What The Heck Is CCM
70
? WHAT THE HECK IS CCM
-
Upload
acl-services -
Category
Documents
-
view
718 -
download
4
description
What is continuous controls monitoring? Why does ACL Services think you should learn to love CCM technology? How it can assure compliance, reduce risk, detect fraud, and enhance profitability. For more information, visit www.acl.com/ccm
Transcript of What The Heck Is CCM
?WHAT THE HECK IS CCM
Why YOU should stop worrying…
OR
and learn to LOVE technology!
CCM = continuous
controls monitoring
Officially, CCM is…
“independent control review mechanism to help
organizations assure the effectiveness of internal
controls, reduce operational risks, minimize profit erosion, and mitigate the risk of fraud,
while meeting regulatory requirements…”
Http://www.acl.com/products/CCM.aspx
It’s also a fancy way to describe a way of reviewing the ZILLIONS of transactions that are happening across an enterprise.
?WHYSHOULD I CARE
REASON # 1: WE JUST WENT THROUGH THE BIGGEST ECONOMIC DOWNTURN SINCE THE GREAT DEPRESSION.
Of financial services executives blame poor risk management for the crippling credit crisis.SAS Institute 10/1/08
70%
55% 21%Of financial services industry respondents felt internal auditing could have helped identify risks to mitigate the impacts of the financial crisis.
disagreed.
IIA Research Foundation’s (IIARF’s) Global Audit Information Network (GAIN) Flash Survey
REASON # 2: GOVERNMENTS ARE CRACKING DOWN ON BUSINESS.
The number of open FBI investigations into mortgage fraud by financial
institutions and other corporations nearly doubled between 2006 and 2009,
to more than 1,600.
CFO magazine, Feb 2009
The penalty associated with an FCPA infraction that historically drew a fine of
$1 million to $4 million has grown tenfold in the past 12-14 months.
REASON # 3: WASTE.
1/2of companies (and growing) with over 1000 employees are not taking full advantage of available vendor discount terms by paying their invoices within a set timeline.
Institute of Management and Administration
$250,000.00The amount of cash lost for every $100 million in payments, when a company misses only a 1% discount on a quarter of payments.
Institute of Management and Administration
REASON # 4: ERRORS.
$500,000.00The amount companies can lose with duplicate payments for every $100 million payments made.Institute of Management and Administration
40% 5%of companies report T&E error rates in excess of of T&E expenditures.
IOMA 2007
4.6%of invoices contain errors and 44% of companies pay without original invoices.
IOMA 2007
REASON # 5: FRAUD.
85%of companies have been hit by corporate fraud in the past three years, up from 80% in the previous year’s survey.
Kroll Global Fraud Report 2008
22%The increase of an average company’s losses to fraud from 2007 to 2008.
The average business lost $8.2 million to fraud during the past three years, compared with a loss of $6.7 million the previous year.
Kroll Global Fraud Report 2008
Still don’t think fraud is a big deal?
No problem, I can throw stats at you all day…
$994 BILLION
Estimated total of U.S. occupational fraud and
abuse in 2008.
$835,000,000,000.00
The total losses that were never recovered.
That’s a lot of zeros, eh?
€960 MILLION
How much UK companies lost to publicly reported fraud from January-June 2009, the highest six-month total since at least 2003.BDO stoy hayward
€6 BILLION
The amount employees around the world are pocketing every year in fake expense claims.Global Expense Survey
You get the picture now?
Revenue leakage is a big problem.
?BUT CAN INTERNAL AUDIT LEAD THE CHARGE
Survey says…
YES YES YES
“Internal audit provides a critical line of defense against the threat of fraud by focusing on risk monitoring in addition to fraud prevention and detection.”PricewaterhouseCoopers “Internal Audit 2012” September 2007
Do you believe CAE’s should provide overall assurance opinions?
78% said “yes”Association of Chartered Certified Accountants (ACCA) annual conference participants, May 2009
Feeling overwhelmed?
We don’t blame you.
74% of internal audit functions had flat or declining budgets in 2009.
Almost one-third experienced reductions over the past 12 months.
80% anticipate flat or declining budgets for 2010.
IIA survey of U.S. internal audit practitioners, August 2009
But there is hope…
Continuous Auditing + Continuous Monitoring =
Business Assurance… …on steroids
WARNINGWe don’t condone the use
of performance-enhancing drugs in sports, but we do strongly endorse performance-enhancing technologies for business
But we’re just a vendor with our own agenda. You can dismiss us, but here are some opinions you should listen to…
“Consider CCM to reduce the costs of audits, increase the reliability of segregation of duties and other financial application controls, increase the effectiveness of anti-fraud controls, improve external auditor trust, and improve financial governance and working capital.”
Gartner “Three Technology Solutions for Internal Audit That Improve Productivity, Controls Reliability and Business Efficiency,” November 2009
“To remain relevant in 2012, internal auditors need to move beyond a static, cyclical audit approach and adopt a continuous, comprehensive approach to audit and risk assessment – one that optimizes the use of technology.”
PricewaterhouseCoopers “Internal Audit 2012” September 2007
“Unlike retrospective analyses, continuous transaction
monitoring allows an organization to identify
potentially fraudulent transactions on, for example, a daily, weekly or monthly basis.
Organizations frequently use continuous monitoring efforts to
focus on narrow bands of transactions or areas that pose
particularly strong risks.
KPMG “Fraud Risk Management: Developing a Strategy for Prevention, Detection and Response” 2006
“
“After-the-fact audit activities, quite frankly, are too late. To the extent that there had been more continuous auditing deployed, we would have identified a number of the related risks earlier.”
Hon. David Walker, former Comptroller General of the United States and head of the Government Accountability Office (GAO)
So in conclusion (Yes, it’s almost over)
Continuous Monitoring represents the future of Assurance
The analysts agreeThe Big Four agree
The IIA agrees
So why aren’t you on board?
?TOO BUSY
2,860 Harrah’s Entertainment saved minutes on manual tests that used to take two full days that can now be performed in 20 minutes.
staff hours annually.
Dollar Thrifty Automotive Group saved
10,000
the time for project completion, even as the scope of work expanded; eliminated $500,000 in contracted services.
Capital Healthcare Resources cut 1/2
$60 million
British Columbia Ministry of Finance is using continuous controls monitoring to implement innovative, best practice in governance and risk that has achieved average efficiency savings of
in the last three years.
?NO MONEY
$1 million in lost annual charges for cardiac catheterization procedures.
One hospital identified
$17 million in duplicate payments.
The HCA discovered
$20 million annually through an expense
approval and monitoring program.
One large government department saved
?TOO LAZY
Technology can help you recover revenue quickly and contribute to the bottom line.
Sorry, we can’t help you with that.
So we’ll ask you one more question.
?HOW CONFIDENT ARE YOU THAT THIS ISN’T HAPPENING IN YOUR ORGANIZATION
267 ghost employees on the payroll.
$12,000.00in employee expenses for tarot card readings.
?You don’t want to explain to the Audit Committee how you missed that, NOW DO YOU
(Yes, another question, but we promise it really is the last)
So check out Continuous Controls
Monitoring.
YOU WON’T REGRET IT.
Prepared by ACL Services.
For more information about Continuous Controls Monitoring, visit www.acl.com/ccm
Technology for Business Assurance
