Beruflich Dokumente
Kultur Dokumente
Systems Analysis
The first step in effectively using the Model is an analysis of the Organizations
System of Internal Controls, Policies and Procedures over the procurement and
disbursement functions. Similar to a thorough review of internal controls performed by
auditors, the analysis focuses on opportunities for compromise by the fraudster.
Understanding the existing systems enhances the other elements of the model such as
employee training and data mining.
Systems and accounting manuals and other supporting documentation are read
initially. Accounts payable and procurement systems are then flowcharted to understand
the process and flow of documents (both written and electronic) from initiation to final
disposition. These flowcharts are reviewed using a fraud risk questionnaire designed to
identify opportunities of exploitation by the fraudster. Often, detailed flowcharts have
already been prepared by the organization and/or its auditors and may be used or
supplement the Model.
Unfortunately, many systems do not function as portrayed.
Therefore, it is
necessary to perform tests of the system to insure compliance with the understanding
obtained during the flowcharting process. Differences in the test results and the system
2002 Craig L. Greene, CFE, CPA Confidential and Proprietary Information
Ethics/Fraud Policy
An Ethics Policy or Code of Conduct articulates the core values of an
Organization.
acceptable and what is not. Unfortunately many Policies are often very general, lacking
in specifics, and do not properly address all the issues that may arise within an
Organization. The Model recommends that the Policy be reviewed for such problems
2002 Craig L. Greene, CFE, CPA Confidential and Proprietary Information
Without specific
guidance, managers often confront a suspected fraudster and may jeopardize the
investigation and/or prosecution. The Model recommends a Policy that should be
implemented.
Employee Notices
Employees must be put on notice that they have an obligation to report to the
Organizations Compliance Officer when they observe red flags of fraud or are
approached by unscrupulous vendors or other employees.
questions that may arise by the employee and reinforce the Organizations No
Tolerance attitude.
Annual Conflicts of Interests Disclosures is a form of confirmation by the
employee.
Organizations Ethics Policy, has complied with it, and is unaware of any violations with
it, except as disclosed.
form, if a follow-up system is not in place. Therefore, data mining or other follow-ups of
these disclosures may lead to ongoing fraud schemes.
Vendor Notices
Organization vendors need to be placed on notice of the Organizations Ethics
Policy, as well. One effective method in reducing the likelihood of fictitious vendors and
conflicts of interest is performing thorough due diligence of the vendor. The Model
requires the use of a vendor application process that discloses ownership, financial
condition and references.
Use of a Right to Audit Provision helps to ensure the integrity of the
procurement system. Vendor Audits are an integral part of the Model, therefore it
The
Organization may want to use this letter also as a positive confirmation and follow-up on
those letters that are not returned.
Data Mining
The Fraudster in the commission of his crime often uses computers.
The
techniques:
disbursements of the Organizations cash and provides the Fraudster with plenty of
opportunities. Data Mining techniques can be used to detect various fraud schemes.
Many of the tests are designed to locate fictitious companies such as address comparisons
to employees, Postal Box and Mail Drop addresses. Examinations of existing audit logs
for address changes may reveal other schemes. Another benefit of finding duplicate
addresses is it provides a method for cleaning up the file of duplicate vendor entries.
Vendor Research
Prior to performing the vendor audit, intelligence needs to be gathered as to the
Vendors business, organization and principals. The Model recommends that searches be
Onsite Examination
The onsite examination focuses on the credibility of the Vendor. A combination
of interviewing and document examination techniques often leads to a confession if
wrongdoing is involved.
procedures to be performed.