• leverages the experience of internal and external auditors regarding;- events or conditions that indicate incentives/pressures to perpetrate <strong>fraud</strong>, opportunities to carry outthe <strong>fraud</strong>, or attitudes/rationalizations to justify a <strong>fraud</strong>ulent action.- how and where they believe the entity’s financial statements might be susceptible to materialmisstatement due to <strong>fraud</strong>.- inquires of management and others within the entity about the risks of <strong>fraud</strong>.- analytical procedures to identify unusual transactions or events, and amounts, ratios, and trends thatmight indicate matters that have financial statement implications.• oversees the internal controls over financial reporting established by management.• assesses the risk of financial <strong>fraud</strong> by management.• ensures controls are in place to prevent, deter, and detect <strong>fraud</strong> by management.• empowers the audit committee and external auditors to look for and report <strong>fraud</strong> of all sizes and types.O2.4 Assess Oversight Personnel & Team Performance to include the effective exercise of oversight for the entity’s<strong>fraud</strong> risk management program.O3-Strategic PersonnelO3.1 Define Strategic Structure & Responsibilities using a job description that specifies the role with responsibilityfor, sufficient resources and authority to design and implement a <strong>fraud</strong> risk management program including thesetting of policy, establishing of controls, training, implementing anti-<strong>fraud</strong> initiatives, processes for reporting andinvestigating alleged violations, and reporting to the board on the progress of program toward objectives, the statusof investigations, activities in relation to detecting and mitigating incidents of <strong>fraud</strong>ulent or corr<strong>up</strong>t behavior andany remedial steps for program improvement.O3.2 Screen & Select Strategic Personnel to confirm that the individual vested with responsibility for the program iswell-qualified and an appropriate model (as determined, in part, by a background <strong>check</strong>).O3.3 Enhance Strategic Skills & Competencies in program management techniques like vision, mission andvalues development, risk assessment, program effectiveness and performance evaluations, control development,investigations management, as well as a thorough understanding of the organization’s <strong>fraud</strong> risks and process levelcontrols.O3.4 Assess Strategic Personnel & Team Performance compared to <strong>fraud</strong> risk management program performancetargets and individual performance targets.O4-Operational PersonnelO4.1 Define Operational Structure & Responsibilities that address the <strong>fraud</strong> risk management responsibilities ofall levels of operational personnel, including participate in the process of creating a strong control environment,designing and implementing control activities, and participate in monitoring activities, reporting incidences of<strong>fraud</strong> and corr<strong>up</strong>tion, paying particular attention to the unique roles of internal audit, compliance, ethics, and legalprogram implementation and investigation roles.O4.2 Screen & Select Operational Personnel to confirm that the individuals vested with responsibility for variousaspects of the <strong>fraud</strong> risk management program are not compromised in their effectiveness or unduly pose greaterrisk to the organization by virtue of past violations of ethical standards and/or unlawful behavior.71
O4.3 Enhance Operational Skills & Competencies through training and understanding of:• their role within the internal control framework and in <strong>fraud</strong> <strong>prevention</strong> and detection, including red flags• the Code of Conduct, <strong>fraud</strong> risk program components including and policies.• policies and procedures, including <strong>fraud</strong> policy, code of conduct, <strong>fraud</strong> risk <strong>prevention</strong> and detectioncontrols, and whistleblower policy, as well as other operational policies such as procurement manuals, etc.O4.4 Assess Operational Personnel Performance against both role-based performance targets, team or programbasedperformance targets for which the individual is accountable and other individual performance targets.P-ProcessPO-Plan & OrganizePO1-Scope & ObjectivesPO1.1 Define Scope of <strong>fraud</strong> risk management program alone or as part of a broader ethics, compliance and loss<strong>prevention</strong> program to include preventing, detecting and deterring <strong>fraud</strong>ulent and criminal acts.PO1.2 Define Stakeholders to include direct internal and external stakeholders of the entity plus the stakeholdersrelevant to the extended enterprise.PO1.3 Define Planning Methodology & Team that includes team members with insights into human behavior andhigher risk business processes that may prove susceptible to <strong>fraud</strong>ulent behaviors.PO1.4 Define / Review Organizational Objectives in order to define, align and prioritize <strong>fraud</strong> risk managementinitiatives.PO1.5 Define Program Objectives that measure loss <strong>prevention</strong> and the protection afforded by detection controlsand the prompt resolution of allegations of <strong>fraud</strong>ulent or corr<strong>up</strong>t conduct.PO2-Business Model & ContextPO2.1 Identify Key Organizational Entities, Units & Gro<strong>up</strong>s as a basis for scoping the program, understanding risks,and prioritizing implementation of <strong>fraud</strong> risk management program initiatives.PO2.2 Identify Key Physical, Information and Technology Assets over which or in which specific access, segregationof duty and other <strong>fraud</strong> <strong>prevention</strong> and detection controls need to be established.PO2.3 Identify Key Business Processes that may introduce <strong>fraud</strong> and corr<strong>up</strong>tion risks, including financial, sales andmarketing, manufacturing, distribution and fulfillment, research and development and employment.PO2.4 Identify Key Job Families, Positions, Roles & Assignments including roles in the extended enterprise that aremore susceptible to <strong>fraud</strong> risk due to performance pressures, perceived lack of monitoring, or significant authorityover assets, accounts, and disclosures.PO3-Boundary IdentificationPO3.1 Define Boundary Identification Methodology to enable the identification of both mandatory and voluntaryboundaries of legal and ethical conduct.PO3.2 Identify Mandated Boundaries including laws, regulations and treaties proscribing <strong>fraud</strong> and corr<strong>up</strong>tion inall regions of both operation and sales, customary practices in the industry and the geographies and professionalconduct standards to which individual in the workforce and/or agents are subject.PO3.3 Identify Voluntary Boundaries including societal values and norms for the particular industry and geographiesof operation and sales relative to <strong>fraud</strong> and corr<strong>up</strong>tion, organizational values to include a commitment to ethicalconduct and a no tolerance position on <strong>fraud</strong>ulent, corr<strong>up</strong>t or illegal behavior.72
- Page 1 and 2:
ACFE FRAUD PREVENTIONCHECK-UP
- Page 3 and 4:
ACFE FRAUD PREVENTIONCHECK-UPThe Be
- Page 5 and 6:
ACFE FRAUD PREVENTIONCHECK-UPACFE F
- Page 7 and 8:
ACFE FRAUD PREVENTIONCHECK-UPACFE F
- Page 9 and 10:
ACFE FRAUD PREVENTIONCHECK-UPACFE F
- Page 11 and 12:
ACFE FRAUD PREVENTIONCHECK-UPACFE F
- Page 13 and 14:
Sponsored by:The Institute of Inter
- Page 15 and 16:
Team Members:Toby J.F. Bishop, CPA,
- Page 17 and 18:
Managing the Business Risk of Fraud
- Page 19 and 20:
establish their own fraud risk mana
- Page 21 and 22:
Fraud risk identification may inclu
- Page 23 and 24:
Thus, to properly address fraud ris
- Page 25 and 26:
The board also has the responsibili
- Page 27 and 28:
• Implementing adequate internal
- Page 29 and 30:
Fraud Risk Management Program Compo
- Page 31 and 32:
ecently been hired in the purchasin
- Page 33 and 34: Organizations can identify and asse
- Page 35 and 36: The Risk Assessment TeamA good risk
- Page 37 and 38: This also involves understanding th
- Page 39 and 40: - Invoices for goods not received o
- Page 41 and 42: Other RisksRegulatory and Legal Mis
- Page 43 and 44: SECTION 3: FRAUD PREVENTIONPrincipl
- Page 45 and 46: An organization’s HR group is oft
- Page 47 and 48: SECTION 4: FRAUD DETECTIONPrinciple
- Page 49 and 50: Process ControlsProcess controls sp
- Page 51 and 52: keep such information confidential.
- Page 53 and 54: will vary depending on the nature,
- Page 55 and 56: Conducting the InvestigationPlannin
- Page 57 and 58: • Extended investigation — Cond
- Page 59 and 60: Fraud ControlsDeloitte Forensic Cen
- Page 61 and 62: APPENDIX B: SAMPLE FRAMEWORK FOR A
- Page 63 and 64: APPENDIX C: SAMPLE FRAUD POLICY 41N
- Page 65 and 66: CONFIDENTIALITYThe ______________ U
- Page 67 and 68: Sample Fraud Policy Decision Matrix
- Page 69 and 70: Identified Fraud Risksand Schemes (
- Page 71 and 72: 2) Misappropriation of:a) Tangible
- Page 73 and 74: ) Embezzlement(1) False accounting
- Page 75 and 76: Fraud Prevention Area, Factor, or C
- Page 77 and 78: Fraud Prevention Area, Factor, or C
- Page 79 and 80: Fraud Prevention Area, Factor, or C
- Page 81 and 82: Fraud Prevention Area, Factor, or C
- Page 83: O-Organization / PersonnelO1-Leader
- Page 87 and 88: PR-Prevent, Protect & PreparePR1-Ge
- Page 89 and 90: E-Periodic EvaluationE1-Evaluation
- Page 91 and 92: I2-CommunicationI2.1 Develop Commun
- Page 93 and 94: CriminologyFraud Prevention Program
- Page 95 and 96: CriminologyFraud Prevention Program
- Page 97 and 98: CriminologyFraud Prevention Program
- Page 99 and 100: CriminologyFraud Prevention Program
- Page 101 and 102: CriminologyFraud Prevention Program
- Page 103 and 104: CriminologyFraud Prevention Program
- Page 105 and 106: CriminologyFraud Prevention Program
- Page 107 and 108: CriminologyFraud Prevention Program
- Page 109 and 110: CriminologyFraud Prevention Program
- Page 111 and 112: CriminologyFraud Prevention Program
- Page 113 and 114: CriminologyFraud Prevention Program
- Page 115 and 116: CriminologyFraud Prevention Program
- Page 117 and 118: Sample Fraud PolicyAssociation of C
- Page 119 and 120: Sample Fraud PolicyCONFIDENTIALITYT
- Page 121 and 122: Sample Fraud PolicyFraud Policy Dec
- Page 123 and 124: Fraud’s Worst Enemyhttp://www.fra
- Page 125 and 126: ACFE Insights - ACFE Insightshttp:/
- Page 127: ACFE Insights - ACFE Insightshttp:/