Under the U.S. Federal Sentencing Guidelines, in order to receive credit for having an effective compliance program, and thereby reduce the fines imposed on the organization, a Board of Directors must be “knowledgeable about the content and operation of the compliance and ethics program,” and must “exercise reasonable oversight with respect to the implementation and effectiveness of the compliance and ethics program.”
Herbalife’s business relationship in China was committed to illegal activity, which it knew or should have known violated the FCPA. Specifically, beginning in late 2006, Herbalife China provided improper benefits and payments to government officials to obtain direct selling licenses for two cities. Herbalife paid out millions of dollars in bribes. Fraudulent expense reimbursements were used to fund the bribes, which is is a common tactic for these types of bribes.
Specifically, the SEC found that Herbalife China paid bribes through extravagant meals, gifts, and other benefits given to Chinese officials to obtain sales licenses and remove negative media coverage in China. Managers at the subsidiary asked employees to falsify expense report documents, for example, adding names to meal receipts to get below the company’s per head spending limit. It also found that the payments and benefits were inaccurately recorded and that Herbalife failed to maintain a sound system of internal controls.
» Read More
Dunkin’ was repeatedly alerted to attackers’ ongoing attempts to log in to customer accounts by a third-party app developer. The app developer even provided Dunkin’ with a list of nearly 20,000 accounts that had been compromised by attackers over just a sample five-day period. “Yet, Dunkin’ failed to investigate the attacks to identify other customer accounts that had been compromised, determine what customer information had been acquired, or whether customer funds had been stolen.
Dunkin agreed to pay $650,000 as penalty settlement costs for the lawsuit over its failure to respond to credential stuffing attacks.
In July 2020, The Institute of Internal Auditors (“IIA”) updated its Three Lines of Defense Model (“Model”) to emphasize more active forms of risk management and governance that appear to go beyond merely defensive maneuvers made by the internal audit function.
Some believed the old model sent a message that we should fear risk. I never saw it that way. I understood the subliminal message was the model was about achieving objectives, which requires both the creation and the protection of value. The new model does a much better job of confirming that risk management contributes “to achieving objectives and creating value, as well as to matters of “defense” and protecting value.”
Learn why the Enterprise Risk Resilient Model might be a better choice.
» Read More
Our experience conducting fraud investigations, domestically and globally, allows us to advise our clients on measures they can take to prevent fraud from occurring and detect issues before they expand. Our clients look to us to design anti-fraud programs and controls, perform anti-bribery and anti-corruption compliance assessments, and perform proactive fraud examinations to identify possible red flags or indicators of fraudulent activity. Because of our collective skills and the depth and breadth of our experiences, we are also able to design and enhance compliance programs and serve as integrity monitors.
Correcting deficiencies, addressing gaps in controls, and remediation of specific issues is important at the end of every investigation to prevent the same or similar frauds from recurring.
We address these important client needs at the end of our investigations and can assist with implementing remedial actions.
» Read More
Last week, the Association of Certified Fraud Examiners (” ACFE”) published the results of a survey taken by more than 1,800 anti-fraud professionals in late April and early May 2020, while we were deep into the Covid-19 crisis. The findings, for the most part, are not surprising, but does reveal some disappointing information. While I have not seen a raw copy of the survey, I was surprised the ACFE didn’t ask if the company’s fraud risk assessment was reviewed and modified accordingly.
In addition, the survey highlights trends in the overall level of fraud. Survey respondents provided information about their current observations and expected changes regarding ten (10) specific types of fraud.
» Read More
On November 5th, the Department of Justice announced the formation of the new Procurement Collusion Strike Force (PCSF) “focusing on deterring, detecting, investigating and prosecuting antitrust crimes, such as bid-rigging conspiracies and related fraudulent schemes, which undermine competition in government procurement, grant and program funding”.
The Strike Force is an inter-agency partnership comprised of prosecutors from the Antitrust Division, and prosecutors from thirteen (13) U.S. Attorneys’ Offices. Aiding in the prosecutors’ efforts are investigation partners such as the Offices of Inspector Generals from the Department of Justice, Department of Defense, U.S. Postal Service, and General Services Administration Office. The Department of Justice’s announcement proclaimed that investigating and prosecuting those who “cheat, collude and seek to undermine the integrity of government procurement” will have more to concern themselves with when executing their crimes. Prosecutors and investigators alike expressed enthusiasm to be working as a part of this new team.
» Read More
As the use of whistleblower programs continues to grow, many organizations find themselves struggling to manage burgeoning caseloads. As a result, serious fraud investigations can be delayed (with mounting
Caremark, Compliance, and Caution! Read why having active and engaged board oversight in the areas of risk and compliance is a must!
» Read More