tackling financial crime a non fs view ior conference november 2014

Tackling financial crime

A non FS view

IOR Conference

November 2014

2© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.

Overview

What do we mean by financial crime?1

What drives fraud?2

What about AB&C and AML3

Prevention/Detection/Response 4

Questions5


Overview


What drives fraud?2



Questions5


Investigations and compliance

“Standard Bank PLC fined £7.6m for failures in its anti-money laundering controls”

Source, FCA, 23 January 2014

“Commerzbank said to be investigated over money laundering charges.”

Source, Reuters, September 2014

“Firm fined £1.8million for ‘unacceptable’ approach to bribery and corruption risks from overseas payments”

Source, FCA ,19 December 2013

“The Financial Conduct Authority (FCA) has fined Besso Limited £315,000 for a failure to take reasonable care to establish and maintain effective systems and controls for countering the risks of bribery and corruption”

Source, FCA ,19 March 2014

FRAUD

BRIBERY

MONEYLAUNDERING


Overview


What drives fraud?2



Questions5


The landscape – fraud losses by victim

NFA – Annual Fraud Indictor 2013


KPMG Fraud BarometerNumber of UK fraud cases by perpetrator

0

50

100

150

200

250

300

1987 1988 1989 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006

employee management professional advisor other/unknown customer professional criminals


New threats

Trojans –Physical and virtual

Supplier payment diversion

Pensions liberation fraud

CYBER

Investment scams - vulnerable adults

Bad leavers

Organised crime

Bribery & corruption laws

Fake products


Old threats – KPMG investigations in Scotland in the last 3 years

Stealing petty cash and hiding the entries in balance sheet reconciliations

Taking advantage of poor segregation of duties to divert cash

Stealing employer’s IP to set up a new business

Inflated expense claims

Ordering goods and services for personal use / on-sale

False claims for grant funding

Procurement fraud involving kickbacks (three investigations)

Poor value supplier contracts and undeclared financial interests

Long term contract manipulation

Supplier payment diversion – yes people are still falling for it


The fraud triangle – what drives fraud?

Pressure

Opportunity

Rationalisation

“abuse of position, or false representation, or prejudicing someone's rights for personal gain'.Put simply, fraud is an act of deception intended for personal gain or to cause a loss to another party.”

Source, www.sfo.gov.uk


Case study

■ 38 year old female

■ Financial controller

■ Three years of service

■ £40,000 annual salary


Drivers of fraud – potential scenario

Pressure

Opportunity

Rationalisation

Pressure

■ Social Pressure (living out with means)

■ Addiction (clothing, cosmetic surgery, expensive lifestyle)

■ Financial pressure to keep up with addiction to lifestyle

Opportunity

■ Access to accounting system

■ Ability to add suppliers

■ Ability to amend payment details

■ Position of trust

Rationalisation

■ Perception of being underpaid

■ Deserve additional money

■ Victimless crime

■ Business doing well


Real world fraud

■ Financial Controller of small UK subsidiary (overseas parent company)

■ Had complete access to payments and accounts system and no immediate oversight from line managers

■ Had access to a bank account in the name of a local ‘Sports/Social’ club where she has previously been treasurer

■ Funds initially taken via company debit card from cash machines (£6,500)

■ Then as addiction increases funds were then taken via BACS payments to a bank account of the ‘Sports Club’, then transferred to fraudsters personal account for spending

■ Colleague took over control of petty cash reconciliation while fraudster on holiday and became suspicious when entries did not balance

“Financial Controller embezzles £85,000 to pay for cosmetic surgery and elaborate lifestyle)”


Profile of a fraudster

■ Male/Female

■ 36-45 years old

■ 3-5 years service

■ Senior management position

– Finance department

– Procurement

■ Working alone to perpetrate the fraud

■ Taking advantage of weak controls

■ Losses not recovered


Overview


What drives fraud?2



Questions5


Bribery & corruption

■ Tends to be higher up the agenda than fraud risk – Why?

■ Bribery Act 2010 – New requirements on UK companies

■ New corporate offence of failure to prevent bribery and corruption

■ No regulator to enforce in a non-FS environment – only criminal authorities

■ A number of pillars on adequate procedures per guidance issued by HMG

■ Key themes emerging:

– Facilitation payments in overseas jurisdictions are now more difficult to justify

– There has been a focus on travel and entertaining which is misplaced

– Paying bribes to win business is where the focus is

– Agents and other associated persons bring the risk home to a UK corporate

– Training / whistle-blowing lines/ due diligence

– Giving vs receiving bribes – relative risks

– Approach to be RISK based


Anti Money Laundering

■ No regulator to enforce standards

■ Less of an issue outside FS

■ Only some limited industries have specific KYC and transaction monitoring obligations:

– most UK financial and credit businesses such as currency exchange office, cheque cashers or money transmitters

– independent legal professionals

– accountants, tax advisers, auditors and insolvency practitioners

– estate agents

– casinos

– 'High Value Dealers' - businesses that accept cash payments for goods worth €15,000 or more either in a single transaction or in instalments

– Trust or Company Service Providers

■ For some SME’s money laundering puts them at a disadantage


Overview


What drives fraud?2



Questions5


Risk Awareness Monitoring

Anti-fraud framework: KPMG’s five pillar approach

Prevention

Response Detec

tion

Co

Informal risk methodology

Unstructured approach

Limited monitoring

Formal risk methodology

Structured approach

Established monitoring

Established risk assessment methodology

Risk appetite

Risk identification and assessment

Controls assessment and mitigation action

plans

Fraud awareness included within

induction

Fraud awareness training programme

Exit procedures

Fraud detection systems

Measure effectiveness of

reporting


policies and procedures

Measure effectiveness of risk

programmes and action plans


awareness programmes

Strategy

No strategic direction

Clear strategic direction

Relevant policies

Whistleblowing

Reporting structure

Employee and third party due diligence

Investigation processes

Risk strategy

Intelligence gathering

Communication channels developed

for sharing information

Governance

Disparate structures

Drive from the top

Aligned to, and supports, anti-fraud

strategy

Clear anti-fraud message

Executive buy-in and sponsorship

Management oversight

Clearly defined roles and responsibilities

Documented anti-fraud framework

Fraud risk management aims to achieve three core objectives:

Prevent instances of fraud and misconduct from occurring in the first place;

Detect instances when they do occur; and

Respond appropriately and take corrective action when instances arise.

These three objectives run through all the five pillars of an effective anti-fraud framework.

The five pillar framework set out below shows what we consider to be the key elements in an effective anti-fraud framework. The illustration below shows the key elements that should be developed under each pillar in moving towards good practice in an anti-fraud framework.


Red flags for look out for……

■ Poor controls - not followed/collusion/bending of rules

■ Lack of effective oversight/internal control checks not performed

■ Abuse of authority

■ Lack of segregation of duties

■ Weak fraud prevention policy

■ Sales or budgetary pressure

■ Remote locations (e.g. overseas)

■ Personal traits - control, lack of holidays, dominant character,

■ Unusual journals - time, people, amount

■ New suppliers - are they real?

■ False/unusual/duplicate invoices


Response – Dos and Don’ts

Do

Protect the evidence

Involve HR, Legal, IT (from the outset)

Consider suspending IT access rights

Check whether you have insurance

Consider speaking to the Police

Consider possible recoveries

Plan for success

Gather the facts before making decisions

Move to protect customer/supplier relationships if necessary

Consider self-reporting

Don’t

Jump to unsupported conclusions

Speak to a suspect without proper planning

Delve in the data looking for the smoking gun

Allow a suspect to keep their laptop, without making an image

Ignore your suspicions


■ Screening employees/partners (e.g. Astrus)

■ e-Learning

■ Risk Mapping

■ KPI production/recording

■ Fraud Management Strategy Assessment Tool (‘FMSAT’)

■ Integrity Thermometer

■ Continuous auditing

■ Continuous monitoring

■ Data mining

■ Whistle-blowing

■ Computer forensics and data analytics

■ Case management systems

■ Reporting systems

■ Knowledge management (e.g. investigation best practice)

Anti-fraud framework: technology and tools

The items listed below are some examples of where tools and technology can be used to assist in the development and support of an effective anti-fraud framework

Detection

Response

Prevention

Integrity Thermometer


It will never happen here.......

The Telegraph - September 2009

KPMG Director

■ Earning six figure salary falsely claimed £550,000 in expenses to fund his wife’s £15,000 per month spending

■ He made more than £100,000 a year as a director at KPMG

■ Fraud went undetected as he kept his expenses under the approval amount of £5,000

■ Only detected when a colleague became suspicious about his air claims, after claiming for £480,000 of travel expense with £243,000 supported by fake documents

■ The 49-year-old, was branded as “spineless” by the judge and sentenced to four years in prison

Questions

Contact Details:

Ken [email protected]

??

?


A final thought...

© 2014 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.

The KPMG name, logo and ‘cutting through complexity’ are registered trademarks or trademarks of KPMG International.

The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavour to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act on such information without appropriate professional advice after a thorough examination of the particular situation.

tackling financial crime a non fs view ior conference november 2014

Documents

kpmg llp

kpmg screen

swiss entity

financial crime

besso limited

fraud element

landscape fraud losses

corruption source