viewer slides
TRANSCRIPT
-
7/29/2019 Viewer Slides
1/19
1Copyright2008 Deloitte Development LLC. All rights reserved.
Fraud Investigations: Considerations for Internal Auditors
Our program will begin at 1 PM ET, please stand by during
the silenceConnect to the audio feed.
Two optionsyour choice (the telephone method provides the best audioquality)
TelephoneToll Free US/Canada number
Call-in toll-free number (US/Canada) 866-699-3239
Call-in toll number (US/Canada) 1-408-792-6300
Meeting Number: 757 260 312
Through your computer (Audio Broadcast)
On the menu bar, choose Communicate > Join Audio Broadcast.
Your Audio broadcast panel appears:
2
Scott ShafferPartner, Corporate Investigations
Jack Moorman
Principal, Analytic & Forensic Technology
Toby J. F. BishopDirector, Deloitte Forensic Center
Deloitte Financial Advisory Services LLPNovember 6, 2008
Fraud Investigations: Considerationsfor Internal Auditors
-
7/29/2019 Viewer Slides
2/19
3
Welcome to Todays Webinar!
Before we begin:
Our Panel
Polling Questions
CPE Requirements
Submit your questions for Q&A Session
4
Our Panel
Scott Shaffer
Partner, CorporateInvestigations
Jack Moorman
Principal, Analytic &ForensicTechnology
Toby J. F. Bishop
Director, Deloitte Forensic Center
-
7/29/2019 Viewer Slides
3/19
5
CPE RequirementsOnly registered participants will be eligible to receive CPE credit.
A series of polling questions will be posed.
You must respond to 70% of the polling questions to receive credit.
Be sure to click the submit button.
Must view the entire webinar. Early departure might result indecreased CPE award.
An evaluation will appear when you exit the webinar, your feedback isimportant to us.
NO CPE is available for the recorded version of this webinar.
6
Submit Questions to Panelists
Live viewing audience:
To submit a question, type the question into the Q & A panel section.
If your question is to a specific panelist please state the panelist name in yourquestion.
Select the Send button
Please use the CHAT feature only for technical assistance or call Webex technicalsupport at 1-866-229-3239 (US and Canada Toll-Free)+1-408-435-7088 (International Toll)
-
7/29/2019 Viewer Slides
4/19
7
Demographic PollingHow many viewers are watching the webinar at yourlocation?
a) 1 - I am the only viewer
b) 2 to 4 viewers
c) 5 to 7 viewers
d) 8 to 10 viewers
e) More than 10 viewers
8Copyright2008 Deloitte Development LLC. All rights reserved.
Course Objectives Identify potential risks of "just taking a look"
to determine the validity of an allegation
Assemble different skill sets needed for aparticular investigation
Work through challenges involved ininternational investigations and supply chain
issues Gather and preserve evidence in a way that
maintains admissibility in court proceedings
-
7/29/2019 Viewer Slides
5/19
9Copyright2008 Deloitte Development LLC. All rights reserved.
Course Objectives (cont.)
Understand computer forensics: identifying"smoking gun" emails and other electronicevidence
Know strategies and techniques forinterviewing witnesses and potentialsuspects
Report results: what, how, to whom, and
why?
10Copyright2008 Deloitte Development LLC. All rights reserved.
Resources IIA Guidance Managing the Business Risk of Fraud:
a practical guide
New Guidance Issued July 7, 2008
Joint project of IIA, AICPA & ACFE
Sections on: Fraud Risk Governance Fraud Risk Assessment Fraud Prevention Fraud Detection
Fraud Investigation andCorrective Action
-
7/29/2019 Viewer Slides
6/19
11Copyright2008 Deloitte Development LLC. All rights reserved.
Resources IIA Guidance
Practice Advisory 1210.A2-2
IA responsibilities related toinvestigating fraud allegations:
Managements role
Internal auditors role
Investigators role
Reporting on fraud
Resolution of fraud incidents
Communications
Opinion on IC related to fraud
12Copyright2008 Deloitte Development LLC. All rights reserved.
Polling Question 1 How many years of experience do you have
performing fraud investigations?
a)More than 10 years
b)6 10 years
c)25 years
d)Less than 2 years
e)None
-
7/29/2019 Viewer Slides
7/19
13Copyright2008 Deloitte Development LLC. All rights reserved.
Risks of Just Taking a Look
Tipping off suspects
Intentional destruction of evidence
Fabrication of evidence; witness intimidation
Loss of electronic evidence due to delayedinvestigation
Back-Up Tapes
Email server dataautomatic archive/ delete
Inadvertent spoliation of evidence
Risk that shortcuts might compromise findings
14Copyright2008 Deloitte Development LLC. All rights reserved.
Investigation Team Skill Sets Computer forensics
Data gathering & data analysis
Interviewing skills
Fact-finding & eliciting confessions
Forensic accounting
Business knowledge/ Company policy
Language capabilities Legal/ Compliance
Potential attorney-client privilege
-
7/29/2019 Viewer Slides
8/19
15Copyright2008 Deloitte Development LLC. All rights reserved.
Polling Question 2
Who normally performs fraud investigations withinyour organization?
a)Internal audit
b)Fraud/security
c)Legal
d)External investigators
e)A team of internal and external personnel
f)NA/Dont know
16Copyright2008 Deloitte Development LLC. All rights reserved.
Supply Chain Issues Supply Chain Fraud Schemes
Kickbacks
Related parties/ Conflict of interest
Duplicate payments
Fictitious vendors
False or inflated invoices
Excess purchasing
-
7/29/2019 Viewer Slides
9/19
17Copyright2008 Deloitte Development LLC. All rights reserved.
International Challenges
Local laws & regulations affectinginvestigations
Coordination of General Counsel, InternalAudit, and compliance groups across borders
Security, confidentiality, and privacy issues
Language and cultural barriers
Knowledge of local business practices
18Copyright2008 Deloitte Development LLC. All rights reserved.
Polling Question 3 How does your organization staff fraud
investigations in foreign countries?
a)Our staff travel
b)We use local staff
c)We use a variety of local external investigators
d)We use a single external provider
e)NA/Dont know
-
7/29/2019 Viewer Slides
10/19
19Copyright2008 Deloitte Development LLC. All rights reserved.
Gathering & Preserving Evidence
Collecting evidence - things to consider What evidence should be collected
Appropriate method of evidence collection
Timing and priority of evidence collection
Privacy implications
Technology implications
Chain of Custody
Evidence verification and security
Retention requirements
20Copyright2008 Deloitte Development LLC. All rights reserved.
Gathering & Preserving Evidence Evidence handling
Chain of custody tracking from collection to final disposition
Collection techniques that provide a means of verification (MD5, SHA1hashes)
Proper transport of electronic evidence
Proper facilities for electronic evidence storage
Separate access control for sensitive or foreign data
Trained evidence personnel to manage evidence
Evidence Analysis:
Hash library and file signatures Meta-data
Deletion activity
Encrypted, hidden, or encoded data
Behavioral artifacts
-
7/29/2019 Viewer Slides
11/19
21Copyright2008 Deloitte Development LLC. All rights reserved.
Potential sources of electronic evidence
Production systems: e-mail, instant messaging, enterprise database, fax,
document imaging, voice, and telephony systems
Network file shares, local desktop, or laptop file systems, portable storage
media such as CDs, DVDs, flash drives, or external hard drives
Enterprise records management or other archival systems
Backup and disaster recovery media
Handheld devices such as PDAs and mobile phones
Data maintained by external vendors or service bureaus
Computer Forensics in Investigations
22Copyright2008 Deloitte Development LLC. All rights reserved.
Review methods
Culling based on
Custodian
Time and date range
File type and location
Searching electronic files
Privilege
Keywords
Patterns
Conceptual
Contextual
Computer Forensics in Investigations
-
7/29/2019 Viewer Slides
12/19
23Copyright2008 Deloitte Development LLC. All rights reserved.
Factors in deciding between in-house and external forensiccapabilities
Cost (laboratory environment, software, hardware)
Personnel (training, qualifications, experience)
Responsiveness (scalable and reactive resources)
Court presentation capability (expert witness experience,
independent third party requirements)
Computer Forensics in Investigations
24Copyright2008 Deloitte Development LLC. All rights reserved.
Polling Question 4 How does your organization gather electronic
evidence to support fraud investigations?
a)In-house personnel qualified in computer forensics
b)Other internal audit personnel
c)Other IT personnel
d)External computer forensic specialists
e)We dont gather electronic evidencef)NA/ Dont know
-
7/29/2019 Viewer Slides
13/19
25Copyright2008 Deloitte Development LLC. All rights reserved.
Interviewing Witnesses and Suspects
Who to interview Informants, victims, witnesses, co-conspirators, suspects
When to interview
At any stage of the investigation
To confirm or refute any information/ evidence gathered
Where to interview
Private rooms
Locations without distractions such as telephones, windows, or other
people
In a location that you control
Let the interviewee sit near the door to avoid feeling trapped
Allows you to observe non-verbal behaviors and body language
Avoid interviewing alone
26Copyright2008 Deloitte Development LLC. All rights reserved.
Interviewing Witnesses Informational Interview Methodologies
Context reinstatement revisit scene or recreate events
Extensive and varied retrievalVarying chronologicalorder to aid concentration
ConcentrationAvoid distractions
ImageryUse different senses
Control of information with the witnessInterviewer isthe facilitator
Compatible questioningUse the witness own words toassist concentration
-
7/29/2019 Viewer Slides
14/19
27Copyright2008 Deloitte Development LLC. All rights reserved.
Interviewing Suspects
Investigative Interview Methodologies Direct AccusationAvoid strong words like steal, fraud,
kickbacks
Observe reactions
Cut off denials
Establish rationalizations
Stop alibis
Present alternatives to obtain initial confession
Reinforce rationalizations
Probe for details Obtain a written confession
28Copyright2008 Deloitte Development LLC. All rights reserved.
Reporting Results How to report findings:
Oral or written communication
Who to report findings to:
Management
Board of Directors/ Audit Committee
Regulators/ Authorities
What to report:
Description of procedures performed
Communicate findings or facts learned as a result of the procedures
performed Include restriction on distribution of report, where applicable
Generally, do not state opinions
Why report findings:
Help drive consistency in resolving allegations
-
7/29/2019 Viewer Slides
15/19
29Copyright2008 Deloitte Development LLC. All rights reserved.
Polling Question 5
Our organizations fraud investigation capabilitieswould best be enhanced by:
a)Greater computer forensic capabilities
b)Enhanced interviewing skills
c)Better resources for international investigations
d)All of the above
e)NA/Dont know
30Copyright2008 Deloitte Development LLC. All rights reserved.
How to Prepare for Investigations Implement consistent process for evaluating allegations
Develop investigation protocols
Reporting lines
Methodologies
Identify resources to be used
Internal resources (internal audit, legal, HR, etc.)
Computer forensics
Forensic accounting
International
-
7/29/2019 Viewer Slides
16/19
31
Question and Answer SessionLive viewing audience:
To submit a question, type the question into the Q & A panel section.
If your question is to a specific panelist please state the panelist name in
your question.
Select the Send button
32Copyright2008 Deloitte Development LLC. All rights reserved.
Contact InformationScott Shaffer
(312) 486-4755
Jack Moorman
(312) 486-4559
Toby J. F. Bishop
(312) 486-5636
Deloitte Forensic Center
www.deloitte.com/us/forensiccenter
http://www.deloitte.com/us/forensiccenter -
7/29/2019 Viewer Slides
17/19
33Copyright2008 Deloitte Development LLC. All rights reserved.
Webinar Evaluation
Please take a moment to complete the webinar evaluation, which willappear in a separate pop-up window when you exit the webinar.
We appreciate your feedback.
34Copyright2008 Deloitte Development LLC. All rights reserved.
CPE Certificate
Registered participants who have met the CPE requirements will accesstheir certificate from the Completed Courses page in The IIAs onlinelearning system, GEAR.
Certificates will be available for download in approximately one week.
-
7/29/2019 Viewer Slides
18/19
35Copyright2008 Deloitte Development LLC. All rights reserved.
Thank you for participating!Please join us for The IIAs upcoming webinars:
Live CPE only;Presented inassociation withDeloitte
FraudHot
Topic
December 4 Fraud Considerations in thePerformance of
Procurement Audits
Live NASBA CPE
CPE available forPlayback (non-NASBA)
IIAEmerging Technology
Risks: What InternalAuditors Should Know
November 11
Live CPE only;Presented inassociation withDeloitte
IT Hot
Topic
Identifying and Managing
Risk inOutsourcing/Offshoring
Arrangements
November 20
Live NASBA CPE
CPE available forPlayback (non-NASBA)
IIAIFRS: InternationalFinancial Reporting
Standards
December 2
NotesTypeTopicDate
36
The information contained in this publication is for generalpurposes only and is not intended, and should not beconstrued, as legal, accounting, or tax advice or opinionprovided by Deloitte to the reader. This material may notbe applicable or suitable for, the readers specificcircumstances of needs. Therefore, the information shouldnot be used as a substitute for consultation withprofessional accounting, tax, or other competent advisors.Please contact a local Deloitte professional before taking
any action based upon this information.
-
7/29/2019 Viewer Slides
19/19
37
About Deloitte
Deloitte refers to one or more of Deloitte Touche Tohmatsu,a Swiss Verein, and its network of member firms, each ofwhich is a legally separate and independent entity. Pleasesee www.deloitte.com/about for a detailed description of thelegal structure of Deloitte Touche Tohmatsu and its memberfirms. Please see www.deloitte.com/us/about for a detaileddescription of the legal structure of Deloitte LLP and itssubsidiaries.
38 A member firm ofDeloitte Touche TohmatsuCopyright2008 Deloitte Development LLC. All rights reserved.
http://www.deloitte.com/us/aboutforhttp://www.deloitte.com/aboutfor