Identifying and investigating fraud related red flags in ... Fraud 01_2017.pdf · Identifying and...
58
Identifying and investigating fraud related red flags in the offshore financial services sector Cayman Islands Institute of Professional Accountants 6 January 2017
Transcript of Identifying and investigating fraud related red flags in ... Fraud 01_2017.pdf · Identifying and...
Identifying and investigating
fraud related red flags in the
offshore financial services sector
Cayman Islands Institute of Professional Accountants
6 January 2017
Identifying and investigating
fraud
Learn how to recognize and investigate offshore financial services sector fraud
� Definition of fraud
� Understanding acts of fraud, including the who, how and why
� Understanding offshore financial services fraud
� Examples of red flags used to recognize potential fraud
� Discussing some techniques on how to investigate and combat fraud
� How forensic technology can assist in identifying potential fraudulent behaviour
KRyS-Global.com 2
What is fraud?
KRyS-Global.com 4
“The failings at Barings were not a consequence of the complexity of the business, but were primarily a failure on the part of individuals to do their jobs properly … it was [Leeson’s] ability to act without authority and detection that brought Barings down.”
The Barings Report
18 July 1995
What is meant by ‘fraud’?Multiple definitions
No single definition for the accountant
� Any deliberate act designed to result in unauthorized gain for an individual or
an organization
� Any intentional act by one or more individuals, involving the use of deception to obtain an unjust or illegal advantage
� Use of one’s occupation for personal enrichment through the deliberate misuse or misapplication of the employing organization’s resources or assets (occupational fraud)
� Includes acts of omission
KRyS-Global.com 5
What is meant by ‘fraud’?
Acts of omission
Bernie Ebbers, CEO, Worldcom, 2002
“No one will find me to have knowingly committed fraud.“
“I do not believe I have anything to hide, I believe that no one will conclude that I
engaged in any criminal or fraudulent conduct.“
Ebbers to U.S. House Committee on Financial Services, July 2002
… possible to convict if jurors believed [Ebbers] strongly suspected something was
wrong and “intentionally looked the other way as the fraud took place” even if he
did not directly participate in the fraud
Direction to jury, Jones J, U.S. District Court, Manhattan
KRyS-Global.com 6
What is meant by ‘fraud’?Broader definition for accounting
purposes
� Fraud in this sense is broader than in the legal sense
� Consistent with auditors obligations under ISA240
� Fraud is both misappropriation of assets and deliberate misstatement
� It might be, but doesn’t have to be, a criminal offense
� Might be an overt act, or it might result from an act of intentional omission
� Often overlaps with considerations of appropriate ethical standards
KRyS-Global.com 7
What is meant by ‘fraud’?Context for the accountant / auditor
� Fraud ≠ risk of material misstatement due to fraud
� Unavoidable risk that fraud may not be detected
� Fraud often involves sophisticated carefully organised and concealed schemes
e.g. intentional misrepresentations, forgery, deliberate failure to record
transactions, collusion, etc
� Fraud uncovered by independent auditors < 5%
� Differentiation between management fraud vs. employee fraud
� Professional scepticism
� Duty to communicate to those charged with governance
� Duty to report to third parties
KRyS-Global.com 8
Forms of fraud
Profiles of fraudsDifferent forms of fraud
Types:
� Misappropriation of assets e.g. embezzlement, theft
� Bribery
� Corruption
� Fraudulent financial reporting
Perpetrators:
� Individual
� Company
KRyS-Global.com 10
Motivators behind fraud?
Motivators behind fraud
KRyS-Global.com 12
“At any given moment, there is a certain
percentage of the population that’s up to
no good.”
J. Edgar Hoover
Typical Workforce Reality and myth
KRyS-Global.com 13
Confirmed
fraudster
Always
honest
It all depends0
20
40
60
80
100
120
The reality
The myth
‘Four-fifths of
executives admit
to cheating on
the golf course’
Typical Workforce How honest are you?
KRyS-Global.com 14
Angel
Fallen …
Fraud TriangleWhat makes people commit fraud?
KRyS-Global.com 15
The standard version
KRyS-Global.com 16
Fraud TriangleStandard triangle
Fraud triangle is a framework for spotting high-risk fraud situations
� Pressure = financial or emotional force pushing a person towards fraud
� Opportunity = opportunity to commit the fraudulent act, or the means by which
the individual will defraud the organization. Usually the ability to solve the
problem created by the pressure in secret is key to the perception of a viable
opportunity
� Rationalization = person’s own justifications for how they can step into the
dishonest actions they are about to take or have already undertaken
Fraud TriangleExecutive triangle
KRyS-Global.com 17
The Executive version ….
more common in financial
services
Profile of a fraudster
Does a typical fraudster have
a typical profile?
KRyS-Global.com 19
The typical fraudster?Common preconceptions
KRyS-Global.com 20
Never takes holiday
Always broke
‘John’ in Accounts
Steals from petty cash
Someone whom you
always had your doubts
about
Unpopular,
boring
Male
The typical fraudster?The reality
KRyS-Global.com 21
Your ‘mate’/ trusted
employeeIntelligent,
educated
With organisation
> 1 year
No previous
history of fraud
No obvious reason
to commit fraud
Executive management,
accounting, operations,
sales, procurement,
customer service, ….
Profile of fraudstersLarger occupational frauds
� Internal
� Collusion
� Male employees (four-fifths)
� 36-55 years old
� > 6 years service
� Executives (one-third)
� Managers (one-third)
� No past history of fraud
� Well respected, educated
KRyS-Global.com 22
Largest and longest
frauds commonly
committed by
management
Profile of fraudstersGeneral white collar frauds
� Internal
� Male
� Appearance of a stable family situation and good psychological health
� Above average (post graduate) education
� Position of trust (managerial and above)
� > 6 years service
� Less likely to have criminal record
� Detailed knowledge of accounting systems and weaknesses (prior accounting
experience)
KRyS-Global.com 23
Profile of fraudstersStimuli: individuals
� Personal gain
� ‘Because I can’
� Organisational culture driven
� Meet targets / hide losses to receive bonus
� Meet budget / hide losses to avoid losing job
� Meet targets / hide losses to protect the company
� Other: avoiding regulatory compliance, loss of confidence in company, ratings
driven, publicity driven, job frustration, resentment against superiors,
operating out of depth, to disrupt operations, ….
KRyS-Global.com 24
Profile of fraudstersStimuli: company frauds
Management on behalf of company
� Unfavourable economic conditions
� Reputational pressures
� Pressure from short term performance
� Unforeseen losses
� Investments that didn’t pay off
� Insufficient liquidity / working capital
� Need to survive through a temporary bad situation
� Share price falls
KRyS-Global.com 25
Focus on (offshore)
financial services frauds
Financial services frauds(Offshore) frauds
� Most ‘offshore’ frauds are committed onshore
� Function of investment vehicles registered offshore but run onshore
� Larger proportion combine asset misappropriation with fraudulent financial
reporting
� Large number involve ‘autocratic’ individuals with a superiority complex
� Technology more often involved
KRyS-Global.com 27
Profile of money managersCommon characteristics
� Salesmen first and foremost – ego driven
� Intensely competitive
� Successful, arrogant, ambitious, aggressively bold
� Win at all costs, end justifies the means
� Sense of entitlement
� End justifies the means
� Anti-social personality disorders? Domineering, cult following, charismatic,
spontaneous risk taker, intense, easy liars, no remorse, self serving,
emotionally incapable of delivering bad news, ….
KRyS-Global.com 28
Risks in asset managementFraud drivers
� Narcissistic high-performing sales types
� Macho culture, assertive authority, required to make more money than
anyone else
� Reliant on past performance, driving future conduct
� Consistent fight against volatility
� Performance rewarded by aligned performance fee, open to abuse
� Need to keep fully invested, mismatch to liquidity promises
� Illiquid assets, narrow investment strategies, ‘bespoke’ strategies
� Difficult to value assets, mark to model pricing, in-house desk top valuations
KRyS-Global.com 29
Risks in asset managementFraud drivers: results
KRyS-Global.com 30
Red flags used to
recognize potential frauds
Red flagsWhat are they?
What is a Red Flag?
� Set of circumstances that are unusual in nature or vary from normal activity.
� Signal that something is out of the ordinary and may need to be investigated.
� Do not indicate guilt or innocence, but provide possible warning signs.
� Studies of fraud cases consistently show that red flags were present, but were
either not recognized or were recognized but not acted upon by anyone.
KRyS-Global.com 32
Red flagsCategories of fraud symptoms
� Behavioural symptoms
� Lifestyle symptoms
� Internal control symptoms
� Accounting anomalies
� Analytical anomalies
� Information anomalies
� Tip-offs and complaints
KRyS-Global.com 33
Red flags in fundsMadoff*: case study in red flags
� Constant high returns, entry by invitation only – too good to be true?
� Persistently smooth returns
� Complicated ‘proprietary’ investment strategy – run with minimal staff
� Feeder fund structure – proper due diligence on BMIS not possible
� Lack of segregation of fund service providers – lack of third party oversight
� Obscure auditor – physically incapable of auditing multi-billion dollar
operation
* Strictly Madoff was not a hedge fund but a broker-dealer
KRyS-Global.com 34
Red flags in fundsMadoff (cont.)
� Unusual fee structure
� Heavy family influence - broker-dealer operation directly under his thumb
� Extreme secrecy - “Don’t Ask, Don’t Tell”
� Conflict of interest
� Inconsistent filings
� Paper tickets (in the age of technology)
� Rumours
KRyS-Global.com 35
Red flags in fundsMadoff (cont.)
Conclusions: red flags were present but ….
� Investors allowed greed to overrule some obvious advice anomalies
� Trusted only what they saw, i.e., the returns too good to pass up
� Believed Madoff too respectable to look into
� Reassured by personal ties with the manager and word-of-mouth
endorsements from friends
� Investors chose faith over evidence
� … even when the warning signs were there and the operational features
common to best-of-breed hedge funds were not
KRyS-Global.com 36
Red flags in fundsCommon red flags
� Consistent returns, lack of volatility, unusually rapid performance growth
� ‘God’ complex
� Difficulty in performing due diligence; complicated structure
� Complicated or ‘proprietary’ investment strategies
� Lack of identifiable accountability structure
� Regulatory actions and breaches
� Operational inconsistencies
� Unqualified service providers
� Related party arrangements
� Lack of information / poor communication
KRyS-Global.com 37
Weavering Capital
Case study: $600 million
� Domineering manager, no independent challenge
� Close family directors (brother, stepfather)
� Weak corporate governance
� Deceptive marketing and misleading Offer Memorandum information: easily
verifiable
� Inconsistent NAV reporting (daily v. final), with NAV being manipulated to show
low volatility
� Breach of investment guidelines
� Related party counterparties
KRyS-Global.com 38
Stanford International
Case study: $7 billion
� Complex web of 100+ companies, all controlled and directly/indirectly owned
by Allen Stanford
� No typical centralized management hierarchy
� Known for steady 10-15% returns and bold style
� Certificates of deposit offering outsized returns, even in falling market
� Obscure auditor
� Allegations from employees of Ponzi scheme and destroyed documents
� History of regulatory breaches and fines
� Father, college roommate and 85 year-old friend on Board
� College roommate was CFO.
KRyS-Global.com 39
Fletcher Asset Management
Case study: $100+ million
� Domineering manager: had to be the ‘best’
� Guaranteed minimum investor returns for certain investors
� Guaranteed liquidity for certain investors – “too good to be true”
� Selective investors
� Absence of any down months from June 1997 to December 2007
� Repeated massive sudden gains in multiple investment positions
� Lack of timely NAV reporting and communications to investors
� Breaches of investment strategy and guidelines
� Manager-controlled pricing of customized investments
� Inexperienced valuation agent, FAM main client
� Family and friends in management positions
� Related entity transactions
KRyS-Global.com 40
Platinum Partners
Case study: $1.3 billion
� Average 17% annual profits 2003-2015
� Smooth returns, only one negative month, ‘guaranteed’ investor liquidity
� Historical disciplinary practices and questionable ethical behaviours
� Huberfeld (co-founder) sanctioned three times for securities-law violations
� History of investing in controversial businesses, including Ponzi-schemers
� Investments too complex to exit quickly
� Strategy based on higher-risk debt
� Rumours, to avoid
� Late filing of audited financial statements
� Management valuations
KRyS-Global.com 41
Red flagsValuation issues
� Value is not price: “Price is what you pay. Value is what you get.”
� Price only a guide
� Liquid stocks v. illiquid assets
� Management’s best ‘estimate’
� Different valuation approaches
� Issues with overvaluations
� Issues to consider: Who is undertaking valuations? On what basis? Are they
independent? What information are they provided with? Are they qualified
and experienced?
… many of these issues came up in Weavering, Platinum, FAM, other failed funds
KRyS-Global.com 42
Investigating potential frauds
Investigation processInvestor due diligence
� Understanding investment strategy, trading patterns, valuation methods, etc
� Review of historical returns
� Comparison between audited accounts and investment restrictions
� Comparison between audited accounts and uncovered related parties
� Commercial sense?
� Historical regulatory breaches
� Background checks: personal integrity, (non)ethical behaviour, lawsuits, etc
� Adoption of common reporting standards (e.g. GIPS)
� Reputable, qualified service providers
� Market rumours
KRyS-Global.com 44
Investigating frauds
KRyS-Global.com 45
Investigation processDiscovery of fraud
� 1/4: tip-off, customer complaint
� 1/5: management review
� 1/5: whistleblower, formal reporting hotline
� 1/7: accident
� 1/7: internal audit
� 1/10: suspicious superior, other internal control
� 1/20: external audit
� 1/33: data analytics
KRyS-Global.com 46
Investigation processAdministrative investigation
� Administrative v. enforcement investigation
� Multi-stage iterative process
� ‘Case theory’ approach
� 1. Analyse information to create case theory
� 2. Collect evidence in line with case theory
� 3. Test hypothesis against information
� 4. Refine and amend case theory until
reasonably confident conclusions can be
reached and communicated
KRyS-Global.com 47
1. Case theory
(hypothesis +
assumptions)
2. Evidence
identification
/ collection
3. Information
validation /
analysis
4. Refine and
amend /
communicate
Investigation processAdministrative investigation (cont.)
� Suspicions still have to be proven
� Successful investigation depends on evidence that clearly links from hypothesis
to communicated conclusions
� Investigation only as good as case theory … constantly under review
� Evidence to be collected and associated techniques determined by how well the
hypothesis is initially formed
� Hypothesis is commonly ‘gut instinct’
� If litigation a possibility, must think about documenting evidence chain and
custody
KRyS-Global.com 48
Investigation processAdministrative investigation (cont.)
� Evidence collection very important. Identify different types of evidence.
� Consider order of collection
� Understand context: location, access rights, complete, validated,
aggregated, etc
� Record analysis with same rigour as evidence collection
� Differentiate facts and opinions, be transparent with assumptions
� Continually (re)assess how analysis relates to known facts
� Don’t be afraid to change direction
� Always be sceptical
� Always be curious
KRyS-Global.com 49
Investigation processCommon mistakes made in investigations
� Fail to plan … plan to fail
� Lack of independence
� Trust - suspect everyone, until proven otherwise
� Be open to all options, don’t be tied to narrow assumptions
� Lost control over the information flow
� Not considering order of who you need to interview, and when
� Not assessing information as it appears
� Too narrow investigation scope, or fixed on too small a period of time
� Dismissing people
� Not aware of disclosure/evidence requirements, potentially breaching the
law
KRyS-Global.com 50
Use of forensic technology
in investigations
Technology and fraud
KRyS-Global.com 52
� People commit fraud using technology, not technology using people
� For fraudsters, technology is a double-edged sword
� Technology is now also being leveraged to catch fraudsters
� E.g. visual analytics, unstructured/structured data mining, predictive modelling
� Tools that were thought of as cutting edge just a year or two ago will seem
ancient in another year or two
Technology and fraudWhat is data analysis/analytics
KRyS-Global.com 53
� Data analysis is a powerful tool in fraud investigations
� Allows searching for patterns, anomalies, trends, outliers, exceptions, etc
� Empowers investigator to uncover even the most thoroughly shrouded frauds
� Data analytics can be used to continuously monitor an organisation so that red
flags of fraud are discovered and investigated as soon as they occur
Forensic technologyFraud prevention and detection
� Be proactive
� Documentation of processes, procedures, transactions, approvals, etc.
� Regular risk assessments – internal and external
� Adequate audit logs and data preservation
� KYC and compliance checks
� Monitor account and transaction patterns
� Consider all of internal records, public records, social media, other …
� Use the data / information available … all of it
KRyS-Global.com 54
Fraud investigationBig data: challenges
� Locating relevant information
� Time and cost (data collection, processing, review)
� Multiple data sources
� Structured data formats (SWIFT, database records, etc)
� Data analytics alone is typically not a sufficient means of detecting fraud
KRyS-Global.com 55
Big dataSolutions: planning
Data Sources
� Structured data
� Unstructured data
� Other sources
Key considerations
� Data Mapping
� Custodian selection
� Preservation and collection
� Conversion and normalization
� Data processing and early data culling
� Timeline and gap analysis
KRyS-Global.com 56
Big dataSolutions: data analytics
Structured Techniques
� KYC and compliance checks
� Account and transaction patterns
� Integration
Unstructured Techniques
� Early case assessment, near duplicate analysis, conversation frequency and trends, email threading, false positive removal…
� Conceptual analysis and topic clustering
� Technology Assisted Review (Predictive Coding)
KRyS-Global.com 57
Questions?
KRyS-Global.com 58
