In order to identify fraud-related risks, one must understand the universe of fraud risks as well as understanding the organization's risk areas. This may involve understanding the organization’s business processes and gathering information about potential fraud from internal sources by interviewing personnel and brainstorming with them, reviewing complaints from the whistleblower hotline, and performing analytical procedures. As well as utilizing external sources such as industry news, and organizations such as the IIA, AICPA, ACFE, and CICA.
According to the Association of Certified Fraud Examiners (ACFE), there are three main categories of fraud that affect organizations.
1. Misappropriation of Assets: This involves the theft or misuse of an organization’s assets such as theft of plant, inventory or cash, false invoicing, accounts receivable fraud, and payroll fraud. Common examples of Misappropriation of Assets include:
Employees create false payment instructions with forged signatures and submit them for processing
Recording of false credits, rebates, or refunds to customers
Using fictitious suppliers or shell companies for false billing
Writing false credit notes to customers with details of an employee’s personal bank account
Theft or abuse of proprietary or confidential information (customer information, intellectual property, pricing schedules, business plans, etc.)
Unauthorized private use of company property
Falsifying documents to obtain authorization for payment
Forging signatures on payment authorizations
Improper changes to supplier payment terms or other supplier details
Sending fictitious or duplicate invoices to suppliers
Improper use of company credit cards
Fictitious (or ghost) employees on payroll
Falsifying work hours to achieve fraudulent overtime payments.
2. Fraudulent Statement: This involves falsification of financial statements to obtain some form of improper benefit or falsifying documents such as employee credentials. Common examples of Misappropriation of Assets include:
Recording fictitious sales and shipping
Incorrect classification of revenues
Inappropriate estimates for returns, price adjustments and other concessions
Fraudulent or improper capitalization of inventory
Misstatement of prepayments and accruals
Understating loans and payables
Improper treatment of inter-company accounts
Manipulation of assumptions used for determining fair value of share-based payments
Improper or inadequate disclosures
Journal entry fraud (using accounting journal entries to fraudulently adjust financial statements)
Concealment of losses
3. Corruption: This involves activities such as the use of bribes or acceptance of ‘kickbacks’, improper use of confidential information, conflicts of interest and collusive tendering. Common examples of Misappropriation of Assets include:
Kickbacks to employees by a supplier in return for the supplier receiving favourable treatment
Favouring a supplier in which the employee has a financial interest
Employee setting up their own consultancy for personal gain which conflicts with the company’s interests)
Insider trading
Payment of agency/facilitation fees (or bribes) to secure a contract
Payments to government officials to obtain a benefit (e.g., Customs and tax officials)
Anti-trust activities such as price-fixing or bid-rigging
Money Laundering:
Money laundering is the disguising of the existence, nature, source, ownership, location and disposition of property derived from criminal activity.
Money Laundering involves three stages:
Placement
Layering
Integration
Placement
Placement of funds into a financial institution is the initial step in the process. In case of a large amount, the launderer will break up the money into smaller amounts and deposit it into a bank account or purchase cashier’s checks or money orders. The process of breaking the transactions up into smaller amounts is known as smurfing, this operation might involve hundreds of bank account in dozens of cities.
Layering
If the placement of the initial funds goes undetected, financial transactions can be designed in complex patterns to prevent detection. Once the funds have been deposited into a financial institution, a launderer can move the funds around by using layers of financial transactions designed to confuse the audit trail.
Integration
The final stage in the laundering process is the integration of the asset back into the economy in such a way as to make it appear as if it were a legitimate business transaction. A money-laundering scheme cannot be successful until the paper trail is eliminated or made so complex that individual steps cannot be easily traced.
Businesses that deal in large amounts of cash sales have always been popular for money laundering such as restaurants. The activities required to run this type of business are diverse and difficult to measure, thereby allowing for easy inflation of expenses. The legitimate business offers the criminal the appearance of a legitimate source of employment and income. This business provides a “base of operations” from which several other criminal activities can be conducted.