fraud prevention detection control fuh 12

Fraud Prevention, Detection &

Control.

By FUH GEORGE CHEO

MBA PROJECT MANAGEMENT

SENIOR AGRIC ENGINEER

local enterprise/value chain development specialist

2014

The fraudster

What is Fraud?Fraud is any Fraud is any intentionalintentional act or omission act or omission

designed designed to deceive othersto deceive others, resulting in the , resulting in the victim suffering a lossvictim suffering a loss and/or the and/or the perpetrator perpetrator achieving a gain, achieving a gain, usually, monetary.usually, monetary.

Some Dictionary Definitions……“A deception deliberately practiced in order to

secure unfair or unlawful gain”or

“Deliberate deception or cheating intended to gain an illegal advantage”

2FUH GC MBA PROJECT MANAGEMENT

•Fraud is a broad legal concept that generally refers to an intentional act committed to secure an unfair or unlawful gain. Misconduct is also a broad concept, generally referring to violations of laws, regulations, internal policies, and market expectations of ethical business conduct. Intentional act by one or more individuals among management, those charged with governance, employee or third parties involving the use of deception to obtain an unjust or illegal advantage What is fraud?

3 FUH GC MBA PROJECT MANAGEMENT

What is Occupational Fraud

•The use of one’s occupation for personal enrichment through the deliberate misuse or application of the employing organization’s resources or assets.

INCLUDES----

the intentional, false representation or concealment of a material fact for the purpose of inducing another to act upon it to his or her injury.FUH GC MBA PROJECT MANAGEMENT4

Justification for the presentation•Rampant in the Credit Union System

•Constitute huge/major source of financial

losses

•Discredits Credit Unions

•Loss of reputation

•Loss of confidence / trust5 FUH GC MBA PROJECT MANAGEMENT

Fraud black box in the Credit Union System

•Inter-branch transaction

•money transfer

•Loans

•Procurement process

•Reserve account/ Suspense account6 FUH GC MBA PROJECT MANAGEMENT

four Common Types of Fraudfour Common Types of Fraud

•Corruption

•Asset Misappropriation

•Financial Statement Fraud

•Cash transaction fraud


CorruptionCorruption

Corruption refers to schemes in which fraudsters

use their influence in business transactions in a way

that violates their duty to their employers in order to

obtain a benefit for themselves or someone else.

For example, employees through collusion with other

third parties might receive or offer bribes, extort

funds, or engage in conflicts of interest, payroll

fraud.


Asset MisappropriationAsset Misappropriation

•Asset misappropriation schemes are frauds

in which the perpetrator steals or misuses an

organization’s resources.

An examples of asset misappropriation

include a staff using a company fuel and

vehicle to a private funeral.


Financial Statement FraudFinancial Statement Fraud

•Financial statement fraud, involves the

intentional misstatement or omission of

material information from the organization’s

financial reports; these are the cases of

“cooking the books or figures”.

• .


continue

•Financial statement fraud cases often involve

the reporting of fictitious revenues or the

concealment of expenses or liabilities in

order to make an organization appear more

profitable than its real situation


CASH TRANSACTION FRAUD

Improperly accounting for revenues and expenditures

Skimming cash receipts Falsifying voids and refunds Tampering with Credit Union’s checks Overstating expenses Creating a ghost employee Creating fictitious loans/transfers.


Who commits fraud?Who commits fraud?

Supplier 4% Client 5% Organised Crime 6%

Employees 30%

Management 55%

I AM NOT A THIEF


How Trusted Employees Steal Millions and Why it is so Hard for Credit Unions to Stop Them”

The personality profile of a typical employee that commits this fraud is ironically the type of person Credit Unions want to hire…often a committed senior management staff, the trusted branch manager, the loans officer who never missed a day at work or the dependable accountant. It’s a fact that fraudsters are often some of the institution’s top performers. That is because the same creativity, attention to detail, and intelligence that helps them succeed at their jobs also helps them succeed at fraud.

FUH GC MBA PROJECT MANAGEMENT14

Who Commits Fraud?Who Commits Fraud?

•Management

•Employees

•Organised Employee syndicate

•Customers

•Suppliers.

•Apex structure / BOD


Typical perpetrators.


continue


The Fraud TriangleThe Fraud Triangle(Basic factor influencing the occurrence of fraud)(Basic factor influencing the occurrence of fraud)

PressurePressure

OpportunityOpportunityRationalization (Attitude)Rationalization (Attitude)


PRESSUREPRESSURE: This is what causes a person to commit fraud. This includes bills, expensive tastes, addiction problems, significant financial needs etc. Often this need/problem is non-disclosable in the eyes of the fraudster. That is, the person believes, for whatever reason, that their problem must be solved in secret.

RATIONALIZATIONRATIONALIZATION: : It occurs when the individual develops a justification for their fraudulent activities. The rationalization varies by case and individual. Some examples include:

“I really need this money and I’ll pay it back when I get my salary” “Other people are doing it” “I didn’t get a raise. The Credit Union owes me.”

OPPORTUNITYOPPORTUNITY: : Opportunity is the ability to commit fraud. Because fraudsters don’t wish to be caught, they must also believe that their activities will not be detected. Opportunity is created by weak internal controls, poor management oversight, and through abuse of power.


INDEPTH ANALYSIS OF TRIANGLE


” Causes of High Pressure

•High personal debts.

•Living beyond their means.

•Excessive investment speculation.

•Excessive gambling.

•Substance abuse.

•Extra-marital affairs.

•Job frustration.

•Resentment of superiors. 21 FUH GC MBA PROJECT MANAGEMENT

” fraud windows - Opportunity

Inadequate internal controls. Too “cozy” with suppliers. Annual vacation or sick days not taken. Weak management or excessive turnover. Ineffective or no internal audit. No rotation of job duties among employees. Procedures not well understood/always in

crisis mode. Large amounts of cash on hand or processed.


Self conviction (pretext) - Rationalization

•Not compensated fairly.

•No recent raises/cost of living adjustments.

•Everyone else does it.

•Intended to pay it back.

•Needed the money.

•Felt cheated and wanted revenge.

•Bribe/kickback too tempting.


BEHAVIORAL WARNING SIGNS

Fraudsters exhibit behavioral warning signs of their

misdeeds. For example: Living beyond their means.

Financial difficulties.

Exhibiting control issues – unwillingness to share duties.

Unusually close relationship with vendor/customer.

Wheeler dealer attitude.

Family problems.

Irritability, suspiciousness or defensiveness.

Addiction problems.

Refusal to take vacation.

Auditors and employees should be trained to recognize the common behavioral

signs that a fraud is occurring.

Effective fraud prevention measures are critical 24 FUH GC MBA PROJECT MANAGEMENT

BREAKING THE FRAUD TRIANGLEBREAKING THE FRAUD TRIANGLE

Breaking the Fraud Triangle is the key to fraud deterrence.

Breaking the Fraud Triangle entails removing one of the elements in the fraud triangle in order to reduce the likelihood of fraudulent activities. Of the three elements.

Removal of opportunity is most directly affected by the system of internal controls and generally provides the most actionable route to deterrence of fraud. 25 FUH GC MBA PROJECT MANAGEMENT

detecting frauddetecting fraud

Indicators / windowsIndicators / windowsReceipt of tip-offsRefusal to take vacation or sick leave Significant personal debt and credit problems Behavioral changes - These may be an indication of drugs, alcohol,

gambling, or just fear of losing the job Low employee turnover, especially in those areas which are more vulnerable

to fraud Lack of segregation of duties in a vulnerable areaEmployee lifestyle changes: expensive cars, jewelry, homes, clothesManagement decisions are dominated by an individual or small group. Managers display significant disrespect for regulatory bodies Policies and procedures are not documented or enforced.


FRAUD PREVENTION (Prevention – Is Better Than a Cure)


7 KEYS TO FRAUD PREVENTION


Anti-Fraud Culture


Set the tone at the top = Lead by Example Responsibility of Directors and Officers Conduct background checks for new employees. Treat all employees equally Zero toleranceBehave ethically and openly communicate expectations to employees Create a positive workplace environment Focus on employee morale Empower employees Communicate

Hire and promote appropriate employees Conduct background investigations before hiring or promoting Check candidate’s education, employment history, references Continuous and objective evaluation of compliance with entity values Violations addressed immediately


Code of Conduct Formalized and founded on integrity Defines acceptable employee behavior Communicated to all employees All employees are held accountable for compliance

Discipline Sends a strong message throughout the entity Should be appropriate and consistent Consequences of committing fraud clearly communicated throughout the entity


Oversight Process Audit Committee or Board of Directors /supervisory BoardEvaluate management’s “tone at the top” Identification of fraud risks and implementation of anti-fraud controls Ensure that management implements anti-fraud measures Consider the potential for management override of controls Management Directs, implements and monitors anti-fraud controls Sets the ethical tone Trains employees Internal Auditor Identifies fraud indicators Assesses fraud risks Evaluates anti-fraud controls Recommends actions to mitigate risks Investigates potential frauds

Fraud Policy


Demonstrate commitment to combating fraud Apply to all Directors, Management, employees, consultants, vendors, contractors, etc. Should include: Statement of organization’s position on fraud

Scope of the policy – who does it apply to

Management’s responsibility for prevention and detection of fraud

Definition of fraud

Actions constituting fraud

Fraud reporting process/procedures

Fraud investigation process/procedures

Unit responsible for administration of the policy and investigating fraud

allegations

Statement on anonymity/confidentiality

Consequences

Fraud Awareness/Training


new employees should be trained at time of hiring on the Code of Conduct and Fraud Policy. Training should include: Their duty to communicate certain matters A list of the types of matters to be communicated along with examples How to communicate those matters Affirmation from senior management regarding employee expectations and communication responsibilities Refresher training periodically

Hotline


Enable employees, vendors, customers and others to communicate concerns about known or suspected wrongd oing. Telephone, email, internet. Anonymous. Adequately publicized. Internal or External. Complaint monitoring and investigation/resolution.

Assess Fraud Risks


Conduct an annual fraud risk assessment. Assists management in systematically identifying where and how fraud may occur and who may be in a position to commit fraud Focus on fraud schemes and scenarios to determine the presence of internal controls and whether or not the controls can be circumvented. General steps: Identify areas and processes to assess

Identify potential fraud schemes in each area/process

Assess likelihood and significant of each scheme

Map existing anti-fraud controls to potential fraud schemes

Test operating effectiveness of antifraud controls

Identify any control gaps and/or deficiencies = Residual risks

Document and report on the fraud risk assessment


Mitigate Fraud Risks Make changes to activities and/or processes = transfer or

eliminate the risks

Improve anti-fraud controls

Monitor Fraud Risks Develop data analytics for management to use to monitor

fraud risks

Utilize Internal Audit to conduct audits of risk areas.


Fraud Review/Investigation All concerns/suspicions of wrong doing should be reviewed and determination made whether a fraud investigation is warranted. Develop a policy for fraud reviews and investigations that specifies: Who is responsible for the review/investigation Roles of Legal Counsel, Human Resources, Internal Audit, others Process for conducting the review/investigation Documentation requirements Reporting requirements When to involve law enforcement

Fraud Review/Investigation


Gather sufficient information and perform procedures

necessary to determine:

Whether fraud has occurred

Loss or exposure associated with the fraud

Who was involved and how it happened

Must prepare, document and preserve

evidence sufficient for potential legal

proceedings. Include experts if possible.

Improved Controls


Use lessons learned from any fraud reviews

or investigations to improve anti-fraud controls. All fraud review and investigations should

include a report to management with

recommendations for control improvement.

Antifraud Programs and Controls.(CRIME)

• Identify fraud risk factors, fraud risks and fraud schemes

• Link or map identified fraud risks to control activities

• Effective communication of antifraud programs and controls

• Monitoring effectiveness of antifraud programs and controls

•Tone at the top•Code of Conduct/Ethics

•Whistleblower Hotline

CreatingCreatinga Controla Control

EnvironmentEnvironment

PerformingPerformingFraud RiskFraud Risk

AssessmentsAssessments

Designing andImplementing

AntifraudControl

Activities

SharingSharingInformation andInformation andCommunicationCommunication

MonitoringMonitoringActivitiesActivities

CRIME


In today’s micro finance climate, it is more important

than ever to take every precaution possible to

reduce exposure to financial loss, reputational

damage and service interruption which are the

common consequences of fraud. .

Conclusion


Questions /Discussions


fraud prevention detection control fuh 12

Business