Upload
acfesj
View
179
Download
0
Embed Size (px)
Citation preview
Fraud in a DownturnA review of how fraud and other integrity risks affect business
September 16, 2009
Presented by Kristin Rivera PartnerPresented by Kristin Rivera, Partner
Agenda
Page
1 Introduction 12 Fraud and integrity risks 103 The strategy of the proactive organization 22
Section 1Introduction
Section 1 - Introduction
The landscape
• The economic downturn is changing the nature and scale of fraud and integrity risks that organizations face.
– The speed of change increases the opportunities to commit fraud. g
– More people will feel real pressure to ‘cross the line’ or to look the other way while others do so.
The receding economic tide has exposed more frauds that have been ongoing– The receding economic tide has exposed more frauds that have been ongoing while economic conditions were good.
– As the economy rebounds, companies will feel pressure to improve performance and this may also lead to inappropriate actionsand this may also lead to inappropriate actions
• Fraud and integrity are critical business issues—not just legal and compliance issues. p
• The regulatory pendulum has swung back to its post Enron position, and public sentiment against white collar crime is one of zero tolerance.
Fraud in a Downturn • A review of how fraud and other integrity risks affect business 2
Section 1 - Introduction
The landscape
• How are fraud, corruption, abuse and other integrity threats changing during this period of economic decline?
• What are the fraud schemes that may emerge and the likely regulatory y g y g yresponse?
• What strategies are proactive organizations implementing to manage short-term risks but also enhance long-term stakeholder value?term risks but also enhance long-term stakeholder value?
Fraud in a Downturn • A review of how fraud and other integrity risks affect business 3
Section 1 - Introduction
The fraud triangle
Developed by Dr. Donald Cressey, the Fraud Triangle describes three conditions that are commonly found when fraud occurs.
Incentive/pressure
!Fraud risk
Opportunity Rationalization
The global economic decline is such that each of these three factors are heightened as never before.
Fraud in a Downturn • A review of how fraud and other integrity risks affect business 5
Section 1 - Introduction
The fraud triangle
Incentive/Pressure
As people lose their jobs pressures increase. Those still in employment
Incentive/pressure
increase. Those still in employment feel ever more threatened, the pressure to commit fraud will increase.
When someone’s livelihood rests on!
Fraud riskWhen someone s livelihood rests on obtaining a new order, some people will make the wrong choice while others will look the other way Opportunity Rationalization
Fraud risk
others will look the other way. pp y
Fraud in a Downturn • A review of how fraud and other integrity risks affect business 6
Section 1 - Introduction
The fraud triangle
Opportunity
The economic downturn is forcing an unprecedented pace of change. As
Incentive/pressure
unprecedented pace of change. As change happens, gaps in the control system can and will appear.
Checks and balances put in place to!
Fraud riskChecks and balances put in place to maintain control may be abandoned and procedures whose purpose was to detect anomalies may be suspended Opportunity Rationalization
Fraud risk
detect anomalies may be suspended. pp y
Fraud in a Downturn • A review of how fraud and other integrity risks affect business 7
Section 1 - Introduction
The fraud triangle
Rationalization
In difficult economic times the capacity for people to rationalize fraud and
Incentive/pressure
for people to rationalize fraud and corruption increases.
“The company is fundamentally sound if I have to cross the line to get us
!Fraud risk– if I have to cross the line to get us
through the next six months, so be it.”
Opportunity Rationalization
Fraud risk
pp y
Fraud in a Downturn • A review of how fraud and other integrity risks affect business 8
Section 2Fraud and integrity risks
Section 2 - Fraud and integrity risks
Fraud and integrity risks
Given these circumstances, what are the likely effects on corporations, investors, regulators and government?
We believe board and audit committees should be asking themselves and key stakeholders the questions below…
Fraud in a Downturn • A review of how fraud and other integrity risks affect business 11
Section 2 - Fraud and integrity risks
Fraud and integrity risks
1. How much are fraud and abuse losses in the supply chain and through revenue leakage costing your business?
– Fraud losses can run as high as 7% of revenue.1g
– Studies show that effective fraud management produces an 8:1 return on investment,2 and strong controls reduce fraud by at least 30%.3
1 Association of Certified Fraud Examiners 2008 Report to the Nation on Occupational Fraud and Abuse.2 Nelsestuen, Rodney, Enterprise Fraud Management in Financial Services: Restoring Confidence in an Uncertain World, Tower Group, September 2007.3 Kielstra, Paul, Global Fraud Survey, The Economist Intelligence Unit, 2008.
Fraud in a Downturn • A review of how fraud and other integrity risks affect business 12
Section 2 - Fraud and integrity risks
Fraud and integrity risks
2. Is your organization at risk of DOJ, SEC or foreign government scrutiny for public and commercial bribery in the US or overseas?
– There remains significant opportunity within global organizations to engage in g y g g g gbribery via “consulting payments” in order to win new business.
– The anti-bribery provisions of the FCPA prohibits corrupt payments to foreign officials for the purpose of obtaining or keeping business.
– Regulators are prosecuting companies and their directors and officers for the inappropriate actions of business partners in the sales channel and supply chain such as distributors and sales agents.
– Many organizations face significant reputational, legal and financial risk from inadequate due diligence and monitoring controls in relation to business partners.
Fraud in a Downturn • A review of how fraud and other integrity risks affect business 13
Section 2 - Fraud and integrity risks
Fraud and integrity risks
3. Is your organization at risk of breaching competition laws?
– The Justice Department and Federal Trade Commission levied fines totaling billions of dollars in 2008 related to the investigation and detection of anti-competitive cartel practices.
– The regulatory fines that can be levied for price fixing, bid rigging and market sharing can be up to 10% of turnover.
Fraud in a Downturn • A review of how fraud and other integrity risks affect business 14
Section 2 - Fraud and integrity risks
Fraud and integrity risks
4. How robust are your controls in treasury and banking operations?
– When control environments weaken, rogue traders have the opportunity to operate undetected as they trade beyond the limit of their authority.
– As companies approach banking covenant breaches, the temptation to ‘massage’ the numbers provided to their banks will increase.
– As banks face pressure to control their own costs the resources available toAs banks face pressure to control their own costs, the resources available to counter this threat are constrained.
Fraud in a Downturn • A review of how fraud and other integrity risks affect business 15
Section 2 - Fraud and integrity risks
Fraud and integrity risks
5. Is your organization at risk of significant data theft?
– Criminal organizations have for some time recognized the value of personal data, and while bank account details continue to have a black market value, there will be a significant risk of theft.
– Consider where you are holding personal information and how this data is controlled.
– Not enough is being done to address the risk of deliberate theft by criminal organizations working in collusion with permanent, short-term or temporary staff to infiltrate organizations and circumvent existing control systems.
Fraud in a Downturn • A review of how fraud and other integrity risks affect business 16
Section 2 - Fraud and integrity risks
Fraud and integrity risks
6. How well does your organization employ data analytics to prevent and detect misconduct?
– Where senior managers have colluded with third parties to misrepresent financial ginformation and statements, fraud can be difficult to identify unless the company has robust internal controls and processes in place.
– Fraud and forensic technologists find that even fraud that is the result of collusion can cause data anomalies that companies can identify using data analytics.
Fraud in a Downturn • A review of how fraud and other integrity risks affect business 18
Section 2 - Fraud and integrity risks
Fraud and integrity risks
7. Are you weakening your first line of defense?
– Operations and finance personnel are the first line of defense against fraud, corruption and abuse.
– Because the legal and internal audit functions are removed from the day-to-day business, it is not wise to rely on them as the principal line of defense.
– Downsizing unless carefully planned and managed skyrocketsDownsizing, unless carefully planned and managed, skyrockets misconduct risks.
– Downsizing can eliminate critical segregation of duties. The fear of being the one selected for downsizing can lead employees to engage in fraud to cover upselected for downsizing can lead employees to engage in fraud to cover up innocent mistakes.
Fraud in a Downturn • A review of how fraud and other integrity risks affect business 19
Section 2 - Fraud and integrity risks
Fraud and integrity risks
8. If a crisis occurred, how well prepared are you to react?
– Companies need to be ‘investigation ready’, with policies in place regarding the conduct of investigations and knowledge of where data is stored and how it can be speedily retrieved.
– e-Discovery readiness is an increasingly critical component of litigation.
– Organizations are expected to conduct comprehensive root-cause analysis andOrganizations are expected to conduct comprehensive root-cause analysis and implement and monitor controls to prevent recurrence.
Fraud in a Downturn • A review of how fraud and other integrity risks affect business 20
Section 3The strategy of the proactive organization
Section 3 - The strategy of the proactive organization
The PwC antifraud framework
Control environment• Board oversight• Codes of ethics/conduct• Anonymous reporting
Fraud event identification and risk assessment
Identify entity level scheme & scenario risks
Assess likelihood & impact
Conduct self-assessment at functional & local
• Other entry level activities
business unit levels Develop a risk response
ContinuousIncident response & remediation• Investigate• Perform root
cause analysis
Monitoring Activities• Monitor fraud risk
factors and indicators• Audit for ‘red flags’
Entity and business process level control activities
Develop new/enhance existing
Validate operating effectiveness
Evaluate control designs
Continuous reassessment
y• Search for
other misconduct• Enhance controls
existing controls
effectiveness designs
In 1992, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) developed a model for evaluating internal controls. This model has been adopted as the generally accepted framework for internal control and is widely recognized as the definitive standard against which organizations measure the effectiveness of their systems of internal control. We have adapted the COSO framework to illustrate some of the key elements of a fraud and integrity risk control framework.
Fraud in a Downturn • A review of how fraud and other integrity risks affect business 23
Section 3 - The strategy of the proactive organization
The PwC antifraud framework
Areas to consider
• Organizational tone
Management information• Management information
• Communication and training
• Risk identification• Risk identification
• Control linkage and evaluation
• Preventive controlsPreventive controls
• Monitoring and auditing
• Incident response and remediationp
Fraud in a Downturn • A review of how fraud and other integrity risks affect business 24
About PwC Forensic servicesAbout PwC Forensic services
About PwC Forensic servicesAbout PwC Forensic services
Fraud Prevention and Detection Experience
• PwC is a leader in the prevention, investigation and remediation of fraud.
• We have invested over 100,000 hours researching common, sector- and market-specific misconduct h i l i f d l t ti t i i ti d i i l d tschemes involving fraudulent reporting, asset misappropriation, and criminal conduct.
• Our risks and controls professionals developed manuals detailing the mechanics, controls, risk indicators and detection procedures for hundreds of fraud scenarios, which are tailored to specific client needs and circumstances.
• Hundreds of companies have used our anti-fraud framework—which has been embraced by COSO, SEC, IIA, and the AICPA—to benchmark the effectiveness of efforts to guard against misconduct.
Contact Us
K i ti RiKristin [email protected]: (415) 498-6566
Fraud in a Downturn • A review of how fraud and other integrity risks affect business 28
© 2009 PricewaterhouseCoopers LLP. All rights reserved. "PricewaterhouseCoopers" refers to PricewaterhouseCoopers LLP (a Delaware limited liability partnership) or, as the context requires, the PricewaterhouseCoopers global network or other member firms of the network, each of which is a separate and independent legal entity.