210 likes | 354 Views
FRAUD AND THE ROLE OF SYSTEM OF INTERNAL CONTROL S . IIA CROATIA. mr. Stanko Tokić, dipl. oec . President of IIA Croatia . Varna , 6th June 2013. CONTENTS. Introduction Definitions Corporate rules System of Internal Controls (SIC) Fraud System of Internal Controls and Fraud
E N D
FRAUD AND THE ROLE OF SYSTEM OF INTERNAL CONTROLS IIA CROATIA mr. Stanko Tokić, dipl. oec. President of IIA Croatia Varna, 6th June 2013.
CONTENTS • Introduction • Definitions • Corporate rules • System of Internal Controls (SIC) • Fraud • System of Internal Controls and Fraud • Internal auditors and Fraud • CONCLUSION
INTRODUCTION • A new definition and a paradigm of internal audit • Definitions of system of internal controls (SIC) & fraud • Corporate rules and SIC & fraud • Corporate structure and SIC & fraud • The role of regulations in the company • The SIC has a big influence in the prevention of fraud • SIC define fraud • Internal audit is not responsible for fraud • Internal audit must have a focus on fraud • Internal audit reports on the SIC & fraud • Stakeholders and SIC & fraud • Internal audit, SIC & fraud
CORPORATE REGULATIONS • Corporate regulations are the basis for defining the system • Regulations are defined on international and national level by the government and non-government organisations: • Treadway Commission (COSOiERM), Cadbury Committee, Combined Code, Hampel, Greenburry, Turnbull, OECD, SoX, Securities exchange commission • EU directives and recommendations • Different codes, rules, guidelines, standards and norms • Best practice, stock exchange and the capital market rules • Laws and regulations • Government and non-government agencies and institutions
COMPANY RULES • Company rules & SIC are defined by: • Shareholders’ Meeting • Supervisory Board • Management Board • Management • Committees of Supervisory Board & Management Board, eg. Audit Committee • Corporate rules & SIC are defined in: • statute • corporate acts • organisational regulations • organisation sheme • codes, guidelines, rules, standards, norms etc. • plans and programs
SYSTEM OF INTERNAL CONTROLS Definition of systems of internal controls: The system of internal controls are methods and procedures approved by the management board. The end result of these methods and procedures is to achieve the business goals and better governance of the company.
SYSTEM OF INTERNAL CONTROLS • The system is emphasised in many documents: • A new paradigm of internal audit • Model - Three lines of defence • PPF, IPPF and international standards on internal audit 2011. • The research of IIAGlobal & ECIIA • The research of national institutes of internal audit • The research of the BIG 4 • EU directives and recommendations, white paper etc. • Corporate rules of the OECD • The best working practice of the Audit Committee • Defining the European standards on internal audit • The assessment of the system (COSO& ERM) • The reports of the state audit and external audit
SYSTEM OF INTERNAL CONTROLS Company system of internal controls consists of: • Acts, documents, politics, procedures, plans, programmes, decisions, guidelines and relevant business practice etc. • Organisation sheme and structure • Information system, its security & protection, equipment • Expertise and competency of the management board • Loyal, educated and experienced professional employees • Technical and technological level of operations and working equipment • Corporate culture and tradition
SYSTEM OF INTERNAL CONTROLS CORPORATE RULES SIC SUPERVISORY BOARD/ MANAGEMENT BOARD SIC SIC SIC SIC SIC SIC SIC PURCHASING SELLING PRODUCTION FINANACE IT HUMAN RESOURCES ACCOUNTING
SYSTEM OF INTERNAL CONTROLS Tasks of the system of internal controls: • Accuracy and reliability of data and information • Security of the business system & policies • Moderate guarantee – the accomplishment of goals & tasks • Managing company in accordance with the rules & acts • Business risks brought to minimum and held under control • Protection of interest of shareholders • To give a realistic and objective picture • To achieve better relations with stakeholders • Protection of owners property and capital • Accomplishing 3E’s: Economy, Efficiency, Effectiveness • Achieving the appropriate value for money
SYSTEM OF INTERNAL CONTROLS Why is it important to implement the SIC? • Company's attitude towards fraud related topics is made by the SIC • It gives management the security and diminishes the possibility of fraud • It gives assurance in reliability and accuracy of information • It is a source for defining the statement of the state of IC • It assists all types of audit: external, state and internal • The system implements standards, guidelines, norms, codes etc. • It ensures the implementation of procedures approved and prescribed by the management
FRAUD - DEFINITION FRAUD - Any illegal act characterised by deceit, concealment, or violation of trust. These acts are not dependent upon the threat of violence or physical force. Fraud is perpetrated by parties and organizations to obtains money, property, or services; to avoid payment or loss of services; or to secure personal or business advantage. (IPPF)
FRAUD Fraud is defined and emphasised in many documents: • Regulatory Framework for Fraud • Fraud Policy • Management guidelines for the prevention, detection and investigation of fraud • Laws, Regulations, Acts, Standards, Guidelines etc. • Annual Reports • Business Reports • Guidelines of System of Internal Controls • Quastionnaires on tests of fraud • Policies for Hot-Line • Internal/External/State Audit Report • Information, Date, Indicators • Policy of whistleblowers
FRAUD 1/2 How to detect the potential behaviour and activities which can point to fraud? • Unusual behaviour of employees and management • Changes of lifestyle and standard • Staying at work, not using holidays etc. • Weak security of the premises, uncontrolled entrance • Unusual accounts, big numbers and only one signature • Transactions with cash made only by one person • No segregation of duties & large responsibilities • Business cycle followed by missing documentation and accounts • Broad use of codes and protection codes • Continuous talk of work, fatigue and responsibilities
FRAUD 2/2 How to change the potential behaviour and activities –SIC and fraud? • Speaking freely of fraud and the risks of fraud • The education of employees and prescribingthe adequate acts • Making a plan of prevention of fraud and informing the employees of its existence • Making an intervention plan in case of fraud • Defining and assessing the risk of fraud • Making everyone responsible for the detection of fraud • Implementing a program for the prevention of fraud • Regularly discuss cases of fraud • Continuously undertake corrective measures and activities
POLICY OF FRAUD The key principles underlying the company’s approach to fraud are to: • Encourage a culture of awareness and have measures in place to recognise and minimise the risk of fraud • Have procedures in place for the prevention, detection, investigation, reporting and public management of fraud • Co-operate fully where an external investigation of fraud is carried out • Make available confidential helplines and other appropriate mechanisms so that anyone can voice concerns • Protect against all forms of reprisals of those who in good faith report instances of suspected fraud • Investigate immediately cases of suspected fraud and pursue perpetrators to the fullest extent of the law • Maintain the principles of confidentiality in any investigation • Learn from any occurrence of fraud to prevent it being repeated
INTERNAL AUDITORS & FRAUD The Internal Auditor should have sufficient knowledge to identify the indicators of fraud but is not expected to have the expertise of a person whose primary purpose is detecting and investigating fraud. IPPF International Standards for the Professional Practice of Internal Auditing (IIA) The primary responsibility for the prevention, detection and investigation of fraud rest with management, which also has the responsibility to manage the risk of fraud. Fraud Position Statement (IIA UK and Ireland)
STAKEHOLDERS AND SYSTEM OF INTERNAL CONTROLS & FRAUD BOARD OF DIRECTORS AND MANAGEMENT SYNDICATE OWNER REGULATORY AGENCIES WORKERS GOVERMENT INSPECTORATE AND OTHER CONTROL BODIES SYSTEM OF INTERNAL CONTROLS & FRAUD BUYERS SUPPLIERS CROATIAN GOVERMENT RESPONSIBLE MINISTRY BANKS CREDITORS
CONCLUSION • SIC has a big influence on fraud • Corporate rules define the framework for SIC & fraud • Fraud is defined and emphasisedin many documents relating to the system of internal controls in the company • The system of internal controls help management in the prevention of fraud • Company must change the potential behaviour and activities • Internal audit must have a focus on fraud • The recent trends of internal audit, ensures that the company is aware of the risks to which it is exposed and manages them • Internalaudits main role is not to prevent, detect or investigate fraud • The task of internalaudit is to support management
QUESTIONS&ANSWERS stantoki@xnet.hr