the fastest cars have the best brakes. - florida institute … · 2016-06-18 · fraud and the...
TRANSCRIPT
The Florida Institute of Certified Public Accountants
October 21, 2010
Fraud and the Importance of Corporate Governance
Gary Jordan, CPA, CIAVice President Internal Audit
The PBSJ CorporationTampa, Florida
The fastest cars have the best brakes.
PBSJ - Who We Are
Founded in 1960 and acquired 3 weeks ago by WS Atkins
Employee-owned professional services organization
75 offices across the US and Puerto Rico
3,500 employees
3,000 clients (75% public, 25% private sector)
Employees include
– Engineers _ Architects
– Scientists _ Interior Designers
– Archeologists _ Surveyors
Engineering-News Record Rankings
Among the top 500 design consultants, we are currently ranked:
4th for pure design,
10th for transportation,
13th for bridges,
15th for mass transit and rail,
14th for construction management,
25th overall
What We Do
Professional services organization that provides a range of planning, design, and construction services to public and private clients.
5 business segments– Transportation Services
– Environmental Services
– Civil Engineering
– Construction Management
– Construction (at Risk Contractor)
Revenue $850M during fiscal year 2009
Positive Net Income
Paid off line of credit
PBS&J Projects
Coral reef analysis, protection, and rehabilitations (FL Keys).
Metrorail rapid transit
– Miami, Houston, Atlanta
Airport Expansion
– Tampa, Atlanta, Miami
New Orleans Levy
7 mile bridge (FL Keys)
Independent Audit CommitteePhillip E. Searcy Frank A. StasiowskiWilliam D. Pruitt
What Actually Happened?
Fraud began 15 years ago
Collusion by trusted employees in corporate finance and treasury
–Chief Financial Officer
–Manager of Business Systems
–Accounting Manager
Discovered March 2005 by Internal Auditor
How’d it happen?
Secret accounts
–PO Box
Cash accounts
Medical reserves
Income taxes
Methods changed to avoid detection
How much taken?
Chief Financial Officer - $17 million
BIS Manager - $10 million
Accounting Manager - $9 million
Misappropriation
By the dollars:
–$36 million misappropriated
–$16 million recovered
–$22 million self investigating
–$40 million in client refunds nationwide
–$22 million in lost work
$100+ Million Hit!
How discovered… then what?
Persistent internal auditor
Audit Committee internalinvestigation
White collar crime attorneys
Forensic accounts
Private investigators
Voluntary Disclosure!
Fact Finders
State Attorneys General
Securities andExchange Commission
United States Attorney
Tennessee
Federal Bureauof Investigation
Florida Nevada
US Department of Justice
And Beyond
15
Crisis Management
Proactive internal investigations
Cooperation with fact finders
Transparency and openness
Honesty and sincerity
Voluntary Disclosure
Just do the right thing!
Public relations
First -- Know the Difference!
The practice of engineering
The business of engineering
Operational Management
Business development
Staff productivity
Revenue generation
Controllable overhead
People management
Unit profitability
Typical Business Controls
Entity Level Controls
Controls over Financial Reporting
Operational Controls
Generally Accepted Accounting
Procedures (GAAP)
Corporate Accounting 101
Qualified Personnel
Segregation of Duties
Key Controls
Secondary review
Automation/Efficiency
Culture of Compliance
Tone from the top
Development an ethics and compliance function
Business Code of Conduct
Employee hotline
Provide ethics training and compliance training
WorldCom Experience
Somewhat surreal
It permanently altered my view of the importance of Corporate Governance
The cases we are about to discuss are what happens when governance is weak
I became passionate about the role of internal audit and made the career decision to return to that space for the remainder of my career.
Survey Question #1
What do you think the answer was to this Comprehensive Business
Risk Assessment survey question? Yes, No or Unsure?
~
Do you think fraud can occur at your company?
Survey Question #2
Ask this question in your Risk Assessments:
Where do you feel is the most likely and/or vulnerable to have
a fraud carried out?
Survey Question 3
Ask this question in your Risk Assessments and as a closure question in field audit work!
Have you witnessed any other improprieties or have you or any other employee been
asked to circumvent existing procedures or policies?
Fraud Facts
Average length of time from fraud start to detection:
2 years
Frauds exposed by whistle-blowers:
46%
* Source - CFO Magazine, April 2009
Corporate-fraud victims that blamed lack of adequate controls:
35%
Companies that modified controls after fraud was detected:
78%
* Source - CFO Magazine, April 2009
Fraud Facts
Frauds by persons in the
accounting department:
Frauds by executives or
upper management:
Frauds by perpetrators living
beyond their means:
Frauds by perpetrators experiencing
financial difficulty at the time
of the fraud:
* Source - CFO Magazine, April 2009
Fraud Facts
29%
18%
39%
34%
Codes of Conduct
What percentage of U.S. employees reported that their codes of conduct are
not taken seriously?
51%
KPMG Forensic Integrity Survey
2008-2009
What percentage of U.S. employees reported that they would be rewarded based on
results, not the means used to achieve them?
52%KPMG Forensic Integrity Survey
2008-2009
Corporate Behavior
Corporate Behavior
What percentage of U.S. employees reported that they lacked understanding of the standards of conduct that apply to their jobs?
51%
KPMG Forensic Integrity Survey
2008-2009
Executives Reluctant to Disclose Corruption
Although respondents have differing views about disclosure, 93% say that an internal investigation should be conducted if a significant incident of corruption were uncovered.”
“Four out of 10 global executives are reluctant to disclose significant corruption incidents to authorities, according to Fortifying Anti-corruption in Today’s Corporation, a Deloitte survey of 329 executives from around the world.
The percentage of students who acknowledged that they cheated in order to improve their odds of getting into graduate school:
–Liberal arts students 43%–Education students 52%–Medical students 63%–Law students 63%–Business students 75%
The Speed of Trust by Stephen M.R. Covey
76% of MBAs were willing to understate expenses that cut into their profits, and that convicts in minimum-security prisons scored as high as MBA students on their ethical dilemma exams.
The Speed of Trust by Stephen M.R. Covey
Neville Isdell, recently retired chairman and CEO of the Coca-Cola Company and Robinson Hall of Fame inductee, warns,
“the challenge is for us as business
leaders to rewire how our companies
relate to society. And if we don’t do that,
we will discover that society has
redesigned our business for us.”
BIZ, State of Business Magazine, Vol XXI, No. 2, Dean’s Letter
How to Position the Importance of Governance
A 2002 study by Watson Wyatt shows that total return to shareholders in high-trust organizations is almost three times higher than the return in low-trust organizations. That’s a difference of nearly 300 percent!
The Speed of Trust by Stephen M.R. Covey
Companies Complying with SOX Rules
Source: Lord & Benoit, 2006
����28%
����26%
����
Control weakness in 2004, but none
in 2005
No control weaknesses in 2004 -05Passed SOX Testing
Reported control weakness 2004-05
6%
Share-price Performance
40 Source: Lord & Benoit, 2006
Data Vendors
Reuters
Standard & Poor’s
EDGAR
Lexis-Nexis
* Partial List
Audit Integrity41
• Stanford Law School
• 10-K Wizard
• Securities Mosaic
• CSI Data
Why Internal Audit Must Get Up to Speed
“The current global economic crisis has also exposed a number of exceptional and brazen fraud schemes. These revelations remind us that internal audit must be more vigilant than ever in its fraud-detection activities. Therefore, internal audit’s data-mining and data-analytic capabilities, instrumental to efficiently examining the large volume of data readily accessible through ERP systems for anomalies and other fraud indicators, are now even more critical.”2009 IT PrciewaterhouseCoopers:
Business upheaval: internal audit weights its roleamid the recession and evolving enterprise risks
ERP Systems and Data Analytics
42
Fraud Probability Drivers
The FRAUD Triangle Justification or History
Beliefs such as “the activity is not criminal,” “Everybody is
doing it”
Real or Perceived Opportunity
Weak controls/Employees in positions of trust
PressureFinancial, personal, unrealistic
corporate objectives, etc.
Source: KPMG
Recent studies show that three-quarters of U.S. workers surveyed witnessed misconduct on the job in the past year. This indicates that organizations need to continually assess whether or not their control environment takes into account the elements of the “fraud triangle.” The fraud triangle comprises:
“Incentives and pressure” – manipulating information to succeed, whether the strain is real or self-imposed
“Opportunities” – practicing deception when relaxed/loose corporate controls permit
“Attitude rationalization” – justifying actions for the perceived good of the organization
Source: KPMG
On a personal level, high-trust individuals are more likely to be promoted, make more money, receive the best opportunities, and have more fulfilling and joyful relationships.
The Speed of Trust by Stephen M.R. Covey
NOTE!!
If we demonstrate that we have a moral compass and can adhere to it, we will have a competitive advantage. We should do this because its not only the right thing to do but its easy and each of us can decide to do it today!!
Now if the last few slides were not bad enough….
Is everyone sitting down for the next one?
"I'll trade you two Bernie Madoffs for a Derek Jeter and David Wright."
Fidelity.com
So what do we do now?
Is fraud and corporate misconduct so widespread and accepted do we just give up and go home?
Or maybe we should position our functions for the fight and sell our value proposition to the Directors and Leaders of our entities.
3 Angles of Attack
• In the Community: Push for more ethics based education curriculum at all levels
• At work: Identify, reward, promote based on the key elements of integrity and ethical behavior in addition to performance
• At the Entity level: Promote GRC and its benefits to decision makers
On a personal level, high-trust individuals are more likely to be promoted, make more money, receive the best opportunities, and have more fulfilling and joyful relationships.
The Speed of Trust by Stephen M.R. Covey
NOTE!!
If we demonstrate that we have a moral compass and can adhere to it we will have a competitive advantage. We should do this because its not only the right thing to do but its easy and each of us can decide to do it today!!
50
We must convince leadership that good governance pays, and they must champion the practices.
What ammunition
do we have?
There are significant value creating business benefits for
moving entities to stronger Control Environments =
Stronger Measurable Governance Metrics
Key Findings
There is a large and persistent returns spread
between the highest and lowest-
rated companies – a 15.3%spread between the best and
worst decile over the prior 10 years.
Source: Audit Integrity
55
Price of Control Deficiency for$1 Billion Company
Source: University of Wisconsin, 2006
$10 million in higher cost of equity capital
Savings on Legal Liability Avoidance from GRC Investment
Source: General Counsel Roundtable, 2006
$1$5
Spending on Compliance
Savings on Lower Legal Liability $1$5
How to Position the Importance of Governance in Your Entities
This increasing focus on governance has
also resulted in a proliferation of published rating systems that rank on an absolute basis, and analyse and compare the relative corporate governance practices of public companies. With these developments, directors should address the implications of the ratings and the criteria they use.
Who’s Watching?
A few examples are:
Institutional Shareholder Services (ISS)
Moody’s Investors Service
Audit Integrity
Standard and Poor
GMI
59
Over 200-450 data fields are manually annotated and updated.
SEC ActionsClass Action
Litigations
Financial
Restatements
The Impact of Integrity on Stock Returns: Corporate Integrity Ratings Provide Unique Risk Factor
60
What Are They Watching?
Board
Independence
Data Vendors
Reuters
Standard & Poor’s
EDGAR
Lexis-Nexis
* Partial List
Audit Integrity61
• Stanford Law School
• 10-K Wizard
• Securities Mosaic
• CSI Data
For example:
Audit Integrity is the leading provider of accounting and governance risk analysis on public companies.
Through extensive statistical analysis of a vast array of information, Audit Integrity produces objective reports on 9,900 corporations traded on U.S. stock exchanges.
The Audit Integrity Accounting and Governance Risk Ranking (AGR*) is a measure of the overall risk of potentially fraudulent or misleading accounting and governance activity.
62
What is GRC?Faced with mandates for tighter corporate governance and enterprise risk management and barraged by compliance regulations, organizations are adopting platforms that are focused on enterprise governance, risk, and compliance (GRC) management.
GRC is a combined area of focus within an organization that developed because of interdependencies between the three components
This un-fragmented approach to risk management provides the benefit of:
Enterprise Wide Risk Monitoring
Greater Transparency
Increased Automation
Simplified Compliance
What is Corporate Governance?
The corporate governance framework depends on the legal, regulatory, institutional and ethical environment of the community. Whereas the 20th century might be viewed as the age of management, the early 21st century is predicted to be more focused on governance. Both terms address control of corporations but governance has always required an examination of underlying purpose and legitimacy.
James McRitchie, 8/1999
Governance Model
Strategy
Monitoring &Communication
Enterprise RiskManagement
Transparency& Reporting
Ethics &BusinessConduct
Legal,Regulatory,Standards
Roles andResponsibilities
A Big Picture Perspective
Tone at the Top, July 2006
Audit Integrity is the leading provider of accounting and governance risk analysis on public companies. Through extensive statistical analysis of a vast array of information, Audit Integrity Accounting and Governance Risk rating (AGRR) is a measure of the overall risk of potentially fraudulent or misleading accounting and governance activity.
Audit Integrity
Extensive research has also shown a clear relationship between Audit Integrity’s primary risk measure, the Accounting and Governance Risk (AGRR) rating, and equity returns. Consistently, the lowest-rated companies underperform the market and highest-rated companies outperform.
Audit Integrity
Corporations must support a culture of
“Trust but Verify”
Accounting Personnel
Certified Professionals
Chief Financial Officers
Internal Auditors
External Auditors
Government Auditors
So how does Internal Audit fit into this and what are emerging
trends and tools?
Internal Audit
Know where your risks are
Conduct business fraud risk assessment
Support the function
Document controls
Identify control gaps
Remediate gaps
Practice good business discipline
Why Internal Audit Must Get Up to Speed
“The current global economic crisis has also exposed a number of exceptional and brazen fraud schemes. These revelations remind us that internal audit must be more vigilant than ever in its fraud-detection activities. Therefore, internal audit’s data-mining and data-analytic capabilities, instrumental to efficiently examining the large volume of data readily accessible through ERP systems for anomalies and other fraud indicators, are now even more critical.”2009 IT PrciewaterhouseCoopers:
Business upheaval: internal audit weights its roleamid the recession and evolving enterprise risks
ERP Systems and Data Analytics
72
Changing Internal Audit RolesTechnology expected to have major impact on internal audit
Business trends expected to have the most impact on internal audit roles, responsibilities, and functions between now and 2012 are technology, new regulations, risk management, corporate governance, and ethics and compliance.
By 2012, strategic internal audit groups will be providing risk assurance as well as controls assurance as part of coordinated efforts to keep in step with corporate advances in risk and control processes.
PricewaterhouseCoopers
Don’t expect personnel in Corporate America to improve its business values and morality!!
The upcoming segment of your career is a golden opportunity…to demonstrate the value of strong corporate governance and strengthen your organizations controls….seize it!!
Questions? Comments?
If you have questions
or comments, contact:
Gary Jordan
727-224-8700 or