How Do Fraud Risk Assessments Fit In Your Organization?

How Do Fraud

Risk

Assessments Fit

In Your

Organization?

February 2015

Webinar

HOW DO FRAUD RISK ASSESSMENTS FIT IN YOUR ORGANIZATION?

Presented by:David Hammarberg, Principal/Director of IT

Janice Snyder, PartnerSamuel BowerCraft, Senior Manager

INTRODUCTIONS

David Hammarberg

• Principal, Director of IT

• Information Systems and Technology

• CPA, MCSE, CISSP, and

• CFE - Certified Fraud Examiner

• 14 years experience

INTRODUCTIONS

Janice Snyder• Partner

• Certified Public Accountant

• 15 years experience

• Financial statement and employee benefit plan audits

• Industries: Healthcare, Nonprofits, Manufacturing and Distribution

INTRODUCTIONS

Samuel BowerCraft

• Senior Manager

• M.S. Information Systems

• CISA - Certified Information Systems Auditor

WEBINAR OBJECTIVES

• Understanding the 3 elements of fraud.

• Preventing fraud with risk assessments.

• Benefits of Fraud Risk Assessment for anyone.

“Criminal behavior is learned and will occur when perceived rewards for criminal behavior exceed the rewards for lawful behavior or perceived opportunity”

- W. Steve Albrecht, Ph.D., CFE, CPA, CIA

ICONIC FRAUD TRIANGLE

PRESSURES

Internal Pressures• Meeting analysts forecasts of revenues• Cash flow challenges / shortage

External Pressures• High personal debt• Gambling addiction• Drugs/Alcohol addiction

RATIONALIZATION

• Integrity

• Honest or dishonest

• Gray areas

Most individuals are between the two extremes. They generally believe in honesty, but they can be tempted by convenient opportunities and intense situational pressures.

OPPORTUNITY

• Perceived differently by each employee

• Anything the contributes to the capability of:

‒ Perpetrating or

‒ Concealing

a fraud increases the opportunities for it.

FRAUD SCALE

KNOWLEDGE IS POWER

• Understanding the 3 element of the fraud triangle allows us to put measures in place to prevent fraud.

• Proper Risk Assessments will identify opportunities based on how various employee’s perceive the opportunity that may lead them to committing fraud.

THE STORY

An ounce of prevention is worth a pound of cure.

- Benjamin Franklin

EXAMPLES FRAUD ELEMENTS FROM ACTUAL FRAUD CASES

Pressure Rationalization Perceived Opportunity

Gambling debts

Alcohol or drug addiction

Medical bills

Credit card debt

Living beyond your means



Gambling debts I deserve it, I'm underpaid

Alcohol or drug addiction Employer won't miss it

Medical bills For the better good

Credit card debt I'll pay it back

Living beyond your means I have a better use for the money

Employer won't miss it

Employer is stealing as well

I won't get caught

Family is more important then my employer

I work hard, harder then anyone else

I'll take less then the other employee



Gambling debts I deserve it, I'm underpaid Lack of internal controls

Alcohol or drug addiction Employer won't miss it Lack of segregation of duties

Medical bills For the better good No oversight

Credit card debt I'll pay it back I hold the keys to the kingdom

Living beyond your means I have a better use for the money No accurate equipment or inventory tracking

Employer won't miss it Lack of ethical tone at the top

Employer is stealling as well No one knows what I do

I won't get caught

Family is more important then my employer

I work hard, harder then anyone else

I'll take less then the other employee

REAL LIFE EXAMPLES

Industry Perceived Pressure Rationalization Perceived Opportunity

County Government

Golf Course

Local Government

Corporate

Movie theater

Religious organization

REAL LIFE EXAMPLESIndustry Perceived Pressure Rationalization Perceived Opportunity

County Government Gambling debt and medical bills

Golf Course Living beyond ones means

Local GovernmentKeep second business expenses down

Corporate Gambling debt

Movie theater Living beyond ones means

Religious organization So many other needy people


County Government Gambling debt and medical billsThey will never knowNo one is really getting hurt

Golf Course Living beyond ones means I deserve it; I earned this


It's small no one will notice

Corporate Gambling debtNo one will miss it;I'll pay it back

Movie theater Living beyond ones means I deserve it

Religious organization So many other needy peopleI can make better use of the money


County Government Gambling debt and medical billsThey will never knowNo one is really getting hurt

Lack of revenue tracking

Golf Course Living beyond ones means I deserve it; I earned thisNo oversight over the employee's position


It's small no one will noticeNo oversight over office supplies or purchases

Corporate Gambling debtNo one will miss it;I'll pay it back

No oversight, multiple accounting systems, manual reconciliation

Movie theater Living beyond ones means I deserve itHold the keys to the kingdom, trusted

Religious organization So many other needy peopleI can make better use of the money

Hold the keys to the kingdom, trusted

RISK ASSESSMENT

A preventive (and sometimes detective) measure that provides a client roadmap showing where efforts and resources may be best concentrated.

CUSTOMIZED RISK ASSESSMENT DEVELOPMENT

• Is aimed to see the opportunities through the eyes of the employees.

• Customized modular checklist for each accounting area. ‒ Could be up to 15 modules.

‒ Size and complexity varies for each company.

FRAUD RISK ASSESSMENT1. Identify the potential inherent fraud risks.

2. Assess the likelihood and significance of occurrence of the identified fraud risks (ranking of risks).

3. Evaluate which people and departments are most likely to commit fraud and identify the methods they are likely to use.

4. Identify and map existing preventive and detective controls to the relevant fraud risks.

5. Evaluate whether the identified controls are operating effectively and efficiently.

6. Identify and evaluate residual fraud risks resulting from ineffective or nonexistent controls.

7. Respond to residual fraud risks.

WHAT IT TAKES TO HAVE A USEFUL RISK ASSESSMENT

• It is important that the client or employer select people within the organization who have extensive knowledge of company operations to work with the fraud professional.

‒ Managers

‒ Internal auditors

‒ Staff

AFTER THE RISK ASSESSMENT

• The Fraud Risk Assessment may reveal certain residual fraud risks that have not been adequately mitigated due to lack of, or non-compliance with, appropriate preventive and detective controls.

• The fraud professional works with the client to develop mitigation strategies for any residual risks with an unacceptably high likelihood or significance of occurrence.

• Responses should be evaluated in terms of their costs versus benefits and in light of the organization's level of risk tolerance.

CUSTOMIZED FRAUD PREVENTION TRAINING

• The customized risk assessment is used to customize training to further lower the perceived opportunity for employees.

• Including employees on the fraud risk assessment further supports a culture of fraud prevention.

CONCLUSION

• Fraud is a risk.

• Fraud risk assessments will:

‒ Increase awareness in your organization, and

‒ Reduce the likelihood that your organization will be impacted by a fraudster based on your response.

• Benefit you and your company by increasing peace of mind through better prevention.

THANK YOU

For questions or to request a Fraud Prevention Checklist, please email Dave at [email protected]

mailto:[email protected]

How Do Fraud Risk Assessments Fit In Your Organization?

Business

Transcript of How Do Fraud Risk Assessments Fit In Your Organization?