“There is enough for every man’s need ,
but there isn’t enough for every man’s GREED”
-Mahatma Gandhi
FRAUDENSIC – DECODING FINANCIAL CRIMES By Shrenik Shah
SR. NO.
TOPICS
1.
WHAT IS FRAUD
2.
CLASSIFICATION OF FRAUD
3.
CONVENTIONAL VS FORENSIC APPROACH
4.
FOUR PHASE FRAUD CYCLE
5.
TRIGGER – RED FLAGS & GREEN FLAGS
6.
PREVENTIVE TECHNIQUES
7.
PRACTICAL CASE STUDY & OTHER CASE SUMMARIES
8.
DETECTION TECHNIQUES- EXECUTIVE CASE SUMMARY
9.
CORRECTIVE TECHNIQUES – EVIDENCE & INTERROGATION
10.
CARE TO CURE -REPORTING & COMPLIANCE
11.
PROSPECTS, DIRECTORY & FORENSIC FUTURE
12.
FAQS
WHAT IS FRAUD?
WHAT IS FRAUD? Universal
Our Belief
Financial
Fair
Reward
Recovery
Acquired
Acquired
Under
Unfair
Deception
Doctrine
MATHS ON FRAUD = MQ < (O + P) R MQ – Moral Quotient = (W * IQ) O – OPPORTUNITY, P – Pressure, R – Rationalisation
SEPARATING TRUTH FROM FICTION : UNVEILING THE COMMON MYTHS OF FORENSIC AUDIT
Only CA's are capable to conduct financial fraud investigation
Forensic can be conducted by any tools & protocols Any and all Data Can Be Recovered In case of digital forensics
Pressing whistle involves identity Risk
Fraudster commits fraud as a One Day Affair Forensic Auditor can recover money from fraudster Once Forensic Report issued cant be challenged
Fraud investigations extend beyond numbers i.e. Covert Operations, Social Media profiling
The tools used for forensic shall be admissible in court of law When the storage medium is extremely damaged, this is not always possible There are numerous whiste-hotlines that help safeguarding whistleblower’s identity Fraudster commits fraud over a period of time encompassing a series of red flags. Recovery of money invites legal attention Alleged -party can issue a counter report as well to question the forensic report.
FACTS
FICTION
Financial Frauds investigation happens only on financial records
1 2 3 4 5 6 7 8
Anyone with a skeptical eye can conduct an investigation with adequate credentials
STATISTICS
AGE WISE DISTRIBUTION
LEVEL OF MANAGEMENT % 40
20%
19%
15%
35
14%
10%
9% 5%
5%
3%
30 <26
26-30
31-35
36-40
41-45
46-50
51-55
56-60
>60
25
Highest Fraud Detection Triggers 39
20
37
45%
42%
40%
15
35%
25
30% 25%
10
20%
20%
18%
15%
16%
10%
5
5%
2 0 Top Level
Middle Level
Lower Level %
Others
0% Management Review
Tip Internal Audit
Others
Gender Wise Fraud Details 100 95
90
90 80 80 70 60
62
50 40 38 30 20
20 10 10 5
0 United States of America
Western Europe
Southern Asia Male
Female
Middle East & North Africa
CLASSIFICATION OF FRAUD
Corruption Conflict of interest
Bribery
Purchasing Scheme
Invoice Kickback
Sales Scheme
Bid Rigging
Theft of Cash on hand
Asset Misappropriation
Illegal Gratuities
Economic Extortion
Inventory & All other Assets
Cash
Misuse
Net Worth Overstatement
Net Worth Understatement
Timing Difference
Timing Difference
Fictitious Revenue
Understated Revenue
Concealed Liab & Exp
Overstated Liab & Exp
Purchasing and receiving
Improper asset Valuation
Improper asset Valuation
Unconcealed Larceny
Improper Disclosure
Improper Disclosure
Larceny
Asset Requisition & Transfer
Theft of Cash on Receipts
False Sales and Shipping
Fraudulent Disbursement Billing Scheme
Skimming
Cash Larceny Payroll Scheme
Sales
Financial Statement Fraud
Receivable
Refund & Other Expense Reimbursement
Unrecorded
Write-off Schemes
Understated
Lapping Schemes
Check & payment Tampering
Unconcealed
Register Disbursement
CONVENTIONAL APPROACH V/S FORENSIC APPROACHT
• Implementation and Testing of financial controls • Overall risk assessment
Conventional Audit Approach
• Ensuring compliance ?
• Financial Statement preparation
• Identification of process lapses
• Data mining with skeptical eye
• Deep Dive Approach to identify hidden frauds • Red Flag Identification • Pattern analysis • 7 eye approach
Forensic Approach
ATYPICAL APPROACH– 7 EYE THEORY Your Eye .
Evidence Eye
Skeptical Attitude Connecting Dots Perspective Investigative approach
Without Evidence entire exercise is futile. Need to be proven in court of law
Theory Eye
Data Eye
Data analytics - To identify duplications , irregularities , trends & patterns , Link Analysis , Joining Files , Fund Trail etc
Digital Eye Digital Forensic is scanning of emails , hard disk , mobile phones and recovery of deleted files , password cracker & so on
Gun Powder Theory Time Bomb Theory Inverse Logic Theory RSF Theory Benford’s Law Theory
Tool Eye .
Network Eye Market Intelligence Surveillance & Covert Operations
Tools play an important role while using investigative techniques – GST , Logistics Tracking Tool, Background Verification Tool etc.
FOUR PHASE FRAUD CYCLE •
• •
Red Flag & Green Flag Identification & Monitoring
• •
Implementation & Testing of controls
•
Vendor , Employee & Third Party Due Diligence – Scan Theory & Pyschometric Test
•
Anti Fraud Framework
•
Implementation of whistle blow & vigil mechanism
Lifestyle & Background check • Forensic examination of documents • Tailing, Spying, Hacking & Screening, Social Media Profiling
•
Digital Forensic
•
Market research, Covert Uncovered Operation, pretext calling
•
Vendor Vigilance
REPORTING
CORRECTION
DETECTION
PREVENTION
Interrogation Techniques
•
Compliance with legal, regulatory and other requirements
Indemnification Techniques
•
Risk Appetite Redefinition
•
Evidence
•
Control Deficiency Correction
•
Conclusion - Report
TYPES OF TRIGGER
Red flags Living Beyond means (Lifestyle of employees )
Financial difficulties Unusually close association with Vendor/Customer Control issues, unwillingness to share duties
Living beyond means
39%
Financial Difficulties
25%
Unusually Close association with vendor/ customer
20%
Control issues, unwillingness to share…
13%
Divorce/family problems Divorce/ Family Problems
11%
Wheeler dealer Attitude
10%
Wheeler-dealer attitude Refusal to take leave Refusal to take leave
7%
Behaviour of the person - Unfriendly and an introvert.
PREVENTION
Green flags Not asking for increment for a very long time Gift to employees First to enter the office last to leave Budget v/s Actual – at par/low No claims on reimbursement Payment done through Personal account/Credit card Sudden profit in an otherwise loss making business
Excessive Supporting Documentations Excess Stock as compared to that recorded in books of accounts
PPREVENTION REVENTION
PREVENTIVE TECHNIQUE CORE VIGILANCE COMMITTEE PROPRITORY • Scanning of emails and hard disk • Surprise intelligence check of employees • Surprise vendor and customer visit • Astound expense verification
WHISTLE BLOW TECHNIQUE
TEST – ENTRY & EXIT
• Exposition of illicit activities being executed by fellow mate • Communication via ethical helpline and email • Independent committee to work on whistle blow
• ENTRY WINDOW:-
Eq test assuring intent , Background check • EXIT WINDOW:-
Check on employee activities during notice period serving in the organisation
PREVENTION
PRACTICAL CASE STUDIES Disclaimer : Names in following slides have either been masked or renamed for confidentiality purposes
DETECTION
PROJECT MARS – Research company Whistle-blower mail - Trigger Venue Bookings without actual event. Conduct of Fake Surveys through tab manipulation. QC team hand in glove with Survey team. Blacklisted Gifting Vendor On boarded again.
Probe initialised & process understanding On-field survey Process. Data flow from TAB to backend software. IT Controls Vendor and Free Lancer Onboarding Process
Initial offsite approach Data Analytics. Pretext Calling to Respondents. IT Expert opinion - TAB manipulation.
Onsite -Field work approach Logical sampling of data Surveys conducted in a particular area by multiple freelancers (possibility that 1-2 freelancers conducting surveys on behalf of 10-12 freelancers
Actual Auditors
Corporate Office
Live tracing of TAB footprints of freelancers through: Live Location of TAB from company software Live location of freelancer from Social media platform.
Ghost Employee Confessed
Live survey data conducted just before the visit date
Covert Operation
Visit to suspicious venues. Visit to respondent address. Discrete visit to vendor who had been suspected with favoritism.
Relationship between gifting vendors established
Inflated/Fake claims confirmed Fabricated Invoice
PROJECT MARS – Research company
3% 2% 18% 8%
Grand Total 144 28 105 72
% Of Total Calls 12% 2% 9% 6%
0
0%
19
2%
1 12
1% 29 11% 8
18% 5%
54 62
5% 5%
5%
3
3%
6
4%
34
3%
9
23% 57 22%
24
22% 43
26%
267
23%
0%
0
0%
0
0%
3
3%
24
15%
188
16%
12
20%
6
15% 23
9%
16
15%
3
2%
113
10%
0
0%
2
5%
25 10%
10
9%
2
1%
82
7%
257 100% 71 100% 166 100% 44 100% 60 100% 40 100% 257 100% 108 100% 165 100%
1168
100%
A
%
B
%
C
%
D
%
E
%
F
%
%
H
%
I
%
25 9 6 11
10% 4% 2% 4%
5 0 7 13
7% 0% 10% 18%
29 2 1 8
17% 1% 1% 5%
5 0 3 1
11% 0% 7% 2%
3 0 16 7
5% 0% 27% 12%
4 2 8 5
10% 45 18% 5% 7 3% 20% 27 11% 13% 11 4%
23 5 8 3
21% 5 5% 3 7% 29 3% 13
2
1%
0
0%
0
0%
2
5%
0
0%
0
0%
15
6%
0
0%
0 1
0% 0%
0 8
0% 11%
3 9
2% 5%
3 4
7% 9%
0 0
0% 0%
2 2
5% 5%
16 18
6% 7%
1
0%
4
6%
1
1%
2
5%
4
7%
0
0%
13
Call not picked up - Didn't Answer
26
10%
23
32%
58
35%
9
20%
18
30%
9999999999 number
161 63%
0
0%
0
0%
0
0%
0
Call picked up - Language Barrier
11
4%
8
11%
31
19%
3
7%
Call picked up - Yes Interview given
4
2%
3
4%
24
14% 12
27%
Remarks Call picked up - no interview given Call picked up - not met the target group Call not picked - Invalid Number Call picked up - Incorrect Respondent Call picked up - Yes interview given other than venue/outside venue Call not picked up - number not in service Call not picked up - Unreachable Call not picked up - Incoming not available, number not recharged
Grand Total Legends A B C D E F G H I
One employee - (400-600 minutes per day) Personal Back Check – E.g.: Guntur Guntur Telephonic Back Check - Tea Survey Respondent Calling Quality checker 1 (100% QC acceptance) Quality checker 2 (100% QC acceptance) Random Venue samples calling Job1 - September 2022 Discrete Calling – Smoking Survey
G
Issue Cases
32%
Neutral Cases
52%
Positive Cases
17%
DOCUMENT FABRICATION Disclaimer : Names in following slides have either been masked or renamed for confidentiality purposes
DETECTION
DETECTION
ROTTEN FRUIT CASE Disclaimer : Names in following slides have either been masked or renamed for confidentiality purposes
DETECTION
1. Purchase and Sale - Related Party & Credit Note Raised 2. ABC COMPANY
1. ABC COMPANY Vendor onboarding November 2020
Mr. Manan (Vendor)- ABC Company
Husband and wife
Mr. Manan (Vendor)- ABC Company
Apples Purchased- 23,317 boxes amounting to Rs. 4.34 Cr (Feb’22)
Apples Purchased- 55,529 boxes amounting to Rs. 10 Cr (Nov’2020)
Sold –Last week of Feb’2022
Sold- 25th November 2020
Mr. Singh (Customer)-PQR company
Mrs. Riya (Customer)- XYZ Company Identified via social media search
Identified via Pretext
25th Nov’2020
2nd March 2022
Apples Rotten & Customer claimed- Rs. 90.93 Lacs
Apples Rotten- 20,314 boxes Customer claimed- Rs. 378 Lacs
28th Nov’2020
10th March 2022
Claim approval –Rs. 300 Lacs
Employer & Employee
Partial Recovery from vendor- Rs. 100 Lacs
Claim approval –Rs. 90.93 Lacs
Nil Recovery
Social Media profiling exhibiting relation between Mr. Manan and Mrs. Riya
Possibly Fabricated Evidences for Rotten Apples
DETECTION DETECTION
VENDOR REONBOARDING CASE Disclaimer : Names in following slides have either been masked or renamed for confidentiality purposes
DETECTION
Blocked vendor opening another company and re-onboarded twice
1. JJ Advertising was identified earlier as a suspected vendor due to multiple malpractices and was blacklisted.
Vendor
Total Business Feb'19-Jan'20
Jan'20 - Oct-22
2. Onboarding of new vendor – Bakshi Media with same owner Bakshii Media
3.Social Media Search for JJ Advertising shows Bakshi Media as a new brand of JJ Advertising. JJ Advertising
4.Mr.Sharma is identified as the owner of JJAdvertising & Bakshi Media.
48,716
61,16,651
25,07,158
4,248
5.On verification of the invoices, it was pertinent to note that contact numbers on both the invoices were same & authorized signatory for both the invoices is Mr.Ketu 6.The nature of services provided by both the vendors is similar. 7. Post blacklisting of Bakshi, same owner opened another company “XYZ Limited”
DETECTION
Evidence proving relation and common links between JJ Advertising & Bakshi Media
DETECTION
Modus Operandi/Detection Method used Sr. No.
Case Name
1
Project Brahmastra – Listed FMCG
2
Project Dabang – Listed Blacklisted vendor getting into the system by opening another Psychometric Test & SCAN Healthcare Company company in own name and getting on boarded more than thrice.
Digital Forensic
Project Mars - Research 1. Company
1.Data Analytics Pretext Calling
Modus Operandi
Trigger
Conflict of interest - Vendor opening shell company in wife's and Multiple Credit notes raised employee's name and reversing transactions worth crores. Direct giving reason of damaged loss to company. products
3 2.
Compromising on quality by providing report to clients with dummy data figures and quality supervisor manipulating Whistle blower complaint sample of checking. Inflated reimbursement bills of hotels.
Project Houseful- Logistics Accountant transferred amount payable (₹ 45 lakhs) to their own 4 & CHA account thereby bypassing the authority matrix. Moreover, Huge sum of outstanding manipulated audit scoping keeping vouchers below ₹ 5 lakh out amount to Vendor of scope.
5
6
Project Jalwa -Fashion Product Design Theft by ex-employee and sale of design Industry duplicate under former company’s label.
Project Jupiter- Automobile Company Teeming and Lading , Cash larceny
Whistle blower complaint
Detection Method used Digital Forensic Social Media Profiling Pretext Calling
2.Mystery Visit
Confirmation with vendor and reassessing audit scope.
Vigilanance & surveillance Pretext on Suspect
Customer following up on Confirmation with remaining delivery status indicating customers to find out particulars payment completion however regarding payment. still outstanding as per books .
Modus Operandi/Detection Method used Sr. No
Case Name
7
Project Venus- Listed CHA
8
Project Procurement – Financial Services Company
9
Project Galaxy – IT Company
Modus Operandi Resignation of 8+ employees post data theft
Trigger
Detection Method used
Resignation of multiple employees at same time & customer were being Covert operation approached
Whistle blowers complaint
Physical site visits , Redundant supportings submitted.
Conflict of interest – Employee routing tenders to another company in which he has common directorship.
Huge loss suffered by company
Detailed investigation
10
Project Venus- Listed Healthcare Company
Breach of non compete and business diversion – Doctors violating on compete clause and opening their own labs and diverting business.
Sudden drop in revenue
Pretext & Covert Operation
11
Project Apollo – Listed NBFC
Digital lending fraud via keeping known vulnerabilities open into loan software and subsequent loan disbursements without adequate income proof.
High NPA cases
Loan Portfolio scanning
12
Project Navrang – Listed company
Sale of counterfeit products by suspects. Product resale
Preventive mechanism
Counterfeit audit Covert operations
13
Mumbai based Hospital
Sale of counterfeit experience letters by nurse
Sudden increase in Standard of Living
Social Media profiling
14
Listed Construction Company
Dummy vendor creation and subsequent fund siphoning.
Personal Bill found
Detailed Investigation
No physical existence of numerous vendors Vendors operating from house premise Vendors conducting business from unreasonable structure.
Preventive Activity
No physical existence of numerous vendors
15
Listed Healthcare Company
Procurement Fraud , Collusion
DIGITAL FORENSIC - WALKTHROUGH
REPORTING
Digital Forensic - Workflow
Stage 1 – Disk Imaging • •
It involves entire system imaging including system files. Data Imaging happens on the basis of Binary codes created in the system.
Stage 2 – Processing of Data •
•
System creates hash value for each data so as to maintain the originality & enables to submit in court of law. If any of the contents of original files are changed after processing of data, new hash value is created. Also recovers deleted files by user.
Stage 3 – Carving •
Carving allows to recover all formatted files which were once a part of the system even if the computer has been formatted multiple times.
Stage 4 – Indexing •
An Index is like a data base of text strings extracted from files or space on an evidence image
Stage 5 - Review • • •
Review is based on keyword search which are general as well as specific to the ongoing project. Unique searches of min 250 key words having minimal multiplier of 4 Manual review of the files populated by the tool
REPORT – DIGITAL FORENSIC (WEB NEXUS) Disclaimer : Names in following slides have either been masked or renamed for confidentiality purposes
DETECTION
Organic Fruits
Accountant
Customer
100
AMD Nature Fresh AMD Fruit Agency AD Fresh Fruits - Suspected
Groove Boosters Pvt Ltd
Mit S.
2018 2018
Groove Juices Pvt Ltd Director
JJ Fresh
Customer
Wife
856
Aman Shah
Reetika Shah
Director
PQR India Pvt Ltd
Director
ABC India Limited
2021
Dinesh Shinde 46
Director
Director 2021
XYZ India Pvt Ltd
Common Directors
Common Directors
Aarti J w/o Pradip J
NK
2022
Anil
SSJ Exotic Fruits Private Limited Director
GROOVE FRUIT PRIVATE LIMITED
Owner
Director 2022
AARIKA Rani Fruits 1585
Foods Origin LLP
2018
Common Address 143
MNO Foods Pvt Ltd 2021
LOTUS Groove Fresh Fruits Pvt ltd
2021
Husband & Wife Groove Fresh Fruits
Suspected Family of Aarti J
Common Directors – Ecovita Foundation Siddharth 15
ZAB LIMITED
Akshita J
Sagarika J
Shekhar J
Groove Sunfresh LLP Groove Sun fresh (India) Pvt Ltd
- Turnover In Crores 2017
- Year of Establishment
2020 2021
INTERROGATION TECHNIQUES
CARE TO CURE Companies Act , 2013
CARO 2020
Other Compliances
Section 143(12) - Reporting by Auditors:
CARO 2020 provides for specific requirements for reporting of fraud under clause 11.
(Depends on industry and Company Composition)
If during the course of audit, the auditor has reason to believe that an offence of fraud involving an amount exceeding Rs. 1 crore or more is being or has been committed against the company by the officers or employees of the company, then the auditor shall report the matter to the Central Government. If the amount involved in fraud is less than Rs. 1 crore, the auditor shall report the matter to the audit committee or Board within a period of 2 days from the date of his knowledge of fraud.
1. Has there been any fraud by the company or any fraud done on the company. If any such fraud has been noticed or reported any time of the year. If yes, nature and amount involved have to be reported. 2. Whether the auditors of the company have filed a report in Form ADT-4 with the Central Government as prescribed under the Companies (Audit and Auditors) Rules, 2014.
•
SEBI Reporting
•
RBI Reporting
•
Whistle-blow cases – mandatory status reporting by statutory auditor Regulatory bodies outside India ,if requirement so persists.
• •
Adherence to AML guidelines & ABAC guidelines
•
EOW Reporting - ₹6 crore and above
REPORTING
FORENSIC - PROSPECTS
DETECTION DETECTION
Expert Opinion & Expert Witness Cyber/ Digital Forensic ADR- Alternate Dispute Resolution MNC - FCPA RERA Forensic Occupational Fraud - Corporate
IBC - NCLT
SEBI - Forensic
IBA –Bank Forensic
FORECASTING THE FUTURE – EMERGING TRENDS IN FORENSIC Key insights •
The global Forensic Accounting Services market is estimated to grow annually at a CAGR of around 6.5% over the forecast period (2023-2030).
•
In terms of revenue, the global Forensic Accounting Services market size was valued at around USD 16.5 billion in 2022 and is projected to reach USD 27.3 billion, by 2030.
•
The global Forensic Accounting Services market is being driven by the growing number of frauds in the BFSI sector.
47
DIRECTORIES
GDPR- Revolutionary Regulation SEBI tightens norms for Forensic Audit Introduction of Forensic Standards AI and Data mining in forensic
Men to men marking . theory. Cluster Theory Un-orhodox Theory. Connect the dot theory Confirmation Bias Theory Time Bomb Theory Corporate Espionage Hydro Theory Orphan Fund Theory
Current trends Directory
Theory Directory
Our Directory
Take - Way
Maths on fraud 7 Eye’s on fraud detection CVC technique for fraud prevention In-house Tools like- Mail Scanning, SCAN, Mind Muneem Whistle – blow mechanismWhistle-Eye
Aura of forensic audit Practical Knowledge Point Of View- General Auditor V/s Forensic Audit Forensic Readiness
1 2
Frequent Asked Questions
3
4 5
6 7 8
9
What are drawbacks associated with this field? What are the prerequisites for being a good forensic auditor?
Is forensic auditor protected against any counter lawsuits against them?
Whether phishing emails or scams online are part of financial fraud? How can one build credentials in forensic and risk advisory fields? Are there any certified courses?
Is having a mandate necessary before any forensic engagement?
What are the different types of tools used in forensic? How is evidence extracted under forensic?
How many active players are currently dominating the market?
Shrenik Shah - Profile Shrenik S. Shah is a fellow member of Institute of Chartered Accountants of India and graduate from Mithibai college. He is a Certified Fraud Examiner affiliated by ACFE US & is also certified Forensic Accountant & Fraud detection as affiliated by ICAI. Independent Director -Delhi Based NBFC & Partner at SN & Co Blogs of his professional experiences – Sunday Ink (sundayink.in) Business Advisory Services - +15 Years Experience Forensic Services Fraud Management Programs Risk Advisory services NBFC Consultancy & Portfolio Due Diligence Debt Securitizations Management Consultancy Key Projects Fraud Investigation worth > 250 Cr NBFC Set up & International Project -UAT Underwriting audit > 10,000 files Debt Securitization > 200 Deals
Invited as key Speaker on Fraud for Addressing +50 CFO’s Branches of ICSI Other forums Tools & Techniques Red Flag Technique Whistle Blow MechanismWhistle Eye DIGI-FAR SCAN Mind Muneem – Pyschometric Test Interest Sports , Corporate Quiz , New Venturing Ideas
FCA , FAFD , CFE
• Shrenik Shah • Shrenik@snco.in • www.snco.in
Thank You! For More Information, Visit: https://taxmann.com/
Get in touch with us on Social Media:
Follow us on Social Media:
Download Taxmann App