controls are often monitored by the internal auditing department. Companies that
initiate and consistently follow basic internal controls are less likely to experience fraud
and embezzlement than those whose internal controls are weak.
Internal Controls
29
Who is Responsible for Internal Control?
The organization’s leadership is ultimately responsible. Everyone in an organization plays
some role in effecting control. All personnel should be responsible to communicate
problems in operations, deviations from established standards, and violations of policy or
law. Auditors contribute to the effectiveness of controls, but they are not responsible to
establish or maintain them.
Control Environment
•Ethical tone established by management; foundation for all other components; “tone at
the top” (soft controls) Factors include:
How do you Evaluate Soft Controls? Subjective - the only valid measure of their
effectiveness may be employees’ perceptions. Most modern internal control evaluation
practices have a strong element of self-assessment,
Risk Assessment
• After risks have been identified, they must be analyzed -assess the likelihood of the risk
occurring; estimate the impact of a risk if it does occur; consider how to manage the risk. •
We cannot anticipate every potential risk
Control Activities
Policies (what should be done) and procedures (how it should be done) designed to help
ensure that objectives are achieved.
30
Physical controls -restrict access to equipment, conduct inventories, secure/count cash,
etc. Segregation of Duties- different people should be responsible for:– authorizing
transactions– recording transactions (accounting)– handling the related assets (custody)–
monitoring transactions (reconciling, verifying).
Backup and recovery policies & procedures Program development & documentation
controls Hardware / access controls (i.e. passwords) Virus detection software Firewalls
To be able to provide data that accurate, detailed, understandable and in usable form to
the right people in time to allow appropriate action.
Up & down the organization – clear messages from the top regarding philosophy,
objectives and policies, and a means for personnel to communicate upstream.• Across the
organization – individuals and departments sharing information across organizational
lines.
Monitoring
Assessing the quality of performance over time and making any necessary modifications.
Activities include: Management review of financial reports for propriety and trends..Self
assessments, internal audits, external reviews to report and correct deficiencies
Judgement-decisions are made by humans, often under pressure and time constraints,
based on information at hand.
Management Override - high level personnel may be able to override prescribed policies
and procedures.
Collusion - two or more individuals, working together, may be able to circumvent controls.
Cost vs. Benefit - The risk of failure and the potential effects must be weighed against the
cost of establishing controls.
31
Loss of Assets, Donors, Grants & Contracts, State funding- Poor Business Decisions-
Non compliance with laws & regulations- Increased Regulations- Public Scandals
A Definition
Internal controls have existed from ancient times. In Hellenistic Egypt there was a dual
administration, with one set of bureaucrats charged with collecting taxes and another with
supervising them.
Specific Controls
Supervisory
32
• The procedures for dealing with new suppliers must require them to be screened
thoroughly. The procedures should call for suppliers to provide you with a landline
number and check that you can contact them on that number.
• The operational controls for funds transfer operations require clearly defined
procedures establishing a control environment which provides for the
authorization and authentication of transactions. Financial institutions should
establish effective operational controls that identify and document:
• The original payment instructions from the corporate or individual customer to the
financial institution and other pertinent information (e.g., account officer, branch
manager, terminal entry identity, automated interface identification);
• Every transfer point of data for each step of the manual process (e.g., account
officer, message receipt, authentication, data entry, and payment release); and
• Every transfer point of data for each step of an automated process (e.g., SWIFT
and Telex, message preparation, data entry, and payment release).
• Basic internal controls should be in effect to maintain overall integrity for any
funds transfer operation. However, depending on the complexity and volume of
operations, certain steps may not be applicable for some institutions.
Recommended control objectives for a wholesale funds transfer system include:
• Ensuring collected balances are available and held for the outgoing payments;
• Ensuring the original unaltered outgoing instruction is entered into the internal
accounting system;
33
processes, and should address the controls relating to crediting, debiting, and
reconciling customer and institution account balances. Policies and procedures
should also document institution specific compliance requirements to address
federal and state regulations including OFAC verification procedures.
• Ensure your computer system is sound, by using firewall , strong alpha numeric
passwords ( avoiding real words) changed regularly and up to date virus software
• Have a clearly defined fraud response plan so that you can react effectively
should fraudulent activity take place
People
• Employees must take their vacation entitlement and the work of employees on
vacation must be covered by others.
• All staff should have formal job descriptions that clearly indicate their
responsibilities and are updated regularly. Organisational structure should be
clear and unambiguous.
• Set strict staff guidelines about what information they can give to strangers
34
Management
Audit
A Company’s internal auditors should conduct periodic independent reviews of the funds
transfer operation, including all pertinent internal policies and procedures. An external
audit can supplement or replace internal audit procedures.
The scope and frequency of the internal funds transfer audit program;
Audit work papers to ensure they document adherence to prescribed audit procedures;
Information Security
Management should establish logical access controls on the funds transfer application that
assign appropriate access levels to staff members working in the wire room or funds
transfer operation. Inappropriate access levels provide the opportunity to create and
transmit unauthorized funds transfer messages. The risk is greater without adequate
separation of duties. Management should ensure no employees have access to more
than one assigned user code unless the code is under dual control. Management should
configure message verification rights to ensure adequate separation of duties between
employees initiating and employees verifying and sending funds transfer messages.
35
Third-Party Management
Some Companies rely on third party service providers and other financial institutions for
wholesale payment system products and services either to enhance the services
performed in-house or to offer wholesale payment services that are otherwise not cost
effective.
Financial institutions should have adequate due diligence processes, appropriate contract
provisions, and service provider monitoring procedures to ensure they conduct wholesale
payment operations appropriately. Effective monitoring should include the review of select
wholesale payment transactions to ensure they are accurate, reliable, and timely. The
integrity and accuracy of wholesale payment transactions depend on the use of proper
control procedures throughout all phases of processing, including outsourced functions.
These are Policies that establish guidelines and procedures related to keeping books and
records that in reasonable detail accurately and fairly reflect the Company's transactions
and dispositions of assets. The Company shall maintain a system of internal accounting
controls to ensure reliability and adequacy of its books and records and proper recording
of all transactions including dispositions of assets.
Policy:
Authorization: The only transactions to be entered into by the Company are those which
are executed in accordance with management's specific approval (as set forth in the
following paragraph) or established, formalized policies and procedures.
In particular
There should be a formal system for the authorisation of orders, invoices and payments
Credit notes over a threshold amount must be explained to and authorised by a senior
independent manager before issue.
36
Inventory write-downs must be investigated before authorisation by an independent
manager.
Accounting: All transactions entered into by the Company will be recorded in the
accounts of the Company in accordance with normal, standard procedures. Each entry
will be coded into an account which accurately and fairly reflects the true nature of the
transaction.
In particular
Key balance sheet accounts must be reconciled monthly and the reconciliation reviewed
regularly by senior managers.
Fixed assets must be tagged and checked periodically - this can often be combined with
the regular testing of electrical and lifting equipment.
Ensure that no goods or assets leave a site without a despatch note or other
documentation.
The accuracy of the information should be checked using bank reconciliation, invoice
calculation checks and physical stock counts.
Reporting: All transactions that have been accounted for in accordance with this
Corporate Policy will be accumulated and processed in a manner which will permit timely
preparation of financial statements, reports and data for purposes of internal, public and
regulatory reporting. Such statements, reports and data must be understandable and
prepared in a form sufficient to reflect fully, accurately and fairly the results of transactions
entered into by the Company and to permit proper accountability for assets.
Auditing: Compliance with the provisions and requirements of this Corporate Policy will
be tested and evaluated by the Company's Director-Audit Services in connection with the
ongoing internal audit program. All control failures regarding this Corporate Policy will be
reported to management so that deficiencies can be corrected and assurance of
compliance with the terms of this Corporate Policy maintained.
Procedure: The Company will continuously evaluate its internal accounting controls,
procedures and records to ensure compliance with the requirements of this Corporate
Policy. Such evaluation will be documented in a form suitable for inspection by outside
parties, such as regulatory authorities, if the need arises.
The Company will take action to remedy any deficiency in internal accounting controls,
procedures and records to ensure continuing compliance with the requirements of this
Corporate Policy.
37
The audit services staff, in coordination with the Company's Director-Audit Services, will
ascertain that its audit scope, procedures and programs are adequate (i) for the purpose
of testing and evaluating internal accounting controls, procedures and records and (ii) for
complete reporting of deficiencies in internal accounting controls, procedures and records.
On or before the year end of each year, the Chief Financial Officer and the Company's
Director-Audit Services will prepare a written summary applicable to the preceding fiscal
year which sets forth financial management's evaluation of the Company's internal
accounting controls, procedures and records. Such a summary will consider financial
management's overall evaluation and results of audits performed during the year, internal
and external. For deficiencies noted in the evaluation, remedial action in progress or
contemplated will be set forth in the summary. The summary will be addressed to the
Audit Committee of the Board of Directors.
The Company's Director-Audit Services will, on an annual basis, report to the Audit
Committee of the Board of Directors on the adequacy of internal accounting controls,
procedures and records.
Some excuse or validation for actions, such as: I’m just borrowing the money and will pay
it back; it’s only temporary until I get over this financial difficulty.
I need it more than they do, and they will never miss it.
I deserve it because I’ve been treated unfairly –the organization owes me.
The conditions under which fraud thrives have been listed. These included an unhealthy
corporate culture, domineering management, management abusing or overriding internal
controls, low staff morale and weak management. Collectively they reflect the culture of
the organisation. The most effective ways of detecting fraud have been found to be:
2. Internal audit. Use surveillance techniques when appropriate, Proactively audit for
fraud
3. Management review.
38
4. Whistle-blowers. Use a hotline Create an expectation of punishment
8. Security of passwords.
9. External audit.
10. Accident.
This list emphasises the importance of having strong management and a healthy
corporate culture to detect and therefore deter fraud. Physical controls such as passwords
and access/exit controls come at the bottom of the list in detecting fraud but have a big
deterrent effect on potential fraudsters and are very important in reducing fraud.
Until there is a healthy culture and strong management in all branches and departments of
an organisation, attempts to deter fraud will not be very successful. Only when potential
fraudsters believe fraud will be detected and when whistle-blowers believe they will be
protected will there be an effective deterrence of fraud.
39
Week 2 – Day 2 – 14th October
The world's financial capital leaks money like a fishnet. When the flow of
cash is not measured in lorry-loads but in electronic trillions, you don't
need a disguise; an inside job is much easier.
Three such men pleaded guilty last week to a form of bank robbery. The
so-called Natwest Three were accused of defrauding their employer of
some $7m while working with a client called Enron.
One view is that the guilty plea marks a welcome end to a rather
shameful episode in British financial history: the complicity of employees
of one of our biggest banks in a record-breaking corporate collapse.
Another view is that the Three pleaded guilty only because the
consequence if their defence failed before a jury was so horrific: 30 years
behind bars in the US instead of three served nearer home.
Risk Management is the process, by which an organization sets the risk appetite, identifies
potential risks and prioritizes the tolerance for risk based on the organization’s business
objectives. Risk Management leverages internal controls to manage and mitigate risk
throughout the organization.
40
Compliance is the process that records and monitors the policies, procedures and controls
needed to enable compliance with legislative or industry mandates as well as internal
policies.
Within the GRC realm, it is very important to realize that if the first one (Governance) is not
in place, the second two (Risk Management and Compliance) become irreverent and
probably cannot be meaningfully achieved. Working on the same logic, if second one
(Risk Management) is not in place then achieving Compliance becomes irreverent and
probably cannot be meaningfully achieved. This is the reason the acronym is designed as
GRC and not other combinations. Governance, Risk, and Compliance are highly related
but distinct activities that solve different problems for different sets of constituents of an
organization.
Fraud Theory
Control fraud theory was developed in the savings and loan debacle. It
explained that the person controlling the S&L (typically the CEO) posed a
unique risk because he could use it as a weapon.
Only the CEO can optimize the company for fraud. He has it invest in
assets that have no clear market value. Professionals evaluate such
assets-allowing the CEO to hire ones who will inflate values. Rapid
growth (as in a Ponzi scheme) extends the fraud and increases the
“take.” S&Ls optimized accounting fraud by loaning to un-creditworthy
and criminal borrowers (who promised to pay the highest rates and fees
because they did not intend to repay, but the promise sufficed for the
auditors to permit booking the profits). The CEO extends the fraud
through “sales” of the troubled assets to “straws” that transmute losses
into profits. Accounting fraud produced guaranteed record profits-and
losses.
CEOs have the unique ability to convert company assets into personal
funds through normal corporate mechanisms. Accounting fraud causes
stock prices to rise. The CEO sells shares and profits. The successful CEO
receives raises, bonuses, perks, and options and gains in status and
reputation. Audacious CEOs use political contributions to influence the
41
external environment to aid fraud by fending off the regulators.
Charitable contributions aid the firm's legitimacy and the CEO's status.
S&L CEOs were able to loot the assets of large, rapidly growing
organizations for many years. They used accounting fraud to mimic
legitimate firms, and the markets did not spot the fraud. The steps that
maximized their accounting profits maximized their losses, which
dwarfed all other forms of property crimes combined.
While agreeing that the S&L served as both a “weapon” and a “shield,”
control fraud theory cast doubt on those metaphors. Weapons and
shields are visible; fraud is deceitful. The better metaphors would be
camouflage, or a virus. Control fraud theorists rejected the economists'
metaphor, “gambling for resurrection” (honest but unlucky risk takers).
Gambling cannot explain why control fraud was invariably present at the
typical large failure. There were over 1,000 felony convictions of senior
S&L insiders. Accounting fraud made control fraud a sure thing-not a
gamble. Control fraud theory predicts the pattern of record profits and
catastrophic failure and the business pattern of deliberately making bad
loans. Both patterns are inconsistent with honest gambling.
The second use of control fraud theory was to analyze the structures that
produced criminogenic environments that led to waves of control fraud.
Deregulation and de-supervision of the S&L industry, combined with the
industry's mass insolvency, optimized accounting fraud and made
“systems capacity” limitations critical. The mass insolvency maximized
“reactive” control fraud, and the deregulation, de-supervision, and mass
insolvency maximized entry into the industry by “opportunistic” control
frauds.
Fraud waves can cause financial bubbles to hyper inflate (e.g., Texas real
estate during the debacle) and cause regional or systemic injury (e.g.,
during Russia's “shock therapy,” the failures of “the Washington
consensus,” and the U.S. high-tech bubble). Control frauds cause indirect
losses by corrupting politicians and professionals and betraying trust.
When control fraud becomes endemic, it can lock nations in long-term
poverty.
42
Control fraud theory poses a fundamental challenge to the core models
of finance and economics. The efficient markets (and contracts)
hypothesis requires that markets be able to identify and exclude control
frauds, and the dominant law and economics model asserts that they do
so effectively and quickly. This claim is largely premised on the view that
no top-tier audit firm would give a clean opinion to a control fraud.
Control frauds have consistently falsified this claim. Deposit insurance
was not the key to S&L control fraud. Control frauds deceive “creditors at
risk.” High reported profits allow them to grow rapidly by borrowing and
issuing stock.
To date, most of the work in control fraud discusses looting by the CEO.
However, it also exists in government when the head of state uses the
government to defraud. It can be used to defraud customers (e.g.,
“lemons” scams, in which quality or quantity is misrepresented, or
cartels) and the public (e.g., tax fraud or a toxic waste firm that gains a
cost advantage by dumping in the stream). These forms of control fraud
create real profits and, absent effective enforcement, create a dynamic
that causes fraud to spread. Systems capacity problems can lead to
endemic control fraud in an industry.
According to the survey, 62% of the 221 CFOs surveyed believe it would
be possible to intentionally misstate their financial statements to their
auditors. As one commentator in the November 15, 2007 CFO.com
article (here) commenting on the survey put it, these numbers are
"alarming," given that "CFOs – if they’ve a mind to –are in a unique
position, having the necessary information, intelligence and access to
trick auditors in ways that are hard to decipher."
43
Indeed, it is disconcerting that nearly two-thirds of CFOs feel they could
fool their auditors on intentionally falsified financial statements. Clearly,
if such a large percentage of CFOs feel they could, some of them might,
and a few of them will. This intimation of the possibility of undetected
fraud should be disconcerting to investors, analysts, and others
(including D & O underwriters) who rely on auditors’ assurance that the
financial statements are free from "material misstatement."
The disappointment and even anger that investors and others feel when
they find they have been misled by falsified financial statements often
encompasses a sense of frustration that the auditors failed to detect the
fraud. Accordingly, auditors are often named as co-defendants in
securities fraud lawsuits, based on a failure to detect the fraud and the
auditors’ statements that there are no material misstatements in the
financial statements.
The problem for everyone, both auditors and those who rely in their
audits, is that there is, in the words of the industry leaders’ statement,
an "expectations gap." According to the accounting leaders, the gap
arises because "many investors, policy makers, and the media believe
that the auditor’s main function is to detect all fraud, and thus, where it
materializes and auditors have failed to find it, the auditors are
presumed to be at fault." The accounting leaders go on to assert that:
44
they shouldn’t. It almost seems as if the auditors’ message to those who
would rely on financial statements is – don’t (or, at least, not so much).
The risk of not detecting a fraud is much higher that the risk of not detecting a
material misstatement resulting from an error as frauds are much deeper rooted
and well covered. Normal auditing procedures which are effective in discovering
error are usually not effective enough for detecting frauds.
Management fraud is much more difficult to detect and the auditor may simply not
detect it at all. The opinions of the Auditors are base on what is present before him
and subsequent discovery of fraud or a material misstatement in the financial
statements does not indicate any failure on part of the auditor to obtain reasonable
assurance or absence of professional competence or failure to comply with
auditing standards.
When planning and conduction audit, the auditor must make inquiries of
management, obtain a written assurance that the management has prepared the
financial statements with due care considering the fact that the internal control and
accounting and procedure put in place by the management takes care of such risks.
The management’s assessment of the risk that there may be material
misstatements in the financial statements as a result of fraud. The Auditor must
make enquiries if the management is aware of any known fraud that had affected
the internal control system that the entity is investigating into
Audit risk is the risk that the auditor gives an inappropriate audit opinion when the
financial statements are materially mismatched. Such misstatements can result
45
from either fraud or error. There are three types of audit risks – inherent risk,
control risk and detection risk.
Strategic Fraud Prevention Plan
Fraud comes in all sizes ranging from billion dollar cases of corporate fraud to
thousand dollar cases of employee embezzlement to employees overcharging their
expense reports. Therefore, an effective fraud prevention strategy must be multi-
dimensional, considering senior management, employees, and even outside parties
such as customers and vendors. An effective fraud prevention strategy must also
be adaptable to the ever-changing fraud schemes as internal controls and
technology change the operating environments of most companies. So how does a
company develop a fraud prevention strategy without spending millions of dollars
and scrutinizing all of its transactions? One technique is to break the problem into
smaller pieces. Let’s consider 1) the work environment; 2)control systems; and 3)
fraud-specific procedures.
Work Environment
The whistle blower system is also an effective tool for the work environment.
According to the “2006 Report to the Nation on Occupational Fraud and Abuse”
of the Association of Certified Fraud Examiners (ACFE), 34.2%of the initial
reports of occupational abuse resulted from tips. These tips came from employees,
customers and vendors. An effective whistle blower system allows key individuals
to report fraud without the threat of retribution. It is also important to have a
history of prosecuting fraudulent activity. Too often, employees caught
committing frauds against the company are terminated without the negative,
embarrassing consequences of being prosecuted for their crime. Faced with only
termination, the employee often commits the act again at their next employer
46
Control Systems
Control systems include the internal control systems of the company. These
control systems are front lines in the fight against fraud. An adequate system of
internal controls reduces the number of opportunities available to those individuals
with pressure and rationalization.
The importance of internal control systems is evident by Section 404 of Sarbanes-
Oxley. This law requires not only the establishment of a system of internal
controls but also is concerned with how management assesses these controls.
Currently, public companies are spending significant resources, both people and
money, in compliance with this law. ACFE’s “2006 Report to the Nation”
illustrates the importance of control systems with 20.2% of initial reports resulting
from internal audits and 19.2% resulting from internal controls.
Fraud-Specific Procedures
The core of the fraud prevention strategy is the use of fraud-specific procedures.
These procedures are specifically designed to detect fraud, in contrast to the
control activities of the internal control systems which are generally applied to
achieve the control objectives. Whereas control objectives are designed to reduce
the opportunities for fraud, the fraud-specific procedures are designed to test for
the presence of fraudulent activity.
47
Conclusion
Introduction
A Fraud response plan is needed so that you can react effectively and quickly
should fraudulent activity take place. The plan defines authority levels,
responsibilities for action, and reporting lines in the event of a suspected fraud or
irregularity. The plan acts as a checklist of actions and a guide to follow in the
event of fraud being suspected
48
Action following detection – Stage 1
When any member of staff suspects that a fraud has occurred, he/she must notify
his/her Line Manager immediately. Speed is of the essence and this initial report
should be verbal and must be followed up within 24 hours by a written report
addressed to the Line Manager which should cover:
(i) The amount/value, if established.
(ii) The position regarding recovery.
(iii) The period over which the irregularity occurred, if known.
(iv) The date of discovery and how the suspected fraud was discovered.
(v) The type of irregularity and what led to it, i.e.:
was there a breakdown in the systems of internal control, or
is there any inherent weakness in the system of internal control which allowed it to
occur?
(vi) Whether the person responsible has been identified.
(vii) Whether any collusion with others is suspected.
(viii) Details of any actions taken to date.
(ix) Any other information or comments which might be useful.
Internal Audit also has an interest in fraud as the extent and nature of fraud within
a Division can give an indication of the soundness of that Division's systems. The
written report sent to the Director of Finance should therefore be copied to the
Internal Auditor. The rapid discovery and proper reporting of fraud can also be an
indicator of the strength of control within a Division.
Initial Enquiries
Before completing the report above it may be necessary for line management to
undertake an initial enquiry to ascertain the facts. This enquiry should be carried
out as speedily as possible after suspicion has been aroused: prompt action is
49
essential. The purpose of the initial enquiry is to confirm or repudiate, as far as
possible, the suspicions that have arisen so that, if necessary, disciplinary action
including further and more detailed investigation (under internal disciplinary
procedures and/or the police) may be instigated. Internal Audit is available to
offer advice on any specific course of action which may be necessary.
50
or other serious irregularity, either directly or indirectly. There are a range
of disciplinary penalties that can be exercised which are outlined in
Paragraph 2.4 of the Code of Practice.”
Role of representatives
51
Transcripts
If the initial examination confirms the suspicion that a fraud has been perpetrated,
then to prevent the loss of evidence which may subsequently prove essential for
disciplinary action or prosecution, management should;
(i) take steps to ensure that all original evidence is secured as soon as possible;
(ii) be able to account for the security of the evidence at all times after it has been
secured, including keeping a record of its movement and signatures of all persons
to whom the evidence has been transferred. For this purpose all items of evidence
should be individually numbered and descriptively labelled;
(iii) not alter or amend the evidence in any way;
(iv) keep a note of when they came into possession of the evidence. This will be
useful later if proceedings take place;
(v) remember that all memoranda relating to the investigation must be disclosed to
the defence in the event of formal proceedings and so it is important to carefully
consider what information needs to be recorded. Particular care must be
taken with phrases such as “discrepancy” and “irregularity” when what is
really meant is fraud or theft.
Should the initial investigation indicate that there is prima facie evidence of fraud
it is critical that the Line Manager requests the Internal Auditor to oversee and
control the subsequent investigation. The request should be in writing and Terms
of Reference should also be agreed. The Internal Auditor should arrange for an
action plan to be put in place with, as far as is possible, a set timeframe and regular
reviews. The Internal Auditor has full responsibility for progressing the case and
whilst he/she can, and should, call on the assistance of various sources of help at
all stages (technical assistance, personnel, external audit, solicitors etc.) ultimate
responsibility and accountability in progressing the case should remain with that
officer (the Internal Auditor may however appoint a suitably qualified and
experienced Investigation Officer to carry out the detailed investigation work.)
The Internal Auditor should therefore have the necessary authority (i.e. the
appropriate rank and experience) to enable him/her to properly discharge these
duties. The Internal Auditor should also be independent from the matter in
question. It is the responsibility of the Internal Auditor to keep the Director of
52
Finance abreast of developments. In particular the Internal Auditor should report
all material developments promptly to the Director of Finance for onward
reporting to the Executive Team and Audit Committee.
Police Involvement
If the Line Manager, in consultation with the Director of Finance is satisfied that
there is prima facie evidence of fraud, then they must report the matter to the
police. Consultation with the police at an early stage is beneficial allowing the
police to examine the evidence available at that time and make decisions on
whether there is sufficient evidence to support a criminal prosecution or if a police
investigation is appropriate. Alternatively, the police may recommend that the
Company conducts further investigations and, generally, they will provide useful
advice and guidance on how the case should be taken forward.
If the police decide to investigate then it may be necessary for the Internal Auditor
to postpone further internal action and make suitable adjustments to the action
plan. However, the Internal Auditor should continue to liaise with the police at
regular intervals and report on progress made.
The Internal Auditor should ensure that the Fraud Register, which is held by
Director of Human Resources, is updated with all the appropriate details including
the value of any loss to the Company as a result of the fraud.
Following completion of the case, the Internal Auditor should prepare a summary
report on the outcome and lessons learned circulating it to all other interested
parties who must take the appropriate action to improve controls to mitigate the
scope for future recurrence of the fraud.
The report shall contain:
•A description of the incident/issues alleged including an assessment of the value
of any losses;
•The people involved and the means by which the fraud was allowed
to occur (highlighting any control and/or operating weaknesses within
the systems)
• Ascertain all possible facts relating to the alleged fraud;
•Measures needed to prevent a recurrence and a brief risk assessment as to the
53
viability of these;
• Future recommendations to minimise the risk of such an occurrence;
• A conclusion as to the way forward;
• Any other relevant material
i2 software assists fraud investigators in both the commercial and law enforcement
sectors. It is used by police, government and customs organizations, forensic
accountants, auditors and private investigators to tackle many different types of
fraud.
The challenge for fraud investigators is not a shortage of information but knowing
where to target their investigation and how to allocate precious time and resources.
i2 software assists fraud investigators by providing a solution that is easy to use
and delivers the power and flexibility needed for this type of work.
Understand the Information
Analyst's Notebook techniques such as link analysis (shown below) can build a
picture of the people, organizations and events involved in any type of fraud
investigation. As the relationships between companies, individuals, accounts and
numerous transactions are uncovered, the working charts grow in complexity.
Investigators can then focus on individual aspects of their case, producing
simplified charts that cut to the heart of the case.
Anal Simp
ytical lified
chart chart
s s like
help this
inve one
stiga allow
tors inve
esta stiga
blish tors
the to
most focu
signif s on
54
icant
area
s of
an
inve
stiga
tion
and parti
aid cular
deci aspe
sion cts
mak of a
ers case
in .
effec
tively
alloc
ating
reso
urce
s.
From the start of the investigation, investigators can record the details of all source
documents either on cards behind each chart element or through a direct link to a
database. This ensures that when the legal process begins, all documentary
evidence is organized and substantiates the charts.
These charts can be used as visual briefing aids that have proven effective in
communicating complex cases to team members, prosecutors and juries.
To more closely examine the actions of fraud suspects, investigators can use
Analyst's Notebook to develop timeline charts that identify the precise sequence of
case related events.
All details from the beginning events to the apprehension of suspects are depicted
in this format. Timeline analysis helps fraud investigators effectively
communicate the timing of case-related events and can be used to summarize the
investigation. As with link charts, each event on the timeline chart includes a
reference to its source document or a direct link to a database.
Sophisticated white collar criminals often go to great lengths to hide their crimes.
Tracking down money, goods or other assets fraudulently obtained can be the
most challenging part of an investigation.
55
Guide for Witnesses in SFO Trials
The explanations below are designed to explain the procedure involved in being a
witness in court and to answer some of the most common questions a witness may
ask.
The Serious Fraud Office is committed to ensuring that the witnesses in its cases
are provided with the fullest possible information and assistance. The Director is
extremely grateful to all of you who agree to give evidence in SFO cases. Being a
witness is a vitally important public function.
As a witness in an SFO case you will have been given the name of the Case
Secretary in the SFO. Do please contact him or her if you have any queries.
If you have lost the Case Secretary's name or have any general questions
Your evidence
SFO cases are criminal cases and the person on trial is called “the Defendant”. The
name of the defendant is the name of the case:
Your evidence will consist of facts - things you know about or have seen or heard
or experienced. The court needs to hear from people with personal knowledge of
the facts of the case, to enable it to decide whether or not a defendant is guilty of
the offences he has been charged with.
You will probably already have been asked to write and sign a Witness Statement
for SFO investigators. You may also have provided documents or copies of your
documents that have a connection with the case (these are called your Exhibits).
Your evidence may be given verbally, in open court to the judge, jury, defendant
and lawyers; or
Your Witness Statement and Exhibits will be read to the court (without you
needing to be present).
You may already have had a letter from the Case Secretary telling you where and
when the case is going to court.
56
If you are unsure whether you need to go to court at all - contact the Case
Secretary.
If you have not yet signed a Written Witness statement but have been interviewed
or contacted by SFO investigators some time ago; contact the investigators. It may
be that your evidence is not needed after all.
You may have made your witness statement some time ago and it may deal with
complicated matters. If you feel that you need to refresh your memory by seeing a
copy, please contact the Case Secretary.
It is important that you do not try to recall your evidence by talking to other
witnesses about it. If you know other witnesses already, please be careful not to
discuss the case with them. This could in certain circumstances amount to a
criminal offence
If anyone asks you, or has asked you, about your evidence, contact the case
secretary at once. In very rare cases you may be asked to give a statement, before
the trial, to the lawyers acting for the Defendant.
If you have reason to be worried about meeting the Defendant, his or her relatives,
or any other person, while you are at court, you should inform the case secretary.
If your English is not good and you would like an interpreter, contact the Case
Secretary.
If you have any disabilities or special needs, please contact the Case Secretary
If you have never been inside a court before and would like to arrange a visit
beforehand; contact the Case Secretary. Many local Crown Courts have open days
and guided tours which you are free to join.
You will be repaid your travelling expenses when you have given your evidence.
If you are travelling from abroad, discuss your needs with the Case Secretary. You
may be asked to bring all original exhibits with you to court. You will be allowed
to take these into the courtroom with you, but you will NOT be able to take your
Witness Statement with you. Do NOT bring anything else with you to court unless
asked to do so; but if you have any other documents you think might concern the
case, tell the Case Secretary.
Arrival at court
When you arrive at the Crown Court, please look at the list of cases, which will be
displayed on a Board inside the entrance hall.
57
The case will be listed under the name of the defendant as “R v (defendant's
name)”, with the number of the court where the trial is being heard. Alternatively,
you could ask a member of the court staff to help you.
You should wait at or near the door of the numbered court. The name of the case
will be on the wall by the door. The Case Secretary will be expecting you and will
introduce him/herself to you.
Do not go into court until you are called. Normally, witnesses are not allowed to
observe any part of the trial, until after they have finished giving their evidence.
You should not talk to other waiting witnesses about the case
Every effort will be made to avoid you having to wait at court for a long time,
before you are called to give evidence. However, delays can happen and can be
affected by a number of matters that are outside our control. Our aim is to ensure
that no witness is required to wait for more than two hours. We will do our best to
achieve this and will ensure that the case secretary at court keeps you informed of
the reasons for any delay and its likely length.
Many courts have a Witness care centre, staffed by volunteers who will help to
make your wait more pleasant.
Court procedure
When the court is ready, your name will be called by the usher and he or she will
show you where to stand.
You will be asked to confirm your full name and address. If you do not wish your
address to be given in open court, discuss your reasons before court with the Case
Secretary.
You will be asked to take an oath or affirm that the evidence you give will be true.
Christians, for example, are required to swear on the New Testament. However,
every court has arrangements in place to ensure that witnesses of different faiths
can take the oath in a form that is appropriate for them. Alternatively if you wish
you will be allowed to affirm instead of swearing an oath. If you have any
concerns about this you should let the Case Secretary or the court usher know.
Giving evidence
First you will be asked questions by SFO prosecuting counsel. This is called
"examination in chief". Next you will probably also be cross-examined by defence
counsel. Don't worry if you are not asked any questions by the defence - this only
58
means that they to do not dispute any part of your evidence. Finally you may be
re-examined by prosecuting counsel.
It is also possible that, at any time, the judge may ask you questions. He or she
should be addressed as 'Your Honour', or if he or she is a High Court Judge, as
'My Lord' or 'My Lady'. We will advise you which form of address is appropriate.
Take your time and speak clearly, so that the Judge, the jury and counsel can hear
you. If you do not fully understand a question, you should not be nervous about
saying so. Ask for it to be repeated.
Everyone involved in the trial process, including counsel and the judge are
concerned to ensure that witnesses are given the opportunity to give their evidence
fully and fairly.
If you encounter any difficulties whilst giving your evidence, for example if you
feel unwell and need to leave the court, or you need a chair or some water, you
should ask the judge.
If you wish to correct something you have said earlier, or if you believe that you
need time to refer to any documents, before you answer a question, please do not
hesitate to inform the judge.
If there is a break during your evidence (e.g. for lunch) the judge will warn you
not to talk to anyone about the case during the break. You will have to have lunch
on your own.
If you would like to stay and listen to the trial after you have given your evidence,
you should ask the Case Secretary who will tell you if there is any reason why it
would not be advisable. For example, if there is any reason why you might be
recalled at a later stage of the case, you would be asked to leave court directly after
you have given your evidence.
After you have given your evidence, please be careful not to discuss the case with
any witnesses who have not yet been called.
The Case Secretary will hand you a Witness Expense Claim form. You will be
entitled to reimbursement of any travelling, any loss of earnings, or other expenses
you have incurred in coming to court. The form will explain your entitlement to
you. It would be helpful if you could obtain and keep receipts for any expenses.
You should receive payment for your claim within 14 days.
59
Conclusion - Time for a standard for corporate governance
Steve Priddy, ACCA's director of technical policy and research, argues that it is
widely accepted that part of the cause of the crisis has been the remuneration and
incentivisation packages for senior figures within the banking world. 'It seems that
their design has become too closely linked to short-term, relatively easy to
manipulate financial metrics,' he says. 'The traders of derivatives want to be able to
"book" profits immediately in order to have them recognised straightaway in the
employers' accounts and, thus, in the bonuses that they are awarded that year.'
ACCA has already led a debate on the use of performance bonuses, advocating
that they be related more closely to long-term financial performance and to
movements in cash flow, rather than profitability. 'This would at least give some
comfort to the owners of banking stock that rewards are not paid out until
proceeds have been banked,' explains Priddy.
He points out that chief executive pay has risen sharply in recent years. Between
1998 and 2007, the average FTSE 100 CEO salary rose 78% - with total
remuneration increasing by 287%, a rise of about 16% per annum. In the same
period, average income went up by 47% and the retail price index by 27%.
Priddy continues that 'there do not appear to be enough chairmen around to chair
the boards of the world's largest listed companies'. This interpretation is the
inevitable interpretation of the relaxation of the Combined Code to allow a
chairman of a UK listed company to also be chaiman of other listed companies.
60
Class work
Case Study
You have been given a variance report for the month of August 08. Prepare a
HAIR report highlighting the results of your analytical review and potential issues,
risks and actions that you would like to carry out.
Sales Controls
• Journals in sales
61
• Customers over credit limit
• No of invoices issued
• Overdue debts
• Cash received
• Outstanding lodgements
Purchase Controls
• Duplicated payments
• Journals in purchases
• No of invoices received
• Overdue debts
• Cash paid
• Outstanding payments
• Last purchase invoices received from suppliers (to hide fictitious invoices)
• Frequency of purchases
62
Bank Controls
• Bank take pictures of all payee’s drawing more than a certain amount.
Resources
ACCA - http://www.accaglobal.com/
ICAEW- http://icaew.com
AIA - www.aiaworldwide.com/
Sage – www.sage.co.uk
Tally - http://www.tallysolutions.com/
Cheque Kiting - In a kiting scheme, multiple bank accounts are opened and money is
“deposited” from account to account, although the money never exists. Floating makes
this possible.
Floating is the additional value of funds generated in the process of collection and arises
because the current holder of funds has been given credit for the funds before it clears the
financial institution upon which it is drawn.
Direct effect illegal acts are violations of laws or government regulations by the company
or its management or employees that produce direct and material effects on dollar
amounts in financial statements.
63
Embezzlement is a type of fraud involving employees’ or non employees’ wrongfully taking
money or property entrusted to their care, custody, and control, often accompanied by
false accounting entries and other forms of lying and cover up.
Employee Fraud is the use of fraudulent means to take money or other property from an
employer. It consists of three phrases: (1) the fraudulent act, (2) the conversion of the
money or property to the fraudster’s use and (3) the cover up.
“Illegal Acts” (far removed) are violations of laws and regulations that are far removed from
financial statement effects (for example, violations relating to insider securities trading,
occupational health and safety, food and drug administrations, environmental protection,
and equal employment opportunity).
Lapping is stealing one customer’s payment and crediting the customer’s account with the
payment by another customer. The second customer’s account is later credited by yet a
third customer.
Predication is any information that gives a fraud examiner (or another person who informs
the fraud examiner) a reason to believe a fraud occurred, may have occurred, or may be
presently occurring. The information may come from an anonymous tip, from an employee
noticing something wrong, or from an auditor noticing something suspiciously wrong.
Unimpeachable integrity is the ability to act in accordance with the highest moral and
ethical values all the time. This is practically impossible, so fraudsters will rationalize:
1. I need it more than the other person.
2. I’m borrowing and will pay it back later.
3. Everybody does it.
4. The company is big enough that it won’t miss it.
5. Nobody will get hurt.
6. I deserve it.
7. It’s for the greater good.
64
White Collar Crime is fraud perpetrated by people who work in offices and steal with a
pencil or a computer terminal. The contrast is violent street crime.
65