Summit Consulting Ltd

Mustapha Mugisa s

Managing the
fraud risk
Institute of Certified Public Accountants of Uganda/ 4 Feb 2011
Agenda…

#1: The fraud problem &

challenges

#2: Managing corporate fraud

#3: Final word

The fraud
problem…
The fraud prevention process…

Current
state
Gap Discussion &
implementation
Desired
state
Continuous
monitoring
4
 Lots of fraud…

An average corporation loses

about 7% of its revenue to
fraud… and we wonder why we
never achieve our mandate?

5
Fraud…
In any organisation, small
proportion of staff act
dishonestly
Causes
loss to the
entity &
Abuse of The act is gain to the
position intentional fraudster.
Fraud by false
representation of trust
6
The common fraud schemes…
Financial
reporting fraud
Medical/ insurance 4%
fraud
7%
Employee
Misconduct
9% fraud
35%
Computer
crime
11% Employee
fraud is the
Vendor related,
third party fraud
highest…
15% Procurement
fraud
19%
7
Common fraud schemes...

Previous ACFE research has

identified three primary
categories of occupational
fraud:
• Asset misappropriations i.e.
perpetrator steals or misuses
an organization’s resources.

8
Common fraud schemes...

Examples: skimming cash

receipts (steal money
before recording it),
falsifying expense reports
and forging company
checks.

9
Common fraud schemes...

Corruption schemes -
employee’s use influence in
business transactions in a
way that violates their duty to
the employer for the purpose
of obtaining a benefit for him-
or herself or someone else.

10
Common fraud schemes...

Examples of corruption
schemes include
(i)  bribery,
(ii)  extortion and
(iii) conflict of interest.
11
Common fraud schemes...

Financial statement fraud:

involves intentional
misstatement or omission of
material information in the
organization’s financial
reports.

12
Fraud schemes summary…
Purchase
Corruption schemes
Asset •  Conflict of interest
Misappro •  Bribery
priations Kick
Fraudulent backs
Bid Academic
Fraudulent Rigging Credentials
Reports Improper
Expense
reimbursements disclosures
The burden to business due to fraud…

14
 How fraud
is detected...

15
How fraud is detected...

Method Effectiveness
Tip 40.2%
Management review 15.4%
Internal audit 13.9%
By accident 8.3%
Account reconciliation 6.1%
Document examination 5.2%

16
How fraud is detected...

Method Effectiveness
External audit 4.6%
Surveillance/ monitoring 2.6%
Notified by Police 1.8%
Confessions 1.0%
IT controls 0.8%

17
Source of tips

Employees
give most
tips

18
Fraud threatens everyone…
When the going gets
tough, the tough gets
careful…
Adverse
Regulatory internal
implications impact
Reputation
Financial al damage
losses

19
 Forensic
investigations
vs. auditing
Forensic auditing/ investigation…
In forensic, each
point you write,
provide evidence

It s all
about
Outcome
Are
assumption: facts
the case will
Very reactive be determined seeking
adversarial
in nature
other than in court
and no
proactive
other.
21
Forensic auditing…
•  Everything is material. Basic mistakes
Need great care & like arithmetic
accuracy. errors in reports,
straying outside
•  Establish facts with expertise, lack of
evidence. Working objectivity, etc =
documents must no work done.
withstand detailed
scrutiny.

22
Investigative auditing…
•  Detailed examination or Involves enquiry
enquiry to establish
facts, with no
•  Internal audit approach intention for a
may be used legal recourse.

•  Legal recourse is not

presumed

23
Auditing vs. forensic...
Investigations

The objective of the audit is to

Audit scope is general
express an opinion on FS or
Audits are conducted
related informationfinancial data
examination of
on regular recurring
basis
Investigation
Investigationsis intended to Affix
are conducted
Blame
to i.e. determine
resolve specific whether
Investigations
fraud has/is occurring
are
and who is
allegations
24
usually one-off.
responsible.
Auditing vs. forensic…
Auditors approach the audit
Audited
with are conducted primarily by
Auditprofessional skepticism
process is non-
examining financial data
adversarial. Auditee not so
scared
Forensic approach the
Investigation are by (i) forensic
investigation
techniques to establish
(ii) review of public data
sufficient
and proofaim
(iii) interviews
Investigations oftopeople
support or
at affixing
refute
outside
blame,the an allegation
soorganisation
very adversarial.
25
Investigation approach…

• • W
R
E histle
Predication
eview
valuate blowing is
financial
the
Forensic
•  T existence
ips/
control of
complaints
relationships
investigations should
• A
only sufficient
environment
ccounting
commence
Interview the reasonand
clues
with
for
adequate
test wrong-doing
the
subject cause
(suspect)or
• O ther sources
to warrant
predication.
predication
last an
Evaluate all
investigation. leads
26
Investigations approach…
If predication exists,
develop fraud theory &
validate it.
• Who might be
involved?
• Where is the
evidence?
• How to prove intent?
27
Proving guilt…
To prove a
Motive person is
guilty of fraud,
all the three
things must be
proved.

Means Opportunity

28
Why corporate
fraud is a
problem?…
The bigger picture…

Limited of Reactive
integration of
compliance
within = rather than

governance Proactive
structures
Top 4 challenges…
•  Weak support to anti-fraud
entities (audit, etc…)
•  Conflict of interest
•  Tone at the top – priorities
elsewhere!
•  Lack of accurate statistics

31
#1: Weak support…
•  Small budget to
anti-fraud
efforts
•  Lack of right
skills and tools
•  Culprits are
usually highly
connected
Cases like this
32
would go free!
#2: Conflict of interest…
•  Double life of corporate officers
Some public
Servants operate
two different lives
– the private/
public sector
challenge

33
#3: Top at the top…
•  A complicated
scenario –
merit vs. skill!
•  Law of the
jungle rules… Power corrupts;
absolute power
corrupts
34 absolutely.
#4: Absence of correct data…
•  Fraud by it s
nature is
clandestine i.e.
hidden

35
The way forward…
The bigger picture…

Strong of
integration of Proactive
compliance
within
= rather than
governance
structures Reactive
Four fraud management principles

#1: Tone at the top

•  Written anti-fraud
policy, communicated
to all staff
38
 Four fraud management principles
#2: Continuous fraud
assessment
•  Proper fraud hotlines
•  Continuous assessment of
fraud risk
•  Thorough investigations
39
 Four fraud management principles
#3: Proper fraud
reporting process
• Establish a proper process to
report and investigate any
predication…

40
Four fraud management principles

#4: Fraud prevention

and detection
mechanisms
•  Resources to ensure anti-
fraud systems operate
41
Combating fraud…

-  Vetting and security

screening – know your staff
-  Internal corporate culture –
Zero tolerance to fraud
-  Fraud hotlines & suggestion
boxes
42
Long-term strategy…
•  Change mindset:
to focus on
ethics and
integrity

•  Focus on
prevention

43
More frauds are detected by tips than by
any other method.…

40% of detected
frauds is by
tipping/ whistle
blowing…

44
The final word…

Ethics and integrity is everyone s

responsibility…

It can take years to build, but just one

wrong decision can mess it up. Never ever
sell your integrity for money. It s
invaluable!
ACFE Uganda Chapter

50,000
Members
World-wide

World s
leading anti-
fraud
association
providing
thought
leadership &
anti-corruption
resources
Mugisa Mustapha
CFE, CrFA, ACCA,
CISA, CPAU, MBA.
President, ACFE Uganda
ACFE Uganda Chapter overview
50,000
20 full members Members
World-wide

World s
40 associate members leading anti-
fraud
association
providing
The CFE qualification thought
presents exceptional career leadership &
opportunities for holders. anti-corruption
resources
Set yourself apart, register
Mugisa Mustapha
now at www.acfe.com CFE, CrFA, ACCA,
CISA, CPAU, MBA.
President, ACFE Uganda
 Question & answer.

48
www.summitcl.com