1 / 31

Components of an effective anti-fraud & corruption compliance program

Anti-Fraud Trends and Analytics Integrating anti-bribery & corruption analytics into your compliance monitoring program Meeting with Verizon October 19, 2012. Components of an effective anti-fraud & corruption compliance program. Setting the Proper Tone. Proactive. Reactive.

rex
Télécharger la présentation

Components of an effective anti-fraud & corruption compliance program

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Anti-Fraud Trends and AnalyticsIntegrating anti-bribery & corruption analytics into your compliance monitoring programMeeting with VerizonOctober 19, 2012

  2. Components of an effective anti-fraud & corruption compliance program Setting the Proper Tone Proactive Reactive Elements of a successful corporate anti-fraud, bribery and corruptionprogram Code of Ethics Fraud and Corruption Prevention Policies Communication and Training Risk Assessment Controls Monitoringand Analytics Incident Response Plan Management Ownership and Involvement Anti-fraud, bribery and corruption key activities mayinclude • Investigations • Fraud response planning • Forensic data analytics • Discovery and document review • Review of fraud policies and controls • Industry benchmark of anti-fraud programs • Gap analysis • Future state design session • Who owns fraud? • Assess roles and responsibilities • Fraud and risk committee formulation • Customized training • Corporate governance • Corporate anti-fraud road map • FCPA / anti-bribery assessments • Fraud risk assessment • Targeted anti-fraud analytics • Anti-bribery and corruption analytics • M&A Due Diligence • 3rd Party Due Diligence • 3rd Party Risk profiling • Conduct background checks

  3. How FCPA compliance & analytic overlaps with key business processes DOJ’s criteria for an FCPA violation: Who Corrupt Intent Payment (or intent to pay) Recipient Business Purpose EY maintains a library of over 400 anti-fraud tests around each fraud risk area. Source: ACFE 2010 Report to the Nations On Occupational Fraud

  4. Start with the Fraud TreeDifferent tools and methodologies are required to combat corruption Fraud tree Corruption Fraudulent statements Conflicts of interest Bribery and corruption/ FCPA Illegal gratuities Bid-rigging/ procurement Revenue recognition GAAP Reserves Non financial Asset misappropriation Cash larceny Theft of other assets – inventory/ AR/ fixed assets Fake vendor Payroll fraud T&E fraud Theft of data

  5. Corruption is a key risk area ACFE 2012 Report to the Nation EY Global Fraud Survey • 39% of respondents say that bribery & corruption practices occur frequently in their countries • 15% of CFOs surveyed said they would be willing to make cash payments to win business • 20% of CFOs surveyed said that they are willing to makepersonal gifts to win business Median loss was $135,000 per incident. Source: ACFE 2010 Report to the Nations On Occupational Fraud

  6. Top corruption risk areasTelcom company example Vendor / employee conflicts of interest FCPA Travel & entertainment abuses Overpaying local suppliers in other countries (kickback) Kickback from a customer for free service (high frequency, low impact) Source: ACFE 2010 Report to the Nations On Occupational Fraud

  7. 2011 Corruption Perceptions Index

  8. How is fraud detected? 50% by tip or accident Source: ACFE 2010 Report to the Nations On Occupational Fraud 2012 ACFE Report to the Nation on Occupational Fraud

  9. Forensic analytics maturity modelBeyond traditional “rules-based queries” – consider all four quadrants Low Detection Rate High Matching, Grouping, Ordering, Joining, Filtering Anomaly Detection, ClusteringRisk Ranking Structured Data “Traditional” Rules-Based Queries & Analytics Statistical-Based Analysis Data visualization, Drill-down into data, Text Mining Keyword Search Unstructured Data Traditional Keyword Searching Data Visualization & Text Mining High Low False Positive Rate

  10. Beyond “rules-based” tests Beyond traditional matching, filtering and sorting algorithms, EY integrates statistical, visual and text mining techniques to identify patterns of high risk or rogue employee activities.

  11. Common anti-fraud tests • Payment stream analysis • Altered invoices, goods not received, duplicate invoices, inflated prices, excess quantities purchased, requestor/approver conflicts • Vendor or subcontractor abuses • Fictitious vendors, employee / vendor conflicts of interests, • Employee expenses and P-card expenditures • Over limits, unusual expenses, miscellaneous/sundry expenses • Payroll • Ghost employees, unusual payments, no deductions/evaluations, direct deposit account analysis • Bribery and corruption • Bid rigging, conflicts of interest, contract compliance, kickbacks, payments to outside consultants

  12. Fraud detection analytics

  13. Focus on the payment text descriptionsWhat if you saw these terms used as justification for payments to third parties? Nobody calls it “bribe expense” Government fee Pay on behalf of “<blank>” Special commission Goodwill payment Friend fee One time payment Consulting fee Donation Special payment Team building expense Commission to the customer Volume contract incentive Incentive payment Processing fee

  14. Text Mining:“Disbursements Analysis”

  15. Travel & entertainment – an FCPA risk example “Who entertained whom, where, what for and for how much?”

  16. Anti-Bribery & Corruption Analytics Who said what, where and how much?

  17. Transaction Risk Scoring Filter by selected analytics Review breaches on targeted analytics

  18. Finding hidden money… Duplicative payments to fictitious vendors Exact SameAmount DifferentInvoice # Same Reference /Job Code DifferentVendor ID SameDate Some with same address Similar names

  19. Finding hidden money… Salary & Payroll Abuse Overtime abuse. Test for billing more than a 40 hour work week

  20. Vendor / employee conflicts of interest Vendor Master and Employee Master should not overlap. Analysis of phone numbers and fuzzy address matches.

  21. New Research: Fraud Triangle & Behavioural Analytics

  22. The Fraud Triangle¹Applying theory to electronic communications 1. Donald R. Cressey's “Fraud Triangle” ; Incentive/Pressure, Opportunity and Rationalization are present when fraud exists. 1. Donald R. Cressey's “Fraud Triangle” ; Incentive/Pressure, Opportunity and Rationalization are present when fraud exists.

  23. EY / ACFE library of ‘keywords’(Over 3,000 terms in a over a dozen languages so far…) Rationalization Incentive/ Pressure Opportunity …I deserve it …nobody will find out …gray area …they owe it to me …everybody does it …fix it later …the company can afford it …not hurting anyone …won’t miss it …don’t get paid enough …make the number …don’t let the auditor find out …don’t leave a trail …not comfortable …why are we doing this …pull out all the stops …do not volunteer information …want no part of this …only a timing difference …not ethical …special fees …client side storage …off the books …cash advance …side commission …backdate …no inspection …no receipt …smooth earnings …pull earnings forward

  24. Fraud Triangle analytics—calculationJoint EY and ACFE Research Project

  25. Fraud Triangle Analytics – ResearchBribery Case Keyword hits as a percentage of total emails Incentive/Pressure Terms Opportunity Terms Rationalization Terms Investigation timeframe, September 2006 to March 2007

  26. Interactive dashboard Fraud Triangle Analytics – Interactive Dashboard

  27. Emotional Tone AnalysisIndentify “Derogatory”, “Surprised”, “Secretive”, “Worried” communications

  28. Emotional Tone Analysis Ken Lay’s emails were “derogatory”, “confused” and “angry”

  29. Rogue employee analytics Risk Scoring Model – peer stratification dashboard review Peer Stratification Dots represent clusters of high risk communications that can be reviewed by clicking. Detail-Level View

  30. Closing thoughts • Consider a pilot program, taking a risk-based approach • Consider developing an “anti-fraud” task force • Maintain and build a library of robust anti-fraud tests • Don’t overlook bribery and corruption—corruption is a hot topic for global companies, especially in telecommunications and global capital projects • This is not SOX testing and the same tools don’t apply! Current global fraud landscape requires more proactive, targeted analytics, beyond traditional “rules-based” tests

  31. Contacts Vincent Walden Ernst & Young LLP Partner, Assurance Services Fraud Investigation & Dispute Services New York, NY (212) 773-3643 vincent.walden@ey.com Bill Henderson Ernst & Young LLP Partner, Assurance Services Fraud Investigation & Dispute Services New York, NY (212) 773-4389 william.henderson@ey.com

More Related