Upload
others
View
11
Download
0
Embed Size (px)
Citation preview
IIA Fraud Conference
Case studies from recent investigations 8 April 2015
Page 2
Outline
► What is fraud and types of fraud ► EY’s 13th Global Fraud Survey
► Survey approach and participant profile ► Unethical behavior persists ► Significant industry fraud ► Whistleblower hotlines
► Case Study 1 ► Case Study 2 ► Fraud prevention ► About us
Page 3
What is fraud?
► “Any intentional act or omission designed to deceive others”*
► “The use of one’s occupation for personal enrichment through the deliberate misuse or misapplication of the employing organization’s resources or assets”**
► Fraud is profitable ► Fraud is a growth industry ► Fraud is a significant compliance
risk area
*Source: American Institute of Certified Public Accountants **Source: ACFE Report to the Nations 2014
Page 4
Types of fraud
Fraud Schemes
Fraudulent Statements Schemes
• Misstatement or omission of material information/accounting records from financial statements.
Misappropriation of Assets
• Theft or misuse of tangible and intangible assets. • Fraudulent expenditures.
Corruption Schemes • Utilizing influence in business transactions to obtain a personal benefit. • Bribery and/or extortion. • Aiding and abetting fraud.
Improper Capitalization/
Deferral of Expenses
Improper Revenue
Recognition
Improper Manipulation
of Tax Accounts
Fictitious Vendor
Theft of Assets
Theft of Intellectual
Property
FCPA/UK Bribery
Act
Procurement Fraud
Conflicts of Interest
Asset/Liability Manipulation
Improper Journal Entries
Employee Expense
Fraud
Payroll Fraud
Cash Skimming
Improper Accounting of
I/C Transactions
Management Estimates
Significant/ Unusual
Transactions
Page 5
Survey approach and participant profile EY’s 13th Global Fraud Survey
► Between November 2013 and February 2014, our researchers conducted 2,719 interviews with various executives in 59 countries and territories
► Interviewees were selected from a sample of the largest companies in each country. Employees interviewed included industry leaders – chief executive officers (CEOs), chief financial officers (CFOs), chief compliance officers (CCOs), general counsel and heads of internal audit. Interviews were conducted on an anonymous basis in the local language by telephone or in person. Details of the full survey are shown below:
► Please note that, due to rounding or the omission of percentages to allow better comparison, some figures may not sum to 100%
Job title % of respondents
CFO 28% Other finance 23% Head of internal audit 9% Other audit/risk 9% General counsel 7% CEO 6% Head of marketing/sales 4% CCO 3% Other 11%
Revenue % of respondents
More than US$5B 6% US$1B-US$5B 18% US$500M-US$0.99B 13% US$100M-US$499M 30% US$99M or less 31%
Above US $1B 24% Below US $1B 73%
* Details of countries categorized as developed markets and emerging markets can be found in the appendix.
Page 6
Unethical behavior persists EY’s 13th Global Fraud Survey - Figures 1, 5, & 10
28
4
0
2
30
Offering entertainment towin/retain business
Personal gifts towin/retain business
Cash payments towin/retain business
Misstating company’s financial performance
At least one of these canbe justified
US Results North America
Developed markets
Emerging markets
Other respondents
33 30 28 29
5 11 17 14
1 7 16 13
3 4 8 6
35 38 45 42
% Agree
Base: US 2014 (50); North America 2014 (100); developed markets 2014 (1103); emerging markets 2014 (1616); all respondents 2014 (2719) % don't know and none of the above have been omitted to allow better comparison between responses given
% Agree
Q. Which, if any, of the following do you feel can be justified if they help a business survive an economic downturn?
Page 7
Unethical behavior persists EY’s 13th Global Fraud Survey – Figure 6
33
14
11
8
50
47
More flexible productreturns
Change assumptionsdetermining
valuations/reserves
Extend monthly reportingperiod
Backdate a contract
None of these
At least one of these
US Results CFO Head of IA CCO GC Head of
Marketing
31 25 27 31 44
17 12 11 13 15
11 10 4 10 15
10 9 3 12 8
51 61 56 48 41
48 39 36 45 54
% Agree
Base: All respondents (2,719); CFO (752); head of internal audit (238); CCO (95); general counsel (181); head of marketing/sales (108). The “don’t know” and “refused” percentages have been omitted to allow better comparison between the responses given.
% Agree
Q: Given the pressure that often exists to meet financial targets, which, if any, of the following activities do you feel can be justified to meet those targets?
Page 8
Has your organization experienced a significant fraud in the last two years?
Industry % Yes
Financial services 17
Other transportation 16
Oil, gas and mining 16
Other sectors 13 Technology, communications and entertainment 13
Government and public sector 12
Consumer products, retail or wholesale 12
Average of all respondents 12
Power and utilities 11
Manufacturing and chemicals 11
Real estate 9
Automotive 8
Professional firms and services 8
Life sciences 6
► More than 1 in 10 executives surveyed reported their company as having experienced a significant fraud in the past two years.
► The level of fraud reported by
respondents has remained largely unchanged over the past six years from 13% in 2008 to 12% in 2014
Page 9
Detection of fraud schemes
0.5%
0.8%
1.1%
2.2%
2.6%
3.0%
4.2%
6.6%
6.8%
14.1%
16.0%
42.2%
Other
Confession
IT Controls
Notified by Law Enforcement
Surveillance/Monitoring
External Audit
Document Examination
Account Reconciliation
By Accident
Internal Audit
Management Review
Tip
Almost 50% of schemes are discovered by Tip or Accident
Source: ACFE Report to the Nations 2014
Page 10
ACFE 2014 Report to the Nations on “speaking-up”
Tips are consistently and by far the most common detection method.
In 2014 report, 42.2% of cases showed a tip as the most common method of initial detection of occupational fraud. Management review is second at 16%.
Organizations with hotlines ► Were much more likely to catch fraud by a tip ► Detected the fraud 50% quicker ► Experienced frauds that were 41% less costly
Page 11
Types of fraud
Fraud Schemes
Fraudulent Statements Schemes
• Misstatement or omission of material information/accounting records from financial statements.
Misappropriation of Assets
• Theft or misuse of tangible and intangible assets. • Fraudulent expenditures.
Corruption Schemes • Utilizing influence in business transactions to obtain a personal benefit. • Bribery and/or extortion. • Aiding and abetting fraud.
Improper Capitalization/
Deferral of Expenses
Improper Revenue
Recognition
Improper Manipulation
of Tax Accounts
Fictitious Vendor
Theft of Assets
Theft of Intellectual
Property
FCPA/UK Bribery
Act
Procurement Fraud
Conflicts of Interest
Asset/Liability Manipulation
Improper Journal Entries
Employee Expense
Fraud
Payroll Fraud
Cash Skimming
Improper Accounting of
I/C Transactions
Management Estimates
Significant/ Unusual
Transactions
Page 12
Case studies
Page 13
Case study 1
The client An information technology equipment and services company that operates call centers for third parties. What happened A terminated employee (whistleblower) sent an anonymous email to his former employer’s customer alleging fraudulent billing practices. The investigation The investigation took place over a period of two months and focused on determining the fraudulent invoicing process, identifying the individuals involved, and quantifying the extent of the over-billing.
Page 14
Case study 2
The client A financial services organization based out of New York, with primary operations located in Los Angeles What happened A whistleblower (who was involved with the fraud schemes), grew frustrated and reported the fraudulent activities. The investigation The investigation took place over a period of three months and focused on identifying the fraudulent schemes, assessing the financial ramifications and impact on the financial statements. Additional time was spent assisting the client with preparing for the insurance claims process
Page 15
Case study 2 (continued)
Scheme Impact Work performed
Fictitious vendors and kick-back scheme
• $6M in payments made to fictitious vendors, or vendors that provided kick backs to the employees engaged in the scheme
• Analyzed invoices for three vendors, identified by the whistleblower as being party to the fraudulent schemes
• Gained understanding of which services were legitimate and which were overstated as a result of kick-backs
Employee Expense Fraud
• $3M identified as suspicious reimbursements
• Analyzed over $18M in expenses for 8 individuals
• Identified reimbursements for falsified credit card statements, false invoices for asset purchases, and other non-reimbursable expenses
Capitalization of non-existing assets
• Material error resulted in “Big R” restatement
• Over $3M in assets written-off from the balance sheet
• Identified assets from the fictitious vendor and expense fraud schemes that were capitalized
• Calculated the amounts incorrectly capitalized and depreciated during the period
Page 16
Fraud prevention
Page 17
Fraud prevention measures
► Tone at the top ► Anti-fraud programs ► Code of ethics ► Policies and procedures ► Continuous communication and reinforcement of fraud
prevention programs ► Anti-fraud training ► Fraud risk assessments
Page 18
Code of Ethics
Fraud Prevention Policies
Communication and Training
Fraud Risk Assessment
Controls Monitoring and Analytics
Incident Response Plan
Reactive
Proactive
Setting the Proper Tone
Elements of a successful corporate anti-fraud program
Anti-fraud key activities ►Corporate compliance
program design ►Corporate compliance
assessment ►Gap analysis ► Future state design
session ►Discovery response
planning ►Records and
information management
►Who owns fraud? ► Assign roles and
responsibilities ► Fraud and risk committee
formulation ►Customized training ►Corporate governance ►Design sessions ►Corporate anti-fraud
roadmap ►Hotline
► Fraud risk assessment ► Targeted anti-fraud analytics ► Internal control testing ► Internal control monitoring
► Investigations
►Response plan
►Discovery and document review
► Forensic data analytics
► Assessment & remediation
►Continuous improvement
Components of an anti-fraud program Fraud prevention
Management Ownership and Involvement
Page 19
Does your organization have whistleblowing hotlines?
Industry % Yes
Financial services 66
Life sciences 57
Power and utilities 56
Automotive 55
Other transportation 55
Oil, gas and mining 53
Government and public sector 53
Average of all respondents 51
Technology, communications and entertainment 50
Manufacturing and chemicals 48
Consumer products, retail or wholesale 47
Real estate 46
Other sectors 44
Professional firms and services 43
► Nearly half of the businesses in the survey do not have a whistleblower hotline
► Many businesses will find it very easy to describe how they are rewarding growth — but can they also articulate how they are rewarding an ethical culture?
Page 20
Dodd-Frank Whistleblower Program Source of Tips
► Since the beginning of the whistleblower program, the Commission has received whistleblower tips from individuals in sixty-eight (68) countries outside the United States.
► In Fiscal Year 2013 alone, the Commission received whistleblower submissions from individuals in fifty-five (55) foreign countries. The map below reflects all countries in which whistleblower tips originated during Fiscal Year 2013:
Source: 2013 An Ann SEC Annual Report to Congress on the Dodd-Frank Whistleblower Program
Page 21
ACFE 2014 Report to the Nations Frequency of anti-fraud controls
► Presence of anti-fraud controls ► Reduced fraud losses ► Shorter fraud duration
► 18 anti-fraud controls in the survey ► All percentages are higher in
organizations with 100+ employees
► Code of conduct – 77.4% ► IA department – 70.6% ► Management review – 62.6% ► Independent audit committee – 62.0% ► Hotline – 54.1% ► Employee support programs – 52.4% ► Fraud training (management and employees separate
in survey) – 47.8% ► Anti-fraud policy – 45.4% ► Dedicated fraud department, function or team – 38.6% ► Proactive data monitoring/analysis – 34.8% ► Formal fraud risk assessment – 33.5% ► Surprise audits – 33.2% ► Job rotation/mandatory vacation – 19.9% ► Rewards for whistleblowers – 10.5%
Page 22
Code of Ethics
Fraud Prevention Policies
Communication and Training
Fraud Risk Assessment
Controls Monitoring and Analytics
Incident Response Plan
Reactive
Proactive
Setting the Proper Tone
Elements of a successful corporate anti-fraud program
Anti-fraud key activities ►Corporate compliance
program design ►Corporate compliance
assessment ►Gap analysis ► Future state design
session ►Discovery response
planning ►Records and
information management
►Who owns fraud? ► Assign roles and
responsibilities ► Fraud and risk committee
formulation ►Customized training ►Corporate governance ►Design sessions ►Corporate anti-fraud
roadmap
► Fraud risk assessment ► Targeted anti-fraud analytics ► Internal control testing ► Internal control monitoring
► Investigations
►Response plan
►Discovery and document review
► Forensic data analytics
► Assessment & remediation
►Continuous improvement
Components of an anti-fraud program Fraud prevention
Management Ownership and Involvement
Page 23
Six steps to help protect your business
► Own the problem ► In businesses where the risks of fraud, bribery and corruption are properly acknowledged,
compliance is not seen as a “tick-box” exercise. In these businesses, management owns the problem, and boards challenge management to ensure that they are prioritizing risk and dealing with issues effectively.
► Deal with the issues - Make compliance relevant ► Making compliance relevant to local teams does not mean diluting the program or bending the
rules. It means engaging with teams to manage specific requirements while retaining a robust and consistent approach.
► Communicate the risks ► Businesses that have a strong code of ethics are not just good at controlling behavior. They excel
at communicating the risks of unethical conduct. ► Communicate the benefits
► Investors and regulators are looking for global companies to show their ability to prevent and detect fraud or other unethical behavior. This can often be demonstrated through an audit of the effectiveness of the compliance/internal audit function.
► Focus resources ► A sharp focus on key risks is critical, and begins with understanding where the risks are. Having
identified the risks, businesses need to act. Technology has a key role to play in helping focus resources. The use of forensic data analytics can identify incidences of anomalous activity and guide more detailed assessments.
► Ask questions, demand answers ► Companies with robust approaches to fraud, bribery and corruption exercise their audit rights on
third parties and insist that their suppliers regularly respond to requests for information.
Page 24
About us
► Matthew Baker is a Manager in the Los Angeles office of Ernst & Young. Matthew has experience serving a variety of engagements including fraud investigations covering asset misappropriation and financial statement fraud, litigation support for audit malpractice defense cases, FCPA risk assessments, and anti-money laundering compliance assessments and investigations.
► Matthew’s compliance experience includes working closely with a multi-national financial institution and its subsidiary to review policies and procedures, along with transactional information, for compliance with Bank Secrecy Act, Dodd Frank, and other anti-money laundering legislations.
► Matthew has led investigations into allegations of embezzlement, fraudulent billing schemes, and revenue recognition issues. Matthew has worked directly with the Internal Audit department of a Fortune 100 company, leading its internal investigations into allegations of asset misappropriation and other violations of company policy. Matthew has participated in international investigations and has experience coordinating investigative efforts with international teams.
► In addition, Matthew has experience providing litigation support to expert witnesses and counsel in preparation for audit malpractice defense litigations and arbitrations. Matthew also has experience managing FCPA risk assessments for companies in the consumer products and retail industries, overseeing assessments conducted in southeast Asia and Latin America.
► Matthew graduated from California State University, Long Beach with a Bachelor’s Degree in Business Administration, emphasis in Accountancy and a minor in Criminal Justice. He is a Certified Public Accountant (“CPA”), Certified Fraud Examiner (“CFE”), and a Certified Anti-Money Laundering Specialist (“CAMS”).
Matthew Baker, CPA, CFE, CAMS Manager Fraud Investigation & Dispute Services Phone: +1 213 977 3282 Email: [email protected] Ernst & Young LLP 725 South Figueroa Street Los Angeles, CA 90017
Page 25
About us
► Dasha Russ is a Manager in EY’s Fraud Investigation and Dispute Services (“FIDS”) practice. During her time with EY in the Los Angeles office, Dasha has worked on fraud investigations, risk assessments, internal audits and Foreign Corrupt Practices Act (FCPA) assessments for a variety of companies including several not-for-profits and Fortune 500 companies
► Dasha has worked on multiple engagements in the area of Anti-Money Laundering ("AML") and has assisted clients in assessing and mitigating AML risks. She has also worked in the field of audit malpractice defense where she assisted legal counsel with document review, issue analysis, and the creation of exhibit databases used during arbitration preparation. Dasha experience includes multi-national investigations involving expense fraud, regulatory compliance, and asset misappropriation. She has worked directly with government regulators to address regulatory concerns and requests.
► Prior to working with the FIDS group, Dasha worked in EY’s Advisory practice where she performed IT audits that focused on critical systems in support of the financial audit. Dasha has also worked on a range of internal audit project for several not for profits that focused on assessing grant compliance, quality controls procedures and assessment of policies focused on improving client operations. Dasha has also worked with several businesses on developing and performing enterprise risk assessments to measure and identify key risks for the organization using both bottom-up and top-down approaches.
► Dasha received her Bachelor of Science in Accounting with an emphasis on Accounting Information Systems from the University of Southern California. She is also a Certified Public Accountant.
Dasha Russ, CPA Manager Fraud Investigation & Dispute Services Phone: +1 213 977 4393 Email: [email protected] Ernst & Young LLP 725 South Figueroa Street Los Angeles, CA 90017
Page 26
Questions
EY | Assurance | Tax | Transactions | Advisory About EY EY is a global leader in assurance, tax, transaction and advisory services. The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. We develop outstanding leaders who team to deliver on our promises to all of our stakeholders. In so doing, we play a critical role in building a better working world for our people, for our clients and for our communities. EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. For more information about our organization, please visit ey.com.
About EY’s Assurance Services Our assurance services help our clients meet their reporting requirements by providing an objective and independent examination of the financial statements that are provided to investors and other stakeholders. Throughout the audit process, our teams provide timely and constructive challenge to management on accounting and reporting matters and a robust and clear perspective to audit committees charged with oversight. The quality of our audit starts with our 60,000 assurance professionals, who have the breadth of experience and on-going professional development that comes from auditing many of the world’s leading companies. For every client, we assemble the right multidisciplinary team with the sector knowledge and subject-matter expertise to address your specific issues. All teams use our Global Audit Methodology and latest audit tools to deliver consistent audits worldwide.
About EY’s Fraud Investigation & Dispute Services Dealing with complex issues of fraud, regulatory compliance and business disputes can detract from efforts to succeed. Better management of fraud risk and compliance exposure is a critical business priority – no matter what the industry sector is. With our more-than-2,000 fraud investigation and dispute professionals around the world, we assemble the right multidisciplinary and culturally aligned team to work with you and your legal advisors. We work to give you the benefit of our broad sector experience, our deep subject matter knowledge and the latest insights from our work worldwide. © 2014 Ernst & Young LLP. All Rights Reserved BSC no. 1403-1221809 This material has been prepared for general informational purposes only and is not intended to be relied upon as accounting, tax, or other professional advice. Please refer to your advisors for specific advice. ey.com