6/2/2023

Sherron Watkins
Cynthia Cooper
VP of Corporate Development
VP of Internal Audit
at the Enron Corporation
at WorldCom
Whistleblower

INTRODUCTION
• Focus of antifraud program is to prevent fraud, not
just detect it.
• Detection & prevention provide the system of
antifraud controls.
• An ounce of prevention is better than a ton of
treatment
 6/2/2023

COMBATING FRAUDS
Characteristics PREVENTION DETECTION INVESTIGATION
ACTOR Management 1. Management 1. Forensic
2. Internal Auditors
Auditors 2. Law
3. External Enforcement
Auditor Unit
Occurrence Before Frauds Indication that Frauds have
occur Frauds are occurred
occurring
Mechanism 1. Creating Honest 1. Developing Red 1. Audit
Culture & Flag (Indicator) Investigative
Governance 2. Employing 2. Financial Loss
2. Evaluating & detection Calculation
Mitigating Risk method
3. Oversight
Community Involvement (Customer, vendor, community, other stakeholders)

What is Fraud Prevention?

• What is Fraud Prevention?
– Policies and activities directed “to control, to stop
or keep from doing or happening, to hinder a
person from acting for the purposes of securing
the enterprise and its processes against fraud.
• Who is Responsible for Fraud Prevention?
– Management is responsible for designing &
implementing controls to prevent and detect
fraud
 6/2/2023

Three Lines of Defense

Memiliki dan mengelola Monitor risiko dan Memberikan keyakinan

risiko dan pengendalian pengendalian untuk
(manajemen operasi lini mendukung pengelolaan
depan) (risiko, pengendalian dan
fungsi Ketaatan yang
ditetapkan oleh manajemen).
secara independen kepada
Pimpinan dan Manajer
Senior terkait efektivitas
pengelolaan risiko dan
pengendalian (audit intern).

Sumber: Anderson, Douglas J., Eubanks, Gina, LEVERAGING COSO ACROSS THE
THREE LINES OF DEFENSE, THEIIA, Juli 2015

ELEMENTS OF PREVENTION
1. Culture of honesty and high ethics
2. Evaluate the risk and implement policies,
procedures, and controls to mitigate the risk
and reduce the opportunity
3. Develop appropriate oversight processes
 6/2/2023

A. Create and Maintain a

Culture of Honesty &
high ethics

PREVENTION ENVIRONMENT
• A key to successful fraud prevention: the
entity’s culture and try to change it
• Element:
1. Corporate Governance Structure
2. Tone at the Top
3. Realistic Financial Goals
4. Policies and Procedures
 6/2/2023

DEFINITION
• Culture refers to “a set of common ideas, beliefs and
values that shared by the member of a group of
individuals” (Roberts et al., 2002)
• Culture is “the collective programming of the mind
which distinguishes the members of one human group
from another” (Hofstede 1984)
• So what (terus piye jal)? ----- esensi CULTURE:
1. Collective
2. Not directly observable but can be inferred
from behavior
3. Helps differentiate groups
9

LEVEL of CULTURE
• LEVEL OF CULTURE:
1. Symbols—with particular meaning
2. Heroes—characters prized by society
3. Rituals—routine activities
4. Values—general beliefs or social norms
• SUBCULTURE
– Culture exists at many level (ethnic, religious,
areas, organization, etc)
– Each group will have its own culture
10
 6/2/2023

• An organization’s
culture is akin to
corporate DNA
• A corporate
culture is the set
of beliefs, norms
and practices that
are shared by an
organization’s
members.

Norms are informal guidelines abut

what is considered normal (what is
correct or incorrect) social behavior
in a particular group or social unit.

Reputation-drivers:
• trustworthiness,
• credibility,
• reliability,
• Responsibility
Hyper-norms:
• honesty,
• fairness,
• compassion,
• integrity,
• predictability,
• responsibility;

Ethical decision criteria:

net positive or consequences of an action, rights
and duties/or fairness and expected virtuosity

ETHICAL CULTURE vs ETHICAL CLIMATE
ETHICAL CULTURE
• Based on Anthropological
Theory
• Focused on examining
formal and informal control
systems and how those
systems teach values and
impact behavior
• Includes formal ethics and
compliance program
elements, office lore, reward
and punishment systems
Element of Honesty & Integrity
• Tone at the top
• Positive working environment
• Fair Promotion
• Training on ethics
• Confirmation
• Discipline
6/2/2023
ETHICAL CLIMATE
• Based on Psychological
Theory
• Focused on examining the
existence and impact of
the organization’s
“personality”
• Includes collective
perceptions, attitudes,
and decision-making
criterion and style, “who
we are” as an organization
 6/2/2023

Tone At The Top

• Lead by example (words and actions)
• Management has to:
1. Behave Ethically
2. Communicate it’s intolerance for dishonest and
unethical behavior
• Employees must be treated equally with
disregard to position
• Create a code of ethics and implement it

Policies and Procedures

1. Define frauds
2. Describe publication and communication of policy
3. Describe implementation of controls for antifraud
4. Describe training
5. Describe proactive fraud audit measures
6. Describe testing of antifraud controls
7. Define investigation policies and procedures
8. Describe actions taken in fraud audit
9. Describe the analysis of evidence
10. Describe resolutions to frauds
11. Describe incident reporting procedures
 6/2/2023

Realistic Financial Goals

• the over-optimistic goals set for corporate
performance = element of major fraud
• Balancing those goals with any negative
impact they might have is a delicate task

B. Evaluating Antifraud
Processes and
Controls
 6/2/2023

Evaluating Anti Fraud

1. Identifying and Measuring Fraud Risks
– Fraud Risk Assessent
2. Mitigating Fraud Risks
– What areas & activities are risky and how to solve them
3. Implementing and
Monitoring
Appropriate Internal
Controls
• COSO Internal
Control

C. Developing an Appropriate
Oversight Process
 6/2/2023

Oversight Mechanism
• Audit Committee
• Board of Directors
• Management
• Internal Auditors
• Independent Auditors

Corporate Governance Structure

• Corporate Governance Weaknesses:
1. Board members who were not independent
2. Board dominated by insiders
3. Board members with significant equity holdings
4. Board members with little board experience
5. Boards and audit committees that did not meet
6. Audit committee members who knew little about
finances or auditing
7. No audit committee
8. Audit committee did not meet
9. Top executives involved in the frauds
 6/2/2023

PERCEPTION OF DETECTION
• Perception of detection is at the top of the list of
fraud prevention measures
• to minimize fraud is to find a cost-beneficial way to
increase the perception of detection:
1. Surveillance
2. Anonymous tips
3. Surprise audits
4. Prosecution
5. Enforcement of ethics and fraud policies
6. Catch me if you can!
7. Adopting IT (E-Planning, E-Budgeting, E-
Catalog, E-Procurement, ETC)

CLASSIC APPROACHES
• Directive approach.
– The directive approach is confrontational and authoritative.
– It says: ‘‘Don’t steal. If you do, and we catch you, you’ll be
fired.’’
• Preventive approach
– potential fraudsters are screened out using various
means:
1. background checks for criminal records and credit
reports
2. Internal controls (segregation of duties)
 6/2/2023

CLASSIC APPROACHES
• Detective approach.
– sets up accounting controls and an internal audit
function to monitor potential frauds.
• Observation approach.
– physical observation of assets and employees
• Investigative approach.
– Based on investigative results (follow up on allegations of
theft)
• Insurance approach
– adequate insurance coverage to cover losses that might
occur due to a fraud

OTHER PREVENTION MEASURES

• Background Checks:
– criminal record (FT: rationalization) or high debt (FT: pressures)
• Regular Audits:
– increase the perception of detection
– Focus: identify, review, and analyze anomalies.
• Internal Controls (FT: Opportunity):
1. Proper authorization procedures
2. Adequate documentation, records, and audit trail
3. Physical control over assets and records
4. Independent checks on performance
5. Monitoring of controls
• Invigilation
– Monitor employees when they are doing their activities
– creates a pristine environment that should be fraud-free
– a high profile, well-staffed fraud audit
 6/2/2023

ACCOUNTING CYCLES
• Generalizations
– accounting transactions and cycles are specific to any given (different)
organization
– Prevention: understand the organizational context and the fraud
environment factors at hand
• Sales Cycle:
– Lapping
– Prevention: forced rotation of duties and forced taking of vacation
• Purchases Cycle:
– fraudulent disbursements (shell company)
– Prevention: segregation of duties
• Payroll Cycle:
– ghost employees
– Prevention: cross-check payroll against human resource records
periodically

Trends in the Implementation

of Anti-Fraud Controls

28
 6/2/2023

Anti-Fraud Controls by Region

29

Background Checks

30
 6/2/2023

Background Checks

31

Internal Control Weaknesses That Contributed to Fraud

32
 6/2/2023

Internal Control Weaknesses That Contributed to Fraud

33

Criminal Prosecutions

34
 6/2/2023

Criminal Prosecutions

35

Behavioral Red Flags

36
 6/2/2023

THE END