Fraud PD&D Consolidated

FRAUD
PREVENTION,
DETECTION
and
DETERRENCE
10.13.2017
Cebu Parklane International Hotel
MOST CURRENT
FRAUD WAR STORIES
METROBANK HEIST
Through the P25-billion credit line of
Universal Robina Corp., a high ranking
official of Metrobank was able to process
loans amounting to P900M and P850M.
Using her position in the bank in conspiracy
with the two other individuals, made it
appear that one of the bank’s larger clients
issued a promissory note in the amount of
P900M last June 16, 2017 in favor of Metrobank, resulting in the
crediting of the amount to the client’s savings account. The official
made it appear that the client subsequently requested the issuance
of two manager’s checks amounting to P35.35M and P30.3M to the
two individuals.
Bangladesh Bank Cyber Heist
In February 2016, instructions to steal
US$951M from Bangladesh Bank, the
central bank of Bangladesh, were
issued via the SWIFT network. Five
transactions issued by hackers, worth
$101M and withdrawn from a
Bangladesh Bank account at the
Federal Reserve Bank of New York,
succeeded, with $20M traced to Sri
Lanka (since recovered) and $81M to
the Philippines. The Federal Reserve Bank of NY blocked the remaining
thirty transactions, amounting to $850M, at the request of Bangladesh
Bank.
Olympus Cooking of Books
In April 2014, Olympus Corporation, was sued by six banks for
damages resulting from false financial statements from fiscal year
2000 to the first Quarter of 2011. This stem from financial statement
concealment of more than 117.7B Yen ($1.5B) of investment losses
and other dubious fees and other payments dating back to the late
1980s and suspicion of covert
payments to criminal organizations.
On 8 November 2011, the
company’s accounting practice was
“inappropriate” and that money had
been used to cover losses on
investments dating to the 1990s.
Bank Cyber Heist
In 2013, the Sonali Bank of
Bangladesh was also successfully
targeted by hackers who were able
to cart away US$250,000. In 2015,
two other hacking attempts were
recorded, a $12 million theft from
Banco Del Austro in Ecuador in
January and an attack on Vietnam’s
Tien Phong Bank in December that was not successful. In all these
cases, the perpetrators are suspected to have been aided by insiders
within the targeted banks, who assisted in taking advantage of
weakness within the SWIFT global payment network.
What is Fraud?
What is Fraud?
n. many and of
various types
FRAUD
• A generic term, embracing all multifarious
means which human ingenuity can devise, and
which are resorted to by one individual to get
advantage over another by false suggestions
or by suppression of truth. It includes surprise,
trickery, cunning, dissembling, and any unfair
way by which another is cheated.
FRAUD
• Fraud includes the following elements:

– A misrepresentation of a material fact
– Known to be false
– Justifiably relied upon
– Resulting in a loss.
FRAUD TRIANGLE
The knowledge and Motivation or Incentive

ability to carry out fraud to commit fraud
I can do it! I can conceal Perceived intense need

it! I will not get caught!
Justification of dishonest How do I justify my

action behaviour?
Some Fraud Truths
• Most companies experience fraud
• Most fraud goes undetected
• Most frauds reveal some indicators that they are in
progress
• Most fraud start small and grow bigger
• Most frauds involve a number of fraud schemes
• Most people are capable of fraud – fraudsters are
not obvious
• Most serious fraud is committed by management
• Management fraud has the highest impact
Types of Fraud
Fraud
Asset Financial
Corruption
Misappropriation Statement Fraud
Types of Fraud
Conflict of Interest
Bribery
Corruption
Illegal Gratuities
Economic Extortion
Types of Fraud
Fraud
Asset Financial
Corruption
Types of Fraud
Embezzlement
Theft of Company’s Asset

Asset
Misappropriation
Investment Scam
Vendor/ Customer Fraud

Types of Fraud
Fraud
Asset Financial
Corruption
Types of Fraud
Fictitious Revenues/
Expense
Asset Overstatement/
Understatement
Financial
Statement Fraud
Unrecorded liabilities
Improper disclosure
Occupational Fraud
• Also called “White-Collar Crime”
• Is a non-violent crime that is committed by
someone, typically for financial gain.
• Typical white-collar criminal:
– Office worker
– Business manager
– Fund manager
– Executive
Occupational Fraud
• Entities that investigate white-collar crimes
include:
– FBI/NBI
– Securities and Exchange Commission
Loss from fraud
• An estimated 5% of an organization’s revenue is
lost due to Fraud, which resulted to an estimated
$6.3 Billion in total Asset Loss.
• The Banking and Financial Services, Government
and Public Administration, and Manufacturing
industries had the most number of recorded and
reported fraud cases.
• The most prominent organizational weakness that
contributed to the fraud is due to lack of internal
control or overriding of existing internal control.
Common Occupational Fraud
Source: ACFE 2016 Report to the National Global Survey

Distribution of losses over fraud

Duration and frequency of fraud

How fraud was concealed

Common fraud in Southeast Asia

Victims of fraud
Victims of Fraud Banking and Financial Services
Government and Public
Administration
Manufacturing
Healthcare
Construction
Top ways how fraud was detected
Fraud detection Tips or Whistleblower
Internal audits
Management Review
By Accident
Account Reconciliation
Sources of Tips

CURRENT TRENDS
OF FINANCIAL
CRIMES
Upcoming and Trending Cyber Heist
Phishing
Extortion Hack Identity

Theft
Remote
Access
Trojan Social
Engineering
• Phishing
– “a scam by which an e-mail user is duped into
revealing personal or confidential information
which the scammer can use illicitly” -- Merriam-
Webster Online
• Phishing
– Suspicious
email
address
• Phishing
–Inconsistent
formatting No specific
salutation
– Terribles
No comma
using
Grammar.
• Phishing
– Links that lead
to a website
with a
questionable
(URL) asking for
your credit card
details
• Phishing
The trick:
That “Google Docs” app
wasn’t actually Google
Docs at all, just one
somehow masquerading
under the name
• Phishing
The trick:
The well-designed,
individualized fake email
convinces customers to
update their account
information to avoid
suspension. This results in
stolen personal and credit
card information
• Phishing
– What to do?
• If you receive a suspicious e-mail, immediately report it
to the bank/institution
• If you think you may have responded to a suspicious e-
mail, change your password as soon as possible
• Use a two-step verification process for your accounts, if
available.
• Phishing
– What to do?
• Do not ever give your bank details to anyone, especially
to dubious websites
• Make sure there is nothing before the hostname, for
example ‘accounts.google.com’, other than ‘https://’ and
the lock symbol. You should also take special note of the
green color and lock symbol that appears on the left.
Phishing

Theft
Remote
Access
Trojan Social
Engineering
• Identity Theft
– “the illegal use of someone else's personal
information (such as a Social Security number)
especially in order to obtain money or credit” --
Merriam-Webster Online
– The Philippines – home to the fifth "most engaged
social networking audience" and the sixth largest
Facebook population in the world
Phishing

Theft
Remote
Access
Trojan Social
Engineering
• Social Engineering
– Social engineering is a technique perpetrators of
fraud use in order to lure people into a conduct
based on typically human traits such as
confidence, curiosity, naivety, fear, greed, etc.
– Perpetrators will pretend to be someone else so
as to get hold of information and/or to make their
victim carry out payments which, otherwise,
would be impossible to obtain or would need a
much bigger effort or cost much more money
Phishing

Theft
Remote
Access
Trojan Social
Engineering
• Remote Access Trojans
– “RATs are programs that provide the capability
to allow covert surveillance or the ability to gain
unauthorized access to a victim PC” –
Malwarebytes
– This backdoor into the victim machine can allow an
attacker free access, including the ability to monitor
user behavior, change computer settings, browse
and copy files, utilize the bandwidth (Internet
connection) for possible criminal activity, access
connected systems, and more.
• Remote Access Trojans
– Specially crafted email attachments, web-links,
download packages, or .torrent files could be used
as a mechanism for installation of the software.
Phishing

Theft
Remote
Access
Trojan Social
Engineering
• Extortion Hack
• Extortion Hack
– A cybersecurity expert told The Straits Times he is
aware of at least 28 companies here that have
been infected by a worm, dubbed WannaCry, that
locked up some 200,000 companies in more than
150 countries. The companies contained the
damage by just reformatting their servers and
restoring their data from backups.
The Philippines’ Threat Landscape
• Experienced economic crime (past 24 months)
Economic Crime Philippines Asia Pacific Global
Yes 20% 30% 36%
No 75% 58% 53%
Don’t know 5% 12% 11%
• Affected by cybercrime (past 24 months)

Economic Crime Philippines Asia Pacific Global
Yes 17% 21% 26%
No 72% 62% 56%
Don’t know 11% 17% 18%
Source: PwC’s 2016 Global Economic Crime Survey

• Bribery and corruption (past 24 months)
ACCORDING TO A STUDY BY A CYBERSECURITY FIRM
on theMOBILE
PLATFORM
PHILIPPINES
most attacked
TH country
Source: http://business.inquirer.net/211611/ph-among-most-attacked-by-mobile-malware
Can You Spot a Fraudster?
%
gender *Remainder unknown gender
Source: Global Profiles of the Fraudster, KPMG International
%
age *The age of the remainder is unknown
Source: Global Profiles of the Fraudster, KPMG International
%
years of service Source: Global Profiles of the Fraudster, KPMG International
%
Level of seniority Source: Global Profiles of the Fraudster, KPMG International
%
44
4%
Position of trust
61% of cases
detailed knowledge
%
well respected %
above
average
%
education
Less likely to
%
have
Criminal record
62%
are done
% with
collusion COLLUSION
good
psychological
health
%
psychological health
All nice people are fraudsters*
%
*Potentially
10-STEP ANTI-
FRAUD ACTION
PLAN
Building an Anti-Fraud Action Program
• Four Pillars to the Anti-Fraud Program
– Tone at the Top
Tone at the Top

– Internal Control
Internal Control
– Internal Auditors
Internal Auditors
– External Auditors
External Auditors
%
*Potentially
Building an Anti-Fraud Action Program
%
*Potentially
10-Step Anti-Fraud Action Plan
• Step 1: Anticipate Questions and Manage
Expectations
• What are the company’s fraud and reputation risks?
• What programmes and controls have been
implemented to mitigate these risks?
• What is internal audit doing to prevent and detect
issues before they emerge into a corporate scandal?
%
• Step 1: Anticipate Questions and Manage
Expectations
– Sooner or later, with anti-fraud efforts rising in
importance, an internal audit department should
expect to hear the following types of questions
from management, the audit committee, or the
independent auditor:
• Step 2: Assess Existing Anti-Fraud
Programmes and Controls
– Virtually, every public company
already has some components of an
anti-fraud programme in place.
Areas likely to require remedial
action, as described in greater detail
in PricewaterhouseCoopers’
%
previous white paper on the
elements of an effective anti-fraud
programme, include the following:
• Step 2: Assess Existing Anti-Fraud
Programmes and Controls
– Fraud Risk Assessments
– Linking Control Activities to Identified Fraud Risks
– Fraud Monitoring and Auditing
%
*Potentially
• Step 3: Secure Management and Audit
Committee Sponsorship
– Developing and enhancing
anti-fraud programmes and
controls will flow more
smoothly if the
organization understands
that senior management
and the audit committee
are active sponsors of the
activity.
• Step 3: Secure Management and Audit
Committee Sponsorship
– The responsibility to manage fraud and reputation
risk cannot be left to a corporate shared-services
center.
– With strong backing from the board and
management, internal audit is better, able to
unearth critical information about the
%
organization’s fraud risks.
*Potentially
• Step 4: Assemble Fraud Expertise Within
Internal Audit
– The independent auditor’s
evaluation of the adequacy of
internal audit’s fraud-related
activities will, of necessity,
consider the depth of fraud
expertise within or available to
% the department.
*Potentially
• Step 4: Assemble Fraud Expertise Within
Internal Audit
– Internal audit must be aware of potential schemes
and scenarios affecting the industries and markets
in which the organization does business, and it
must be conversant with and able to identify the
indicia of these schemes.
%
*Potentially
• Step 5: Organize a Fraud and Reputation-Risk
Assessment
– Step 5.1: Organizing the Assessment
• Organizing around and existing business cycle can
simplify the process, for if internal audit is evaluating
the revenue cycle, for example, the project o
specifically consider fraud and reputation risks
associated with revenue.
– Step 5.2: Determine Units and Locations to Assess
• To be effective, fraud and reputation-risk assessments
must be conducted at the company-wide, business unit
and significant-account levels.
Assessment
%
*Potentially
Assessment
– Step 5.3: Identify Potential Fraud and Misconduct
Schemes and Scenarios
• Organizations can damage their reputations or be
defrauded in myriad ways. A critical step in the risk
assessment process is to identify the organization’s
universe of potential risks – without regard to
probability of occurrence (that consideration follows).
*Potentially
Assessment
%
*Potentially
Assessment
– Step 5.4: Assess Likelihood of Fraud and
Significance of Risk
• Fraud risk assessments, like traditional risk
assessments, consider the likelihood that a particular
fraud will occur. PCAOB Auditing Standards No. 2
specifies following risk levels:
% – Remote
– More than Remote / Reasonably Possible
– Probable
*Potentially
• Step 6: Link Anti-Fraud Control Activities
– Internal audit should identify who performs the
controls and the relate segregation of duties.
– Internal audit should identify the control activities
which mitigate those fraud and reputation risks
that have a more than remote likelihood of
occurring and that are more than inconsequential.
%
*Potentially
– The Control Environment
• The first component of the control structure is the
control environment which is the work atmosphere
that an organization establishes for its employees.
• .Five Control Environment Elements
– Management’s Role and Example
– Management Communication
– Appropriate Hiring
% –
–
Clear Organization Structure
Effective Internal Audit Department
– The Accounting System
• The second component of the control structure is a
good accounting system.
• Every fraud is comprised of three elements:
– The theft act, in which assets are taken
– Concealment which is the attempt to hide the fraud from
others
– Conversion, in which the perpetrator spends the money or
% converts the stolen assets to cash and then spends the money.
• An effective accounting system provides an audit trail
that allows frauds to be discovered and make
concealment difficult.
• Frauds are often concealed in the accounting records.
Accounting records are based on the transactions
documents, either paper or electronic.
• A good accounting system should ensure that recorded
transactions are:
% – Valid
– Properly authorized
– Complete
– Properly classified
– Reporting in the proper period
– Properly valued
– Summarized correctly
%
*Potentially
– Control Activities
• The third component of the control structure is good
control activities or procedures.
• An individual who owns his or her own business and is
the sole employee probably does not need many
control procedures.
• Organizations that involve many employees must have
control procedures so that the actions of employees
% will be congruent with the goals of management or the
owners.
*Potentially
• In addition, with control procedures, opportunities to
commit or conceal frauds are eliminated or minimized.
• Primary internal control weakness:
%
*Potentially
• The Five Primary Control Procedures:
1. Segregation of duties, or dual custody
2. System of authorizations
3. Independent checks
4. Physical safeguards
5. Documents and records
%
*Potentially
– The control environment, the accounting system,
and the many variations of the five control
activities or procedures work together to
eliminate or reduce the opportunity for
employees and others to commit fraud.
– A good control environment establishes an
atmosphere in which proper behavior is modeled
%
and labeled, honest employees are hired, and all
employees understand their job responsibilities.
*Potentially
– The accounting system provides records that make
it difficult for perpetrators to gain access to assets,
to conceal frauds, and to convert stolen assets
without being discovered.
– Together, these three components make up the
control structure of an organization
%
*Potentially
– Summary of the controls the prevent or detect
fraud:
%
*Potentially
%
*Potentially
%
*Potentially
%
*Potentially
%
*Potentially
• Step 7: Evaluate and Test Design and
Operating Effectives
%
*Potentially
EFFECTIVE ANTI-FRAUD CONTROLS
• Step 8: Refine Audit Plan to Address Residual
Risk and Incorporate Fraud Auditing
– Fraud auditing work plans typically include the
following compnenets:
• Interviewing
• Analytics
• Management Override and Circumvention of Controls
• Computer-Aided Auditing Techniques
%
• Targeted Testing of Transactions
*Potentially
• Step 8: Refine Audit Plan to Address Residual
Risk and Incorporate Fraud Auditing
%
*Potentially
• Step 9: Establish a Standard Process for
Responding to Allegations or Suspicions of
Fraud or Misconduct
– Naturally, the investigative process will vary
depending upon the size and complexity of the
organization. At small organizations, the
investigative process might be relatively informal,
whereas the process at large, multinational
%
organizations will likely require significant
structure.
*Potentially
• Step 10: Remediate and Prevent Recurrence
– The investigation determines “what happened.”
Remediation generally involves three elements:
1. Taking disciplinary and legal action against
wrongdoers;
2. Recovering/restoring losses and other damages; and,
3. Learning from an incident to improve controls and
prevent recurrence. At a minimum, internal audit
% should be highly involved in Step 3, even if it is not

involved in the investigation or disciplinary processes
or in the pursuit of criminal and civil remedies.
*Potentially
Step 1: Anticipate Step 2: Assess Step 3: Secure
Questions and Existing Anti-Fraud Management and
Manage Programmes and Audit Committee
Expectations Controls Sponsorship
•What are the company’s

fraud and reputation
risks?
•What programs and
controls have been
implement to mitigate
these risks?
%
•What is internal audit
going to prevent and
detect issues before they
emerge into a corporate
scandal?
*Potentially
Step 4: Assemble Step 5: Organize a
Step 6: Link Anti-
Fraud Expertise Fraud and
Fraud Control
Within Internal Reputation-Risk
Activities
Audit Assessment
Internal audit must (to

name a few):
•Be aware of potential
schemes and scenarios
•Have a solid
understanding of
measures to prevent and
detect fraud
%
•Be able to perform fraud
audits and be
knowledgeable of forensic
investigations
Step 7: Evaluate Step 8: Refine Audit

and Test Design Plan to Address
and Operating Residual risk and
Effectiveness Incorporate Fraud
Auditing
%
*Potentially
Step 9: Establish a
Standard Process for
Responding to Step 10: Remediate
Allegations or and Prevent
Suspicions of Fraud Recurrence
or Misconduct
Remediation involves:
•Taking disciplinary & legal action
Sample investigative process for a Fortune 50 •Recovering/restoring losses & other
company: damages
•Office of Global Ethics and Compliance (ECO) •Learning from an incident
•Ethics & Compliance Committees (ECQ)
•A separate Code of Conduct for conducting Prevention involves:
%
investigations •Consider roots of how and why fraud
•Standard global processes for categorizing, occurred
referring, investigating, & reporting •Determine whether controls were non-
•Participation by internal audit existent, circumvented and/or overridden
•A global database for Eco & ECC to monitor, •Explain to senior management and audit
facilitate and streamline reporting committee likelihood of occurrence
*Potentially
OPEN FORUM
FIN

Fraud PD&amp;D Consolidated

Caricato da

Informazioni sul documento

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Fraud PD&amp;D Consolidated

Caricato da

Copyright:

Formati disponibili

FRAUD

• Fraud includes the following elements:

The knowledge and Motivation or Incentive

I can do it! I can conceal Perceived intense need

Justification of dishonest How do I justify my

Theft of Company’s Asset

Vendor/ Customer Fraud

Source: ACFE 2016 Report to the National Global Survey

Source: ACFE 2016 Report to the National Global Survey

Source: ACFE 2016 Report to the National Global Survey

Source: ACFE 2016 Report to the National Global Survey

Source: ACFE 2016 Report to the National Global Survey

Source: ACFE 2016 Report to the National Global Survey

Extortion Hack Identity

Extortion Hack Identity

Extortion Hack Identity

Extortion Hack Identity

Extortion Hack Identity

• Affected by cybercrime (past 24 months)

Source: PwC’s 2016 Global Economic Crime Survey

All nice people are fraudsters*

Tone at the Top

% should be highly involved in Step 3, even if it is not

•What are the company’s

Internal audit must (to

Step 7: Evaluate Step 8: Refine Audit

Potrebbero piacerti anche

Fraud PD&D Consolidated

Fraud PD&D Consolidated