Ashley Davis CRJS270-1103A-05 Security and Loss Prevention IP5 8/18/2011 Abstract This paper is about the benefits of a comprehensive control program . It will also talk about what would be the benefits from a control program. It will also talk about what procedures should be taken into consideration for the controls, including independent checks, and a system for the documents and records. It will go into talking about a fraud hotline program to help detect fraud and also preventing fraud. Fraud Prevention
Management is aware of the increased requirements for a public company to maintain a system of internal control to help prevent and detect fraud. The CEO, Mary Moore, is also interested in using a proactive posture toward building an antifraud prevention program, including exploring using a proactive auditing approach to fraud discovery. The internal auditor and the external fraud investigator as well as accounting and consulting firms have discussed proactive approaches for detecting fraud. Before you can really figure out what the benefits of a comprehensive control program is.
You have to know what a comprehensive control program is. A comprehensive control program is fraud education: teaching employees about the risk of fraud, Fraud Investigation: investigation instances of fraud, and Fraud Prevention: evaluating, designing, and implementing controls that proactively prevent fraud. Now that we know what comprehensive control program is we can go into detail what the benefits are for each one. Fraud education is very beneficial to the company because without knowledge of something how would you be able to understand and to detect what fraud is and how it is committed. Sullivan, 2005) “There are many ways you can educate your employees about fraud and what the risk are. Fraud policies should be given to new employees. New employees should sign a statement confirming that they received the fraud policy document and that they read and understood the policies. Signed statements give organizations stronger grounds for discharging dishonest employees by protection against wrongful termination suits by showing that an employee had agreed not to take part in the fraudulent behavior.
Fraud policies should be reviewed by all employees on an annual basis as part of your jurisdictions ongoing antifraud education program. ” Fraud Investigation is also a key asset to help your company. Knowing what to look for in a fraudulent case or someone trying to commit fraud you will know what to look for. (PInow 2011), “Most fraud investigations begin with a meeting between the investigator and the client. The person launching the investigation explains to their investigators why they suspect fraud has taken place and hand over any evidence they have to the investigator.
A good fraud investigator will use this initial information to find more evidence and more facts. A fraud investigator may use surveillance, asset searches, background checks, employee investigations, business investigations, and other types of methods to get to the bottom of a case. In most cases, fraud investigations are investigations of white collar crime, which involves surveillance and careful consideration of complicated financial records. ”
The best benefit of the comprehensive fraud prevention components program is the fraud prevention. If you know how to prevent fraud then you have a better chance of prevent you or your company from fraud. The final key component encompasses the reactive measures an organization has in place to address fraud that is found. These include how the investigation will be carried out and by whom, who should be notified, the disciplinary action that will be taken, and, if feasible, how funds will be recovered.
Strengthening controls to mitigate the risk of re-occurrence is another reactive measure. (Phillipps,2011)“By following some key principles, company directors and management can put in place a program to prevent and detect fraud that will provide the necessary assurance come audit time. Executive buy-in – Strong support and direction from the executive team is essential, risk assessment – conduct an organization-wide assessment to determine high risk fraud areas, planning – put a fraud control plan into place to prevent nd detect fraud, communication – ensure entire organization is aware of responsibility to prevent and detect fraud, education – educate staff on how to prevent and detect fraud, reporting – make it easy for employees to report suspected fraud, confidentiality – guarantee the confidentiality of employees who report fraud, code of conduct – develop a code of conduct for honest and ethical behavior, investigate – call in the experts to investigate fraud, and zero tolerance – let employees, shareholders, suppliers, contractors and customers know that fraud will not be tolerated. The procedures that we should be considered for detective controls, including independent checks and a system for documents and records (Lister 2007),” by strength of the current controls in place and whether they are preventive controls (e. g. , surprise audits, external audit visibility, or personnel profiling) or detective controls (e. g. , audit trails, electronic sniffers, or whistleblower hotlines) are taken into consideration. Can the current controls be overridden or circumvented?
Future audit programs should include tests on the design and implementation of these controls. If an event has been identified as inconsequential, internal auditors may decide to take no action; even so, at least it would be documented, and management would be aware of its existence. ” I think another great idea would be is to have a fraud hotline system as part of our program. Fraud hotlines can and would save the company a lot of money. Having a fraud hotline provides an avenue for individuals to report fraud, waste, and abuse within our company.
The best way a hotline can be implemented as a tool for preventing and detecting fraud is by Awareness of the fraud hotline by employees, customers, contractors, service providers, suppliers and other third parties is an important component in ensuring a hotline’s effectiveness. Confidentiality of tips reported on fraud hotlines must be guaranteed to ensure that those reporting suspected wrongdoing can do so without fear of retribution or reprisal.
Here is an overview of the steps that we would take for a successful implementation if the corporation wanted the fraud hotline as an option to prevent fraud against the company. (FDIC, 2005) “Guidance on Implementing a Fraud Hotline, The Federal Deposit Insurance Corporation (FDIC) encourages financial institutions to consider implementing a fraud hotline to assist in their enterprise risk management, corporate governance and fraud protection efforts. The FDIC has established the following guidelines for institution management to consider when implementing a fraud hotline to ensure its overall effectiveness.
Awareness For maximum effectiveness of the fraud hotline, institutions should advertise and market the hotline’s existence to employees, suppliers, third-party service providers and customers. Suggested channels are bank newsletters, memoranda, written policy, and internal and external bank web sites define reportable events to minimize inappropriate calls or complaints to the hotline that do not involve wrongdoing, institutions should communicate the hotline’s purpose. Institutions should also define guidelines about what types of improprieties are reportable events.
Risk-awareness training about situations and suspicions that merit reporting will help to create a corporate culture that supports this type of confidential reporting mechanism. Operations Institutions should analyze the cost/benefit of operating a fraud hotline internally or contracting with a third party. Banks should recognize that they may initially incur start-up costs; however, once the hotline has been established, the savings in loss prevention should outweigh the cost. Factors to consider are budget, staffing and the expected volume of calls to the hotline.
Some of the communication channels for operating a fraud hotline include a toll-free telephone line, a secure e-mail address, a designated mailing address or a combination of methods. Planned hours of operation should be extensive to ensure availability. Hotlines should be operated by experienced interviewers who can ask pertinent follow-up questions to determine whether an investigation should be initiated. Independence Regardless of whether the hotline operates internally or by a third party, operations should be independent from bank management.
The more independently the hotline is administered, the more confidence the complainants will have in reporting misconduct. Privacy Institutions should consult with legal counsel on privacy/whistleblower protections to ensure the source of the information remains confidential. Avoid implementing features such as caller ID or call-back functions that could intimidate callers. Confidentiality should be assured to avoid callers fearing possible reprisals. Tracking Institutions hould assign a secure tracking system to the complaints, the follow-up, the investigation, the disposition, and the final closure of the compliant. Regular status updates on each complaint should be reviewed with internal audit and personnel in charge of fraud prevention. Investigations and reporting decisions to investigate should be made on a case-by-case basis. Investigations and their conclusions should be included in reports to the audit committee. Once a fraud scheme is identified, management should develop internal control procedures to avoid future incidents. References: FDIC, Initials. (2005, August 16). Financial institution letters. Retrieved from http://www. fdic. gov/news/news/financial/2005/fil8005a. html Lister, L. (2007). A Practical Approach to Fraud Risk: Comprehensive Risk Assessments can Enable Auditors to Focus Antifraud Efforts on Areas where their Organization is most Vulnerable. Retrieved August 19, 2011 from http://www. allbusiness. com/legal/legal-services-litigation/8958091-1. html Phillipps, T. (2011). Framanagement wake-up call: fraud prevention no longer discretionary.
Retrieved from http://www. deloitte. com/view/en_AU/au/services/forensic/ea0e33d0303fb110VgnVCM100000ba42f00aRCRD. htm PI, now. com. (2011). Fraud investigation. Retrieved from http://www. pinow. com/investigations/fraud-investigations Sullivan, G. Office of the Inspector General, Guide to Developing and Implementing Fraud Prevention Program. (2005). guide to developing and implementing fraud prevention program (. CR-1094-21-30-4/05-IGO). Massachusetts: Retrieved from http://www. mass. gov/ig/publ/fraudadv. pdf