Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
6th Training Workshop 30th of November 8:30 -16:30 Financial Investigation Coordination in Cyprus: Hercule III Programme Anti-Fraud Training 2014 -2020 This publication has been produced with the assistance of the European Union. The contents of this publication are the sole responsibility of EUC and can in no way be taken to reflect the views of the European Union. Financial Investigation Coordination in Cyprus [OLAF/2016/D1/014] 1 Dr. Loukia Evripidou Defining organizational culture and ethics The Importance of Corporate Governance, organizational culture and ethics to Addressing Corruption Anti-fraud strategies Fraud Prevention trough development of a sound ethical culture 3 Effective governance processes are the foundation of fraud risk management. Lack of effective corporate governance seriously undermines any fraud risk management program. The organization’s overall tone at the top sets the standard regarding its tolerance of fraud.” — “ Managing the Business Risk of Fraud 4 The first step in develop an effective system to prevent fraud in the organization is creating a strong culture of ethics and integrity throughout the organization. Whatever the organizational structure of a company would be, managers and those charged with governance set the tone, a trend level of integrity and ethics in the organization. Known in the literature as "tone at the top" (Nettler, 1982), the term defines the involvement and attitudes of managers and others charged with governance to acts of fraud within the organization. Anti-fraud culture development is an ongoing process, lasting for a long period of time, managers setting an example on attitudes towards fraud, communicate to employees the company's policy to acts of fraud and encourage any person involved in the fraud detection and deterrence. 5 Without the strong and intensive management support it is hard to believe that the organization can achieve a culture of integrity. The codes of ethics development is providing values and principles of integrity, is a symbol of the company's attitude towards fraud and should be adopted by all employees or third parties relational. Employees are paying increased attention to managers behaviour and actions and tend to follow their example. If senior management is not concerned with ethics, employees will be more likely to commit fraud because they feel that the integrity and ethical conduct are not basic principles and priorities of the organization. The company's anti-fraud policy should provide clear descriptions about possible unethical practices to be encountered by employees and state the company's delimitation of such behaviour. 6 ‘Corporate Governance is a system by which a company is directed and controlled’. – Sir Adrian Cadbury 7 8 9 • Culture can be defined as an evolving set of collective beliefs, values and attitudes. • Culture is a key component in business and has an impact on the strategic direction of business. • Culture influences management, decisions and all business functions from accounting to production. 10 Ethics is a set of principles of right conduct or a system of moral principles Business ethics can be defined as the principles, norms and standards that guide an organisation’s conduct of its activities, internal relations and interactions with external stakeholders 11 Corporations have the same rights and responsibilities as individuals All employees must obey business conduct laws and regulations defining acceptable Corporate culture without values and appropriate communication about ethics can facilitate individual misconduct Ethical corporate culture does not evolve, but requires ethical polices Implementing a corporate ethics program promotes the corporation as a moral agent 12 Source: Ethics Resource Center, National Business Ethics Survey ® of Fortune 500 ® Employees: An Investigation into the State of Ethics at America's Most Powerful Companies (Arlington, VA: Ethics Resource Center, 2012). 13 It is nearly impossible to know all relevant laws Ethics programs increase ethical awareness Organizations can become bad barrels Pressures to succeed create opportunities rewarding unethical decisions Established ethics programs help employees determine what behaviors are acceptable Top management must integrate these codes, values and standards into the corporate culture 14 Effective ethics program ensure that all employees understand and comply with the ethical culture Cannot assume employees know how to behave when entering a new job Ethics programs act as important restraints to organizational misconduct 15 • Ethics is the cornerstone of corporate governance • Ethics ensures the sustainability of a business • Good corporate reputation is built on a solid foundation of ethical culture • A culture of trust must be built on a corporate framework of ethical principles which are transparency/ openness, competence, integrity and benevolence • Ethics play a major role in the prevention of fraud. Fraud prevention becomes a shared responsibility among the members of the organisation 16 17 ACOUNTABILITY Ensure that the management is accountable to the board Ensure that the board is accountable to the shareholders FAIRNESS Protect shareholders rights Treat all shareholders including minorities equitable TRASPARENCY Ensure timely, accurate disclosures on material matters, including financial situation, performance, ownership and corporate governance INDEPENDENCE Procedures and structures are in place so as to minimize or avoid completely conflicts of interest Independent Directors and Advisors i.e. free from influence of others 18 “What makes corporate governance necessary? Put simply, the interests of those who have effective control over a firm can differ from the interests of those who supply the firm with external finance. The problem commonly referred to as a principal- agent problem, grows out of the separation of ownership and control and of corporate outsiders and insiders. In the absence of the protections that good governance supplies, asymmetries of information and difficulties of monitoring results in capital providers who lack control over the corporation, finding it risky and costly to protect themselves from the opportunistic behaviour of managers and controlling shareholders.” (OECD) 19 20 A strong ethics program includes Written codes of conduct Ethics officers to oversee the program Careful delegation of authority Formal ethics training Rigorous auditing, monitoring, enforcement, and revision of program standards 21 Most countries’ laws prohibit theft, corruption, and financial statement fraud. Stock prices drop dramatically at any hint of financial scandal. Customers punish firms whose reputations are sullied by indications of harmful behavior. Board and senior management are held accountable for fraud under their watch. 22 A strong culture can be observed by its outcome rather than by individual components. It is more than just a checklist of initiatives. Even companies with sound policies in place can have a culture of corruption. 23 Board ownership of agendas Independent nomination processes Free information flow to the board Access to multiple layers of management Effective control of a whistleblower hotline Effective oversight of senior management: Evaluations Performance management Compensation Succession planning A code of conduct specifically for senior management 24 Strong emphasis on the board’s own independent effectiveness and process Board evaluations Executive sessions Active oversight of strategic and risk-mitigation efforts Board assurance of ethical considerations in: Hiring, evaluation, promotion, and remuneration policies for employees All aspects of relationships with customers, vendors, and other stakeholders Business strategy, operations, and long-term survival 25 26 According to studies conducted by the Centre for Ethics Resources in 2011, the managers’ actions and attitude towards fraud and unethical behaviour in the workplace, influence significantly employees' behaviour. Employees who feel that managers act in an ethical manner at work and have a positive attitude towards moral values (talking about the importance of business ethics, inform employees, keep their promises), will less commit fraud than employees who feel that managers only talk about the principles of ethics, without actually apply them and exemplify by their own behaviour. The study examines the variation of the four criteria: a) pressure on employees, b) the level of unethical behaviour at work, c) failure reporting on unethical and d) retail against whistleblowers in two contexts: that of a strong culture of ethics and a weak one. The results show that in an organization with a high degree of ethical management, the pressure on employees (representing an important aspect of the fraud triangle) decreases by 75%, the unethical behavior in the workplace decreases by 48%, reporting failure situations decreases by 38% and unethical behaviour on whistleblower retaliation are reduced 5 times 27 Workmates behaviour influence the ethical conduct of a person, so that if an unethical behaviour is tolerated, new employees will certainly quickly adopt the same behavior In the opposite situation, employees who observe ethical behavior from their peers will be less inclined to commit misconduct) 28 Ethical practices in the industry are applied daily by employees at work. If in a particular industry is rooted some unethical practice and works like an unwritten law, employees will adapt to, as a standard or as an essential requirement in order to achieve the marketing objectives. The company's anti-fraud policy should provide clear descriptions about possible unethical practices to be encountered by employees and state the company's delimitation of such behaviour. If the company does not accept forms of fraud as bribery, influence peddling or illegal gratuities and combat all acts of fraud of this kind, it is unlikely that an employee will be influenced by practices in the market. 29 An anti-fraud official policy means that the organization will publicly condemn unethical behaviour and will say moral misconduct will not be tolerated, regardless of their potential opportunity cost. This policy should be applied in practice and exemplified by the daily behaviour of persons in leadership so that employees are aware that antifraud policy is not only an apparent form adopted for maintaining the company's reputation, but an active mood in the workplace. 30 Creating a work environment that feeds employee loyalty coincides with obtaining a positive work. A negative work environment is characterized by unrecognized and unappreciated organizational performance, negative feedback for morality and personal integrity, unreasonable expectations about performance indicators, uneven and unclear organizational responsibilities, poor communication methods and practices within the organization. In a negative work environment, employees' level of moral integrity and loyalty is low or nonexistent. This creates prerequisites for employees to commit fraud against the company, or for the company, but regardless of its consequences as it does not consider any obligation to protect the employing organization. 31 32 A mission statement that refers to ‘quality’ or ‘ethics’ and defines how the organisation wants to be regarded externally. Clear policy statements on business ethics and anti-fraud, with explanations about acceptable behaviour in risk-prone circumstances. Management which is seen to be committed through its actions. Fraud risk training and awareness for all employees and key business partners. A process of reminders about ethical and fraud policies, for example, an annual letter and/or declarations. Periodic assessment of fraud risk. A route through which suspected fraud can be reported. An aggressive audit process which concentrates on fraud risk areas. 33 An internal control system comprises all those policies and procedures that collectively support an organisation’s operation. Internal controls typically deal with approval and authorisation processes, access restrictions, transaction controls, account reconciliations and physical security. These procedures often include the division of responsibilities, and checks and balances to reduce risk. An internal control system comprises all those policies and procedures that collectively support an organisation’s operation. Internal controls typically deal with approval and authorisation processes, access restrictions, transaction controls, account reconciliations and physical security. These procedures often include the division of responsibilities, and checks and balances to reduce risk. 34 It will never be possible to eliminate all fraud. No system is completely ‘fraud proof’ because many fraudsters can by pass the control systems put in place to stop them. However, if an organisation pays greater attention to the most common indicators, this can provide early warning that something is wrong and increase the likelihood of discovering the fraudster. Fraud indicators fall into two categories: Warning signs Fraud alerts 35 Business risk can be indicated by the absence of an anti-fraud policy and culture, together with lack of staff management supervision. Bonus schemes linked to ambitious targets or directly to financial results can point to risky behaviour. Unusual staff behaviour patterns, for example, employees who do not take their annual leave allocation or who are unwilling to share duties, can also indicate business risk. Financial risk: Significant pressures on management to obtain additional finance can indicate a financial risk. Other signs include the extensive use of tax havens without clear business justification, along with complex transactions or financial products. Environmental risk: This can occur when new accounting or other regulatory requirements are introduced. Highly competitive market conditions and decreasing profitability levels can also lead to environmental risk, as can significant changes in customer demand. IT and data risk: Unauthorised access to systems gives rise to IT and data risk, as do rapid changes in information technology. Users sharing or displaying passwords is also highly risky. 36 Fraud alerts have been described as specific events, or red flags, which may indicate fraud. Some examples of fraud red flags are: discrepancy between earnings and lifestyle photocopied documents in place of originals missing approvals or authorisation signatures extensive use of ‘suspense’ accounts inappropriate or unusual journal entries above average number of failed login attempts. 37 Available tools and techniques for identifying possible fraudulent activity include: ongoing risk assessment trend analysis data matching exception reporting internal audit reporting mechanisms. 38 An organisation’s approach to dealing with fraud should be clearly described in its fraud policy and fraud response plan. The plan is intended to provide procedures which allow for evidence gathering and collation. In summary, a fraud response plan should include information under the following headings: purpose of the fraud response plan corporate policy definition of fraud roles and responsibilities the response the investigation organisation’s objectives with respect to dealing with fraud follow up action. 39 Reasonable steps for responding to detected or suspected instances of fraud include: clear reporting mechanisms a thorough investigation disciplining of the individuals responsible (internal, civil and/or criminal) recovery of stolen funds or property modification of the anti-fraud strategy to prevent similar behaviour in future. There are lessons to be learned from every identified fraud incident. The organisation’s willingness to learn from experience is as important as any other response. Organisations should examine the circumstances and conditions which allowed the fraud to occur, with a view to improving systems and procedures so that similar frauds do not occur in future. 40 It is clear from the previous diagram that the various elements of an effective anti-fraud strategy are closely interlinked. Each plays a significant role in combating fraud, with fraud deterrence at the centre. Fraud detection acts as a deterrent by sending a message to likely fraudsters that the organisation is actively fighting fraud and that procedures are in place to identify any illegal activity. The possibility of being caught will often persuade a potential perpetrator not to commit a fraud. There should also be complementary detection to counter the fact that the prevention controls may be insufficient in some cases. It is also important to have a consistent and comprehensive response to suspected and detected fraud incidents. This sends a message that fraud is taken seriously and that action will be taken against perpetrators. Each case that is detected and investigated should reinforce this deterrent and act as a form of fraud prevention. 41 THANK YOU!!! QUESTIONS???? 42