150 likes | 169 Views
Risk Management. Stephen Vono, Principal NAPLIA. The Risk Environment. Culture Risk Assessment: Employee & Client Engagement Letters Fraud Cyber Risk. Culture. Risk Assessment: Employee & Client. First line of defense New client acceptance forms Predecessor accountants
E N D
Risk Management Stephen Vono, Principal NAPLIA
The Risk Environment Culture Risk Assessment: Employee & Client Engagement Letters Fraud Cyber Risk
Risk Assessment: Employee & Client First line of defense New client acceptance forms Predecessor accountants Background checks
Engagement Letters • Second line of defense • Comprehensive contract: not a fee agreement • Purposes: • Define scope of engagement • Mutual responsibilities • Provide for contingencies • Prevent differing expectations
Who Commits Fraud? Position in the Organization
Who Commits Fraud? Median Loss by Position
Employee Fraud(Opportunity) • Experienced employee • Lack of segregation of duties • Uninterrupted service • Annual vacations not required • Weak management oversight
Client Risk Assessment(Centralizing the Process) Risk assessment committee Must be willing to reject prospects and terminate existing clients
Employees Non-client Accountant/Owner Client First Party vs. Third Party Third Party First Party
Notification Letter • WISP • Notification laws • Best practices policies • Portal usage
Thank you! www.naplia.com Stephen Vono SteveV@naplia.com linkedin.com/in/stevevono @naplia