|
AntiFraud white paper: Emerging role of internal audit in
mitigating fraud and reputation risks
Significant legal, regulatory and standards-setting actions
are combining to pressure all players in the financial-reporting
process to step up their efforts to combat corporate fraud and
misconduct.
For internal audit, this environment poses both opportunities and
challenges. Corporate auditors who move quickly to develop
antifraud action plans –– such as PricewaterhouseCoopers’ 10-Step
Antifraud Action Plan –– will find ample ways to provide
added value to their organisations. Conversely, internal audit
directors who fail to address rising stakeholder expectations
jeopardise their relevance and imperil their job security. (Read
more...) Link currently unavailable
Fraud
Manual on Employee Embezzlement
This fraud manual represents
Joe's personal experiences dealing with fraud in state agencies
and local governments in the State of Washington. The manual
describes a host of common fraud schemes perpetrated by trusted
employees within the organization, as well as many important
concepts about fraud. While these fraud schemes come from the
public sector, the same schemes also occur in the private sector.
So, there is plenty of information for everyone. The material is
provided with the compliments of the author with the hope that
readers will use the information to both deter and detect
employee fraud in the workplace. (Read
more...)
Assessing Technology, Methods, and
Information for Committing and Combating Cyber Crime
The report notes that computer crime,
in general, results from situations in which offenders capitalize
on perceived opportunities to invade computer systems to achieve
criminal ends or use computers as instruments of crime, confident
that law enforcement officials do not have the means or knowledge
to prevent or detect such criminal acts. This report presents
up-to-date information on computer crime commission and
investigation to help the reader understand how offenders use
technology to commit their crimes (i.e., the most popular and
effective methods); what enforcers must know to effectively
detect/investigate these offenses; and in which areas offenders
are still exceeding the skills of law enforcement. The tools
being used by offenders are logically grouped and categorized by
function (e.g., scanning tools, wardialing programs, and password
crackers).
The investigative tools described address the
investigative needs, such as evidence source identification,
evidence preservation, evidence extraction, and evidence
analysis. These tools are grouped into the general categories of
evidence collection and preservation tools, evidence extraction
tools, evidence examination tools, evidence organization tools,
network forensic tools, attack analysis tools, multipurpose
forensic tools and toolkits, and trusted time stamping. These
tools are further separated by function into subcategories. The
body of this report presents general descriptions of the
investigative tools, accompanied by directions on where more
specific information on the tools can be found. (Read
more...)
The ICAC has produced this corruption
prevention publication to guide public officials who may be offered
gifts, benefits or bribes in the course of their official duties.
It highlights the main issues that public officials should take
into account in deciding whether to accept a gift or benefit. The
publication is also intended to assist public sector agencies in
the development of their gifts and benefits policies. Some of the
main issues that should be considered when implementing such
policies are discussed. (Read
more...)
Standard
Practises for Investigative and Forensic Accounting Engagements
NOVEMBER
2006: Standard practices for investigative and forensic
accounting (IFA) engagements have been prepared by the IFA
Standards Committee (Committee) of the Alliance for Excellence in
Investigative and Forensic Accounting (IFA Alliance), and have been
approved by the Board of the IFA Alliance. The role of the
Committee is to set, maintain and update standard practices for
conducting IFA engagements. ( Read
more...)
Managing the
Risk of Fraud - A Guide for Managers
Risk, in the context of managing fraud risk,
is the vulnerability or exposure an organisation has towards fraud and
irregularity. It combines the probability of fraud occurring and the
corresponding impact measured in monetary terms. Preventive controls and the
creation of the right type of corporate culture will tend to reduce the
likelihood of fraud occurring while detective controls and effective
contingency planning can reduce the size of any losses.
Everybody in an organisation contributes to
the management of fraud risk. This starts at the top where senior management
set the tone of the organisation and promote an anti-fraud culture
throughout the organisation. Operational staff design and implement and
operate the control actions required to minimise risk. The personnel
function ensures that the right staff are recruited. Accommodation services
ensure physical security and IT services promote computer and data security.
The role of internal audit is to deliver an opinion to the Accounting
Officer on the whole of an organisation’s risk management, control and
governance. In relation to fraud this will include the examination of the
adequacy of arrangements for managing the risk of fraud and ensuring that
the organisation actively promotes an anti-fraud culture. (Read
more...)
Management Antifraud Programs and Controls - Guidance to Help Prevent and
Deter Fraud
Some organizations have significantly lower
levels of misappropriation of assets and are less susceptible to fraudulent
financial reporting than other organizations because these organizations
take proactive steps to prevent or deter fraud. It is only those
organizations that seriously consider fraud risks and take proactive steps
to create the right kind of climate to reduce its occurrence that have
success in preventing fraud. This document identifies the key participants
in this antifraud effort, including the board of directors, management,
internal and independent auditors, and certified fraud examiners. (Read
more...)
Investigative Uses of Technology: Devices, Tools, and Techniques
October 2007: This NIJ special report
discusses techniques and resources for investigating technology-related
crime. It explains technology-related tools and devices that an investigator
may encounter or that may assist an investigation, and legal issues
affecting the use of high technology. Devices not only can aid an
investigation; they can facilitate crime. For example, criminals can use
cell phones to trigger explosives and credit cards and other customer cards
to engage in fraud, theft, and identity theft. For each device described,
the report provides an overview of their functions and usefulness to
investigators. Devices can be multifunctional (e.g., cell phones can perform
camera functions). As more functions converge into a single device,
investigators need to be aware that relevant information can be stored in
seemingly mundane or commonplace objects or devices. (Read
more...)
Investigations Involving the Internet and Computer Networks
This NIJ Special Report is intended as a
resource for individuals responsible for investigations involving the use of
the Internet and other computer networks. Any crime could involve devices
that communicate through the Internet or through a network. Criminals may
use the Internet for numerous reasons, including trading/sharing information
(e.g., documents, photographs), concealing their identity, and gathering
information on victims. The report is among a series of guides on
investigating electronic crime. (Read
more...)
Digital Evidence in the Courtroom: A Guide for Law Enforcement and
Prosecutors
Now essential to modern life, computers have
also become increasingly important to criminals, who steal information,
commit fraud, and stalk victims online. Even if a crime was not committed
online, law enforcement may discover critical evidence from an offenders'
digital media. For this evidence to be admissible, however, police must
demonstrate proper collection and handling. In the courtroom, prosecutors
must overcome the twin barriers of skepticism and lack of technical
understanding. To help navigate this complex process, NIJ's technical
working group of national experts prepared this special report. Chapters 1
and 2 inform crime scene investigators and other handlers about legal
requirements for the handling of digital evidence. Chapters 3 and 4 provide
guidelines for successful prosecution. The last chapter is a working
application—using digital evidence to convict in a child pornography case.
Appendixes provide useful resources and forms. (Read
more...)
Electronic Crime Scene Investigation: A Guide for First Responders
Computers and other electronic devices are
being used increasingly to commit, enable, or support crimes against
persons, organizations, or property. This NIJ Guide (NCJ 187736) is intended
for use by law enforcement and other responders who have the responsibility
for protecting an electronic crime scene and for the recognition,
collection, and preservation of electronic evidence. The document is not
all-inclusive. Rather, it deals with the most common situations encountered
with electronic evidence. (Read
more...)
Forensic Examination of Digital Evidence: A Guide for Law Enforcement
This guide is intended for use by members of
the law enforcement community who are responsible for the examination of
digital evidence. The guide, published as an NIJ Special Report, is the
second in a series of guides on investigating electronic crime (see also
Electronic Crime Scene Investigation: A Guide for Law Enforcement). It deals
with common situations encountered during the processing and handling of
digital evidence and can be used to help agencies develop their own policies
and procedures. (Read
more...)
Crime Scene
Investigation: A Guide for Law Enforcement
The guide is presented in five major sections,
with sub-sections as noted: (1) Arriving at the Scene: Initial
Response/Prioritization of Efforts (receipt of information, safety
procedures, emergency care, secure and control persons at the scene,
boundaries, turn over control of the scene and brief investigator/s in
charge, document actions and observations); (2) Preliminary Documentation
and Evaluation of the Scene (scene assessment, “walk-through” and initial
documentation); (3) Processing the Scene (team composition, contamination
control, documentation and prioritize, collect, preserve, inventory,
package, transport, and submit evidence); (4) Completing and Recording the
Crime Scene Investigation (establish debriefing team, perform final survey,
document the scene); and (5) Crime Scene Equipment (initial responding
officer/s, investigator/evidence technician, evidence collection kits). (Read
more...)
Guidance on
Monitoring Internal Control Systems
Internal control systems exist to help
organizations meet their goals and objectives. They enable management to
deal with changes in internal and external environments. They also promote
efficiency, reduce the risk of loss, and help ensure financial statement
reliability and compliance with laws and regulations.
Internal control is, therefore, critical to
the success of any organization. When it is effective, management and the
board have reasonable assurance2 regarding achievement of an organization’s
goals and objectives. When it is not effective, neither management nor the
board has such assurance. It follows, then, that organizations need a
mechanism for assessing the quality of their internal control systems’
performance over time. That mechanism is monitoring. (Read
more...)
Report of the National Commission on Fraudulent Financial Reporting
1987: Prevention and earlier detection of
fraudulent financial reporting must start with the entity that prepares
financial reports. Thus the first focus of the Commission's recommendations
is the public company, including (1) the tone set by top management, (2) the
internal accounting and audit functions, (3) the audit committee, (4)
management and audit committee reports, (5) the practice of seeking second
opinions from independent public accountants, and (6) quarterly reporting.
The independent public accountant's role, while secondary to that of
management and the board of directors, also is crucial. This section of the
report covers responsibility for detection and improved detection
capabilities, audit quality, communications, and changes to the
standards-setting process for auditing. The Commission's recommendations for
increased deterrence also involve new SEC sanctions, greater criminal
prosecution, improved regulation of the public accounting profession,
adequate SEC resources, improved federal regulation of financial
institutions, and improved oversight by state boards of accountancy. To
encourage educational initiatives, the Commission also recommends changes in
the business and accounting curricula as well as in professional
certification examinations and continuing professional education. (Read
more...)
Internal Control over Financial Reporting — Guidance for Smaller Public
Companies
2006: This small business guidance takes the
concepts of the 1992 Internal Control – Integrated Framework and
demonstrates their applicability for achieving financial reporting
objectives of smaller publicly traded companies. (Read
more...)
Enterprise Risk
Management — Integrated Framework
The framework defines essential enterprise
risk management components, discusses key ERM principles and concepts,
suggests a common ERM language, and provides clear direction and guidance
for enterprise risk management. Engaged by COSO to lead the study,
PricewaterhouseCoopers was assisted by an advisory council composed of
representatives from the five COSO organizations. (Read
more...)
Control Overrides in Financial Statement Fraud
Assessing the Role of Control Overrides in Financial
Statement Fraud. Study conducted by Dr. Robert Tillman and Michael
Indergaard (Read
more...)
Corruption
in the Procurement Process/Outsourcing Government Functions:
Issues, Case Studies, Implications
Assessing How Procurement Fraud Suborns Officials Study
conducted by
Dr. Nikos Passas (Read
more...)
Red flagging as an indicator of financial statement fraud:
The perspective of investors and lenders
There is increasing international concern
about the escalation of fraud and, in particular, financial statement fraud.
Detecting financial statement fraud and proving such fraud remains an
elusive goal. Red flagging is an early warning system that has been used by
auditors to determine the probability of financial statement fraud. (Read
more...)
A Case Study of the Role of the Forensic Accountant in a Legal Dispute
With increasing frequency, forensic
accountants are called upon to play important roles in resolving legal
disputes ranging from civil actions such as breaches of fiduciary duty to
Racketeer Influenced Corrupt Organizations (RICO) Act criminal violations
involving gambling, arson for profit, extortion, securities fraud, and mail
fraud. In any litigation, the forensic accountant’s role is to examine the
financial issues relevant to the case, summarize and explain those issues to
interested parties (e.g. the judge, attorneys and plaintiffs/defendants),
and offer expert testimony in court, if necessary. (Read
more...)
Recognition of Revenue and the Auditor’s Responsibility for Detecting
Financial Statement Fraud
Financial reporting frauds and earnings
manipulation have attracted high profile attention recently. There have been
several cases by businesses of what appears to be financial statement fraud,
which have been undetected by the auditors.
In this thesis, the main purpose is to
identify some of the reasons why auditors have not detected financial
statement fraud and to suggest possible solutions for improving the audit
process in these areas. In order to achieve this target, some cases of the
fraudulent financial statements of revenue recognition will be analysed. (Read
more...)
Fraud: Meeting
the Challenge through External Audit
Fraud matters to all external auditors. In any
audited entity there is always a risk that its financial statements may be
affected by material fraud. The ICAEW has identified the loss of confidence
due to the high profile corporate failures in the United States as the
single most important issue facing the UK accountancy profession. The
restoration of public confidence in the profession remains high on the
ICAEW’s agenda. Developing further guidance for members on fraud has been a
priority since then and this publication is a first step. It continues the
focus on improving the effectiveness of audit begun with the Faculty’s Audit
Quality publication issued in November 2002. (Read
more...)
Fraud Control Improvement Kit
Studies globally of fraud consistently show
that it is not reducing as a key risk issue. The incidence of fraud within
the Australian economy is increasing, as is the average financial loss
associated with fraudulent conduct. No organisation can assume that its
safeguards are adequate.
We recognise that organisations need a simple
and effective way to review and monitor how effectively they are
implementing fraud control strategies. This kit has been developed for
precisely that purpose. Its development reflects an extended period of
consultation, focus-group review and pilot-testing to ensure that that the
kit is simple to use, practical and flexible. The kit assists organisations
to meet their fraud control obligations in a cost-effective manner, tailored
to their situation and based on risk. (Read
more...)
Anti-Corruption Tool Kit
JANUARY 2002: Since 1994 the world
has witnessed an unprecedented increase in the efforts of governments and
international agencies to raise awareness about the negative effects of
corruption. International organisations, governments, and the private sector
have come to realise that corruption is a serious obstacle to effective
government, economic growth, and national and international stability. For
these reasons, there is an increased interest and need for international and
national anti-corruption legislation, policies and measures.
The purpose of this anti-corruption
tool kit is to help U.N. Member States and the public to understand the
insidious nature of corruption, the potential damaging effect it can have on
the welfare of entire nations and suggest measures used successfully by
other countries in their efforts to uncover and deter corruption and build
integrity. (Read
more...)
 (3.11 MB)
November 2002: Fraud threatens the ability of agencies and councils to carry
out their functions. It is increasingly important that they properly respond
to the threat of fraud.
These
guidelines look at ways responding to fraud through risk assessment and
management, prevention and detection strategies, thorough investigation and
appropriate follow up action.
Those
responsible for the efficient and effective management of all government
organisations should read the guidelines and examine their own fraud risk
management arrangements. (Read
more...)
November 2002: The ICAC aims to build
corruption resistance among all public sector agencies. So, as part
of the ICAC’s Corruption Resistance Review program (CRR), we have
produced a Do-it-yourself Corruption Resistance Guide (DIY
Corruption Resistance Guide).
Agencies can use the guide:
-
to assess how well they are building
corruption resistance across their functions and locations;
-
to identify any gaps and the steps that need
to be taken to close them; and
-
as a benchmarking tool to measure progress
over time. (Download
Guide)
APRIL 2002: The ICAC’s job is to expose
corruption and to build corruption resistance. This means that we need to
help agencies and councils to deal with fraud.
The best way to deal with the threat of fraud
is effective prevention and strong detection measures. The best way to
respond to suspicion of fraud is to investigate it thoroughly. The best way
to respond to firm evidence of fraud is to ensure that it does not occur
again and to attempt to prevent the culprit from getting away with it or
doing it again. These are the issues covered in our discussion paper,
Responding to Fraud. (Download
Guide)
APRIL 2001: No leader of a public sector
agency or local council wants to face a corruption scandal. Building
organisational integrity is an effective way to avoid this happening.
This quick guide tells you what organisational
integrity is, how it can benefit your organisation, and how you can take
four steps to achieve it. (Read
more...)
1996: This guide is for all public sector and
local government staff, but primarily for those responsible for
coordinating, developing and/or implementing corruption prevention measures
in their organisation.
You may work in a large organisation with an
established corruption prevention infrastructure or in a smaller
organisation where corruption prevention is just one responsibility. This
guide will help you understand the important issues, develop appropriate
policies, implement effective corruption prevention strategies, and motivate
both senior and other staff in your organisation. (Read
more...)
Fraud Risk
Management - A Guide to Good Practice
2001: Fraud costs organisations millions of
pounds each year. Periodically, the latest major fraud hits the headlines as
other organisations sit back and watch, telling themselves that ‘it couldn’t
happen here.’ But the reality is that fraud can be committed anywhere. While
there are only a small number of major frauds, huge sums are lost as a
result of the large number of small frauds. Surveys have shown that the
majority of companies have experienced fraud at some level, and that many do
not have the formal systems and procedures in place to deter and detect it.
It is in assisting companies in establishing such systems that this guide
should prove very valuable.
This guide has been prepared by CIMA’s Fraud
and Risk Management Working Group, which was established to look at ways of
helping management accountants to be more effective in countering fraud and
managing risk in their organisations. (Download
Guide)
Fraud
Awareness Handbook (USAID) - Fraud Indicators
2001: Fraud indicators are best
described as clues or hints that a closer look should be made
at an area or activity. Generally there are two approaches that
the person intent on committing fraud will consider, choosing
one over the other depending on skill, experience, inclination
and the level of internal controls. Activities may be either
completely covert or hidden from view, or they may be conducted
in the open, completely obvious to all, but disguised to appear
as if they are part of the normal operations. When the former
is detected, it may be much easier to determine what is
actually going on, while the latter, if well done, may be much
more difficult to decipher. (Read
more...)
Good
Practice in tackling External Fraud
All types of fraudsters weigh up the potential
gains against the risk of getting caught and the sanctions they may face.
Government departments and agencies need to make fraud as unattractive as
they can .Not acting against fraud can undermine the reputation, integrity
and professionalism of the organisation and perceptions about the quality of
the services it provides leading to a loss in public confidence. (Read
more...)
Managing the Business Risk of Fraud: A Practical Guide
The paper offers guidance to the principles,
practices, and benefits of an antifraud program for organizations committed
to preserving stakeholder value. It can be used to assess an organizations
antifraud program, as a resource for improvement, or to develop an antifraud
program where none exists. The document contains five key principles of a
fraud risk management process. (Read
more...)
Ethics Handbook -
Building Ethical Leaders
2006: The purpose of this handbook is not to
teach you how to be ethical. You have already developed and formulated most
of your values and morals through your prior experiences.
The purpose of this handbook is to:
-
Increase your awareness of ethical dilemmas,
-
Provide you with guidance on how to
recognize common ethical dilemmas,
-
Present tools from which issues can be
evaluated and decisions made, and
-
Provide the basis from which action can be
taken based on those decisions.
(Read
more...)
Managing the
Risks of Business Ethics and Compliance
2006: The risks of an ethical misconduct
disaster have never been greater due to the complexity of the global
business environment. Increasing regulation and enforcement as well as
stakeholder scrutiny can create an unexpected organizational crisis. In this
paper we will provide a foundation for understanding organizational ethical
decision making and provide two examples of companies that found themselves
dealing with an organizational ethical disaster. (Read
more...)
|
