Fraud

5 Day Course:

11-15 May 2015 London

19-23 October 2015 Amsterdam

Course Directors:

Edward WildingComputer forensics practitioner who has successfully investigated hundreds of cases of computer fraud, computer hacking and technical mischief.

Noel BonczoszekHighly experienced crime investigator and renowned lecturer on computer crime, public sector corruption, money laundering, fraud and counterfeiting.

Nigel IyerAn innovative fraud detection and investigation practitioner and expert in the integrity health check approach with over 20 years experience.

Richard MinogueA financial management, internal audit and investigation expert with over 35 years experience.

The Global Leader In Audit and Information Security Training

Why Attend This Course?

By attending this course you will be able to:■■ Identify the red flags■■ Use Fraud Auditing as a tool for Fraud Prevention■■ Go beyond traditional Internal Control assessment to

really pinpoint where fraud occurs■■ Find elusive frauds that others miss■■ Secure, Analyse and Present the Evidence■■ Auditing the dealing room■■ Auditing transmissions and clearing services■■ Learn how to make your organisation resistant to all

forms of unethical business■■ Discover how you should respond to a suspected

fraud or computer crime■■ Overcome procedural and legal pitfalls■■ Learn computer forensic techniques■■ Communicate and advise senior management on

business and legal implications■■ Apply taught principles in case study, interactive

exercises

Save up to 50%with In-House Training

INTRAINING

Register online at: www.mistieurope.com www.mistieurope.com/inhouse

A dynamic approach and methodology for fraud investigators investigating computer crime. How to find those elusive frauds that others miss

Forensic Auditing trAining Week

Group Booking Discount**

3 delegates -2 delegates -

5% discount

4 delegates -

12% discount

5 delegates -

15% discount

**Available for delegates from one organisation attending the same course

Telephone: +44 (0)20 3819 0800 Email: mis@mistieurope.com

Course Focus And Features

Spectacular losses, corporate collapses, and major scandals in recent times have focused the minds of company directors, owners, and regulators on Corporate Governance, the failure of risk management strategies, and the widespread existence of unethical business behaviour. Managers, controllers, Internal and external auditors and security managers are finding it difficult to claim it is not their job to find fraud. Whose job is it? Deliberate overcharging by suppliers, false invoices, expenditure, bribery, kickbacks, false rebates and warranty claims, conflicts of interests, false reporting, and more; questions have been asked why nobody picked up the early warning signs.There is broad acceptance that unethical business behaviour directly or indirectly accounts for major losses (often estimated to be between 2 and 5% turnover) and severely damages the reputation and morale of companies. However, despite being one the largest unmanaged risks in companies today, many managers still receive virtually no formal training in how to identify the red flags, deal with them and most importantly how to become more resistant to all forms of unethical business behaviour, including fraud and corruption.The fastest growing area of crime within organisations is now computer-based fraud. This course will introduce you to computer related risks in the business environment and the technical and procedural methods necessary to investigate computer misuse.

Who Should Attend

• Financial, Operational• IT and External Auditors• Audit Managers• Corporate Attorneys• Information Security professionals.• Information Security and IT Managers• This not just a course for internal auditors.• This is a course for any one who wants to find fraud • Security Architects and Administrators• Network Administrators

Advanced Preparation: None

Training Type: Group-Live

Learning Level: Intermediate

Field of Study: IT Audit

CPEs: 39

Price: GBP £3,483+VAT**Delegates may be able to claim back VAT. Visit www.mistieurope.com/VAT for more information.

Course Materials

• Slides for all lecture and workshop sessions• A compendium of recent articles and papers by the course

directors• Case studies• Exhibits and examples to take with you and re-use• A short training film on DVD• The Anatomy of Fraud and Corruption by Richard Minogue

Veronica Morino and Tomas Brytting (Ashgate Gower)• Fraud and Corruption – Prevention and Detection by Nigel

Iyer and Martin Samociuk (Ashgate Gower)

Training weeks represent a saving

of 10% over shorter courses (Usually

£3,870)

A dynamic approach and methodology for fraud investigators investigating computer crime. How to find those elusive frauds that others miss

Forensic Auditing trAining Week

Course Directors:Nigel IyerNigel has worked passionately for over 20 years for the prevention, detection and investigation of fraud and corruption. In recent years he has specialized in helping international and financial institutions develop strategies to ensure that Ethics and Integrity are fully integrated into the strategy from the top down. Together with Martin Samociuk and other colleagues, he has developed a unique fraud risk assessment methodology and also developed the Integrity Health Check, which detects the red flags of fraud and corruption and is used by many organizations to ensure ethical policies are on track. Nigel is the author/ co-author of four books: Fraud Resistance (2003), Fraud and Corruption Prevention and Detection, “A Short Guide to Fraud Risk” (2010), published in collaboration with the Chartered Institute of Management Accountants and the Management Novel “The Tightrope” (2011).

Richard MinogueRichard is a financial management, internal audit and investigation expert with over 35 years experience. A former Head of Audit for a major telecommunications company and a forensic auditor who had led high profile investigations into money laundering, bribery, embezzlement and fraud.

Edward Wilding

Edward has investigated several hundred cases of computer fraud, sabotage and misuse in many jurisdictions. He has served as an expert witness for the prosecution and the defence in

criminal cases, at employment tribunals, in civil litigation and at official hearings including the Hutton Inquiry. He has written two books: Computer Evidence: A Forensic Investigations Handbook (Sweet & Maxwell 1996) and Information Risk and Security Preventing and Investigating Workplace Computer Crime (Gower, 2006): Wilding has lectured worldwide on forensic methods and investigative techniques to law enforcement agencies, law firms, government bodies and IT security and audit professionals. He has trained incident response teams for a number of multinational companies, and has conducted security and risk reviews for a wide range of corporate clients.

Noel Bonczoszek

Noel is a highly experienced crime investigator and renowned lecturer on computer crime, public sector corruption, money laundering, fraud and counterfeiting. He has worked in various New Scotland Yard departments and at the Serious Fraud Office. Whilst in the Computer Crime Unit he investigated and prosecuted hackers, the writers of virus and malevolent code and computer fraudsters. He also broke new ground by utilising money laundering legislation in the prosecution of product counterfeiters. In 1989 he wrote Basic Computer Security Measures, which was a guide to IT crime prevention and has been incorporated in numerous subsequent publications worldwide. In 1998 he founded AmberTec – a fraud and IT crime investigation and training company. A former Chairman of the BCS-ISSG and Chartered Information Technology Professional he is currently involved in computer forensic and major commercial fraud investigations on an international basis.

Telephone: +44 (0)20 3819 0800 Email: mis@mistieurope.comTelephone: +44 (0)20 3819 0800 Email: mis@mistieurope.com

Agenda

Day One:

Fraud and Corruption in Your Organization• Who, What, Where, When and Why?• Raising Awareness• The Fraud Triangle• Dealing with Rationalization• Positive and Negative IncentivesCase Exercise: “Whistleblower Case Study”: Are we ready for anonymous reports and whistleblowers? Can we follow our fraud response plan and what should it look like? How does the whistleblower report get logged? Who should take it? How should we respond? In this exercise we will tackle these questions by:• Examine what often lies behind such a report• Understand what kind of behavior is rewarded?• Evaluate different strategies for dealing with anonymous reports and

whistleblowers• Discuss practical measures participants can put into practice in their own

organisations

The Decision to Investigate (Investigation Strategy Part I)• Cultural and environmental factors affecting the investigation• The World of the Whistleblower

• Fraud Response Plan• Establishing Investigation Objectives• Zero Tolerance or Tolerance?Case Study: Who is right? A star sales manager has a proven record for bringing in the business and everyone is full of praise – in fact it might be said that he saved the company when he brought in a major project at a critical point. But it looks like he broke the rules doing it. Should he punished? Participants will discuss the best path, and learn how to perform a high level assessment of an organization’s anti-fraud and corruption activity.

Desktop Research – The first step in addressing Red Flags• Desktop research and remote investigation techniques• Avoiding the “long and winding road”• Finding and using open sources without leaving your desk• Corroborating evidence• The chain of evidence: “Keeping a fr-audit trail”• External research experts versus doing it yourself• Investigative Research visualization techniquesCase Exercise: “Playing Poirot”. Participants will be given typical results from desktop research, pertaining to an investigation and be asked to assimilate and assemble the information in a way which both describes what could be taking place, as well as visualise the results.

The agenda continues on the following page

Agenda (continued)

Day Two:

The Fraud and Corruption Health Check• Health Check? Are we sick? (maybe!)• How to find red flags by looking for them• Applying professional skepticism• When not to “ass u me”?• Trust versus blind trust• Dealing with the findingsCase Exercise: The signs are there, but do we see them? In this case participants are presented with suspicious documents and circumstances. The cloud of suspicion must be addressed, but how will we approach it?

The “Heart” of Forensic Auditing – Finding Frauds before they Find YOU!• Why proactive is better than reactive• Where to look – Follow the money… out Purchase to Pay• Where to look – Follow the money… in Sales Processes and Receivables• Where else to look – In your organization (people, processes, accounts

and assets)Case Exercise: Looking for and finding the red flags - Power up your laptops! Participants are divided into small groups – Each group is given a transaction file. Can you analyze the patterns and find the suspicious transactions?

Dealing with the Red Flags• How would these be presented to Senior Management?• What are the typical pitfalls of dealing with red flags and how to

overcome them?

Managing a Complex Investigation (Investigation Strategy part II)• Investigation Strategy• The line of discretion• Sources of information• Preserving Evidence• Privacy and Legal Considerations• DocumentationCase Study: Planning the Investigation – Management has given its authorization and budget (not unlimited!) for an investigation of the red flags that have come to light in recent weeks. You need to establish a strategy.

Forensic Accounting and the Relationship to Fraud Detection• Where does fraud manifest itself in the accounts?• How to read between the lines• Following the money through the accounts (examples)• The work of a “forensic accountant”

Visualizing the Results of the Investigation

Day Three:

The Maturity of Fraud Identification and AssessmentInvestigations and fraud detection are always more successful if the organisation and especially its top management can appreciate that fraud and corruption does happen, even in their own organisation. In this opening session on the last day we will take a look at how to understand and assess the risk of fraud and corruption before any investigation or fraud detection exercise has even taken place. We will cover:• How to identify where fraud takes place by learning to think like a thief• Estimate Likelihood and Vulnerability of each method of fraud• Assess the Consequences of incidents• Develop a risk ranked Fraud and Corruption ProfileGroup Work: Looking at the participants own organizations, we will perform brainstorming exercises designed to identify the principal risks of fraud and corruption which are present, and make a preliminary assessment of the economical, reputational, and cultural consequences of each identified risk.

Specialist (Forensic) Investigation TechniquesIn this session we will outline:• Computer Forensics (an overview): How evidence is secured, Analysis of

hard-drives, emails etc; How to document and deal with the findings• Questioned Documents: What a forensic documents examiner does and

how this can be used in an investigation• Use of surveillance and “out of hours office searches”• Static observation and recording• Pretext• Presentation of some of the things that can be done, and the importance

of using qualified experts and expert witnesses• Investigation Strategy Part III• Preparing to cross the line of discretion• Planning for a simultaneous action• Preparation of briefing documentation• The importance of a control function• Interview Techniques• Forms of Interview• Seven Steps for difficult interviews• Body Language and the Sub-conscious• The Human Lie-detectorCase Study: Interview Role Play – Interviewers and respondents will have the opportunity to act out an interview based on the case we have been studying. It’s harder than it looks!

Wrapping up – Questions, answers ideas for applying these skills in your organization

Telephone: +44 (0)20 3819 0800 Email: mis@mistieurope.comTelephone: +44 (0)20 3819 0800 Email: mis@mistieurope.com

Register online at: www.mistieurope.com

TAILORED AND PERSONALISED IN-HOUSE TRAINING Why Choose In-House Training?Savings - Running an in-house course in your offices will ensure you avoid the costs of travel and accommodation. Plus we charge per day not per delegate. You can train six or sixteen people for the same price! Convenience - We can arrange a course that fits your team’s schedule. Any dates, any location, simply tell us what works best for you. Avoid the hassle of coordinating travel arrangements and accommodation for your staff Tailored training - We have over 150 existing training courses you can mould to fit your exact requirements or if you prefer we can just create a new agenda. You will have complete control over the course content Confidentiality - You can focus on potentially thorny issues that may be specific to your organization which are best resolved in private with the expert guidance of your course director

Some Of The Companies We Have Worked With:PwC • International Labour Office • Barclays • Capital One • Legal and General • Deloitte • European Court of Auditors • Lukoil • Credit Suisse AG • Euroclear • AIB • U.S. Steel, Corp. • Novartis • National Commercial Bank • Qatar National Bank

Visit www.mistieurope.com/inhouseCall us on 020 3819 0800Email mis@mistieurope.com

Save up to 50%with In-House Training

INTRAINING

Agenda (continued)

Day One:

How to investigate computer crime• Outlining the legal basics• Examining different types of computer threats• Investigating the computer scene of crime procedures – securing

admissible evidence• Handling and storing computer evidence• Concluding the investigation – securing systems, confrontation and other

considerations

Day Two:

Computer Crime in the Workplace: A Practical Exercise• Unravel a complex work-place cyber crime• Engage in competitive , thought-provoking exercises• Exercise new thought processes to solve computer crime• Fight against unprecedented hazards and budgetary constraints• Identify the suspects and carry out your “endgame”