GAIN FIRM FOOTING
WITH FRAUD RISK MANAGEMENT
GAIN CONTROL
berrydunn.com
OVERVIEW
• Introduction • Fraud Considerations for Banks • Computer Fraud and Data Forensics • Questions and Discussion
GAIN CONTROL
2
REFERENCE Statistics and charts in this presentation, unless otherwise noted, are from: The Report to the Nations - 2012 Global Fraud Study • Study of 1,388 cases of occupational fraud • Published by the Association of Certified Fraud Examiners
GAIN CONTROL
3
BANKS HAVE MORE THAN THEIR FAIR SHARE
GAIN CONTROL
4
WHAT TYPE OF FRAUD IS OCCURRING AT BANKS?
GAIN CONTROL
5
DISTRIBUTION OF LOSSES
GAIN CONTROL
6
DETECTION OF FRAUD SCHEMES
GAIN CONTROL
7
IMPACT OF HOTLINES
GAIN CONTROL
8
TYPES OF FRAUD External versus Internal Fraud • External – perpetrators are outside the bank • Internal – fraud is committed by bank personnel
GAIN CONTROL
9
EXTERNAL FRAUD Primarily executed by customers and outsiders, examples include: • Wire Fraud • Mortgage Fraud (material misrepresentation or omission) • Check Fraud (forgery, check kiting, altered checks)
GAIN CONTROL
10
INTERNAL FRAUD Two Types of Internal Fraud • Financial Statement Fraud Highest median loss per reported case, however lowest frequency of occurrence • Asset Misappropriation Lowest median loss per reported case, however the highest rate of frequency
Source: ACFE 2012 Report to the Nations
GAIN CONTROL
11
FINANCIAL STATEMENT FRAUD • Asset/revenue overstatement • Liability/expense understatement • Timing differences • Concealed liabilities and expenses • Improper disclosures
GAIN CONTROL
12
ASSET MISAPPROPRIATION • Unauthorized transfers/disbursements • Payroll schemes • Ghost employees • Expense reimbursement schemes • Theft of portable fixed assets • Others… GAIN CONTROL
13
RECENT FRAUD CASES Bank Fraud Schemes: • Returned checks • Loan advances • Fictitious loans
GAIN CONTROL
14
FRAUD TRIANGLE
PERCEIVED OPPORTUNITY
INCENTIVE/ PRESSURE
ATTITUDE/RATIONALIZATION GAIN CONTROL
15
PREVENTING AND DETERRING FRAUD Prevention and Deterrence Perceived opportunity is the aspect of the fraud triangle that is most controlled by employers. Strong internal controls and segregation of duties • Review access rights on a consistent and periodic basis • Limit access to employee accounts (both solely owned or jointly owned) • Review employee account activity and teller activity • Dual control over wire transfers • Review of payroll change reports by someone independent of the payroll function GAIN CONTROL
16
PREVENTING AND DETERRING FRAUD (CONTINUED) The list continues… • Robust review of suspense/clearing account activity – be certain the reconciliation makes sense and items are clearing timely and properly • Implement a fraud reporting mechanism that is anonymous • Maintain profession skepticism Attitude and rationalization can be improved within companies by strong “tone at the top” and employee appreciation efforts GAIN CONTROL
17
PREVENTING AND DETERRING FRAUD (CONTINUED) Best practice is to have a fraud risk management program in place Brainstorming sessions: • Identify significant risk areas (multiple locations, business segments, etc.) • How is the importance of ethical behavior and appropriate business practices communicated? • What could go wrong?
GAIN CONTROL
18
OVERVIEW OF DATA FORENSICS • What is Data Forensics? • Uses for Data Forensics • How We Work • Why Forensic Analysts? • Before An Investigation • The Right Knowledge • In the Right Hands
GAIN CONTROL
19
WHAT IS DATA FORENSICS? • Forensics “Suitable for use in a court of law“. Forensic accountants generally work to this standard and toward this potential outcome. • Forensic Accounting The specialty practice area of accountancy that describes engagements that result from actual or anticipated disputes or litigation. • Data Forensics A branch of forensic science pertaining to legal evidence found in computers and digital storage media. Also known as digital forensics GAIN CONTROL
20
USES FOR DIGITAL FORENSICS • Inappropriate and/or illegal activity • E-mail and Internet abuse • Unauthorized disclosure of information • Asset concealment or diminution • Financial mismanagement, theft and/or fraud • Wrongful termination, harassment, or discrimination • Liability due to infringement of copyrighted materials
GAIN CONTROL
21
CASE STUDY – A LOCAL CREDIT UNION A trusted employee committed misappropriation of assets Assets Lost: $500,000
Cost of the Investigation: $250,000.
Results: Perpetrator pleaded guilty and went to jail.
GAIN CONTROL
22
WHY USE DATA FORENSICS?
• How often are computers used to commit fraud?
• Some evidence is found ONLY on the perpetrator’s computer
GAIN CONTROL
23
CASE STUDY – MANAGEMENT FRAUD • A VP of a satellite business embezzles $850,000 from the parent company; • Forensic accounting cannot track transfers of funds; • Collaborators are not discovered until data forensics is used
GAIN CONTROL
24
HOW WE WORK • Forensic (suitable for use in a court of law) acquisition of digital/electronic evidence • Deleted file and document recovery (including email) • Corrupt or damaged operating system data retrieval • Documenting a history of internal network access & Internet activity (websites, postings, texting & chat) • Transfer of files to storage devices • Malware identification • Keyword searches of entire disks GAIN CONTROL
25
WHY USE TRAINED FORENSIC ANALYSTS? • IT staff can unknowingly change critical information on the disk
• Seemingly “damaged” electronic data can be restored with the right tools
• Evidence found can make a BIG difference in the outcome – If it’s captured and documented properly
GAIN CONTROL
26
BEFORE AN INVESTIGATION
• We review Privacy & Acceptable Use Policies from the entities involved
• Before seizing, duplicating or analyzing a storage device, we require specific authority for doing so, including what may or may not be permissible to examine
GAIN CONTROL
27
BEFORE AN INVESTIGATION
• Identify what sector-specific handling of regulatory data (i.e., HIPPA, GLBA, PCI, FERPA, SOX, etc.) may be required
• Structure of notification and reporting process, including attorney/client privilege
GAIN CONTROL
28
THE RIGHT KNOWLEDGE We use: • Software that is “commonly accepted” by the courts for Digital Forensics • Hardware (such as write-blockers) that is approved by government testing (NIST) to ensure no changes are made to the primary object (hard disk, USB, PDA, etc.) at the time of acquisition or during analysis • A standard Chain of Custody process for Electronically Stored Information (ESI) • An Evidence Preservation process - Secure storage of physical media GAIN CONTROL
29
QUESTIONS? Todd J. Desjardins, CPA, CFE Senior Manager
[email protected] 207.541.2381
berrydunn.com
GAIN CONTROL
30
