Fraud Investigations: Considerations For Internal Auditors

Fraud Investigations: Considerations for Internal Auditors Our program will begin at 1 PM ET, please stand by during the
silence
Connect to the audio feed. Two options your choice (the telephone method provides the best audio quality)
Telephone Toll Free US/Canada number
Call-in toll-free number (US/Canada) 866-699-3239 Call-in toll number (US/Canada) 1-408-792-6300 Meeting Number: 757 260 312
Through your computer (Audio Broadcast)
On the menu bar, choose Communicate > Join Audio Broadcast. Your Audio broadcast panel appears:
Copyright 2008 Deloitte Development LLC. All rights reserved.
Fraud Investigations: Considerations for Internal Auditors

Scott Shaffer Partner, Corporate Investigations Jack Moorman Principal, Analytic & Forensic Technology Toby J. F. Bishop Director, Deloitte Forensic Center Deloitte Financial Advisory Services LLP November 6, 2008
2
Welcome to Todays Webinar!

Before we begin:
Our Panel Polling Questions CPE Requirements Submit your questions for Q&A Session
Our Panel
Scott Shaffer Partner, Corporate Investigations Jack Moorman Principal, Analytic & Forensic Technology Toby J. F. Bishop Director, Deloitte Forensic Center
4
CPE Requirements
Only registered participants will be eligible to receive CPE credit. A series of polling questions will be posed. You must respond to 70% of the polling questions to receive credit. Be sure to click the submit button. Must view the entire webinar. Early departure might result in decreased CPE award. An evaluation will appear when you exit the webinar, your feedback is important to us. NO CPE is available for the recorded version of this webinar.
5
Submit Questions to Panelists

Live viewing audience: To submit a question, type the question into the Q & A panel section. If your question is to a specific panelist please state the panelist name in your question. Select the Send button Please use the CHAT feature only for technical assistance or call Webex technical support at 1-866-229-3239 (US and Canada Toll-Free) +1-408-435-7088 (International Toll)
Demographic Polling
How many viewers are watching the webinar at your location?
a) b) c) d) e) 1 - I am the only viewer 2 to 4 viewers 5 to 7 viewers 8 to 10 viewers More than 10 viewers
Course Objectives
Identify potential risks of "just taking a look" to determine the validity of an allegation Assemble different skill sets needed for a particular investigation Work through challenges involved in international investigations and supply chain issues Gather and preserve evidence in a way that maintains admissibility in court proceedings
Course Objectives (cont.)

Understand computer forensics: identifying "smoking gun" emails and other electronic evidence Know strategies and techniques for interviewing witnesses and potential suspects Report results: what, how, to whom, and why?
Resources IIA Guidance

Managing the Business Risk of Fraud: a practical guide New Guidance Issued July 7, 2008 Joint project of IIA, AICPA & ACFE Sections on: Fraud Risk Governance Fraud Risk Assessment Fraud Prevention Fraud Detection Fraud Investigation and Corrective Action
10
Resources IIA Guidance

Practice Advisory 1210.A2-2 IA responsibilities related to investigating fraud allegations: Managements role Internal auditors role Investigators role Reporting on fraud Resolution of fraud incidents Communications Opinion on IC related to fraud
11
Polling Question 1
How many years of experience do you have performing fraud investigations?
a)More than 10 years b)6 10 years c)2 5 years d)Less than 2 years e)None
12
Risks of Just Taking a Look

Tipping off suspects Intentional destruction of evidence Fabrication of evidence; witness intimidation Loss of electronic evidence due to delayed investigation Back-Up Tapes Email server data automatic archive/ delete Inadvertent spoliation of evidence Risk that shortcuts might compromise findings
13
Investigation Team Skill Sets

Computer forensics Data gathering & data analysis Interviewing skills Fact-finding & eliciting confessions Forensic accounting Business knowledge/ Company policy Language capabilities Legal/ Compliance Potential attorney-client privilege
14
Polling Question 2
Who normally performs fraud investigations within your organization?
a)Internal audit b)Fraud/security c)Legal d)External investigators e)A team of internal and external personnel f) NA/Dont know
15
Supply Chain Issues

Supply Chain Fraud Schemes Kickbacks Related parties/ Conflict of interest Duplicate payments Fictitious vendors False or inflated invoices Excess purchasing
16
International Challenges
Local laws & regulations affecting investigations Coordination of General Counsel, Internal Audit, and compliance groups across borders Security, confidentiality, and privacy issues Language and cultural barriers Knowledge of local business practices
17
Polling Question 3
How does your organization staff fraud investigations in foreign countries?
a)Our staff travel b)We use local staff c)We use a variety of local external investigators d)We use a single external provider e)NA/Dont know
18
Gathering & Preserving Evidence

Collecting evidence - things to consider
What evidence should be collected Appropriate method of evidence collection Timing and priority of evidence collection Privacy implications Technology implications Chain of Custody Evidence verification and security Retention requirements
19
Gathering & Preserving Evidence

Evidence handling
Chain of custody tracking from collection to final disposition Collection techniques that provide a means of verification (MD5, SHA1 hashes) Proper transport of electronic evidence Proper facilities for electronic evidence storage Separate access control for sensitive or foreign data Trained evidence personnel to manage evidence
Evidence Analysis:
Hash library and file signatures Meta-data Deletion activity Encrypted, hidden, or encoded data Behavioral artifacts
20
Computer Forensics in Investigations

Potential sources of electronic evidence
Production systems: e-mail, instant messaging, enterprise database, fax, document imaging, voice, and telephony systems Network file shares, local desktop, or laptop file systems, portable storage media such as CDs, DVDs, flash drives, or external hard drives Enterprise records management or other archival systems Backup and disaster recovery media Handheld devices such as PDAs and mobile phones Data maintained by external vendors or service bureaus
21

Review methods
Culling based on
Custodian Time and date range File type and location
Searching electronic files

Privilege Keywords Patterns Conceptual Contextual
22

Factors in deciding between in-house and external forensic capabilities
Cost (laboratory environment, software, hardware) Personnel (training, qualifications, experience) Responsiveness (scalable and reactive resources) Court presentation capability (expert witness experience, independent third party requirements)
23
Polling Question 4
How does your organization gather electronic evidence to support fraud investigations?
a)In-house personnel qualified in computer forensics b)Other internal audit personnel c)Other IT personnel d)External computer forensic specialists e)We dont gather electronic evidence f) NA/ Dont know
24
Interviewing Witnesses and Suspects

Who to interview Informants, victims, witnesses, co-conspirators, suspects When to interview At any stage of the investigation To confirm or refute any information/ evidence gathered Where to interview Private rooms Locations without distractions such as telephones, windows, or other people In a location that you control Let the interviewee sit near the door to avoid feeling trapped Allows you to observe non-verbal behaviors and body language Avoid interviewing alone
25
Interviewing Witnesses
Informational Interview Methodologies Context reinstatement revisit scene or recreate events Extensive and varied retrieval Varying chronological order to aid concentration Concentration Avoid distractions Imagery Use different senses Control of information with the witness Interviewer is the facilitator Compatible questioning Use the witness own words to assist concentration
26
Interviewing Suspects
Investigative Interview Methodologies Direct Accusation Avoid strong words like steal, fraud, kickbacks Observe reactions Cut off denials Establish rationalizations Stop alibis Present alternatives to obtain initial confession Reinforce rationalizations Probe for details Obtain a written confession
27
Reporting Results
How to report findings: Oral or written communication Who to report findings to: Management Board of Directors/ Audit Committee Regulators/ Authorities What to report: Description of procedures performed Communicate findings or facts learned as a result of the procedures performed Include restriction on distribution of report, where applicable Generally, do not state opinions Why report findings: Help drive consistency in resolving allegations
28
Polling Question 5
Our organizations fraud investigation capabilities would best be enhanced by:
a)Greater computer forensic capabilities b)Enhanced interviewing skills c)Better resources for international investigations d)All of the above e)NA/Dont know
29
How to Prepare for Investigations

Implement consistent process for evaluating allegations Develop investigation protocols Reporting lines Methodologies Identify resources to be used Internal resources (internal audit, legal, HR, etc.) Computer forensics Forensic accounting International
30
Question and Answer Session

Live viewing audience: To submit a question, type the question into the Q & A panel section. If your question is to a specific panelist please state the panelist name in your question. Select the Send button
31
Contact Information
Scott Shaffer sshaffer@deloitte.com (312) 486-4755 Jack Moorman jmoorman@deloitte.com (312) 486-4559 Toby J. F. Bishop tobybishop@deloitte.com (312) 486-5636 Deloitte Forensic Center www.deloitte.com/us/forensiccenter
32
Webinar Evaluation
Please take a moment to complete the webinar evaluation, which will appear in a separate pop-up window when you exit the webinar. We appreciate your feedback.
33
CPE Certificate
Registered participants who have met the CPE requirements will access their certificate from the Completed Courses page in The IIAs online learning system, GEAR. Certificates will be available for download in approximately one week.
34
Thank you for participating!

Please join us for The IIAs upcoming webinars:
Date Topic Type Notes
November 11
Emerging Technology Risks: What Internal Auditors Should Know Identifying and Managing Risk in Outsourcing/Offshoring Arrangements IFRS: International Financial Reporting Standards
IIA
Live NASBA CPE CPE available for Playback (non-NASBA) Live CPE only; Presented in association with Deloitte Live NASBA CPE CPE available for Playback (non-NASBA) Live CPE only; Presented in association with Deloitte
November 20
IT Hot Topic
December 2
IIA
December 4
Fraud Considerations in the Fraud Performance of Hot Procurement Audits Topic

35
The information contained in this publication is for general purposes only and is not intended, and should not be construed, as legal, accounting, or tax advice or opinion provided by Deloitte to the reader. This material may not be applicable or suitable for, the readers specific circumstances of needs. Therefore, the information should not be used as a substitute for consultation with professional accounting, tax, or other competent advisors. Please contact a local Deloitte professional before taking any action based upon this information.
36
About Deloitte Deloitte refers to one or more of Deloitte Touche Tohmatsu, a Swiss Verein, and its network of member firms, each of which is a legally separate and independent entity. Please see www.deloitte.com/about for a detailed description of the legal structure of Deloitte Touche Tohmatsu and its member firms. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries.
37
38
A member firm of Deloitte Touche Tohmatsu

Fraud Investigations: Considerations For Internal Auditors

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Fraud Investigations: Considerations For Internal Auditors

Uploaded by

Copyright:

Available Formats

Fraud Investigations: Considerations for Internal Auditors Our program will begin at 1 PM ET, please stand by during the

Copyright 2008 Deloitte Development LLC. All rights reserved.