Professional Documents
Culture Documents
SEMESTER A 182
TOPIC 2:
FRAUD PREVENTION
5
Verify Applicant’s Résumé and
Application
• Verify all information on the applicant’s
résumé and/or application using the following
suggestions:
– Require all applicants to certify that all information
on their application and/or résumé is accurate
– Train those involved in the hiring process to
conduct thorough and skillful interviews
– Use industry-specific or other approaches as
deemed necessary (credit checks, fingerprinting,
drug tests, public record searches, honesty tests,
etc.)
6
Hiring Policies and Practices
7
Creating a Positive Work Environment
9
Eliminating Opportunities for Fraud to Occur
10
Having a Good System of Internal Controls
11
Good Control Environment -
COSO
• Control Environment
1. The organization demonstrates a commitment to integrity and
ethical values.
2. The board of directors demonstrates independence from
management and exercises oversight of the development
and performance of internal control.
3. Management establishes, with board oversight, structures, reporting
lines, and appropriate authorities and responsibilities in the
pursuit of objectives.
4. The organization demonstrates a commitment to attract, develop,
and retain competent individuals in alignment with objectives.
5. The organization holds individuals accountable for their internal
control responsibilities in the pursuit of objectives.
Risk Assessment Process -
COSO
• Risk Assessment
6. The organization specifies objectives with sufficient clarity to enable
the identification and assessment of risks relating to
objectives.
7. The organization identifies risks to the achievement of its objectives
across the entity and analyzes risks as a basis for
determining how the risks should be managed.
8. The organization considers the potential for fraud in assessing risks
to the achievement of objectives.
9. The organization identifies and assesses changes that could
significantly impact the system of internal control.
Control Activities - COSO
• Control Activities
10. The organization selects and develops control activities that
contribute to the mitigation of risks to the achievement of
objectives to acceptable levels.
11. The organization selects and develops general control activities
over technology to support the achievement of objectives.
12. The organization deploys control activities through policies that
establish what is expected and procedures that put policies
into action
Control Activities
• Segregation of Duties
– Having two people do a task together or splitting the task into parts so
that no one person handles the complete assignment
• Authorizations
– Having a system of proper authorizations so that only authorized or
designated individuals have permissions to complete certain tasks
• Physical Controls
– Implementing physical safeguards such as locks, keys, safes, fences,
and so on, to prohibit access to assets and records
• Independent Checks
– Implementing a system of independent checks such as job rotations,
mandatory vacations, audits, and so on
• Documentation
– Having a system of documents and records that provide an audit trail
that can be followed to check on suspicious activity and to document
transactions
15
Discouraging Collusion between Employees
and Others
16
Monitoring Employees and Having a
Whistle-Blowing System
• Close monitoring
– Facilitates early detection
– Deters frauds because potential perpetrators realize
that “others are watching”
• A good whistle-blowing program is one of the most
effective fraud prevention tools.
– Approximately 33 percent of all frauds are detected
through tips.
– Section 806 of the Sarbanes-Oxley Act of 2002
requires all public companies to have a whistle-blower
system.
– Government agencies and some foreign companies
have whistle-blower systems.
17
Elements of an Effective Whistle-
Blowing System
• Anonymity
• Independence
• Accessibility
• Follow-up
18 CHAPTER 4
Creating an Expectation of Punishment
• Fear of punishment
• Examples of punishment
– Termination—not always a real punishment
– Having to disclose dishonest behavior to family and
friends
– Prosecution
• Expectation of punishment can be conveyed by
– Having a policy that states employees who engage in
fraud will be prosecuted to the fullest extent of the law
– Applying the policy
19
Conducting Proactive Fraud Auditing
20
Preventing Fraud—A Summary
21
Figure 4.3 Fraud Prevention
22
A Comprehensive Approach to Fighting
Fraud
23
Organizations and Fraud—The Current
Model
• The current model that many organizations use for
dealing with fraud is characterized by four stages:
– Fraud incident
– Investigation
– Action
– Resolution
• Once these four stages are completed, no further
action is taken—until another fraud occurs.
– Fraud will never decrease with this model.
– Fraud will become a recurring problem.
24
Dealing with Fraud:
The Current (Default) Model
25
Elements of Fraud-Fighting Model
27