07 general anti fraud controls
TRANSCRIPT
8/10/2019 07 General Anti Fraud Controls
http://slidepdf.com/reader/full/07-general-anti-fraud-controls 1/17
© 2014 Association of Certified Fraud Examiners, Inc.
Fraud Risk Management
General Anti-Fraud Controls (Entity-Level)
8/10/2019 07 General Anti Fraud Controls
http://slidepdf.com/reader/full/07-general-anti-fraud-controls 2/17
2 of 18© 2014 Association of Certified Fraud Examiners, Inc.
Discussion Questions
1) Does your organization have controls in place
that have been effective at controlling fraud risks
that might be helpful at other organizations?
2) Can you think of any internal controls that canserve to both prevent and detect fraudulent
activity?
8/10/2019 07 General Anti Fraud Controls
http://slidepdf.com/reader/full/07-general-anti-fraud-controls 3/17
3 of 18© 2014 Association of Certified Fraud Examiners, Inc.
Learning Objectives
Define internal control .
Identify the different types of controls.
Understand how to implement entity-wide
controls designed to prevent fraud.
Understand how to implement entity-wide
controls designed to detect fraud.
8/10/2019 07 General Anti Fraud Controls
http://slidepdf.com/reader/full/07-general-anti-fraud-controls 4/17
4 of 18© 2014 Association of Certified Fraud Examiners, Inc.
COSO Definition of Internal Control
A process, effected by an entity’s board ofdirectors, management, and other personnel,
designed to provide reasonable assurance
regarding the achievement of objectives relating
to operations, reporting, and compliance.
8/10/2019 07 General Anti Fraud Controls
http://slidepdf.com/reader/full/07-general-anti-fraud-controls 5/17
5 of 18© 2014 Association of Certified Fraud Examiners, Inc.
Objectives of Internal Control
Operations objectives: the effectiveness andefficiency of the organization’s operations
Reporting objectives: the reporting of financial
and nonfinancial information to internal andexternal parties
Compliance objectives: the organization’s
adherence to the laws and the regulations to
which it is subject
8/10/2019 07 General Anti Fraud Controls
http://slidepdf.com/reader/full/07-general-anti-fraud-controls 6/17
6 of 18© 2014 Association of Certified Fraud Examiners, Inc.
Types of Internal Controls
Preventive vs. detective controls
Entity-level vs. process- or transaction-level
controls
8/10/2019 07 General Anti Fraud Controls
http://slidepdf.com/reader/full/07-general-anti-fraud-controls 7/17
8 of 18© 2014 Association of Certified Fraud Examiners, Inc.
COSO In ternal Con tro l —
In tegrated Framewo rk
Control environment
Risk assessment
Control activities Information and communication
Monitoring
8/10/2019 07 General Anti Fraud Controls
http://slidepdf.com/reader/full/07-general-anti-fraud-controls 8/17
9 of 18© 2014 Association of Certified Fraud Examiners, Inc.
Control Environment
Sets the moral tone and provides foundation forall other control components
Principles:
• Commitment to integrity and ethical values• Independent board that oversees development and
performance of internal control
• Appropriate structures, reporting lines, and
authorities and responsibilities• Commitment to attract, develop, and retain
competent individuals
• Accountability for internal control responsibilities
8/10/2019 07 General Anti Fraud Controls
http://slidepdf.com/reader/full/07-general-anti-fraud-controls 9/17
10 of 18© 2014 Association of Certified Fraud Examiners, Inc.
Risk Assessment
Dynamic and iterative process that forms thebasis for determining how risks will be managed
Principles:
• Set sufficiently clear objectives to enable theidentification and assessment of risks
• Identify and analyze risks to the achievement of
objectives across the entity
• Consider potential for fraud in assessing risks to theachievement of objectives
• Identify and assess changes that could significantly
impact the system of internal control
8/10/2019 07 General Anti Fraud Controls
http://slidepdf.com/reader/full/07-general-anti-fraud-controls 10/17
11 of 18© 2014 Association of Certified Fraud Examiners, Inc.
Control Activities
Policies and procedures that enforcemanagement’s directives
Principles:
• Select and develop control activities that mitigaterisks to acceptable levels
• Select and develop general control activities over
technology
• Deploy control activities through policies thatestablish what is expected and procedures that put
policies into action
8/10/2019 07 General Anti Fraud Controls
http://slidepdf.com/reader/full/07-general-anti-fraud-controls 11/17
12 of 18© 2014 Association of Certified Fraud Examiners, Inc.
Information and Communication
The exchange of information in a way thatallows employees to carry out their
responsibilities and achieve objectives
Principles:• Obtain/generate and use relevant, quality information
to support the functioning of controls
• Internally communicate information, including
objectives and responsibilities, necessary to supportthe functioning of internal control
• Communicate with external parties regarding matters
affecting the functioning of internal control
8/10/2019 07 General Anti Fraud Controls
http://slidepdf.com/reader/full/07-general-anti-fraud-controls 12/17
13 of 18© 2014 Association of Certified Fraud Examiners, Inc.
Monitoring
The process that assesses the effectiveness of
the control system over time
Principles:
• Select, develop, and perform ongoing and separateevaluations to ascertain whether the components of
internal control are present and functioning
• Evaluate and communicate control deficiencies in a
timely manner to those parties responsible for takingcorrective action
8/10/2019 07 General Anti Fraud Controls
http://slidepdf.com/reader/full/07-general-anti-fraud-controls 13/17
14 of 18© 2014 Association of Certified Fraud Examiners, Inc.
Fraud Preventive Controls
Code of conduct, ethics policy, anti-fraud policy
Employee education
The perception of detection
Organizational structure
Independent board of directors/audit committee
8/10/2019 07 General Anti Fraud Controls
http://slidepdf.com/reader/full/07-general-anti-fraud-controls 14/17
15 of 18© 2014 Association of Certified Fraud Examiners, Inc.
Fraud Preventive Controls
Tone at the top
Zero-tolerance stance
Internal audit function
Hiring practices and promotion procedures
• Background checks
8/10/2019 07 General Anti Fraud Controls
http://slidepdf.com/reader/full/07-general-anti-fraud-controls 15/17
16 of 18© 2014 Association of Certified Fraud Examiners, Inc.
Fraud Preventive Controls
Proper assignment of authority and
responsibility
Minimizing employee pressures
• Fair personnel policies and procedures
• Reasonable performance goals
• Open-door policies
• Employee support programs
8/10/2019 07 General Anti Fraud Controls
http://slidepdf.com/reader/full/07-general-anti-fraud-controls 16/17
17 of 18© 2014 Association of Certified Fraud Examiners, Inc.
Fraud Detective Controls
Reporting mechanisms and whistleblower
programs
• Rewards for whistleblowers
Proactive audit policies• Increased use of analytical review
• Fraud assessment questioning
• Surprise audits where possible
8/10/2019 07 General Anti Fraud Controls
http://slidepdf.com/reader/full/07-general-anti-fraud-controls 17/17
18 of 18© 2014 Association of Certified Fraud Examiners, Inc.
Fraud Detective Controls
Feedback mechanism
Mandatory vacation and job
rotation policies (where
possible)