"Fraud and corruption have been with us forever, but happily there is growing realization that these crimes undermine trust in government, companies, and markets alike. Toby Bishop and Frank Hydoski do not just recognize that problem, but clearly set out ways and means for dealing with it."
Paul A. Volcker, former Federal Reserve Chairman and chairman of the President′s Economic Recovery Advisory Board
"At a time of rising public demand for good corporate conduct, Corporate Resiliency is a welcome resource for those seeking to manage fraud and corruption risks. Toby Bishop and Frank Hydoski provide a highly operational road map for assessing risk and preventing, detecting, and responding to fraud and corruption when it does occur."
Nancy Zucker Boswell, President and CEO, Transparency International – USA
"If you need a view of fraud and corruption from the top, this is your book. Bishop and Hydoski do an excellent job of explaining to executives why fraud and corruption are such serious issues for organizations, how we got where we are, and how to prevent and detect the devastating fallout from these crimes. A terrific read."
Joseph T. Wells, CFE, CPA, founder and chairman, Association of Certified Fraud Examiners
"Corporate Resiliency offers managers and directors a holistic approach to the management of fraud and corruption risk that speaks to the same measure of productivity and profitability used in more conventional business processes. It walks the reader through the relationship among the board of directors, the audit committee, senior management, and staff in the process of fraud risk management, with a clear eye toward the intent and direction of fast–changing legislation and regulatory guidance."
From the Foreword by Mark G. Califano, Esq., Head of Litigation, GE Capital Finance
In today′s global economy, fraud and corruption can more easily set off a chain of events resulting in serious financial and reputational loss. Corporate Resiliency reveals why resiliency in your company is not only just as crucial as innovation, customer–centricity, and competitiveness it may be vital to your company′s success.
Part One: Fraud and Corruption Today.
Chapter 1: Can We Eliminate Fraud and Corruption?
Not a pretty picture.
Focusing on the larger picture.
Potential for catastrophe.
Resiliency as a corporate goal.
Chapter 2: The Growing Risk of Fraud and Corruption.
Why should my company be especially concerned about fraud and corruption now?
Local problems, global pain.
Awareness is crucial.
Common sense and observable reality.
Tailoring efforts to avert damage.
Chapter 3: The Costs of Fraud and Corruption.
Casting a shadow on the future.
Cost and availability of capital.
Bad news travels even faster than before.
Don t expect a slap on the wrist.
Part Two: On Becoming Resilient: Strategies for Avoiding and Minimizing the Impact of Fraud and Corruption.
Chapter 4: Building a Resilient Corporation.
What determines survivability?
Traits of a resilient corporation.
Three key characteristics of resiliency.
Why resiliency is achievable.
Learn from the experience of others.
What are the benefits of fraud and corruption risk management?
Five principles of fraud risk management.
The first line of defense.
How can companies use the new guidance?
Building resiliency by enhancing fraud and corruption risk management.
Corporate resiliency self–assessment tool.
Chapter 5: Fraud and Corruption Risk Assessment.
Behind the facade.
What is a fraud and corruption risk assessment?
How important is a good fraud and corruption risk assessment?
Implementing fraud and corruption risk assessments.
Risk assessment reports: The good, the bad, and the invisible.
Four quadrants; four risk management strategies.
Questions to ask about your fraud and corruption risk assessment.
Chapter 6: Company–wide Anti–Fraud Controls: The Role of the Control Environment and High–Level Strategies.
Creating an anti–fraud control environment.
What exactly is a control environment and why is it important?
Tone at the top.
The control environment as a bulwark.
The control environment and governance.
Put it in writing.
Setting the tone.
Internal audit s role.
Measuring tone at the top.
Written code of ethics/conduct.
Why is a code important?
Excerpts from Deloitte Code of Ethics and Professional Conduct.
How does management create a successful code of ethics/conduct?
Ethics training for all employees including management.
Hotlines, helplines, and whistle–blower programs.
The role of human resources employee selection and discipline.
Other general strategies of which fraud risk management is a component.
Enterprise risk management.
Fundamentals of ERM.
Achieving risk intelligence.
Fundamentals of GRC.
Complicated, but worth the effort.
Integrated versus nonintegrated GRC.
Survey results show desire for integrated GRC.
Key attributes of companies with robust GRC strategies.
PACI, anti–corruption, and the control environment.
Chapter 7: Preventive Controls: Particular Fraud and Corruption Avoidance Strategies and Tactics.
Getting down to brass tacks.
Confronting fraud and corruption risks.
Background checks and enhanced due diligence.
Automation can be essential.
Preventive controls and three broad categories of risk.
Monitoring and evaluating preventive controls.
Continuous controls monitoring.
The roles of ERM and GRC.
Chapter 8: Detective Controls and Transaction Monitoring.
The importance of monitoring and detection.
Monitoring and detection tactics.
Risk–based internal audits as a fraud detection tactic.
Technology–based detection tactics.
Examples of fraud detection using data interrogation techniques.
Continuous fraud monitoring.
Is CFM for everyone?
The importance of lookbacks as a control check.
Questions to ask about monitoring and detection.
Chapter 9: Preparing for Fraud and Corruption Investigations and Remediation.
An ounce of planning . . . .
What to do when regulators come knocking . . . .
Evaluating the allegation.
Assembling the right investigation team.
When to call for help.
Establishing investigation protocols up front.
Collecting and preserving crucial data.
Newer challenges, newer technologies.
Communication enough but not too much.
The benefits of a case management system.
Remediation getting more value from investigations.
Chapter 10: The Players Roles (Including Yours).
New rules, new responsibilities.
The value of a cross–functional committee.
The role of the compliance officer.
Fraud and corruption risk management is everyone s business.
Conclusion: What the Future May Hold.
Good fraud and corruption risk assessment is crucial.
Embracing new roles and responsibilities.
We won t predict the future, but . . . .
Take your first steps now.
Appendix: Examples of Fraud Risk Factors.
About the Authors.