kpmg

1. kpmg

2. The Fourth Asian Roundtable on Corporate Governance Shareholder Rights and the Equitable Treatment of Shareholders Deepankar Sanwalka KPMG “Tools and Rules to Combat Fraud” Mumbai, India 11-12 November 2002 The views expressed in this paper are those of the author and do not necessarily represent the opinions of the OECD or its Member countries, the ADB or the World Bank

3. Contents • Fraud • Combating Fraud • Internal controls • Fraud diagnostic review • Fraud control planning • Keys to preventing fraud

4. What is Fraud? “A practically conclusive test as to the fraudulent character of a deception for criminal purposes is this:Did the author of the deceit derive any advantage from it which he could not have had if the truth had been known?”- Stephen’s “History of the Criminal Law of England”

5. Fraud is a deliberate deceit which is planned and executed to deprive an individual of property, money or any other valuable security. Fraud must be committed with intent and includes actions of misrepresentations and/or acts of omission

6. Combating Fraud Managing the risk of fraud is essentially no different to managing any other type of business risk • Controls structure to minimise fraud risk • Fraud riskmanagement • Identification of red flags • Disaster recovery plans

7. Internal Control An effective control system within the organisation is the first deterrent to the occurrence of Fraud within the organisation Key principles: • Segregation of duties • Transparency in operations • Appropriate authosrisation procedures • Effective management supervision procedures • Safeguarding of Assets

8. Fraud risk management Principles of fraud risk management • Risk Assessment • Fraud control planning • Awareness training • Open channels of communication

9. Diagnostic Review Risk is an integral part of business. But how do you effectively manage the risk of loss due to fraud? • Identify the specific andinherent fraud risks • Determine the overallrisk rating for each inherent risk • Assess the effectivenessof internal controls • Develop measuresto counter the risk

10. Definition of Fraud / Statement of attitude Fraud prevention/ Internal control training Fraud Control Responsibilities FRAUD CONTROL PLAN Fraud risk assessment Reporting protocols Documented policy and procedures Internal audit strategy Pro-active fraud detection by line management Fraud control planning

11. Classification Accountability and Controls Lifestyle & Personality Financial Documents Organisational Structure Red Flags • Ineffective/no communication channels • Inadequate authorisation procedures • Weak internal controls • Tendency towards crisis management • Missing documents/ alterations • Excessive number of void documents • No numerical controls • Questionable handwriting/ authorisation • Unusual billing address/ arrangements • Lack of separation of duties • Lack of physical security and/ or key control • Weak links in chain of controls and accountability • Missing independent checks on performance • Dissatisfied worker • No vacations or sick time off • Close customer/ vendor relationships • Excessive overtime

12. You’ve Been Defrauded!Ten Steps to Consider 1. Shut the door 2. Safeguard the evidence 3. Notify your insurer 4. Do not confront a suspect without consulting an advisor who has fraud investigation experience 5. Decide on your objectives 6. If you are considering prosecution, contact the police 7. Consider suspending the suspect employee 8. Determine whether external or internal resources will be used to investigate the fraud 9. Determine who should be interviewed 10. Consider prevention measures to prevent future occurrences

13. kpmg