The document introduces ICFE Group of Companies' Fraud Risk Management Programme, which provides a comprehensive strategy to prevent, detect, and respond to corporate fraud and misconduct. The programme involves assessing fraud risks through understanding factors like pressure, opportunity, and rationalization (the fraud triangle). It then designs and implements controls to address identified risks, evaluates controls, and provides complementary investigation and training services. ICFE's programme is presented as a continuous process that balances fraud prevention with business needs through customized solutions.

1. Professional Services & Advisory Division
ICFE FRAUD RISK
MANAGEMENT PROGRAMME
A comprehensive strategy in building defence
against corporate fraud and misconduct
ICFE Group of Companies
International Cybercrime & Forensics Examiners
SINGAPORE | MALAYSIA | HONG KONG
Integrity • Accuracy • Objectivity
Website: www.icfe-cg.com
Email: enquiry@icfe-cg.com
Follow us: ICFE Group of Companies
ICFE Consultancy Group Pte Ltd • Co. Reg: 200820310Z • Tel: +65 3152 0323 • Fax: +65 6323 1839
ICFE Malaysia Sdn Bhd • Co. Reg: 871789-X • Tel: +603 2282 5406 • Fax: +603 2282 5407

2. INTRODUCTION
Recent succession of corporate scandals and misconducts had
wreaked havocs within the corporate communities and also brought
a bad name to internal controls system and its fellow sentinels. These
strings of events had brought home a strong message to the
regulators and senior executives and that is we need to develop a
stronger and more robust strategy against potential fraudsters and
their schemes. This strategy has to achieve three objectives –
Prevention, Detection and Counteractive Response: -
Prevention – Mitigating the potential risk for corporate fraud and
misconduct from occurring
Detection – Ability to uncover potential fraudsters and/or its
schemes when they occur
Counteractive Response – Applying accurate & effective
remedial strategies to reduce real & potential damages caused by
fraudsters and its schemes
The challenge is for companies to formulate and develop a
well-balanced strategy that incorporates elements that will achieve
the three goals of managing fraud risk.
WHY FRAUD OCCURS?
We believed that the key to effectively managing fraud risk is to
understand why fraud occurs.
The fraud triangle is originated from the hypothesis by famous
criminologist, Donald Cressey. According to him, three factors have to
exist for someone to commit fraud. These factors are as follows:
• Perceived unresolvable pressure
• Perceived opportunities for resolution
• Rationalisation
Perceived Unresolvable Pressure
This portion depicts what motivates a person to commit fraud. He
or she is bearing the pressure of perceived problems that cannot be
resolved through legitimate means. Thus, he or she will begin to
consider taking the risk of breaking the law (e.g. misappropriating
company’s assets, taking bribes, etc).
Perceived Opportunities for Resolution
This portion depicts the possible areas that a person perceived he
or she could abuse with his or her position in secrecy and not likely
to be caught. The person also has to perceive that by doing this his
or her problem could be resolved. Most fraud are committed by
senior executives and they continue to maintain their status as long
as they are not caught.
Rationalisation
Most fraudsters do not see themselves as criminal rather they
perceived themselves as someone being caught in a bad situation.
Thus, fraudsters will normally rationalise the crime he or she is
committing as acceptable and justifiable.
By understanding these elements that contributes to the
occurrence of fraud, we can measure them against each
organisation and formulate an effective fraud risk management
programme.
The Fraud Triangle:
OPPORTUNITY
RATIONALISATION
PRESSURE
FRAUD
TRIANGLE
ARE WE DOING IT RIGHT?
Many businesses chose to take the notion of “we will tackle the
problem when it happens”. Unfortunately, we can’t adopt that
thinking when we are dealing with fraud or misconduct. It will be
too late and extremely costly to the businesses by the time they are
aware of the incidents. This often left them clueless of how they
should response to such incidents.
Businesses could consider these questions to have a feel if they are
doing adequately or correctly in responding to fraud risk and
misconduct:
Do you have relevant & adequate system to manage and
identify fraudulent activities?
Are you aware of the types of fraud that your company,
business units or functions are vulnerable to?
Are you familiar with the common fraud within your industry?
Are your company’s internal controls strong enough to reduce
the prominent fraud risks?
Did you test the effectiveness of your company’s anti-fraud and
internal control system?
Is there a fraud management protocol to follow when fraud is
detected?
2
© 2014, ICFE Group of Companies ICFE Consultancy Group Pte Ltd • Co. Reg: 200820310Z • Tel: +65 3152 0323 • Fax: +65 6323 1839
ICFE Malaysia Sdn Bhd • Co. Reg: 871789-X • Tel: +603 2282 5406 • Fax: +603 2282 5407

3. FRAUD RISK ASSESSMENT (FRA)
We assess the fraud risk of each business on the basis of the
typologies of fraudulent schemes & misconduct which it is exposed
to and intended to mitigate. Simultaneously, we also determine
whether the existing control structure is effective and adequate.
An example of FRA process can be seen below:
DESIGN
We design and develop customised controls to mitigate risks
identified and at the same time balancing business needs, regulatory
requirements and relevant international best practices.
IMPLEMENTATION
Formulating effective process to implement new controls and
assigning relevant authority, responsibilities and resources to
selected individual tasked to manage these controls. ICFE is also able
to assist businesses in selecting and coaching suitable individuals for
this important role.
Simultaneously, business wide training and awareness talk will also
be made available so that all levels of needs are met.
ICFE’s in-house communication team will assist businesses to design
necessary peripherals and manage publicity campaigns to promote
the new framework and/or controls to all stakeholders.
EVALUATION
All new framework and controls will be subjected to
post-implementation evaluation by ICFE anti-fraud specialist. Both
processes and related personnel will be evaluated through covert
penetration, targeted surveys and self-assessment.
COMPLEMENTARY SUPPORT SERVICES
ICFE also provides the following professional services to
complement our FRM programme:
Fraud Examination Services
Professional Fraud Interviewing
Stand-alone Whistle Blowing Service
ABOUT ICFE
The ICFE Group of Companies is a think-tank group of firms dedicated
to Fraud Risk Management, Investigation and Prevention.
Headquartered in Singapore with regional offices in Malaysia and
Hong Kong, ICFE Group of Companies was formed with the intention
of combating fraudulent activity and maintaining good corporate
governance, and consequently providing professional training and
value-adding consultancy services at affordable rates. Our
consultants are practicing Certified Fraud Examiners (CFE).
ICFE aims to share its expertise with working professionals or
organisations who wish to stay abreast of the latest developments in
corporate skills and anti-fraud measures. We do this by organising
various public training programmes, seminars, and customised
in-house training programmes which are tailored to suit companies
in their respective industries.
At ICFE, we focus on five areas of professional development:
1. Fraud Prevention
2. Anti-Money Laundering
3. Corporate Governance & Business Ethics
4. Digital Forensics
5. Corporate Skills & Leadership Development
Every member of ICFE is dedicated to bringing about a wholesome
experience to all clients via Inspirational training, Innovative
consultative work and programmes that build Intelligent minds.
Ascertain the business areas,
functions or processes to assess.
Document & register
identified fraud risks / misconduct.
Assign risk based on likelihood of
occurrence and gravity of impact.
Mediate risk with new or
enhancing control measures.
3
WHY ICFE CONSULTANCY
GROUP?
ICFE recognised that it is a mammoth task to balance business needs
and managing fraud risk thus we partner our clients by putting
together a team of anti-fraud specialists to develop a customised
Fraud Risk Management (FRM) Programme for them that consist a full
suite of initiatives that aimed to prevent, detect and counteract fraud
and misconduct.
We believed that an effective and comprehensive FRM Programme
should be a continuous process that achieved the three objectives of
Prevention, Detection and Counteraction Response and at the same
time is aligned with regulatory requirements, business needs and
industry expectation.
An overview of our FRM Programme phases:
Complementary
© 2014, ICFE Group of Companies ICFE Consultancy Group Pte Ltd • Co. Reg: 200820310Z • Tel: +65 3152 0323 • Fax: +65 6323 1839
ICFE Malaysia Sdn Bhd • Co. Reg: 871789-X • Tel: +603 2282 5406 • Fax: +603 2282 5407

4. FIND OUT MORE
For more information, please contact:
CFE, CAMS, CFCI, CACM, CMCP, ICPS
ICFE Group of Companies
International Cybercrime & Forensics Examiners
SINGAPORE | MALAYSIA | HONG KONG
Integrity • Accuracy • Objectivity
Website: www.icfe-cg.com
Email: enquiry@icfe-cg.com
Follow us: ICFE Group of Companies
Stanley Chia
Group Managing Director &
Chief Fraud Examiner
Email: stanley@icfe-cg.com
Phone: +65 3152 0323
Elsie Lek
Group Sales Manager
Group Business Division
Email: elsie@icfe-cg.com
Phone: +65 8399 5074
Nonya Lailabok
Assistant Group Sales Manager
Group Business Division
Email: nonya.lailabok@icfe-cg.com
Phone: +603 2282 4691
ICFE Consultancy Group Pte Ltd • Co. Reg: 200820310Z • Tel: +65 3152 0323 • Fax: +65 6323 1839
ICFE Malaysia Sdn Bhd • Co. Reg: 871789-X • Tel: +603 2282 5406 • Fax: +603 2282 5407