Fraud Prevention

Hanna C Quffa CPA, CFE

 Auditing vs. Fraud Examination
Issue Auditing Fraud Examination
Timing Recurring Nonrecurring
Scope General Specific
Objective Opinion Affix blame
Relationship Nonadversarial Adversarial
Methodology Audit techniques Fraud examination
techniques
Presumption Professional Proof
skepticism
Defining Occupational
Fraud and Abuse
 The use of one’s occupation for
personal enrichment through the
deliberate misuse or misapplication of
the employing organization’s resources
or assets
Elements of Fraud
 A material false statement
 Knowledge that the statement was false
when it was uttered
 Reliance on the false statement by the
victim
 Damages resulting from the victim’s
reliance on the false statement
 Opportunity

Fraud
Triangle

Pressure Rationalization
Major areas of exposure
 corruption, which includes conflicts of interest,
bribery (including kickbacks), illegal gifts, and
economic extortion;
 misappropriation of assets, which includes
skimming, larceny, and asset misuse; and
 financial statement fraud, which can include
financial (either asset or revenue over- or
understatements) and non-financial components
Prevention VS Detection
 An ounce of prevention is better than a ton
off treatment
 In order to prevent fraud there is a need to
make your organization immune against
fraud
Reducing the risk of fraud
 The means to reduce risk
 Prevention
 Reduce the opportunity for
 Deterrence (punishment)

 Detection

 Detection of fraud is much more costly

Responsibility of Fraud Prevention
 Management has the
responsibility and
means to implement
measures to reduce
the risk of fraud
 Good corporate
governance reduces
the risk
Elements of prevention
 Create and Maintain a culture of honesty
and high ethics
 Evaluate the risk and implement policies,
procedures, and controls to mitigate the
risk and reduce the opportunity
 Develop appropriate oversight processes
Create a culture of honesty

 Setting the tone at the  Training

top
 Positive work place  Conformation
environment
 Hiring & promoting  Discipline
appropriate
employees
Setting the tone at the top
 Lead by example (words and actions)
 Management has to
 Behave Ethically
 Communicate it’s intolerance for dishonest
and unethical behavior
 Employees must be treated equally with
disregard to position
Setting the tone at the top
 Set achievable financial goals (not to
create undue pressure)
 Create a code of ethics and implement it

The code of ethics should be clear,

understandable and developed in a
positive participatory manner
Code of conduct
 The code of conduct should reflect the core
values of the entity and guide employees in
 making appropriate decisions during their
workday.
 The code of conduct might include such topics
as
 ethics, confidentiality, conflicts of interest, intellectual
property, sexual harassment, and fraud.
Code of conduct
 Employees should be given the
opportunity to help in development and
updating of code of conduct to create
ownership
 Employees should be encouraged to
report violation of code or wrong doing
A hotline (anonymous is preferred to avoid
fear or retribution )
Positive work place environment
 wrongdoing occurs less frequently when
employees have positive feelings about an entity
than when they feel abused, threatened, or
ignored
 Without a positive workplace environment, there
are more opportunities for poor employee
morale, which can affect an employee’s attitude
about committing fraud against an entity
Factors that detract from a positive
work environment
 Top management that does not seem to
care about or reward appropriate behavior
 Negative feedback and lack of recognition
for job performance
 Perceived inequities in the organization
 Autocratic rather than participative
management
Factors that detract from a positive
work environment cont.
 Low organizational loyalty or feelings of ownership
 Unreasonable budget expectations or other financial
targets
 Fear of delivering “bad news” to supervisors and/or
management
 Less-than-competitive compensation
 Poor training and promotion opportunities
 Lack of clear organizational responsibilities
 Poor communication practices or methods within the
organization
Factors that help create a good
environment
 Recognition and reward systems that are in tandem with
goals and
 Equal employment opportunities
 Team-oriented, collaborative decision-making policies
 Professionally administered compensation programs
 Professionally administered training programs at all
organizational levels
 Career development
A good HR Department is instrumental
Hiring & promoting appropriate
employees
 Hire the best sited for
the job
 with integrity
 Equivalence of effort
to reward When people are under pressure and
 Promotion biased on there is a perceived opportunity some
people will behave dishonestly rather
evaluation than face negative consequences of
honest behavior
Proactive hiring and promotion
procedures
 Conducting background investigations on individuals being
considered for employment or for promotion to a position of trust
 Thoroughly checking a candidate’s education, employment history,
and personal references
 Periodic training of all employees about the entity’s values and code
of conduct, (training is addressed in the following section)
 Incorporating into regular performance reviews an evaluation of how
each individual has contributed to creating an appropriate workplace
environment in line with the entity’s values and code of conduct
 Continuous objective evaluation of compliance with the entity’s
values and code of conduct, with violations being addressed
immediately
Training
 New employees should be trained at the time of
hiring about the entity’s values and its code of
conduct.
 This training should explicitly cover expectations
of all employees regarding
 Their duty to communicate certain matters;
 A list of the types of matters, including actual or
suspected fraud, to be communicated along with
specific examples;
 Information on how to communicate those matters.
Training Cont.
 The training should be at the time of hiring
as well as refresher training periodically
 Training should be specific to an
employee’s level within the organization,
geographic location, and assigned
responsibilities.
Confirmation
Management needs to clearly articulate that all
employees will be held accountable to act within
the entity’s code of conduct. All employees
within senior management and the finance
function, as well as other employees in areas
that might be exposed to unethical behavior (for
example, procurement, sales and marketing)
should be required to sign a code of conduct
statement annually, at a minimum.
Discipline
 The way an entity reacts to incidents of
alleged or suspected fraud will send a
strong deterrent message throughout the
entity, helping to reduce the number of
future occurrences.
 The consequences of committing fraud
must be clearly communicated throughout
the entity.
Response to an alleged incident of fraud
 A thorough investigation of the incident should
be conducted.
 Appropriate and consistent actions should be
taken against violators.
 Relevant controls should be assessed and
improved.
 Communication and training should occur to
reinforce the entity’s values, code of conduct,
and expectations.
EVALUATING ANTIFRAUD
PROCESSES AND CONTROLS
 Fraud can not occur without a perceived
opportunity to commit and conceal the act.
 Organizations should be proactive in reducing
fraud opportunities by
(1) Identifying and measuring fraud risks,
(2) Taking steps to mitigate identified risks, and
(3) Implementing and monitoring appropriate preventive
and detective internal controls and other deterrent
measures.
 Internal Control
Feed back
Feed forward
process
process input output
input C
C output

process

input output
C
Controls
 Existence of a control
even if non- operational
can be a deterrent and
act as a real control
DEVELOPING AN APPROPRIATE
OVERSIGHT PROCESS
 Audit Committee or Board of Directors
 Management
 Internal Auditors
 Independent Auditors
 Certified Fraud Examiners
Audit Committee’s purpose
 To monitor compliance with laws
 Integrity of financials
 Asses external auditor qualifications &
independence
 Follow up on internal audit
Thank you