890 likes | 1.03k Views
Anti-Fraud and the Internal Audit Function Proactive Measures for Finding Fraud, Waste, and Abuse. Colors I Like (in this presentation). Washington, D.C. IIA Chapter January 16, 2013. Agenda. Introduction Defining Fraud – ACFE Statistics Auditor Responsibilities
E N D
Anti-Fraud and the Internal Audit Function Proactive Measures for Finding Fraud, Waste, and Abuse Colors I Like (in this presentation) Washington, D.C. IIA Chapter January 16, 2013
Agenda • Introduction • Defining Fraud – ACFE Statistics • Auditor Responsibilities • Developing a Robust Anti-Fraud Program • Overview • Discussion of Specific Elements • Questions/Discussion
Paul J. Soos – CIA, CFE, CICA • Manager of Anti-Fraud & AP Recovery Services • BA (Accounting) Baldwin-Wallace College • Certified Internal Auditor • Certified Fraud Examiner • Certified Internal Controls Auditor • CPA Candidate • Past President of NE Ohio ACFE Chapter • Past Audit Director - The Scott Fetzer Company
About CBIZ, Inc. CBIZ MHM offices in major cities, nationwide.
About CBIZ, Inc. (cont.) • CBIZ is the 7th largest provider of professional services in the U.S. and is NYSE listed (CBZ) • 4,500 people in 200 offices across the USA • CBIZ provides consulting and advisory services for HR, CFOs and CIOs • Global coverage in 70 countries – Partners with Kreston International
About CBIZ Risk & Advisory Services • CBIZ Risk & Advisory Services (RAS) is the National Internal Audit and Sarbanes-Oxley practice within CBIZ • Internal Audit: Significant experienced practitioners with prior Fortune 1000 and Big 4 experience • Sarbanes-Oxley: More than 900 CPAs, CIAs, CFEs, CISAs and technical • professionals • Strong Anti-Fraud Practice – Prevention, Detection and Investigative Services • Significant depth in a wide variety of IT audit services including general controls, application controls, security, and disaster recovery planning • Local access: In major cities throughout the United States • High percentage of Director and Manager time included in every engagement • Our practitioners have greater than 15 years of internal audit experience • Independent: No attest work to cause independence conflicts
Anti-Fraud Services – Two Service Lines • Reactive Investigations • A problem is suspected • Quantification • Prove elements of offense • Recovery focused • Insurance • Restitution • Civil remedies • All-Size Companies • Fraud Prevention/Detection • Fraud Risk Assessments • Evaluating Controls Through Eyes of a Forensic Accountant • Data Mining/Analysis • Seek indicators of fraudulent activity • “Checkbook Analysis” • All-Size Companies
Forensic/Investigative Accountants Private Investigators Financial Statement Auditors Investigations – Anti-Fraud Consultants
Understanding Fraud • ACFE Report to the Nation Statistics • The Fraud Triangle • Most Common Schemes • In Total • By Industry • By Size of Company • Likely Perpetrators
ACFE Report to the Nation (2012) • Survey of CFE’s – 1,388 cases (01/10 – 12/11) • Median loss - $140,000 – 20%+ over $1 million • Median length of scheme – 18 months, which means that it was not uncovered during a year-end audit • Asset misappropriation – 87% of all cases with a median loss of “only” $120K • Financial Statement Fraud – only 8% of all cases, but a median loss of over $1 million • Corruption schemes fell in the middle, comprising just under one-third of cases and causing a median loss of $250,000.
ACFE Report to the Nation (2012) • Survey participants estimated that the typical organization loses 5% of its annual revenue to fraud. Applied to the estimated 2011 Gross World Product, this figure translates to a potential total fraud loss of more than $3.5 trillion.
ACFE Report to the Nation (2012) • Small organizations are disproportionately victimized by occupational fraud, and suffer the largest median losses. These organizations are typically lacking in anti-fraud controls compared to their larger counterparts, which makes them particularly vulnerable.
ACFE Report to the Nation (2012) • The industries most commonly victimized in the study were: • Banking/financial services • Government and public administration • Manufacturing sectors
ACFE Report to the Nation (2012) • High-level perpetrators cause the greatest damage to their organizations. Frauds committed by owners/executives were more than three times as costly as frauds committed by managers, and more than nine times as costly as employee frauds. Executive-level frauds also took much longer to detect.
ACFE Report to the Nation (2012) • Almost 80% of the frauds in the study were committed by individuals in one of six departments: • Accounting • Operations • Sales • Executive/Upper Management • Customer Service • Purchasing
ACFE Report to the Nation (2012) • 87% of fraudsters in the study had never been previously charged or convicted for a fraud-related offense and 84% had never been punished or terminated by an employer for fraud-related conduct. This finding is consistent with prior studies.
ACFE Report to the Nation (2012) • Fraud perpetrators often display warning signs that they are engaging in illicit activity. The most common behavioral red flags displayed by the perpetrators in our study were: • Living beyond their means (36% of cases) • Experiencing financial difficulties (27%) • Close relationships with vendors/customers (19%) • Excessive control issues (18%)
ACFE Report to the Nation (2012) • 49% of victims have not recovered ANY of the perpetrator’s takings. This finding is consistent with prior studies, which show 40% - 50% of victim organizations do not recover any of their fraud-related losses. • Anti-fraud controls appear to help reduce the cost and duration of occupational fraud schemes. They looked at the effect of 16 common controls on the median loss and duration of the frauds. Victim organizations that had these controls in place had significantly lower losses and time-to-detection than organizations without the controls.
What Can the Report Do For Us? • Profile of common victims and perpetrators • Identifies most common fraud schemes • Quantifies rate of occurrence and relative losses • In short – know what to look for • Evaluate your fraud risk and procedures
The Fraud Triangle – Donald Cressey Incentive Opportunity Rationalization
The Three Main Types of Fraud • Asset Misappropriation – 86.7% - $120K • Stealing stuff – $ (88%), Inventory, Other Assets • Billing schemes, T&E, check tampering • Corruption Schemes – 33.4% - $250K • Conflicts of interest, bribery, improper gratuities • Fraudulent Financial Statements – 7.6% - $1M • Concealed liabilities, fictitious revenues, improper valuation
Asset Misappropriation Sub-Categories Schemes Involving Theft of Cash Receipts CATEGORY Skimming 14.6% $58K Cash Larceny 11.0% $54K DESCRIPTION Any scheme in which cash is stolen from an organization before it is recorded on the organization’s books and records Any scheme in which cash is stolen from an organization after it has been recorded on the organization’s books and records EXAMPLES Employee accepts payment from a customer but does not record sale, and instead pockets the money Employee steals cash and/or checks from daily receipts before they can be deposited in the bank
Asset Misappropriation Sub-Categories Schemes Involving Fraudulent Disbursements of Cash CATEGORY Billing 24.9% $100K T&E Reimbursement 14.5% $26K DESCRIPTION Any scheme in which a person causes his employer to issue a payment by submitting invoices for fictitious goods or services, inflated invoices, or invoices for personal purchases Any scheme in which an employee makes a claim for reimbursement of fictitious or inflated business expenses EXAMPLES Employee creates a shell company and bills employer for services not actually rendered Employee purchases personal items and submits invoice to employer for payment Employee files fraudulent expense report, claiming personal travel, nonexistent meals, etc.
Asset Misappropriation Sub-Categories Schemes Involving Fraudulent Disbursements of Cash (cont.) CATEGORY Check Tampering 11.9% $143K DESCRIPTION Any scheme in which a person steals his employer’s funds by intercepting, forging, or altering a check drawn on one of the organization’s bank accounts EXAMPLES Employee steals blank company checks, makes them out to himself or an accomplice Employee steals outgoing check to a vendor, deposits it into his own bank account
Asset Misappropriation Sub-Categories Schemes Involving Fraudulent Disbursements of Cash (cont.) CATEGORY Payroll 9.3% $48K Cash Register Disbursements 3.6% $25K DESCRIPTION Any scheme in which an employee causes his employer to issue a payment by making false claims for compensation Any scheme in which an employee makes false entries on a cash register to conceal the fraudulent removal of cash EXAMPLES Employee claims overtime for hours not worked Employee adds ghost employees to the payroll Employee fraudulently voids a sale on his cash register and steals the cash
Asset Misappropriation Sub-Categories Other Asset Misappropriation Schemes CATEGORY Cash on Hand 11.8% $20K Non-Cash 17.2% $58K DESCRIPTION Any scheme in which the perpetrator misappropriates cash kept on hand at the victim organization’s premises Any scheme in which an employee steals or misuses non-cash assets of the victim organization EXAMPLES Employee steals cash from a company vault Employee steals inventory from a warehouse or storeroom Employee steals or misuses confidential customer financial information
Profile of Perpetrators • Position • Gender • Age • Tenure • Education Level • History
Perpetrator’s Criminal/Employment History • Only 5.6% of the fraud perpetrators in the study had been previously convicted of a fraud-related offense, and another 5.9% were charged but not convicted, which has been virtually unchanged since 2008. • 83.7% had never been punished or terminated by a previous employer. • These statistics suggest that criminal background checks and employment checks may have some effect in preventing fraud, but the effect is probably limited.
How is Fraud Detected? Percent Occurrence Quiz Name potential methods of detection
How is Fraud Detected? Percent Occurrence Quiz Alphabetical Listing Account Reconciliation By Accident Document Examination External Audit Internal Audit Management Review Notified by Police Tip