Más contenido relacionado La actualidad más candente (20) Similar a Management Override: Common Tactics and How to Audit For Red Flags (20) Management Override: Common Tactics and How to Audit For Red Flags1. Management Override:
Common Tactics and How
to Audit For Red Flags
November 14, 2013
Special Guest Presenter:
David Zweighaft CPA/CFF, CFE
Copyright © 2010 White-Collar Crime 101 LLC and AuditNet LLC
Copyright © 2013 FraudResourceNet™ LLC
About Peter Goldmann, MSc., CFE
President and Founder of White
Collar Crime 101
Publisher of White-Collar Crime
Fighter
Developer of FraudAware® antifraud training courses
Monthly columnist, The Fraud
Examiner, ACFE Newsletter
Member of Editorial Advisory
Board, ACFE
Author of “Fraud in the Markets” –
Explains how fraud fueled the
financial crisis.
Copyright © 2013 FraudResourceNet™ LLC
2. About Jim Kaplan, MSc, CIA, CFE
President and Founder of
AuditNet®, the global resource for
auditors (now available on Apple
and Android devices)
Auditor, Web Site Guru,
Internet for Auditors Pioneer
Recipient of the IIA’s 2007
Bradford Cadmus Memorial
Award.
Author of “The Auditor’s Guide to
Internet Resources” 2nd Edition
Copyright © 2013 FraudResourceNet™ LLC
About David Zweighaft
CPA/CFF, CFE
Principal at DSZ Forensic Accounting
& Consulting Services LLC
David has been practicing Litigation
Consulting and Forensic Accounting
for over 20 years
Assisted the US Dept of Justice in
identifying and tracing asserts
He managed the largest Swiss bank
Holocaust Asset investigation in New
York for the NYS Banking
Department
Copyright © 2013 FraudResourceNet™ LLC
3. Webinar Housekeeping
This webinar and its material are the property of FraudResourceNet.
Unauthorized usage or recording of this webinar or any of its material is
strictly forbidden. We are recording the webinar and you will be provided
access to that recording within 5 business days after the webinar.
Downloading or otherwise duplicating the webinar recording is
expressly prohibited.
Please complete the evaluation questionnaire to help us continuously
improve our Webinars.
You must answer the polling questions to qualify for CPE per NASBA.
Submit questions via the chat box on your screen and we will answer
them either during or at the conclusion.
If GTW stops working you may need to close and restart. You can
always dial in and listen and follow along with the handout.
Copyright © 2013 FraudResourceNet™ LLC
Disclaimers
The views expressed by the presenters do not necessarily represent the
views, positions, or opinions of FraudResourceNet LLC (FRN) or the
presenters’ respective organizations. These materials, and the oral
presentation accompanying them, are for educational purposes only and do
not constitute accounting or legal advice or create an accountant-client
relationship.
While FRN makes every effort to ensure information is accurate and
complete, FRN makes no representations, guarantees, or warranties as to
the accuracy or completeness of the information provided via this
presentation. FRN specifically disclaims all liability for any claims or
damages that may result from the information contained in this
presentation, including any websites maintained by third parties and linked
to the FRN website
Any mention of commercial products is for information only; it does not
imply recommendation or endorsement by FraudResourceNet LLC
Copyright © 2013 FraudResourceNet™ LLC
5
4. Today’s Agenda
Introduction
Fraud Statistics: The Growing Fraud Threat
Authoritative Guidance
Management Override: WHY? HOW? WHAT?
Ripped from the Headlines
Case Study and Demo
Your Questions
Conclusion
Copyright © 2013 FraudResourceNet™ LLC
Fraud: The Big Picture
According to major accounting firms, professional fraud
examiners and law enforcement:
Fraud jumps significantly during tough economic times
Business losses due to fraud increased 20% in last 12
months, from $1.4 million to $1.7 million per billion dollars of
sales. (Kroll 2010/2011 Global Fraud Report)
Average cost to for each incident of fraud is $160,000
(ACFE) Of Financial Statement fraud: $2 million
Approx. 67% of corporate fraud committed by insiders (Kroll)
Approx. 50% of employees who commit fraud have been
with their employers for over 5 years (ACFE)
Copyright © 2013 FraudResourceNet™ LLC
5. Management Override:
Introduction
Copyright © 2013 FraudResourceNet™ LLC
What is Management Override?
The term ‘management override’ is used in ISA 240
on fraud to refer to the ability of management and/or
those charged with governance to manipulate
accounting records and prepare fraudulent financial
statements by overriding these controls, even where
the controls might otherwise appear to be operating
effectively.
From “Right First Time with Clarified ISAs Module 4”, © ICAEW
2010
Copyright © 2013 FraudResourceNet™ LLC
6. Copyright © 2013 FraudResourceNet™ LLC
Authoritative Guidance – SAS 99
Prevention
Deterrence
Detection
Tone at the top
Value system (“Code of
Ethics / Conduct”)
Positive workplace
environment
Hiring, promoting and
retaining appropriate
employees
Training and awareness
programs
Confirmation / affirmation of
Code of Conduct or Ethics
Ombudsman programs
Whistleblower programs
Incident response / case
management processes
Investigative procedures
Discipline, prosecution and
recovery guidelines
“Active” oversight by Board
and/or Audit Committee
– Fraud risk assessment
and related measures
– Code confirmation /
affirmation process
– Management’s
involvement in financial
reporting process and
override of control
– Process to receive,
retain and treat
complaints of fraud /
unethical conduct
– Internal and external
audit effectiveness
Internal audit
– Evaluation of adequacy /
effectiveness of internal
controls
Disciplinary examples
Identification and
measurement of fraud risk
(“fraud risk assessment”)
Processes and procedures
to mitigate identified fraud
risk
Effective internal controls at
entity and process level
On-going monitoring
activities
Computer-assisted audit
techniques
Investigation of:
– Internal control
weaknesses /
breaches
– Non-response to Code
confirmation /
affirmation
– Reported issues
Copyright © 2013 FraudResourceNet™ LLC
7. PCAOB Audit Standard #12
69.
Consideration of the Risk of Management Override of
Controls. The auditor's identification of fraud risks should
include the risk of management override of controls.
Note: Controls over management override are important to
effective internal control over financial reporting for all
companies, and may be particularly important at smaller
companies because of the increased involvement of senior
management in performing controls and in the period-end
financial reporting process. For smaller companies, the
controls that address the risk of management override might
be different from those at a larger company. For example, a
smaller company might rely on more detailed oversight by the
audit committee that focuses on the risk of override.
Copyright © 2013 FraudResourceNet™ LLC
PCAOB Audit Standard #12
73.
Controls that address fraud risks include (a)
specific controls designed to mitigate specific risks of
fraud, e.g., controls to address risks of intentional
misstatement of specific accounts and (b) controls
designed to prevent, deter, and detect fraud, e.g.,
controls to promote a culture of honesty and ethical
behavior. Such controls also include those that
address the risk of management override of other
controls.
Copyright © 2013 FraudResourceNet™ LLC
8. Polling Question 1
The three main elements of guidance for fighting
management override according to SAS 99 are (choose all
that apply)
A. Detection
B. Awareness
C. Deterrence
D. Investigation
E. Prevention
Copyright © 2013 FraudResourceNet™ LLC
Copyright © 2013 FraudResourceNet™ LLC
9. Assessing the Risk of
Management Override
Management override is very difficult to detect.
However, an audit committee can take actions to address the
risk of management override of controls:
Maintaining an appropriate level of skepticism,
Strengthening committee understanding of the business,
Brainstorming about fraud risks,
Using the code of conduct to assess financial reporting
culture,
Ensuring the entity cultivates a vigorous whistleblower
program, and
Developing a broad information and feedback network.
Management Override of Internal Control: The Achilles’ Heel of Fraud Prevention © 2005, AICPA
Copyright © 2013 FraudResourceNet™ LLC
Assessing the Risk of
Management Override (cont’d)
It is impossible to have controls In place that are sufficient to
totally eliminate the Risk of Management Override (RMO)
Controls to prevent, or detect and correct, such risks must be
in place to minimize the risk, such as controls over the
authorization and processing of journals and other adjustments
to the financial statements.
May include incentives or pressures for individuals to misrepresent the results or financial position of the entity such as:
for personal gain (salary, promotion, bonuses, continued
employment, etc);
for gain on disposal of the entity or its business;
to meet expectations or targets;
to avoid tax;
to obtain finance or to satisfy the requirements of lenders or
other third parties.
Copyright © 2013 FraudResourceNet™ LLC
10. Common Characteristics of
Management Override
Top Side Journal Entries – Timing, amounts,
nature of the accounts and complexity of the
entries
Collusion – Related to the size if the entity
Undue Influence over Accounting/Financial
Reporting Staff – Use of system access and
authorization controls
Copyright © 2013 FraudResourceNet™ LLC
Testing for Journal Entries
When selecting items for testing, the auditor must
consider:
Whether there are any fraud risk factors that may help
the auditor identify specific classes of
Journal entries and other adjustments for testing;
The effectiveness of controls over the preparation and
posting of journal entries and other adjustments.
This may reduce the extent of substantive testing
necessary, provided that the auditor has tested
the operating effectiveness of the controls;
the characteristics of fraudulent journal entries or
other adjustments.
Copyright © 2013 FraudResourceNet™ LLC
11. Polling Question 2
Maintaining a healthy level of skepticism will do little to
help the audit committee address the risk of management
override.
A. True
B. False
Copyright © 2013 FraudResourceNet™ LLC
Copyright © 2013 FraudResourceNet™ LLC
12. Testing for Journal Entries
Indicators of inappropriate journal entries may include
entries:
made to unrelated, unusual, or seldom-used accounts
or without identifying account numbers;
made by individuals who typically do not make journal
entries
recorded at the end of the period or as post-closing
entries that have little or no explanation or description
containing round numbers or consistent ending
numbers.
the nature and complexity of the accounts.
Copyright © 2013 FraudResourceNet™ LLC
Testing for Journal Entries
(cont’d)
Inappropriate journal entries or adjustments may be
applied to accounts that:
contain transactions that are inherently complex or
unusual in nature;
contain significant estimates and period-end
adjustments;
have been prone to misstatements in the past;
have not been reconciled on a timely basis or contain
unreconciled differences;
contain inter-company transactions; and
are otherwise associated with an identified risk of
material misstatement due to fraud.
Copyright © 2013 FraudResourceNet™ LLC
13. Collusion
What is COLLUSION?
In order for there to be collusion there must be present:
(1) a secret agreement,
(2) involve two or more persons,
(3) the intent to defraud a third party and
(4) give a deceptive appearance of the transaction they
engage in.
Copyright © 2013 FraudResourceNet™ LLC
Basis for Undue Influence
The 5 basis of power
(http://learnaboutfraud.wordpress.com/2011/09/16/5-bases-ofpower-influencing-to-collude/)
In relation to the perpetration of a fraud scheme, the alleged
fraudster will desire to carry out their fraud scheme (their will),
along with convincing another individual to do the alleged
fraudster’s bidding, without regard towards the other individual’s
wishes (resistance).
So how does a fraud perpetrator accomplish getting another
person to participate in their fraud scheme?
The answer is …….
Copyright © 2013 FraudResourceNet™ LLC
14. Basis for Undue Influence
(cont’d)
…The answer is power, influence and coercion
Reward power - The fraudster’s ability to provide a benefit to
the accomplice.
Coercive power - The fraudster’s ability to punish the
accomplice if there is resistance.
Expert power - The fraudster’s perceived expertise or
knowledge.
Legitimate power - The fraudster’s legitimate right to exercise
authority over the accomplice.
Referent power - The extent of the accomplice to identify with
the fraudster.
Copyright © 2013 FraudResourceNet™ LLC
Polling Question 3
Red flags of possible M/O include (choose all that apply)
A. Entries made by individuals who typically do not make
journal entries
B. Entries recorded at the end of the period or as post-closing
C. Entries containing round numbers or consistent ending
numbers.
D. All of the above
Copyright © 2013 FraudResourceNet™ LLC
15. Management Override –
Examples
Ripped from the Headlines
Copyright © 2013 FraudResourceNet™ LLC
Real World Examples
WHO
SCHEME
TYPE OF
OVERRIDE
HOW
DISCOVERED
Worldcom
Improper Capitalization of
Expenses
Collusion, J/Es,
Influence
Internal Audit
Enron
Off-Balance Sheet
Special Purpose Entities
Collusion, J/Es,
Influence
Internal Audit
Computer
Associates
35-day Accounting Periods
Collusion, J/Es
Tip to the NY
Times
Barings
Bank
Unrecorded Trading Losses
No Segregation
of Duties
Regulatory
Investigation
Cendant
Inflated Revenues, Improper
Charges Against Reserves
Collusion, J/Es
Post
Acquisition
Comptronix
CEO, COO, CFO Overstated
Income and Inventory
Collusion, J/Es
Confession to
Board
Copyright © 2013 FraudResourceNet™ LLC
16. Real World Examples (cont’d)
WHO
J/Es
Collusion
Influence
Other
No. of
Participants
Worldcom
Many
Enron
Many
Computer Associates
Many
Barings Bank
Cendant
5
Comptronix
3
No SoD
1
Copyright © 2013 FraudResourceNet™ LLC
Data Analysis - Forensic Audit
Data Analysis Techniques
Copyright © 2013 FraudResourceNet™ LLC
17. Case Study
Background
The Out-of-Control Controller
Perpetrator failed to reconcile accounts
Cost to the Company: $6.8 M over 4 years
Fraudster Profile
Financial Operations Sr VP; Male
Prepared fictitious support for account reconciliations
Directed staff to post fraudulent J/Es to the G/L
No monitoring or oversight of his work
Copyright © 2013 FraudResourceNet™ LLC
Case Study: Undue Influence &
Segregation of Duties E-mail
Copyright © 2013 FraudResourceNet™ LLC
18. Case Study Background
The Out-of-Control Controller
(cont’d)
Additional Tests – Segregation of Duties
Matching Journal Entry originators to
authorizers
Identifying emails to staff instructing them to post
fictitious Journal Entries
Copyright © 2013 FraudResourceNet™ LLC
Polling Question 4
Management power is an essential element to override of
controls. Such power can come in which of the following
forms (choose all that apply)
A. Reward power
B. Coercive power
C. Expert power
D. Legitimate power
E. All of the above
Copyright © 2013 FraudResourceNet™ LLC
19. Demo – Access and
Authorization Controls Testing
Demo: Matching Data Fields for Segregation of
Duties Testing
Learn How to:
Match Journal Entry Initiators to Authorizers to Identify
Segregation of Duty Violations
Copyright © 2013 FraudResourceNet™ LLC
Additional Tests
Who Entered the Journal
Summarize journal entries based on who entered the journal (i.e., the person listed
as the one who typed in the journal entry) to determine if he or she is authorized to
do so. Identifying who entered the data can become a bit complicated if data entry
clerks are inputting the information rather than an authorized manager.
What Was Entered
Summarize journal entries by account and repetitive extracts (e.g., more than 50
instances) and unique account sequences used in the journal entry based on the
first five debit and credit postings.
Extract nonstandard or manual journal entries for further analysis rather than
extracting an entry from a created system, such as an accounts payable ledger
posting.
Stratify the size of journal entries based on the journal entry amount, using the
debit side of the transaction.
Summarize general ledger activity on the amount field based on the absolute value
of the debit or credit to identify top occurring amounts.
Copyright © 2013 FraudResourceNet™ LLC
20. Additional Tests (cont’d)
When the Journal Was Entered
Extract journal entries posted on weekends and holidays.
Extract journal entries that were made immediately following the end of the fiscalyear. Summarize journal entry credits and debits processed by day, month, and
year.
Where the Journal Was Entered
Extract journal entries made to suspense accounts and summarize them based on
the person entering the journal entry and their corresponding account numbers.
Extract journal entries to general ledger accounts that are problematic or complex
based on past issues at the company or the industry in general (e.g., accounting
journal errors subsequently corrected by accounting staff or auditors) by reviewing
previous audits or by asking management to determine past issues.
Extract debits in revenue and summarize them by their corresponding general
ledger accounts.
Copyright © 2013 FraudResourceNet™ LLC
Additional Tests (cont’d)
Why the Journal Was Entered
Extract all general ledger transaction amounts, such as debits or credits, that
exceed the average amounts for the general ledger account by a specified
percentage — five times the average is the default.
Extract journal entries that equate to round multiples of 10,000, 100,000, and
1,000,000.
Extract journal entries using key texts, such as "plug" and "net-to-zero," anywhere
in the record. Extract JE’s that are made just below set accounting department
approval limits, especially multiple entries of amounts below such limits.
Extract journal entries illustrating reclassification of expenses either by credit to an
expense account and no corresponding debit to another expense account, or debit
to the revenue account and no corresponding credit to another revenue account.
Extract journal entries with other major classification changes in the area of assets,
liabilities, net worth, and unbalanced fund transfers.
Extract other major classification changes in the area of assets, liabilities, net
worth, and unbalanced fund transfers.
Copyright © 2013 FraudResourceNet™ LLC
21. Polling Question 5
Among the most important preventive measures with
regard to M/O is:
A. Board oversight
B. Segregation of duties
C. Delegation of authority
D. Job rotation
Copyright © 2013 FraudResourceNet™ LLC
Questions?
Any Questions?
Don’t be Shy!
Copyright © 2013 FraudResourceNet™ LLC
22. Thank You!
Website: http://www.fraudresourcenet.com
Jim Kaplan
FraudResourceNet™
800-385-1625
jkaplan@fraudresourcenet.com
Peter Goldmann
FraudResourceNet™
800-440-2261
pgoldmann@fraudresourcenet.com
David Zweighaft
dzweighaft@dszforensic.com
212-699-0901
Copyright © 2013 FraudResourceNet™ LLC
Coming Up This Month
Using Data Analysis to Detect and
Prevent P-Card Fraud, Nov. 20
Copyright © 2013 FraudResourceNet™ LLC