![Page 1: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/1.jpg)
7 Keys to Fraud Prevention and Detection
Ron Steinkamp, CPA, CIA, CFE, CRMA, [email protected]
6 CityPlace Drive, Suite 900 │ St. Louis, Missouri 63141 │ 314.983.1200 1.888.279.2792 │ www.bswllc.com
![Page 2: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/2.jpg)
Session Benefits
© 2013 All Rights Reserved Brown Smith Wallace LLC
What is Occupational Fraud
2012 ACFE Global Fraud Study
Red Flags
7 Keys
Fraud Self Assessment
![Page 3: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/3.jpg)
What is Occupational Fraud?
© 2013 All Rights Reserved Brown Smith Wallace LLC
![Page 4: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/4.jpg)
The use of one’s occupation for personal enrichment through the deliberate misuse or application of the employing organization’s resources or assets.
Three general categories:
Asset misappropriation
Corruption
Financial statement fraud
Definition
© 2013 All Rights Reserved Brown Smith Wallace LLC
![Page 5: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/5.jpg)
Employee steals or misuses an organization’s assets/resources.
- Examples:
• Skimming cash receipts.
• Falsifying voids and refunds.
• Tampering with company checks.
• Overstating expenses.
• Creating a ghost employee.
• Creating a fictitious vendor and false invoice.
Asset Misappropriation
© 2013 All Rights Reserved Brown Smith Wallace LLC
![Page 6: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/6.jpg)
Employee’s use of his/her influence in business transactions in a way that violates his/her duty to the employer for the purpose of obtaining benefit for him/herself or someone else.
- Examples:
• Conflicts of interest.
• Illegal gratuities.
• Bribery.
Corruption
© 2013 All Rights Reserved Brown Smith Wallace LLC
![Page 7: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/7.jpg)
Intentional misstatement or omission of material information in the organization’s financial reports with the intent to mislead.
- Examples:
• Inflating revenues on the financials to show greater profit.
• Concealing liabilities.
• Forcing actual expenditures to match budget by moving expenses between accounts.
• Improperly accounting for revenues and expenditures.
Financial Statement Fraud
© 2013 All Rights Reserved Brown Smith Wallace LLC
![Page 8: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/8.jpg)
2012 ACFE Global Fraud Study
Report to the Nations on Occupational Fraud and Abuse
© 2013 All Rights Reserved Brown Smith Wallace LLC
![Page 9: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/9.jpg)
Summary of Findings
© 2013 All Rights Reserved Brown Smith Wallace LLC
1. Typical organization loses 5% of annual revenue to fraud – applied to 2011 Gross World
Product translates to potential fraud loss of more than $3.5 trillion annually.
2. Median loss in the study was $140,000.
3. Fraud lasted a median of 18 months.
4. Asset misappropriation schemes (fraudulent disbursements, theft of cash receipts, other asset
misappropriations) were the most common form of fraud, representing 87% of the cases and
least costly at a median loss of $120,000.
5. Financial statement fraud schemes were the least common form of fraud, representing 8% of
the cases and most costly at a median loss at $1 million.
![Page 10: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/10.jpg)
Summary of Findings
© 2013 All Rights Reserved Brown Smith Wallace LLC
6. Corruption schemes fell in the middle, comprising just over 33% of cases and causing a
median loss of $250,000.
7. Occupational frauds are most likely to be detected by tips (43%) followed by management
review (15%) and Internal Audit (14%).
8. Small organizations are disproportionately victimized by occupational fraud.
9. Government/public administration was one of the most commonly victimized
industries.
10. Anti-fraud controls appear to help reduce the cost and duration of occupational fraud
schemes.
11. High-level perpetrators cause the greatest damage to their organizations.
![Page 11: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/11.jpg)
Summary of Findings
© 2013 All Rights Reserved Brown Smith Wallace LLC
12. 80% of frauds were committed by individuals in one of six departments:
• Accounting
• Operations
• Sales
• Executive/upper management
• Customer service
• Purchasing
13. More than 85% of fraudsters had never been previously charged or convicted for a fraud-
related offense.
14. Fraud perpetrators often display warning signs – most common behavioral red flag reported in
the survey were perpetrators living beyond their means (36%) and experiencing financial
difficulty (27%).
15. Nearly half of victim organizations do not recover any losses that they suffer due to fraud.
![Page 12: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/12.jpg)
How are Frauds Detected?
© 2013 All Rights Reserved Brown Smith Wallace LLC
![Page 13: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/13.jpg)
Source of Tips
© 2013 All Rights Reserved Brown Smith Wallace LLC
![Page 14: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/14.jpg)
Conclusions and Recommendations
© 2013 All Rights Reserved Brown Smith Wallace LLC
• Occupational fraud is a global problem – trends in fraud schemes, perpetrator characteristics andanti-fraud controls are similar regardless of where the fraud occurred.
• Fraud reporting is a critical component of an effective fraud prevention and detection system.
• Organizations over-rely on audits.
• Employee education is the foundation of preventing and detecting occupational fraud. Most fraudsare detected by tips and anti-fraud training for employees and managers results in lower fraudlosses.
• Surprise audits are an effective, yet underutilized, tool in the fight against fraud. Useful in detectingfraud, but most important benefit is in preventing fraud by creating a perception of detection.
• Small business are particularly vulnerable to fraud due to far fewer controls in place. Need to focuson hotlines and setting an ethical tone.
• Internal controls alone are insufficient to fully prevent occupational fraud.
![Page 15: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/15.jpg)
Conclusions and Recommendations
© 2013 All Rights Reserved Brown Smith Wallace LLC
• Fraudsters exhibit behavioral warning signs of their misdeeds. For example:
- Living beyond their means.
- Financial difficulties.
- Exhibiting control issues – unwillingness to share duties.
- Unusually close relationship with vendor/customer.
- Wheeler dealer attitude.
- Family problems.
- Irritability, suspiciousness or defensiveness.
- Addiction problems.
- Refusal to take vacation.
- Etc.
• Auditors and employees should be trained to recognize the common behavioral signs that a fraudis occurring.
• Effective fraud prevention measures are critical
![Page 16: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/16.jpg)
Red Flags
© 2013 All Rights Reserved Brown Smith Wallace LLC
![Page 17: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/17.jpg)
The Fraud Triangle
© 2013 All Rights Reserved Brown Smith Wallace LLC
![Page 18: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/18.jpg)
Pressure “Red Flags”
© 2013 All Rights Reserved Brown Smith Wallace LLC
• High personal debts.
• Living beyond their means.
• Excessive investment speculation.
• Excessive gambling.
• Substance abuse.
• Extra-marital affairs.
• Job frustration.
• Resentment of superiors.
![Page 19: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/19.jpg)
Opportunity “Red Flags”
© 2013 All Rights Reserved Brown Smith Wallace LLC
• Inadequate internal controls.
• Too “cozy” with suppliers.
• Annual vacation or sick days not taken.
• Weak management or excessive turnover.
• Ineffective or no internal audit.
• No rotation of job duties among employees.
• Procedures not well understood/always in crisis mode.
• Large amounts of cash on hand or processed.
![Page 20: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/20.jpg)
Rationalization “Red Flags”
© 2013 All Rights Reserved Brown Smith Wallace LLC
• Not compensated fairly.
• No recent raises/cost of living adjustments.
• Everyone else does it.
• Intended to pay it back.
• Needed the money.
• Felt cheated and wanted revenge.
• Bribe/kickback to tempting.
![Page 21: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/21.jpg)
7 Keys
© 2013 All Rights Reserved Brown Smith Wallace LLC
![Page 22: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/22.jpg)
© 2013 All Rights Reserved Brown Smith Wallace LLC
Anti-Fraud Culture
Fraud Policy
Fraud Awareness/Training
HotlineAssess Fraud Risks
Review/Investigation
Improved Controls
![Page 23: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/23.jpg)
• Set the tone at the top = Lead by Example
– Responsibility of elected officials and City management
– Behave ethically and openly communicate expectations to employees
– Treat all employees equally
– Zero tolerance
• Create a positive workplace environment
– Focus on employee morale
– Empower employees
– Communicate
• Hire and promote appropriate employees
– Conduct background investigations before hiring or promoting
– Check candidate’s education, employment history, references
– Continuous and objective evaluation of compliance with entity values
– Violations addressed immediately
1. Anti-Fraud Culture
© 2013 All Rights Reserved Brown Smith Wallace LLC
![Page 24: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/24.jpg)
• Code of Conduct
– Formalized and founded on integrity
– Defines acceptable employee behavior
– Communicated to all employees
– All employees are held accountable for compliance
• Discipline
– Sends a strong message throughout the entity
– Should be appropriate and consistent
– Consequences of committing fraud clearly communicated throughout
the entity
1. Anti-Fraud Culture
© 2013 All Rights Reserved Brown Smith Wallace LLC
![Page 25: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/25.jpg)
• Oversight Process
– City Council/Elected Officials
• Evaluate management’s “tone at the top”, identification of fraud risks and
implementation of anti-fraud controls
• Ensure that management implements anti-fraud measures
• Consider the potential for management override of controls
– Management• Directs, implements and monitors anti-fraud controls
• Sets the ethical tone
• Trains employees
– Internal Auditor (if available)• Identifies fraud indicators
• Assesses fraud risks
• Evaluates anti-fraud controls
• Recommends actions to mitigate risks
• Investigates potential frauds
1. Anti-Fraud Culture
© 2013 All Rights Reserved Brown Smith Wallace LLC
![Page 26: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/26.jpg)
• Demonstrate commitment to combating fraud
• Apply to all Elected officials, City management,
employees, consultants, vendors, contractors, etc.
• Should include:
– Statement of organization’s position on fraud
– Scope of the policy – who does it apply to
– Management’s responsibility for prevention and detection of fraud
– Definition of fraud
– Actions constituting fraud
– Fraud reporting process/procedures
– Fraud investigation process/procedures
– Unit responsible for administration of the policy and investigating fraud
allegations
– Statement on anonymity/confidentiality
– Consequences
2. Fraud Policy
© 2013 All Rights Reserved Brown Smith Wallace LLC
![Page 27: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/27.jpg)
• Reviewed and updated regularly.
• Signed off and agreed to by the City Council/Mayor.
• See the ACFE for an example Fraud Policy
http://www.acfe.com/uploadedFiles/ACFE_Website/Content/documents/Sa
mple_Fraud_Policy.pdf
2. Fraud Policy
© 2013 All Rights Reserved Brown Smith Wallace LLC
![Page 28: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/28.jpg)
• All new employees should be trained at time of hiring
on the Code of Conduct and Fraud Policy.
• Training should include:
– Their duty to communicate certain matters
– A list of the types of matters to be communicated along with examples
– How to communicate those matters
– Affirmation from senior management regarding employee expectations
and communication responsibilities
• Refresher training periodically
3. Fraud Awareness/Training
© 2013 All Rights Reserved Brown Smith Wallace LLC
![Page 29: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/29.jpg)
• Enable employees, vendors, customers and others to
communicate concerns about known or suspected
wrongdoing.
• Telephone, email, internet.
• Anonymous.
• Adequately publicized.
• Internal or External.
• Complaint monitoring and investigation/resolution.
4. Hotline
© 2013 All Rights Reserved Brown Smith Wallace LLC
![Page 30: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/30.jpg)
• Conduct an annual fraud risk assessment.
– Assists management in systematically identifying where and how fraud may
occur and who may be in a position to commit fraud
– Focus on fraud schemes and scenarios to determine the presence of internal
controls and whether or not the controls can be circumvented.
– General steps:
• Identify areas and processes to assess
• Identify potential fraud schemes in each area/process
• Assess likelihood and significant of each scheme
• Map existing anti-fraud controls to potential fraud schemes
• Test operating effectiveness of antifraud controls
• Identify any control gaps and/or deficiencies = Residual risks
• Document and report on the fraud risk assessment
5. Assess Fraud Risks
© 2013 All Rights Reserved Brown Smith Wallace LLC
![Page 31: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/31.jpg)
• Mitigate Fraud Risks
– Make changes to activities and/or processes = transfer or eliminate the risks
– Improve anti-fraud controls
• Monitor Fraud Risks
– Develop data analytics for management to use to monitor fraud risks
– Utilize Internal Audit to conduct audits of risk areas.
5. Assess Fraud Risks
© 2013 All Rights Reserved Brown Smith Wallace LLC
![Page 32: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/32.jpg)
• All concerns/suspicions of wrongdoing should be reviewed
and determination made whether a fraud investigation is
warranted.
• Develop a policy for fraud reviews and investigations that
specifies:
– Who is responsible for the review/investigation
– Roles of Legal Counsel, Human Resources, Internal Audit, others
– Process for conducting the review/investigation
– Documentation requirements
– Reporting requirements
– When to involve law enforcement
6. Fraud Review/Investigation
© 2013 All Rights Reserved Brown Smith Wallace LLC
![Page 33: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/33.jpg)
• Gather sufficient information and perform procedures
necessary to determine:
– Whether fraud has occurred
– Loss or exposure associated with the fraud
– Who was involved and how it happened
• Must prepare, document and preserve evidence sufficient for
potential legal proceedings.
• Include experts = Certified Fraud Examiner (CFE)
6. Fraud Review/Investigation
© 2013 All Rights Reserved Brown Smith Wallace LLC
![Page 34: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/34.jpg)
• Use lessons learned from any fraud reviews or investigations
to improve anti-fraud controls.
• All fraud review and investigations should include a report to
management with recommendations for control
improvement.
7. Improved Controls
© 2013 All Rights Reserved Brown Smith Wallace LLC
![Page 35: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/35.jpg)
Fraud Self Assessment
© 2013 All Rights Reserved Brown Smith Wallace LLC
![Page 36: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/36.jpg)
© 2013 All Rights Reserved Brown Smith Wallace LLC
Fraud Self Assessment
If you are interested in taking
our free Fraud Risk Assessment,
please provide your card our
send an email to Ron Steinkamp
![Page 37: St. Louis County Municipal League - 7 keys to fraud prevention](https://reader033.vdocuments.us/reader033/viewer/2022042716/55a63dde1a28ab63778b4776/html5/thumbnails/37.jpg)
Training Academy January Survey
• We rely on your feedback to provide training on topics you want to hear; please take a few short minutes to fill out this brief evaluation of this presentation: https://www.surveymonkey.com/s/2YTWCBH