Anti-Fraud and the

Internal Audit Function

Proactive Measures for Finding
Fraud, Waste, and Abuse

Washington, D.C. IIA Chapter

January 16, 2013
 Agenda
• Introduction
• Defining Fraud – ACFE Statistics
• Auditor Responsibilities
• Developing a Robust Anti-Fraud Program
• Overview
• Discussion of Specific Elements
• Questions/Discussion

2
Paul J. Soos – CIA, CFE, CICA
• Manager of Anti-Fraud & AP Recovery Services
• BA (Accounting) Baldwin-Wallace College
• Certified Internal Auditor
• Certified Fraud Examiner
• Certified Internal Controls Auditor
• CPA Candidate
• Past President of NE Ohio ACFE Chapter
• Past Audit Director - The Scott Fetzer Company
3
About CBIZ, Inc.

CBIZ MHM offices

in major cities,
nationwide.

4
 About CBIZ, Inc. (cont.)
• CBIZ is the 7th largest provider of professional
services in the U.S. and is NYSE listed
(CBZ)
• 4,500 people in 200 offices across the USA
• CBIZ provides consulting and advisory
services for HR, CFOs and CIOs
• Global coverage in 70 countries – Partners
with Kreston International

5
About CBIZ Risk & Advisory Services
• CBIZ Risk & Advisory Services (RAS) is the National Internal Audit and
Sarbanes-Oxley practice within CBIZ
• Internal Audit: Significant experienced practitioners with prior Fortune
1000 and Big 4 experience
• Sarbanes-Oxley: More than 900 CPAs, CIAs, CFEs, CISAs and technical
professionals
• Strong Anti-Fraud Practice – Prevention, Detection and Investigative
Services
• Significant depth in a wide variety of IT audit services including general
controls, application controls, security, and disaster recovery planning
• Local access: In major cities throughout the United States
• High percentage of Director and Manager time included in every
engagement
• Our practitioners have greater than 15 years of internal audit experience
• Independent: No attest work to cause independence conflicts
6
Anti-Fraud Services – Two Service Lines
Reactive Investigations Fraud Prevention/Detection
• A problem is suspected • Fraud Risk Assessments
• Quantification – Evaluating Controls
Through Eyes of a
• Prove elements of offense Forensic Accountant
• Recovery focused • Data Mining/Analysis
– Insurance – Seek indicators of
– Restitution fraudulent activity
– Civil remedies – “Checkbook Analysis”
• All-Size Companies • All-Size Companies

7
Investigations – Anti-Fraud Consultants

Forensic/Investigative
Accountants

Financial Private
Statement Investigators
Auditors

8
 Understanding Fraud
• ACFE Report to the Nation Statistics
• The Fraud Triangle
• Most Common Schemes
– In Total
– By Industry
– By Size of Company
• Likely Perpetrators

9
ACFE Report to the Nation (2012)
• Survey of CFE’s – 1,388 cases (01/10 – 12/11)
• Median loss - $140,000 – 20%+ over $1 million
• Median length of scheme – 18 months, which means that it
was not uncovered during a year-end audit
• Asset misappropriation – 87% of all cases with a median
loss of “only” $120K
• Financial Statement Fraud – only 8% of all cases, but a
median loss of over $1 million
• Corruption schemes fell in the middle, comprising just under
one-third of cases and causing a median loss of $250,000.

10
ACFE Report to the Nation (2012)
• Survey participants estimated that the typical
organization loses 5% of its annual revenue to
fraud. Applied to the estimated 2011 Gross World
Product, this figure translates to a potential total
fraud loss of more than $3.5 trillion.

11
ACFE Report to the Nation (2012)
• Small organizations are disproportionately
victimized by occupational fraud, and suffer
the largest median losses. These
organizations are typically lacking in anti-fraud
controls compared to their larger counterparts,
which makes them particularly vulnerable.

12
ACFE Report to the Nation (2012)
• The industries most commonly
victimized in the study were:
– Banking/financial services
– Government and public administration
– Manufacturing sectors

13
ACFE Report to the Nation (2012)
• High-level perpetrators cause the greatest
damage to their organizations. Frauds
committed by owners/executives were more
than three times as costly as frauds
committed by managers, and more than nine
times as costly as employee frauds.
Executive-level frauds also took much longer
to detect.

14
ACFE Report to the Nation (2012)
• Almost 80% of the frauds in the study were
committed by individuals in one of six
departments:
• Accounting
• Operations
• Sales
• Executive/Upper Management
• Customer Service
• Purchasing

15
ACFE Report to the Nation (2012)
• 87% of fraudsters in the study had never been
previously charged or convicted for a fraud-
related offense and 84% had never been
punished or terminated by an employer for
fraud-related conduct. This finding is
consistent with prior studies.

16
ACFE Report to the Nation (2012)
• Fraud perpetrators often display warning
signs that they are engaging in illicit activity.
The most common behavioral red flags
displayed by the perpetrators in our study
were:
– Living beyond their means (36% of cases)
– Experiencing financial difficulties (27%)
– Close relationships with vendors/customers (19%)
– Excessive control issues (18%)

17
ACFE Report to the Nation (2012)
• 49% of victims have not recovered ANY of the
perpetrator’s takings. This finding is consistent with prior
studies, which show 40% - 50% of victim organizations
do not recover any of their fraud-related losses.
• Anti-fraud controls appear to help reduce the cost and
duration of occupational fraud schemes. They looked at
the effect of 16 common controls on the median loss
and duration of the frauds. Victim organizations that had
these controls in place had significantly lower losses
and time-to-detection than organizations without the
controls.

18
What Can the Report Do For Us?
• Profile of common victims and perpetrators
• Identifies most common fraud schemes
• Quantifies rate of occurrence and relative losses
• In short – know what to look for
• Evaluate your fraud risk and procedures

19
The Fraud Triangle – Donald Cressey
Incentive

Opportunity Rationalization
20
Distribution of Losses

21
 The Three Main Types of Fraud
 Asset Misappropriation – 86.7% - $120K
• Stealing stuff – $ (88%), Inventory, Other Assets
• Billing schemes, T&E, check tampering
 Corruption Schemes – 33.4% - $250K
• Conflicts of interest, bribery, improper gratuities
 Fraudulent Financial Statements – 7.6% - $1M
• Concealed liabilities, fictitious revenues,
improper valuation

22
Asset Misappropriation Sub-Categories
Schemes Involving Theft of Cash Receipts
CATEGORY DESCRIPTION EXAMPLES

Skimming Any scheme in which cash is Employee accepts payment

stolen from an organization from a customer but does not
14.6% before it is recorded on the record sale, and instead
$58K organization’s books and pockets the money
records

Cash Larceny Any scheme in which cash is Employee steals cash and/or
stolen from an organization checks from daily receipts
11.0% after it has been recorded on before they can be deposited
$54K the organization’s books and in the bank
records

23
Asset Misappropriation Sub-Categories
Schemes Involving Fraudulent Disbursements of Cash
CATEGORY DESCRIPTION EXAMPLES

Billing Any scheme in which a person Employee creates a shell

24.9% causes his employer to issue a company and bills employer for
$100K payment by submitting invoices services not actually rendered
for fictitious goods or services,
inflated invoices, or invoices for Employee purchases personal
personal purchases items and submits invoice to
employer for payment

T&E Any scheme in which an Employee files fraudulent

Reimbursement employee makes a claim for expense report, claiming
14.5% reimbursement of fictitious or personal travel, nonexistent
$26K inflated business expenses meals, etc.
24
Asset Misappropriation Sub-Categories
Schemes Involving Fraudulent Disbursements of Cash (cont.)
CATEGORY DESCRIPTION EXAMPLES

Check Any scheme in which a person Employee steals blank

Tampering steals his employer’s funds by company checks, makes them
11.9% intercepting, forging, or altering out to himself or an accomplice
$143K a check drawn on one of the
organization’s bank accounts Employee steals outgoing
check to a vendor, deposits it
into his own bank account

25
Asset Misappropriation Sub-Categories
Schemes Involving Fraudulent Disbursements of Cash (cont.)
CATEGORY DESCRIPTION EXAMPLES

Payroll Any scheme in which an Employee claims overtime for

9.3% employee causes his employer hours not worked
$48K to issue a payment by making
false claims for compensation Employee adds ghost
employees to the payroll

Cash Register Any scheme in which an Employee fraudulently voids a

Disbursements employee makes false entries sale on his cash register and
3.6% on a cash register to conceal steals the cash
$25K the fraudulent removal of cash

26
Asset Misappropriation Sub-Categories
Other Asset Misappropriation Schemes
CATEGORY DESCRIPTION EXAMPLES

Cash on Hand Any scheme in which the Employee steals cash from a
11.8% perpetrator misappropriates company vault
$20K cash kept on hand at the victim
organization’s premises

Non-Cash Any scheme in which an Employee steals inventory from

17.2% employee steals or misuses a warehouse or storeroom
$58K non-cash assets of the victim
organization Employee steals or misuses
confidential customer financial
information

27
Fraudulent Asset Misappropriation
Category Cases % of Cases Median Loss
Skimming 203 14.6% $58,000

Cash Larceny 152 11.0% $54,000

Billing Schemes 346 24.9% $100,000

T&E Reimbursements 201 14.5% $26,000

Check Tampering 165 11.9% $143,000

Payroll 129 9.3% $48,000

Register Disbursements 50 3.6% $25,000

Cash on Hand 164 11.8% $20,000

Non-Cash 239 17.2% $58,000

28
 Frauds by Industry
Most Second Most
Industry Cases
Common Common
Financial
229 Corruption Cash on Hand
Services
Government 141 Corruption Billing
Manufacturing 139 Corruption Billing
Health Care 92 Billing Corruption
Education 88 Billing T&E
Retail 83 Non-Cash Corruption
Insurance 78 Billing Corruption
Professional
55 Billing Corruption
Services

29
Victim Organizations of Fraud (Size)

30
 Profile of Perpetrators
• Position
• Gender
• Age
• Tenure
• Education Level
• History

31
 The Position of Perpetrators
Position of Perpetrator
(% of Cases)

Employee (41.6%) $60,000

Manager (37.5%) $182,000

Owner/Executive (17.6%) $573,000

$0 $300,000 $600,000 $900,000

Median Loss

32
 The Gender of Perpetrators
(% of Cases)
Gender

Male (65.0%) $232,000

Female (35.0%) $100,000

$0 $300,000
Median Loss

33
The Age of Perpetrators

34
The Age of Perpetrators

35
The Age of Perpetrators (2010 Survey)

$1,250,000
$974,000
$1,000,000
Median Loss

$750,000

$500,000 $428,000
$321,000
$270,000 $265,000
$250,000 $120,000 $127,000
$60,000
$15,000
$0
<26 26-30 31-35 36-40 41-45 46-50 51-55 56-60 >60

Age of Perpetrator

36
The Tenure of Perpetrators

37
The Education Level of Perpetrators

38
Perpetrator’s Criminal/Employment History
• Only 5.6% of the fraud perpetrators in the
study had been previously convicted of a
fraud-related offense, and another 5.9% were
charged but not convicted, which has been
virtually unchanged since 2008.
• 83.7% had never been punished or terminated
by a previous employer.
• These statistics suggest that criminal
background checks and employment checks
may have some effect in preventing fraud, but
the effect is probably limited.
39
Behavioral Red Flags of Perpetrators

40
 How is Fraud Detected?
Percent Occurrence Quiz

Name potential methods of detection

41
How is Fraud Detected?
Percent Occurrence Quiz
Alphabetical Listing
1. Account Reconciliation
2. By Accident
3. Document Examination
4. External Audit
5. Internal Audit
6. Management Review
7. Notified by Police
8. Tip
42
How is Fraud Detected?

43
How is Fraud Detected?

44
How is Fraud Detected?

45
How is Fraud Detected?

46
How is Fraud Detected?

47
How is Fraud Detected?

48
How is Fraud Detected?

49
How is Fraud Detected?

50
Median Loss By Detection Method

51
 Source of Tips?

Quiz
Name potential sources of tips

52
 Source of Tips?
Alphabetical Listing
1. Anonymous
2. Competitor
3. Customer
4. Employee
5. Other
6. Shareholder/Owner
7. Vendor

53
Source of Tips

54
Source of Tips

55
Source of Tips

56
Source of Tips

57
Source of Tips

58
Source of Tips

59
Source of Tips

60
Conclusions/Recommendations
• Occupational fraud is a global problem.
• Fraud reporting mechanisms, such as hotlines, are a
critical component of an effective fraud prevention and
detection system.
• Organizations tend to over-rely on audits, especially
external audits.
• Audits should not be relied upon exclusively for fraud
detection.
• Employee education is the foundation of preventing and
detecting occupational fraud.
• Most frauds are detected by tips.
61
Conclusions/Recommendations
• Organizations that have anti-fraud training for employees
and managers experience lower fraud losses.
• Surprise audits are an effective, yet underutilized, tool in
the fight against fraud.
• While surprise audits can be useful in detecting fraud,
their most important benefit is in preventing fraud by
creating a perception of detection.
• Small businesses are particularly vulnerable to fraud.
• Managers and owners of small businesses should focus
their control investments on the most cost-effective
mechanisms, such as hotlines and setting an ethical
“tone from the top” for their employees.
62
Conclusions/Recommendations
• Internal controls alone are insufficient to fully prevent
occupational fraud.
• Fraudsters exhibit behavioral warning signs of their
misdeeds which will not be identified by traditional
controls.
• Auditors and employees alike should be trained to
recognize the common behavioral signs that a fraud is
occurring and encouraged not to ignore them.
• Given the high costs of occupational fraud, effective
fraud prevention measures are critical.

63
 Internal Audit’s Role
• What are our responsibilities?
• What do others (management, the board,
stakeholders) think our responsibilities are?
• How much time do we spend considering
fraud matters?
• Do we incorporate fraud risks into our risk
assessment?
• Do we use fraud specialists to
supplement/train our staff?
64
 SAS 99 Considerations
• Description and characteristics of fraud
This section describes fraud and its characteristics.
• The importance of exercising professional skepticism
This section discusses the need for auditors to exercise
professional skepticism when considering the possibility that a
material misstatement due to fraud could be present.
• Discussion among engagement personnel regarding
the risks of material misstatement due to fraud
This section requires, as part of planning the audit, that there be
a discussion among the audit team members to consider how
and where the entity's financial statements might be susceptible
to material misstatement due to fraud and to reinforce the
importance of adopting an appropriate mindset of professional
skepticism.
65
 SAS 99 Considerations
• Obtaining the information needed to identify risks of
material misstatement due to fraud
This section requires the auditor to gather information necessary
to identify risks of material misstatement due to fraud, by
• Inquiring of management and others within the entity about the
risks of fraud.
• Considering the results of the analytical procedures performed
in planning the audit.
• Considering fraud risk factors.
• Considering certain other information.
• Identifying risks that may result in a material
misstatement due to fraud
This section requires the auditor to use the information gathered
to identify risks that may result in a material misstatement due to
fraud.
66
 SAS 99 Considerations
• Assessing the identified risks after taking into account
an evaluation of the entity's programs and controls
This section requires the auditor to evaluate the entity's
programs and controls that address the identified risks of
material misstatement due to fraud, and to assess the risks
taking into account this evaluation.

67
 SAS 99 Considerations
• Responding to the results of the assessment
This section emphasizes that the auditor's response to the
risks of material misstatement due to fraud involves the
application of professional skepticism when gathering and
evaluating audit evidence. The section requires the auditor to
respond to the results of the risk assessment in three ways:
1. A response that has an overall effect on how the audit is
conducted, that is, a response involving more general
considerations apart from the specific procedures otherwise
planned.
2. A response to identified risks that involves the nature, timing,
and extent of the auditing procedures to be performed.

68
 SAS 99 Considerations
• Responding to the results of the assessment
This section emphasizes that the auditor's response to the
risks of material misstatement due to fraud involves the
application of professional skepticism when gathering and
evaluating audit evidence. The section requires the auditor to
respond to the results of the risk assessment in three ways:
3. A response involving the performance of certain procedures to
further address the risk of material misstatement due to fraud
involving management override of controls. The procedures
include:
• Examining journal entries and other adjustments for evidence of
possible material misstatement due to fraud.
• Reviewing accounting estimates for biases that could result in
material misstatement due to fraud.
• Evaluating the business rationale for significant unusual
transactions.
69
 SAS 99 Considerations
• Evaluating audit evidence
This section requires the auditor to assess the risks of
material misstatement due to fraud throughout the audit and
to evaluate at the completion of the audit whether the
accumulated results of auditing procedures and other
observations affect the assessment. It also requires the
auditor to consider whether identified misstatements may be
indicative of fraud and, if so, directs the auditor to evaluate
their implications.

70
 SAS 99 Considerations
• Communicating about fraud to management, the audit
committee, and others
This section provides guidance regarding the auditor's
communications about fraud to management, the audit
committee, and others.
• Documenting the auditor's consideration of fraud
This section describes related documentation requirements.

71
 CFO Magazine
March 2011 Article – Where There’s Smoke, There’s Fraud

An Action Plan
• Start at the top
• Educate employees
• Change the culture ASAP
• Hold surprise audits
• Check (and double-check) employee backgrounds
• Prepare a data-breach response plan
• Make sure the Board of Directors plays its role

72
 Tone From the Top
Two prevailing attitudes regarding fraud:

• We would never hire someone like that

(head in the sand)

• We are willing to be proactive in making

sure that these situations do not occur
(professional skepticism)
73
Primary Internal Control Weakness
Observed by CFEs

74
Frequency of Anti-Fraud Controls

75
Dollar Impact of Anti-Fraud Controls
% Control In Control Not %
Control
Implemented Place In Place Reduction
Management Review 60.5% $100,000 $185,000 45.9%

Employee Support Programs 57.5% $100,000 $180,000 44.4%

Hotline 54.0% $100,000 $180,000 44.4%

Manager/Executive Fraud
47.4% $100,000 $158,000 36.7%
Training
External Audit of ICOFR 67.5% $120,000 $187,000 35.8%

Employee Fraud Training 46.8% $100,000 $155,000 35.5%

Anti-Fraud Policy 46.6% $100,000 $150,000 33.3%

Formal Fraud Risk Assessments 35.5% $100,000 $150,000 33.3%

Internal Audit Department 68.4% $120,000 $180,000 33.3%

KEY:
External Audit of F/S = Independent external audits of the organization’s financial statements
Internal Audit / FE Department = Internal audit department or fraud examination department
External Audit of ICOFR = Independent audits of the organization’s internal controls over financial reporting 76
Management Certification of F/S = Management certification of the organization’s financial statements
Duration Impact of Anti-Fraud Controls
% Control In Control Not %
Control
Implemented Place In Place Reduction
Job Rotation/Mandatory Vacation 16.7% 9 months 24 months 62.5%

Rewards for Whistleblowers 9.4% 9 months 22 months 59.1%

Surprise Audits 32.3% 10 months 24 months 58.3%

Code of Conduct 78.0% 14 months 30 months 50.0%

Anti-Fraud Policy 46.6% 12 months 24 months 50.0%

External Audit of ICOFR 67.5% 12 months 24 months 50.0%

Formal Fraud Risk Assessments 35.5% 12 months 24 months 50.0%

Employee Fraud Training 46.8% 12 months 24 months 50.0%

Manager/Executive Fraud
47.4% 12 months 24 months 50.0%
Training
KEY:
External Audit of F/S = Independent external audits of the organization’s financial statements
Internal Audit / FE Department = Internal audit department or fraud examination department
External Audit of ICOFR = Independent audits of the organization’s internal controls over financial reporting 77
Management Certification of F/S = Management certification of the organization’s financial statements
 Anti-Fraud Program Components
Often Managed by Internal Audit
– Should Incorporate Board of Directors and Senior Management Involvement –

Prevention Detection Response

 Organizational Ethics  Reporting Mechanisms  Process/protocols for:
Policy (i.e. Hotlines)  Internal
 Employee and Vendor  Fraud Detection Analyses Investigations
Validations  Continuous Monitoring  Disciplinary Actions
 Transactional and/or  Remediation to
Process-Specific Anti- Prevent Repeat
Fraud Controls Occurrences
 Adequate Insurance

– Continuous Evolution –
Program components should be periodically evaluated for effectiveness, efficiency, and to
ensure current organizational anti-fraud risks, or goals, are addressed.

78
Areas of Proactive Fraud Reviews

Accounts Payable/Human Resources Testing

 Vendor Master File (incomplete records, shared
addresses, TIN, phone)
 Invoice Testing (even dollar, sequential, numbering)
 Employee Testing (SSN, shared addresses, bank
accounts)
 Shell company (vendors and employees sharing info –
addresses, bank accounts)

79
Vendors/Employees Sharing Addresses
Em ployee Em ployee Em ployee Invoice
Vendor Nam e Vendor Address 1
Nam e Address 1 City Am ount
SOUTH EDUCATORS 709 MALL BLVD X, Lynn 709 Mall Boulevard Savannah $ 1,917,034.00
GREEN VAUGHN LLC 709 MALL BOULEVARD X, Lynn 709 Mall Boulevard Savannah 746,688.96
HOLIDAY INN NEWTON 399 GROVE STREET X, Brian 399 Grove St. New ton 305,620.00
THE INCENTIVE SHOP 706 DUNCAN AVENUE X, Phyllis 706 Duncan Ave. Pittsburgh 190,838.00
ALBERT GREENSTONE 750 PARK AVENUE, NE X, Ophelia 750 Park Ave Atlanta 52,174.23
R KEITH & LIZ SWICK RT 1 BOX 775 X, Elizabeth Route 1 Box 775 Clarksburg 24,874.06
TESTA CONSULTING SERVICES INC 40 24TH STREET X, Vincent 40 24th St Pittsburgh 20,538.24
CULINARY THOUGHTS 2927 AVENUE D. X, Michael 2927 Avenue D Katy 12,272.30
DAY'S LAWN CARE, INC 2343 NOTTINGHAM NW X, Toni 2343 Nottingham NW Massillon 11,523.60
LOIS NENES 2927 AVENUE D X, Michael 2927 Avenue D Katy 11,000.00

80
Areas of Proactive Fraud Reviews
(continued)
Purchase/Procurement Card (P-Card)
 Transactional/monthly/credit limit
 Potential split transactions
 Prohibited categories
 High-risk merchants (PayPal)
 Other policy violations

81
Areas of Proactive Fraud Reviews
(continued)
Travel & Entertainment (T&E)
 Policy compliance (company card, agency, etc.)
 Potential split transactions
 Prohibited categories
 High-risk merchants (airfare)
Wire Transfers and ACH Transactions
 Policy compliance/approvals
 Tie in to vendor testing

82
Conflict of Interest

83
 Fraud Prevention Checklist
1. Is ongoing anti-fraud training provided to all employees
of the organization?
2. Is an effective fraud reporting mechanism in place?
3. To increase employees’ perception of detection, are the
following proactive measures taken and publicized to
employees?
– Is fraudulent conduct proactively sought out?
– Are surprise audits performed?
– Is continuous auditing software utilized?
4. Is the management climate/tone at the top one of
honesty and integrity?

84
 Fraud Prevention Checklist
5. Are fraud risk assessments performed to proactively
indentify and mitigate the company’s vulnerabilities to
internal and external fraud?
6. Are strong anti-fraud controls in place and operating
effectively, including the following?
• Proper separation of duties
• Use of authorizations
• Physical safeguards
• Job rotations
• Mandatory vacations

85
 Fraud Prevention Checklist
7. Does the internal audit department, if one exists, have
adequate resources and authority to operate effectively
and without undue influence from senior management?
8. Does the hiring policy include the following (where
permitted by law)?
• Past employment verification
• Criminal and civil background checks
• Credit checks
• Drug screening
• Education verification
• References check

86
 Fraud Prevention Checklist
9. Are employee support programs in place to assist
employees struggling with addictions,
mental/emotional health, family or financial problems? 
10. Is an open-door policy in place that allows employees
to speak freely about pressures, providing
management the opportunity to alleviate such
pressures before they become acute?
11. Are anonymous surveys conducted to assess
employee morale?

87
 Questions/Discussion

ACFE Report To The Nations

(includes Fraud Prevention Checklist)
www.acfe.com

Paul J. Soos - CFE, CIA, CICA

[email protected] 812.637.5737

88