Fraud risk management iia singapore conferenec 2013
-
Upload
tommy-seah -
Category
Business
-
view
351 -
download
1
description
Transcript of Fraud risk management iia singapore conferenec 2013
Important Disclaimer
• A speaker’s opinions are just that – opinions
• Not offering legal advice – just discussing principles
• Any questions from audience welcome, but any replies are general comments only and should not be construed as legal advice
2
3
What is FRAUD ?
ICFE CONSULTANCY GROUP PTE LTDInternational Cybercrime & Forensics Examiners www-icfe-cg.com
4
Principles of FraudFIVE (5) ELEMENTS OF FRAUD
Mens Rea - Criminal Intent
Actus Reus - Criminal Action
Carelessness or Innocence on the part of the victim
An active participation by the victim as a result of the carelessness or innocence
The transaction is concealed to prevent detection.
The Fraud Triangle
Per
ceiv
ed
Pre
ssure
Ratio
naliza
tio
n
Perceived OpportunityAuditor’s Domain
Fraud Risk Management
Fraud Risk Management
5
14
Fraud Classification System
6
Internal Controls
7
8
The
Trinity
of
Controls
Internal Audit Internal Audit CPA(CIA) CPA(CIA) CSI, CSI,
CISACISA
ComplianceCompliance
CPA,LLB,CPA,LLB, CSICSI
Risk Risk ManagementManagement
CPA,CFA CPA,CFA CSICSI
Financial Control
The Fraud ExaminerThe Fraud Examiner
CFECFE
The Certified System Investigator
CSI
The Existing model
Limitations of Internal Control
Errors may arise from misunderstandings of instructions, mistakes of judgment, fatigue, etc.
Controls that depend on the segregation of duties may be circumvented by collusion
Management may override the structure
Compliance may deteriorate over time
9
10
What is Risk ?What is Risk ?
BB
EE
CC
DD
AAOperational Risk
Liquidity Risk
Credit Risk
Reputational Reputational RiskRisk
Market Risk
What happened to
Fraud Control Principle(the correct way in understanding
anything is to understand the principles involved)
11
12
No organization is immune to fraud – the next step is to
Acknowledge the need for fraud risk management.
12
Copyright (c)2006 13
Regardless of these variables, any Fraud Risk Management model should aim to achieve one, or all, of the fiveprimary objectives:
13
Copyright (c)2006 14
The firstprimary objective:_ Prevention
14
Copyright (c)2006 15
The secondprimary objective:_ Deterrence
15
Copyright (c)2006 16
The thirdprimary objectives:_ Disruption
16
Copyright (c)2006 17
The fourthprimary objective:_ Identification
17
Copyright (c)2006 18
The fifthprimary objective:_ Civil action/criminal prosecution
18
Copyright (c)2006 19
How to achieve the FIVE Objectives ?
We need direction……….
19
Use the Compass to get the right direction
in detecting/preventing
Fraud
20
The eight points on the compass are:
1. The fraud environment
7
Compass for Fraud Detection
1
2
3
4
5
6
2. The types of fraud
3. The execution of the fraud
7. Accomplice identification
4. eDiscovery
5. Preliminary evidence evaluation
6. Evidence collection
21
Determination by Area
Determination by Scheme
Determination by Person
The approach…….
22
23
Collusion between employees and third parties
represents a growing number PROCUREMENT frauds in SINGAPORE.
24
What type of individual commits FRAUD?
It is not limited to any one type of person.
Human element in all fraud
ICFE CONSULTANCY GROUP PTE LTDInternational Cybercrime & Forensics Examiners www-icfe-cg.com
25
Conclusion: Fraud Perpetrators Look Exactly Like Us!
Optimistic High self-esteem
Achieving Family harmony
Socially conforming Self control
Kind Sympathetic
26
Given the right circumstances, almost
everyone can rationalize that it is OK to commit fraud..
26
Profile of A Person Who Commits Fraud
27
“Red Flags”
Text
AlcoholAlcohol GamblingGambling
DrugsDrugs
SexSex
Profile of A Person Who Commits
Fraud
Given the “right circumstances”, almost everyone can rationalize that it is OK tocommit fraud..
28
The key, in any effective anti-fraud program, is to strike the right balance between
oversight
and
trust
The
4
Investigative methods
29
Proving wrongdoing
Covert Investigative Methods1.Surveillance and covert operations2.Invigilation3.Seizing and searching digital evidence on computers4.Physical evidence
Concealment Investigative
Methods1.Document examination2.Digital Audits3.Electronic searches4.Physical asset count
Conversion investigative
Methods1.Searching public records2.Online resources3.The net worth methodInquiry Investigative
Methods1.Interviews/Profiling and interrogation2.Honesty testing
30
31
The problem with proving intent is that it requires determining a person’s state of
mind.
As a result, intent usually is proven circumstantially.
32
Some of the ways we can help prove intent by circumstantial evidence include:
Motive : The motive for fraud is a strong circumstantial element.
Opportunity : Management typically has the opportunity to circumvent or override controls over financial reporting.
33
Some of the ways we can help prove intent by circumstantial evidence include:
Repetitive acts : Should the financial statements contain a single false journal entry, a fraudster might be able to claim it was an error.
34
Some of the ways we can help prove intent by circumstantial evidence include:
Witness statements : Circumstantial evidence rarely can be sufficient without the statements of witnesses.
For those new to evidence in general, inculpatory evidence is that which
supports a charge or accusation of wrongdoing.
Inculpatory Evidence
35
exculpatory evidence is that which would cast doubt or prove innocence.
Exculpatory Evidence
36
Evidence used in Fraud Conviction:
“Tools and techniques to recover, preserve, and examine digital evidence on or transmitted by digital devices.”
PLUS data recovery
Sources of Digital Evidence Computers
4 Email4 Digital images4 Documents4 Spreadsheets4 Chat logs4 Illegally copied software or other
copyrighted material
39
40
Thank youThank you
Contact Information:
Tommy Seah
CFE, CSI, FCPA,ACIB,MSID
Regent Emeritus
ACFE Board of Regents, Texas, USA
www.cfe-in-practice.com
Phone : + (65) 9106 9872