Anti-Fraud Risk and Control Workbook

PETER D. GOLDMANN is founder and President of White-Collar Crime 101 LLC, the parent company of FraudAware and publisher of the monthly newsletter, White-Collar Crime Fighter. He has been the Publisher and Editor of White-Collar Crime Fighter for over twelve years and is recognized as a leading expert in the areas of fraud detection, prevention, investigation, and training. He has written numerous articles on practical approaches to fraud prevention and detection.

Preface vii

A Short History of Fraud viii

About This Book x

About White-Collar Crime 101 LLC xi

Acknowledgments xiii

Chapter 1 Why No Organization Is Immune to Fraud 1

What Is Fraud? 2

Myths and Realities about Fraud

Myth #1: Ethics and Compliance Training “Has Us Covered” 3

Myth #2: Our Finance Staff Are Qualified to Protect us Against Fraud 4

Myth #3: We Have Very Little Fraud Here 4

Myth #4: Fraud Is a Necessary Cost of Doing Business 5

Myth #5: Implementing Controls and Training Is Costly 6

The Urgency of Detecting and Preventing Fraud 6

Tone at the Top 7

Review Points 8

Chapter Quiz 9

Chapter 2 The Human Element of Fraud 11

Who Commits Internal Fraud? 12

The Fraud Personality: Soft Indicators 12

The Fraud Personality: Hard Indicators 14

Why People Steal 14

The Fraud Triangle 15

Case Study #1: Pain, Pills, and Petty Cash 16

Other Fraud Triangle Factors 18

A Triangle or a Diamond? 18

The Trust Factor 19

Case Study #2: The Trusted Thief 19

People: The Key to Detection and Prevention 20

Case Study #3: Demise by Personal Debt 21

Review Points 21

Chapter Quiz 22

Chapter 3 Internal Fraud: Employee Level 25

How Big a Problem Is Internal Fraud? 25

Overview of Employee-Level Fraud 26

Embezzlement 26

Accounts Payable (AP) Fraud 27

Case Study #4: Shell Game in the Big Apple 28

Case Study #5: Health Care Fraud 31

Accounts Receivable Fraud 32

Case Study #6: Robbing Peter to Pay Paul 33

Kickback Schemes 33

Inventory/Supply Schemes 33

Case Study #7: Kickbacks Fly When Controls Are Weak 34

Check Fraud and Tampering 35

Travel and Entertainment (T&E) Fraud 39

Payroll Schemes 41

Case Study #8: Wining and Dining on Customer Dollars 41

Theft of Confidential Information 42

Case Study #9: The New Employee 42

Case Study #10: Information Is as Good as Gold 43

Insider Abuse of Computer Systems 44

Case Study #11: But She Was Such a Nice Lady! 44

Red Flags of Employee-Level Fraud 45

Preventing Employee-Level Fraud 49

Accounts Payable Fraud-Prevention Checklist 50

Specific Employee-Level AP Fraud Controls Checklist 51

P-Card Fraud-Prevention Checklist 53

Accounts Receivable Fraud-Prevention Checklist 55

Kickback Scheme Prevention Checklist 55

Inventory Theft and Fraud-Prevention Checklist 56

Check Fraud-Prevention Checklist 56

ACH Fraud-Prevention Checklist 57

T&E Fraud-Prevention Checklist 57

Payroll Fraud-Prevention Checklist 58

Confidential Information Theft Prevention Checklist 58

Review Points 59

Chapter Quiz 61

Chapter 4 Internal Fraud: Management Level 67

T&E Fraud and Abuse 67

Bribery 70

The Greatest Corruption Story of All Time 72

Conflicts of Interest 73

Case Study #12: Brenda Belton’s Conflict of Interest Scheme 74

Misuse of Organization-Owned Assets 74

Fraudulent Financial Reporting 75

Case Study #13: The Great Buca Restaurant Fraud 77

Red Flags of Management-Level Fraud 78

Preventing Management-Level Fraud 81

Anti-Embezzlement Controls 82

Bribery and Kickback Schemes 84

Abuse of Organization-Owned Assets 84

Conflicts of Interest 84

Financial Statement Fraud 85

Review Points 89

Chapter Quiz 89

Chapter 5 External Fraud: Protecting Against Dishonest Outsiders 93

Types of External Fraud 93

Vendor and Billing Fraud 93

Social Engineering and Pretexting 95

Case Study #14: The Phoner Toner Scam 97

Bank Employee Collusion with Outsiders 97

Case Study #15: The Frito Fraud 98

Customer-Perpetrated Fraud 98

Theft of Confidential Information 99

The “SCAM” Model 100

Red Flags of External Fraud 101

Preventing External Fraud 103

Review Points 105

Chapter Quiz 106

Chapter 6 Conducting a Successful Fraud Risk Assessment 109

Procedures for Conducting a Fraud Risk Assessment 111

Step 1: Create an FRA Team 111

Step 2: Identify the Organization’s Universe of Potential Risks 111

Step 3: Analyze the Likelihood of Each Scheme or Scenario Occurring 113

Step 4: Assess the Materiality of Risk 113

Step 5: Assess Risks within the Context of Existing Anti-Fraud Controls 113

The Roles of the Board and Management in Fraud Risk Assessments 114

Review Points 115

Chapter Quiz 116

Chapter 7 Basic Fraud Detection Tools and Techniques 119

Basic Fraud Detection 120

Case Study #16: I’m the Boss, and I Can Use Any Vendors I Want 125

Review Points 126

Chapter Quiz 127

Chapter 8 Advanced Fraud Detection Tools and Techniques 129

Internal Audit and the Audit Plan 129

Essentials of Fraud Auditing 131

Auditing for Fraud in Accounts Payable 132

Auditing for Payroll Fraud 133

Essentials of Automated Auditing 135

Review Points 136

Chapter Quiz 137

Appendix A Answers to Chapter Quizzes 139

Appendix B Answer Key for Case Studies 143

Appendix C An Introduction to Cyber Fraud 149

Resources 163

Notes 165

Glossary 171

About the Author 175

Index 177