Fraud warning signs

1
Fraud warning signs Fraud risk management
FORENSIC

• Ian Colebourne and Alexander Sokolov
• 23 October 2006

ADVISORY
2
Agenda

• Introduction
• Profile of a fraudster
• Fraud risk indicators
• Changing business landscape
• Fraud risk management
• Questions answers

3
Active consideration of Fraud

• What do you know of past fraud and risk of fraud
  occurring in your business?
• Has responsibility for managing fraud risk been
  clearly defined?
• What systems are in place to detect fraud and
  irregularity?
• Are staff aware of the reporting channels?

4
Introduction
5
Definitions

• Fraud is a broad legal concept that generally
  refers to an intentional act committed to secure
  an unfair or unlawful gain. (Bryan A. Garner,
  Editor, Blacks Law Dictionary, Eighth Edition,
  West Group, 2004)
• Misconduct is also a broad concept, generally
  referring to violations of laws, regulations,
  internal policies, and market expectations of
  ethical business conduct.

6
Types of fraud
7
Fraud losses
ACFE Fraud Loss Estimates
100
5
Fraud loss
Annual revenue

• Source 2006 ACFE Report to the Nation On
  Occupational Fraud Abuse

8
Fraud losses by industry
Source 2006 ACFE Report to the Nation On
Occupational Fraud Abuse
9
Fraudster profile
10
Fraudster profile

• KPMG UK analysed a sample of 100 frauds
  investigated over a three
• year period
• Directors or Senior Managers perpetrated 2/3 of
  frauds
• 32 had worked for company for between 10 and 25
  years
• 51 involved some collusion between two or more
  people in business and in 10 of cases, more than
  5 people involved
• 70 of cases involved only men
• Typical ages 39 were between 36 and 45
• Finance was most likely area hit in 42 of cases
  with procurement next most likely at 12.5.

11
Fraud impact

• Source 2006 ACFE Report to the Nation on
  Occupational Fraud Abuse

12
Why does fraud happen?
Motive
Opportunity
13
Fraud indicators
14
Fraud Risk Factors Matrix
Significant director transactions
Questionable practices
Undue secrecy
Business culture
Lack of trust / poor auditor relationship
Highly leveraged rewards
Organisational change
High hope value / Aggressive forecasts
Declining industry / earnings
High analyst or other pressures
High management turnover
Results exceed market trend
Cash / funding gap
Unique products / unique risks
Aggressive accounting policies
Remote operations
Multiple banking arrangements
Related party arrangements
Complex structure
Profit warnings /credit warnings
15
Personal red flags

• Although the level of fraud risk at an
  organisation may be assessed as low, individuals
  in the business can have a personal motivation to
  commit fraud
• Personal pressures
• Individual performance targets
• Infiltration by organised crime
• Controls may be overridden or ignored by certain
  individuals
• Powerful (overrides controls, staff intimidated)
• Successful (not to be bothered, too busy earning
  money)
• Trusted (responsibility has moved beyond their
  job description)

16
Changing business landscape
17
Converging Forces
NYSE/NASDAQ Listing Standards
Director Officer Liability
Federal Sentencing Guidelines
Enforcement Litigation
Sarbanes-Oxley
Corporate Governance and Responsibility
Global Standards of Business Conduct
Demands for Transparency and Accountability
Shareholder Activism
Reputation and Credibility
Rating Agency, Investment Criteria
18
Russian business environment

• Economic boom (partially a result of record oil
  prices)
• Competition limited by developed countries
  standards
• Rapidly growing markets high sales growth
• Relatively high profitability

Our experience suggests that in such
environment, effective anti-fraud governance can
be ascribed low priority or be undetected because
the current level of profitability allows for
fraud loses to be absorbed within existing profit
margins.
Do tougher times lie ahead??? What would those
tougher times bring??? Government tightening
regulations?
19
Dont look back
Legal / Regulatory Standards
Time
20
A recent development

• Position is better if you can show
• Good tendering
• Supplier vetting

Russian Bank
21
A recent development
CBR reported to have 35 banks under priority
review for ML / cash conversion in the Moscow
region Fees for cash conversion are understood
to have increased significantly from 2 to 5/6
Russian Bank
Services E.g. Legal /
Consulting
International Company
22
How are companies responding?
Source KPMG Fraud Survey (2005)
23
Fraud risk management strategy tactics
24
Strategy tactics

• Strategy without tactics is the slowest route to
  victory.
• Tactics without strategy is the noise before
  defeat.
• Sun Tzu c. 490 BC, Chinese military strategist

25
Detection
Management
Whistle-blowing
Internal Audit
Internal Controls
?
??? ??????? ??-???????
26
Barriers to the effective implementation of
controls

• Good controls on paper are not strictly followed
  in practice
• Grey areas in the rules open to interpretation
• Lack of segregation of duties
• Collusion
• Management override
• Failure of senior management to lead by example
• Bureaucracy /or formulaic compliance
• Failure to share knowledge of fraud experience,
  control weaknesses and control improvements
• Clash of cultures

27
Three objectives for FRM strategy
controls designed to reduce the risk of fraud and
misconduct from occurring in the first place
controls designed to take corrective action and
remedy the harm caused by fraud or misconduct
controls designed to discover fraud and
misconduct when it occurs
28
What measures should be taken to help prevent,
detect and respond to fraud?
Prevent
fraud and misconduct
Detect
occurrence
Respond
appropriately if discovered
29
Control components

• Internal investigation protocols

• Fraud and misconduct risk assessment

• Hotlines and whistle-blower mechanisms

30
Fraud risk assessment

• Before an organisation can develop an effective
  program to prevent and detect fraud, it must
  first understand the types of fraud risk,
  including specific types of frauds and schemes,
  to which it may be vulnerable.

• Qualitative factors in the assessment include
• the accounting system
• complexity, volume and nature of transactions
• internal controls in place
• compliance, training and monitoring
• Incorporates the views of
• management
• control functions
• line employees

Significance / Impact
Likelihood

• Management are then able to
• Prioritise identified risks and evaluate the
  existing controls
• Link each risk to specific controls and commit
  resources to implement any enhancements

31
Fraud reporting channels

• Surveys suggest that
• Over 50 of frauds are discovered as a result of
  information provided by staff
• Losses after an introduction of a whistle-blowing
  hotline can be reduced by up to 60.
• Staff prefer the following reporting channels
• 57 a telephone hotline
• 20 conventional mail and
• 16 e-mail.

32
Effectiveness of a hotline
Source 2006 ACFE Report to the Nation on
Occupational Fraud Abuse
33
What does a good hotline look like?
Confidentiality
All matters treated confidentially reported on a
need to know basis
Anonymity
Process should allow for anonymous submission
resolution
Availability
Should be available in remote outposts, not just
head office
Assistance Real Time
A live response operators need to be
qualified, trained able to provide advice
Procedures
Consistent protocols to gather information and
manage the call
Classify Notify
Qualified staff assess the allegation protocols
establish basis for escalation investigation
Communicate
Publicise the hotline prominently commit to,
test for, non-retaliation
34
Response

• Objective is to take corrective action remedy
  the harm caused by fraud or misconduct
• Examine the primary cause of the control
  breakdown, ensuring that risk is mitigated and
  controls are strengthened.
• Discipline those involved in the inappropriate
  actions, as well as those in management
  positions who failed to detect or prevent such
  events.
• Communicate to the wider population of employees
  that management took appropriate, responsive
  action.

35
Investigations

• Consideration should be given to
• Data and information gathering
• Interviewing techniques
• Appropriate resource
• Analytical tools such as data mining and
• Corporate intelligence information.

36
Questions contact details
Ian Colebourne Forensic Partner Tel 7 495 937
2524 Email IanColebourne_at_kpmg.ru
Alexander Sokolov Forensic Director Tel 7 495
937 4477 extn 2781 Email AlexSokolov_at_kpmg.ru
The information contained herein is of a general
nature and is not intended to address the
circumstances of any particular individual or
entity. Although we endeavor to provide accurate
and timely information, there can be no guarantee
that such information is accurate as of the date
it is received or that it will continue to be
accurate in the future. No one should act on such
information without appropriate professional
advice after a thorough examination of the
particular situation.