Fraud and Fraud Detection. Gee Sunder

Чтение книги онлайн.

СКАЧАТЬ Industry trends

      • History

      • Resources

      • Internal control

      • Complexity

      • Volume

      • Standards

      • Whistleblower

      • Complaints

      • Moral

      • Impact

      • Value

      • Maximum exposure

      Other issues that must be considered when performing a risk assessment include the possibility of adverse publicity resulting in a loss of consumer confidence, potential lawsuits, violating laws, and the overall impairment to carrying on normal business.

      Appendix D of Managing the Business Risk of Fraud 6 is an excellent example of the fraud-risk assessment framework for revenue recognition risk that can be used as a template for any organization. It can also be modified to encompass any type of risk.

      The template lists various fraud risks and schemes and then associates the following with each of the schemes:

      • Likelihood of occurrence

      • Significance to the organization

      • People and/or department subject to the risk

      • Existing antifraud internal controls

      • Assessment of internal control effectiveness

      • Residual risks

      • Fraud-risk response

      

CONCLUSION

      Understanding what fraud is and the types of frauds allows us to focus on occupational fraud in this book. Being able to assess fraud risk provides us with priorities as to where to invest time and resources to have the largest impact in detecting and reducing incidents of fraud.

      CHAPTER 2

      Fraud Detection

      OCCUPATIONAL FRAUD IS DIFFICULT to detect. While companies have policies and procedures in place, an employee committing fraud tries to circumvent those policies and procedures. The employee is a trusted employee who has legitimate access to various systems and, in the course of their duties, would learn how the systems work. They are well versed in the workings of the business in the normal course of their duties and would have encountered weaknesses in the system. In fact, the employee is likely to have worked around the normal procedures to resolve an issue on behalf of the employer. These sanctioned attempts in circumventing normal procedure would expose a weakness in the system.

      While policies and procedures are good at stating the employer’s position and also designed to bring common errors and mistakes to light, an employee committing fraud is not making a mistake but deliberately circumventing the systems. Added to this, the employee attempts to use various methods to conceal their actions. Lies are told. Documents are falsified. Transaction recordings are misrepresented. Internal controls are abused.

      It is impossible for any business to operate efficiently if too many restrictions or controls are put in place to thwart fraud. Employees must be trusted to perform their duties diligently and honestly. They are trusted with assets, tools, and information to do this.

      Even with honest employees, flaws in the systems or unintentional errors on the part of employees also produce errors.

      One must balance the risk of potential fraud and the continued operations of an ongoing business concern.

      

RECOGNIZING FRAUD

      We can only observe indicators, symptoms, or red flags of fraud. Once detected, they should be investigated to determine whether there is actual fraud. There will be large numbers of false positives in this area. Because of the volume, many of these are not given the attention that they deserve. For instance, after clearing a recognized symptom in a particular area, other red flags in the same area may be dismissed.

      Red flags may be internal control irregularities, accounting anomalies, analytical anomalies, tips, and behavioral changes.

      Business systems are in place to operate a business efficiently. Recording transactions is part of this process. Throughout the processes, there are controls to ensure that the business runs smoothly, safeguards assets, and has accurate recording and reporting. Fraud prevention, deterrence, and detection are objectives of internal controls. Internal control overrides or weaknesses contribute to the most common types of frauds and compromise the purpose of fraud prevention and deterrence. In some cases, there is a legitimate reason to circumvent an internal control. For instance, where there is a new situation not originally contemplated in the design of the control, employees deliberately look for ways to effectively do their job and carry on with the business process. These actions may or may not be formally sanctioned.

      Good internal control includes:

      • Separation of duties where collusion with someone else is needed to go around the controls.

      • Physical safeguards of assets, including information in computer systems.

      • Independent checks through monitoring and audits.

      • Proper records and supporting documents to validate the transactions and to leave an adequate audit trail.

      • Proper authorization for transactions, records, and other activities to ensure approvals and control independent authorization limits.

      Detection techniques should be focused on any weaknesses in internal controls. Irregularities should be examined and the appropriate actions taken documented. The documentation will assist in implementing corrective measures to the internal controls if necessary.

      Accounting anomalies are those unusual items associated with the accounting system. The anomalies would be with entries and with backup documents. By their nature, journal entries are to adjust unusual items that are outside of the normal day-to-day accounting system flow. Journal entries are a high-risk area as they allow for concealment of fraud activities. Manual journal entries should be reviewed with care and automated journal entries should be tested. Many accounting anomalies also fall under analytical anomalies.

      Analytical anomalies are anything that is out of the norm. Things falling outside of normal patterns or new patterns formed can be analytical anomalies. They are anything that is unusual. Examples include:

      • Outliers

      • Inliers where they are not expected

      • Too many or too few transactions

      • Unexplained items

      • Unusual relationships between items

      • Unexpected timing of transactions or events

      • Unusual accounts or account balances

      • СКАЧАТЬ