Fraud is identified and caught with the aid of facts. Facts give a deeper understanding to what you could be looking at in your organization. Facts have also given rise to the mnemonic that Fraud is Always Committed by Trusted Souls. As simplistic as it may seem, it holds key to a potential trigger. Are you equipped with the necessary tools to address this challenge? Is your organization equipped with fraud Risk Management? Here are some quick slides to take you through what you need to have.
2. Frauds occur due to…
Incentive or
Pressure (68%)
?
Attitude or
Opportunity
Rationalization
(18%)
(14%)
2
3. … and can encompass any industry…
• Misappropriation of cash by fudging accounts or opening fictitious a/c
Banking Frauds • Withdrawal from deposit accounts through forged documents.
• Trading on incorrect positions or outstanding unmatched trades
Trading Frauds • Errors in Booking and settlement of trades
• Account payable and Account receivable frauds
Financial Frauds • Easy access to blank checks, facsimile, and manual check preparation
• Unaccounted purchase order numbers or physical loss of purchase orders
Sourcing & Procurement Frauds • Vendor collusion with employees
• Access to card numbers esp. in customer service or for processing
Credit Card Frauds • Online misuse/Phishing
• Excessive inventory write-offs without documentation or approvals.
Inventory and Production Frauds • Consistent production overruns beyond sales demand and backlog orders
3
4. …resulting in reputational and financial
disruption
Source: Fraud Intelligence Report-2nd Quarter -2011 published by Mark Monitor
4
8. ... and have structured governance using
Culture & Policies Structure & Process Systems & Legislation
Capabilities
Enterprise Standards Control Definition across Internal Audit Team Cyber protection
Operational Policies functions Internal and external IT act
Disciplinary Policy Control Self Assessment Vulnerability Testing Data protection laws and
& 3rd party review of Disciplinary Process governance
Awareness Programs & Controls
Training Modules Analytics and Forensics
Incident Handling
Whistle blower Domain & subject matter
Scenario planning & expertise
Code of Conduct Testing
Trigger and red flags
Internal Audit
8
9. Infosys approach to manage fraud
Process Map of Risks for all businesses
Failure analysis across functions
1
Set Triggers Key Risk Indicator
Likely Changes
Loss
Approach Estimation and
Benchmarks
Consequence
Severity 3
Mode Analysis
Level of Severity 4
Control Log review & Control Levels and Cost of control
definition Failure Analysis 2 review considerations
Incident Inventory from past experience
Process Level Risk Assessment and Mitigation
9
10. Fraud management – Maturity Model
Monitor
Check
Continuous
Monitoring and
Auditing
Using Software's
Act that trigger alerts
techniques for -
High value
and creates reports transactions
Establishing pre for financial
defined values or processes
attributes (Red
Flags)
Identify & Plan
Creation of Fraud Management
Checklist for the process and
identifying the fraud prone areas
and implementing appropriate
controls
10
11. To Summarize…
• Embed the culture of “risk” within the organization
• Enable the organization to own “risk”
• Have a Risk Reporting mechanism where all employees can report
risks they see
• Have an Incident Handling system that focuses on root cause
analysis rather than closure
• Have systems and analytics in place to monitor triggers and “red
flags”
11