You are on page 1of 39

All copy and transmission rights reserved by the IICFIP USA, Incorporation

Contact E-mail: or




This course covers the 20 fraud/corruption prevention/detection strategies and 9 steps in forensic
investigation as well as the investigation methodology. The facilitator will explain every strategy
systematically in details, giving practical examples. All methodologies used shall as well
elaborate for you to understand and apply in your work assignments. If you are not employed, it
will equip you with skills and knowledge that will not only enable you to get a forensic
enqute medico-lgale intgrer
investigation related qualification but also be able to settle on the job fast.


These days violent robbers are reducing by the day, whereas white-collar crime is rising at
almost the same rate. Why is it so? The robbers are finding it easier to use their brains to trick
people and get away with a lot of money in a smart way that does not necessarily endanger their
lives immediately unlike when the violent and armed robbers are caught red-handed. As a result
of this, there is an increased need for those who can effectively trace and have the white collar
criminals get arrested and effectively prosecuted.

In a nutshell, forensic investigators are in high demand globally by both government agencies
and private corporations due to this reason.

This Masterclass is a course that will lead to the award of a Certified Forensic Investigation

All copy and transmission rights reserved by the IICFIP USA, Incorporation

Professional (CFIP) qualification by the International Institute of Certified Forensic

Investigation Professional Inc (CFIP Inc); if and only if the successful student :
meets any of the following:

1. Bachelors Degree or full accounting certification or,

2. More than 5 years or work experience in accounting or auditing or law enforcement and
pay the required full membership registration fee.

3. Those who do not qualify for the award of CFIP, shall be issued with certificate of
proficiency in forensic investigation after paying a small fee.

4. Another class may opt to keep and use the skill without any certificate. These will not pay


1. The 20 fraud/corruption prevention and detection strategies.

The 9 steps in forensic investigations.

Procedures to carry out in each and every step

How to conclude a forensic investigation

How to write an effective forensic investigation report

Tips on expert witnessing


MODULE 1: Discussion on the 20 fraud/corruption prevention and detection strategies.

MODULE 2: Discussions on Preliminary or pre-engagement assessment of the forensic

assignment, Engagement Contract, Planning and resource allocation.

MODULE 3: Discussion on Preparation of suspects/witnesses rough list, Documents

Examination- an Introduction, Documents examination- an Introduction.

MODULE 4: Documents examination - keeping the chain of custody, External confirmations,

All copy and transmission rights reserved by the IICFIP USA, Incorporation

Fraud risk assessment.

MODULE 5: Interviewing room rules, Interviewing of witnesses 1, Interviewing of

witnesses 2.

MODULE 6: Interviewing suspects, What if a suspect refuses to talk? Interrogation process.

MODULE 7: Forensic report writing standards, Editing the report, Expert witnessing rules and


1. Lessons will be delivered to the students e-mail address weekly or every forth night.

2. Progress tests will also be delivered via e-mail. There will be a test on every completed


1. Free Student membership in the IICFIP.
2. Skills to apply at the workplace for those who are already employed.
3. Recommendations from the Institute (free).
4. Member discounts for attending the institutes training events and conferences.

F. BENEFITS AFTER TRAINING (This is optional since you can get the skills to use at
your workplace without a certificate)

1. Upon successful completion of the training, those with minimum requirements for full
membership in the Institute, as indicated above will be eligible to register and become a
fully certified member, and be awarded the CFIP designation after paying the required
registration fees.

All copy and transmission rights reserved by the IICFIP USA, Incorporation

Those who take this option after training will be upgraded from the Student Membership
to Accredited Full Certified Membership category or.

2. One may opt to just get a Certificate of forensic investigation proficiency after paying
the required fees. This proficiency certificate shall carry a recommendation for 96 hours
of CPD.

All copy and transmission rights reserved by the IICFIP USA, Incorporation


Introduction to Fraud and Corruption

Prevention is better than detection and Investigation since detection helps less whereas
investigation is very risky and expensive.


1. What is fraud?

Fraud is defined as false representation of a matter of factwhether by words or by

conduct, by false or misleading allegations, or by concealment of what should have been
disclosedthat deceives and is intended to deceive another so that the individual will act
upon it to her or his legal injury. (Free online dictionary).

Put simply, fraud is a deliberate act of deception by whatever means aimed at personal gain,
material or otherwise at the expense of the victim.

2. What is detection?

Fraud or corruption detection refers to the discovery of the ongoing wrongdoing. To

detect also means to uncover or reveal the fraudulent or corruption laden transactions or

3. What is strategy?

In the context of fraud or curbing corruption, a strategy is an approach deliberately

designed to deal with the fraud or corruption problem. In this instance, strategy refers to
all systems and or policies/procedures put in place to fight fraud or corruption in an

All copy and transmission rights reserved by the IICFIP USA, Incorporation

Fraud detection strategies are as many as human ingenuity and creativity can design. I
will discuss 20 of such strategies in this module. The 20 strategies I will be discussing in
this module are considered basic and very important in dealing with the fraud and
corruption cancer not only in business organizations, but also for Non Profits Making
Organizations and governments.

Thinking like a fraudster

I cannot teach anybody anything; I can only make them think. (Socrates).

I have always asked seminar, workshop and conferences participants a very silly question. How
many times do you think in a day? The answers I have been getting are not only many but also
silly! I have been getting answers like,

1. I think a million times a day;

2. I think several thousand times a day;

3. I think endlessly in any one day;

4. The thinking cannot be numbered;

5. I think several times when I am not asleep;

6. I think countlessly; and

7. I think as often as I am confronted with a problem!

I have been getting these answers because, according to Socrates, Thinking is the hardest work
there is, which is probably the reason why so few people engage in it. I have never come across
an intelligent person who answers my silly question with a question like thinking about what?
When a person asks you a silly question I expect you to think fast, do your calculations very
quickly and ask him back. Thinking about what? An inquisitive mind does not rush into
responding to questions or providing solutions to problems without creative thinking.

All copy and transmission rights reserved by the IICFIP USA, Incorporation

In this module, I am not going to teach the students anything but how to think creatively and
implement policies and systems that will work together to minimize incidences of fraud or
related vices like corruption.

How a fraudster think.

Fraudsters think seven times a day whereas the average manager or staff of an organization or
government thinks rarely or none at all. A fraudster thinks of a fraudulent scheme or strategy
1. he wakes up in the morning,
2. at mid day he or she thinks of another strategy,
3. at evening he or she thinks and designs yet another strategy,
4. at around 11.00pm just before he or she goes to sleep he or she thinks about
another strategy,
5. at around three, he wakes up, thinks about two strategies, and prays for their
6. at dawn he or she thinks about the final strategy for that day just before he wakes
up for breakfast.
During all this time, the managers and other staff including the common person are asleep. Can
such people match fraudsters or win against them? Never ever! This is why fraudsters are always
ahead. They strike many times before the people who do not think wake up to find that it is too

I have outlined in the chapters of this module step by step, on how managers and their staff must
think every day, every month and every quarter and even yearly; on how to deter, prevent, and
detect fraud and corruption earlier. The medics always tell us that prevention is better than cure. I
also want to tell the readers of this module that prevention and early detection of fraud is better
than investigation since investigation is risky and too expensive.

Leaders of organizations must look for proactive systems and policies that will allow for the
creativity of staff to grow instead of letting them sleep while the fraudsters are working hard in
targeting their organization. Some of the policies or systems proposed in this module will ensure

All copy and transmission rights reserved by the IICFIP USA, Incorporation

that there are regular meetings with members of staff to brainstorm over the controls and security
systems of their organization.

Nature of fraud and corruption

Fraud and corruption are crimes perpetrated by smart and polite people. Being clandestine
activities, the perpetrators of fraud or corruption do not want to be exposed and therefore try to
conceal their schemes trail as much as possible. This is why, without proactive and creative
procedures and policies, it is not easy to prevent and detect fraud or corruption. These vices
cannot be eliminated from business, government or social life since they are the product of the
devil and humanity. So long as humanity and the devil coexist on earth, there will be no end to
corruption. What we must all strive to achieve is reduction of the incidences and impact to
negligible levels. It is like the management of cancer so that the victim lives longer with the


Internal Controls

What are internal controls?

Internal controls are Systematic measures (such as reviews, checks and balances, methods and
procedures) instituted by an organization to:

1. Conduct its business in an orderly and efficient manner,

2. safeguard its assets and resources,
3. Deter and detect errors, fraud, and theft,
4. ensure accuracy and completeness of its accounting data,
5. Produce reliable and timely financial and management information, and
6. ensure adherence to its policies and plans ( )

All copy and transmission rights reserved by the IICFIP USA, Incorporation

Controls serve as the first lines of defense against fraud and corruption including all types of
financial wrong doing that might be perpetrated in or against an organization.

From the definition above, it goes without saying much that Internal controls touch on all aspects
of an organization. I can, therefore, rightly say that without effective and proactive internal
controls many things can go wrong in an organization. The whole business will be carried out in
a much-disorganized manner and fraud or corruption will not be missing.

I am aware that many organizations have some form of internal controls but the question is, are
they working for the organization or they are just manual modules sleeping and gathering dust in
office cabinets.

I am going to explain the type of control procedures and systems that can work for organizations
to reduce incidences of wrongdoing and hence minimize losses to fraud and corruption. I will be
discussing the whole control enrolment of an organization.

Failures in Internal Controls that lead to fraud/corruption

1. Lack of or weak approvals and authorization policy or procedure.

When staff knows that there is a proactive approval and authorization procedure, they are
deterred from attempting to perpetrate evil unless there are loopholes for collusion.

2. Lack of segregation of duties.

Segregation of duties is a powerful control and lack of it lead to wrongdoing in the
organization. One person who is allowed to complete transactions from beginning to
finish can easily defraud and cover up his/her trail. The opportunity for wrongdoing is
there since no other person is watching closely.

3. Lack of procedures and controls monitoring.

Controls go to sleep if they are not closely monitored. I mean proactive monitoring on

All copy and transmission rights reserved by the IICFIP USA, Incorporation

weekly, monthly or quarterly basis. Regular and irregular monitoring will ensure that
weaknesses are spotted early and rectified.

4. Lack of authorization limits.

All staff must have limits officially imposed on their responsibilities so that they know
where their authority reaches. Limitless authority may lead to abuse. Those signing
cheques and purchase orders must be given limits commensurate with their prescribed

5. Lack of oversight committees.

Oversight committees like the Audit committee, must be very proactive in discharging its
mandate, otherwise wrongs will go unchecked for a long time. The committees must be
having members whose integrity has been tried and tested.

6. Lack of access controls or security systems.

Access controls in terms of passwords to computer data storage systems must be in place
and proactively monitored to ensure that they are being applied according to plan. Access
to some areas or sections of business operations must be restricted by gate guards and all
automatic locks so that there is no free movement of a unauthorized staff in and out of the
places. Free movement to places where transaction documents are kept, for instance, is
dangerous and very risky. Stores of goods for resale or for internal use must be secured
properly to minimize or rather eradicate pilferage.

7. Blind trust that leads to lack of proactive verification.

It is natural for managers and even directors to have staff that they trust 100% but it is
very risky business to do so all the time since such trust is an opportunity to be defrauded
big time. I have seen senior managers who trust their accountants to the extent of just
asking them, where do I sign?, whenever documents are brought to them for approval
or authorization. Such a manager is a liability to that organization because he can sign
fraudulent documents easily. I saw one who signed for a 2.5 million worth of fraud
documents over 3 years without detection until a debtor came complaining of a mismatch

All copy and transmission rights reserved by the IICFIP USA, Incorporation

between receipts issued to him and amounts credited to his account against them. Such
careless managers can even sign blank cheques without noticing.

Types of Internal Controls

I do recognize three types of internal controls for purposes of fraud and control as follows:
1. Preventive or deterrent controls.
2. Detective Controls.
3. Proactive Controls.

What are preventive controls?

These are controls that are designed to act as deliberate barriers to the perpetration of any
wrongdoing and against the organization in the first place. They ensure that the occurrence of
irregularities is made very difficulty. The design of these controls requires several brainstorming
sessions but do not require much effort once they are in place. Continuous monitoring of the
controls must be built into the whole system of controls.

Preventive controls are also designed to ensure that errors and other unintentional irregularities
do not happen in the organization. The errors and other irregularities not related to fraud or
corruption can also cause harm or loss to an organization.

What are detective controls?

Detective Controls are designed to ensure that errors, irregularities and fraud are not only
detected but also detected early enough so as to minimize the losses to harm or damage to the
victim organization. They can come in help when the wrongdoing has already occurred.
Detective controls are more costly than preventive controls since they require more continuous
operational expenses.

What are proactive controls?

Proactive controls here mean all systems or policies that are put in place to proactively look for

All copy and transmission rights reserved by the IICFIP USA, Incorporation

loopholes and seal them before the wrong doers take them advantage of. Procedures like
proactive fraud audit are controls in themselves since they allow the auditors of the organization
to go out into sections, departments and or branches of an organization not to carry out reactive
audit but to proactively look for weaknesses that may lead to fraud and do recommendations for
systems improvement.


The Tone at the Top

The Tone at the top is a collective image or practice portrayed by the top and even middle level
leaders of an organization that reflects cherished values, beliefs, actions, and or activities by the
organizations team of staffs as a whole. The tone at the top set the example and direction to be
followed by not only all staff from top to bottom but also stakeholders. Take for instance an
organization with the CEO and Board that practices zero tolerance to wrongdoing by either staff
or stakeholders representatives. What message will go out to all, and how will this shape the
practices and culture of all staff? It is true saying that as children look to the father for direction
and living examples so do the staff of any organization. If the top is spotlessly upright and
commitment to good values and practices that will cascade down to all in the organization since
the misfits of that environment will find it hard to operate. Therefore, they will either resign or
shape up. They may as well wait to be uprooted after they have been found wanting. The
opposite is also true that a rotten top management and board of directors will make the whole
organization rotten. If they are fraudulent and corrupt, they will very soon discover that almost
all staff is copying what they are doing and before long, the organization will find itself in the
intensive care unit waiting to breathe its last, any time. As you read this module, many
organizations headed by crooks are in the ICU.

It therefore, goes without much emphasis that a good leader who is of great integrity leads his
subjects or staff by a good living example, whereas the leader who is of great dishonesty leads by
a bad living example.

All copy and transmission rights reserved by the IICFIP USA, Incorporation

It must be noted here that the tone at the top is good and beyond reproach, serves as a foundation
for good practices in the organization as a whole. It is a foundation for good design and
implementation of controls. The reverse is also true as noted in the foregoing paragraph.

The key participants in setting the tone at the top

The following are the key participants in setting the tone at the top for any organization:

1. The Board of Directors

The boards of directors provide the overall direction of the organization. They have the
greatest influence on the organizations culture and practices through directives, policies
and discipline, policy design and implementation.

2. The Audit Committee

This provides oversight on the operations of the organization by the directors. If they are
very effective in their oversight role, they will send signals that wrongdoing will not be
tolerated and vice versa.

3. The Chief Executive Officer by whatever title

4. The chief finance officer

5. The chief compliance officer

6. The Chief Internal audit Executive

7. The top management team

8. Senior management team

9. Middle management team

To start with, care must be taken in the recruitment of middle to top management team members.

All copy and transmission rights reserved by the IICFIP USA, Incorporation

The process to be followed to ensure that good staffs are recruited is detailed in the thorough
pre-employment staff screening strategy here below.


Staff training on fraud red flags and techniques of detection and prevention.

1. Red flags training for all.

Training all staff on how to notice and detect fraud or corruption red flags will be like
opening their eyes so that they see. The training of all staffs on fraud or corruption red
pointers increases the perception of detection and hence deters and prevents any

2. Techniques of detection and prevention for senior managers.

Only senior managers should be trained on these techniques to avoid manufacturing more
wrong doers. Senior managers should be well trained to be able to not only detect fraud
but also put in place preventive measures.


Inclusiveness of staff

A Staff member who feels that he/she belongs to an organization rarely steals and
he/she is mostly likely to report wrongdoing by others.

The following steps can be taken to ensure that staff feel part of the organization:

1. Including of staff committees irrespective of their seniority in the organization.

Staff should be given participation opportunities in the organizations committees.

All copy and transmission rights reserved by the IICFIP USA, Incorporation

Participation in a committee like staff welfare should accommodate some of the lowest
cadres of staff like cleaners or messengers and even allow one of them to serve in
leadership position. Who said that a messenger or company driver cannot chair such a

The lowest cadres of staff should also have representatives in the Anti-fraud/corruption
councils or committees discussed in chapter 8 of this module.

What senior managers in organizations must realize is that they lead staff that are wiser or
intelligent than themselves. Having lower levels of education does not mean that one is
stupid. Some people who dropped from school for instance, due to reasons beyond their
control at the time could be three times intelligent than a university graduate who pushed
through by his well to do parents.

When such staff are so recognized they feel very well and can help the organization in a
great deal since they are most likely to defend the organization against wrong doers.

2. Commendations.

Not all staff is motivated by money only but also praise and commendation. Always look
for something good and nice to talk about your staff as opposed to always complaining.
You can do that even when the staff has committed a small mistake that can be used as a
learning experience. First, praise him or her for past nice performance and then
encourage him or her to avoid the silly mistakes. That will make the staff feel appreciated
as a human being.

3. Equal opportunities for all

Let all opportunities for promotion be open to all that are qualified and suitably
experienced and let the best be promoted.

4. Ensure that rewards to a section head is taken by the whole team

All copy and transmission rights reserved by the IICFIP USA, Incorporation

Do not make a mistake of rewarding the head for good performance without appreciating
his team, since one cannot perform well in isolation without his or her team.

5. Observe Individual rights

Staffs as human beings must be respected. Their rights should not be trampled underfoot.
Staffs have rights to tea or coffee breaks including lunch.

6. Inclusiveness in communication

All good news affecting the organization and staffs must be made available to all. Work
instructions must be communicated to all staffs concerned.

7. Fairness for all

Be seen to be fair in all dealings with staffs.


Going out of the beaten track

Carrying out independent verification of assets and liabilities.

Fear of losing contracts.
Auditors fail to detect fraud and corruption due to following known procedures year in year out
as per the standards of their profession. This is fine but forensic investigators must change tactics
all the time and also use creativity.

Others fear losing contracts if they unearth fraud by the directors. Let me assure you that if you
lose one, God will give you three in its place. Just aim at doing good job and then contracts will
be added unto you.

Employment of fraud detectives

All copy and transmission rights reserved by the IICFIP USA, Incorporation

Organizations should borrow ideas from the government on the use of detectives to collect
intelligence undercover and then use it to detect complex fraud or corruption schemes.
Governments can also borrow from organizations on how to detect and deal with corruption
early enough.

Who is a detective?
A detective is simply defined as an expert who is capable of detecting wrongdoing by gathering
information openly or undercover. Investigators who work with law enforcement or privately
owned agencies are referred to as detectives.

Complex case detection

Detectives are good for uncovering complex fraud or corruption cases that involve high levels of
collusion within or without the organization. This is going to be illustrated by the case narration

The case of the American CFO.

I will now illustrate the above point by a case that happened in the USA that is very typical of
cases that happen all over the world. All names in the case are changed for the purposes of
avoiding unnecessary litigation.

John was a CEO of a large motor company in the USA. The company business was stocking and
distributing motor vehicle parts. The company had a large warehouse where it stored parts worth
billions of US Dollars.

The company had award winning internal controls and systems and had received awards from
many professional bodies including the accountants body and had most trusted staff but one
problem kept on nagging. Discovery of losses of parts to the tune of millions of dollars during
every annual inventory by external auditors. The figure kept increasing every year until the board
sacked its CEO who was considered old and negligent and employed John.

Immediately John took over, he convinced the board to contract consultants to carry out internal

All copy and transmission rights reserved by the IICFIP USA, Incorporation

controls and security systems review with a view to improve them and seal the loopholes that
might be there to minimize or eradicate the inventory loses. Their report was shocking. The
company had one of the best controls and systems.

John worked well as CEO for one year hoping that the ghost that was taking parts from the
warehouse would go away with the former CEO but in vain. The inventory loses increased by a
bigger margin than before, and the board was mad with him. They told him to the face that they
had given him another one year in office and if nothing good happened to reduce the loses he
could just leave without waiting to be dismissed or his services terminated.

After that meeting, John felt very hot and decided to cool himself by taking one or two bottles of
beer at a nearby pub that evening. While he was there sipping and thinking alone, someone
seated close to him but on a different table noticed that he was stressed and decided to help. He
rose up, went straight to Johns table, and asked whether he could join him. John welcomed him.
The gentleman, remembered having gone to school together with John many years ago when
they were young and asked him, why he looked familiar. John asked, really. Then they settled
down to old memories and discovered that they had actually schooled together. The gentleman, I
would call James, went straight to tell John that he could read frustration on his face. John agreed
and told him that the board was on his neck for losses he does not understand how they were
coming about and they had given him just a year to discover or they terminate his services. After
a long and detailed explanation from John, James suspected that it was a case of complex
collusion. Cases involving complex conclusion among staff and with outsiders are very difficult
to control using internal controls and security systems.

James told John that he had trained as an investigator, had several years of experience in that
field, and offered to assist him, but John resisted saying that the board would not accept and
authorize the expenses involved. James told him that the company will pay him after the
discovery of the scheme not before, meaning that no discovery no payment. This proposal
sounded very sensible to John and he accepted. James told him that he just needed to agree with
James to do the job without notifying the board until the outcome was certain. John agreed to
give James the assignment.

All copy and transmission rights reserved by the IICFIP USA, Incorporation

James explained that the assignment would involve employment of one of his young
investigators well trained to detect such schemes as a clerk/messenger in the warehouse at the
expense of the James for three months. This meant that John was to have him included in the
payroll at the rate that is normal for such positions and then John could reimburse that amount
every month.

The investigator, let us call him Dick, was interviewed among others and was employed. I want
to believe that you already know how other staff treat clerks/messengers when they are still new.
They started inducting Dick by sending him on official errands mixed with private ones and he
always obliged. As usual, they thought that he knows nothing and he could not even understand
their way of communication. It took Dick one month to learn all the staff in the warehouse
including the day guards that were at the entrance to the warehouse. The guards were beyond
reproach and could not allow any part to go out of the warehouse irregularly. This made him to
consider other places as exits for parts from the warehouse. The warehouse did not have a back
door but ceiling module and roof on top since the warehouse was on the second floor of the
house and on top of that, house was a roof of iron sheets. He said in his heart. Here could be the
answer to the mystery!

In the second month in the warehouse, he overheard a conversation by the warehouse manager
indicating, It is today. The message was like coded; he sensed that the plan to strike was on
that Friday at night. He immediately went round the warehouse looking at the ceiling and saw
some marks that were not very clear but indicated that there was some activity through that
point, though the ceiling board looked intact and undisturbed. Keep in mind that the warehouse
was under CCTV 24/7 (24 Hours and 7 days a week) Dick immediately excused himself, went
outside the compound and phoned John.

John quickly alerted the CEO and asked him for security arrangement to lay an ambush that
night. Fortunately, the police agreed to come in full truck and hide somewhere near the building
together with John and James. It was not until midnight when the conspirators struck. They

All copy and transmission rights reserved by the IICFIP USA, Incorporation

came with a big truck and a connectable ladder right onto the roof of the building, and then parts
were carried out one by one until the truck was half-full. The police then pounced on them.

It was discovered that it was collusion between outsiders, night guards and the most trusted
warehouse staff including the manager. It was further discovered that they had designed a way of
covering the CCTV Cameras to prevent them from relaying images of people in the warehouse
during the action.

The police commandeered the truck driver to take them to where he was hired to take the parts,
and that led to discovery and recovery of a huge inventory that had been stolen from the

The CEO revealed the trick to the board and they were happy and shocked as well since the staff
caught were the most trusted ones.

This is how detectives can be of help to organizations. The contract of Dick ended with that
discovery. Therefore, it means that detectives are to be employed by organizations to perform
specific assignments and then fold up.

To get continuous benefits, the organization may opt to employ one on full time basis to work
with the security or audit team.

Setting up anti-fraud councils

To assist your managers and staff to creatively think at least once a month or quarter, you
seriously require structured brainstorming sessions in form of councils or committees.

Functions of the councils or committees

The councils should have the following mandate:

All copy and transmission rights reserved by the IICFIP USA, Incorporation

1. Brainstorming on the organizations control and security systems and report weaknesses.

2. Sharing fraud and corruption intelligence.

3. Informing the department heads about the identified danger signs that require to be
monitored closely.

4. Advising management on the additional controls or security systems required to seal the
identified loopholes.

Membership in the Councils

The following should be members of these councils.

1. Cleaners, Messengers and divers

Any staff is eligible to join the councils right from the boardroom to the shop floor
worker. This is where cleaners, drivers and messengers cannot miss. They should have
representatives in these committees to assist the department heads get the information
they need from the lowest cadres of staff.
2. Junior Managers

3. Middle Level Managers

4. Senior Managers

5. Top Managers

6. The Directors

The Frequency of meetings

IICFIP recommends quarterly meetings that last the whole of the morning on a day that is not

All copy and transmission rights reserved by the IICFIP USA, Incorporation

considered very busy, and hence less interruptions. Alternatively, the meeting should be held out
of station for maximum concentration.


Setting up anti-fraud units/departments

This is for large companies and NGOs. These specialized units will monitor operations daily
from the perspectives of a detective and then recommend remedial actions for all weakness
identified or report the wrongdoers if caught perpetrating or planning to perpetrate wrongdoing
within the company.

This is the current trend in corporate fraud governance. Many large organizations, governments,
banks and Insurance companies have specialized units that deal with, not only detection but also
prevention and international investigations.

Bi-annual/annual fraud risk assessments

Fraud risk assessment is like carrying out general medical examination for humans. The purpose
of the fraud risk assessment is to proactively audit for fraud/corruption and loopholes that may
lead to fraud so that they are dealt with in good time.

If your organization is large, and no fraud/corruption assessment has not been carried out for the
last two years, you could be having fraud going on undetected as you read these notes. People
who do not usually go general medical checkups feel good until they are hospitalized and during
that time, they discover that it is too late since they had been living with untreated cancer for
many years. Therefore, organizations discover fraud when it is too late if they do not carry out
fraud risk assessment regularly.

All copy and transmission rights reserved by the IICFIP USA, Incorporation


Whistle blowing policy

Whistle-blowing is the best effective fraud detection method in accordance to all kinds of
research and surveys Masoud Mahammed Jordan (2011).

A whistle blowing policy is strategy number 10.

Who is a Whistle Blower?

A whistle blower is one (employee) who reveals wrongdoing within an organization to the public
or to those in positions of authority.

Whistle blowing therefore is an act in which one discloses to the public or someone in authority,
any wrongdoing such as fraud, malpractice, breach of any health and safety law, or any other
illegal act, either on the part of management or by fellow employees within an organization.
However, they may not be comfortable to express their concerns because they feel that making a
formal complaint would be disloyal to their colleagues, their managers or the Trust. They may
also fear retaliation or victimization. Therefore, it may be easier to ignore the concern rather than
report what may just be a suspicion of malpractice.

Purpose of Whistle Blowing Policy

This Whistle blowing Policy is intended to encourage and enable employees to raise
serious concerns within the Trust without fear of reprisal as well as provide an enabling
environment and procedure for the investigation and determination of suspects

All copy and transmission rights reserved by the IICFIP USA, Incorporation

The Anti Fraud and Corruption Policy, separately cover all matters relating to fraud and
corruption, while encompassed by the Whistle blowing Policy. If fraud and corruption are
suspected, the Anti Fraud and Corruption Policy SHALL be followed. Therefore, any
complaints of fraud and/or corruption that are reported through this Whistle Blowing
Policy will be referred to the Trusts Anti Fraud and Corruption Policy.

Whistle Blowing Policy

Whistle blowing Policy provides procedures and or avenues for disclosing any wrong
doings such as fraud, malpractice, breach of any health and safety law, or any other
illegal act, either on the part of management or by fellow employees.

Adverse Personnel Action

An employment-related act or decision or a failure to take appropriate action by

managerial personnel which may affect the employees employment, including but not
limited to compensation, salary increment, promotion, job location, job profile,
immunities, leaves and training or other privileges.

Alleged Wrongful Conduct

Alleged Wrongful Conduct shall include, but not be limited to the suspected violation of
law, infringement of OSAIS Code of Conduct or ethic policies, mismanagement,
misappropriation of monies, actual or suspected fraud, substantial and specific danger to
public health and safety or abuse of authority .

Good Faith

An employee shall be deemed to be communicating in good faith if there is a reasonable

basis for communication of unethical and improper practices or any other alleged
wrongful conduct. Good Faith shall be deemed lacking when the employee does not have
personal knowledge of a factual basis for the communication or where the employee
knew or reasonably should have known that the communication about the unethical and
improper practices or alleged wrongful conduct is malicious, false or frivolous.

All copy and transmission rights reserved by the IICFIP USA, Incorporation

Managerial Personnel

Managerial Personnel shall include the Managing Trustee, all persons at the level of the
Manager and above, whether acting or not who have authority to make or materially
influence significant personnel decisions.

Policy or This Policy

Policy or This Policy means, Whistle Blower Policy.

Unethical and Improper Practices

Unethical and improper practices shall include but not be limited to

i. An act which does not conform to approved standard of social and professional

ii. An act which leads to unethical business practices;

iii. Improper or unethical conduct;

iv. Breach of etiquette or morally offensive behaviour, etc.

v. Whistle Blower

vi. This is an individual who discloses in good faith any unethical & improper practices or
alleged wrongful conduct to the authority in writing or via official hotline.


Aims And Scope Of This Policy

This policy aims to inter alia:

All copy and transmission rights reserved by the IICFIP USA, Incorporation

i. Encourage employees to feel confident in raising serious concerns and to question, and
act upon concerns about the activities of employer, contractors, suppliers or employees.

ii. Provide avenues for employees to raise those concerns and receive feedback on any
action taken in outmost confidentiality.

iii. Ensure that employees receive a response to concerns and that they are aware of how to
pursue them if you are not satisfied.

iv. Reassure employees that they will be protected from possible reprisals or victimization if
they have a reasonable belief that they have made any disclosure in good faith.

There are existing procedures in place to enable staff to lodge a grievance relating to your own
employment. The whistle-blowing policy is intended to cover major concerns that fall outside the
scope of other procedures. These include:

i. conduct which is an offence or a breach of law

ii. disclosures related to miscarriages of justice

iii. health and safety risks, including risks to the public as well as other employees

iv. damage to the environment

v. the unauthorized use of public funds

vi. possible fraud and corruption

vii. sexual or physical abuse of clients, or

viii. other unethical conduct

Thus, any serious concern that one has about any aspect of service provision or the conduct of
officers or members of management or others acting on behalf of the management can be
reported under the whistle-blowing policy.

This may be about something that:

All copy and transmission rights reserved by the IICFIP USA, Incorporation

i. makes you feel uncomfortable in terms of known standards, your experience or the
standards you believe subscribes to; or

ii. is against any Standing Instructions and policies; or

iii. falls below established standards of practice; or

iv. Amounts to improper conduct.

The staff in such situations may use the hotlines given to report direct to the Audit Committee
Chairperson or any their designated official.

The above is a very basic account of what a whistle blowing policy involves. In practice, I do
whistle blowing policies covering not less than 15 A4 size pages.

The whistle blowing policy must not only protect the whistle blower but also the target of whistle
blowing - the suspect.


Staff Balance

Here we are talking about having an appropriate mix of staff such that collusion to defraud
or perpetrate corruption is deterred. Staff balance involves having good mix of the

1. Racial balance.

2. Tribal and clan balance.

3. Relatives.

4. Gender balance.

All copy and transmission rights reserved by the IICFIP USA, Incorporation

5. Regional balance.

6. Qualifications and experience.

7. Age: this can also assist in succession preparation.

How can the staff balancing assist in determining and detecting fraud/corruption?

Diminishing opportunities for collusion.

Increases the perception of detection.

Increases thorough counter checking of the others work.


Disciplinary Action against offenders


It must be seen to be consistent


Fairness here means that the punishment meted out must follow laid down procedures
and be seen to be human.


Punishment dispensed out for an offence must be seen to apply to all that find themselves
culpable whether senior or junior.

Impartiality causes resentment that can probably lead to fraud perpetration as a revenge act.


All copy and transmission rights reserved by the IICFIP USA, Incorporation


There are two stages in fraud/corruption prosecution process as follows:

1. Criminal

2. Civil

This is strategy number 13 that deals with firm prosecution of the suspects of fraud or corruption.
Fraud or corruption offenses are against the state and they are prosecuted as per the provision for
criminal proceedings by the state employed prosecutors. The victim and the investigators as
complainant and expert witness respectively.

Mistakes organizations make

The following are the mistakes organizations make that leads to acquittal of the suspect(s) and as
a consequence, they suffer counter litigations for wrongful dismissal and defamation, which
again lead to further litigation of the organization in terms of damages awarded by the court.

1. Organizations consider engagement of forensic investigators to collect evidence as an

unnecessary overhead and therefore just hands the case in for prosecution.

2. They just leave the case in the hands of the government prosecution without proactively
following up. Organizations must hire a lawyer and a Certified Forensic Investigation
Professional (CFIP) to work with and support government prosecution for effective
delivery of evidence to court in support of the case. CFIP will deliver expert testimony.

I know of cases where organizations lost millions of cash to fraudsters, they were discovered and
taken to court and due to the above mistakes, they were acquitted due to insufficiency of
evidence, and later counter sued their employers and were awarded millions of cash and the
employers ordered to reinstate them. What will you do if it were your organization?

All copy and transmission rights reserved by the IICFIP USA, Incorporation

Recommended stages of litigation

The following are the two stages I do recommend for maximum deterrence to those who
might be thinking of perpetrating fraud or corruption:

1. Criminal prosecution

This will lead to criminal conviction and sentencing the prosecution provides adequate
evidence that proves beyond reasonable doubt that the fraud did occur and the suspect(s)
in court are responsible.

2. Civil litigation

The judgment in stage one above should be used in civil litigation for the recovery of the
proceeds of fraud or corruption. This is whereby the Forensic Investigator can be of great
help to an organization. CFIPs are trained to trace the proceeds of fraud and corruption to
banks, hidden assets, close relatives, and abroad. All these can be brought down to
personal statement of affairs that will show the court the amount that must be recovered
in terms of bank accounts and assets seizures.

This litigation will deprive the convict of all the amount defrauded so that after the
sentence full term, he or she comes will have to start from Zero again. This will send a
tough warning to could be fraudsters that they will stand to lose badly if they attempt to
commit the crime and are caught.


All suspects of financial wrongdoing must be forwarded to law enforcement for prosecution
regardless of their position or political affiliations or relations to the authorities there within the
firm. Partiality in this matter or different treatments of suspects will encourage such acts instead
of deterring them.

All copy and transmission rights reserved by the IICFIP USA, Incorporation

Secret to effective prosecution

The following are the secrets to winning strategy in any white-collar crime prosecution:

1. Hire a forensic investigator to gather adequate evidence and if his findings indicate that
there is no adequate evidence, do not proceed to prosecution.

2. Hire a competent lawyer to advise your organization all the way.

3. Do not miss any court hearings.

4. Provide all the information required by the court.


Annual Staff records reconciliation

Staffs payment fraud can be real and huge in large organizations or government. I have carried
out forensic audit in a medium term organization where the payroll officer had defrauded USD
100,000 in a period of two years using ghost workers and overstating pay and return schemes.
This kind of schemes thrive well where internal controls are weak and Staff records are not
properly reconciled.

Why carry out stock inventory every year or every six months and ignore staffs inventory?

The following records must be reconciled to not only themselves but also with physical staff
head count to deter and also discover any wrongdoing:

Human resources records.

Payroll records.

Attendance registers.

All copy and transmission rights reserved by the IICFIP USA, Incorporation


Thorough pre-employment staff screening

It is a known fact that human behavior is predictable. However, employers or governments

inclusive must not start by employing staff with known criminal history. This is why a majority
of employers carry out pre-employment staff screening.

I was shocked one time when I learnt that some large organizations could ask job applicants to
get reference letters and attach to their application letters. Very awkward indeed! You cannot
either screen prospective staff by writing to the colleges they attended or to previous employers.
What if the people you are writing to are relatives or close friends of the applicant?

The best way to do this is to carry out independent intelligence gathering about the applicants
background. This investigation must be carried out undercover by visiting the places or
connecting with the person on social media and try to learn more about his or her background
without revealing that you are the prospective employer. I call this Social Media Forensics.


Holding CEOs responsible for fraud/corruption

The CEOs should be bearing the ultimate responsibility for fraud or corruption in organizations.
They should be allowed to blame their juniors for failure to lead the organization free of fraud or
corruption. In most of the cases, they are heard asking; where were the auditors?" The question
should also be reframed to be where Where were the CEO and the Directors? If you read this
in reference to the tone at the top strategy you would understand better what I mean.

All copy and transmission rights reserved by the IICFIP USA, Incorporation

The CEOs should be held to account for their actions by the following acting as a team:

Audit committee

The audit committee should proactively review all audit and other governance reports to
ensure that all recommendations therein are implemented to the letter. I have seen
organizations that suffered fraud for long periods and when the audit reports were
reviewed, it was established that the auditors had recommended for the sealing of
loopholes for fraud year in year out, but the top management took no action.

To be effective, the audit committee members must not only be competent, but also be
very proactive. Committees with too old members that only attend meetings to sign for
allowances cannot help.

Stake or stockholders
The stakeholders must make it very clear that in case of any undetected or prevented
wrongdoing will lead to their dismissal and no excuses will be entertained.

Internal Audit
The Internal Auditors must also take proactive measures to ensure that their
recommendations to top management are implemented. In some cases, it may involve
sending secret notes to the stakeholders.


Anti-fraud/Corruption policy

This policy outlines all the practices that the organization considers fraudulent or corrupt. The
anti-fraud/corruption policy shall clearly outline what the Fund calls fraud or corruption so that

All copy and transmission rights reserved by the IICFIP USA, Incorporation

staff is advised to avoid it. It shall give guidelines for accepting or declining gifts and the
treatment of the accepted gifts.

The thresholds of gifts that:

1. Can be accepted without declaring.

2. Accepted with a declaration.

3. Accepted, declared and surrendered to the organization.

4. Declined. Some gifts must be declined if they are huge and meant to bribe the recipient.

This policy requires that all staff at all times act honestly and with integrity, and to safeguard the
organizations or governments resources for which they are responsible.


Fraud investigations policy

This policy outlines the rules and procedures of carrying out an investigation after the allegations
of wrongdoing. You would expect to find in this policy, rules or clauses that remove expectations
of private dealings while on the organizations premises. This must of course be done in
conformity to the laws of the land.

This policy should for instance give the investigators, right to access or break into locked offices
or drawers of suspects with or without their consent. Their signatures to the policy will be
enough in this case.

In the absence of this policy, investigators must get court orders in order to enter such offices or
drawers and search.

All copy and transmission rights reserved by the IICFIP USA, Incorporation


Rewards for integrity

Practice has shown that rewarding integrity as much as punishing wrongdoing is a great
motivator for continued compliance to the code of conduct. Employers are very quick to reward
wrong doers with sanctions, but those of integrity are even forgotten. They are only remembered
when they are found in breach of organizational rules and regulations. This is a very bad and
awkward way of human resources management.
There should be an annual rewards day for rewarding all those that assisted the organization in
achieving its objectives through compliance to laid down rules and regulations, and going off the
beaten track to save the organization money. Those staff that use creativity to either save the
organization money or make more must be rewarded.


Proactive staff rotation and on the job staff training policy

Rotation of staff can help to not only detect but also prevent wrong doing. Organizations should
not entertain staffs who decline transfers on promotion. In most cases, those who do that are
sitting on fraud or corruption and so they fear detection when they move or they may lose the
income from the corrupt schemes they have set up in their current position.The annual leave rule
must be strictly adhered to every staff member . Staff that accumulate leave without very clear
reasons are in most cases sitting on fraud and corruption.

I have discussed more on the 20 anti-fraud/corruption strategies in my upcoming module. It will

All copy and transmission rights reserved by the IICFIP USA, Incorporation

be a nice read for that are interested in carrying out effective fraud/corruption control. I have
given examples that are more specific in the module. Each strategy will constitute a chapter of
the module.


The overall strategy for fraud/presentation detection knows how to deal with staff/human
capital. All systems in an organization must be employed to deal with the fraud cancer.

All the above strategies form a common sense approach to fraud or corruption control.

All copy and transmission rights reserved by the IICFIP USA, Incorporation


10 Multiple choice questions

1. Both Managers and senior staff in organizations and governments do not proactively
think about fraud or corruption control.
A. True
B. False

2. Fraudsters think 10 times a day

A. True
B. False

3. Fraudsters think 7 times a day and that is why they are always a head of the ordinary
professionals, managers and senior leaders in government and private organizations.
A. True
B. False

4. What is the function of whistle blowing?

A. Fraud/corruption detection and reporting
B. Prevention
C. Internal Control
D. Staff Balancing

5. Who should serve on the Anti-fraud/corruption committee?

A. The Chief Executive Officer and Directors

All copy and transmission rights reserved by the IICFIP USA, Incorporation

B. Departmental/sectional leaders
C. Audit Committee Members
D. Trade Unionists

6. What does STAFF BALANCE mean in fraud and corruption control?

A. Adequate number of staff
B. Balance of staff to quantity of work
C. Proper mix of staff as to age, tribe, race, qualifications, and also the matching of
staffs training with the job descriptions
D. Gender balance

7. Prosecution of fraud and corruption offenders should follow two stages of Criminal and
civil prosecutions.
A. True
B. False

8. What is the purpose of the investigation policy?

A. Outlines investigation rules and procedures
B. Outlines the code of conduct
C. Outlines reporting channels
D. Outlines the thresholds for accepting gifts

9. What is the purpose of the anti-fraud/corruption policy?

A. Outlines investigation rules and procedures
B. Outlines the code of conduct of all staffs
C. Outlines reporting channels
D. Outlines the thresholds for accepting gifts

10. Rewarding honest staff is sure way of encouraging integrity.

A. True
B. False

All copy and transmission rights reserved by the IICFIP USA, Incorporation

Please send the answers to the test above to trigger dispatch of module No. 2
All questions must be answered.

You can complete the Module within 6 days at minimum and maximum 1.5 weeks.