Environmental pressure, created by economic factors, competition and the market leading to fraudulent activities.
High degree of competition or market saturation, followed by declining margins might put pressure on management and employees to commit fraud.
Financial stability of profitability trends could be threatened by economic, industry or entity operating conditions, leading to inappropriate financial reporting.
The nature of the industry or the entity’s operations provides opportunities to engage in fraudulent activities.
Client operates in a rapidly changing industry with high vulnerability to rapidly changing technology or rapid product obsolesces, creating opportunity to commit fraud.
Client operating in a declining industry with increasing business failures and significant declines in customer demand.
Risk of improper execution of specific transaction activities to capitalize on growth opportunities, expand product portfolio, or initiate a change in strategic or operational direction.
Significant, unusual or highly complex transactions provide opportunity for fraudulent behavior.
Excessive pressure on management or staff to meet requirements or expectations of 3rd parties, leading to fraudulent financial reporting.
Excessive pressure to meet financial targets set up by the board and/or management, create incentives for revenue and asset overstatement.
Linking incentives schemes with the short-term goals might encourage fraudulent activities to achieve these goals.
Employee and management bonus schemes could promote fraudulent activity.
Unrealistically aggressive sales or profitability incentive programs are in place, creating pressure on employees to meet targets by fraudulent activities.
Management and employee remuneration is very heavily based on financial performance, leading to fraudulent financial reporting
Risk of poor reporting structure in a complex organization, might lead to fraudulent activities.
Failure to resolve an organizational complexity or instability, enabling easier routes to fraud and cover-up.
Failure to achieve effective corporate monitoring.
Difficulty in determining the organization or individual(s) that control(s) the organization.
Lack of policies regarding the company’s values and behavioral standards; also, no published code of conduct.
The risk of loss related to the management and use of people, including inappropriate resource management, (including employee competency, resource allocation, staffing tools, etc.) inappropriate management oversight and employee irregularities.
Collusion between employees and third party – receiving kickbacks or commission from a supplier; third parties intimidating staff to either disclose information or perform inappropriate transactions.
Employee misdeeds or internal fraud/management fraud – unauthorized business activities - direct theft of cash/assets; false expense claims; payroll fraud; advance fee fraud; long firm fraud; investment scheme fraud.
Failure to attract appropriate and adequate staffing expertise and adequacy.
Key person dependency and total reliance on one person to deal with queries.
Frequency and magnitude of human errors.
High turnover of management, board and legal counsel increase the risk of irregularities.
Strained relationship between management and the current or predecessor auditors
History of inattention and/or low morale amongst employees.
There is ineffective monitoring of management and staff.
Lack of clear organizational responsibilities.
Behavior indicating displeasure or dissatisfaction with the company or its treatment of employees.
Changes in behavior or lifestyle of management or staff may indicate asset misappropriation.
Management dominated by one person (or small group) and no effective oversight board or committee
High turnover of key accounting and financial personnel.
Failure to take holiday entitlement without good reason.
Risk of management ignoring negative feedbacks
The risk of loss arising from inadequate or ineffective definition and operation of processes.
Reliance on trust rather than on systems of controls to manage and control risk.
No checks to ensure that only appropriate suppliers are used by, for example, checking for connections with company employees or officers.
Continuing failure to correct major or weaknesses in internal control where such corrections are practicable and cost-effective.
No enforcement of holiday and procedures during absence and work always left until the employees return.
Lack of procedures to ensure adherence to established code of conduct.
Lack of appropriately-stringent documentation of processes.
No checks over posting access of management and staff to IT systems.
Lack of openness during the tender process.
Management’s risk assessment process does not identify fraud risk level or likelihood and significance considered. Also, management fails to consider significant processes in the fraud risk assessment.
Risk associated with related party transactions and competing interest, such as purchase and sales schemes.
Significant and unusual related party transactions.
Lack of transparency with related party transactions.
Employees in ties with competitor and releasing confidential information.
Company’s insider uses confidential business knowledge for personal gain in trading stocks.
Preferred suppliers/sub-contractors are not independent, leading to conflict of interest.
Frequent changes of legal advisers, auditors or other professional advisors.
Risk associated with money or favor given or promised in order to influence the judgement or conduct of a person in a position of trust, including invoice kickbacks and bid rigging.
Inflated or unnecessary costs as a result of kickbacks, bid rigging, gifts, commission or gratuities paid as a “reward” for doing business with a third party.
Merchandising, procurement and operations activities could lead to personnel receiving incentives from the vendors, to influence their decisions.
Vendor rewards/money procurement for purchase of vendor’s product or contract or authorization and processing of fraudulent or inflated invoices.
Failure to seek appropriate penalties of vendors.
Risk of giving, receiving, offering or soliciting, after the fact, of any “thing” of vale for or because of an action.
Payments made to facilitate illegal acts.
Bribery of illegal gratuities being offered/received on major capital expenditures.
Risk of fraud opportunities arising due to availability of Information to unauthorized personnel or other parties.
Failure to have proper access security and password protection for accessing various information might lead to fraudulent activity.
Risk that COMPANY A’s collective expertise is not properly documented, leading to information leakage.
Lack of audit trail and transaction log, creating room for fraudulent transactions.
Risk associated with fraudulent reproduction, recording, public performance or publishing of any document, software or hardware that has been granted Intellectual Property rights.
Failure to properly monitor, register or renew Intellectual Property Rights (such as copyrights, patents and trademarks) increases the chance of counterfeits.
Failure to protect or encrypt information within the company, as well as online, could lead to data theft.
Failure to issue broad claims for patent registration, or failure to address various legal jurisdictions might lead to intentional misappropriation of proprietary technology and fraudulent copyright infringement.
Risk of cash being misappropriated after it has been recorded in the books of account.
Large amount of cash handled or on hand creates an opportunity for fraud. This could lead to unauthorized payouts.
Failure to prevent lapping receivables / deposits by rolling receipts within A/R.
Unauthorized pay increases/rate change, paying someone that no longer works for COMPANY A, or pay being processed for a fictitious employee.
Risk associated with making false claims for billing, payroll, expenses and falsified refunds.
A payment is made against invoices for fictitious goods or services, inflated invoices, or invoices for personal purchases.
An employee causes the organization to issue a payment by making false claims. Similarly, an organization could fail to pay across payroll deductions, such as pension fund contributions or insurance premium
The perpetrator converts an organization’s funds by forging or altering a check on one of the organization’s bank accounts, or steals checks the organization has legitimately issued to another payee. Similar activities could take place with electronic funds transfers.
Fictitious travel expenses, meals being reimbursed based on credit card receipt, rather than a more detailed expense receipt.
Risk that cash is skimmed or misappropriated before it is recorded in the accounting records
Sales and marketing personnel may act to divert sales incentives, such as rebates, discounts, promotions.
Risk that the employees report a false expense claim, due to lack of verification of purchase receipts.
Risk associated with bribery of company officials, misrepresentation of facts by insurance company officers, directors, employees, agents and brokers for their personal enrichment or to prevent regulators from taking certain actions, etc.
Fraud resulting due to perpetrator issuing overstated, false or multiple insurance claims.
Fraud due to deliberately under-insuring to pay low premiums.
Risk associated with employees making unauthorized asset requisitions and transfers, as well as recording false sales and purchases.
Fictitious asset requisitions, transfers and dispositions, leading to theft of company product.
False sales and shipping and false claims for product damages, leading to inventory theft.
False inventory writes offs / shortages and/or payment for false purchasing
Risk associated with personal use of company assets.
Lack of monitoring over employees with access to COMPANY A’s assets.
Failure to ensure proper authorization and control over asset transactions.
Risk associated with fraudulent conduct of outsourced manufacturers and suppliers.
Risk associated with manufacturers and suppliers, such as provision of inaccurate cost and margins structures.
Transactions with outsourced manufacturers and suppliers are not in favor of COMPANY A, allowing the outsourced party to manipulate the transaction and its outcomes.
Risk associated with theft or misuse of a third party’s assets, including cash and other goods.
Excessive pressure exists for management to meet third party expectations provides an opportunity for asset misappropriation and fraudulent financial reporting.
Failure to properly monitor sales and marketing personnel, leading to crediting fictitious customer sales.