Would you know if fraud was occurring in your organisation?
Do you know what the major fraud risks are in your business?
Does your organisation have a fraud prevention strategy?
Do you have a formal programme to tackle the risk posed by fraud?
Do you have the use of any automated fraud detection techniques?
If fraud is suspected do you have a clearly defined approach for managing the investigation?

If you have answered “no” to any of the above questions you are not alone.

Recent surveys have revealed that many organisations do not have a formalised approach to fraud prevention, detection or investigation. Furthermore most survey respondents stated that their staff did not receive any fraud awareness training.

• Many organisations rely on internal controls to prevent and detect fraud. This is unwise. The fraudster invariably knows your controls well and how to bypass them.
• Futhermore, in today’s competitive environment internal controls have often been compromised as a result of restructuring, removal of management layers and employee empowerment
• Complacency, poorly applied procedures and the increasing pace of change are the fraudster’s main allies
• Add to this the ever-increasing reliance on technology, and it is no great surprise that fraud is escalating both in frequency and magnitude – in all industry sectors and all economies.
• The most worrying factor however is that fraud will be primarily committed by your own staff, and by those you probably trust the most
• One recent survey revealed that 84% of the worst frauds were committed by employees, nearly half of whom were managers with more than 5 years service.

This 2 day course delivered by Internationally recognised expert Phil Griffiths, Managing Director of Business Risk Management Ltd, will enable participants to

1. develop a best practice fraud prevention programme, using the latest techniques,
2. understand and apply data mining techniques to target fraud .
3. develop a successful fraud investigation strategy and clearly defined approach
   

Who Should Attend?

Financial and General management , Internal audit managers, Security management, Fraud officers, Risk management professionals, Compliance officers, Consultants and advisors.

Course Outline

Day 1 - Understanding the Risks and Evaluating the Controls

Background

• Fraud explained: definitions and nuances
• Who commits fraud?
• Trends and statistics regarding detected fraud
• Why fraud is probably being perpetrated now in your organisation.

Case histories

• 20 fraud case histories and the lessons to learn

Evaluating the fraud risks

• Building a picture of the major fraud risks in an organisation.
   An interactive case study

  Exercise 1 : Identifying the fraud Risks in your organisation

Fraud mitigation

• The top 20 fraud indicators
• How to spot the danger signals
• Identifying the vulnerable areas in your organisation.
• Fraud Mitigation

  Exercise 2 : Fraud mitigation – what is in place to prevent the frauds occurring

Evaluating current arrangements

• Why traditional internal controls are unlikely to prevent fraud.
• Putting yourself in the mind of the fraudster
• Examination of typical controls in place to mitigate the risks identified in the case study.

  Exercise 3 : A team exercise to allow you to experience the risks

• Outline of a successful fraud prevention programme.

Implementing a best practice fraud prevention process

• Introducing effective anti-fraud policies
• Creating a fraud consciousness loop
• Development of a fraud awareness training programme
• Communicating standards of expected behaviour /ethics
• The need for strong and consistent action when fraud is suspected.
• Security as a proactive prevention vehicle eg the use of Security Roadshows
• Electronic data and asset protection
• The relationship between fraud, risk and control
• The roles, responsibilities and liabilities of auditors, management, specialists and others

  Exercise 4 : Developing a fraud awareness training programme

Aiming for a cost-effective balance between prevention and detection

• Use of management check-lists
• The need to be able to think like a fraudster – to be able to prevent it
• Company policy on consequences of committing fraud
• Facilitation of whistle blowing
• Pros and cons of external hot-lines
• Use of specialists to aid detection and investigation
• Preparing and implementing fraud contingency plans
• How to ensure fraud investigation is always given top priority
• Use of successful fraud investigation as a moral deterrent
• Managing the external coverage of proven fraud

  Exercise 5 : Case Study – how to think like a fraudster
  

Day 2 – Detection and Investigation

Data mining as a fraud detection tool

• Fraud profiling – how to target the right systems
• Static and dynamic profiling
• R isk scoring
• Fraud Risk prioritisation
• How to get the information you need
• The use of Internal databases
• Demonstration of External databases
• Other Government Sources
• Data Validation
• Automated fraud detection
• Example of a working model
• How to put the techniques into use in your organisation.

Proactive fraud detection techniques

• Audit software – the tools available (inc demonstration)
• More advanced techniques
• Link analysis, Intelligence management
• Practical uses of data mining and the results achievable

  Exercise 6 : Determining tests and comparisons you can undertake to target the areas of risk in your organisation

Internal audit programmes

• Designing proactive IA programmes
• Auditors fraud toolkit
• How to target fraud sensitivity by completing specific fraud audits

What to do when you suspect fraud

• How to react when fraud is suspected
• How to decide who needs to be told

  Exercise 7 : Typical fraud scenario – the anonymous letter

• How to respond to anonymous letters
• Identifying misleading and malicious allegations
• How to deal with tips obtained from hotlines etc
• How to decide if you need outside help (forensic accountants etc)

Managing the investigation

• The need for thorough planning
• Determining the objectives of the investigation
• Who should be involved – what skills do you need?
• Determining roles of security and Internal audit
• How to keep the investigation low-profile
• Research – what information can lawfully be obtained
• What information is available and can be used
• Forensic evidence and how to obtain it
• Collating information and maintaining the chain of evidence
• Covert monitoring of employees – new legislation
• Knowing when to suspend or dismiss employees

  Exercise 8 : Sources of information

The legal aspects

• The need to stay within the law
• When to bring the lawyers in
• How to protect your work from disclosure – legal privilege
• How to ensure that evidence is admissible
• Search and seizure orders
• Civil V Criminal action
• How to recover stolen assets – making sure the criminal does not profit
• How to handle disciplinary proceedings
• Employers and employees rights

Confronting suspects

• Setting the scene – choice of venue etc
• Planning the interview – do’s and don’t’s
• How to keep in control
• The use of open questions
• Interpreting body language
• How to recognise when someone is lying
• Recording and evaluating the conversation
• How to avoid accusatory or threatening questions
• The need to think like a fraudster

  Exercise 9 : The fraud interview (role play) – you will all have the opportunity to play the interviewer, the observer and the suspect

Communicating the results

• When and how to inform top management
• When to inform regulators / the police / etc
• Managing external coverage
• Dealing with the media / stakeholders
• The use of successful fraud investigation as a moral deterrent
• Rebuilding damaged relationships

Course summary

Copyright Business Risk Management Ltd 2006