fraud reporting final
TRANSCRIPT
-
8/9/2019 Fraud Reporting Final
1/23
Fraud ReportingFraud ReportingFraud ReportingFraud Reporting
CA Mahesh Krishnan
SIRC - ICAI
4th July 2014
-
8/9/2019 Fraud Reporting Final
2/23
Sec 143 (12) Notwithstanding anything contained in this section, if an
auditor of a company, in the course of the performance of his
duties as auditor, has reason to believe that an offence
involving fraud is being or has been committed against the
com an b officers or em lo ees of the com an , he shall
immediately report the matter to the Central Governmentwithin such time and in such manner as may be prescribed.
143 (13) states: No duty to which an auditor of a company
may be subject to shall be regarded as having beencontravened by reason of his reporting the matter referred to
in sub-section (12) if it is done in good faith
2 Insight Series: SIRC, ICAI :July 4th
-
8/9/2019 Fraud Reporting Final
3/23
Non-Compliance 143 (15) : Fine not less than Rs. One lakh but may extend
to Rs. 25 lakhs
147 (2) : Fine provisions overridden by 143 (15) but
imprisonment if done knowingly
3
but cannot confirm hence does not report with genuine
intentions but later found to be fraud.....
Insight Series: SIRC, ICAI :July 4th
-
8/9/2019 Fraud Reporting Final
4/23
Reason to believe that ..... what constitutes reasonable grounds to suspect that a
contravention has taken place.
To have reasonable grounds to suspect, the auditor must have
both a suspicion and ajust cause for that suspicion, i.e. the
sus icion must be based on some facts sufficient to induce
Insight Series: SIRC, ICAI :July 4th4
that state of mind in a reasonable person (George v Rockett(1990) 170 CLR 104). A reasonable suspicion (triggering the
requirement to report) can exist without the auditor having
conducted exhaustive and conclusive investigations into thematter.
[Regulatory Guidance : Australia]
-
8/9/2019 Fraud Reporting Final
5/23
Definition of Fraud (Sec 447) fraud in relation to affairs of a company or any body
corporate, includes any act, omission, concealment of any
fact or abuse of position committed by any person or anyother person with the connivance in any manner, with intentto deceive, to gain undue advantage from, or to injure the
,or any other person, whether or not there is any wrongfulgain or wrongful loss
wrongful gain means the gain by unlawful means of property to which
the person gaining is not legally entitled wrongful loss means the loss by unlawful means of property to which
the person losing is legally entitled
5 Insight Series: SIRC, ICAI :July 4th
-
8/9/2019 Fraud Reporting Final
6/23
Person guilty of FraudSec 447 deals with this....
Imprisonment : 6 months to TEN years Fine : amount of Fraud (minimum) ~ Three times the
amount of Fraud (maximum)
Insight Series: SIRC, ICAI :July 4th6
-
8/9/2019 Fraud Reporting Final
7/23
Grounds
for
reporting
If an auditor has sufficient reason to believe that an offence involving fraud has
been or is being committed against the Company or by officers or employees of
the company,
Report to
whomHe shall report the matter to the Central Government. The report shall be sent to theSecretary, Ministry of Corporate Affairs in a sealed cover by Registered Post with
Acknowledgement Due or by Speed post followed by an e-mail in confirmation of the same.
To reportby when
immediately but not later than sixty days of his knowledge
Steps Auditor shall forward his report to the Board or the Audit Committee, as the case may be,
immediatel after he comes to knowled e of the fraud seekin their re l or observations
7 Insight Series: SIRC, ICAI :July 4th
within forty-five days;Receive reply from BoD or Audit Committee
in case the auditor fails to get any reply or observations from the Board or the Audit
Committee within the stipulated period of forty-five days, he shall forward his report to the
Central Government
Format The report shall be on the letter-head of the auditor containing postal address, e-mail addressand contact number and be signed by the auditor with his seal and shall indicate his
Membership Number. The report shall be in the form of a statement as specified in Form
ADT-4
The provision of this rule shall also apply, mutatis mutandis, to a branch auditor, cost auditor
and a secretarial auditor during the performance of his duties under section 148 and section204 respectively
-
8/9/2019 Fraud Reporting Final
8/23
Contents of the Report Report (letter head full contact details membership
number etc.) should have:
Full details of the suspected offence involving fraud (attach
documents in support)
Particulars of the officers or em lo ees who are sus ected to be
involved in the commission of the offence Basis on which fraud is suspected
Period during which the suspected fraud has occurred
Estimated amount involved in the suspected fraud
8 Insight Series: SIRC, ICAI :July 4th
-
8/9/2019 Fraud Reporting Final
9/23
Other Countries...... Australia Corporations Act 2001: places an obligation on the
auditor to notify ASIC within 28 days if he/she becomes aware of
circumstances that......... France Code de Commerce : The auditors draw the attention of
the next general meeting to any irregularities or inaccuracies they
Insight Series: SIRC, ICAI :July 4th9
any criminal acts which they become aware of to the PublicProsecutor and incur no liability in connection with suchdisclosures
Singapore Companies Act Auditors get special privileges;
immunity; defamation protection
Money Laundering / US - FCPA
-
8/9/2019 Fraud Reporting Final
10/23
Is this not a Paradigm shift in Audit
expectation?
Yes,
The Kingston Cotton Mills judgement is perhapsnot the end of the road any more
OBJECTIVE of a Statutory or Internal Audit or certification
Insight Series: SIRC, ICAI :July 4th10
NOT to find frauds
Other allies (not present in all companies, however) Vigil
Mechanism; Audit Committee; Independent Directors;
Internal Audit.
-
8/9/2019 Fraud Reporting Final
11/23
Shifting sands.......
"It is the duty of an auditor to bring to bear on the work he has toperform that skill, care and caution which a reasonably careful,
cautious auditor would use. What is reasonable skill, care and cautionmust depend on the particular circumstances of each case. An auditoris not bound to be a detective, or, as was said to approach his workwith suspicion, or with a forgone conclusion that there is something
Insight Series: SIRC, ICAI :July 4th11
wrong. e s a wa c og, no a oo oun . e s us e nbelieving tried servants of the company in whom confidence is placedby the company. He is entitled to assume that they are honest andrely upon their representations, provided he takes reasonable care."
Ironically, since that definitive statement, there has been a gradualmetamorphosis in an auditor's duty of care. It is no longer sufficientfor an auditor to rest upon the honesty and accuracy of others. Hemust go further and satisfy himself ............
-
8/9/2019 Fraud Reporting Final
12/23
Is Fraud Reporting for All Companies?
Yes no company is exempted.
In fact, for same company cost auditor; company secretary,branch / main auditor will monitor!
Auditor is expected to report fraud even if there is no
KMP
KMP CFO is not a CA
NoVigil mechanism
No Internal Audit
No Independent directors
12 Insight Series: SIRC, ICAI :July 4th
-
8/9/2019 Fraud Reporting Final
13/23
-
8/9/2019 Fraud Reporting Final
14/23
Clients use of bank funds. Not
possible for daily monitoring by auditor
Inherent detection risk faced by auditor
How auditor can downsize this risk? Review bank statements
Advances / loans given to whom?
Top transactions
Analysis of payments
CFO Representation
Audit is not a fault-finding exercise to .....audit is not a
fraud-finding exercise.
14 Insight Series: SIRC, ICAI :July 4th
-
8/9/2019 Fraud Reporting Final
15/23
Can auditor request to compulsorily attend BoD
meeting to understand what's happening?
Will attending BoD give auditor full comfort.
Can auditor then be affixed with fraud reporting incompleteness as he has been give the right so duty follows?
If a fraud is happening, can we expect it to come out by
Or is attending BoD just an opportunity for auditor to
enhance his understanding of business / way decisions are
made. Is there alternate way to do this apart form attending
BoD meeting?
Fraud risk oversight at BoD level
15 Insight Series: SIRC, ICAI :July 4th
-
8/9/2019 Fraud Reporting Final
16/23
Fraud discovered now. Happened
March 2012. To report?
Yes, definitely.
We have 60 days from the time we have reason to believe May trigger rectification of accounts; accounting of error etc.
16 Insight Series: SIRC, ICAI :July 4th
-
8/9/2019 Fraud Reporting Final
17/23
Should the Auditor report even if the
Audit Committee disagrees ?
If an auditor has sufficient reason to believe that there has
been fraud and the audit committee rejects that, it still has to
be reported to the central government. If, in such an
instance, the stock price witnesses a crash because of the
initial sus icions, would the auditor be held at fault?
Insight Series: SIRC, ICAI :July 4th17
-
8/9/2019 Fraud Reporting Final
18/23
QUESTIONS ??
Ack: AICFE Website /Report to Nations
-
8/9/2019 Fraud Reporting Final
19/23
Auditor to get into these aspects.... Fraud risk ownership identifying a senior member to
identify / manage fraud risks
Fraud risk assessment how often done
Pro-active fraud detection process -To what extent has the
,
resolve potentially significant fraud fraud risk assessment;
flag suspicious transactions; computerised email
monitoring.....
Fraud risk tolerance and Risk Management Policy; how muchrisks are transferred to others by insurance / contract etc.
19 Insight Series: SIRC, ICAI :July 4th
-
8/9/2019 Fraud Reporting Final
20/23
Auditor to get into these aspects.... Process level anti-fraud controls e.g. Centralising collections;
outsourcing cash movements
Process level controls - designed to prevent, deter and detect each of thesignificant fraud risks identified in its risk assessment. For example, therisk of sales representatives falsifying sales to earn sales commissions canbe reduced through effective monitoring by their sales manager, withapprova require or sa es a ove a certain t res o
Environment level anti-fraud controls : Major frauds usually involvesenior members of management who are able to override process- levelcontrols through their high level of authority. Preventing major fraudstherefore requires a strong emphasis on creating a workplace
environment that promotes ethical behaviour, deters wrongdoing andencourages all employees to communicate any known or suspectedwrongdoing to the appropriate person.
20 Insight Series: SIRC, ICAI :July 4th
-
8/9/2019 Fraud Reporting Final
21/23
Auditor to get into these aspects.... Ethical behaviour; code of conduct
Training upon hiring; encouraging seeking advice /communicating wrong-doing
Communication systems prior to decisions (difficult) due to
concerns
Prompt reaction / investigation (IA?)
Monitoring compliance with code of conduct
21 Insight Series: SIRC, ICAI :July 4th
-
8/9/2019 Fraud Reporting Final
22/23
FRAUD !!FRAUD !!FRAUD !!FRAUD !!
Catastrophic risk Becoming common only scale, not occurrence, is remarkable
22 Insight Series: SIRC, ICAI :July 4th
-
8/9/2019 Fraud Reporting Final
23/23
Fraud Findings Typically 5% revenue lost due to fraud
Median amount f fraud $145,000. 22% atleast $1Milliom
Median duration : 18 months Occupational frauds : Three main categories asset
misappropriations (85%); corruption; financial statement fraud9%
Mainly detected by tips mainly by employees... (hotlines help!) Banking / financial; government; manufacturing more prone
Higher the perpetrators level of authority, the greater fraud lossestend to be.
Collusion helps employees evade independent checks and otheranti-fraud controls, enabling them to steal larger amounts
It takes time and effort to recover...and recover the money!!
23 Insight Series: SIRC, ICAI :July 4th