FraudPrevention, Detection & Response

Simon Charlton

Will Asante

Richard Ross

Compliance & Anti-Money Laundering Conference

Riyadh, 25th March 2009

Contents

• What is Fraud

• Types of Fraud

• The Cost of Fraud

• Who Commits Fraud?

• Fraud – some examples

• Prevention – ask the right questions

• Antifraud Programs and Controls

• Detection – fraud indicators

• How to respond

• Protect yourself

What is Fraud?

Some Dictionary Definitions……

• “A deception deliberately practiced in order to secure unfair or unlawful gain”

or

• “Deliberate deception or cheating intended to gain an advantage”

or

• “Intentional deception resulting in injury to another person”

Types of Fraud

External threats – some examples

• Advance fee fraud• Intellectual property theft• Investment fraud• Credit card fraud• Cheque fraud• Hacking• Carousel fraud• Identity theft• Fraudulent instruments

Types of Fraud

Internal threats – some examples

• Financial theft/ theft of property• False accounting • Fraudulent trading• Conflict of interest• Corruption• Expense claims• Procurement fraud• Payroll fraud• Collusion• Intellectual property• Misuse of computer equipment

Types of Fraud

Internal threats – more examples

• Bribery• Money Laundering• Mortgage Fraud• Management Over-ride• Insider Trading• Market Manipulation• etc……

The Cost of Fraud

UK statistics1

• Cost to the UK economy has been put at c. £15 – 20 billion a year• Research in 2005 indicated that 55% of companies suffered a fraud in the previous

two years

US statistics2

• Typical US organisation loses 7% of annual revenues to fraud• This represents a staggering US$994 billion

KSA statistics3

• False invoicing and manipulation of financial statements is the most common type of fraud in KSA

• Almost 75% of frauds were perpetrated internally• Losses to fraudulent activity are estimated at around SAR 1.5 billion throughout the

GCC

1 The Fraud Advisory Panel website

2 2008 report to the Nation on Occupational Fraud and Abuse, Association of Certified Fraud Examiners

3 2008 GCC Fraud Survey

Fraud Statistics: Impact of Fraud• Restoring Net Income After a Fraud Loss

0500,000

1,000,0001,500,0002,000,0002,500,000

Fraud Loss

Revenue

Economics of Fraud

Fraud Loss Revenue

A SAR250,000 fraud loss . . .

Fraud usually reduces net income on a dollar-for-dollar basis.

A company with a 10% profit margin that experiences a single SAR250,000 fraud loss would have to generate an additional SAR2.5 million in revenue to restore its net income to pre-fraud levels

. . . will require an additional

SAR2.5 million in revenue

to maintain

net income levels

XYZ Company Profit margin = 10%

Who commits fraud?

Management 55%

Employees 30%

Organised Crime 6%

Client 5%Supplier 4%

Who commits fraud?

Supplier 4% Client 5% Organised Crime 6%

Employees 30%

Management 55%

A typical perpetrator…

• Gender – larger and higher volume of frauds committed by men

• Age – typically middle aged

• Education – as the level of education rises so do the losses caused

• Criminal history – majority of perpetrators are first time offenders

• Time with the company – the longer employed the bigger the loss

• Most likely to work in accounts or purchasing departments

Source : 2008 report to the Nation on Occupational Fraud and Abuse, Association of Certified Fraud Examiners

Identify fraud risk factors at the entity level and business process level. Consider whether each fraud risk factor indicates the existence of an incentive or pressure, opportunity or attitude and rationalisation.

• Identify incentives / pressures to commit fraud, opportunities to commit fraud, or attitudes / rationalizations to justify fraud.

• Personnel from various levels of the organization should be involved in the process.

• Consider internal and external (e.g., regulatory, industry) influences.

• Where could the fraud occur?

• What would the fraud look like?

• What type of fraud is the area susceptible to?

• What are the effects on the books and records?

• When could the fraud occur?

Identify and Evaluate Fraud Risk Factors

Recent Examples of Fraud in the Region

• Seven people charged with defrauding the Dubai Islamic Bank (DIB) out of $501 million (1.84 billion dirhams). March 2009

• Public prosecutors in Dubai are investigating Deyaar Development, and Abu Dhabi is probing an alleged $109 million fraud

• Al-Boom, alleged 847 million dirham bogus investment scheme in court

• ATM fraud dramatically increased throughout GCC in 2008

• Cheque and credit card fraud continues to rise

Fraud in a Downturn

When the economy takes a downturn, fraud increases.

In a recent online poll conducted by Deloitte, two-thirds of respondents expected the economic downturn to lead to more fraud enforcement actions, with greatest concern among financial services.

Over 90% of this surveyed expect the incidence of fraud to either increase or at best stay the same.

“Data from the National White Collar Crime Center show a spike in arrests for fraud and embezzlement during the two most recent recessions. Following the savings and loan crisis and the downturn in 1990, white-collar fraud arrests jumped 52% over the next two years; following the Internet bust in 2000, arrests jumped 25% in the following two years.”1

1 Business Week 9, January 2009

How to respond – if it does happen

• Have a plan

• Mitigate the losses suffered

• What are the objectives?

– Criminal prosecution? – when to go to the Police

– Civil recovery? – asset recovery options

– Industry Regulators? - obligation to report

– Undecided?!

• Gather and secure evidence:

– Accounting records

– Interviewing

– Image IT systems/electronic data

Detection - Fraud indicators

• Receipt of tip-offs

• High staff turnover

• Low morale amongst staff

• Lifestyle of employees not commensurate with salary

• Unusual, irrational or inconsistent behaviour

• Holiday not taken

• Key financial indicators starting to slip

• Does the business accounting make sense and do you understand it?

• Dominant line management

• Remote locations

Prevention – Is Better Than a Cure

Know your “enemy”

• What are the key internal and external fraud risks for your business?

– How has the organisation prioritised these and has it allocated sufficient resources to detect and prevent them?

– What are the key controls over fraud risks and how is their effectiveness monitored?

• What whistle blowing provisions have been made at the organisation?

• Are employees screened?

• To what extent does an anti-fraud culture exist within the organisation?

• Is staff training adequate to counter fraud risks?

• Is someone responsible for identifying and managing fraud risk?

What are Antifraud Programs and Controls?

• Identify fraud risk factors, fraud risks and fraud schemes

• Link or map identified fraud risks to control activities

• Effective communication of antifraud programs and controls

• Monitoring effectiveness of antifraud programs and controls

•Tone at the top•Code of Conduct/Ethics

•Whistleblower Hotline

CreatingCreatinga Controla Control

EnvironmentEnvironment

PerformingPerformingFraud RiskFraud Risk

AssessmentsAssessments

Designing andImplementing

AntifraudControl

Activities

SharingSharingInformation andInformation andCommunicationCommunication

MonitoringMonitoringActivitiesActivities

AFPC

Protect yourself

In today’s economic climate, it is more important than ever to take every precaution possible to reduce exposure to financial loss, reputational damage and service interruption which are the common consequences of fraud.

• Cultural Assessment of the Organisation

• Data Assessment and Analysis

• Real Time Detection and Prevention Systems

• Implementation of ‘Whistle-Blowing’ Hotline

• Fraud Awareness Training

• Fraud Risk Assessment Program

• Business Process Controls Assessment

What steps will you take to reduce the possibility of this happening to you?

Contact Us

Deloitte has a dedicated Forensic and Dispute Services team comprised of anti-fraud specialists located here in the Middle East.

Please contact us on the numbers below:

Simon Charlton William Asante

Managing Director, MENA Region Director, MENA Region

scharlton@deloitte.com wasante@deloitte.com

+971 50 712 4719 +971 50 294 5847

Richard Ross

Assistant Director, MENA Region

riross@deloitte.com

+971 50 450 0476

Member ofDeloitte Touche Tohmatsu