Académique Documents
Professionnel Documents
Culture Documents
Theodorus
Chresma HS, SE
May 17th 2014
Managing Fraud
PwC Global Crime Survey 2014
Survey respondents included 5,128 representatives from
over 95 countries around the world
Managing Fraud
Case Study ;
Fraud Case
In order to create the
additional revenue
recorded in PT A, the
initial purchase of
cloud computing
equipment and VSAT
peripherals by PT B
was changed into
several transactions
with third party which
subsequently revealed
that PT A sold the
cloud computing
equipment to PT C
and could recognize
the revenue from this
sales transaction.
Agenda
Audit and Corporate
Governance
Internal Audit Role
Corporate Governance
Other
Standard/Regulation
Fact
Fraud Definition
Fraud Triangle
Fraud Tree
Fraud Red Flags
Fraud Control
Whistleblower Practice
Internal audit
Fraud risk management
0%
Suspicious transaction reporting
Corporate security
Rotation of personnel
3%
4%
Corporate
controls
5%
5%
3%
3%
5%
4%
4%
17%
11%
16%
21%
14%
11%
3%
By accident
Other detection methods
26%
4%
Tip-off (external)
0%
By law enforcement
19%
17%
14%
Tip-off (internal)
Whistle-blow ing system
Fraud
8%
7%
6%
10%
Beyond the
influence of
management
13%
3%
3%
4%
14%
Corporate
culture
23%
Managing Fraud
Case Study ;
Fraud Case
Internal Audit
Unfavorable Contract
creation between PT A
and PT B. The
Director of PT A has
changed several
important points and
there was unclear and
unfavorable clauses
has been added into
contract.
Watchdog
Risk,
Process,
Assurance
and
Regulation
Focus
Consulting
Role and
Business
Value
Driver
Focus
Managing Fraud
Case Study ;
Fraud Case
There is an indication
that (proven by email
communication
between Procurement
PIC and Vendor)
Procurement Buyer
PIC received an
amount of money from
Vendor
Equitable Treatment
Right of Shareholders
Responsibilities of the
Board
Role of Stakeholders
Procedures for complaints by
employees concerning illegal (including
corruption) and unethical behavior.
SOX Section 301 requires the Audit Committee of the Board of Commissioners of the
Company to establish procedures for (i) the receipt, retention and treatment of
complaints received by the Company regarding accounting, internal accounting
controls or auditing matters.
Anti-Bribery and Book and Records Provisions of the Foreign Corrupt Practices Act
(FCPA).Under these laws, the Company and Company Employees may be subject
to criminal liability if a Company Employee or an Associated Person, directly or
indirectly, offers or pays, or authorizes payment of, Anything of Value in exchange for
some improper advantage for the Company.
5
Managing Fraud
Case Study ;
Fraud Case
There was
discrepancy between
the record of cash
received by
PIC at Regional
Office with the cash
deposited to the
Bank, during the
period of 2011-2012.
The total discrepancy
is IDR XXX
Fraud
An intentional act by one or more individuals among management, those charged
with governance, employees, or third parties, involving the use of deception to
obtain an unjust or illegal advantage (ISA 240)
Any intentional act or omission designed to deceive others, resulting in the victim
suffering a loss and/or the perpetrator achieving a gain. (Managing the Business
Risk of Fraud: A Practical Guide, prepared by IIA, AICPA, and ACFE)
Fraud Triangle
Pressure
Perception of an immediate and unsharable financial need or the desire
to live a lavish lifestyle
Rationalization
Bbelief that a crime has not been
committed or is perceived to be
justified and that the reward
outweighs the risk
Opportunity
Arises from weak controls or too
much independence/ control given
to a single individual
6
Managing Fraud
Case Study ;
Fraud Case
Fraud tree
Untimely
deposit of cash receipt
in Regional Office,
which cash receipt
of 25 May 2012 was
deposited in 16 July
2012 (after 35 working
days).
FRAUD
FRAUD
Corruption
Corruption
Asset
Asset
Misappropriation
Misappropriation
Fraudulent
Fraudulent
Statement
Statement
Bribery
Bribery
Cash
Cash
Financial
Financial
Conflict
Conflict of
of Interest
Interest
Fraudulent
Fraudulent
Disbursements
Disbursements
Non-financial
Non-financial
Illegal
Illegal Gratuities
Gratuities
Inventory
Inventory and
and
Other
Other Asset
Asset
Economic
Economic Extortion
Extortion
* Source: Association of Certified Fraud Examiners (ACFE)
Managing Fraud
Case Study ;
Fraud Case
During the period of
Mr. Xs assignment
from March 2010 to
January 2012, amount
of stamp duty deposit
requested and cheque
disbursed was higher
than actual amount
paid to Tax Office for
several months by IDR
435,000,000. This
amount is consists of
IDR 70,000,000 during
2010; and IDR
365,000,000 during
2011.
Procurement
Payments based on
photocopied or
doctored invoices
Unusual billing addresses
or arrangements; no
physical address, post office
box, missing street
numbers, employees
address
Vendor payments sent to
ineligible beneficiaries
Errors, such as duplicate
payments and
miscalculations
Payment to vendors who
arent on approved vendor
list
Excessive payments to
vendors, high volume of
purchases from new
vendors
Purchases that bypass the
normal procedures
Sequential or near
sequential invoices
Payroll
Managing Fraud
Case Study ;
Fraud Case
After examining data
from Mr. Xs (one of
the Manager in PT A)
computer. We noted
that Mr. X owned a
server to provide
mobile application
service. Refer to an
Agreement between
PT A and PT B, PT A
will pay PT B
amounting to Rp.
500/mobile money
transaction service.
Prevention
Detection
Implementing Risk
Fraud Risk Database
Sr Management
Control the Fraud
Risk
Assessing Fraud
Risk
Communication and
Awareness
Fraud Detection
Program
Role of External
Auditor in detection
Fraud (through
Management Letter)
Reporting Suspected
Incidents
Whistleblower
System
Response
Policies and
Procedures
Investigation
Disciplinary Action
Loss Recovery
Managing Fraud
Case Study ;
Fraud Case
PT A has lost 10
surveying system
equipment. During the
HSE inspection, the
HSE office found 8 out
of 10 surveying
system on Mr.x office
Whistleblower Practice
Structural Aspects
Develop Whistleblower
report criteria to
determine False, Non
Serious and Proper
Whistleblower report.
Enhance Whistleblower
Protection Policy which
covers: Protection or
Whistleblower Property,
Personal and Family
protection, Criminal
Prosecution and
Whistleblower Protection
Unit.
Developing rewards
(short term and long
term) for
whistleblowing.
- Short Term:
Incentive/Bonus.
- Long Term: Job
Promotion
Establish formal unit to
handle Whistleblower
Report. The
Whistleblower Unit may
consist two elements:
1. Whistleblower
Reporting System
& Investigation
Operational Aspects
Provide other
Whistleblower reporting
line. Email, intranet,
internet, post, fax, direct
communication to
superior, direct tip-off and
telephoning the
companys headquarter.
Develop Whistleblower
Reporting guidance on
every Whistleblower
Reporting line. The
guidance consists of (but
not limited to).
1. How to write
Whistleblower
Report
systematically
(What, Where,
When, How, Who)
on every
whistleblower
reporting line.
2. Intangible/Tangible
loss that
contributed to
overall Company
loss.
3. Type of violation
(i.e., legal,
Continuous Treatment
Aspects
An effective
Whistleblower system
requires effective
communication from Top
Management to maintain
the employees
awareness of
Whistleblower system.
Perform regular
socialization of
Whistleblower Reporting
line/System & Reporting
Mechanism &
Policy/Procedure/Incentiv
e/Awareness to all
employee level in
Indosat.
Put eye-catching
Whistleblower
awareness, such as
Posters in workplace,
Code of Ethics,
Newsletters.
Perform benchmarking
to evaluate
effectiveness of
Whistleblower reporting
line in Indosat.
10
Perform monitoring,
review and evaluation
Managing Fraud
Case Study ;
Fraud Case
Mr X who is Payrolll
PIC has added
working time hours of
Mr Y (expat employee
n PT A).
Fraud Prevention
Enhance Tone from The Top from Sr
Management
Enhance Internal Control (SOP, Policy,
Segregation of Duties)
Code of Ethics and Conflict of Interest
Statement
FRAUD CONTROL
Intensive Socialization
Strong and Consistent consequences
over Fraud Action
Fraud Detection
Whistleblower Enhancement
Data Analysis over Suspicious
Transaction on Financial Statement
Fraud Reporting to Management
11
Managing Fraud
Case Study ;
Fraud Case
Internal Audit found
several counterfeit
check that was used
to pay subcontractor
Red Flag/Symptom
Submitting false
invoices
Detection Steps
Analytic review is
effective to detect
large scale fraud..
Review supporting
documents - look
for suspicious
looking documents
Review invoices for
general consulting
services.
Controls to Review
There should be an
approved vendor list.
All the vendors
should be
independently
qualified (Not
qualified per the
purchasing agent).
There must be
proper segregation
of duties
Proper Authorization
The accounts
payable list of
vendors must be
periodically reviewed
The vendor
payments must be
periodically reviewed
(At least annually)
There must be re
control methods to
check for duplicate
invoices in place
Managing Fraud
Case Study ;
Fraud Case
While performing visit
activity over
Procurement Bidding
process, internal audit
found an invalid
address.
Control
Reff
Process
Risk
Fraud Risk
Assessment
Control
Associated
with Risk
Testing Plan
PR.01.
08.C4
CAPE
X
Purchase
Request
Invalid purchase
process not in
accordance with
approved SC
Procurement
PIC Created
unnecessary
PO
Procurement
manager
performs
review and
validation on
completion of
SC and its
supporting
documents
(PID and
budget
approval from
IC committee)
1. Obtain PID
documentations
(Proposal, RKS,
RFP, Budget Case
approved, etc.).
2. Obtain budget
and investment
committee
approvals.
3. Verify SC, Budget
Committee and
Investment
Committee
approvals in
accordance with
LoA and authorized
personnel.
4. Verify BoQ and
Unit Price in SC in
accordance with
Indosat' s needs as
stated in
Proposal/RKS and
RFP.
Procurement of
goods / services
is unauthorized
Managing Fraud
Case Study ;
Fraud Case
Data
Computer Data
Office Email
Office Phone
Office Application
Investigative Audit
Manual Procedure
(Review SOP, Business
Process, Transaction)
Computer Forensic
Other Analysis
Fraudster
Fraud examination is a methodology for resolving fraud allegations from inception to disposition. More
specifically, fraud examination involves obtaining evidence and taking statements, writing reports, testifying to
findings, and assisting in the detection and prevention of fraud.
Guidance
Do and Donts
Managing Fraud
Case Study ;
Fraud Case
While performing ELC
Testing on Finance
Division (Payment
Operation), Internal
Audit noted that there
is no segregation of
duties in Payment
Operation. One PIC
handle payment and
transaction record.
Scope of Review
and Methodology
Procedures
performed
PIC Involved
Summary of
Investigation Results
Testing Result
Summary of
Fraud/Findings
The End
Recommendations
Recommendation
to prevent Fraud
case in the future
Thank You
16