Forensic Services Financial Crime - Early Warning Signs the role of Internal Audit in recognizing red flags
2
What % of revenues are lost to fraud? 5% Source: 2016 ACFE Report to the Nations 3
Has your organisation experienced any economic crime within last 24 months? Yes No Don t know 19% 53% 36% 12% 11% 69% Source: Global Economic Crime Survey 4
5
Why is fraud risk management important? Effective fraud risk management saves the organisation from losses The typical organization loses 5% of its revenues to fraud each year. More than one-fifth of frauds caused at least $1 million in losses. The frauds lasted a median of 18 months before being detected. Fraud Risk The longer a perpetrator has worked for an organization, the higher fraud losses tend to be. Source: 2016 ACFE Report to the Nations 6
Top 3 most reported types of economic crime Asset Misappropriation Cybercrime Bribery & Corruption 64% 32% 24% 7
Has your organisation been affected by cybercrime in last 24 months? Yes No Don t know 32% 22% 50% 18% 55% 23% Source: Global Economic Crime Survey 8
Cybercrime threats climb, but business preparation is not keeping pace Most companies are still not adequately prepared for risk: Only 37% of organisations have a cyber incident response plan Engagement of leadership is critical, but less than half of board members request information about cyberreadiness 2nd most reported economic crime affecting 32% of organizations How will your cyber response plan stand up to reality? 9
In the last 24 months, has your organisation been asked to pay a bribe? Yes No Don t know 24% 12% 47% 46% 29% 42% Source: Global Economic Crime Survey 10
Top 15 countries that believe their local law enforcement agencies are NOT adequately resourced to combat economic crime Global Avg = 44% 1 Kenya 79% 2 South Africa 70% 3 Turkey 60% 4 Philippines 58% 5 Bulgaria 58% 6 Poland 58% 7 Ukraine 57% 8 Mexico 56% 9 Zambia 55% 10 Nigeria 54% 11 Australia 52% 12 United States 52% 13 France 51% 14 Venezuella 50% 15 India 49% Source: Global Economic Crime Survey 11
How is Economic Crime Detected? Successful Detection Methods Other Proactive Fraud Risk Management Suspicious transaction reporting Tip-off Don't know Internal Audit Corporate Security Data Analytics Whistleblowing Law Enforcement 8% 7% 6% 5% 4% 4% 14% 13% 17% 22% Proactive detection methods were most often responsible for detection but 22% of reported cases were still discovered by accident or through staff rotation 12
Fraud Risk Assessment 41% don t undertake fraud risk assessments or didn t know if they do 69% don t undertake fraud risk assessments or didn t know if they do 13
Anti-fraud Framework Steps Step 1 - Cultivate anti-fraud awareness Setting tone at the top Establish regular communication Background checks Develop fraud response plan Step 2 Develop scenarios through fraud risk assessment Actual incidents of fraud Interviews and workshops Evaluation of financial trends / analysis / benchmarking Step 3 Identify controls to address potential fraud hotspots Implement prevent / detective controls Check segregation of duties 24 x 7 controls utilizing technology 14
Anti-fraud Framework Steps Step 4 Assess and monitor controls to address fraud Management self-assessment Internal audit to perform random fraud audits Audit Committee oversight Monitor fraud risk indicators Warning signs, Red flag analysis of Step 5 Maintain logs of incidents Register of fraud incidents Logs of whistle-blower reports Alert management other logs 15
Anti-fraud Framework Steps Step 6 Provide regular fraud training Board, Division, BU level New Hires orientation and supplementary trainings Step 7 Review Framework on an annual basis Review policies & process Identify improvement opportunities Step 8 Refresh and Communicate Framework Refresh polices and procedures Redesign training programs Implement new controls based on new benchmarking Regular communication of fraud risk management framework to all employees 16
Outcome Approach Project Case 1 Procurement Fraud at a University Professor conducted large research project over several years ($10M budget) Allegations of falsifying research results and questions raised about payments made to subcontractors Detailed analysis of payments made to researchers connected to Professor Review of research data and supporting documentation 50% of payments made for research were based on fake documentation All invoices had been reviewed and approved by procurement Professor was terminated and criminally prosecuted 17
Fraud Red Flags Procurement One vendor provides several unrelated services or products in the same time Vendor invoice does not match contracts (amount or content) Duplicate invoice payments Out-of-sequence invoice numbers Payments to inactive vendors Lack of due diligence on new vendors Round dollar invoices One time vendors Incomplete or missing documentation Excessive entertainment of staff by suppliers 18
Outcome Approach Project Case 2 Sales Fraud at a Textile Manufacturer Whistleblower complaint included allegations of collusion between customers and GM 2 million TRY in A/R written-off Analyzed customer accounts and build-up of A/R Conducted background checks on key customers and vendors ediscovery reviewed email of key figures Quantified losses due to over-extension of credit given to preferred customers Whistleblower was terminated! 19
Fraud Red Flags Sales Untimely adjustment for sales refunds and sales discounts Supporting documents for sales are incomplete The sales target is too difficult to meet Unusual manual adjustments at period ends Excessive write-downs or write-offs Sales contracts are not signed or renewed timely 20
Outcome Approach Project Case 3 Employee Expense Fraud at a Pharma distributor Whistleblower allegations sent to head office in Europe Allegations relating to T&E fraud in connection with meal reimbursement requests from sales team Used data analytics to identify outliers in expenses Identified 12 restaurants routinely used for large group meals Reviewed the supporting documentation Identified over 100 suspicious transactions where meal amounts claimed were inconsistent with actual costs Quantified amount of potential slush fund created by inflated claims 21
Fraud Red Flags Expenses Expenses claimed with ambiguous descriptions or without breakdown; Conflicting documents are provided for reimbursement; Expenses claimed with massive fixed amount or handwritten receipts; Large amount of expenses claimed at period ends; Unusual number of claims for group meals; The nature of expenses are not in line with the claimer s work scope. 22
Outcome Approach Project Case 4 Inventory Fraud Scheme at a household products manufacturer Company was sold to a European buyer based on a multiple of EBITDA Allegations of manipulation of inventory data in order to increase EBITDA Detailed analysis of COGS, Inventory and Accounts Payable Review of stock activities Quantification of 6 million TRY overstatement of ending inventory balance (which resulted in an understatement of COGS and an overstatement of EBITDA) Based on a sales muliple of 7.5 x EBITDA, total price inflation = 45 M TRY TRY 23
Fraud Red Flags Inventory and other assets Differences between warehouse ledgers and financial accounts that were not adjusted in a timely manner Lack of policy and procedure governing scrap No regular inventory stock counts Inflow and outflow for same amounts of money within short period Lack of proper duty segregation 24
The global fraud landscape Common fraud themes in Turkey Fraud Theme Territory Characteristics Key Controls Related party transactions Inadequate disclosure of RPTs Failure to disclosure conflicts of interest Collusion with friends/suppliers Use of dummy quotes Use of second mobile phone to correspond Leakage of other suppliers quotes Poor tendering processes Can result in price inflation and/or substandard quality from vendors Require employees to disclose potential conflicts of interest Segregation of duties Business partner DD Data analytics Email review Enforcement of procurement practices Rotation of staff 25
The global fraud landscape Common fraud themes in Turkey (cont d) Fraud Theme Territory Characteristics Key Controls Corruption and bribery Entertaining government officials Pressure to appoint officials friends & families as vendors, staff, etc. Business often dependent upon relationships Gifts & hospitality culture Prevalence of cash payments Use of third party consultants/ agents as conduits for bribes Clear policies & guidelines on dealing with government officials Clear HR guidelines Policies & procedures with respect to gifts and hospitality Localisation of policies to account for local culture / environment Minimise use of petty cash Company credit cards Business partner DD 26
The global fraud landscape Common fraud themes in Turkey (cont d) Fraud Theme Territory Characteristics Key Controls Theft of IP Poor IT security Theft of designs, technical information, customer lists, etc. Asset misappropriation Stolen inventory/stock Ghost employees Ghost vendors Restrict access to IP Test IT security Review physical security Robust physical security measures Robust stock takes/auditing Data analytics across payroll & AP 27
2017 Turkey. All rights reserved. In this document, "" refers to Turkey, which is a member firm of PricewaterhouseCoopers International Limited, each member firm of which is a separate legal entity. " Turkey" refers to Bağımsız Denetim ve Serbest Muhasebeci Mali Müşavirlik A.Ş., Yeminli Mali Müşavirlik A.Ş., Danışmanlık Hizmetleri A.Ş. And Yönetim Danışmanlığı A.Ş. which are separate legal entities incorporated in Turkey within the Turkey organisation.