Most large businesses have contingency plans for most emergencies, such as fire and floods. Many medium size businesses also have such plans while few small businesses do. Most large businesses periodically test that these plans work, while most medium and small businesses do not. When hurricane Sandy hit the New York - New Jersey coast a large majority of the businesses severely damaged did not have, or did not test their contingency plans. The result was disastrous for those unprepared businesses. Dr. Deming's process cycle is plan-do-check-act. Internal control specialists should evaluate each cycle to assure their organization is adequately protected for emergencies. A simple cost benefit analysis will convince management the cost of testing and improving contingency plans is a good investment. It is recommended the internal control specialist evaluate each step of each cycle for risk. A simple scoring method would be to allocate 25 percentage points for each cycle in Dr. Deming's process that is in place and working. For example if there is a written contingency plan for fire the organization is awarded 25% points for the risk preparedness. Having the plan implemented gets another 25% points as does the check and improve steps. Then a report can rate the preparedness for each risk with a score between zero and one-hundred percent.

Email: nguyentung@fmit.vn

Earlier today, COSO - a private sector organization that issues widely followed internal control and risk frameworks - released a survey seeking input on "areas of the COSO Enterprise Risk Management-Integrated Framework [that] require updating and the nature and extent of those updates." The survey is the first step in COSO's project to update its 2004 ERM framework. Although companies have a number of risk management approaches, COSO's ERM Framework has been widely referenced and some of its principles are embedded in other industry and customized risk management frameworks.

A panel at FEI's Current Financial Reporting Issues conference described by moderator John Neuman, global financial accounting director, Dow Chemical Company, as a 'dream team' of COSO 2013 implementation, reviewed key topics including the impact of the updated internal control framework on Sarbanes-Section 404 assertions, such as the determination of material weaknesses, common implementation 'gaps' identified by auditors, and implications for outsourced service providers.

When whistleblowers feed the government information about corporate malfeasance, the damage can be even more costly than expected. Even before the Securities and Exchange Commission started offering sizeable bounties for actionable information, the assistance of one or more tipsters in an enforcement action increased penalties by 30 percent and nearly doubled prison sentences.That's the conclusion of a new research paper, "The Impact of Whistleblowers on Financial Misrepresentation Enforcement Actions," 

There is no way to guarantee that an organization will not experience financial reporting fraud.

But research shows that fraud-resistant organizations share three traits:

• A tone at the top that encourages an ethical culture.
• The presence of skepticism.
• Engagement of all participants in the financial reporting supply chain.

That's according to The Fraud-Resistant Organization, a report released Monday by the Anti-Fraud Collaboration, whose members include the Center for Audit Quality (CAQ), Financial Executives International, The Institute of Internal Auditors, and the National Association of Corporate Directors.

Read the Article

In recognition of International Fraud Awareness week, occurring November 16 - 22, Shred-it is calling on business leaders to protect their organizations' and customers' confidential data from fraud by addressing the most vulnerable areas in their workplace."Businesses that overlook areas of vulnerability within their workplace risk opening their organization up to potential fraud and are putting themselves in danger of a costly data breach" According to the 13th Global Fraud Survey from EY, nearly one in six American organizations suffered from fraud in the past two years, double the rate measured in 2012. While many organizations will focus on the risks posed by external threats, too many will fail to take a look inside their own operations.

Corporate Governance probably has a zillion definitions. According to Wikipedia an important theme of corporate governance is the nature and extent of accountability of particular individuals in the organization, and mechanisms that try to reduce or eliminate the principal-agent problem.  An interesting definition is one that defines Corporate Governance as "aimed at reducing conflicts of interest, short-sightedness of writing perfect contracts and monitoring controlling interests in the firm, in the absence of which firm value is decreased'. The principles of Corporate Governance by themselves define the responsibilities of individuals who have significant roles within the Corporate Governance  framework and the diligent performance of these roles ultimately impact on the entity to which they belong. These principles are Responsibility, Accountability, Transparency, Reputation, Fairness, Independence and integrity.

Belgian prosecutors charged a subsidiary of British bank HSBC on Monday (Nov 17) with fraud and money-laundering worth hundreds of millions of euros, mainly for diamond dealers in the industry's international hub of Antwerp.Swiss subsidiary HSBC Private Bank SA (Suisse), which is wholly owned by the Asia-focused banking giant, allegedly helped hundreds of clients cheat the Belgian state, a statement from the prosecutors said. It is the latest in a series of international investigations into practices ranging from currency exchange rigging, Libor rigging and product mis-selling that has damaged the reputation of major banks. Banking practices also had helped to spark the 2008 global financial crisis that led to a worldwide recession.

You can do everything right and still have your identity stolen. If 2014 has taught us anything about security, it's this: you cannot trust companies to keep your data safe. That doesn't mean you should stop using their services, but you should be wary and learn how to protect yourself. "It Won't Happen To Me" Syndrome is one of the worst security habits and it can lead you into a lot of trouble if it goes unchecked. If you think identity theft won't happen to you, please reconsider. These days, nobody is safe from online fraud. 2014 was not a good year for companies and data security. Month after month, we've seen case after case of customer information - e.g. login credentials, personal details, and credit card numbers - ending up in the wrong hands. Sometimes it happens by way of a security loophole; other times, a rogue employee.

Read the Article

Even though cheques are less common today, according to the Information Security Media Group, cheque fraud is estimated to be one of the top three frauds plaguing the banking industry, together with phishing and bank card fraud. According to the Association of Certified Fraud Examiners' 2012 Report to the Nations on Occupational Fraud and Abuse, cheque tampering still accounts for over ten percent of all occupational frauds with the average loss from this type of fraud reported to be approximately $143,000 and going undiscovered for over 30 months.

Read the Article