Está en la página 1de 57

Chapter 8

Risk of Fraud and Illegal Acts


Learning Objectives
 Understand the prevalence of fraud and illegal acts in today’s world.

 Compare and contrast various illegal acts/fraud definitions.

 Describe the fraud triangle and why all three elements must exist for fraud to
occur.

 Define the types of fraud and fraud risk factors.

 Define governance, risk management, and control in the context of fraud.

 Describe fraud prevention, deterrence, and detection techniques.

 Understand the behavioral aspects of fraudsters.

 Understand evolving responsibilities of the internal audit function, including the


involvement of forensic accountants and fraud examination specialists.
Learning Objective 1

Understand the prevalence of fraud and


illegal acts in today’s world.
Overview of Fraud in Today’s Business World

 Fraud is not limited to only certain countries or industries

 Examples of large accounting scandals:


 USA: Enron and WorldCom
 Other countries: see Exhibit 8-2
 Indonesia: ?????

Impact?

A loss of confidence in the capital markets

1-5
Exhibit 8-2
Survey Result by ACFE - 2012

 Organizations lose 5% of their annual revenues to fraud

 Occupational fraud schemes tend to be extremely costly

 Occupational frauds schemes frequently for years before they


are detected

 Occupational frauds are much likely to be detected by a tip


than by audits, controls, or other means

 The most common fraud schemes were asset misappropriation

 Corruption and billing schemes pose the greatest risks to


organizations throughout the world

 The longer a perpetrator has worked for an organization, the


higher the fraud losses tend to be

1-7
Survey Result by ACFE - 2012

 Industries most commonly victimized were banking and


financial services, government and public administration and
manufacturing

 Occupational fraud were most often committed by individuals


working in one of six departments: accounting, operations, sales,
executives/upper management, customer service, and purchasing

 Occupational fraudsters are generally first-time


offenders.

 Common fraud perpetrator red flags:


 Living beyond their means
 Experiencing financial difficulties
 Excessive organizational pressure

1-8
Learning Objective 2

Compare and contrast various illegal


acts/fraud definitions.
Apakah Yang
Dimaksud Dengan
Fraud?
What Is Fraud?

Restaurant Fraud

1-11
Illegal Acts

 Are activities that violate laws and regulations of


particular jurisdictions where a company is operating

1-14
Fraudulent financial reporting

 Fraudulent financial reporting involves intentional


misstatements or omissions of amounts or disclosures in
financial statements designed to deceive financial
statement users.

 Accomplished by:
 Manipulating, falsifying, or altering accounting records or
supporting documents from which the financial statements
are prepared.
 Misrepresenting, or intentionally omitting from, the financial
statements events, transactions, or other significant
information.
 Intentionally misapplying accounting principles relating to
amounts, classification, manner of presentation, or
disclosure.

1-15
Misappropriation of assets

 Pilferage = pencurian

 Embezzlement = penggelapan, pencurian, korupsi

 Defalcation

1-16
Exhibit 8-6
Occupational Fraud:

• Falsification of
financial statements

• Asset misappropriation

• corruption
Learning Objective 3

Describe the fraud triangle and why all three


elements must exist for fraud to occur.
Conceptual framework

 Donald Cressey  Fraud Triangle


 Perceive need/pressure
 Perceived opportunity
 Rationalization of fraudulent behavior

1-20
Quotes

“Biasakanlah yang benar dan


janganlah membenarkan yang
biasa”

1-22
Learning Objective 4

Define key principles for managing fraud risk.


Key principles for managing fraud risks

 The Fraud Guide outlines five core


principles that organizations would be
well-advised to follow:
1. Fraud Risk Governance
2. Fraud Risk Assessment
3. Fraud Prevention and Detection
4. Fraud Reporting, Investigation, and Resolution
Key principles for managing fraud risks

 The Fraud Guide outlines five core


principles that organizations would be
well-advised to follow:
1. Fraud Risk Governance
2. Fraud Risk Assessment
3. Fraud Prevention and Detection
4. Fraud Reporting, Investigation, and Resolution
Fraud Risk Governance

There must be a structure in place to


oversee the identification and
management of fraud risks
Governing board:
 Helps set the tone for fraud risk management
 Encourage management to establish policies
 Responsible for monitoring the effectiveness of the
organization’s fraud risk management program
Key principles for managing fraud risks

 The Fraud Guide outlines five core


principles that organizations would be
well-advised to follow:
1. Fraud Risk Governance
2. Fraud Risk Assessment
3. Fraud Prevention and Detection
4. Fraud Reporting, Investigation, and Resolution
Fraud Risk Assessment

Management should understand the


inherent fraud risks the organization faces
Steps:
 Identify the potential fraud events or scenarios
 Assess the impact and likelihood of each risk
 Decide what fraud risk responses are appropriate
Key principles for managing fraud risks

 The Fraud Guide outlines five core


principles that organizations would be
well-advised to follow:
1. Fraud Risk Governance
2. Fraud Risk Assessment
3. Fraud Prevention and Detection
4. Fraud Reporting, Investigation, and Resolution
Fraud Prevention and Detection

Prevention controls may include policies,


procedures, training and communication.
Detection controls may include manual or
automated activities that will recognize
timely that a fraud has or is occurring.
Key principles for managing fraud risks

 The Fraud Guide outlines five core


principles that organizations would be
well-advised to follow:
1. Fraud Risk Governance
2. Fraud Risk Assessment
3. Fraud Prevention and Detection
4. Fraud Reporting, Investigation, and Resolution
Fraud Reporting, Investigation and Resolution

 Establishing a reporting system to facilitate and


encourage reporting of potential fraud incidents
 Whistleblower system

 Establishing a sound investigation process


 Internal or external legal counsel.
 Other function in the organization

 Timely resolution will help ensure prosecution or


disciplinary actions can be taken
Learning Objective 5

Define governance, risk management, and


control in the context of fraud.
Governance Over the Fraud Risk
Management Program

 Developing corporate cultures


 Board ownership of agendas and information flow
 Access to multiple layers of management and effective
control of a whistleblower hotline
 Independent nomination processes
 Effective senior management team
 A code of conduct
 Board evaluation

1-34
Governance Over the Fraud Risk
Management Program

 Roles and responsibilities


 Board of directors
 Management
 Employees
 The internal audit function

1-35
Governance Over the Fraud Risk
Management Program

 Components of a fraud risk management program


 Commitment
 Fraud awareness
 An affirmation
 A conflict disclosure
 Fraud risk assessment
 Reporting procedures and whistleblower protection
 An investigation process
 Disciplinary and/or corrective actions
 Process evaluation and improvement
 Continuous improving

1-36
Fraud Risk Assessment

 Involving individuals with varying knowledge


 Accounting and finance personnel
 Legal and compliance personnel
 Risk management personnel
 Internal auditors
 Other internal or external parties

1-37
Fraud Risk Assessment

 Three key steps


1. Identify inherent fraud risks;
2. Assess impact and likelihood of the identified risk; and
3. Develop responses to those risks

1-38
Learning Objective 6

Describe fraud prevention and detection


techniques.
Fraud Prevention

Common elements in preventing fraud:

 Performing background investigations

 Providing anti-fraud training.

 Evaluating performance and compensation programs.

 Conducting exit interview.

 Authority limits.

 Transaction-level procedures.

1-40
Fraud Detection

Common detection methods:

 Whistleblower hotlines

 Process control.

 Proactive fraud detection procedures.

1-41
Fraud Investigation and Corrective Action

Steps in this stage

 Receiving the allegation

 Evaluating the allegation

 Establishing investigation protocols

 Determining appropriate actions

1-42
Key principles for managing fraud risks

Steps in this stage


 Receiving the allegation
 Evaluating the allegation
 Establishing investigation protocols
 Determining appropriate actions
Receiving the Allegation

 Received from various sources


 Should include a process for:
 Categorizing issues
 Confirming the validity of the allegation
 Escalating the severity of the allegation
 Referring issues outside the scope of the program
 Conducting the investigation and fact-finding
 Resolving or closing the investigation
 Listing types of information that should be kept confidential
 Defining how the investigation will be documented
 Managing and retaining documents and information
Key principles for managing fraud risks

Steps in this stage


 Receiving the allegation
 Evaluating the allegation
 Establishing investigation protocols
 Determining appropriate actions
Evaluating the Allegation

 Not all allegation of fraud prove to be acts


of fraud.
 Steps:
 Does the allegation require a formal investigation or is there
enough information now to draw a conclusion?
 Who should lead the investigation?
 Are there special skills or tools needed to conduct the
investigation?
 Who needs to be notified and when?
 Establishing formal protocols
Key principles for managing fraud risks

Steps in this stage


 Receiving the allegation
 Evaluating the allegation
 Establishing investigation protocols
 Determining appropriate actions
Establishing Investigation Protocols

• To ensure an investigation achieves its


objectives.
• Factors to be considered:
• Time sensitivity.
• Notification
• Confidentiality
• Legal privileges
• Compliance
• Securing evidence
• Objectivity
• Goals
Key principles for managing fraud risks

Steps in this stage


 Receiving the allegation
 Evaluating the allegation
 Establishing investigation protocols
 Determining appropriate actions
Determining Appropriate Actions

Possible actions include:


 Legal actions, whether criminal or civil
 Disciplinary actions, such as warning, demotions,
censure, suspension, or termination
 Insurance claims if losses from the act are covered by
insurance policies
 Redesign or reinforcement of processes and controls
that may have been inadequate designed or that
operated ineffectively, allowing the incident to occur.
Learning Objective 7

Understand the behavioral aspects of


fraudsters.
Potential red flags

 Exhibit a lifestyle that appears to be well beyond their


current means

 Are experiencing extreme financial problem and/or have


overwhelming personal debts.

 Are suffering from depression or other emotional


problems.

 Appear to have a gambling obsession.

 Have a need or craving for status, and believe money


can buy that status

1-52
Learning Objective 8

Understand evolving responsibilities of the


internal audit function, including the
involvement of forensic accountants and
fraud examination specialists.
Fraud Proficiency and Due Professional Care

 Standard 1210.A2 - Internal auditors must have sufficient


knowledge to evaluate risk of fraud and the manner in which it
is managed by the organization, but are not expected to have
the expertise of a person whose primary responsibility is
detecting and investigating fraud.

 Standard 1220.A1 – Internal auditors must exercise due


professional care by considering the … probability of significant
errors fraud, or noncompliance.

 Standard 2060 – the chief audit executive must report


periodically to senior management and the board on … fraud
risks…

 Standard 2120.A2 – the internal audit [function] must evaluate


the potential for the occurrence of fraud and how the
organization manages fraud risk.
1-54
Opportunities For Insight

 Assist the organization in the development of


comprehensive fraud risk assessment.

 Develop processes for early detection fraud.

 Develop data analysis tools that can be used to detect


fraud in the early stages.

 Assist with the development of hotline call procedures.

 Provide fraud awareness training throughout the


organization.

 Act decisively on significant fraud events.

1-55
Opportunities For Insight

 Assist in postmortem analysis when fraud occurs.

 Inform management of potential legal acts that are risks


to the organization.

 Assist management in developing a culture of ethical


behavior and low tolerance of fraud.

 Stay abreast and inform management of emerging issues


and developing issues related to compliance and
regulations.

1-56
End of Chapter 8

57