Upload
shannon-mcbride
View
213
Download
0
Embed Size (px)
Citation preview
Key principles applied by Witzenberg Municipality to Manageof Fraud
Presented by: Gerhard Louw Internal Audit
PEC Engagement25 July 2013
IIA Guideline of fraud risk management
Fraud anchor principles Principle 1 - Policy and procedures
Principle 2 - Periodically fraud risk assessment
Principle 3 - Prevention techniques
Principle 4 - Detection techniques
Principle 5 - Reporting and corrective action
Principle 1: As part of an organization’s governance structure, a fraud risk management program should be in place, including a written policy (or policies) to convey the expectations of the Council and senior management regarding managing fraud risk.
Fraud prevention policy Performance, Risk and Audit Committee News letters – awareness – Community and
internalFraud committeeFraud Month
Principle 2: Fraud risk exposure should be assessed periodically by the organization to identify specific potential schemes and events that the organization needs to mitigate.Fraud risk IdentificationPut on your “fraudster cap” for each process and capital
projectThink like a fraudster – “e.g. How can I beat the system?” Implement controls to mitigateMonthly Inter-action with local Police
Principle 3:Prevention techniques to avoid potential key fraud risk events should be established, where feasible, to mitigate possible impacts on the organization.E.g. Various Procurement declaration required from
suppliers (MBD’s)Employees code of conductSuppliers code of conductBackground checksTransunion checks on potential suppliersE.g bank detail fraud - one person
Principle 4: Detection techniques should be established to uncover fraud events when preventivemeasures fail or unmitigated risks are realized. Ghost employees
Monthly select a few employees from payroll and physical verify existence and identification numbers
Inventory checks Reconciliations Financial System Exception reports Audit projects – fraud considerations Monthly SCM deviation report to council Pre-determined/automated tests to detect abnormalities
– Procurement threshold – monthly check of payments nearby threshold values – investigate exceptions
Principle 5: A reporting process should be in place to solicit input on potential fraud, and a coordinated approach to investigation and corrective action should be used to help ensure potential fraud is addressed appropriately and timely.
National Fraud Line - News letter and websiteRisk Management reporting
Own Fraud Line – best practice
NEW IDEAS
• CRO and CAE Forum needs to spend to more time on fraud detection, prevention and mitigating controls ?
Thank you