viewer slides

7/29/2019 Viewer Slides

1/19

1Copyright2008 Deloitte Development LLC. All rights reserved.

Fraud Investigations: Considerations for Internal Auditors

Our program will begin at 1 PM ET, please stand by during

the silenceConnect to the audio feed.

Two optionsyour choice (the telephone method provides the best audioquality)

TelephoneToll Free US/Canada number

Call-in toll-free number (US/Canada) 866-699-3239

Call-in toll number (US/Canada) 1-408-792-6300

Meeting Number: 757 260 312

Through your computer (Audio Broadcast)

On the menu bar, choose Communicate > Join Audio Broadcast.

Your Audio broadcast panel appears:

2

Scott ShafferPartner, Corporate Investigations

Jack Moorman

Principal, Analytic & Forensic Technology

Toby J. F. BishopDirector, Deloitte Forensic Center

Deloitte Financial Advisory Services LLPNovember 6, 2008

Fraud Investigations: Considerationsfor Internal Auditors


2/19

3

Welcome to Todays Webinar!

Before we begin:

Our Panel

Polling Questions

CPE Requirements

Submit your questions for Q&A Session

4

Our Panel

Scott Shaffer

Partner, CorporateInvestigations

Jack Moorman

Principal, Analytic &ForensicTechnology

Toby J. F. Bishop

Director, Deloitte Forensic Center


3/19

5

CPE RequirementsOnly registered participants will be eligible to receive CPE credit.

A series of polling questions will be posed.

You must respond to 70% of the polling questions to receive credit.

Be sure to click the submit button.

Must view the entire webinar. Early departure might result indecreased CPE award.

An evaluation will appear when you exit the webinar, your feedback isimportant to us.

NO CPE is available for the recorded version of this webinar.

6

Submit Questions to Panelists

Live viewing audience:

To submit a question, type the question into the Q & A panel section.

If your question is to a specific panelist please state the panelist name in yourquestion.

Select the Send button

Please use the CHAT feature only for technical assistance or call Webex technicalsupport at 1-866-229-3239 (US and Canada Toll-Free)+1-408-435-7088 (International Toll)


4/19

7

Demographic PollingHow many viewers are watching the webinar at yourlocation?

a) 1 - I am the only viewer

b) 2 to 4 viewers

c) 5 to 7 viewers

d) 8 to 10 viewers

e) More than 10 viewers


Course Objectives Identify potential risks of "just taking a look"

to determine the validity of an allegation

Assemble different skill sets needed for aparticular investigation

Work through challenges involved ininternational investigations and supply chain

issues Gather and preserve evidence in a way that

maintains admissibility in court proceedings


5/19


Course Objectives (cont.)

Understand computer forensics: identifying"smoking gun" emails and other electronicevidence

Know strategies and techniques forinterviewing witnesses and potentialsuspects

Report results: what, how, to whom, and

why?


Resources IIA Guidance Managing the Business Risk of Fraud:

a practical guide

New Guidance Issued July 7, 2008

Joint project of IIA, AICPA & ACFE

Sections on: Fraud Risk Governance Fraud Risk Assessment Fraud Prevention Fraud Detection

Fraud Investigation andCorrective Action


6/19


Resources IIA Guidance

Practice Advisory 1210.A2-2

IA responsibilities related toinvestigating fraud allegations:

Managements role

Internal auditors role

Investigators role

Reporting on fraud

Resolution of fraud incidents

Communications

Opinion on IC related to fraud


Polling Question 1 How many years of experience do you have

performing fraud investigations?

a)More than 10 years

b)6 10 years

c)25 years

d)Less than 2 years

e)None


7/19


Risks of Just Taking a Look

Tipping off suspects

Intentional destruction of evidence

Fabrication of evidence; witness intimidation

Loss of electronic evidence due to delayedinvestigation

Back-Up Tapes

Email server dataautomatic archive/ delete

Inadvertent spoliation of evidence

Risk that shortcuts might compromise findings


Investigation Team Skill Sets Computer forensics

Data gathering & data analysis

Interviewing skills

Fact-finding & eliciting confessions

Forensic accounting

Business knowledge/ Company policy

Language capabilities Legal/ Compliance

Potential attorney-client privilege


8/19


Polling Question 2

Who normally performs fraud investigations withinyour organization?

a)Internal audit

b)Fraud/security

c)Legal

d)External investigators

e)A team of internal and external personnel

f)NA/Dont know


Supply Chain Issues Supply Chain Fraud Schemes

Kickbacks

Related parties/ Conflict of interest

Duplicate payments

Fictitious vendors

False or inflated invoices

Excess purchasing


9/19


International Challenges

Local laws & regulations affectinginvestigations

Coordination of General Counsel, InternalAudit, and compliance groups across borders

Security, confidentiality, and privacy issues

Language and cultural barriers

Knowledge of local business practices


Polling Question 3 How does your organization staff fraud

investigations in foreign countries?

a)Our staff travel

b)We use local staff

c)We use a variety of local external investigators

d)We use a single external provider

e)NA/Dont know


10/19


Gathering & Preserving Evidence

Collecting evidence - things to consider What evidence should be collected

Appropriate method of evidence collection

Timing and priority of evidence collection

Privacy implications

Technology implications

Chain of Custody

Evidence verification and security

Retention requirements


Gathering & Preserving Evidence Evidence handling

Chain of custody tracking from collection to final disposition

Collection techniques that provide a means of verification (MD5, SHA1hashes)

Proper transport of electronic evidence

Proper facilities for electronic evidence storage

Separate access control for sensitive or foreign data

Trained evidence personnel to manage evidence

Evidence Analysis:

Hash library and file signatures Meta-data

Deletion activity

Encrypted, hidden, or encoded data

Behavioral artifacts


11/19


Potential sources of electronic evidence

Production systems: e-mail, instant messaging, enterprise database, fax,

document imaging, voice, and telephony systems

Network file shares, local desktop, or laptop file systems, portable storage

media such as CDs, DVDs, flash drives, or external hard drives

Enterprise records management or other archival systems

Backup and disaster recovery media

Handheld devices such as PDAs and mobile phones

Data maintained by external vendors or service bureaus

Computer Forensics in Investigations


Review methods

Culling based on

Custodian

Time and date range

File type and location

Searching electronic files

Privilege

Keywords

Patterns

Conceptual

Contextual



12/19


Factors in deciding between in-house and external forensiccapabilities

Cost (laboratory environment, software, hardware)

Personnel (training, qualifications, experience)

Responsiveness (scalable and reactive resources)

Court presentation capability (expert witness experience,

independent third party requirements)



Polling Question 4 How does your organization gather electronic

evidence to support fraud investigations?

a)In-house personnel qualified in computer forensics

b)Other internal audit personnel

c)Other IT personnel

d)External computer forensic specialists

e)We dont gather electronic evidencef)NA/ Dont know


13/19


Interviewing Witnesses and Suspects

Who to interview Informants, victims, witnesses, co-conspirators, suspects

When to interview

At any stage of the investigation

To confirm or refute any information/ evidence gathered

Where to interview

Private rooms

Locations without distractions such as telephones, windows, or other

people

In a location that you control

Let the interviewee sit near the door to avoid feeling trapped

Allows you to observe non-verbal behaviors and body language

Avoid interviewing alone


Interviewing Witnesses Informational Interview Methodologies

Context reinstatement revisit scene or recreate events

Extensive and varied retrievalVarying chronologicalorder to aid concentration

ConcentrationAvoid distractions

ImageryUse different senses

Control of information with the witnessInterviewer isthe facilitator

Compatible questioningUse the witness own words toassist concentration


14/19


Interviewing Suspects

Investigative Interview Methodologies Direct AccusationAvoid strong words like steal, fraud,

kickbacks

Observe reactions

Cut off denials

Establish rationalizations

Stop alibis

Present alternatives to obtain initial confession

Reinforce rationalizations

Probe for details Obtain a written confession


Reporting Results How to report findings:

Oral or written communication

Who to report findings to:

Management

Board of Directors/ Audit Committee

Regulators/ Authorities

What to report:

Description of procedures performed

Communicate findings or facts learned as a result of the procedures

performed Include restriction on distribution of report, where applicable

Generally, do not state opinions

Why report findings:

Help drive consistency in resolving allegations


15/19


Polling Question 5

Our organizations fraud investigation capabilitieswould best be enhanced by:

a)Greater computer forensic capabilities

b)Enhanced interviewing skills

c)Better resources for international investigations

d)All of the above

e)NA/Dont know


How to Prepare for Investigations Implement consistent process for evaluating allegations

Develop investigation protocols

Reporting lines

Methodologies

Identify resources to be used

Internal resources (internal audit, legal, HR, etc.)

Computer forensics

Forensic accounting

International


16/19

31

Question and Answer SessionLive viewing audience:

To submit a question, type the question into the Q & A panel section.

If your question is to a specific panelist please state the panelist name in

your question.

Select the Send button


Contact InformationScott Shaffer

[email protected]

(312) 486-4755

Jack Moorman

[email protected]

(312) 486-4559

Toby J. F. Bishop

[email protected]

(312) 486-5636

Deloitte Forensic Center

www.deloitte.com/us/forensiccenter
http://www.deloitte.com/us/forensiccenter


17/19


Webinar Evaluation

Please take a moment to complete the webinar evaluation, which willappear in a separate pop-up window when you exit the webinar.

We appreciate your feedback.


CPE Certificate

Registered participants who have met the CPE requirements will accesstheir certificate from the Completed Courses page in The IIAs onlinelearning system, GEAR.

Certificates will be available for download in approximately one week.


18/19


Thank you for participating!Please join us for The IIAs upcoming webinars:

Live CPE only;Presented inassociation withDeloitte

FraudHot

Topic

December 4 Fraud Considerations in thePerformance of

Procurement Audits

Live NASBA CPE

CPE available forPlayback (non-NASBA)

IIAEmerging Technology

Risks: What InternalAuditors Should Know

November 11

Live CPE only;Presented inassociation withDeloitte

IT Hot

Topic

Identifying and Managing

Risk inOutsourcing/Offshoring

Arrangements

November 20

Live NASBA CPE

CPE available forPlayback (non-NASBA)

IIAIFRS: InternationalFinancial Reporting

Standards

December 2

NotesTypeTopicDate

36

The information contained in this publication is for generalpurposes only and is not intended, and should not beconstrued, as legal, accounting, or tax advice or opinionprovided by Deloitte to the reader. This material may notbe applicable or suitable for, the readers specificcircumstances of needs. Therefore, the information shouldnot be used as a substitute for consultation withprofessional accounting, tax, or other competent advisors.Please contact a local Deloitte professional before taking

any action based upon this information.


19/19

37

About Deloitte

Deloitte refers to one or more of Deloitte Touche Tohmatsu,a Swiss Verein, and its network of member firms, each ofwhich is a legally separate and independent entity. Pleasesee www.deloitte.com/about for a detailed description of thelegal structure of Deloitte Touche Tohmatsu and its memberfirms. Please see www.deloitte.com/us/about for a detaileddescription of the legal structure of Deloitte LLP and itssubsidiaries.

38 A member firm ofDeloitte Touche TohmatsuCopyright2008 Deloitte Development LLC. All rights reserved.
http://www.deloitte.com/us/aboutforhttp://www.deloitte.com/aboutfor

viewer slides

Documents