tackling financial crime a non fs view ior conference november 2014
TRANSCRIPT
Tackling financial crime
A non FS view
IOR Conference
November 2014
2© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
Overview
What do we mean by financial crime?1
What drives fraud?2
What about AB&C and AML3
Prevention/Detection/Response 4
Questions5
3© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
Overview
What do we mean by financial crime?1
What drives fraud?2
What about AB&C and AML3
Prevention/Detection/Response 4
Questions5
4© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
Investigations and compliance
“Standard Bank PLC fined £7.6m for failures in its anti-money laundering controls”
Source, FCA, 23 January 2014
“Commerzbank said to be investigated over money laundering charges.”
Source, Reuters, September 2014
“Firm fined £1.8million for ‘unacceptable’ approach to bribery and corruption risks from overseas payments”
Source, FCA ,19 December 2013
“The Financial Conduct Authority (FCA) has fined Besso Limited £315,000 for a failure to take reasonable care to establish and maintain effective systems and controls for countering the risks of bribery and corruption”
Source, FCA ,19 March 2014
FRAUD
BRIBERY
MONEYLAUNDERING
5© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
Overview
What do we mean by financial crime?1
What drives fraud?2
What about AB&C and AML3
Prevention/Detection/Response 4
Questions5
6© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
The landscape – fraud losses by victim
NFA – Annual Fraud Indictor 2013
7© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
KPMG Fraud BarometerNumber of UK fraud cases by perpetrator
0
50
100
150
200
250
300
1987 1988 1989 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006
employee management professional advisor other/unknown customer professional criminals
8© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
New threats
Trojans –Physical and virtual
Supplier payment diversion
Pensions liberation fraud
CYBER
Investment scams - vulnerable adults
Bad leavers
Organised crime
Bribery & corruption laws
Fake products
9© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
Old threats – KPMG investigations in Scotland in the last 3 years
Stealing petty cash and hiding the entries in balance sheet reconciliations
Taking advantage of poor segregation of duties to divert cash
Stealing employer’s IP to set up a new business
Inflated expense claims
Ordering goods and services for personal use / on-sale
False claims for grant funding
Procurement fraud involving kickbacks (three investigations)
Poor value supplier contracts and undeclared financial interests
Long term contract manipulation
Supplier payment diversion – yes people are still falling for it
10© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
The fraud triangle – what drives fraud?
Pressure
Opportunity
Rationalisation
“abuse of position, or false representation, or prejudicing someone's rights for personal gain'.Put simply, fraud is an act of deception intended for personal gain or to cause a loss to another party.”
Source, www.sfo.gov.uk
11© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
Case study
■ 38 year old female
■ Financial controller
■ Three years of service
■ £40,000 annual salary
12© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
Drivers of fraud – potential scenario
Pressure
Opportunity
Rationalisation
Pressure
■ Social Pressure (living out with means)
■ Addiction (clothing, cosmetic surgery, expensive lifestyle)
■ Financial pressure to keep up with addiction to lifestyle
Opportunity
■ Access to accounting system
■ Ability to add suppliers
■ Ability to amend payment details
■ Position of trust
Rationalisation
■ Perception of being underpaid
■ Deserve additional money
■ Victimless crime
■ Business doing well
13© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
Real world fraud
■ Financial Controller of small UK subsidiary (overseas parent company)
■ Had complete access to payments and accounts system and no immediate oversight from line managers
■ Had access to a bank account in the name of a local ‘Sports/Social’ club where she has previously been treasurer
■ Funds initially taken via company debit card from cash machines (£6,500)
■ Then as addiction increases funds were then taken via BACS payments to a bank account of the ‘Sports Club’, then transferred to fraudsters personal account for spending
■ Colleague took over control of petty cash reconciliation while fraudster on holiday and became suspicious when entries did not balance
“Financial Controller embezzles £85,000 to pay for cosmetic surgery and elaborate lifestyle)”
14© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
Profile of a fraudster
■ Male/Female
■ 36-45 years old
■ 3-5 years service
■ Senior management position
– Finance department
– Procurement
■ Working alone to perpetrate the fraud
■ Taking advantage of weak controls
■ Losses not recovered
15© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
Overview
What do we mean by financial crime?1
What drives fraud?2
What about AB&C and AML3
Prevention/Detection/Response 4
Questions5
16© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
Bribery & corruption
■ Tends to be higher up the agenda than fraud risk – Why?
■ Bribery Act 2010 – New requirements on UK companies
■ New corporate offence of failure to prevent bribery and corruption
■ No regulator to enforce in a non-FS environment – only criminal authorities
■ A number of pillars on adequate procedures per guidance issued by HMG
■ Key themes emerging:
– Facilitation payments in overseas jurisdictions are now more difficult to justify
– There has been a focus on travel and entertaining which is misplaced
– Paying bribes to win business is where the focus is
– Agents and other associated persons bring the risk home to a UK corporate
– Training / whistle-blowing lines/ due diligence
– Giving vs receiving bribes – relative risks
– Approach to be RISK based
17© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
Anti Money Laundering
■ No regulator to enforce standards
■ Less of an issue outside FS
■ Only some limited industries have specific KYC and transaction monitoring obligations:
– most UK financial and credit businesses such as currency exchange office, cheque cashers or money transmitters
– independent legal professionals
– accountants, tax advisers, auditors and insolvency practitioners
– estate agents
– casinos
– 'High Value Dealers' - businesses that accept cash payments for goods worth €15,000 or more either in a single transaction or in instalments
– Trust or Company Service Providers
■ For some SME’s money laundering puts them at a disadantage
18© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
Overview
What do we mean by financial crime?1
What drives fraud?2
What about AB&C and AML3
Prevention/Detection/Response 4
Questions5
19© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
Risk Awareness Monitoring
Anti-fraud framework: KPMG’s five pillar approach
Prevention
Response Detec
tion
Co
Informal risk methodology
Unstructured approach
Limited monitoring
Formal risk methodology
Structured approach
Established monitoring
Established risk assessment methodology
Risk appetite
Risk identification and assessment
Controls assessment and mitigation action
plans
Fraud awareness included within
induction
Fraud awareness training programme
Exit procedures
Fraud detection systems
Measure effectiveness of
reporting
Measure effectiveness of
policies and procedures
Measure effectiveness of risk
programmes and action plans
Measure effectiveness of
awareness programmes
Strategy
No strategic direction
Clear strategic direction
Relevant policies
Whistleblowing
Reporting structure
Employee and third party due diligence
Investigation processes
Risk strategy
Intelligence gathering
Communication channels developed
for sharing information
Governance
Disparate structures
Drive from the top
Aligned to, and supports, anti-fraud
strategy
Clear anti-fraud message
Executive buy-in and sponsorship
Management oversight
Clearly defined roles and responsibilities
Documented anti-fraud framework
Fraud risk management aims to achieve three core objectives:
Prevent instances of fraud and misconduct from occurring in the first place;
Detect instances when they do occur; and
Respond appropriately and take corrective action when instances arise.
These three objectives run through all the five pillars of an effective anti-fraud framework.
The five pillar framework set out below shows what we consider to be the key elements in an effective anti-fraud framework. The illustration below shows the key elements that should be developed under each pillar in moving towards good practice in an anti-fraud framework.
20© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
Red flags for look out for……
■ Poor controls - not followed/collusion/bending of rules
■ Lack of effective oversight/internal control checks not performed
■ Abuse of authority
■ Lack of segregation of duties
■ Weak fraud prevention policy
■ Sales or budgetary pressure
■ Remote locations (e.g. overseas)
■ Personal traits - control, lack of holidays, dominant character,
■ Unusual journals - time, people, amount
■ New suppliers - are they real?
■ False/unusual/duplicate invoices
21© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
Response – Dos and Don’ts
Do
Protect the evidence
Involve HR, Legal, IT (from the outset)
Consider suspending IT access rights
Check whether you have insurance
Consider speaking to the Police
Consider possible recoveries
Plan for success
Gather the facts before making decisions
Move to protect customer/supplier relationships if necessary
Consider self-reporting
Don’t
Jump to unsupported conclusions
Speak to a suspect without proper planning
Delve in the data looking for the smoking gun
Allow a suspect to keep their laptop, without making an image
Ignore your suspicions
22© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
■ Screening employees/partners (e.g. Astrus)
■ e-Learning
■ Risk Mapping
■ KPI production/recording
■ Fraud Management Strategy Assessment Tool (‘FMSAT’)
■ Integrity Thermometer
■ Continuous auditing
■ Continuous monitoring
■ Data mining
■ Whistle-blowing
■ Computer forensics and data analytics
■ Case management systems
■ Reporting systems
■ Knowledge management (e.g. investigation best practice)
Anti-fraud framework: technology and tools
The items listed below are some examples of where tools and technology can be used to assist in the development and support of an effective anti-fraud framework
Detection
Response
Prevention
Integrity Thermometer
23© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
It will never happen here.......
The Telegraph - September 2009
KPMG Director
■ Earning six figure salary falsely claimed £550,000 in expenses to fund his wife’s £15,000 per month spending
■ He made more than £100,000 a year as a director at KPMG
■ Fraud went undetected as he kept his expenses under the approval amount of £5,000
■ Only detected when a colleague became suspicious about his air claims, after claiming for £480,000 of travel expense with £243,000 supported by fake documents
■ The 49-year-old, was branded as “spineless” by the judge and sentenced to four years in prison
25© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
A final thought...
© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
The KPMG name, logo and ‘cutting through complexity’ are registered trademarks or trademarks of KPMG International.
The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavour to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act on such information without appropriate professional advice after a thorough examination of the particular situation.