Discussion Questions 2. Think of an instance of fraud that was perpetrated at your organization (or another organization, if necessary). What were the indirect costs and effects of the fraud?
Discussion Questions 3. Which departments or business activities in your organization present the highest risk of employee theft? 4. What business activities at your organization are most prone to fraudulent misstatements?
Learning Objectives—Introduction Define fraud and its components. Identify different types of fraud. Examine the impact of fraud on organizations. Understand why people commit fraud. Examine the relationship between anti-fraud initiatives and risk management.
Elements of Fraud A material false statement Knowledge that the statement was false when it was uttered Reliance on the false statement by the victim Damages resulting from the victim’s reliance on the false statement
ACFE 2014 Report to the Nations The typical organization loses 5% of its annual revenue to fraud. • Potential total fraud loss of $3.7 trillion worldwide Median loss caused by occupational frauds is $145,000. 22% of the frauds involved losses of at least $1 million.
ACFE 2014 Report to the Nations Asset misappropriation schemes • Most common—85% of cases • Least costly—median loss of $130,000 Financial statement frauds • Least common—9% of cases • Most costly—median misstatement of $1 million Corruption schemes • 37% of cases • Median loss of $200,000
The Indirect Fallout Impact extending well beyond the actual dollar amount stolen Loss of employee confidence Loss of productivity Decline in company image and reputation
Why Sanctions Alone Don’t Deter Fraud Perpetrators do not anticipate getting caught. Perpetrators rationalize their conduct so that it seems legal or justified and thus should not be sanctioned. The greatest threat perpetrators face is that their crime will be detected.
Fraud and Risk Management Risks are normally grouped into categories to facilitate risk mitigation. • Strategic • Operational • Reporting • Compliance Fraud might be considered a compliance, financial, or operational risk.
Fraud and Risk Management What is risk management? • COSO: “A process ... designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives” • ISO 31000:2009: “Coordinated activities to direct and control an organization with regard to risk”
Fraud and Risk Management Many risk management professionals underestimate the role of fraud in—or even exclude fraud risks from—the scope of their professional duties.
Fraud and Risk Management This course explains how to integrate anti-fraud and risk management initiatives to: • Identify, assess, and manage fraud risks. • Support fraud risk management by establishing an anti-fraud culture and promoting fraud awareness. • Develop a system of internal controls to address fraud risks. • Address and respond to identified fraud.