220 likes | 350 Vues
Auditing for Fraud. 2 0 1 3. Or What Does Fraud Look Like?. Red Flag. A set of circumstances that are unusual in nature or vary from the “normal activity”. Caution . Do not ignore a red flag Conduct inquiry to determine reason for abnormal circumstances
E N D
Auditing for Fraud 2 0 1 3 Or What Does Fraud Look Like?
Red Flag • A set of circumstances that are unusual in nature or vary from the “normal activity”
Caution • Do not ignore a red flag • Conduct inquiry to determine reason for abnormal circumstances • Sometimes an error is just an error • Is there intent?
Quote of the day Fraud and Stupid Often look exactly the same
Fraud Triangle Need Rationale Opportunity Control Environment
Controlling Opportunity • #1 Reason Fraud Occurs: Blind Trust
Employee red flags • High employee turnover • Refusal to take vacation or sick leave • Lack of segregation of duties • Lifestyle changes • Significant personal debt and credit problems • Behavioral changes • Drug or alcohol related • Gambling • Fear of losing job
Employee red flags • Low or inadequate salary • Difficulty in obtaining audit evidence • Severe disciplinary actions • Lack of respect or appreciation by superiors • Resentment for not being treated fairly
What does fraud look like • Remember that employees will circumvent internal controls not for the purpose of committing fraud, but because…. • It makes their job easier, but by doing so, an opportunity is provided • Sooner or later, an employee will have a need • They only need to be able to rationalize in order to take advantage of the opportunity
Management red flags • Reluctance to provide information to auditors • Frequent changes in P-Card accounts • Frequent changes in external auditors • Missing documentation • Often misplacement of the P-Card • Frequent reports of fraud reported at the end of the cycle
Management red flags • Excessive number of voids, discounts and returns • Accounts that are not reconciled in a timely manner • Split Purchasing • Large number of charges to the same vendor in a short time frame
Management red flags • Missing receiving documentation • High volume of purchases from a new vendor • Frequent requests for increase in P-card monthly limits • Turns in reports late or last minute • Doctored receipts
Reasons Fraud Isn’t seeN • We tend to accept any “Reasonable” explanation • We assume • We just don’t want to find fraud • It takes time • Lack of training to recognize basic internal controls
acknowledgement • Recognizing the red flag is not sufficient • Action must be taken to determine the cause and the possible effect Evaluate by: • Observation • Financial analysis • Correct the situation • Educate the responsible people (red flags are most likely a warning that something is wrong either personally or professionally)
acknowledgement • Red Flags are “Warnings” • Do not ignore (They will be waiting for you!) • There are no “Little Frauds” • OMES P-Card Team suggests that you internally audit a random selection of charges each month • Put consequences in place for your p-card holders if rules are not followed • Make sure your policy and procedures are up to date
acknowledgement • Look for duplicate charges • Look for multiple purchases at the same vendor • Look for vendor names that seem like an unusual place to buy product for what is needed • Always read the comments put in by the cardholder- they can give you information that might raise a flag
Key Roles • Cardholder responsibility • Do and don’ts of the program • Program manager responsibilities • Approver responsibilities • Auditors • Breakdown of any of these roles can cause fraud to slip through the cracks
Promote compliance from the start • Training- P-Card initial class • Training aids posted online • Refresher training every 2 years • The agency can perform this training and highlight issues their agency is having • All communication should emphasize compliance • Does it meet the scrutiny test??
Friendly Follow-up • Communicate using multiple methods • Ask very specific “detailed” questions when transactions are “flagged” • Direct cardholders to additional resources • Follow-up routinely and consistently until adequate response is received • Advise cardholder when the matter is resolved • End each communication with your contact information
Incorporating audit recommendations • Compare historical audit findings • Look at other agencies’ audit findings and recommendations • Clearly define violations • Consistent follow-through
Conclusion • Use the gathered information for continuous improvement • Make sure appropriate controls and workflows are in place • Train, communicate, respond accordingly Questions?