ICA Certificate in Financial Crime Prevention Course Manual PDF

ICA Certificate in Financial Crime Prevention Course Manual G069/14031 Principal Author Sue Thornhill Contributing Author Pekka Dare Series Editors Dawn Fisher Andrew Clarke KangHui Wong First Edition September 2012 Second Edition January 2014 Third Edition April 2015 Fourth Edition July 2016 Fifth Edition September 2017 Sixth Edition July 2018 Seventh Edition April 2020 Eight Edition October 2021 Published by: International Compliance Association Fort Dunlop 6th Floor Fort Parkway Birmingham ENGLAND B24 9FD www.int-comp.org All rights are reserved. No part of this publication may be reproduced, stored in a retrieval system, mechanical, photocopying, recording or otherwise, without the prior permission of International Compliance Association. While all reasonable care has been taken in the preparation of this manual, neither International Compliance Association nor any of the authors accept responsibility for any errors it may contain or for any loss sustained by any person placing reliance upon its contents. © 2021 International Compliance Association G069/14031 Unit 2 What Are the Financial Crime Risks? Unit 2: What Are the Financial Crime Risks? Learning objectives The purpose of this unit is to: z provide a useful insight into the common behaviour characteristics of fraudsters, and z highlight some common warning signs of potential fraudulent activities. Introduction All employees within a business should be aware of situations that could indicate a greater risk of fraud. Key learning point Spotting the warning signs and behaviour characteristics of fraudsters will greatly assist the prevention and detection of fraud. 1. Common behavioural characteristics of fraudsters Personalities exhibiting some common types of deceptive or dishonest behaviour can be grouped into four different profiles, namely: boaster, manipulator, deceiver and loner.13 No single factor indicates that a fraud is definitely taking place, but several factors together should be regarded with some suspicion. In fact, how people respond to questions is often as important as what is actually said, as it is easier to conceal than to falsify. i. A boaster may: z boast about having all the right contacts z talk over-optimistically about business prospects z give the impression of being wealthy and successful, or z entertain, or be entertained, lavishly. ii. A manipulator may: z manipulate timetables, deadline, and/or account data z carefully control access to personnel, customers and suppliers z deal with certain accounts personally outside the main system – possibly those that would normally be delegated z blind people with science and exploit ignorance z play off various staff and advisers against each other, or z flatter people to make them feel important. 13. David Davies, ‘Fraud Watch’, p. 22–23, 2000 25 Unit 2: What Are the Financial Crime Risks? iii. A deceiver may: z say as little as possible unless confronted with the facts z answer different questions to the ones asked z use delaying tactics to avoid important meetings or reviews z pass the responsibility to someone else z become hostile when questioned closely about matters they would prefer not to discuss or disclose, or z adopt a closed-door policy so as to avoid letting anyone see the full picture. iv. A loner may: z never take a holiday z be seemingly very conscientious z keep people off their patch, or z if absent, ensure that all problems are left for them to sort out on their return. 2. Common warning signs Warning signs, often referred to as ’red flags’ or more formally ‘high-risk indicators’, act as a sign that something untoward or potentially dangerous may be taking place. The list below is not intended to be a comprehensive checklist; however, it highlights some of the common tell-tale signs of suspected fraudulent activities within an organisation. It is important that employees are aware of and are able to spot these red flags. 2.1 Unusual behaviour The unusual behaviour of individuals and unusual business events or situations may be a warning sign. Some examples are: z abnormal levels of entertaining clients out of line with normal business practice z unusual volumes of credit notes or bank reconciling items z suppliers dealt with outside the purchasing system z obsessive secrecy z inadequate or no segregation of duties z absence of controls and audit trails, and z excessive variations to budgets or contracts. It is not always easy to spot the unusual unless the usual practice is known. Example: Obsessive secrecy A member of staff in a construction company, who was responsible for managing sealed bids for subcontract work, maintained extraordinary secrecy over the opening of bid documents. He was described by his manager as having ‘impeccable discretion and integrity’, but it transpired that he had been secretly opening bids before the due date and revealing their details to competitors in return for payment. 26 Unit 2: What Are the Financial Crime Risks? 2.2 Expensive lifestyles Greed or a perceived need to have an expensive lifestyle is one of the most common motives for committing fraud. Luxury lifestyles (such as frequent expensive holidays, changing expensive cars every year, designer clothes and jewellery) not commensurate with earnings are a well-known indicator, thus some companies carry out lifestyle checks on employees to identify any significant mismatch between lifestyle and earnings. 2.3 Untaken holiday Employees who appear to be workaholics, want to get to work before anyone else, and do not take holidays, may have something to hide and may be trying to avoid the risk that their replacement may bring their fraudulent activities to light. Many fraud cases are uncovered when a fraudster is absent unexpectedly. Therefore, enforcing a minimum of two clear weeks’ holiday is a simple but effective fraud prevention measure. Ensuring proper cover during holiday absences is equally important. With the increase in remote working it is crucial to consider limited access to systems during a holiday period. 2.4 Poor-quality staff A company is often judged by the quality of its employees. Poor-quality staff might result in poor commitment to control, thus increasing the risk of fraud. An inability to attract high‑calibre personnel may indicate something about the company’s reputation, its position in the marketplace, how it treats its staff and the culture of the company. Internal controls are only as effective as the people operating them. 2.5 Low morale Demotivated staff are less likely to operate controls effectively and may even cut corners. Common causes of low staff morale include lack of career progression, weak management or a redundancy programme. Example: Fraud by disgruntled employees A ‘disgruntled’ Morrison’s employee was found guilty in 2014 of stealing data containing supermarket workers’ names, addresses and bank account details and putting them online. Andrew Skelton was convicted of fraud, securing unauthorised access to computer material and disclosing personal data. The 43-year-old was jailed for eight years after stealing the personal information of nearly 100,000 Morrison’s employees from across the country. Bradford Crown Court heard he had a grievance with the chain, which has stores across Bristol including in Fishponds and Filton, after he was accused of dealing legal highs at work. 27 Unit 2: What Are the Financial Crime Risks? Prosecution lawyer, David Holderness, speaking after the case said: Andrew Skelton was in a position of considerable trust with access to confidential personal information as Senior Internal Auditor at Morrison’s. He abused this position by uploading this information – which included employees’ names, addresses and bank account details onto various internet websites. He then attempted to cover his tracks and implicate a fellow employee by using this colleague’s details to set up a fake email account. Andrew Skelton’s motive appears to have been a personal grievance over a previous incident where he was accused of dealing in legal highs at work. The potential loss to his victims and the sheer quantity of potentially compromised data was very significant and could have resulted in employees’ identities being stolen. Currently Morrison’s has incurred costs of almost £2 million as a result of this fraud, costs have included professional fees, legal fees and fees incurred through attempts to safeguard their employees.14 2.6 High staff turnover High staff turnover may indicate the way the business is managed. A high proportion of temporary staff, a lack of career progression, and reluctance by staff to continue working under the conditions of the company, may all contribute to a poor company culture, with consequent fraud risks. Companies should ensure that the screening procedures for both permanent and temporary staff are consistent so as to prevent any infiltration by fraudsters. 2.7 Compensation tied to performance There is an increasing risk of fraud when individuals in financial organisations in the City are remunerated on the basis of their performance. Example: Bank employees creating false accounts Wells Fargo employees had been trying to meet exacting sales goals by creating sham bank accounts and credit cards instead of making legitimate sales. They may have created as many as several million fake accounts in the names of real customers – some of whom learned about the accounts only when they were charged fees for them. 5,300 employees lost their jobs because of the scandal and Wells Fargo was fined $185 million for Fraudulently Opening Accounts, which includes a $100 million penalty from the Consumer Financial Protection Bureau, the largest such penalty the agency has issued. 14. Ben Chapman, ‘Morrisons data leak: Thousands of staff to receive payout in landmark judgment over personal details posted online’, The Independent, 1 December 2017: https://www.independent.co.uk/news/business/ news/morrisons-data-leak-staff-payout-details-sensitive-data-personal-online-hack-a8086521.html – accessed November 2021 28 Unit 2: What Are the Financial Crime Risks? It is important to have checks and control systems in place to monitor the nature and quality of the profits generated by individuals remunerated on this basis. 2.8 Poor commitment to control The attitudes of a company, its directors, senior management and employees towards control, regulation and audit have a significant impact on the company’s ability to protect itself against fraud. Poor commitment to control might manifest in a hostile attitude to internal audit or inspection staff, such as attempting to restrict access to individuals or documents. Example: Inadequate segregation of duties/absence of controls The 1995 collapse of Barings Bank, the oldest merchant bank in London, was a classic example of a fraud that occurred in an operation remote from the head office. Barings Bank went down with losses of £830 million when a ‘rogue trader’, Nick Leeson, incurred massive losses in unauthorised derivatives trading in Barings’ Singapore office. Leeson was able to continue to disguise his losses accumulated during trades in complex forex derivatives because he had both back- and front‑office responsibilities. Additionally, his losses were not recognised by either his managers or auditors because of the perception that he was making huge amounts of money. No one fully understood the nature of the instruments he was trading, and the auditors were side-tracked by him on their visits to Singapore.15 2.9 No code of business ethics The lack of an established code of ethical conduct within an organisation indicates a weak anti-fraud culture. Management at all levels must lead by example and ensure that rules are followed and grey areas avoided, for instance concerning entertainment, gifts, commissions and conflicts of interest. This is particularly problematic when a company has grown through acquisitions of other businesses that have different codes of business ethics, or none. 2.10 Autocratic management style A sole manager or a group of senior executives might have exclusive control over the company, depending on their approach to the business. Certain situations that may cause concern are: z transactions that are known only to one or two managers z no meaningful debate of business issues z frequent override of managers’ authority z obsessive secrecy where such behaviour is not justified, and z lack of independent review of significant business activities. 15. For full case study, see: https://www.mbaknol.com/business-ethics/case-study-nick-leeson-and-the-collapse-of- barings-bank/ – accessed October 2021 29 Unit 2: What Are the Financial Crime Risks? Example: Bernard Madoff Madoff’s crime was the largest-ever Ponzi scheme in history. By its end, Madoff had effectively stolen $17.5 billion (£11.4 billion) from more than 4,000 account holders with Bernard L. Madoff Investment Securities (BLMIS), as well as from thousands more third-party investors exposed through feeder funds. He was jailed in the US for 150 years on 14 July 2009. In UK court appearances in 2013, Madoff’s former directors Antony Marshall, Colin Bond, John Purcell and Philip Toop described him variously as ‘aggressive’, a ‘wild man’ and a ‘control freak’. In 2001, cameras were installed on the London trading floor. This enabled Mr Madoff to monitor what was going on 24 hours a day. It was also reported that if anybody phoned up and asked about the company, about his family, or anything that was not to do with the trading, they had to be redirected to New York. He said: ‘Put them through to either myself or my sons if anybody asked any questions’.16 2.11 Unquestioning obedience of staff Where staff follow procedures by rote without any questions being asked, it may indicate the existence of an autocratic management style in a company, which may raise concerns as mentioned above. Staff who are in awe of their superiors may be more likely to acquiesce or collude in fraud or malpractice by these superiors. For example, if staff are discouraged from questioning obscure procedures or making concrete suggestions, this might indicate a culture problem within the organisation. 2.12 Remote locations poorly supervised Overseas branches, remote offices, warehouses and factories located far from central management may need more autonomy to enable them to operate effectively. However, this can be abused if they are not regularly and properly monitored. Example The opportunity A small branch office in West Africa operates with two employees who have absolute control over all branch activities. The branch always shows a profit but does not contribute large sums to the group‘s profit worldwide. Political instability discourages internal audit visits for several years. The two members of staff see the opportunity to operate the company for their own benefit. Concealment is not difficult. Provided that the quarterly reported profit figures are within 5% of that period’s budget, no further questions are asked by head office. 16. Stephanie Yang and Grace Kay, ‘Bernie Madoff died in prison after carrying out the largest Ponzi scheme in history – here’s how it worked’, Business Insider, 14 April 2021: https://www.businessinsider.com/how-bernie- madoffs-ponzi-scheme-worked-2014-7?r=US&IR=T – accessed October 2021 30 Unit 2: What Are the Financial Crime Risks? The discovery The fraud is discovered when the financial controller is unable to get in contact with the branch for several weeks. This finally prompts an internal audit visit which reveals that the office had been unoccupied for at least six weeks. The responsible individuals had been stealing the profits for months before leaving the company for good.17 2.13 Multiple firms of auditors The use of several firms of auditors within a group always increases risk and may facilitate the concealment of fraud. Where there are a significant number of transactions between group companies, branches or divisions in different countries, fragmentation of the audit function may be a particular problem, which is further compounded where there are parallel organisations audited by different auditors with different financial year ends. Equally, the use of auditors that seem out of keeping with the overall size of the business may also be a ‘red flag’. Example: David Friehling Friehling was Madoff’s auditor from 1991 to 2008, roughly the period for which Madoff admitted he carried out his fraud when he pleaded guilty. Despite the more than $65 billion in private investments that Madoff claimed he oversaw for thousands of investors, Friehling seemed to be a small-time auditor with a tiny office in suburban New City, New York. Authorities said that he appeared to have rubber-stamped Madoff’s records.18 2.14 Profits well in excess of industry norms Unusually high or unexpected levels of profits as compared with the industry or competitors, rapid growth in sales or an abnormal ability to attract depositors or investors, should all be regarded with some concern. These trends might be too good to be true and may indicate something about the nature of the financial product, the way it is sold, the customer base or the source of funds. Example: Allen Stanford Allen Stanford operated an investment scheme which offered investors high returns if they bought certificates of deposits from Stanford International Bank (SIB), which was based in Antigua. 17. AIG, ‘Financial Illustrations and Scenarios’: https://www.aig.co.uk/content/dam/aig/emea/united-kingdom/documents/ Financial-lines/Financial-Institutions/fraud-illustrations.pdf – accessed November 2021. For more detail, see http://business.scotsman.com/topics.cfm?tid=219&id=147692002 and Creaton, S. and O’Clery, C. Panic at the Bank, Gill and Macmillan. 18. NBC, ‘Madoff’s long-time auditor pleads guilty’, 11 March 2009: http://www.nbcnews.com/id/33603465/ns/business- us_business/t/madoffs-long-time-auditor-pleads-guilty/#.Upc5UhNFDcs – accessed October 2021 31 Unit 2: What Are the Financial Crime Risks? US prosecutors alleged that the Caribbean bank offloaded $2 billion of the certificates to investors, but rather than keeping the money in the safe and liquid assets that SIB’s marketing brochures suggested, prosecutors claimed that Stanford used at least $1.6 billion of it to fund an extravagant lifestyle. In 2012, Stanford was jailed in the US for 110 years for operating a Ponzi scheme that defrauded investors of more than $7 billion (£4.5 billion). In a bizarre twist, Mr Stanford continues to maintain his innocence and vows to clear his name: In his first interview since being indicted in 2009 for masterminding the second- largest Ponzi scheme in history, convicted US fraudster Allen Stanford has told the BBC he is innocent. “I didn’t do anything wrong” said the 65-year-old Texan, speaking from a maximum security penitentiary in Florida. “Will I apologise? No. Mark my words... I am going to walk out the doors of this place a free man.” Stanford says his life behind bars is “hell”. He describes being assaulted by fellow inmates in 2009, saying the treatment he received by the authorities after the attack was “barbaric”. Stanford’s lack of contrition is sure to anger the victims of his fraud, thousands of whom have little hope of ever recovering the money they lost in his $7bn (£5bn) scam. The former Houston banker was handed a 110-year sentence in March 2012 on fraud, conspiracy and obstruction charges after the Securities and Exchange Commission (SEC) shut down his global empire.19 19. Dan Roan and Patrick Nathanson, ‘Defiant US fraudster Allen Stanford vows to clear name’, BBC News , 11 January 2016: http://www.bbc.co.uk/news/world-35283297 – accessed November 2021 32 Unit 2: What Are the Financial Crime Risks? Learning outcomes By the end of this unit you should: z be able to recognise the boaster, manipulator, deceiver and loner profiles found among fraudsters z know the warning signs that indicate possible fraudulent activity by an individual, including a lifestyle beyond what could be financed from salary, a failure to take holidays and an autocratic management style z know the signs that may indicate that the company has made itself vulnerable to fraud, such as low staff morale, an unquestioning staff attitude, low-calibre staff and high staff turnover, and z understand how a properly supported code of ethics and effective supervision of staff at all locations can help to prevent fraud. 33 Unit 2: What Are the Financial Crime Risks? Tasks 1. Examine your own position in your organisation. Consider the controls and monitoring processes that are applied to it and review their effectiveness in preventing you from committing a fraud. 2. Consider, in your own organisation, the extent to which you are aware that the senior managers are committed to the reduction of financial crime. How does their commitment manifest itself? 3. Examine two of the most serious recent major banking frauds you have seen reported or of which you are aware and identify the environmental and social issues that allowed them to occur. 4. Review the Fraud Advisory Panel (FAP) factsheet ‘an introduction to fraud indicators’, which can be found at: https://www.fraudadvisorypanel.org/wp-content/uploads/2015/04/Fraud-Facts- 14B-Fraud-Indicators-Nov11.pdf. This deals specifically with red flags around internal fraud. 5. Research the Ponzi scheme mentioned in this unit in relation to Bernard Madoff and Allen Stanford. How does it work and from where does it get its name? 34

ICA Certificate in Financial Crime Prevention Course Manual PDF

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue