2016 - fraud detection & prevention with internal controls (updated for 2016 acfe study)

Fraud Detection & Prevention

April 26, 2016

2

• Occupational Fraud Defined

• ACFE Fraud Study Results & Recommendations

• Occupational Fraud Categories & Schemes

• Red Flags of Fraud

• Keys to Prevention & Detection

• Essential Internal Controls

Agenda

© 2016 All Rights Reserved Brown Smith Wallace LLP

3

Occupational Fraud Defined

Client Logo© 2016 All Rights Reserved Brown Smith Wallace LLP

4

The use of one’s occupation for personal enrichment through the deliberate misuse or application of the employing organization’s resources or assets.

Violation of trust

Three general categories:

Asset misappropriation

Corruption

Financial statement fraud Client Logo

Definition


5

Perpetrator steals or misuses an organization’s resources.

Examples:a. Clerk stealing cash receipts.b. Payroll Clerk creating a ghost employee.c. Purchasing Clerk creating a fictitious vendor and false

invoice.d. Employees “borrowing” equipment, tools, etc.e. Sales person purchasing personal items on the

Company credit card.f. Falsified expense reports.

Client Logo

Asset Misappropriation


6

Employee’s use of influence in business transactions in a way that violates duty to the employer for the purpose of obtaining benefit for self or someone else.

Examples:a. Purchasing Department Manager awarding a contract

to a vendor for a kickback.b. Human Resources Director hiring unqualified “friends”

to fill positions. c. City Council member trading votes for personal favors.

Client Logo

Corruption


7

Intentional misstatement or omission of material information in the organization’s financial reports.

Examples:a. Inflating revenues on the financial statements.b. Concealing liabilities and expenses.c. Improperly valuing assets

Client Logo

Financial Statement Fraud


8

2016 ACFE Fraud Study Results & Recommendations


9

World’s largest anti-fraud organization and premier provider of anti-fraud training and education.

Over 75,000 members in more than 140 countries.

Provides educational tools and practical solutions for anti-fraud professionals.

Offers its members the opportunity for professional certification – the CFE credential is preferred by businesses and government entities around the world and indicates expertise in fraud prevention and detection.

Client Logo

About the ACFE


10

Online survey distributed to over 41,000 CFEs. Received 2,410 usable responses for purposes of the report.

Respondents were asked to provide a detailed narrative of the single largest fraud case they investigated since January 2014.

Respondents were also presented with 81 questions to answer.

Survey respondents had a median of 10 years of experience in fraud examination.

Client Logo

Study Methodology


11

• Estimated organizations lose 5% of annual revenue to fraud – applied to 2014

estimated Gross World Product, this translates to potential fraud loss of up to $3.7

trillion worldwide.

• Median loss in the study was $150,000 with more than 23.2% of the cases involving

losses over $1 million.

• Fraud lasted a median of 18 months, losses rose with duration of scheme.

• Asset misappropriation schemes (fraudulent disbursements, theft of cash receipts,

other asset misappropriations) were the most common form of fraud, representing

83% of the cases and least costly at a median loss of $125,000.

• Financial statement fraud schemes were the least common form of fraud,

representing less than 10% of the cases and most costly at a median loss at

$975,000.

Client Logo

Summary of Findings


12

• Corruption schemes fell in the middle, comprising just over 35% of cases

and causing a median loss of $200,000.

• Occupational frauds are most likely to be detected by tips (40%) followed by

management review (13%) and Internal Audit (16%).

• Small organizations are disproportionately victimized by occupational fraud.

• Banking/financial services, manufacturing and government/public

administration were the most commonly victimized industries.

• Anti-fraud controls appear to help reduce the cost and duration of

occupational fraud schemes.

• High-level perpetrators cause the greatest damage to their organizations.

Client Logo

Summary of Findings


13

• More than 75% of frauds were committed by individuals in one of six departments:• Accounting/Finance• Operations• Sales• Executive/upper management• Customer service• Purchasing

• First-time offenders - More than 85% of fraudsters had never been previously

charged or convicted for a fraud-related offense.

• Fraud perpetrators often display warning signs – most common behavioral red flag

reported in the survey were perpetrators living beyond their means (45%) and

experiencing financial difficulty (30%).

• Nearly half of victim organizations do not recover any losses that they suffer due to

fraud.

Client Logo

Summary of Findings


14 Client Logo

How Are Frauds Detected?


15 Client Logo

Source of Tips


16

• Occupational fraud is a global problem – trends in fraud schemes, perpetrator characteristics and anti-fraud controls are similar regardless of where the fraud occurred.

• Fraud reporting is a critical component of an effective fraud prevention and detection system.

• Organizations over-rely on audits.

• Employee education is the foundation of preventing and detecting occupational fraud. Most frauds are detected by tips and anti-fraud training for employees and managers results in lower fraud losses.

• Surprise audits are an effective, yet underutilized, tool in the fight against fraud. Useful in detecting fraud, but most important benefit is in preventing fraud by creating a perception of detection.

• Small business are particularly vulnerable to fraud due to far fewer controls in place. Need to focus on hotlines and setting an ethical tone.

• Internal controls alone are insufficient to fully prevent occupational fraud.

Client Logo

Conclusions & Recommendations


17

• Fraudsters exhibit behavioral warning signs of their misdeeds. For example:• Living beyond their means.• Financial difficulties.• Exhibiting control issues – unwillingness to share duties.• Unusually close relationship with vendor/customer.• Wheeler dealer attitude.• Family problems.• Irritability, suspiciousness or defensiveness.• Addiction problems.• Refusal to take vacation.• Etc.

• Auditors and employees should be trained to recognize the common behavioral signs that a fraud is occurring.

• Effective fraud prevention measures are critical

Client Logo

Conclusions & Recommendations


18

Occupational Fraud Categories & Schemes


Source: 2016 ACFE Global Fraud Study

19 Client Logo

ACFE Fraud Tree


20

• Most common category of occupational fraud – over 83% of cases reported.

• Least costly – median loss of $125,000.

• Billing schemes were most common and check tampering the most costly (median loss of $158,000)

Client Logo

Overall Asset Misappropriation Findings


21

– Check Tampering– Billing– Non-Cash– Payroll– Skimming– Expense Reimbursements– Cash Larceny– Cash on Hand– Cash Register Disbursements


Asset Misappropriation Schemes

22

• Steal employer funds by intercepting, forging or altering a check drawn on employer bank account.

• Examples:– Steal blank check stock and make check out to self.– Steal outgoing check to vendor and deposit into personal

account.• ACFE Global Fraud Study Findings

– 11.4% of cases.– $158,000 median loss.– 24 months median duration.


Asset Misappropriation - Check Tampering

23

• Cause employer to issue payment for fictitious goods or services, inflated invoices or invoices for personal purchases.

• Examples:– Create shell company and bill employer for services not

rendered.– Purchase personal item and submit invoice to employer for

payment.• ACFE Global Fraud Study Findings:

– 22.2% of cases.– $100,000 median loss. – 24 months median duration.


Asset Misappropriation - Billing

24

• Employee steals or misuses any non-cash assets of the organization.

• Examples:– Steal assets or inventory.– Steal or misuse confidential organization or customer data.– Misuse assets or equipment for personal use.

• ACFE Global Fraud Study Findings:– 19.2% of cases.– $70,000 median loss. – 15 months median duration.


Asset Misappropriation - Non-Cash

25

• Employee causes employer to issue a payment by making false claims for compensation.

• Examples:– Claim overtime for hours not worked.– Add ghost employees to payroll.– Inflate wages.



Asset Misappropriation - Payroll

26

• Employee steals an incoming payment from an organization before it is recorded on the organization’s books and records.

• Examples:– Accept payment, don’t record sale and pocket the money.– Steal payments on receivables and write-off the account.– Conceal theft of previous receipts by applying payments from

current receipts (lapping).• ACFE Global Fraud Study Findings:

– 11.9% of cases.– $53,000 median loss. – 22 months median duration.


Asset Misappropriation - Skimming

27

• Employee makes a claim for reimbursement of fictitious or inflated business expenses.

• Examples:– File a fraudulent expense report.– Claiming personal travel.– Nonexistent meals.

• ACFE Global Fraud Study Findings:– 14% of cases.– $40,000 median loss. – 24 months median duration.


Asset Misappropriation - Expense Reimbursements

28

• Employee steals cash receipts from an organization after it has been recorded on the organization’s books and records.

• Examples:– Steal cash and checks from daily receipts before they can be

deposited in the bank.– False voids or refunds.



Asset Misappropriation - Cash Larceny

29

• Employee steals cash kept on hand at organization.• Examples:

– Steal cash from company vault.– Steal from petty cash funds.



Asset Misappropriation - Cash on Hand

30

• Employee makes false entries on a cash register to conceal the fraudulent removal of cash.

• Examples:– Void a sale on the register and steal the cash .– Ring up a false refund and pocket the cash.



Asset Misappropriation - Cash Register Disbursements

31

• 35.4% of cases reported.

• Median loss of $200,000.

• Median duration – 18 months.

• Employees acting alone or in collusion with vendors/contractors.


Overall Corruption Findings

32

• Conflicts of Interest• Bribery• Illegal Gratuities• Economic Extortion


Corruption Schemes

33

• Employee/agent has an undisclosed personal or economic interest in a matter that influences decisions and undermines their professional responsibility to their organization.

• Types:– Purchasing– Sales


Corruption - Conflicts of Interest

34

• Undisclosed financial interest in a supplier or contractor.

• Sets up a bogus contractor/vendor or buys through broker or middleman the employee controls.

• Involved in other business ventures with supplier or contractor.

• Interest in competing business.

• Accepts inappropriate gifts, travel, entertainment or fees (kickbacks) from vendors.

• Negotiates for or accepts employment with a supplier.


Corruption - Conflicts of Interest - Purchasing

35

• Underselling: Employee has hidden interest in an outside company to which they sell goods or services at below market prices.

• Writing off Sales: Employee tampers with organizations books to decrease or write-off amounts owed by the company in which the employee has a hidden interest.


Corruption - Conflicts of Interest - Sales

36

• Improper, undisclosed payments made to obtain favorable treatment.

• Collusion between external and internal parties = makes it hard to detect.

• Types:– Invoice Kickbacks– Bid Rigging


Corruption - Bribery

37

• Vendor submits false invoices that either overstate the cost of goods/services or reflect fictitious sales.

• Vendor pays kickback to employee of victim organization who either:

– Has approval authority and approves payment of the invoice.

– Lacks approval authority, but circumvents accounts payable controls.

• Creating a fictitious purchase requisition and/or order.• Preparing a fraudulent invoice.• Preparing false vouchers.• Gaining access to a restricted password in order to authorize payments in

the payables system.© 2016 All Rights Reserved Brown Smith Wallace LLP

Corruption – Bribery - Kickback

38

• Employee receives kickback for directing business to a vendor.

• Vendor pays kickback to ensure a steady stream of business.

• Vendor does not have to compete for the business and is no longer subject to economic pressures of the marketplace.

• Purchasing organization almost always overpays.

• Vendor may even raise prices to cover cost of kickback.© 2016 All Rights Reserved Brown Smith Wallace LLP

Corruption – Bribery – Bid Rigging

39

• Giving or receiving something of value to reward a business decision.

• Examples:– A Real Estate Director negotiated a land development deal with

a group of private investors. After the deal was approved, the Director and his wife were rewarded with a free international vacation.

– A Government Purchasing Manager awarded a Government contract to a new supply company. After the contract was approved, the Purchasing Manager received World Series Tickets.


Corruption - Illegal Gratuities

40

• Employee, through the wrongful use of actual or threatened force or fear, demands money or other form of consideration to make a particular business decision.

• Refusal to pay results in harm to the vendor.

• “Pay up or else…..”


Corruption - Economic Extortion

41

• 10% of cases reported.

• Median loss of $975,000.

• Median duration – 24 months.

• Occurs at higher levels/positions in the organization.


Overall Financial Statement Findings

42

• Fictitious Revenues• Timing Differences• Improper Asset Valuations• Concealed Liabilities and Expenses• Improper Disclosures


Financial Statement Fraud Schemes

43

• Recording of sales of goods or services that did not occur.

• Can involve fake or legitimate customers: – Prepare fictitious invoice (not mailed) for legitimate customer

even though goods not delivered or services not rendered. – Artificially inflate or alter invoices to reflect higher amounts than

actually sold.

• Typical accounting entry: Accounts Receivable (Debit) xxx,xxx

Sales (Credit) xxx,xxx


Financial Statement - Fictitious Revenues

44

• Recording of sales of revenues or expenses in improper periods.

• Types: – Premature revenue recognition: recognize revenue before

realized or realizable and earned. One or more of the following criteria not met:

• Persuasive evidence of an arrangement exists.• Delivery has occurred or services have been rendered.• The seller’s price to the buyer is fixed or determinable.• Collectability is reasonable assured.

– Sales with Conditions: terms have not been completed or rights and risks of ownership have not passed to the purchaser.


Financial Statement - Timing Differences

45

• Types (continued): – Long-Term Contracts: Risk is with the percentage-of-

completion method for revenue recognition. Percentage-of-completion method recognizes revenues and expenses as measurable progress is made on a project and is vulnerable to manipulation.

– Multiple Deliverables: Seller completes the earnings process over a period of time and thus must recognize revenue over this period as components are delivered (ex. Cell phone and 2 year service). Managers can manipulate the estimated price of the individual components to delay or accelerate revenue recognition.



46

• Types (continued): – Channel-Surfing: Sale of an unusually large quantity of a

product to distributors who are encouraged to overbuy through the use of deep discounts or extended payment terms. Results in increased short-term earnings. SEC has focused on this scheme and has brought enforcement actions against major U.S. corporations including Coca-Cola and McAfee.

– Recording Expenses in Wrong Period: Pressure to meet budgets can expose organizations to the risk of not timely recognizing expenses. This results in not properly matching expenses against the revenue they produce = increased earnings in the current period and depressed earnings in the subsequent period.



47

• Manipulate the valuation of a company’s assets to strengthen the balance sheet and financial ratios.

• Types: – Inventory Valuation: Per GAAP, inventory must be valued at

the lower of cost or market. Overstated assets and mismatched cost of goods sold with revenue could result by:

• Failing to write down or off inventory.• Manipulation of physical inventory counts.• Inflation of unit costs.• Failure to adjust inventory for cost of goods sold.• Falsely reporting large values of inventory in transit.


Financial Statement - Improper Asset Valuation

48

• Types (continued): – Accounts Receivable:

• Fictitious accounts receivables.• Failure to write off accounts receivable as bad debt expenses.

– Business Combinations: Companies are required to allocate the purchase price they have paid to acquire another business to tangible and intangible assets. The following could occur:

• Over allocation of purchase price to in-process research and development assets which can be written off immediately.

• Establish excessive reserves for various expenses at time of acquisition with plans to release the excess reserves into earnings at a future date.



49

• Types (continued): – Fixed Assets: Bogus fixed assets can be created by a variety of

methods:• Booking fictitious assets.• Misrepresenting the value of fixed assets.• Capitalizing non-asset costs (ex. interest and finance charges).

– Understating Assets: Additional funding could be base on asset amounts (government regulated). Can be done directly or through improper depreciation.

– Misclassifying Assets: Could be done to meet budget requirements (ex. Fixed assets reclassified as current assets). Skews financial ratios and could help with loan covenants or other borrowing requirements.



50

• Understate liabilities and expenses to manipulate financial statements to make a company appear more profitable.

• Types: – Liability/Expense Omissions: Fail to record liabilities or expenses.

– Improperly Capitalized Costs: Capitalizing expenses will overstate income in current period and understate income in subsequent periods due to depreciation expense.

– Returns and Allowances and Warranties: • Improper recording of sales returns and allowances = company fails to

properly record the expense associated with sales returns and allowances.• Improper warranty recording = warranty is offered and warranty expense is

not estimated and accrued.


Financial Statement - Concealed Liabilities and Expenses

51

• Types (Continued): – Using Off-Balance Sheet Entities to Conceal Expenses and

Liabilities: Separate entity created to perform a single business purpose on the parent company’s behalf. Legal if accounted for properly. However, not legal if used to hide massive amount of debt for which parent company is responsible (ex. ENRON).


Financial Statement - Concealed Liabilities and Expenses

52

• Management has the responsibility to disclose all significant (material) information appropriately in the financial statements. In addition, the disclosed information must not be misleading.

• Types: – Liability Omissions: Failure to disclose loan covenants or

contingent liabilities.

– Subsequent Events: Failure to disclose events occurring or becoming known after the close of the period that could have a significant effect on the financial position of the entity.


Financial Statement - Improper Disclosures

53

• Types (Continued): – Management Fraud: Failure to disclose significant frauds

committed by officers, executives, and others in positions of trust.

– Related Party Transactions: Failure to fully disclose when a company does business with another entity whose management or operating policies can be controlled or significantly influenced by the company or by some other party in common.

– Accounting Changes: Failure to disclose accounting changes related to accounting principles, estimates, or reporting entities.


Financial Statement - Improper Disclosures

54

Red Flags of Fraud


55© 2016 All Rights Reserved Brown Smith Wallace LLP

Fraud Triangle

56

• Living beyond their means – 45.8%• Financial difficulties – 30%• Unusually close association with vendor/customer – 20.1%• Wheeler-Dealer attitude – 15.3%• Control issues/unwillingness to share duties – 15.3%• Divorce/Family problems – 13.4%• Irritability, suspiciousness, or defensiveness – 12.3%• Addiction problems – 10%


Behavioral Red Flags – Top 8

57

• Middle aged male, employed by the organization for a number of years and in a position of trust.

• Educated.• Works in the financial department.• Member of management.• Driven by money and opportunity.

IS THIS TRUE?????


Typical Fraudster

58

Keys to Prevention & Detection



Anti-Fraud Culture

Fraud Policy

Fraud Awareness/Training

HotlineAssess Fraud Risks

Review/Investigation

Improved Controls

• Set the tone at the top = Lead by Example– Responsibility of Directors and Officers– Behave ethically and openly communicate expectations to

employees– Treat all employees equally– Zero tolerance

• Create a positive workplace environment– Focus on employee morale– Empower employees– Communicate

• Hire and promote appropriate employees– Conduct background investigations before hiring or promoting– Check candidate’s education, employment history, references– Continuous and objective evaluation of compliance with entity

values– Violations addressed immediately

Client Logo

Anti-Fraud Culture


• Code of Conduct– Formalized and founded on integrity– Defines acceptable employee behavior– Communicated to all employees– All employees are held accountable for compliance

• Discipline– Sends a strong message throughout the entity– Should be appropriate and consistent– Consequences of committing fraud clearly communicated

throughout the entity

Client Logo

Anti-Fraud Culture


• Oversight Process– Audit Committee or Board of Directors

• Evaluate management’s “tone at the top”, identification of fraud risks and implementation of anti-fraud controls

• Ensure that management implements anti-fraud measures• Consider the potential for management override of controls

– Management• Directs, implements and monitors anti-fraud controls• Sets the ethical tone• Trains employees

– Internal Auditor• Identifies fraud indicators• Assesses fraud risks• Evaluates anti-fraud controls• Recommends actions to mitigate risks• Investigates potential frauds

• Discipline– Sends a strong message throughout the entity– Should be appropriate and consistent– Consequences of committing fraud clearly communicated

throughout the entityClient Logo

Anti-Fraud Culture


• Demonstrate commitment to combating fraud

• Apply to all Directors, Management, employees, consultants, vendors, contractors, etc.

• Should include:– Statement of organization’s position on fraud– Scope of the policy – who does it apply to– Management’s responsibility for prevention and detection of

fraud– Definition of fraud– Actions constituting fraud– Fraud reporting process/procedures– Fraud investigation process/procedures– Unit responsible for administration of the policy and

investigating fraud allegations– Statement on anonymity/confidentiality– Consequences

Client Logo

Fraud Policy


• Reviewed and updated regularly.

• Signed off and agreed to by the CEO and Board Chair.

• See the ACFE for an example Fraud Policy http://www.acfe.com/uploadedFiles/ACFE_Website/Content/documents/Sample_Fraud_Policy.pdf

Client Logo

Fraud Policy


http://www.acfe.com/uploadedFiles/ACFE_Website/Content/documents/Sample_Fraud_Policy.pdf

http://www.acfe.com/uploadedFiles/ACFE_Website/Content/documents/Sample_Fraud_Policy.pdf

• All new employees should be trained at time of hiring on the Code of Conduct and Fraud Policy.

• Training should include:– Their duty to communicate certain matters– A list of the types of matters to be communicated along with

examples– How to communicate those matters– Affirmation from senior management regarding employee

expectations and communication responsibilities

• Refresher training periodically

Client Logo

Fraud Awareness/Training


• Enable employees, vendors, customers and others to communicate concerns about known or suspected wrongdoing.

• Telephone, email, internet.

• Anonymous.

• Adequately publicized.

• Internal or External.

• Complaint monitoring and investigation/resolution.

Client Logo

Hotline


• Conduct an annual fraud risk assessment.– Assists management in systematically identifying where and how

fraud may occur and who may be in a position to commit fraud

– Focus on fraud schemes and scenarios to determine the presence of internal controls and whether or not the controls can be circumvented.

– General steps:• Identify areas and processes to assess• Identify potential fraud schemes in each area/process• Assess likelihood and significant of each scheme• Map existing anti-fraud controls to potential fraud schemes• Test operating effectiveness of antifraud controls• Identify any control gaps and/or deficiencies = Residual risks• Document and report on the fraud risk assessment

Client Logo

Assess Fraud Risks


• Mitigate Fraud Risks– Make changes to activities and/or processes = transfer or eliminate

the risks– Improve anti-fraud controls

• Monitor Fraud Risks– Develop data analytics for management to use to monitor fraud risks– Utilize Internal Audit to conduct audits of risk areas.

Client Logo

Assess Fraud Risks


• All concerns/suspicions of wrongdoing should be reviewed and determination made whether a fraud investigation is warranted.

• Develop a policy for fraud reviews and investigations that specifies:

– Who is responsible for the review/investigation– Roles of Legal Counsel, Human Resources, Internal Audit, others– Process for conducting the review/investigation– Documentation requirements– Reporting requirements– When to involve law enforcement

Client Logo

Fraud Review/Investigation


• Gather sufficient information and perform procedures necessary to determine:

– Whether fraud has occurred– Loss or exposure associated with the fraud– Who was involved and how it happened

• Must prepare, document and preserve evidence sufficient for potential legal proceedings.

• Include experts = Certified Fraud Examiner (CFE)

Client Logo

Fraud Review/Investigation


• Use lessons learned from any fraud reviews or investigations to improve anti-fraud controls.

• All fraud review and investigations should include a report to management with recommendations for control improvement.

Client Logo

Improved Controls


72

Essential Internal Controls


73

• Utilize electronic payments.• Properly secure unused checks and equipment.• Utilize security features on checks.• Prohibit hand written checks.• Require two signatures on checks over a certain amount.• Segregate check preparation from signing.• Immediately mail checks after signing.• Establish positive pay controls with the bank.• Complete independent bank reconciliations timely.• Review checks issued to employees for irregularities.• Segregate vendor approval from disbursement responsibilities.• Perform periodic vendor master file maintenance and review for

irregularities.


Check Tampering Controls

74

• Segregate purchasing from accounting and receiving departments.• Require management approval of purchase requisitions/orders.• Maintain a master vendor file.• Require competitive bids.• 3 way match by accounting of vendor invoice, receiving report and purchase

order.• Periodically review master vendor file for unusual vendors and addresses.• Implement automated controls to check for duplicate invoices and purchase

orders.• Verify vendors with post office boxes.• Review voucher payments for proper documentation.


Billing Controls

75

• Asset policy and procedure manual.• Tag assets.• Maintain asset, supply and inventory records.• Conduct independent periodic inventories of assets, supplies and

inventories.• Reconcile the physical inventory to asset, supply and inventory records.• Properly secure and safeguard assets, supplies and inventories.• Implement an asset, supply and inventory removal policy.• Store high value items in secure and continuously monitored areas.• Secure organization, employee and customer data.• Maintain secure information systems.• Protect intellectual property, trade secrets, etc.


Non-Cash Controls

76

• Maintain personnel records independent of payroll and timekeeping.• Utilize electronic payroll deposit.• Periodically review employee payroll list.• Review paid time off for compliance with policy.• Periodically compare payroll with personnel records.• Issue pre-numbered payroll checks in sequential order.• Payroll bank account reconciled by employee not involved in preparing,

signing or distributing checks.• Restrict access to payroll check stock and signature stamp.• Periodically review payroll withholdings.• Periodically review automatic payroll deposits for duplicates.• Require salary changes require more than one level of approval.• Require supervisor authorization of overtime.• Require supervisors review and approve time.


Payroll Controls

77

• Periodic analytical review of revenue.• Periodic review of accounts receivable for write-offs.• Periodic review of cash accounts for irregular entries.• Segregate receipt of cash and checks from deposit and recording functions.• Restrict cashier from accounts receivable and customer records.• Immediately restrictively endorse all checks when received.• Utilize a lockbox service for cash receipts.• Maintain a safe with restricted access.• Utilize cameras in cashier areas.• Deposit cash and checks daily.• Issue receipts for all transactions.• Bond employees who handle cash.


Skimming Controls

78

• Expense reimbursement policy.• Require detailed expense reports.• Supervisory review and approval of expense reimbursement claims.• Place limits on expenses.• Require original and detailed receipts.• Detailed review of expense reimbursement claims.• Credit/Procurement card policy with limits.• Safeguards credit/procurement cards.• Receive and review monthly automated statements from credit/procurement

card companies.• Require and review monthly detailed credit/procurement card reports from

employees.• Reconcile credit card statement to employee report.


Expense Reimbursement Controls

79

• Independently reconcile cash register tape totals daily to the cash drawer.• Limit and monitor access to cash draw and safe.• Properly supervise cashiers.• Utilize cameras in cashier areas.• Segregate cash receipts, bank deposit, reconciliation, posting/accounting

and cash disbursement duties.• Periodic mandatory job rotation for employees who handle cash and

accounting duties.• Mandatory vacations.• Surprise cash counts.• Utilize point of sale system.


Cash Larceny Controls

80

• Limit and monitor access:– Safe.– Cash handling areas.– Cash drawer.– Petty cash.

• Properly supervise cashiers.• Utilize cameras in cash handling areas.• Periodic mandatory job rotation for employees who handle cash and

accounting duties.• Mandatory vacations.• Surprise cash counts.


Cash On Hand Controls

81

• Management approval for refunds, voids, discounts.• Review refunds, voids and discounts on a periodic basis.• Require receipts to customers – post sign.• Record disbursements out of the register and independently reconcile.• Investigate missing or altered register tapes.• Daily reconciliation of cash register drawer by independent person.• Investigate over and short incidents.


Cash Register Disbursement Controls

82

• Conflict of interest policy.• Policy addressing employee receipt of gifts, discounts, and services offered

by suppliers and customers.• Established procurement/bidding process.• Pre-Bid solicitation documents reviewed for restrictions on competition.• Bid solicitation packages numbered and controlled.• All bids kept confidential.• Bidder qualifications verified.• Contracts awarded based on predetermined criteria and documentation of

criteria assessment and award decision maintained.• Periodic review of purchases for:

– Unreasonable costs.– Excessive purchases.– Favored vendors.


Anti-Corruption Controls

83

• Proper segregation of duties in purchasing and accounts payable as well as sales and accounts receivable.

• Purchasing account assignments rotated.• Periodic comparison of vendor information with employee information.• Vendors who employ former employees under increased scrutiny.• Reporting procedure for personnel and other vendors to report concerns

about vendors receiving favored treatment.• All employees required to complete annual disclosure document that

includes potential conflicts resulting from business ownership and investment.

• Audit clause in each contract allowing Internal Audit access to audit contract records and documentation related to contract compliance and performance.

• Periodic contract audits conducted by Internal Audit.


Anti-Corruption Controls

84

• Reduce situational pressures.

• Reduce the opportunity to commit fraud.

• Reduce the rationalization of fraud = strengthen employee personal integrity.

• Interviews.


Financial Statement Controls

85

• Financial statement analysis– Vertical: analyze relationships between items on an income statement, balance

sheet, or statement of cash flows by expressing components as a percentage of a base value.

– Horizontal: analyze the percentage of change in individual financial statement line items from one period to the next.

– Ratio: measuring the relationship between two different financial statement amounts.

• Current = Current Assets/Current Liabilities• Quick = (Cash + Securities + Receivables)/Current Liabilities• Accounts Receivable Turnover = Net Sales on Account/Average Net

Receivables• Collection = 365/Receivable Turnover• Inventory Turnover = Cost of Goods Sold/Average Inventory• Profit Margin = Net Income/Net Sales• Asset Turnover = Net Sales/Average Assets


Financial Statement Controls

86© 2016 All Rights Reserved Brown Smith Wallace LLP

Questions????

Ron Steinkamp, CPA, CIA, CFE, CRMA, CGMAPartner, Advisory ServicesBrown Smith Wallace LLP314.983.1238 (Direct)[email protected]

mailto:[email protected]

http://www.bswllc.com/

2016 - fraud detection & prevention with internal controls (updated for 2016 acfe study)

Documents