Download - Bank Fraud & Data Forensics
![Page 1: Bank Fraud & Data Forensics](https://reader035.vdocuments.mx/reader035/viewer/2022081414/549ae888b479591a098b4620/html5/thumbnails/1.jpg)
Bank Fraud & Data Forensics
Bank Taxation & Risk Management Forums
November 16, 2010 – South Portland, MaineNovember 17, 2010 – Concord, New Hampshire
Presented By:Bill Brown, CPA, CFFA, CFE
Eigen Heald, MsIA, CISSP, GCFATodd Desjardins, CPA, CFE
![Page 2: Bank Fraud & Data Forensics](https://reader035.vdocuments.mx/reader035/viewer/2022081414/549ae888b479591a098b4620/html5/thumbnails/2.jpg)
Overview
• Introduction
• Fraud Considerations for Banks
• Computer Fraud and Data Forensics
• Questions and Discussion
![Page 3: Bank Fraud & Data Forensics](https://reader035.vdocuments.mx/reader035/viewer/2022081414/549ae888b479591a098b4620/html5/thumbnails/3.jpg)
Terms and Definitions
• Fraud
• Fraud investigation
• Forensics
• Forensic accounting
• Digital forensics
![Page 4: Bank Fraud & Data Forensics](https://reader035.vdocuments.mx/reader035/viewer/2022081414/549ae888b479591a098b4620/html5/thumbnails/4.jpg)
Reference
Statistics in this presentation, unless otherwise noted, are from:
The Report to the Nations - 2010 Global Fraud Study
Study of 1,843 cases of occupational fraud
published by the Association of Certified Fraud Examiners
![Page 5: Bank Fraud & Data Forensics](https://reader035.vdocuments.mx/reader035/viewer/2022081414/549ae888b479591a098b4620/html5/thumbnails/5.jpg)
Small Businesses are Vulnerable
• 42.1%• $231,000
• 30.8%• $155,000
• 28.7%• 26.1%
![Page 6: Bank Fraud & Data Forensics](https://reader035.vdocuments.mx/reader035/viewer/2022081414/549ae888b479591a098b4620/html5/thumbnails/6.jpg)
Banks Have More than their Fair Share
![Page 7: Bank Fraud & Data Forensics](https://reader035.vdocuments.mx/reader035/viewer/2022081414/549ae888b479591a098b4620/html5/thumbnails/7.jpg)
Other Disturbing Statistics
Median Losses
• Tenure of perpetrator– Less than one year – $47,000– 10 years of more – $289,000
• Education of perpetrator– High School Graduate – $100,000– Postgraduate Degree - $300,000
![Page 8: Bank Fraud & Data Forensics](https://reader035.vdocuments.mx/reader035/viewer/2022081414/549ae888b479591a098b4620/html5/thumbnails/8.jpg)
Other Disturbing Statistics
Percentage of Cases Reported• Department of Perpetrator
– Accounting – highest – 22.0%– Internal Audit – lowest - 0.2%
Median Duration of Fraud Schemes• Overall – 18 months
– Check tampering – 24 months– Expense reimbursements – 24 months
![Page 9: Bank Fraud & Data Forensics](https://reader035.vdocuments.mx/reader035/viewer/2022081414/549ae888b479591a098b4620/html5/thumbnails/9.jpg)
Risk Factors
• Financial Misstatement Fraud– Complexity– Perverse Incentives– Highly Subjective Valuation
• Asset Misappropriation– Complexity– Inherent Lack of Accountability– Personal Trust
![Page 10: Bank Fraud & Data Forensics](https://reader035.vdocuments.mx/reader035/viewer/2022081414/549ae888b479591a098b4620/html5/thumbnails/10.jpg)
Types of Fraud
• External vs. Internal Fraud
External – perpetrators are outside the bank
Internal – fraud is committed by bank personnel
![Page 11: Bank Fraud & Data Forensics](https://reader035.vdocuments.mx/reader035/viewer/2022081414/549ae888b479591a098b4620/html5/thumbnails/11.jpg)
External Fraud
• Primarily executed by customers and outsiders, examples include:
– Wire fraud– Mortgage fraud (material misrepresentation or omission)– Check fraud (forgery, check kiting, altered checks)
![Page 12: Bank Fraud & Data Forensics](https://reader035.vdocuments.mx/reader035/viewer/2022081414/549ae888b479591a098b4620/html5/thumbnails/12.jpg)
Internal Fraud
• Two Types of Internal Fraud:
– Financial Statement Fraud• Highest median loss per reported case, however lowest
frequency of occurrence
– Asset Misappropriation• Lowest median loss per reported case, however the highest
rate of frequency
Source: ACFE 2010 Report to the Nations
![Page 13: Bank Fraud & Data Forensics](https://reader035.vdocuments.mx/reader035/viewer/2022081414/549ae888b479591a098b4620/html5/thumbnails/13.jpg)
Financial Statement Fraud
• Asset/Revenue overstatement• Improper asset valuations• Timing differences• Concealed liabilities and expenses• Improper disclosures
![Page 14: Bank Fraud & Data Forensics](https://reader035.vdocuments.mx/reader035/viewer/2022081414/549ae888b479591a098b4620/html5/thumbnails/14.jpg)
Asset Misappropriation
• Unauthorized transfers/disbursements• Payroll schemes• Ghost employees• Expense reimbursement schemes• Theft of portable fixed assets• Others…
![Page 15: Bank Fraud & Data Forensics](https://reader035.vdocuments.mx/reader035/viewer/2022081414/549ae888b479591a098b4620/html5/thumbnails/15.jpg)
Fraud Triangle
Perceived Opportunity
Incentive/
Pressure
Attitude/Rationalization
![Page 16: Bank Fraud & Data Forensics](https://reader035.vdocuments.mx/reader035/viewer/2022081414/549ae888b479591a098b4620/html5/thumbnails/16.jpg)
Preventing and Deterring Fraud
Prevention and Deterrence– Perceived opportunity is the aspect of the fraud triangle that is
most controlled by employers. Strong internal controls and segregation of duties
– Review access rights on a consistent and periodic basis– Limit access to employee accounts (both solely owned
or jointly owned)– Review employee account activity and teller activity– Dual control over wire transfers– Review of payroll change reports by someone
independent of the payroll function
![Page 17: Bank Fraud & Data Forensics](https://reader035.vdocuments.mx/reader035/viewer/2022081414/549ae888b479591a098b4620/html5/thumbnails/17.jpg)
Preventing and Deterring Fraud (Continued)
The list continues…– Robust review of suspense/clearing account activity – be
certain the reconciliation makes sense and items are clearing timely and properly
– Implement a fraud reporting mechanism that is anonymous
– Maintain professional skepticism
– Attitude and rationalization can be improved within companies by strong “tone at the top” and employee appreciation efforts
![Page 18: Bank Fraud & Data Forensics](https://reader035.vdocuments.mx/reader035/viewer/2022081414/549ae888b479591a098b4620/html5/thumbnails/18.jpg)
Preventing and Deterring Fraud (Continued)
• Best practice is to have a fraud risk management program in place
Brainstorming sessions: – Identify significant risk areas (multiple locations,
business segments, etc.)– How is the importance of ethical behavior and
appropriate business practices communicated?– What could go wrong?
![Page 19: Bank Fraud & Data Forensics](https://reader035.vdocuments.mx/reader035/viewer/2022081414/549ae888b479591a098b4620/html5/thumbnails/19.jpg)
Digital Uses for Forensic Projects
• Inappropriate and/or illegal activity• E-mail and Internet abuse• Unauthorized disclosure of corporate information• Hacker Intrusions• Intellectual property theft• Due diligence and valuation
![Page 20: Bank Fraud & Data Forensics](https://reader035.vdocuments.mx/reader035/viewer/2022081414/549ae888b479591a098b4620/html5/thumbnails/20.jpg)
Common Sources for Accounting & Digital Forensics
• Corporate investigations
• Civil litigation
• Attorneys
• State Courts
• Private Investigations
• Individuals
![Page 21: Bank Fraud & Data Forensics](https://reader035.vdocuments.mx/reader035/viewer/2022081414/549ae888b479591a098b4620/html5/thumbnails/21.jpg)
Similar Procedures:
• Discovery
• Timelines
• Parties involved
• Evidence gathering
• Reporting/testimony
Consider: Most fraud is committed with a computer!
![Page 22: Bank Fraud & Data Forensics](https://reader035.vdocuments.mx/reader035/viewer/2022081414/549ae888b479591a098b4620/html5/thumbnails/22.jpg)
Digital Objects Used for Review
1Computer, 1 laptop & server hard disks
Backup tapes
Other Investigative Possibilities:USB drivesCell phonesGPS devicesPersonal Media (iPods)CD/DVDsExternal Storage Drive
![Page 23: Bank Fraud & Data Forensics](https://reader035.vdocuments.mx/reader035/viewer/2022081414/549ae888b479591a098b4620/html5/thumbnails/23.jpg)
Digital Analysis Activities
• “Carving” out Logical Partitions for searching• Creating a timeline of activity• Keyword searches• Collection of relevant files• Recovery of deleted data• Documenting a history of:
Network activity – accessing server shares Internet activity Transfer of files to storage devices Links to documents on the network
• Examining user profiles• Malware identification
![Page 24: Bank Fraud & Data Forensics](https://reader035.vdocuments.mx/reader035/viewer/2022081414/549ae888b479591a098b4620/html5/thumbnails/24.jpg)
How Did Digital Discovery Help?
• Identifying network activities• Email Review• Internet activities• Identifying collaborators• Ruling out other avenues of fraud• Identifying motivations for fraud
![Page 25: Bank Fraud & Data Forensics](https://reader035.vdocuments.mx/reader035/viewer/2022081414/549ae888b479591a098b4620/html5/thumbnails/25.jpg)
Contact Information
Bill Brown
Eigen Heald
Todd Desjardins