Part One: Fraud and Corruption Today.
Chapter 1: Can We Eliminate Fraud and Corruption?
Not a pretty picture.
Focusing on the larger picture.
Potential for catastrophe.
Resiliency as a corporate goal.
Chapter 2: The Growing Risk of Fraud and Corruption.
Why should my company be especially concerned about fraud and corruption now?
Local problems, global pain.
Awareness is crucial.
Common sense and observable reality.
Tailoring efforts to avert damage.
Chapter 3: The Costs of Fraud and Corruption.
Casting a shadow on the future.
Cost and availability of capital.
Bad news travels even faster than before.
Don’t expect a slap on the wrist.
Part Two: On Becoming Resilient: Strategies for Avoiding and Minimizing the Impact of Fraud and Corruption.
Chapter 4: Building a Resilient Corporation.
What determines survivability?
Traits of a resilient corporation.
Three key characteristics of resiliency.
Why resiliency is achievable.
Learn from the experience of others.
What are the benefits of fraud and corruption risk management?
Five principles of fraud risk management.
The first line of defense.
How can companies use the new guidance?
Building resiliency by enhancing fraud and corruption risk management.
Corporate resiliency self-assessment tool.
Chapter 5: Fraud and Corruption Risk Assessment.
Behind the facade.
What is a fraud and corruption risk assessment?
How important is a good fraud and corruption risk assessment?
Implementing fraud and corruption risk assessments.
Risk assessment reports: The good, the bad, and the invisible.
Four quadrants; four risk management strategies.
Questions to ask about your fraud and corruption risk assessment.
Chapter 6: Company-wide Anti-Fraud Controls: The Role of the Control Environment and High-Level Strategies.
Creating an anti-fraud control environment.
What exactly is a control environment and why is it important?
Tone at the top.
The control environment as a bulwark.
The control environment and governance.
Put it in writing.
Setting the tone.
Internal audit’s role.
Measuring tone at the top.
Written code of ethics/conduct.
Why is a code important?
Excerpts from Deloitte Code of Ethics and Professional Conduct.
How does management create a successful code of ethics/conduct?
Ethics training for all employees—including management.
Hotlines, helplines, and whistle-blower programs.
The role of human resources—employee selection and discipline.
Other general strategies of which fraud risk management is a component.
Enterprise risk management.
Fundamentals of ERM.
Achieving risk intelligence.
Fundamentals of GRC.
Complicated, but worth the effort.
Integrated versus nonintegrated GRC.
Survey results show desire for integrated GRC.
Key attributes of companies with robust GRC strategies.
PACI, anti-corruption, and the control environment.
Chapter 7: Preventive Controls: Particular Fraud and Corruption Avoidance Strategies and Tactics.
Getting down to brass tacks.
Confronting fraud and corruption risks.
Background checks and enhanced due diligence.
Automation can be essential.
Preventive controls and three broad categories of risk.
Monitoring and evaluating preventive controls.
Continuous controls monitoring.
The roles of ERM and GRC.
Chapter 8: Detective Controls and Transaction Monitoring.
The importance of monitoring and detection.
Monitoring and detection tactics.
Risk-based internal audits as a fraud detection tactic.
Technology-based detection tactics.
Examples of fraud detection using data interrogation techniques.
Continuous fraud monitoring.
Is CFM for everyone?
The importance of lookbacks as a control check.
Questions to ask about monitoring and detection.
Chapter 9: Preparing for Fraud and Corruption Investigations and Remediation.
An ounce of planning . . . .
What to do when regulators come knocking . . . .
Evaluating the allegation.
Assembling the right investigation team.
When to call for help.
Establishing investigation protocols up front.
Collecting and preserving crucial data.
Newer challenges, newer technologies.
Communication—enough but not too much.
The benefits of a case management system.
Remediation—getting more value from investigations.
Chapter 10: The Players’ Roles (Including Yours).
New rules, new responsibilities.
The value of a cross-functional committee.
The role of the compliance officer.
Fraud and corruption risk management is everyone’s business.
Conclusion: What the Future May Hold.
Good fraud and corruption risk assessment is crucial.
Embracing new roles and responsibilities.
We won’t predict the future, but . . . .
Take your first steps now.
Appendix: Examples of Fraud Risk Factors.
About the Authors.