Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in our knowledge base article
Do you really want to delete this prezi?
Neither you, nor the coeditors you shared it with will be able to recover it again.
Make your likes visible on Facebook?
You can change this under Settings & Account at any time.
Aspects of Fraud
Transcript of Aspects of Fraud
Out-dated and ineffective internal controls
Growing complexity of organisations
Speed /means of communication
Lack of proper due diligence
The key to preventing fraud is first to understand that fraud exists and then to limit its potential to harm. When a fraud risk is identified one can:
Stop doing action giving rise to risk
Insure against that risk
Accept the risk if likelihood and impact are low
Control the risk
What is Fraud?
What contributes to Fraud?
Aspects of Fraud
Fraud Act 2006 (UK):
Fraud by false representation
Fraud by failing to disclose information
Fraud by abuse of position
It is not inevitable and does not have to happen
Like any other risk it can be identified, managed and minimised
There should be a two pronged effect to fighting fraud:
Minimising the risk of opportunity arising
Persuading the potential fraudster that he/she will be caught and held accountable
Human nature dictates that fraud will always be an issue for entities, and as long as there is fraud, there will be financial and reputational impact
Fraud risk profile
Internal controls proportionate to risk
Internal audit function
‘willingness to commit fraud is inversely proportional to the perceived risk of being caught’
Managing the Business Risk of Fraud
Five key principles:
A fraud risk management programme (part of governance structure
Periodic assessments of fraud risk exposure
Prevention techniques to avoid potential key risk events
Detection techniques to uncover fraud
A reporting process to investigation and corrective action
Online fraud cost UK businesses an average of £400,000 last year, a report reveals.
The 2011 edition of the UK Online Fraud Report, commissioned by CyberSource, shows that merchants expect to lose 1.8% of online revenues to payment fraud. However, in the US, for example fraud losses ARE decreasing.
Researchers found that 57% of respondents believe online fraud is one of the greatest threats to their businesses. In 2007, just 6% of merchants ranked it as a serious threat – over the past two years this figure has jumped to over half of
The act of sending an email to a user
falsely claiming to be an established
legitimate enterprise in an attempt to
scam the user into surrendering
private information that will be used for
Be suspicious of any email requesting your personal or
financial info. Be aware that email can be forged.
Watch out for urgent, upsetting or exciting (but false)
statements in your emails to get you to react quickly.
Don’t click on images or links in email to get to any
website, instead, type the URL directly in your browser.
Avoid filling out forms in email messages.
Use spam filters to keep phishing emails out of your inbox.
Call the company to verify the email if you are unsure.
Always look for the https:// and the “lock” before
submitting credit card or other sensitive info. If there is
a security certificate “error message,” think twice about
How to Avoid Being Phished
Contact the genuine company or organization and
report the incident immediately.
Close any fraudulent accessed or opened accounts.
Change the passwords on all of your online
accounts, starting with any that are related to
File a report with your local police department and
place a fraud alert on your credit reports.
Scrutinize your monthly statements and monitor
your accounts. Review your credit reports annually.
If you merely visited a phishing site, you should
scan your computer for any viruses, keystroke
loggers, and other spyware
I've been phished, what do I do?
Credit Card Fraud & Chargebacks
Credit card fraud is a wide-ranging term for theft and fraud committed using a credit card or any similar payment mechanism as a fraudulent source of funds in a transaction. The purpose may be to obtain goods without paying, or to obtain unauthorized funds from an account. Credit card fraud is also an adjunct to identity theft.
Chargeback typically refers to the return of funds to a consumer, forcibly initiated by the issuing bank of the instrument used by a consumer to settle a debt. Specifically, it is the reversal of a prior outbound transfer of funds from a consumer's bank account, line of credit, or credit card.
How easy is it for Fraudsters?
Swiping from ATMS or POS Machines
Sale of Data on the Internet
Internal Auditors Should...
Payment fraud is any fraud that involves falsely creating or diverting payments.
Payment fraud can include:
creating bogus customer records and bank accounts so that false payments can be generated
intercepting and altering payee details and amounts on cheques and Payable Orders, then attempting to cash them
creating false payment and financial information to support fraudulent claims for benefits
processing false claims by accomplices for benefits, grants or repayments
self authorising payments to oneself.
Procurement fraud is any fraud relating to a company purchasing goods, services or commissioning construction projects from third parties.
Fraud can happen when the tender process has not been followed so that fraud can be committed, or when there is bid rigging. It can also happen when there are payment claims for goods or services that were not delivered or were inferior to what was specified in the order.
Personnel management fraud
Personnel management fraud can include a number of different scenarios in the workplace.
Examples of personnel management fraud include:
staff on sick leave but working elsewhere
abuses of flexible working time systems
misuse of official time, eg abusing a company’s computer misuse policy
deceit or misrepresentation for the employee’s advantage, eg false references or false qualifications used to secure employment.
Receipt fraud is often fraud committed by a company’s employees.
It could happen when incoming cash or cheques are stolen, or when the records of the amounts owed by customers are adjusted in return for cash rewards or other incentives.
Management should be responsible for the system of internal controls, including the ability to prevent and, as necessary, detect potential theft and fraud. Internal audit should only take on any part of this management responsibility with the prior and formal approval of the audit committee. In such cases, the responsibility of internal audit should be limited (in my opinion) to a secondary role in detection while management remains responsible for the primary detection role and fully responsible for prevention.
It is important, when assessing fraud risk, to consider not only the immediate size of any loss of assets but also such factors as:
The potential for a theft or fraud to impact customers, such as when finished goods inventory meant for customers is stolen, or when raw materials necessary for manufacturing are taken
The potential for the fraud or theft to impact financial reporting
Whether undetected fraud or theft is likely to grow from small beginnings into something of significant impact to the business
The potential impact on employee morale and the culture of the organization
Internal audit can also contribute their expert knowledge by helping management with a fraud risk analysis