Rights Contact Login For More Details
More About This Title Managing Fraud Risk - A Practical Guide forDirectors and Managers
English
In troubled economic times, the risk of fraud and financial crime increases. In our post credit crunch environment, new laws and tougher penalties for financial crime mean that if you are in business, you have a responsibility to help fight fraud.
However, to design effective, proportionate fraud controls for your business, you need a complete picture of all the risks. Managing Fraud Risk shows you where to look for fraud, setting out a route-map for finding and fighting fraud risks in your business, with the practical, strategic advice you need.
Combining the latest theory with forensic risk analysis, this book reveals how you can provide assurance to your Board and stakeholders. Practical examples are used to clearly show cost-effective techniques for preventing and detecting business fraud. An innovative fraud awareness quiz enables you to easily apply the theories and principles.
- Answers questions such as: Who commits more fraud: men or women? How many of your employees are prepared to falsify documents?
- Essential information to ensure your procedures are sufficient to meet compliance with new international legislation increasing the liability of directors and managers in cases of fraud and corruption
- Takes a new perspective from the point of view of business risk, making it unique to other texts that take only an auditing, investigative, or specialist approach
This route-map is essential reading to help you navigate the complex landscape of business fraud.
English
Steve Giles is a chartered accountant with over 20 years experience of fighting fraud. This began with his involvement in the Polly Peck investigation in the early 1990s and continued with a variety of forensic accounting assignments whilst still at Deloitte. Now a consultant, Steve has worked on many fraud investigation cases in the UK, Continental Europe and the US, whilst also advising his clients on the most effective measures that they can take to prevent, deter and detect fraud in their organisations. Today he lectures extensively around the world on fraud and financial crime matters generally and also on the broader subjects of corporate governance, risk management, auditing and business ethics. He is an Associate Member of the Institute of Chartered Accountants in England and Wales.
English
Acknowledgements xv
Introduction 1
Making me an offer that I can’t refuse 1
Opening remarks 2
About this book 3
1. Personal experiences 4
2. Courses, delegates and the Fraud Awareness Quiz 7
3. Interviews and interviewees 8
Concepts and focus 8
Fraud: the gorilla in the room? 9
1. The Bernie Madoff effect 10
2. Corporate fraud highlighted by the international media 11
3. General fraud highlighted by the national media in the UK 12
Closing remarks 14
1 Responsibility 17
What a mess – how could all this have been allowed to happen? 17
Introduction 19
Answers to the Quiz 20
Responsibility Framework 22
Introduction 22
International best practice 23
Practical application 24
The linkage between risk management and internal controls 25
Overview 25
Control design linked to risk 26
The importance of evidence 26
Introduction 26
Examples 27
Evidence of management of fraud risks 28
The role of audit in fraud prevention and detection 29
Overview 29
Little training for auditors on fraud awareness 29
Problems and remedies 30
The strategic approach to managing fraud risk 30
Best practice guidance 30
The Fraud Risk Management Framework 31
Introduction 31
Summary – Five Key Learning Points for Directors and Managers 33
2 Meaning 35
The hairs on the back of my neck 35
Introduction 36
Answers to the Quiz 36
Fraud definitions 38
Key word – deception 39
Key word – intentional 40
ACFE occupational fraud typology 41
1. Fraudulent financial statements schemes 42
2. Asset misappropriation 44
3. Corruption 47
The ACFE’s “Report to the Nation” 49
Fraud and the law 50
Introduction 50
The Fraud Act 2006 50
Commentary 51
Some examples of what the term “fraud” actually includes 51
1. Fraud as abuse of systems and control procedures 51
2. Fraud as abuse of working practices 51
3. Fraud as financial engineering 53
4. Fraud as corruption 55
5. Fraud as collusion 55
Fraud costs – scale and direction of travel 56
1. Costs of fraud 56
2. Direction of travel 59
Answers to the Quiz 62
Summary – Five Key Learning Points for Directors and Managers 63
3 People 65
Appearances can be deceptive 65
Introduction 66
Answers to the Quiz 66
Answers with very low percentage scores for total honesty 67
Answers with very high percentage scores for total honesty 69
The results of the research into honesty 70
The Fraud Triangle – the key behaviourial model 71
Motivation 72
Opportunity 72
Rationalisation 73
Motives of fraudsters – bringing the Fraud Triangle up to date 74
Albrecht, Howe and Romney 74
Hollinger and Clark 75
Ditton and others 76
Wolfe and Hermanson 77
Classification of fraudsters 78
First-time offenders 78
Recidivists 79
Those who commit fraud to benefit the organisation 79
Outsiders 79
Profile of a fraudster 80
Introduction 80
The greatest risk lies at the top 80
Tenure 80
The squeezed middle 81
The fraudster’s department 82
Motives of fraudsters – the business perspective 82
Summary – Five Key Learning Points for Directors and Managers 85
4 Risk 87
We are all risk managers now 87
Introduction 88
Answers to the Quiz 89
Risk management primer 92
Introduction 92
Culture 92
Risk soundings exercise 93
Avoid the tick-box attitude 99
Strategic risk management and the “4Ts” approach 100
Risk management cycle 100
The “4Ts” approach 100
The “4Ts” approach – exercise 101
The use of insurance 101
The key risk – reputation 102
Reputation risk – the Arthur Andersen/Enron case 104
Verdict overturned 105
Reputation and ethics 105
Taking a risk-based approach to financial crime 105
Introduction 105
Approach to bribery and corruption 106
Approach to money laundering and terrorist financing 106
Taking a holistic approach to financial crime 107
Taking a risk-based approach to fraud 108
Overview 108
1. Fraud risk profile 109
2. Strategic approach to fraud risk 110
Summary – Five Key Learning Points for Directors and Managers 112
The “4Ts” approach – answer to the exercise 113
(a) Bottom left-hand quadrant ¼ TOLERATE 113
(b) Top right-hand quadrant ¼ TERMINATE 114
(c) Bottom right-hand quadrant ¼ TREAT 114
(d) Top left-hand quadrant ¼ TRANSFER 114
5 Governance 117
People disappear in Texas 117
Introduction 118
Answers to the Quiz 119
Background 119
Governance as compliance 120
The performance element 120
Board conformance and board performance 121
Enron – a failure of corporate governance 122
Introduction 122
Company history 122
Consequences of scandal 123
Governance failure 123
Enron by the numbers – part 1 124
Governance overview – relationships and agency risk 126
Background 126
The key governance players 127
Agency risk and the role of independent non-executive directors 127
The development of corporate governance codes and legislation 128
Rules-based and principles-based governance regimes 128
The US and the UK governance regimes 129
1. The Sarbanes-Oxley Act 2002 130
2. The UK Corporate Governance Code 135
Competency and behaviour – the key drivers of board performance 138
1. The competency of directors 138
2. The behaviour of directors 141
The corruption component of fraud 144
Introduction 144
Corrupt business practices 145
The US position – the Foreign Corrupt Practices Act 146
The United Nations position – the UN Convention against Corruption Act 2005 146
The UK position – the Bribery Act 2010 147
The Satyam fraud 149
Introduction 149
Background 150
Satyam’s accounting fraud 150
Consequences and commentary 151
Summary – Five Key Learning Points for Directors and Managers 152
6 Controls 155
Getting run over by a bus 155
Introduction 156
Answers to the Quiz 157
Internal controls overview 160
Background 160
Control characteristics 161
Preventative and detective controls 161
Manual and automated controls 161
Hard controls and soft controls 162
Internal control structure 162
Overview 162
Broad perspective 163
Avoid negative attitudes 163
Making the commitment 164
Custom and practice 165
Modern internal controls frameworks 167
Overview 167
1. The COSO Framework – 1992 168
2. The COCO Framework – 1995 171
3. The Turnbull Guidance – 1999 172
4. The SOX – 2002 174
5. ERM Framework – 2004 175
The role of audit in fraud prevention and detection 175
Introduction 175
Perception and realities 176
The external audit 176
Introduction 176
Definitions 177
External audit essentials 177
Should external auditors discover fraud? 178
Reasonable assurance 180
Internal auditing 180
Introduction 180
Definitions 180
Internal audit essentials 181
Should internal auditors discover fraud? 182
Limitations of traditional audit techniques 182
Poor understanding of fraud risk 183
Audit testing based on small sample sizes 183
SAS 99: Considerations of Fraud in a Financial Statement Audit 184
Introduction 184
What SAS 99 and ISA 240 say about fraud auditing 185
Commentary 185
The role of the audit committee 186
Introduction 186
Role of the audit committee in the fight against fraud 186
Examples of poor performance by audit committees 187
Example 2 – Enron 188
Summary – Five Key Learning Points for Directors and Managers 189
7 Prevention 191
A question of black or white 191
Introduction 192
Answers to the Quiz 193
Fraud prevention controls 195
Introduction 195
The concept of the control environment 196
Key aspects of prevention – generic controls 197
Overview 197
(a) Segregation of duties 197
(b) Delegations of authority and authorisation limits 199
(c) Physical and computer security over assets, records and information 200
Control inhibitors and concealment strategies 201
Introduction 201
Management override of controls 201
Collusion 202
Processing a transaction below the “control radar” 202
False documentation 203
Blocking the flow of information 203
Specific anti-fraud prevention controls 204
Introduction 204
The six key fraud prevention controls 205
Introduction 205
Fraud prevention – the three hard controls 205
Fraud prevention – the three soft controls 215
5-Point fraud prevention plan 220
Summary – Five Key Learning Points for Directors and Managers 221
8 Detection 223
“But he seemed like such a nice guy, he still lives with his mother” 223
Introduction 224
Answers to the Quiz 225
The deterrence factor 226
Overview – what is meant by deterrence 226
The perception of detection 226
Ways to increase the deterrence factor 228
Fraud detection 236
Introduction 236
The three key fraud detective measures 236
Summary – Five Key Learning Points for Directors and Managers 252
9 Investigation 255
Don’t crash the car 255
Introduction 256
Answers to the Quiz 256
Fraud investigation case study 257
Fraud investigation – best practices 273
Introduction 273
Handling the initial allegations 274
Setting the overall objectives 275
Reporting lines and the investigation team 277
The use of covert techniques 279
Evidence 281
Guidelines for interviews 283
The litigation process and involving the police 286
Overview 286
Civil litigation 286
The police and criminal proceedings 287
Insurance – the quantum of loss statement and making claims 288
Communication issues 288
Introduction 288
Media contingency planning 289
Managing internal communications 289
Summary 290
Fraud investigations – practical examples 290
Summary – Five Key Learning Points for Directors and Managers 293
10 Ethics 295
The RICE model 295
Introduction 296
Answers to the Quiz 297
The business ethics framework 299
Introduction 299
The golden rule of reciprocity 300
The key concepts of integrity and trust 301
Business ethics and the law 302
The “3Rs” ethical roadmap 303
Individual responsibility 304
Corporate culture 305
Pressure, incentives and short-term targets 306
The business ethics toolbox 309
Introduction 309
Value statements 309
Codes of ethics and conduct 311
Confidential reporting lines 313
Ethical training and development programmes 313
Business ethics in action 315
Integrated approach 318
Summary – Five Key Learning Points for Directors and Managers 319
Epilogue 321
Distinguished merit 321
References 323
Index 329
