Get documents about "P R E V E N T I O N
W
Description
P R E V E N T I O N
Shared by: lindash
-
Stats
- views:
- 10
- posted:
- 5/4/2010
- language:
- English
- pages:
- 2
Document Sample
PETTY CASH, ADVANCE ACCOUNT COMPUTER AND DATA SECURITY • Managers should ensure that staff in sensitive areas attend fraud
awareness training and are made aware of the special procedures in
Risks Risks their areas of responsibility
• Use of petty cash for private purposes • Destruction/corruption of data • Sound computer security
• Submission of fraudulent petty cash claims • Theft of data for commercial purposes • Adequate building security
• Theft of cash • Unauthorised release of sensitive information
Causes • Theft of equipment CONTRACTORS AND CONSULTANTS
FRAUD
• Claims not adequately reviewed by supervisors Causes Risks
• Payment of claims without authorisation • Sharing identification numbers and passwords • Bias toward particular contractors
• Payment of claims without receipts • Unauthorised access from remote location (hacking) • Disclosure of sensitive information to contractors
• Advance accounts not regularly reconciled by independent officers • Unauthorised access by non-authorised employee • Improper approval in the awarding of contracts
• Petty cash claims and receipts not stamped as ‘paid’ following • Security system bypassed • Biased tender evaluation
reimbursement • Poor physical security • Payment of fraudulent claims
• Nature or volume of purchases not shown on claims • Poor system security • Kickbacks for biased selection of contractors
• Large volume of small transactions • Abuse of legitimate access • Payments to ‘bogus’ contractors for false claims
• Poor security of cash holdings
• Excessive cash kept on hand
• Viruses etc. or other wilful damage by disgruntled employee or
competitor
• Bona fides of contractors not checked or deliberately overlooked
• Employees acting as contractors under false names
P R E V E N T I O N
Prevention Measures • Appropriate computer security changes not done when employees
Causes
• Petty cash approval closely reviewed and suspect items challenged with access leave or transfer
• Inducements (eg gifts)
• All cheques signed by two independent officers • Data files and listings not held under proper security
• Inexperienced contract officers
• Claim payments properly acquitted to avoid multiple payments Prevention Measures • Too close relationship between officers and contractors resulting in
• Complete details of expenditure involved including receipts • Appropriate system failures procedure developed and implemented bias or corruption
• Adequate security of cash holdings including limiting access to safe, • Review and investigation of security violation reports • Inadequate contract guidelines
procedures re. regular banking etc. • Computer listings controlled and shredded after use • Inadequate segregation of duties
• Quarterly and random audits • Officer not permitted to share identification numbers and passwords • Poor physical security of sensitive information
• Regular change of passwords (each 30 days) • Poor contract management
MATERIALS, TOOLS AND EQUIPMENT • Poor supervision
• Cancelling access to data when officer transfers or leaves or no
Risks longer requires access • Poor contract guidelines, policy and procedures
• Materials, tools and equipment used for private purposes • Regular monitoring of users of dial-up facilities Prevention Measures
• Theft of materials, tools and equipment • A sound system of controlling employees with access to data • Complete and concise documentation in respect of each contract
(ie management review of work quality) • Compliance with policy and procedure
Causes
• Physical security of equipment and diskettes • Guidelines formulated dealing with staff relationships with
• Inadequate stock-takes
• Inadequate asset registers contractors and consultants GUIDELINES
INFORMATION AND DISCLOSURES • Training for officers involved in evaluating and administering
• Poor physical security
contracts
• Poor records of movement Risks
• Poor controls over purchase and issue • Segregation of duties to exist between advertising, recommending
• Unauthorised disclosure of sensitive information, whether
• No accountability for usage and approval functions
motivated by personal gain or malice
• No serialisation of equipment • Exercise of delegations be monitored by supervisory staff
• No records maintained of material usage for jobs Causes • Managers to monitor compliance with policy and procedures
• Poor awareness of instructions prohibiting ‘borrowing’ of tools and • Disgruntled employees • Selection criteria developed prior to advertising suspect
equipment • Information not adequately secured
• Inadequate building security
Prevention Measures For further information on how the Major Fraud Investigation Group
• No policy governing disclosure
• Expectations of strict compliance with policy conveyed to staff by can assist you, please contact the:
• No classification of information concerning suppliers or contractors
managers, in particular instructions prohibiting the loan of tools • Pressure from suppliers, contractors or competitors to disclose Major Fraud Investigation Group, Queensland Police Service
and equipment to staff information 200 Roma Street Brisbane Qld 4000
• Management scrutiny of requisitions - neccessity for purchases/issues • Employees with prolonged dealings with clients who may seek to Phone: (07) 3364 6622
to be regularly challenged corrupt or ‘capture’ the employees Facsimile: (07) 3364 6549
• Regular stock-takes of tools and equipment - particularly attractive items • Misunderstanding of Freedom of Information obligations
• Results of stock-takes reported to supervisors Produced with the assistance of Media & Public Relations Branch
• Lack of computer security Reproduced from information supplied by the NSW Police Service
• No issues of material, tools and equipment made unless valid job
number exists Prevention Measures
• Attractive tools and equipment be engraved with identification numbers • Sensitive material should be identified by managers and classified Queensland Police Service
• Reports relating to requisitions be produced daily by the stores • Adequate physical security maintained in respect of sensitive Vision Statement
system and analysed at regular intervals by line managers information
• Managers to initiate specific controls/guidelines in sensitive areas We are determined to be a professional police service,
• Scrutiny of reports by managers
dedicated to excellence and committed to working in
• Tools and equipment registers maintained and ensure staff compliance: partnership with the people of Queensland to enhance
• Asset list and schedule of plant and equipment checked, certified - limiting access to confidential information the safety and security of our community.
and amended - restricting contact to authorised officers
6 7 8 Q U E E N S L A N D P O L I C E S E R V I C E
FRAUD - WHAT IS IT? CREDIT CARDS/EFTPOS Causes • Inadequate controls exercised by wages clerks
Fraud does not always involve the notion of monetary gain, however, Risks • Inadequate cheque clearance procedures • Salaries and wages input documents not checked by another officer
it can be defined as encompassing a wide variety of corrupt, • Fraudulent monetary transactions on credit and debit cards • Counterfeit bank cheques • Inexperienced or corrupt wages and salaries clerks
deceptive, dishonest or unethical behaviours. • Used at bank branches to obtain cash advances • Cheques obtained from companies by persons disguised as • Employees continue to seek additional loopholes in the award
• Used at merchant establishments in payment for goods and/or services repairmen etc and new cheque books ordered from the bank • Continuing unchallenged long standing practices
The following definitions have been provided as examples of the • Insufficient funds in account for presentation of cheque
average persons understanding of fraud: • Used at Automatic Teller Machines (ATMs) to obtain cash advances Prevention Measures
• Theft from the authorised holder Prevention Measures • Wages clerks should check that allowances are not paid for days
“...deceit, trickery, sharp practice or breach of confidence, by which • Fraudulent manipulation of EFTPOS terminal by offenders Make sure that: absent from work
it is sought to gain some unfair or dishonest advantage...”
Causes • Cheques payable to a third party are properly endorsed by the payee • Segregation of duties
“...an intentional misstatement of information to obtain financial • Use of counterfeit credit cards • Cheque endorsement is in order • Salaries and wages should be randomly checked
benefits through improper, unauthorised or illegal actions...” • Use of stolen/lost credit cards • There are no changes on the cheque
• Lack of compliance with checking procedures • The cheque has the correct date PURCHASES AND ACCOUNTS PAYABLE
“...the use of false representations to obtain unjust advantage...” • Figures match the writing
• Insufficient security of EFTPOS terminal at point of sale Risks
“...the offence of obtaining money or property by deceit...” • Often stolen from: • Signature is okay
• Wasteful expenditure
- The glove boxes of motor vehicles • Contact the company by phone to confirm validity of the cheque
• Short supply of goods
- Unattended clothing and handbags in business premises • Contact bank for special clearance of cheque
FRAUD RISKS AND PREVENTION INDICATORS • Supply of inferior goods
- Within the postal system • Safeguard cheques
• Payment for services and goods not supplied
Fraud can flourish in an atmosphere of ignorance and neglect. - Cardholder letter boxes • Purchase of goods for private use
However, a fraud prevention strategy will assist managers and others Prevention Measures CASH RECEIPTS
• Kickbacks for biased selection of suppliers
to seek out actual and potential fraud, particularly when Check: Risks • Payments to ‘bogus’ vendors for false claims
administrative, managerial and audit failures are exploited by those • The hologram (inferior and/or different company hologram, three • Theft of money • Cheques written for cash only
with fraudulent intent. dimensional features, change of colour) • Cheques not properly authorised
Causes
The following points should be considered when developing a fraud • The commencement date • Cost of tyres, repairs, fuel received and paid for by company funds
• Inadequate supervision
prevention strategy: • The expiry date
• The card is signed
• Poor segregation of duties Causes
Fraud indicator checklists can be used as an effective tool for • Inadequate training of staff • Poor supervisory review
• The signature has not been written over
reviewing business and organisational performance on a regular • Use of common registers, drawers etc among staff • Systems controls either inadequate or bypassed
• The printing and embossing is clean and even for changes to the
basis. Implementation of internal prevention controls is a critical • Large amount of cash kept on hand - infrequent banking • Exercise of delegation not monitored
panel (eg white tape, erasures, smudges)
part of the monitoring process for management and improved fraud • Poor banking procedures • Inadequate review of claims for payments
• Cardholder name and EFTPOS machine receipt details match
awareness for employees. • Poor cash handling and reconciliation procedures • Inadequate segregation of duties
• For any visible damage to the card
• Signature on sales strip compared to the actual card Prevention Measures • Close relationship between employees and suppliers resulting in bias
It is also important that businesses and organisations understand the • Inducements from suppliers (eg gifts)
consequences associated with fraud related crime. The following • The signature on receipt • Monitor the number and regularity of ‘No Sales’ transactions on
• The card is not returned to the purchaser before sale processed and cash register • Inexperienced purchasing officers inconsistent interpretation
examples of consequences should be noted as examples that occur • Improper delegation of authority to personnel to commit, incur and
when fraud prevention/control strategies are not implemented or signature confirmed • Reduce employees operating with an open cash register
• Reverse italics on the signature panel • Cashiers operate their own float and balance when undertaking duties approve expenditure
actively monitored. • No supervisory/independent checks over processing, receipting and
• Loss of revenue Detection of alterations or irregularity should be questioned: • Knowledge of safe combination to be limited to only a few people
• Safes to be locked when not in use and located out of public view payment function for expenditure
• Increased operating expenses • Ask for additional photo identification • Lack of documentation/information supporting expenditure
• Reduced operational efficiency • Hold the card • A log book be maintained recording all transactions to and from safes
• Regular depositing of cash receipts into safes • Payment made on photocopies or facsimiles of original invoice
• Inability to meet obligations to employees, suppliers or contractors • Call for authorisation
• Damage to credibility • Request additional account information, eg current balance • Daily banking of takings Prevention Measures
• Confidentiality compromised • Be aware that card receipts and carbon copies need to be destroyed • Regularly review extent and nature of cash shortages and report • Acknowledgement of receipt of goods and services promptly forwarded
• Public criticism Contact the bankcard authorisation centre to obtain authorisation for instances where satisfactory explanations are not available • Quarterly and random audits of petty cash purchases be performed
• Strategies and plans jeopardised credit card transactions: • Regularly check bank deposits with cash register totals • At least 10 per cent of daily direct payments (<=$1,000) be
• Complaints from clients, customers, contractors etc. • Where the value of the transaction exceeds the branch/merchant’s • Banking be conducted by two employees checked against appropriate documentation
• Increased expenditure on salaries, wages and allowances floor limit • Regular follow-up must be maintained by receipting areas of all
• Employees encouraged to seek additional loopholes in the award • Where the branch/merchant suspects that the card presenter is not SALARIES, WAGES AND OVERTIME PAYMENTS non-receipted items
the cardholder Risks • Employees performing accounts payable and stores functions
The following aspects of fraud related crime are common and • Check that the refund limit for each EFTPOS terminal is set at an receive appropriate training to ensure compliance with policies
• Fraudulent claims for expenses (eg travelling)
identify risks, causes and prevention measures. appropriate limit • Segregation of duties to exist between purchasing, receipting and
• Fraudulent salaries and wages input documents
• Credit Cards • Ensure that EFTPOS password or PIN is changed regularly and • Fraudulent recording of attendance and time paying functions
• Cheques kept confidential • Fraudulent overtime claims • Exercise of delegations be monitored by supervisory staff
• Salaries, Wages, Overtime Payments • Ensure sufficient physical security of EFTPOS terminal • Payroll ‘ghosts’ • Managers to monitor compliance with policy and procedures
• Materials, Tools, Equipment • Unnecessary overtime • Ensure expenditure is authorised by a senior officer and is not
• Cash Receipts CHEQUES outside of approved limits/expenditure guidelines
• Over-award payments
• Petty Cash and Advance Accounts Risks • Ensure that expenditure is supported by required appropriate
• Purchases and Accounts Payable • Drawing of uncleared funds from banks, ATMs, EFTPOS Causes documentation, ie: original invoice, order number details, original
• Computer and Data Security • Fraudulent representation of stolen cheques • Inadequate supervisory review and control delivery docket
• Information and Disclosures • Fraudulent cashing of cheques • Claims not properly authorised • Ensure that accounts have not been previously paid
• Contractors and Consultants • Cheques not met on presentation • Attendance records not maintained • Cheques are not written payable to ‘cash’
2 3 4 5
