fra-beginner's guide

7
Fraud Risk Assessment A beginner’s guide 1 Presented by Charanjeet Singh- MBA, CFE,CISM please contact at [email protected]

Upload: charanjeet-singh-bhatia-cfe-cism

Post on 18-Aug-2015

215 views

Category:

Documents


2 download

TRANSCRIPT

Page 1: FRA-Beginner's Guide

Fraud Risk Assessment

A beginner’s guide

1

Presented by Charanjeet Singh- MBA, CFE,CISMplease contact at [email protected]

Page 2: FRA-Beginner's Guide

Contents• Objective

• What is Fraud Risk Assessment-FRA

• What are the advantages & disadvantages

• How to conduct FRA

Presented by Charanjeet Singh- MBA, CFE,CISMplease contact at [email protected]

Page 3: FRA-Beginner's Guide

ObjectiveThis presentation would allow readers to understand:

• Basics of Fraud Risk Assessment

• It’s importance in the overall Fraud Risk Management plan

• Some of the challenges surrounding FRA.

This is meant for beginners in the Anti Fraud profession, would publish other content for intermediate and advance level in due course.

Presented by Charanjeet Singh- MBA, CFE,CISMplease contact at [email protected]

Page 4: FRA-Beginner's Guide

What is FRA• It is a tool which can help the organisation in understanding the fraud risks

associated with it’s business processes.

• Specific fraud scenarios are identified and existing controls, if any, are mapped to these scenarios to determine residual risks.

• Depending upon the maturity level of Fraud Risk function in the organisation, probability of occurrence of the fraud scenario, impact assessment of the scenarios is also done. Additionally, residual risk is rated, and recommendation on accepting/mitigating it are made along with new control recommendations.

• FRA is not like RCSA wherein Unit itself does the control testing, FRA is done by a person having good knowledge about the fraud scenarios with inputs from process owners. Fraud scenarios are defined by following the detailed methodology which includes SOP/policy reading, process walk throughs, sample testing, mystery shopping (for advanced level), brain storming sessions with process owner/implementors etc.

Presented by Charanjeet Singh- MBA, CFE,CISMplease contact at [email protected]

Page 5: FRA-Beginner's Guide

Advantages V/s disadvantagesAdvantages include:

• Proactive identification of Fraud risks

• Rapport building with concerned teams unlike investigation

• Demonstration of value add by identification of fraud scenarios and residual risks

• Supports overall fraud prevention plan under the fraud risk management strategy.

Disadvantages include:• Leakage of Fraud Scenarios

can expose the organisation.

• Despite of identification of scenarios, if remedial action is not taken, it may be questioned by relevant authorities.

• Any scenarios which don’t get identified during FRA, and are exploited later on to commit fraud could raise question marks about the sanity of FRA exercise.

Presented by Charanjeet Singh- MBA, CFE,CISMplease contact at [email protected]

Page 6: FRA-Beginner's Guide

How to conduct FRAThere are two approaches to conducting FRA, which ever is followed, expectation should be

clarified to the management team. Process would involve Planning, fieldwork, action planning, reporting and action tracking. It is more of a consultative approach by involving the stakeholders for identifying the fraud risk, existing controls, residual risk and mitigating measures.

• Organisation level FRA -To conduct it at the macro level for the organisation covering aspects like :

• Presence of fraud risk policy,

• Prevention/detection controls (staff/vendor background check policies, whistle blower policy, etc),

• Separation of duties, mandatory leave policy, job rotation policy

• Process/function level FRA- To conduct it at the process level, ideally covering full length of the process irrespective of the departments involved:

• Identify the high risk processes/functions

• Conduct the process walk through by reviewing the policy/process documentation, sample testing, brain storming session with process contributors.

Presented by Charanjeet Singh- MBA, CFE,CISMplease contact at [email protected]

Page 7: FRA-Beginner's Guide

Thank you

7

Presentation contains my personal views, expressed for sharing with fellow anti fraud professionals and my

employer is not responsible for any of these.

Presented by Charanjeet Singh- MBA, CFE,CISMplease contact at [email protected]

This is meant for beginners in the Anti Fraud profession, would publish other content for

intermediate and advance level in due course.