Monthly Newsletter

October 2018

Welcome to the October edition of the Exactech Anti-Fraud newsletter!

In all our fraud awareness training QUOTE OF THE MONTH

courses the most difficult topic for
attendees to grasp tends to be “Corruption is worse than
Conflicts of Interest (COI). prostitution. The latter might
The Organisation for Economic Co-
operation & Development states: endanger the morals of an
“Conflict of interest occurs when individual, the former invariably
an individual or a corporation
(either private or governmental) is
endangers the morals of the
in a position to exploit his or their entire country” - Karl Kraus
own professional or official
capacity in some way for personal
or corporate benefit”. TIP OF THE MONTH
Corruption cannot exist without a If you have a Fraud Hotline, ensure
COI as each corrupt act is driven
by an underlying conflict and it’s that all allegation reports go to at
inevitable that staff members will least 3 people (e.g. CAE, CFO &
come across family or friends in the
Audit Comm Chair) to ensure that
course of business, so the key is to ensure that employees are encouraged to
declare actual, perceived, or potential conflicts and to seek advice when in
no one person can discard hotline
doubt. This ACFE video, Risky Business: Managing Conflicts of Interest provides more reports to protect friends.
insight to COIs.

“ETHICS”: The word conjures up many different expectations and associations!

Ethics used to account for 15 minutes in my 4-day fraud prevention training course, but we now offer a 2-day ethics course!
This came about because the CEO of an organization asked me to compile the course as more and more of their members
have been caught acting unethically – things like conflicts of interest, theft, phantom ticking, nepotism and fraud.
When the 2-day CPD ethics course was advertised some At the end of the day, ethical Leadership is about Tone
members contacted the CEO to say that 2 days is at the Top, Mood in the Middle & Buy-In at the Bottom,
excessive and that they don’t need ethics training. and ethics should be discussed in all our meetings.
I guess we all think we are ethical – if the implicated staff One of the key problems is that we are not taught critical
members at KPMG, Steinhoff and the host of other thinking and how to reason morally and that’s why ethics
scandal-plagued companies were asked before they training is so important. Here are the comments from a
were fired, we would have received the same answers – few attendees of the 2-day course:
“we’re not doing anything wrong”. • “You get to confront those issues we would rather not
On the very first 2-day ethics course one of the deal with!”
attendees, a CAE, said “Ethics doesn’t pay the bills”! • “The course makes your conscience come alive”
That, unfortunately, is the general attitude of many senior • “It made me have self-introspection, which is good!”
people and the juniors are watching their bosses. • “The best part was reviewing our code of ethics”

Editor: Mario Fazekas Mobile: +27 (0)83 611 0161 Office: +27 (0)11 475 2525
www.exactech.co Email: mario.fazekas@exactech.co
 The Value of Fraud Awareness Training Cyber Risks
With our training courses we try to add value to two parties: all attendees and Kevin Mitnick, the world’s most
management. famous hacker says, “The
In many training courses, the only ROI is the signed attendance register, so we weakest link in the security
add tangible value by including some personal aspects to the training - how
chain is the human element”
can employees protect themselves from fraud, and by extension the
company. When employees see that their employer cares about them they in You can have the best
turn tend to look after the employer’s assets. firewalls, & intrusion detection
systems but it’s the end-point
We also ask attendees to complete pre and post workshop questionnaires, the
results of which are submitted to management as a feedback report showing
(user) that is the most
fraud hotspots, ethics issues and knowledge transfer. The questionnaires work vulnerable, hence training is
best when outsiders deliver the training and have built trust. Most employees critical to ensure that staff
won't state what is really going on if an insider asks, as there is generally too members are aware of the
much victimization and minimal trust. I even get asked "who will read these risks and to not be duped by
questionnaires, as our handwriting will be recognized?"! phishing, pharming and social
engineering attacks.
Here's an example of the type of feedback we get from clients:
Did you know that an
“I would like to inform you that I have received an overwhelming positive
estimated 25% of employees
feedback from the Highveld Team including the manager. They have
confirmed that this was an eye opener and one of the best training courses
are using the same password
they have ever attended. Our team members are also starting to detect frauds, for all logins? What if that
so I am glad there is Return on investment!” – Regional Secretary, MIBCO password is available on the
dark web?

(Please click here to access our training course catalog). Yahoo, Dropbox, LinkedIn,
Adobe, Experian, Ashley
Maddison and many other
In last month’s newsletter we discussed the rise of Pink-Collar Crime and web sites were breached, and
mentioned the case of Rita Crundwell. Her story has now been made millions of passwords stolen.
into a movie called All the Queen’s Horses. How do you know some of
your employees were not
The case is important as it’s one of the largest cases of fraud by a single among these and what if they
employee in US history. The film highlights the fact that external threats are using the same password
get more attention from both organizations and the media, yet it’s the at the office?
insider threat that poses an even bigger security risk.
You and your colleagues can
find out by visiting
Haveibeenpwned. Just insert
your email address that you
used to sign up at Dropbox,
Yahoo etc. and they will let
you know.

Join the global effort to minimize the What You Can Do – one thing is to Invite a
EXACTECH
impact of fraudFORENSICS
by promoting anti-fraud Phone: (555) 555-5555
Certified Fraud Examiner (that’s us) to talk to your
awareness & education
123 Fake Street, City, ST 12345 employees about fraud(555)
Fax: prevention.
555-0000