1. 5/13/2014 1 CopyrightFraudResourceNet LLCCopyrightFraudResourcNet LLC SpecialGuestPresenter: DonaldE.Sparks,CIA,CISA,CRMA CopyrightFraudResourceNet LLC About Peter Goldmann, MSc., CFE President and Founder of White Collar Crime 101 Publisher of White-Collar Crime Fighter Developer of FraudAware Anti-Fraud Training Monthly Columnist, The Fraud Examiner, ACFE Newsletter Member of Editorial Advisory Board, ACFE Author of Fraud in the Markets Explains how fraud fueled the financial crisis.

2. 5/13/2014 2 CopyrightFraudResourceNet LLC AboutJimKaplan,CIA,CFE President and Founder of AuditNet, the global resource for auditors (now available on Apple and Android devices) Auditor, Web Site Guru, Internet for Auditors Pioneer Recipient of the IIAs 2007 Bradford Cadmus Memorial Award. Author of The Auditors Guide to Internet Resources 2nd Edition CopyrightFraudResourceNet LLC AboutDonSparks,CIA,CISA,CRMA, CRMA,ARM Vice President Industry Relations - Audimation Services, Inc. Property/casualty insurance internal audit experience (12 yrs. as CAE) Worked for two Risk Services firms The IIA eLearning: GAIN, Flash Surveys, & Role of Audit in SOX monthly 2 hour web tv broadcasts NAIC IT Working Papers Committee Co-Author of GTAG 13 & GTAG 16 June 2011, Creator & Programmer Auditchannel.tv DonSparks 3. 5/13/2014 3 CopyrightFraudResourceNet LLC Webinar Housekeeping This webinar and its material are the property of AuditNet and FraudResouceNet . Unauthorized usage or recording of this webinar or any of its material is strictly forbidden. We are recording the webinar and you will be provided with a link access to that recording as detailed below. Downloading or otherwise duplicating the webinar recording is expressly prohibited. Webinar recording link will be sent via email within 5-7 business days. NASBA rules require us to ask polling questions during the Webinar and CPE certificates will be sent via email to those who answer ALL the polling questions The CPE certificates and link to the recording will be sent to the email address you registered with in GTW. We are not responsible for delivery problems due to spam filters, attachment restrictions or other controls in place for your email client. Submit questions via the chat box on your screen and we will answer them either during or at the conclusion. After the Webinar is over you will have an opportunity to provide feedback. Please complete the feedback questionnaire to help us continuously improve our Webinars If GTW stops working you may need to close and restart. You can always dial in and listen and follow along with the handout. CopyrightFraudResourceNet LLC Theviewsexpressedbythepresentersdonotnecessarilyrepresentthe views,positions,oropinionsofFraudResourceNetLLC(FRN)orthe presentersrespectiveorganizations.Thesematerials,andtheoral presentationaccompanyingthem,areforeducationalpurposesonlyand donotconstituteaccountingorlegaladviceorcreateanaccountantclient relationship. WhileFRNmakeseveryefforttoensureinformationisaccurateand complete,FRNmakesnorepresentations,guarantees,orwarrantiesasto theaccuracyorcompletenessoftheinformationprovidedviathis presentation.FRNspecificallydisclaimsallliabilityforanyclaimsor damagesthatmayresultfromtheinformationcontainedinthis presentation,includinganywebsitesmaintainedbythirdpartiesand linkedtotheFRNwebsite Anymentionofcommercialproductsisforinformationonly;itdoesnot implyrecommendationorendorsementbyFraudResourceNetLLC 6 Disclaimers 4. 5/13/2014 4 CopyrightFraudResourceNet LLC Todays Agenda Awareness What Can Go Wrong Vendor Master File Policy Role of Internal Audit Red Flags Controls Risk Based Audit Plans Transactional Tests Questions CopyrightFraudResourceNet LLC Awareness Duplicatevendorsleftinthevendormasterfileare theleadingcauseofduplicatepayments Thecreationofanimaginaryvendor(shell)oruse ofadormantaccountcanstartAPfraud Reducingvendorsnotusedrecentlyorwithstale datawillimproveefficiencyofpayableoperations 5. 5/13/2014 5 CopyrightFraudResourceNet LLC RoleofInternalAudit AccordingtotheRedBook(IPPF): Assurance AuditingtheVendors Consultant Reportingandassistinganinternal committeewithvendormasterfileoversightduties includinginvestigationskillswhenallegationsof fraudarise CopyrightFraudResourceNet LLC WhatisVendorMasterFile TheVMFisakeycomponentofacompanysaccounts payablesystem.Thisfilecontainsthenames, addresses,TINs,andpaymenttermsofeachvendor. TheVMFbecomesthecontrolofeverypayment processedbytheaccountspayablesystemand thereforestrictpoliciesandproceduresmustbe establishedandmaintained.Ifnotsignificanterrors andfraudwillresult. 6. 5/13/2014 6 CopyrightFraudResourceNet LLC What are the 3 key steps to preventing VMF Fraud? A. Remove duplicate vendors B. Rigid and formal check signing authority levels C. Due Diligence process for detecting Shell companies D. De-activate dormant vendors to prevent further usage Polling Question 1 CopyrightFraudResourceNet LLC BewareofSlipperySlope 1210A3 ProficiencyStandard:Internalauditors musthavesufficientknowledgeofkeyinformation technologyrisksandcontrolsandavailable technologybasedaudittechniquestoperformtheir assignedwork Problem:Theonlysourceofknowledgeis experience AlbertEinstein 7. 5/13/2014 7 CopyrightFraudResourceNet LLC BlackBalledFirmBack CopyrightFraudResourceNet LLC TheInternalAuditdepartmentofanorthwestChicagosuburbanlocation discoveredafraudthatwentonforovertenyears.Recentlyalongterm employeedecidedtoretire.Acoupleofdaysafterretirement,atenantin thebuildingownedbytheinsurancecompanyquestionedwhytheyno longerreceivedtheirmail.Theemployeethatretiredalwayswenttothe postofficeeachdayandpickedupthetenantsmailanddailynewspapers. Butnowthetenantsallegationsarethataservicetheypaidforayearin advancewasnolongerbeingreceived.Thechiefauditexecutivewas unawarethatthecompanyofferedtenantsthisserviceandaskedthe tenantstoproduceaninvoice.Thetenantsfoundtheoriginalinvoices whichindicatedthetenantsweretomaketheircheckspayabletothe samecompanytheinsurancecompanyusedfornightlycleaningservices. Thechiefcalledforacommitteemeeting,acommitteethatreviewed modificationstothevendormasterfileandlearnedthatthreeexecutives hadformedacompanytoprovidethecleaningservicesandfalsifiedthe requiredevery3to5yearcompetitivebiddingdocument. EmployeeRunService 8. 5/13/2014 8 CopyrightFraudResourceNet LLC WhatCanGoWrong CopyrightFraudResourceNet LLC WhatCanGoWrong 9. 5/13/2014 9 CopyrightFraudResourceNet LLC ShellCompanyScheme For$150,Paulawasinbusiness. Thatsmall investmentboughtacompanynameorDBA(doing businessas)certificate whichwasthekeytoher grandplantodefraudheremployer.Sheusedthe certificatetosetupabusinesscheckingaccountand thenaddedthenewenterpriseasavendorinthe accountingsystem. Afewdayslatershesubmittedher firstinvoiceforpayment. Herboss,theownerofthe company,nevernoticed. Paulastolenearly$860,000 overthenextsixyears. CopyrightFraudResourceNet LLC Invoices,purchaseordersandreceivingreportsmustbe matchedbeforepaymentissued Purchasingdepartmentshouldbeindependentofreceiving, shippingandaccounting Purchasesmusthavemanagementapprovalof acceptance/completion Maintainacurrentapprovedvendorlist Usecompetitivebidsformajorpurchases Vendorpurchasesshouldbereviewedforabnormallevels Controlmethodsshouldbeimplementedforduplicate invoices/purchaseorders ControlsToConsider 10. 5/13/2014 10 CopyrightFraudResourceNet LLC According to the IPPF, Internal Auditing provides these two services? A. Compliance with laws and safeguard assets B. Assist management in the completion of its goals and objectives C. Assurance and Consulting services D. Determine the integrity & reliability of financial and operational information Polling Question 2 CopyrightFraudResourceNet LLC DoyouhaveaVMFpolicy? Aneffectivevendormasterfilepolicyincludes: 1. Regularreportsonactivity continuousmonitoring 2. Regularcommunicationswithvendors 3. Aconsistentnamingconvention 4. Rulesaddressingvendoradditionsanddeletions 5. Regularcleaningandpurgingduplicate,merged companies,oldordormantaccounts. 11. 5/13/2014 11 CopyrightFraudResourceNet LLC VMFActivityReports Quarterly Additions Deletions RecordChanges LookingforDuplicates ComparetoIRSTIN RegularcleaningoftheVMFcaneliminate accidentalduplicatepayments Annuallydothesamejustbefore1099time CopyrightFraudResourceNet LLC NamingConvention VMFnameshouldmatchtheW9reportwithall punctuationremoved Newinvoiceswithadifferentnamegotoa supervisor Supervisorcontactsthecompanyandresolvesthe discrepancy AbbreviationsareusedonlyifontheW9,orthe nameistoolongtofitonthepayeelineofthe check 12. 5/13/2014 12 CopyrightFraudResourceNet LLC VendorBackground Checks Reviewindustrywatchlists Conductacorporateregistrysearch Searchpoliticallyexposespersons(PEP) databases Verifythevendorskeyindividuals Verifythevendorsinsurance Verifyprofessionallicenses Checkwithatleast3customersusingthevendor CopyrightFraudResourceNet LLC WhatisaShellCompany Acompanythatdoesnothaveaphysicalpresence andgenerateslittleindependenteconomicvalue. Perpetratedbyvendorsoremployees.Threepart process: Settinguptheshellcompanyasavendor Submittinganinvoice Obtainpaymentapprovalforthefakeinvoice 13. 5/13/2014 13 CopyrightFraudResourceNet LLC LeonardVona Quote Shellcompaniesarelegalentitiesthatarefrequently usedbyindividualstoconductcriminalbehavior.Such fraudulentmeasuresincludemoneylaundering, billingschemes,fictitiousserviceschemes, bankruptcyfraud,taxevasion,aswellasmarket manipulation.Whileauthoritiesarecontinuously investigatingtheillegalutilizationofshellentities, theyarefindingitdifficulttoprosecutethosewhom arecriminallyinvolved.Statesdonotrequiremuch,if any,ownershipinformationoncompanyformation documents,therefore,makingitalmostfoolprooffor lawofficialstoprosecute. CopyrightFraudResourceNet LLC ShellcompanyStatistics Unfortunately,thisstoryisfartoocommonwhenit comestosmallbusinessfraud. Accordingtoexperts, shellcompanyschemes,whereafakeentityis establishedbyadishonestemployeetobillacompany forgoodsorservicesitdoesnotreceive,represent about half ofallfraudulentdisbursementschemes. Allittakesisagreedyemployee. Inmanycasesthe schemingcanlastforyears. TheAssociationofCertified FraudExaminers(ACFE)pegsthemedianlossfromshell companyschemesatnearly$600,000. 14. 5/13/2014 14 CopyrightFraudResourceNet LLC BewareoftheRedFlagsof Fraud Invoicescannotbetracedtoshipments Multiplepaymentstosinglevendoronthesamedate Patternofpurchasesjustbelowreviewlevel Unusuallyquickturnaroundofinvoices Paymenttomultiplevendorsforthesameproduct Extremeinventoryshortage Expensesincreasedramatically Unexplainedriseincostofgoodssold Unexplaineddecreaseingross/netprofits Excessivematerialsorders Goodsnotpurchasedatoptimalreorderpoint Highlevelapprovalofalowleveltransaction CopyrightFraudResourceNet LLC RedFlagIndicatorsforBilling Schemes Invoicesforunspecifiedservicesorsoftbillingssuchasconsultingor advertising Unfamiliarvendors VendorswithP.O.Boxesonly Vendorswithcompanynamesconsistingofinitialsonly Rapidlyincreasingpurchasesfromonevendor Vendorbillingsmorethanonceamonth Vendoraddressesthatmatchemployeeaddresses Largebillingsbrokenintomultiplesmallerinvoices Internalcontroldeficiencies,i.e.,budgeting,approvallevels Unfoldedinvoiceswhichmayindicatetheywerentmailed 15. 5/13/2014 15 CopyrightFraudResourceNet LLC What is a shell company? A. A company that does not have a physical presence B. Does not provide goods or services C. Perpetrated by vendors, customers or employees D. All of the above E. None of the above Polling Question 3 CopyrightFraudResourceNet LLC RedFlags 1210.A2 Proficiency Internalauditorsmusthave sufficientknowledgetoevaluatetheriskoffraudand themannerinwhichitismanagedwithinthe organization 16. 5/13/2014 16 CopyrightFraudResourceNet LLC UseaCOSOFrameworkfor Consulting CopyrightFraudResourceNet LLC AssuranceRoleObjectives Procurementpolicyandproceduresfollowedin obtainingthegoodsand/orservices Paymentsmadetothevendorcomplywith applicableinvoiceorpurchaseorderrequirements Freeofconflictsofinterest/businessconductissues (Vendoremployees)incompliancewithinternal CodeofEthicsandConflictofInterestPolicies CompliancewiththeMasterServiceAgreementand otherapplicablecontracts Agreetoopen,independentandobjectiveaudit 17. 5/13/2014 17 CopyrightFraudResourceNet LLC BestTimeToAudit 2010 Planning:Thechiefauditexecutivemust establishriskbasedplanstodeterminethepriorities oftheinternalauditactivityconsistentwiththe organizationsgoals Twoways: 1.Traditionalcomparisonofcurrentperiodto priorperiod(s) 2.RiskScoring(manyindevelopment) CopyrightFraudResourceNet LLC TraditionalSelection Descending 18. 5/13/2014 18 CopyrightFraudResourceNet LLC TraditionalSelection Ascending CopyrightFraudResourceNet LLC What are some red flags of vendor master file fraud? A. Invoices can not be traced to shipments B. Payment to multiple vendors for the same product C. Unusually excessive material orders D. All of the above E. None of the above Polling Question 4 19. 5/13/2014 19 CopyrightFraudResourceNet LLC RiskProfile;RiskRankVendor Deloitte ChicagoSpring2014 Characteristics Red Yellow Green SpendAmount >1m >500k >100k Type ofSpend Labor,allocations Material,equip Services ContractComplexity High Med Low ContractType CostPlus Hybrid FixedFee RelationshipOrigin Solesourced Hybrid Competitivebid HistoricalRelationship Poor Neutral TrustedAdvisor BusinessResults/Issues Opencivil/ criminal,bankruptcy Multiple undisclosed relatedentities No undisclosed relatedentities AnalyticalResults/Issues Manyexceptions Some exceptions Noexceptions AuditRights None Standard Strong VendorsStructure Decentralized Someissues Centralized billing andaccounting CopyrightFraudResourceNet LLC RiskProfiling Selection Framework DeloitteChicagoSpring2014 20. 5/13/2014 20 CopyrightFraudResourceNet LLC BestSolution TransactionalTests Sinceuncoveringerrorsandfraudaresometimeslikefindinga needleinahaystack,itisimportanttoanalyzethedatafrom severaldifferentperspectives.Forexample,duplicatetesting ondifferentcombinationsoffields(name,address,bank accountnumber,taxIDnumber),aswellassophisticated matchingmethods(e.g.fullnamematch,partnamematch, soundslikematch)betweenemployeeandvendorfileswork wellforthistypeofanalysis. Auditingvendorfilesisgenerallythebestwaytoquicklyrisk assesswheretheissuesmaylie,asauditingtransactionaldata canbeoverwhelming.Therefore,onceyouvecleanedhouse withinthevendormasterfile,youllbereadytomoveonto analyzingtransactionaldata,nowarmedwithalistofvendors thataremostlikelytocausefailure. CopyrightFraudResourceNet LLC TechEnabledTests 1. Scopeanalysisoftop20vendorsduringathree yearperiod. (lookingtoseeifvendorsinthetopare replacedandwhyiftheyaregood) 2. Riskassessingyourcurrentvendormasterfile 3. VendorSetup 4. FalseVendors 5. Afterthefactpurchaseorders 6. Testroundsumofpayments 7. Paymentstovendorsalmostimmediatelyafter setup 21. 5/13/2014 21 CopyrightFraudResourceNet LLC Name some good areas for companies to consider continuous monitoring? A.VendorAdditions/Deletions/Deactivations B.VendorRecordChanges C.VendorIndustryWatchLists D. All of the above E. None of the above Polling Question 5 CopyrightFraudResourceNet LLC TechEnabledTests 8. Paymentsfrominactivevendors 9. Stratificationorpivottablepayablesapprovallevels 10. Benford's law 11. Holdingcreditbalancesoninactiveaccountsreceivables 12. Inconsistentinvoicenumberlengthtest 13. Nepotism addingrelativesthatliveinsamehouseto employees 14. PaymentstoPOboxes 15. Roundnumbertests 16. Paymentsonweekendsorlateatnight 22. 5/13/2014 22 CopyrightFraudResourceNet LLC Conclusions MajorStepstoAvoidorReduceVendorFraud Besurevendorsarelegitimatebeforeyoustartobtaining goodsorservices lookoutforshellcompanyfraud schemes Donotconductbusinesswithvendorsthatwillnotsignyour conflictsofinterest,businessconductstatementsorrightto auditpolicies Backgroundchecksmustbeissue free doyourduediligence ControlvendorsandreduceriskwithMasterService Agreementandotherapplicablecontracts CopyrightFraudResourceNet LLC How often should an organization look for dulicate vendors and shell companies? A. Upon receipt of invoices with differing company names (or the invoice numbering scheme is not consistent) B. If invoices can not be traced to goods or services C. If the invoice received for payment does not appear to have been received in the mail (no fold creases) D. All of the above E. None of the above Polling Question 6 23. 5/13/2014 23 CopyrightFraudResourceNet LLC Conclusions MajorStepstoAvoidorReduceVendorFraud(part2) Separationofduties approvalofvendorsinthemasterfile handledbyanoperationotherthantheareathatreviews receipt,acceptanceandpaymentforgoodsandservices BlackballedvendorsstaydormantinyourVMF Eliminatemanuallywrittenchecks.Checksonlyissuedto thoselistedintheVMF. Committeethatapprovesallnewvendors. CopyrightFraudResourceNet LLC June11EssentialsofanEffectiveFraud ResponsePlan June18QuickResponseFraudDetection UsingDataAnalytics ComingUpNext 24. 5/13/2014 24 CopyrightFraudResourceNet LLC Thebestinformationnewsletter onfraudandwhitecollarcrimeis nowavailableforfree! SignUpNow Pleasesharewithyournetwork! WCCFighterNews Free CopyrightFraudResourceNet LLC Thank You! Website:http://www.fraudresourcenet.com JimKaplan FraudResourceNet 8003851625 jkaplan@fraudresourcenet.com PeterGoldmann FraudResourceNet 8004402261 pgoldmann@fraudresourcenet.com DonSparks Audimation ServicesInc 8323271877 dons@audimation.com