KPMG Screen 3:4 (2007 v4.0) - Glasgow Caledonian University
Download
Report
Transcript KPMG Screen 3:4 (2007 v4.0) - Glasgow Caledonian University
Tackling financial
crime
A non FS view
IOR Conference
November 2014
Overview
1
What do we mean by financial crime?
2
What drives fraud?
3
What about AB&C and AML
4
Prevention/Detection/Response
5
Questions
© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity.
All rights reserved.
1
Overview
1
What do we mean by financial crime?
2
What drives fraud?
3
What about AB&C and AML
4
Prevention/Detection/Response
5
Questions
© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity.
All rights reserved.
2
Investigations and compliance
“Firm fined £1.8million for
‘unacceptable’ approach to bribery and
corruption risks from overseas
payments”
BRIBERY
Source, FCA ,19 December 2013
FRAUD
“The Financial Conduct Authority (FCA) has fined Besso Limited
£315,000 for a failure to take reasonable care to establish and
maintain effective systems and controls for countering the risks
of bribery and corruption”
Source, FCA ,19 March 2014
“Standard Bank PLC
fined £7.6m for failures
in its anti-money
laundering controls”
Source, FCA, 23 January 2014
“Commerzbank said to
be investigated over
money laundering
charges.”
MONEY
LAUNDERING
Source, Reuters, September 2014
© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity.
All rights reserved.
3
Overview
1
What do we mean by financial crime?
2
What drives fraud?
3
What about AB&C and AML
4
Prevention/Detection/Response
5
Questions
© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity.
All rights reserved.
4
The landscape – fraud losses by victim
NFA – Annual Fraud Indictor 2013
© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity.
All rights reserved.
5
KPMG Fraud Barometer
Number of UK fraud cases by perpetrator
300
250
200
150
100
50
0
1987 1988 1989 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006
employee
management
professional advisor
other/unknown
customer
professional criminals
© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity.
All rights reserved.
6
New threats
Pensions liberation
fraud
Investment scams
- vulnerable adults
Bad leavers
Supplier payment
diversion
CYBER
Fake products
Trojans –Physical
and virtual
Organised
crime
Bribery &
corruption laws
© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity.
All rights reserved.
7
Old threats – KPMG investigations in Scotland in the last 3 years
Stealing petty cash and hiding the entries in balance sheet reconciliations
Taking advantage of poor segregation of duties to divert cash
Stealing employer’s IP to set up a new business
Inflated expense claims
Ordering goods and services for personal use / on-sale
False claims for grant funding
Procurement fraud involving kickbacks (three investigations)
Poor value supplier contracts and undeclared financial interests
Long term contract manipulation
Supplier payment diversion – yes people are still falling for it
© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity.
All rights reserved.
8
The fraud triangle – what drives fraud?
Opportunity
“abuse of position, or false
representation, or prejudicing someone's
rights for personal gain'.
Put simply, fraud is an act of deception
intended for personal gain or to cause a
loss to another party.”
Source, www.sfo.gov.uk
Pressure
Rationalisation
© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity.
All rights reserved.
9
Case study
■ 38 year old female
■ Financial controller
■ Three years of service
■ £40,000 annual salary
© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity.
All rights reserved.
10
Drivers of fraud – potential scenario
Pressure
Opportunity
■ Social Pressure (living out with means)
■ Addiction (clothing, cosmetic surgery, expensive
lifestyle)
■ Financial pressure to keep up with addiction to
lifestyle
Pressure
Rationalisation
Opportunity
■ Access to accounting system
■ Ability to add suppliers
■ Ability to amend payment details
■ Position of trust
Rationalisation
■ Perception of being underpaid
■ Deserve additional money
■ Victimless crime
■ Business doing well
© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity.
All rights reserved.
11
Real world fraud
“Financial Controller embezzles £85,000 to pay for cosmetic surgery
and elaborate lifestyle)”
■ Financial Controller of small UK subsidiary (overseas parent company)
■ Had complete access to payments and accounts system and no immediate oversight from
line managers
■ Had access to a bank account in the name of a local ‘Sports/Social’ club where she has
previously been treasurer
■ Funds initially taken via company debit card from cash machines (£6,500)
■ Then as addiction increases funds were then taken via BACS payments to a bank account
of the ‘Sports Club’, then transferred to fraudsters personal account for spending
■ Colleague took over control of petty cash reconciliation while fraudster on holiday and
became suspicious when entries did not balance
© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity.
All rights reserved.
12
Profile of a fraudster
■ Male/Female
■ 36-45 years old
■ 3-5 years service
■ Senior management position
– Finance department
– Procurement
■ Working alone to perpetrate the fraud
■ Taking advantage of weak controls
■ Losses not recovered
© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity.
All rights reserved.
13
Overview
1
What do we mean by financial crime?
2
What drives fraud?
3
What about AB&C and AML
4
Prevention/Detection/Response
5
Questions
© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity.
All rights reserved.
14
Bribery & corruption
■ Tends to be higher up the agenda than fraud risk – Why?
■ Bribery Act 2010 – New requirements on UK companies
■ New corporate offence of failure to prevent bribery and corruption
■ No regulator to enforce in a non-FS environment – only criminal authorities
■ A number of pillars on adequate procedures per guidance issued by HMG
■ Key themes emerging:
– Facilitation payments in overseas jurisdictions are now more difficult to justify
– There has been a focus on travel and entertaining which is misplaced
– Paying bribes to win business is where the focus is
– Agents and other associated persons bring the risk home to a UK corporate
– Training / whistle-blowing lines/ due diligence
– Giving vs receiving bribes – relative risks
– Approach to be RISK based
© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity.
All rights reserved.
15
Anti Money Laundering
■ No regulator to enforce standards
■ Less of an issue outside FS
■ Only some limited industries have specific KYC and transaction monitoring obligations:
– most UK financial and credit businesses such as currency exchange office, cheque cashers or money
transmitters
– independent legal professionals
– accountants, tax advisers, auditors and insolvency practitioners
– estate agents
– casinos
– 'High Value Dealers' - businesses that accept cash payments for goods worth €15,000 or more either in
a single transaction or in instalments
– Trust or Company Service Providers
■ For some SME’s money laundering puts them at a disadantage
© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity.
All rights reserved.
16
Overview
1
What do we mean by financial crime?
2
What drives fraud?
3
What about AB&C and AML
4
Prevention/Detection/Response
5
Questions
© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity.
All rights reserved.
17
Anti-fraud framework: KPMG’s five pillar approach
Prevention
The five pillar framework set out below shows what we consider to be the key elements in an effective antifraud framework. The illustration below shows the key elements that should be developed under each
pillar in moving towards good practice in an anti-fraud framework.
Strategy
Governance
Risk
Awareness
Monitoring
Co
Fraud risk management aims to
achieve three core objectives:
Prevent instances of fraud and
misconduct from occurring in the
first place;
Detect instances when they do
occur; and
Respond appropriately and take
corrective action when instances
arise.
These three objectives run through
all the five pillars of an effective antifraud framework.
No strategic
direction
Disparate
structures
Informal risk
methodology
Unstructured
approach
Limited
monitoring
Relevant
policies
Clear anti-fraud
message
Risk appetite
Fraud awareness
included within
induction
Fraud detection
systems
Whistle
blowing
Aligned to, and
supports, anti-fraud
strategy
Reporting structure
Investigation
processes
Executive buy-in and
sponsorship
Management
oversight
Risk strategy
Intelligence gathering
Clearly defined roles
and responsibilities
Risk identification and
assessment
Fraud awareness
training programme
Established risk
assessment
methodology
Communication
channels developed
for sharing
information
Employee and third
party due diligence
Documented antifraud framework
Controls assessment
and mitigation action
plans
Exit procedures
Clear strategic
direction
Drive from the top
Formal risk
methodology
Structured
approach
Measure
effectiveness of
reporting
Measure
effectiveness of
policies and
procedures
Measure
effectiveness of risk
programmes and
action plans
Measure
effectiveness of
awareness
programmes
Established
monitoring
© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity.
All rights reserved.
18
Red flags for look out for……
■ Poor controls - not followed/collusion/bending of rules
■ Lack of effective oversight/internal control checks not performed
■ Abuse of authority
■ Lack of segregation of duties
■ Weak fraud prevention policy
■ Sales or budgetary pressure
■ Remote locations (e.g. overseas)
■ Personal traits - control, lack of holidays, dominant character,
■ Unusual journals - time, people, amount
■ New suppliers - are they real?
■ False/unusual/duplicate invoices
© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity.
All rights reserved.
19
Response – Dos and Don’ts
Don’t
Do
Protect the evidence
Jump to unsupported conclusions
Involve HR, Legal, IT (from the outset)
Speak to a suspect without proper planning
Consider suspending IT access rights
Delve in the data looking for the smoking gun
Check whether you have insurance
Consider speaking to the Police
Allow a suspect to keep their laptop, without
making an image
Consider possible recoveries
Ignore your suspicions
Plan for success
Gather the facts before making decisions
Move to protect customer/supplier relationships if
necessary
Consider self-reporting
© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity.
All rights reserved.
20
Anti-fraud framework: technology and tools
The items listed below are some examples of where tools and technology can be used to assist in the development
and support of an effective anti-fraud framework
■ Screening employees/partners (e.g. Astrus)
■ Continuous auditing
■ e-Learning
■ Continuous monitoring
■ Risk Mapping
■ Data mining
■ KPI production/recording
■ Fraud Management Strategy Assessment Tool
(‘FMSAT’)
■ Integrity Thermometer
■ Whistle-blowing
Prevention
Detection
Response
Integrity Thermometer
■ Computer forensics and data
analytics
■ Case management systems
■ Reporting systems
■ Knowledge management (e.g.
investigation best practice)
© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity.
All rights reserved.
21
It will never happen here.......
The Telegraph - September 2009
KPMG Director
■ Earning six figure salary falsely claimed £550,000 in expenses to fund his wife’s £15,000 per
month spending
■ He made more than £100,000 a year as a director at KPMG
■ Fraud went undetected as he kept his expenses under the approval amount of £5,000
■ Only detected when a colleague became suspicious about his air claims, after claiming for
£480,000 of travel expense with £243,000 supported by fake documents
■ The 49-year-old, was branded as “spineless” by the judge and sentenced to four years in
prison
© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity.
All rights reserved.
22
?
Questions
Contact Details:
Ken Milliken
[email protected]
?
A final thought...
© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity.
All rights reserved.
24
The information contained herein is of a general nature and is not
intended to address the circumstances of any particular individual or
entity. Although we endeavour to provide accurate and timely
information, there can be no guarantee that such information is
accurate as of the date it is received or that it will continue to be
accurate in the future. No one should act on such information
without appropriate professional advice after a thorough
examination of the particular situation.
© 2014 KPMG LLP, a UK limited liability partnership and a member
firm of the KPMG network of independent member firms affiliated
with KPMG International Cooperative (“KPMG International”), a
Swiss entity. All rights reserved.
The KPMG name, logo and ‘cutting through complexity’ are
registered trademarks or trademarks of KPMG International.