FRAUD AND THE ROLE OF SYSTEM OF INTERNAL CONTROLS

Report
IIA CROATIA
FRAUD AND THE ROLE OF SYSTEM
OF INTERNAL CONTROLS
mr. Stanko Tokić, dipl. oec.
President of IIA Croatia
Varna, 6th June 2013.
CONTENTS
 Introduction
 Definitions
 Corporate rules
 System of Internal Controls (SIC)
 Fraud
 System of Internal Controls and Fraud
 Internal auditors and Fraud
 CONCLUSION
2
INTRODUCTION
 A new definition and a paradigm of internal audit
 Definitions of system of internal controls (SIC) & fraud
 Corporate rules and SIC & fraud
 Corporate structure and SIC & fraud
 The role of regulations in the company
 The SIC has a big influence in the prevention of fraud
 SIC define fraud
 Internal audit is not responsible for fraud
 Internal audit must have a focus on fraud
 Internal audit reports on the SIC & fraud
 Stakeholders and SIC & fraud
 Internal audit, SIC & fraud
3
CORPORATE REGULATIONS
 Corporate regulations are the basis for defining the system
 Regulations are defined on international and national level by the
government and non-government organisations:
 Treadway Commission (COSO i ERM), Cadbury Committee,
Combined Code, Hampel, Greenburry, Turnbull, OECD, SoX,
Securities exchange commission
 EU directives and recommendations
 Different codes, rules, guidelines, standards and norms
 Best practice, stock exchange and the capital market rules
 Laws and regulations
 Government and non-government agencies and institutions
4
COMPANY
RULES
 Company rules & SIC are defined by:
 Shareholders’ Meeting
 Supervisory Board
 Management Board
 Management
 Committees of Supervisory Board & Management Board, eg.
Audit Committee
 Corporate rules & SIC are defined in:
 statute
 corporate acts
 organisational regulations
 organisation sheme
 codes, guidelines, rules, standards, norms etc.
 plans and programs
5
SYSTEM OF INTERNAL CONTROLS
Definition of systems of internal controls:
The system of internal controls are methods and
procedures approved by the management board.
The end result of these methods and procedures is
to achieve the business goals and better
governance of the company.
6
SYSTEM OF INTERNAL CONTROLS
The system is emphasised in many documents:












A new paradigm of internal audit
Model - Three lines of defence
PPF, IPPF and international standards on internal audit 2011.
The research of IIA Global & ECIIA
The research of national institutes of internal audit
The research of the BIG 4
EU directives and recommendations, white paper etc.
Corporate rules of the OECD
The best working practice of the Audit Committee
Defining the European standards on internal audit
The assessment of the system (COSO & ERM)
The reports of the state audit and external audit
7
SYSTEM OF INTERNAL CONTROLS
Company system of internal controls consists of:
 Acts, documents, politics, procedures, plans, programmes,
decisions, guidelines and relevant business practice etc.
 Organisation sheme and structure
 Information system, its security & protection, equipment
 Expertise and competency of the management board
 Loyal, educated and experienced professional employees
 Technical and technological level of operations and working
equipment
 Corporate culture and tradition
8
SYSTEM OF INTERNAL CONTROLS
CORPORATE RULES
SIC
SUPERVISORY BOARD/
MANAGEMENT BOARD
SIC
SIC
SIC
PURCHASING
SELLING
PRODUCTION
SIC
FINANACE
SIC
IT
SIC
HUMAN
RESOURCES
SIC
ACCOUNTING
9
SYSTEM OF INTERNAL CONTROLS
Tasks of the system of internal controls:











Accuracy and reliability of data and information
Security of the business system & policies
Moderate guarantee – the accomplishment of goals & tasks
Managing company in accordance with the rules & acts
Business risks brought to minimum and held under control
Protection of interest of shareholders
To give a realistic and objective picture
To achieve better relations with stakeholders
Protection of owners property and capital
Accomplishing 3E’s: Economy, Efficiency, Effectiveness
Achieving the appropriate value for money
10
SYSTEM OF INTERNAL CONTROLS
Why is it important to implement the SIC?
 Company's attitude towards fraud related topics is made by the SIC
 It gives management the security and diminishes the possibility of
fraud
 It gives assurance in reliability and accuracy of information
 It is a source for defining the statement of the state of IC
 It assists all types of audit: external, state and internal
 The system implements standards, guidelines, norms, codes etc.
 It ensures the implementation of procedures approved and
prescribed by the management
11
FRAUD - DEFINITION
FRAUD - Any illegal act characterised by deceit,
concealment, or violation of trust. These acts
are not dependent upon the threat of violence
or physical force. Fraud is perpetrated by parties
and organizations to obtains money, property,
or services; to avoid payment or loss of services;
or to secure personal or business advantage.
(IPPF)
12
REGULATIONS
FRAUD
Fraud is defined and emphasised in many documents:
Regulatory Framework for Fraud
Fraud Policy
Management guidelines for the prevention, detection
and investigation of fraud
Laws, Regulations, Acts, Standards, Guidelines etc.
Annual Reports
Business Reports
Guidelines of System of Internal Controls
Quastionnaires on tests of fraud
Policies for Hot-Line
Internal/External/State Audit Report
Information, Date, Indicators
Policy of whistleblowers
14
FRAUD
1/2
How to detect the potential behaviour and activities which can
point to fraud?
 Unusual behaviour of employees and management
 Changes of lifestyle and standard
 Staying at work, not using holidays etc.
 Weak security of the premises, uncontrolled entrance
 Unusual accounts, big numbers and only one signature
 Transactions with cash made only by one person
 No segregation of duties & large responsibilities
 Business cycle followed by missing documentation and
accounts
 Broad use of codes and protection codes
 Continuous talk of work, fatigue and responsibilities
15
FRAUD
2/2
How to change the potential behaviour and activities – SIC and
fraud?
 Speaking freely of fraud and the risks of fraud
 The education of employees and prescribing the adequate acts
 Making a plan of prevention of fraud and informing the
employees of its existence
 Making an intervention plan in case of fraud
 Defining and assessing the risk of fraud
 Making everyone responsible for the detection of fraud
 Implementing a program for the prevention of fraud
 Regularly discuss cases of fraud
 Continuously undertake corrective measures and activities
POLICY OF FRAUD
The key principles underlying the company’s approach to fraud are to:
 Encourage a culture of awareness and have measures in place to
recognise and minimise the risk of fraud
 Have procedures in place for the prevention, detection,
investigation, reporting and public management of fraud
 Co-operate fully where an external investigation of fraud is
carried out
 Make available confidential helplines and other appropriate
mechanisms so that anyone can voice concerns
 Protect against all forms of reprisals of those who in good faith
report instances of suspected fraud
 Investigate immediately cases of suspected fraud and pursue
perpetrators to the fullest extent of the law
 Maintain the principles of confidentiality in any investigation
 Learn from any occurrence of fraud to prevent it being repeated
17
INTERNAL AUDITORS & FRAUD
The Internal Auditor should have sufficient knowledge
to identify the indicators of fraud but is not expected to
have the expertise of a person whose primary purpose is
detecting and investigating fraud.
IPPF International Standards for the Professional
Practice of Internal Auditing (IIA)
The primary responsibility for the prevention, detection
and investigation of fraud rest with management, which
also has the responsibility to manage the risk of fraud.
Fraud Position Statement (IIA UK and Ireland)
18
STAKEHOLDERS AND SYSTEM OF
INTERNAL CONTROLS & FRAUD
BOARD OF DIRECTORS
AND MANAGEMENT
SYNDICATE
OWNER
GOVERMENT
INSPECTORATE AND
OTHER CONTROL
BODIES
REGULATORY
AGENCIES
WORKERS
SYSTEM OF INTERNAL
CONTROLS & FRAUD
BUYERS
SUPPLIERS
CROATIAN
GOVERMENT
RESPONSIBLE MINISTRY
BANKS
19
CREDITORS
CONCLUSION
 SIC has a big influence on fraud
 Corporate rules define the framework for SIC & fraud
 Fraud is defined and emphasised in many documents relating
to the system of internal controls in the company
 The system of internal controls help management in the
prevention of fraud
 Company must change the potential behaviour and activities
 Internal audit must have a focus on fraud
 The recent trends of internal audit, ensures that the company
is aware of the risks to which it is exposed and manages them
 Internal audits main role is not to prevent, detect or investigate
fraud
 The task of internal audit is to support management
20
QUESTIONS
&
ANSWERS
[email protected]
21

similar documents