Training Planning complex

Fraud examination
Fakultas Ekonomi Universitas Indonesia

The warning signals

Page 2

Presentation title

The Warning Signals Fraud Red

Flags
Behavioral and system based clues and unusual aspects of documents
and business processes that may be picked up by managers,
colleagues, internal auditors or subordinates which put them on notice
that the employee concerned may be engaging in some form of
fraudulent or improper conduct.

Page 3

Profile of a Fraudster

Page 4

Male (usually)
Intelligent
Inquisitive
A risk taker
A rule breaker
A hard worker
Greedy
A big spender

Fraud Red Flags General

Unusual behavior

Employee expense accounts

Complaints

Inventory shortages

Sale items in reconciliation

Increased scrap items

Increasing reconciling items

Large payments to individuals

General ledgers out-of-balance

Large/no write-off of accounts receivable

Excessive voids

Post office boxes as shipping address

Excessive credit memos

Missing documents

Inadequate segregation of duties / lack of

delegation

Common names and/or addresses for

suppliers

Total reliance on one person to deal with

queries

Adjustments to receivables and payables

Paying premium prices

Excess purchases

Conflicts of interest

Duplicate payments

Confusion about ethics

Ghost employees

Missing or non-standard documentation

Employees overtime

Poor vetting practice for job applicants

Page 5

Fraud Red Flags Management

Management override controls

Failure to accept responsibility

Overbearing management style

Non-standard benefits

Close working relationships

Unusual access/authority

Page 6

Fraud Red Flags Employee

Lifestyle does not fit income

Has access to money or assets

Problems at home

Drug/gambling problems

Heavy debt

Takes little or no vacation

Works at odd hours/overtime

Real or imagined grievances

Has problems dealing with pressure

Low morale

Page 7

Fraud Red Flags Procurement

Frequent social contact with suppliers and contractors

Deviation from standard contracting processes

Experienced bidders excluded on technicalities

Non-transparent procedures and decision making during the bidding

process

Undeclared conflict of interest or relationship with contractor

Contract scope altered after contract awarded (e.g. excessive

variations)

Lack, or low level, of oversight of physical contract works

Incomplete or missing project or contract records

Cost overruns inadequately explained or justified

Lacking or inadequate relevant internal controls in place

Lack of action arising from complaints or even queries

Page 8

Fraud Red Flags Accounts Payable

Recurring identical amounts or anomalous amounts paid to the same

vendor

Systematic pattern of adjustment (e.g. credit) to accounts payable for

goods returned

Payments made to vendor on copies of invoices, not originals

High volume of manually processed disbursement cheques

Unrestricted access to blank cheques, signature templates etc

Vendor invoices received by department other than accounts

payable (or outside usual process)

Lack of documentation accompanying invoices for payment

Insufficient supervisory review of accounts payable activity

Page 9

Fraud Red Flags Cash/Finance Function

Last-minute adjustments.

Unnecessary employees' access to cash, check books.

Large or unlimited authority limit for check signatory by middle

management.

Single check signatory.

Lack of segregation of duties.

Missing transaction supporting documents.

Documents that appear to have been altered.

Unavailability of other than photocopied or electronically transmitted

documents.

Significant unexplained items on bank/cash reconciliations.

Consistent shortages in cash on hand.

Insufficient supervisory review of cashier's daily activity.

Consistent late in preparing cash/bank reconciliations and reports.

Page 10

Fraud Red Flags Cash/Finance Function

Consistent late in preparing cash/bank reconciliations and reports.

Large payment made in cash.

Payment using check instead of giro or bank transfer.

Use of companys abbreviation on the check or cash as beneficiary.

Uncrossed check

Beneficiary name and account number are not written on giro.

Missing or non-existent cancelled checks.

Close relationship with bank marketing officers.

Page 11

Laws, Regulations and Standards

Page 12

Presentation title

Relevant Laws and Regulations

Among others:
KUHP criminal code

UU No. 31 tahun 1999 dan UU No. 20 Tahun 2001 tentang Tindak

Pidana Korupsi

UU No. 15 Tahun 2002 dan UU No. 25 Tahun 2003 tentang Tindak

Pidana Pencucian Uang

Peraturan Pusat Pelaporan dan Analisis Transaksi Keuangan (PPATK)

UU No. 15 Tahun 2004 tentang Pemeriksaan Pengelolaan dan

Tanggung Jawab Keuangan Negara UU BPK

Page 13

Professional Standards SPAP

SA Seksi 110 Tanggung Jawab dan Fungsi Auditor Independen (PSA
No. 01)
Menggambarkan kecurangan dan karakteristiknya.

Mewajibkan auditor secara khusus menaksir risiko salah saji

sebagai akibat kecurangan dan menyediakan golongan faktor risiko
kecurangan.

Memberikan panduan tentang evaluasi terhadap hasil pengujian

audit dalam kaitannya dengan risiko salah saji material sebagai
akibat dari kecurangan.

Memberikan panduan tentang komunikasi mengenai kecurangan

yang perlu dilakukan oleh auditor kepada manajemen, komite audit,
dan pihak lain.

Page 14

Professional Standards SPAP

SA Seksi 316 Pertimbangan atas Kecurangan dalam Audit Laporan Keuangan
(PSA No. 70)
Seksi ini berfokus ke pertimbangan auditor atas kecurangan dalam audit
terhadap laporan keuangan, manajemen bertanggung jawab untuk mencegah
dan mendeteksi kecurangan.
SA Seksi 317 Unsur Tindakan Pelanggaran Hukum oleh Klien (PSA No. 31)
paragraf 2:
Unsur tindakan melanggar hukum oleh klien adalah unsur tindakan pelanggaran
yang dapat dihubungkan dengan entitas yang laporan keuangannya diaudit, atau
tindakan manajemen atau karyawan yang bertindak atas nama entitas.

Page 15

Bapepam Capital Market Law

Law No. 8/1996 Capital Market, Article 68
Accountants that are registered with BAPEPAM and that audit financial reports
of Issuers, Securities Exchanges, Clearing Guarantee Institutions, Central
Securities Depository and other Persons engaged in Capital Market activities,
must report in confidence to BAPEPAM within three working days of discovering
the following:
a) any violation of this Law and or its implementing regulations; or
b) any matter that may jeopardize the financial condition of the
institution, or the interests of its clients

Page 16

Bapepam Capital Market Law

Law No. 8/1996 Capital Market, Chapter XI, Articles 90 98:
Fraud, Market Manipulation and Insider Trading
Any violation will be considered as Criminal Act, penalties include up to Rp15
billion fine and up to 10 years imprisonment

Page 17

Three lines of defence

Page 18

Presentation title

Three Lines of Defense

First Line - Code of conduct and business ethics policies

and procedures
Second Line - Internal controls and management control
structure
Third Line - Internal audit activities

Page 19

The First Line of Defense

Ethics Policies and Procedures

Changing the culture - promoting better practices

Based on an assessment of the possible risks facing the company, a clear

and simple written Code of Conduct and Business Ethics policy should be
in place.

Page 20

The First Line of Defense

Ethics Policies and Procedures
An Effective Code of Conduct

Includes deterrence

Includes detection

Is values based, not rule based

Has a positive tone, promoting a better workplace

Requires a fair employer/employee balance

Is a living framework that is promoted by example

Demonstrated top-down commitment (setting the tone at the top)

Commitment by all employees at all levels

Subject to monitoring and regular review

Page 21

Second Line of Defense

Internal Controls
Reducing opportunity, enhancing accountability

Effective internal controls provide both prevention and detection

elements

Recruitment probity - positions of trust

Segregation of duties

Formal polices and procedures

Policy compliance reviews

An effective internal reporting mechanism

Page 22

Second Line of Defense

Internal Controls
An effective internal controls and management organization structure
provide both prevention and detection elements, but not significant
deterrence!

Page 23

Third Line of Defense

Internal Audit
Enhancing detection and deterrence

Internal Audit represents a detection line of defense in most companies

Operational and internal control reviews

Analytical procedures used to isolate anomalies

Detail reviews of high control and inherent risk accounts and transactions

Internal Audit does not always represent a deterrence element

because of predictability issues

Page 24

Third Line of Defense

Internal Audit

Based on a risk assessment of fraud and illegal

acts, internal audit evaluates the 1st and 2nd
line of defense mitigators

Key mitigators should be thoroughly tested

Page 25

Thank you!