1 / 54

FRAUD PREVENTATION PROGRAMS(ANTI-FRAUD) The Institute of Internal Auditors June 8, 2004

FRAUD PREVENTATION PROGRAMS(ANTI-FRAUD) The Institute of Internal Auditors June 8, 2004. Ed Dudley, CIA, CPA Retired Vice-President & General Auditor-ABB Americas. Agenda. Introduction & Overview Ed Dudley Strategy to Address Fraud Issues George Farragher Fraud Risk Assessment

calvin
Download Presentation

FRAUD PREVENTATION PROGRAMS(ANTI-FRAUD) The Institute of Internal Auditors June 8, 2004

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. FRAUD PREVENTATION PROGRAMS(ANTI-FRAUD)The Institute of Internal AuditorsJune 8, 2004 Ed Dudley, CIA, CPA Retired Vice-President & General Auditor-ABB Americas

  2. Agenda • Introduction & Overview • Ed Dudley • Strategy to Address Fraud Issues • George Farragher • Fraud Risk Assessment • Jonny Frank • Prevention and Detection of Fraud • Claudius Modesti • Fraud Prevention in the Corporate Environment • Joe Hendrix • Break • Q & A

  3. Key Prevention Issues • Fraud Policy Guidelines and Limitations • Fraud Risk Profile • Objectives of Approach to Fraud • Key Performance Indicators • Fraud Risk Assessment & Link to COSO • Anti-Fraud Program Implementation Plan

  4. Key Prevention Issues (cont’d) • PCAOB-Auditing Standard #2 • Fraud Considerations • Oversight of Audit Committee • Organizational Culture • Verification of compliance • Testing for High Fraud Risk • Role of PCAOB Div. of Enforcement

  5. Key Prevention Issues (cont’d) • Fraud Prevention - Corporate Environment • Policies • Scope • Role of Corporate Compliance Office • Business Conduct Code Provisions • Fraud Reporting • Role of Fraud Council

  6. Developing a Strategy to Address Fraud Issues George Farragher, CPA, CFE Global Investigations & Dispute Advisory Ernst & Young LLP

  7. Fraud Policy Guidelines & Limitations Guidelines: • Define tolerance for fraud – All allegations investigated • Agree what action will be taken • Restitution • Termination • And/or prosecution • Policy is global Limitations: • Investigations divert resources • Cost benefit • Reactive vs. proactive approach • Management risk • Regulatory, reputation and business risk

  8. Fraud Risk Profile Environment • Industry factors • Domestic and global locations • Corporate focus • Fast growing and continuous changing business • Liability exposure and legal requirements

  9. Objectives of Proposed Approach Short Term • Provide immediate relief to current backlog • Develop foundation for sustainable fraud prevention and investigation process • Ability to respond immediately to concerns in a coordinated manner • Address issues early in the process, before material damages incurred • Quality - ensure investigations are managed in manner that will not create liability

  10. Objectives of Proposed Approach Long Term • Develop a sustainable model for effectively and efficiently investigating fraud • Cost efficiency • Improve overall risk profile • Develop process remediation loop within the organization • Source of feedback for ongoing process improvement • Conduct proactive audits and investigations based on trends/data collected from historical frauds

  11. Key Performance Indicators Balanced Scorecard - Identification of success factors • Reporting and measuring value – fraud stopped/avoided • Timely resolution of incidence • Timely reporting of resolution and remediation • Cost recovery/ restitution • Referrals to authorities • Feedback to the organization • Internal Audit

  12. Thank You ! • George P. Farragher CPA, CFE • Global Investigations & Dispute Advisory • 925 Euclid Avenue, Suite 1300 • Cleveland, Ohio 44115-1476 • george.farragher@ey.com • 216-583-1356 tel • 216-583-2595 fax

  13. Fraud Risk Assessments: Cornerstone of Effective Antifraud Programs & Controls Jonny Frank, JD, LLM Fraud Risks & Controls PricewaterhouseCoopers LLP

  14. Control Environment Code of conduct/ethics Ethics hotline Hiring and promotion Audit committee oversight Investigative process Remediation Fraud Risk Assessment Systematic process Level within organization Likelihood and significance Control Activities Linking controls to identified fraud risks Information/Communication Information systems & technology Knowledge management Training Monitoring Ongoing monitoring by management Separate “after the fact” evaluations by internal audit SEC Rules and PCAOBAuditing Standards Require Antifraud Programs & Controls Which Meet All Five Components of COSO

  15. Active audit committee oversight Systematic, Not Haphazard Scheme & Scenario Based Fraudulent financial reporting Misappropriation of assets Unauthorized or improper use and disposition of assets Unauthorized acquisition of assets Fraud of any magnitude by senior management Vulnerability to circumvention and management override Fraud Risk Assessment Is The Foundation Of An Effective Antifraud Program

  16. Considers: Incentives and pressures Likelihood Significance and magnitude Occurs: On a recurring basis When special circumstances arise, e.g. changed operating environments, new products and markets, corporate restructurings Conducted at the company-wide, business unit and significant account levels Fraud Risk Assessment Is The Foundation Of An Effective Antifraud Program (cont’d)

  17. Antifraud Program Implementation Plan • Step 1: • Create a Baseline: • Assess Existing Antifraud Programs & Controls • Develop & Remediate Plan Step 2: Organize a Fraud and Reputation-Risk Assessment Step 3: Evaluate & Test Design & Operating Effectiveness Key Elements of Antifraud Whitepaper IA Whitepaperpp. 30-32 IA WhitepaperAppendix A IA Whitepaperpp. 17-25 Step 2.3: Identify Potential Fraud Misconduct Schemes & Scenarios Step 2.4: Assess Likelihood of Fraud and Significance of Risk Step 2.5: Link Antifraud Control Activities Step 2.1: Organize Assessment by Business Cycle or Separate Fraud Cycle Step 2.2: Determine Units & Locations to Assess Step 4: Address Residual Risks Step 5: Standardize Process for Incident Investigation and Remediation • Disciplinary & legal action • Recovery/restoration of losses & other damages • Consideration of how and why fraud occurred • Determination of whether controls were non-existent, circumvented, and/or overridden • Explanation to senior management and audit committee regarding likelihood of recurrence IA Whitepaperpp. 29

  18. Additional Information and Guidance • PwC, Key Elements of Antifraud Programs and Controls (December 2003) available at www.internalaudit.com • PwC, Emerging Role of Internal Audit in Addressing Fraud and Reputation Risk (April 2004) available at www.internalaudit.com • J. Frank, Fraud Risk Assessments (Internal Auditor April 2004) • J. Frank, A New Audience for COSO (BNA Compliance Reporter, April 19, 2004)

  19. Additional Information and Guidance Contact Information: Jonny Frank Tel. 646-471-8590 Email: jonny.frank@us.pwc.com

  20. Prevention and Detection of Fraud Claudius Modesti, Esquire Director Division of Enforcement and Investigations PCAOB

  21. Disclaimer • The views I express today are my own and do not necessarily represent the views of the Board Members or staff of the PCAOB • In addition my participation in this webcast should not be considered any endorsement to any entity or sponsor supporting this webcast

  22. Detection and Prevention of Fraud • General Comments • New Paradigm • Organization Culture • Robust Internal Controls • PCAOB – Auditing Standard # 2 • Fraud Considerations • Significant Deficiency – Material Weakness • Division of Enforcement and Investigations within PCAOB

  23. New Paradigm - Role of Audit Committee and Internal Auditors PCAOB Auditing Standard No. 2 paragraph 140 Following should be regarded as at least a significant deficiency and a strong indicator that a material weakness exists: “…Oversight of the company’s external financial reporting and internal control over financial reporting by the company’s audit committee is ineffective. The internal audit function or risk assessment function is ineffective at a company for which such function needs to be effective… Identification of fraud of any magnitude on the part of senior management”

  24. How to Prevent Fraud • Organization Culture - Ethics • Internal Control

  25. How to Prevent FraudOrganization Culture - Ethics • Tone at the Top • Corporate culture • Message communicated – what is important? • Unethical behavior not tolerated • Clear Expectations of all Employees • Codes of Conduct (ethics, conflict, fraud, etc.) • Certifications as to compliance • Compensation – Incentives

  26. How to Prevent FraudInternal Control • Robust Policies and Procedures • Verification of Compliance therewith • Internal Audit • External Audit • Continued Education - Training

  27. PCAOB - Auditing Standard No. 2Controls Addressing Risk of Fraud Auditor should evaluate all controls specifically intended to address the risk of fraud that may have a material effect on financial statements, including but not limited to: • Controls restraining misappropriation of assets • Company’s risk assessment processes • Code of ethics/conduct – monitoring/enforcing by Board and Audit Committee • Adequacy of internal audit activity and extent of Audit Committee’s involvement • Adequacy of handling complaints (See p. 24 of Auditing Standard No. 2)

  28. PCAOB Auditing Standard No. 2 • External Auditor must perform himself or herself: • Enough testing to provide principal evidence for opinion • Areas of High Fraud Risk (See par. 108+ Auditing Standard No. 2)

  29. PCAOB Audit Standard No. 2 Significant Deficiencies – Material Weakness Circumstances regarded as Significant Deficiencies and strong indicator of Material Weakness (par. 140) • Restatement of FS to correct misstatement • Identification by auditor of a material misstatement in current FS not identified by the company • Oversight of external FR and internal controls over FR by Audit Committee is ineffective • Internal audit function is ineffective • For regulated industries, ineffective reg. compliance • Identification of fraud on the part of senior management • Significant deficiencies identified continue uncorrected • Ineffective control environment

  30. PCAOB Division of Enforcement and Investigations Role of the Office: • To promote high quality audits of public companies by thoroughly investigating possible violations, engaging in fair administrative proceedings, and recommending to the Board the imposition of sanctions, as warranted.

  31. PCAOB Division of Enforcement and Investigations • How may our cases originate? • Tips received • info@pcaobus.org • Referrals - SEC and other regulatory bodies • PCAOB - On-site inspections • Publications - Data mining • Filings with SEC • Business journals

  32. PCAOB Division of Enforcement and Investigations (DEI) Investigations • Informal inquiries opened and closed by Director of DEI • Authorized to request information and cooperation • Board must issue an Order to open a Formal Investigation • Empowers the DEI to issue “Accounting Board Demands” to registered firms and associated persons • Board may request that SEC issue a subpoena on any person for testimony or required documents • All information obtained is strictly confidential (not subject to civil discovery) until public proceeding filed or otherwise released under Section 105(c).

  33. PCAOB Division of Enforcement and Investigations Enforcement • Witnesses have right to counsel • Administrative Hearings • Board Determination • May appeal to Board • May appeal to the SEC • May petition for Court Review with respect to the SEC determination

  34. PCAOB - RECRUITING • WWW.PCAOBUS.ORG • CAREERS • WASHINGTON, D.C. • FORENSIC ACCOUNTANT • ATTORNEY – INVESTIGATIONS & ENFORCEMENT

  35. Fraud Prevention within the Corporate Environment Joseph Hendrix, CPP, CFE Director of Global Investigations Electronic Data Systems

  36. Fraud Policy • Defines Fraud • Policy states, “includes not only those acts considered fraud in the legal sense, but also includes a variety of violations of the code of conduct involving dishonesty, deceit or other similar conduct.”

  37. Fraud Policy (cont’d) • Scope • Applies to any fraud or suspected fraud globally • Involving any employee, contractor, vendor, supplier, agents/representatives, visitors, etc. • No employee has authority to commit, condone or ratify fraud or any illegal activity on behalf of EDS

  38. Fraud Policy (cont’d) • Leaders are responsible to prevent, identify and report fraud • Defines reporting mechanisms • Defines investigative responsibilities, “Corporate Investigations and Legal Affairs have primary responsibility”

  39. Fraud Policy (cont’d) • Requires all employees to cooperate • Grants full unrestricted access to employees and records without prior knowledge or consent from any individual • Violation may include disciplinary action

  40. Ethics and/or Compliance Office • Reports through Office of General Counsel • Provides regular training in ethics and management responsibility • Manages Ethics Hotline and reports as appropriate • Owns Code of Business Conduct

  41. Code of Business Conduct • Issues • One global code or a specific code for each Country • Certification (electronic done annually) • Typical code provisions • Drugs and Alcohol, (Substance Abuse Policy) • Conflicts of Interest • Outside Employment

  42. Code of Business Conduct (cont’d) • Typical code provisions (cont’d) • Outside Directorships • Personal Investments • Business Opportunities • Family and Personal Relationships • Exchanging Gifts and Other Business Courtesies • Protecting Assets

  43. Code of Business Conduct (cont’d) • Typical code provisions (cont’d) • Limited Personal Use of Corp Resources • Electronic Communications (no expectation of privacy) • Insider Trading • Transnational conduct • Bribery and Improper Payments (FCPA, Internal Policies) • Compliance and Discipline

  44. Code of Business Conduct (cont’d) “Disciplinary actions will be considered if any employee is found to be uncooperative or untruthful during an internal investigation into any violation or potential violation of the EDS code of Conduct or any EDS policy.”

  45. Reporting • Maintain statistical information on Fraud • Ensure availability of reporting mechanism to all employees in all languages • Insurance claims and stolen asset write offs require investigations report • Reports to appropriate levels • CEO, CFO, Audit Committee, Internal Audit, Risk Management, Public Relations

  46. Global Investigations Organization • Report through CFO • Investigative methodology • Evidence gathering = Electronic, paper, legal process • Evidence Analysis = Physical vs. electronic • Interview Techniques • Informational • Confrontational • Sworn and transcribed

  47. Global Investigations Organization • Prosecution of offenders where appropriate • Remedies • Direct recoveries from target (cash, assets, promissory notes) • Criminal court orders • Civil court judgments • Insurance claims

  48. Fraud Prevention Program Fraud Council: • Members include: Audit, Investigations, Legal, Risk Management, Finance, Public Relations • Meet monthly or as needed • Discussion topics include: monthly case update, root cause analysis, control impact, change actions needed

  49. Q & A

  50. To Get Your CPE Certificatego to www.auditlearning.org

More Related