Fighting Fraud & Corruption in Uganda - Steven Powell 25 August 2021 - ENSafrica
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Fighting Fraud & Corruption in Uganda Steven Powell 25 August 2021
objectives? • fraud facts and theory including the profile of the fraudster • an explanation of corrupt practices, & procurement risks • corruption overview - tender abuse & other corrupt schemes • cyberfraud • EFT Fraud – (diverted payments) • fraud prevention and internal controls • fraud risk indicators • the tools to identify corruption • case studies
the profile of the typical fraudster
• White collar crime statistics reveal that more
than 80% of fraud involves internal employees,
most of whom have more than 5 years of service
• Many companies who fall victim to fraud rely
on trust rather than controls
• The fraudster could be your most capable, most
reliable & most trusted employee
Telegraph UK
Generally the profile of the typical fraudster is:
Older than 30, stable family situation, above average education, first
offender and has been with the company for more than 5 years
The fraudster is often the last person that anyone would suspect and
the “red flags” (symptoms) that become known are often ignored due
to high levels of trust
the fraud triangle - Psychology behind it
fraud takes place when the 3 factors described below converge
the fraud recipe
The employee will justify
fraud takes place committing acts of
when employees dishonesty by
under pressure rationalizing his or her
identify the behaviour
opportunity to Rationalization takes
commit fraud - the form of finding
coupled to a justification for the
perceived low risk behaviour by re-labeling
of detection to remove moral stigma
fraud
rationalization
fraud pressures
• Often, formally honest employees commit
fraud as a result of pressure which presents
itself in a variety of ways:
• living beyond means
• insecurity regarding tenure of position,
retrenchments
• trigger events
divorce
extra marital affairs
medical emergency
• peer pressure
• gambling alcohol or drug problems
opportunity
• When employees experience the pressure, they often start looking for gaps or
weaknesses in the control environment
• Opportunity to commit fraud presents itself in a variety of forms:
• Weak control environment
• Shared passwords
• Limited segregation of duties
• Limited independent review
• Poor management oversight
• Remote location
• High trust
examples of “rationalizations” Rationalization takes place when employees try to justify or re-label their illicit activity in order to make it seem less morally reprehensible Examples of rationalisations that have been verbalized: “it was just a loan I am going to pay it back” “it was a spotters fee” “it was just a commission” “the company makes huge profits but does not pay us enough” “the company has retrenched a lot of staff” “I should have been promoted long ago”
the detection of fraud
most frauds are discovered by accident when fraudsters become careless or greedy
60%
50%
40% management
auditors
30% tip-offs
accident
20%
10%
0%
Many frauds are discovered as a result of tip-offs (Colour green because many
tip-offs come from disgruntled mistresses or ex wives)
Michael J Comer
Procurement Fraud & Tender abuses in SA
• Collusion with government officials in tender irregularities:
• creation of artificial / inflated need
• tender fixing & drafting tender specifications
• avoiding tender by irregular expansion or extension of contract after award
• avoiding tender by misuse of single-source procurement exception
• government insiders sharing confidential tender information and assisting
bidders in tenders
• Systemic use of middle-men to influence tenders and facilitate suspect payments
• Enterprise development needs exploited - subcontractors as conduits to channel
funds
• Using vague agreements to contractually facilitate suspect payments – bland
descriptions
• Characterized by inappropriate gifting, sponsorships or donations
examples of fraudulent schemes ghost suppliers this is a letterhead and a bank account the corrupt employee signs off or requisitions payments for a company which does not exist payments are made to this entity and usually find the way to the employee or his spouses accounts no services or supplies are rendered key controls Someone other than the employee who ordered the goods should sign off confirmation of delivery/proof of service Close the gates – new vendors must be properly checked and verified when they are added to the vendor database (company and credits checks should be routine)
Procurement fraud case study
German motor manufacturer
• Head of procurement took
kickbacks for appointment as a
contractor
• home renovations
• Harley Davidson
• several cars including expensive
4x4
• regular o/seas trips
Result
• prejudice R7 million
• 4 service providers terminated
• 6 year jail sentence for head of
procurementMaintenance depot procurement fraud case study
• Officials place orders for parts to repair the vehicle
• Part is not delivered but officials complete paper trail
• Requisition
• Purchase OrderR5m-a-year corruption scam uncovered
• Delivery note
• Job cards
• When parts are actually delivered - Part is re-routed back to
supplier
• Illicit profit by supplier is shared with the syndicate
• Whistle blower reveals corruption running for more than a
decade
“R5million a year corruption scam uncovered”
Cape Argusconflict of interest
• large portions of procurement spend is allocated to companies
that employees and senior officials have undisclosed interests in
• undeclared interests and secret profits inflate the cost of doing
business exponentially -the solution is
• a robust declaration of interest policy which obliges
declaration of all interests
• coupled to vendor screening – (know who owns your service
providers)tools to ID fraud and tender abuse
lifestyle audit – also known as the means test
• By accessing various public databases – gather intelligence on buyers
managers and decision makers to ensure assets are commensurate to
known income stream:
• properties
• motor vehicles
• credit
• company links
• identify adverse information or negative data by using internet or
company searches and screen employees for negative histories
• credit and
• criminaldigital fraud • Identity theft: where criminals obtain information about you to convince a bank or a customer service representative that they're you. • Phishing: where criminals attempt to trick unsuspecting individuals into clicking on a malicious URL or e-mail attachment to steal their login details which they can then use to gain unauthorized access to the victims' financial accounts. • Pharming refers to redirecting website traffic through hacking, whereby the hacker implements tools that redirect a search to a fake website. Pharming may cause users to find themselves on an illegitimate website without realizing they have been redirected to an impostor site, which may look exactly like the real site. • Ransomware: where a hacker encrypts files on your computer. The only way to get the files back is to pay the hijacker in crypto currency, like Bitcoin. • Online deposit scams (puppy scams etc). Recently, cyber security firm, Norton, said globally, 978 million consumers were affected by cyber crime in 2017 stealing a total of $172 billion.
phishing & pharming
how to minimise the risk
• Be very selective with the type of information
that you share on social media sites18
how to minimize the risks cont’d
• Use strong passwords, with a variety of upper case and lower case
letters, symbols, and numbers. Never write them down where
other people can see them. You should also try to change them up
every now and then.
• Only use reputable online shopping sites. One thing you can do is
look at the URL of the website. If it begins with “https” instead of
“http” it means the site is secure. Also check with friends if they’ve
heard of it or used it before.
• Be extra cautious when using Wi-Fi hotspots. Some scammers
falsify popular hotspots.
• Don’t click on random links.are you sharing too much?
The use of social media
• Names of children, places of employment, places you frequent
(your Facebook “check-ins”, birthdate – all can be accessed via
social media and can be used to perpetrate identify theft.
• Don’t post pics of your holiday in the Seychelles
• CFO case study
• Make sure your privacy settings are updated!!EFT fraud risk EFT fraud is essentially the diversion of funds from the organisation’s bank accounts to third parties, to whom those funds are not due, usually involving manipulation of the vendor payment system
electronic funds transfer fraud
• two methods
• creation of alternative
vendor profile which is then
selected to perform illicit
transactions
• substitution of employee
account and deletion
• in the 1st scenario the risk
of being caught is higher as
the employee info remains
on the vendor profile and
should be detected through
proper checkswhose problem is EFT fraud
• it is invariably an account holder problem,
• and usually not a bank problem
• it is usually facilitated by password abuse within
the finance team
• spyware and collusion with bank officials must be
excludedcase study eft payment clerk
• shaken not stirred – 007 steals R740k from a large retailer
• position - eft payment clerk – earnings R10k
divorce weak controls
fraud
rationalizationcase study : EFT payment clerk
• A junior employee in a finance team, whose role involved
processing batches of vendor payments electronically, got
divorced
• He was already battling to manage financially and now needed
to pay for a messy divorce, alternative accommodation &
maintenance
• Realised that he can authorise and release transactions with his
supervisors password
• Made small talk with his supervisor as he was logging in, -
noted his password, and voila…. he could create, capture and
release payments
• He tested thresholds with small payments to himself then
waited…
• Suspect became very bold and loaded a duplicate vendor with
his personal bank account on the vendor master database
• Nobody noticed, and the volume and scale of his fraud
escalated, within a year he had stolen just under a millioncase study contd : the black hole
• lost payment – software programmers
showed our suspect how to manually
override the system to ensure that payments
reach the intended destination
• every time our suspect made a legitimate
payment he knew he could steal by changing
a text file on his c drive:
• “I could not resist the temptation; I had
the devil on my shoulder tempting me to
try process a fraudulent transaction, it
was just too easy!”case study – chief accountant
• R2 million in one year
• modus operandi – amendment of vendor banking
account detail on vendor master file
• substituted account not own account (DRC)
• once illicit transaction concluded – amended vendor
profile deleted and vendor banking info restored to
original
• when routine audits are performed – all appears as it
should
• where did the money go?
• the local casino received R1,95 million out of the R2
million stolencase study - FD at packaging company
• R4.2 million misappropriated
Bedside reading material
• R1.7 million in one morning
substitution and deletion
• vehicles, houses, timeshare (house
search), gambling, overseas travel,
holidays, private schooling, heart
operation,
• Property & vehicles for family,
• vehicle for close friend
• safety deposit boxes?
• R3 million recovery via full co-operation
which translated into mitigation for an
effective 5 year jail termCase
case studystudy 4 manager
– Financial
• Stole R4,2 million in Western Cape over 8 years
• Committed traditional EFT fraud via diverted payments
• suspect placed personal stop orders (DSTV, Telkom cars and
insurance on organisation account)
• suspect paid for her house R1.3 million with EFT to lawyers
• suspect overpaid suppliers and diverted reimbursement to
her accountwhat should the company have picked up?
• eft clerk
• the payments to a particular supplier whose profile was
exploited was far over budget
• routine audits testing payroll against the vendor master
files would have identified the illicit profile
• chief accountant
• password control was abused
• cfo signed off batches of eft’s – if he just counted the
transactions he would have noticed that there were more
payments in the batch than the paperwork reflected
• supplier payments were duplicate- a proper recon of each
supplier against approved budget would have identified
the overspend
• There were multiple changes to vendor banking details
which is abnormalkey controls to prevent EFT abuse
• vet vendors properly (address, history, bank
account, expertise & infrastructure)
• enforce tight control over changes to suppliers
bank accounts – add management authorisation
• audit changes to supplier banking info over the
past year
• interrogate the changes
• verify with suppliers and banking institutionthe symptoms of fraudulent behavior
the red flags or warning signals in respect of the corrupt
employee are always present - make sure that staff report
suspicious activityfraud red flags excessive lifestyle gambling alcohol or drug problems staff who constantly claim underpaid close relationships with suppliers sole suppliers - not shopping around poor credit rating poor communication and reports indulging in affairs not taking leave refusal of promotion excessive & unexplained overtime criminal record
divisional red flags
• too much trust placed in key employees
• limited segregation of duty
• no independent checks on reconciliation and payments
• no clear lines of authority or responsibility
• proper authorization procedures not enforced
• inadequate documentation & records
• infrequent independent reviews
• inadequate disclosure of interests & investments management
override of the controls
• operating on a crisis basis
• inadequate attention to detailconclusion
fraud and corruption are significant risks
prevention is better than cure
people will try to tempt your staff
promote a strong ethics culture
review your anti-fraud controls annually
perform control review regarding eft payments
do not rely only on controls - only as effective as the people
enforcing the controls
train people to recognize the symptoms
do not work in a vacuum - use the tools and technology &
experts
©2009 S Powellquestions
Steven Powell spowell@ENSafrica.com +27 21 410 2553 or +27 82 820 1036
You can also read
