Taming the Elephant: Managing Fraud Prevention - PowerPoint PPT Presentation

Loading...

PPT – Taming the Elephant: Managing Fraud Prevention PowerPoint presentation | free to view - id: 150dc0-NmIxZ



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

Taming the Elephant: Managing Fraud Prevention

Description:

Pressure to hit financial targets with compensation tied to those targets. ... of Texas System: A Brief Practical Guide is available to all employees online. ... – PowerPoint PPT presentation

Number of Views:46
Avg rating:3.0/5.0
Slides: 44
Provided by: jason330
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Taming the Elephant: Managing Fraud Prevention


1
Taming the Elephant Managing Fraud Prevention
  • Scott C. Kelley, The University of Texas System
  • Charles Chaffin, The University of Texas System

2
What is Fraud?
  • Fraud is defined as intentional deception to
    secure unfair or unlawful gain.
  • It can be perpetrated for the benefit of the
    organization.
  • It can be perpetrated to the detriment of the
    organization.
  • Perpetrators can come from outside as well as
    inside the organization.

3
Examples of Fraud
  • Forgery or alteration of checks, time cards, or
    billings.
  • Acceptance or solicitation of any gift, favor, or
    service as consideration for a decision, opinion,
    recommendation, vote, or other official action.
  • Illegal destruction or disappearance of records,
    furniture, or equipment.
  • Falsifying additions to payroll.
  • Personal purchases on a procurement card.

4
Why does Fraud Happen?
  • Employees may be tempted to act fraudulently
    because of a financial crisis, family problems,
    gambling/drinking/drugs, feeling unappreciated,
    or just living beyond their means.
  • They may justify their actions by pointing out
    that their bosses or co-workers sometimes dont
    go by the rules in other situations.
  • Pressure to hit financial targets with
    compensation tied to those targets.

5
How does Fraud Happen?
  • Poor or weak internal control system (i.e.,
    duties not properly segregated, assets not
    properly safeguarded).
  • Lack of monitoring of internal controls.
  • Poor or inadequate training.
  • High management turnover.
  • Collusion among employees over whom little
    control is exercised.
  • Transactions executed without proper
    authorization.

6
Warning Signs
  • Departmental expenditures are not reconciled to
    account statements or un-reconciled items are not
    investigated.
  • Checks or documents have even amounts.
  • Reports or documents are missing.
  • Documentation for payment is not an original.
  • One employee does it all.
  • An employee will not take a vacation.
  • Frequent use of sole-source procurement contracts.

7
Warning Signs (continued)
  • Lack of appropriate management supervision.
  • Constant association with, and entertainment by,
    a member of a suppliers or vendors staff.
  • High employee turnover.
  • Low employee morale.
  • Write-off of inventory with no attempt to
    determine its whereabouts.

8
Costs and Effects of Fraud
  • A typical U.S. Organization loses 6 of its
    annual revenues to fraud or 4,500 per employee
    (per Associate of Certified Fraud Examiners).
  • Applied to U.S. GDP for 2003 660B (ACFE).
  • 15.8 of fraud cases studied involve government
    (ACFE).
  • In Texas, estimated cost is over 8B.
  • Post Enronthe Sarbanes-Oxley Act of 2002 (SOX)
  • For companies subject to SOX, this means
    increased cost to comply with the law (primarily
    404) and required implementation of antifraud
    programs and controls.

9
Governors Executive Order RP 36
  • Governor Rick Perry recognized the costs of fraud
    in Texas and in July 2004 directed all state
    agencies to
  • Designate a contact person for its fraud
    prevention and elimination activities.
  • Conduct a fraud risk assessment.
  • Develop a fraud prevention program that includes
    best practices.
  • Review existing rules, policies, and statutes to
    identify changes needed to better detect and
    fight fraud.
  • Report efforts to the Governors Office by
    October 1, 2004.

10
UT Systems Response
  • Chancellor designated the Executive Vice
    Chancellor for Business Affairs as the UT
    Systems contact person.
  • Each president of the 15 institutions designated
    an institutional contact person.
  • Each institution completed a fraud risk
    assessment which included best practices.
  • All institutions reviewed existing rules,
    policies, regulations to determine whether any
    additional statutory assistance was needed.
  • UT System submitted a combined report to the
    Office of the Governor on September 29, 2004.

11
What has happened since October 1, 2004
  • Office of General Counsel has provided ethics and
    code of conduct training.
  • Compliance office provided Fraud Training.
  • Tests conducted after ethics and compliance
    training to help ensure employee understanding.
  • Business Affairs provided Contract Administration
    Training and updated the standard Contract
    Processing Checklist.
  • Internal Audit has conducted contract audits
    encompassing several departments.

12
Prior to Governors Executive Order RP 36
  • Internal Control Initiatives of 1994 and 1996.
  • Institutional Compliance (Federal Sentencing
    Guidelines) Initiative of 1998.
  • Chancellors Accountability and Institutional
    Improvement Initiative 2002.
  • Spirit of Sarbanes-Oxley Implementation in 2003.

13
Internal Control Initiatives of 1994 and 1996
  • Internal control training provided for all
    departmental managers.
  • Accountability emphasized through issuance of
    Management Responsibilities Handbook and
    training.
  • Establishment of an Internal Audit Committee of
    executive management at each institution to
    oversee internal controls.

14
Institutional Compliance Initiative of 1998
  • The Chairman of the UT System Board of Regents
    requested a compliance program and action plan to
    ensure UT System Compliance with applicable laws,
    regulations, policies, and procedures.
  • UT System now has a nationally recognized
    Institutional Compliance Program which covers
    Medical Billing, Research, Environmental Health
    and Safety, Human Resources, and Endowment Risks.
  • Each Institution has a Compliance Officer,
    Compliance Committee, Annual Risk Assessment,
    Monitoring Programs, and Hotlines.

15
Spirit of Sarbanes-Oxley Initiative 2003
  • While SOX is not directly applicable to UT
    System, the Board of Regents, in November 2003,
    voluntary adopted the implementation of relevant
    parts of SOX (short of complete Section 404
    implementation) to demonstrate to UT Systems
    stakeholders - the Texas Legislature, the federal
    government, bond holders, citizens, and donors
    an increased level of accountability for actions
    and reliability of information.

16
Key Elements of Fraud Prevention Program
  • Culture of Honesty and Ethics
  • Anti-Fraud Processes and Controls
  • Appropriate Oversight Process

17
Key ElementsCulture of Honesty and Ethics
  • Board members and managers must behave ethically
    and openly communicate their expectations for
    ethical behavior to members of the agency.
  • The basis of a strong antifraud program is a
    culture with a strong values system founded on
    integrity.
  • Additionally, preventing major frauds requires
    creating a workplace environment that promotes
    ethical behavior, deters wrongdoing, and
    encourages employees to report any known or
    suspected wrongdoing.

18
Key ElementsCulture of Honesty and Ethics
(continued)
  • Develop and clearly communicate a code of
    conduct.
  • Ethics and the University of Texas System A
    Brief Practical Guide is available to all
    employees online.
  • Regent policies provide guidance on ethical
    matters including gift guidelines, financial
    disclosure, and investment polices.
  • Recent code of conduct and ethics training at
    System provided to employees, including a test to
    document understanding.
  • Develop a Fraud Policy including a protocol for
    handling allegations of fraud.

19
Key ElementsCulture of Honesty and Ethics
(continued)
  • Develop a confidential reporting mechanism and a
    whistle-blower policy
  • Confidential compliance hotline available
    24/7/365.
  • Outsource to enhance confidentiality and
    credibility.
  • Certified fraud examiners claim that just having
    a hotline can reduce fraud by 50. (Perception of
    detection).
  • Whistleblowers are protected by both statute and
    policy.
  • Inform employees to whom they can report
    suspected fraud.

20
Key ElementsCulture of Honesty and Ethics
(continued)
  • Develop a Code of Ethics
  • Require honest and ethical conduct of all
    officers and employees who can execute contracts.
  • Avoid conflicts of interest.
  • UT System Board of Regents members must disclose
    all potential conflicts and abstain from voting
    on issues for which a conflict of interest
    exists.
  • The University of Texas Investment Management
    Company Board of Directors and employees must
    complete multiple disclosure forms.

21
Key ElementsCulture of Honesty and Ethics
(continued)
  • Develop a compliance program.
  • Though not limited to fraud, it can help reduce
    the risk of fraud. Despite the recent Supreme
    Court Ruling regarding Federal Sentencing
    Guidelines, an effective program can limit your
    liability and reduce the risk of costs related to
    non-compliance with applicable laws and
    regulations.
  • Compliance officers at each institution and a
    System-wide Compliance Committee.
  • Conduct annual compliance risk assessments.

22
Key ElementsCulture of Honesty and Ethics
(continued)
  • Create a Culture of Honesty and Ethics by
    providing continuous training to employees.
  • Communicate your code of conduct at least
    bi-annually.
  • Conduct ethics training and compliance training.
  • Communicate employee responsibilities.
  • Make hotline information readily available.

23
Key ElementsCulture of Honesty and Ethics
(continued)
  • Create a Positive Workplace Environment
  • Improves employee morale and loyalty. In a
    positive environment, an employee is more likely
    to think twice before committing fraud.
  • Poor employee morale can affect an employees
    attitude about committing fraud.

24
Key ElementsCulture of Honesty and Ethics
(continued)
  • Hire and Promote Appropriate Employees.
  • Establish standards for hiring and promoting the
    most qualified individuals with emphasis on
    educational background, prior work experience,
    past accomplishments, and evidence of integrity
    and ethical behavior.
  • Perform criminal background checks for those in a
    position of trust. Policy requires it for
    security sensitive positions.
  • Perform annual evaluations of employees. In some
    cases, annual evaluations may not be enough.
  • Provide applicable job training and educational
    opportunities.

25
Key ElementsCulture of Honesty and Ethics
(continued)
  • Discipline
  • Develop a process for responding to allegations
    or suspicions of fraud.

26
Key ElementsAnti-Fraud Processes and Controls
  • Establish and monitor all aspects of fraud risk
    assessment and prevention activities.
  • Conduct fraud risk assessments with assistance
    from Internal Audit.
  • Determine vulnerabilities and exposures to
    material losses, keeping in mind the size and
    complexity of operations.

27
Key ElementsAnti-Fraud Processes and Controls
(continued)
  • Internal Audit should perform a risk assessment
    as part of its annual audit plan.
  • Institutions are implementing Enterprise Risk
    Management (ERM) assessments to develop a risk
    footprint of high-risk areas.
  • ERM should consider fraud.
  • Institutional risks identified should drive the
    annual audit plan.
  • Internal Audit should be informed of all
    investigations and allegations of wrongdoing.

28
Key ElementsAnti-Fraud Processes and Controls
(continued)
  • Mitigate fraud risks.
  • Prioritize the different types of fraud risks and
    apply appropriate mitigation strategies.
  • Determine appropriate mix of preventive and
    detective controls. With ERM, you can determine
    whether there are appropriate execution (level
    1), supervisory (level 2), and oversight (level
    3) controls.
  • ACFE estimates that 80 of all fraud results from
    an absence of appropriate supervisory controls.

29
Key ElementsAnti-Fraud Processes and Controls
(continued)
  • Mitigate fraud risks (continued)
  • Review your contracting approval process.
  • Review guidelines for consulting contracts.
  • Review monitoring process. Assign responsible
    parties.
  • Internal audit and external audit should consider
    fraud during engagements.
  • Develop investment policies and procedures.

30
Key ElementsAnti-Fraud Processes and Controls
(continued)
  • Implement and Monitor Appropriate Internal
    Controls.
  • Appropriate Cash Controls.
  • Segregation of duties.
  • Reconciliations.
  • Supervisory review (Date/Sign-Off Documented).
  • Appropriate levels of expenditures approval
    authority.
  • Change in Management Audits.
  • Educate employees about internal controls.

31
Key ElementsAppropriate Oversight Process
  • Establish an active Audit Committee of the Board
    of Directors.
  • Audit Committees should meet quarterly.
  • Significant Compliance and Audit Findings should
    be reported to the Audit Committee.
  • Internal Audit Directors should report to the
    Chair of the Audit Committee.
  • Provide Audit Committee training to inform them
    of their responsibilities.

32
Key ElementsAppropriate Oversight Process
(continued)
  • Establish an active Audit Committee of the Board
    of Directors (continued)
  • Review Audit Committee Charter to ensure that it
    empowers the committee to investigate any alleged
    or suspected wrongdoing brought to its attention
    and to retain legal, accounting, and other
    professional advisers to advise the committee and
    assist in its investigation.
  • Report significant findings and conduct follow-up
    audits and report the results to the audit
    committee.
  • Audit Committee should approve the internal audit
    plan.

33
Key ElementsAppropriate Oversight Process
(continued)
  • Hold management accountable for establishing and
    maintaining an effective control system.
  • Assign a member of senior management to have
    responsibility for managing all fraud risks
    within the entity and to explicitly communicate
    to divisions and units managers that they are
    responsible for managing fraud risks within their
    part of the agency.

34
Key ElementsAppropriate Oversight Process
(continued)
  • Designate an Ethics Advisor.
  • Involve Internal audit with implementation of new
    information technology systems.
  • Document policies and procedures, including key
    controls.
  • Set up appropriate delegated signature authority
    and approval limitations.
  • Provide continuous training to employees of job
    duties.

35
Key ElementsAppropriate Oversight Process
(continued)
  • Create additional oversight committees (other
    than Audit Committees).
  • Institutional Compliance Committee approves
    compliance risk assessment and monitoring plans.

36
Cost of Control Versus Benefit
  • It is difficult to compare the cost of attempting
    to prevent fraud versus the cost of actual fraud.
  • Some frauds have a high negative impact because
    they are accompanied by negative publicity,
    resulting in a loss of reputation and
    credibility. Those costs can be longer-term and
    have a higher cost than the fraud itself.
  • Know your risk tolerance.
  • Consider the impact of not having a fraud program.

37
Consider Statistics Reported by ACFE
  • The ACFE issued a comprehensive report in 2004
    titled Report to the Nation on Occupational Fraud
    and Abuse.
  • The most cost-effective way to deal with fraud is
    to prevent it.
  • Having a hotline with a confidential reporting
    mechanism reduces losses by 50.
  • Hotlines are extremely important because most
    frauds are discovered through tips (60 of tips
    are from employees).
  • Customers and vendors combined account for over
    30 of tips.

38
Consider Statistics Reported by ACFE (continued)
  • Organizations with an internal audit department
    suffered significantly less loss from fraud than
    those without however, the AFCE reported that
    the effectiveness of external audits in reducing
    fraud losses was not observable in our study.
  • Typically those that commit fraud are first time
    offenders (gt80).
  • The median loss recovered is 20 of the original
    loss.
  • 40 of victims recover nothing at all.

39
Consider Statistics Reported by ACFE (continued)
  • Two-thirds of frauds are committed by one person,
    but when you add another person (collusion) the
    median loss of the fraud more than tripled for
    2004. For the 2002 report, it was seven times.
  • If an employee was caught, 88 were fired. For
    the other 12, the employee disappeared. In very
    rare cases the employee remained.
  • 69 of frauds are referred to law enforcement.
    Decision to refer is strongly influenced by the
    size of fraud.
  • For cases where outcomes were identified, 73 of
    perpetrators pled guilty, 9 were convicted at
    trial, 16 declined to prosecute, and 2 were
    acquitted.

40
Consider Statistics Reported by ACFE (continued)
  • The loss caused by fraud is directly related to
    the position of the perpetrator. The frequency of
    employee fraud is higher than for executive
    fraud, but executives have a bigger impact.

41
Summary
  • Fraud is defined as intentional deception to
    secure unfair or unlawful gain.
  • Fraud does occur and is costly.
  • The most cost effective way to deal with fraud is
    to prevent it.
  • The Board and Management are responsible for
    setting the tone of the organization and for
    establishing a fraud prevention program.
  • Creating a culture of honesty and ethics is
    critical.

42
Summary (continued)
  • Develop a strong ethics and fraud policy.
  • Conduct a risk assessment to determine your risks
    and vulnerabilities.
  • Involve internal audit in your risk assessment
    process.
  • Ensure controls are in place to mitigate
    significant risks.
  • Establish an Audit Committee with appropriate
    level of oversight.

43
Examples of Fraud
  • Knowingly reporting or certifying fraudulent
    financial or operating information.
  • Paying false invoices, either self-prepared or
    obtained through collusion with suppliers.
  • Embezzlement, as typified by misappropriation of
    money or property, and falsification of financial
    records to cover up the act.
  • Intentional failure to record or disclose
    significant information to improve the financial
    picture of the institution to outside parties.
About PowerShow.com