P R E V E N T I O N by lindash

VIEWS: 12 PAGES: 2

More Info
									 PETTY CASH, ADVANCE ACCOUNT                                                   COMPUTER AND DATA SECURITY                                               • Managers should ensure that staff in sensitive areas attend fraud
                                                                                                                                                          awareness training and are made aware of the special procedures in
Risks                                                                          Risks                                                                      their areas of responsibility
• Use of petty cash for private purposes                                       • Destruction/corruption of data                                         • Sound computer security
• Submission of fraudulent petty cash claims                                   • Theft of data for commercial purposes                                  • Adequate building security
• Theft of cash                                                                • Unauthorised release of sensitive information
Causes                                                                         • Theft of equipment                                                     CONTRACTORS AND CONSULTANTS




                                                                                                                                                                                                                                    FRAUD
• Claims not adequately reviewed by supervisors                                Causes                                                                   Risks
• Payment of claims without authorisation                                      • Sharing identification numbers and passwords                           • Bias toward particular contractors
• Payment of claims without receipts                                           • Unauthorised access from remote location (hacking)                     • Disclosure of sensitive information to contractors
• Advance accounts not regularly reconciled by independent officers            • Unauthorised access by non-authorised employee                         • Improper approval in the awarding of contracts
• Petty cash claims and receipts not stamped as ‘paid’ following               • Security system bypassed                                               • Biased tender evaluation
  reimbursement                                                                • Poor physical security                                                 • Payment of fraudulent claims
• Nature or volume of purchases not shown on claims                            • Poor system security                                                   • Kickbacks for biased selection of contractors
• Large volume of small transactions                                           • Abuse of legitimate access                                             • Payments to ‘bogus’ contractors for false claims
• Poor security of cash holdings
• Excessive cash kept on hand
                                                                               • Viruses etc. or other wilful damage by disgruntled employee or
                                                                                 competitor
                                                                                                                                                        • Bona fides of contractors not checked or deliberately overlooked
                                                                                                                                                        • Employees acting as contractors under false names
                                                                                                                                                                                                                                    P R E V E N T I O N
Prevention Measures                                                            • Appropriate computer security changes not done when employees
                                                                                                                                                        Causes
• Petty cash approval closely reviewed and suspect items challenged              with access leave or transfer
                                                                                                                                                        • Inducements (eg gifts)
• All cheques signed by two independent officers                               • Data files and listings not held under proper security
                                                                                                                                                        • Inexperienced contract officers
• Claim payments properly acquitted to avoid multiple payments                 Prevention Measures                                                      • Too close relationship between officers and contractors resulting in
• Complete details of expenditure involved including receipts                  • Appropriate system failures procedure developed and implemented          bias or corruption
• Adequate security of cash holdings including limiting access to safe,        • Review and investigation of security violation reports                 • Inadequate contract guidelines
  procedures re. regular banking etc.                                          • Computer listings controlled and shredded after use                    • Inadequate segregation of duties
• Quarterly and random audits                                                  • Officer not permitted to share identification numbers and passwords    • Poor physical security of sensitive information
                                                                               • Regular change of passwords (each 30 days)                             • Poor contract management
 MATERIALS, TOOLS AND EQUIPMENT                                                                                                                         • Poor supervision
                                                                               • Cancelling access to data when officer transfers or leaves or no
Risks                                                                            longer requires access                                                 • Poor contract guidelines, policy and procedures
• Materials, tools and equipment used for private purposes                     • Regular monitoring of users of dial-up facilities                      Prevention Measures
• Theft of materials, tools and equipment                                      • A sound system of controlling employees with access to data            • Complete and concise documentation in respect of each contract
                                                                                 (ie management review of work quality)                                 • Compliance with policy and procedure
Causes
                                                                               • Physical security of equipment and diskettes                           • Guidelines formulated dealing with staff relationships with
• Inadequate stock-takes
• Inadequate asset registers                                                                                                                              contractors and consultants                                                                   GUIDELINES
                                                                               INFORMATION AND DISCLOSURES                                              • Training for officers involved in evaluating and administering
• Poor physical security
                                                                                                                                                          contracts
• Poor records of movement                                                     Risks
• Poor controls over purchase and issue                                                                                                                 • Segregation of duties to exist between advertising, recommending
                                                                               • Unauthorised disclosure of sensitive information, whether
• No accountability for usage                                                                                                                             and approval functions
                                                                                 motivated by personal gain or malice
• No serialisation of equipment                                                                                                                         • Exercise of delegations be monitored by supervisory staff
• No records maintained of material usage for jobs                             Causes                                                                   • Managers to monitor compliance with policy and procedures
• Poor awareness of instructions prohibiting ‘borrowing’ of tools and          • Disgruntled employees                                                  • Selection criteria developed prior to advertising suspect
  equipment                                                                    • Information not adequately secured
                                                                               • Inadequate building security
Prevention Measures                                                                                                                                     For further information on how the Major Fraud Investigation Group
                                                                               • No policy governing disclosure
• Expectations of strict compliance with policy conveyed to staff by                                                                                                      can assist you, please contact the:
                                                                               • No classification of information concerning suppliers or contractors
  managers, in particular instructions prohibiting the loan of tools           • Pressure from suppliers, contractors or competitors to disclose            Major Fraud Investigation Group, Queensland Police Service
  and equipment to staff                                                         information                                                                             200 Roma Street Brisbane Qld 4000
• Management scrutiny of requisitions - neccessity for purchases/issues        • Employees with prolonged dealings with clients who may seek to                                Phone: (07) 3364 6622
  to be regularly challenged                                                     corrupt or ‘capture’ the employees                                                          Facsimile: (07) 3364 6549
• Regular stock-takes of tools and equipment - particularly attractive items   • Misunderstanding of Freedom of Information obligations
• Results of stock-takes reported to supervisors                                                                                                               Produced with the assistance of Media & Public Relations Branch
                                                                               • Lack of computer security                                                     Reproduced from information supplied by the NSW Police Service
• No issues of material, tools and equipment made unless valid job
  number exists                                                                Prevention Measures
• Attractive tools and equipment be engraved with identification numbers       • Sensitive material should be identified by managers and classified                               Queensland Police Service
• Reports relating to requisitions be produced daily by the stores             • Adequate physical security maintained in respect of sensitive                                        Vision Statement
  system and analysed at regular intervals by line managers                      information
                                                                               • Managers to initiate specific controls/guidelines in sensitive areas                    We are determined to be a professional police service,
• Scrutiny of reports by managers
                                                                                                                                                                          dedicated to excellence and committed to working in
• Tools and equipment registers maintained                                       and ensure staff compliance:                                                            partnership with the people of Queensland to enhance
• Asset list and schedule of plant and equipment checked, certified              - limiting access to confidential information                                                 the safety and security of our community.
  and amended                                                                    - restricting contact to authorised officers

                                    6                                                                             7                                                                          8                                    Q U E E N S L A N D   P O L I C E   S E R V I C E
FRAUD - WHAT IS IT?                                                       CREDIT CARDS/EFTPOS                                                     Causes                                                                    •   Inadequate controls exercised by wages clerks
Fraud does not always involve the notion of monetary gain, however,      Risks                                                                    • Inadequate cheque clearance procedures                                  •   Salaries and wages input documents not checked by another officer
it can be defined as encompassing a wide variety of corrupt,             • Fraudulent monetary transactions on credit and debit cards             • Counterfeit bank cheques                                                •   Inexperienced or corrupt wages and salaries clerks
deceptive, dishonest or unethical behaviours.                            • Used at bank branches to obtain cash advances                          • Cheques obtained from companies by persons disguised as                 •   Employees continue to seek additional loopholes in the award
                                                                         • Used at merchant establishments in payment for goods and/or services     repairmen etc and new cheque books ordered from the bank                •   Continuing unchallenged long standing practices
The following definitions have been provided as examples of the                                                                                   • Insufficient funds in account for presentation of cheque
average persons understanding of fraud:                                  • Used at Automatic Teller Machines (ATMs) to obtain cash advances                                                                                 Prevention Measures
                                                                         • Theft from the authorised holder                                       Prevention Measures                                                       • Wages clerks should check that allowances are not paid for days
“...deceit, trickery, sharp practice or breach of confidence, by which   • Fraudulent manipulation of EFTPOS terminal by offenders                Make sure that:                                                             absent from work
it is sought to gain some unfair or dishonest advantage...”
                                                                         Causes                                                                   • Cheques payable to a third party are properly endorsed by the payee     • Segregation of duties
“...an intentional misstatement of information to obtain financial       • Use of counterfeit credit cards                                        • Cheque endorsement is in order                                          • Salaries and wages should be randomly checked
benefits through improper, unauthorised or illegal actions...”           • Use of stolen/lost credit cards                                        • There are no changes on the cheque
                                                                         • Lack of compliance with checking procedures                            • The cheque has the correct date                                             PURCHASES AND ACCOUNTS PAYABLE
“...the use of false representations to obtain unjust advantage...”                                                                               • Figures match the writing
                                                                         • Insufficient security of EFTPOS terminal at point of sale                                                                                        Risks
“...the offence of obtaining money or property by deceit...”             • Often stolen from:                                                     • Signature is okay
                                                                                                                                                                                                                            • Wasteful expenditure
                                                                           - The glove boxes of motor vehicles                                    • Contact the company by phone to confirm validity of the cheque
                                                                                                                                                                                                                            • Short supply of goods
                                                                           - Unattended clothing and handbags in business premises                • Contact bank for special clearance of cheque
FRAUD RISKS AND PREVENTION INDICATORS                                                                                                                                                                                       • Supply of inferior goods
                                                                           - Within the postal system                                             • Safeguard cheques
                                                                                                                                                                                                                            • Payment for services and goods not supplied
Fraud can flourish in an atmosphere of ignorance and neglect.              - Cardholder letter boxes                                                                                                                        • Purchase of goods for private use
However, a fraud prevention strategy will assist managers and others     Prevention Measures                                                      CASH RECEIPTS
                                                                                                                                                                                                                            • Kickbacks for biased selection of suppliers
to seek out actual and potential fraud, particularly when                Check:                                                                   Risks                                                                     • Payments to ‘bogus’ vendors for false claims
administrative, managerial and audit failures are exploited by those     • The hologram (inferior and/or different company hologram, three        • Theft of money                                                          • Cheques written for cash only
with fraudulent intent.                                                    dimensional features, change of colour)                                                                                                          • Cheques not properly authorised
                                                                                                                                                  Causes
The following points should be considered when developing a fraud        • The commencement date                                                                                                                            • Cost of tyres, repairs, fuel received and paid for by company funds
                                                                                                                                                  • Inadequate supervision
prevention strategy:                                                     • The expiry date
                                                                         • The card is signed
                                                                                                                                                  • Poor segregation of duties                                              Causes
Fraud indicator checklists can be used as an effective tool for                                                                                   • Inadequate training of staff                                            • Poor supervisory review
                                                                         • The signature has not been written over
reviewing business and organisational performance on a regular                                                                                    • Use of common registers, drawers etc among staff                        • Systems controls either inadequate or bypassed
                                                                         • The printing and embossing is clean and even for changes to the
basis. Implementation of internal prevention controls is a critical                                                                               • Large amount of cash kept on hand - infrequent banking                  • Exercise of delegation not monitored
                                                                           panel (eg white tape, erasures, smudges)
part of the monitoring process for management and improved fraud                                                                                  • Poor banking procedures                                                 • Inadequate review of claims for payments
                                                                         • Cardholder name and EFTPOS machine receipt details match
awareness for employees.                                                                                                                          • Poor cash handling and reconciliation procedures                        • Inadequate segregation of duties
                                                                         • For any visible damage to the card
                                                                         • Signature on sales strip compared to the actual card                   Prevention Measures                                                       • Close relationship between employees and suppliers resulting in bias
It is also important that businesses and organisations understand the                                                                                                                                                       • Inducements from suppliers (eg gifts)
consequences associated with fraud related crime. The following          • The signature on receipt                                               • Monitor the number and regularity of ‘No Sales’ transactions on
                                                                         • The card is not returned to the purchaser before sale processed and      cash register                                                           • Inexperienced purchasing officers inconsistent interpretation
examples of consequences should be noted as examples that occur                                                                                                                                                             • Improper delegation of authority to personnel to commit, incur and
when fraud prevention/control strategies are not implemented or            signature confirmed                                                    • Reduce employees operating with an open cash register
                                                                         • Reverse italics on the signature panel                                 • Cashiers operate their own float and balance when undertaking duties      approve expenditure
actively monitored.                                                                                                                                                                                                         • No supervisory/independent checks over processing, receipting and
• Loss of revenue                                                        Detection of alterations or irregularity should be questioned:           • Knowledge of safe combination to be limited to only a few people
                                                                                                                                                  • Safes to be locked when not in use and located out of public view         payment function for expenditure
• Increased operating expenses                                           • Ask for additional photo identification                                                                                                          • Lack of documentation/information supporting expenditure
• Reduced operational efficiency                                         • Hold the card                                                          • A log book be maintained recording all transactions to and from safes
                                                                                                                                                  • Regular depositing of cash receipts into safes                          • Payment made on photocopies or facsimiles of original invoice
• Inability to meet obligations to employees, suppliers or contractors   • Call for authorisation
• Damage to credibility                                                  • Request additional account information, eg current balance             • Daily banking of takings                                                Prevention Measures
• Confidentiality compromised                                            • Be aware that card receipts and carbon copies need to be destroyed     • Regularly review extent and nature of cash shortages and report         • Acknowledgement of receipt of goods and services promptly forwarded
• Public criticism                                                       Contact the bankcard authorisation centre to obtain authorisation for      instances where satisfactory explanations are not available             • Quarterly and random audits of petty cash purchases be performed
• Strategies and plans jeopardised                                       credit card transactions:                                                • Regularly check bank deposits with cash register totals                 • At least 10 per cent of daily direct payments (<=$1,000) be
• Complaints from clients, customers, contractors etc.                   • Where the value of the transaction exceeds the branch/merchant’s       • Banking be conducted by two employees                                     checked against appropriate documentation
• Increased expenditure on salaries, wages and allowances                  floor limit                                                                                                                                      • Regular follow-up must be maintained by receipting areas of all
• Employees encouraged to seek additional loopholes in the award         • Where the branch/merchant suspects that the card presenter is not      SALARIES, WAGES AND OVERTIME PAYMENTS                                       non-receipted items
                                                                           the cardholder                                                         Risks                                                                     • Employees performing accounts payable and stores functions
The following aspects of fraud related crime are common and              • Check that the refund limit for each EFTPOS terminal is set at an                                                                                  receive appropriate training to ensure compliance with policies
                                                                                                                                                  • Fraudulent claims for expenses (eg travelling)
identify risks, causes and prevention measures.                            appropriate limit                                                                                                                                • Segregation of duties to exist between purchasing, receipting and
                                                                                                                                                  • Fraudulent salaries and wages input documents
• Credit Cards                                                           • Ensure that EFTPOS password or PIN is changed regularly and            • Fraudulent recording of attendance and time                               paying functions
• Cheques                                                                  kept confidential                                                      • Fraudulent overtime claims                                              • Exercise of delegations be monitored by supervisory staff
• Salaries, Wages, Overtime Payments                                     • Ensure sufficient physical security of EFTPOS terminal                 • Payroll ‘ghosts’                                                        • Managers to monitor compliance with policy and procedures
• Materials, Tools, Equipment                                                                                                                     • Unnecessary overtime                                                    • Ensure expenditure is authorised by a senior officer and is not
• Cash Receipts                                                           CHEQUES                                                                                                                                             outside of approved limits/expenditure guidelines
                                                                                                                                                  • Over-award payments
• Petty Cash and Advance Accounts                                        Risks                                                                                                                                              • Ensure that expenditure is supported by required appropriate
• Purchases and Accounts Payable                                         • Drawing of uncleared funds from banks, ATMs, EFTPOS                    Causes                                                                      documentation, ie: original invoice, order number details, original
• Computer and Data Security                                             • Fraudulent representation of stolen cheques                            • Inadequate supervisory review and control                                 delivery docket
• Information and Disclosures                                            • Fraudulent cashing of cheques                                          • Claims not properly authorised                                          • Ensure that accounts have not been previously paid
• Contractors and Consultants                                            • Cheques not met on presentation                                        • Attendance records not maintained                                       • Cheques are not written payable to ‘cash’

                                   2                                                                       3                                                                        4                                                                         5

								
To top