David Clements1.15201539

Saudi Aramco Shell Refinery Company - SASREF
Contractor Ethics and Fraud Workshop

1 June 2013
David Clements
Director Deloitte Forensic
Financial Advisory Services

2013 Deloitte Corporate Finance Limited. Private and confidential
Setting the Scene

Introduction to the Ethics & Fraud booklet
Defining Theft, Corruption and Bribery
Fraud Control
Whistleblower hotlines
2013 Deloitte Corporate Finance Limited - Private and confidential
The Ethics and Fraud Booklet
Ethics & Fraud Handbook Structure
Business Ethics
Information & Confidentiality
Fraud Awareness
Fraud Control Plan
Business Ethics
Corporate Values
Code of Business Conduct
Ethics Training & Awareness
Ethical Business Principles
Annual Declaration
Reporting & Whistleblowing
Tone at the Top
Avoiding Conflict of Interest
Ethics Committee / Champion
Gifts & Hospitability
What is Business Ethics

Business Ethics are
commonly discussed in
relation to
What does it mean to

act in an ethical manner?
To act honestly and fairly
To put companys interests

ahead of your personal
interests while doing
business of companys
behalf
To respect confidentiality of
the information you are
entrusted with
To safeguard reputation of
company
To comply with letter and

intent of the internal and
external mandates
Conflicts of interest
Release of confidential
information
Receiving gifts and

entertainment
Avoiding corrupt practices
Internal and external

communications
Is this illegal (local and country laws)?
Yes
Business Ethics
Does this contradict your policies?
Yes
No
Does this conflict with your values and culture?
Yes
No
Could this adversely impact any company stakeholders?

(customers, shareholder, employees, suppliers)
Yes
No
S
T
O
P
Would you feel concerned if this appeared as a newspaper

headline?
Yes
No
Could this impact your company if all employees did this?
Yes
No
No
Decision appears appropriate

Business Ethics
Not everyone that we do business with is ethical.
Offers may be made to you:
some may be acceptable

others will not
You may be placed in a difficult position.
You need to develop judgment
Information and Confidentiality

Confidential Information
Intellectual Property
Educate and communicate to employees
It is illegal to use another companys
that everyone has a duty to handle
intellectual property without the appropriate
information about the Company responsibly.
licenses or permissions.
Confidential information should be kept secure at all times
Use approved hardware & systems to store and access your data
Ensure you have Non Disclosure Agreements with your business partners
Suspected loss of confidential information should be reported
Bribery and corruption
Bribery and Corruption

Bribery Definition
Offering, giving, soliciting or accepting of an inducement or
reward, which may influence the action of any person.

That is, an individual receives a bribe as a reward or incentive
for action or inaction contrary to the proper conduct of his or her
duties, for the direct benefit of a third party.
Direct or indirect loss.

Bribery relates to the giving AND/OR receiving of bribes.
It is also the offering or promising of a bribe, or the requesting or agreeing to

receive not only actual payment / receipt.
Not only cash/money, it is any item of benefit.
Amounts are irrelevant, does not matter how small the amount, it is the
intention that counts.

Bribes can influence a person to either perform an action or not perform an
action.
Bribery and corruption adds up to 10% to the total cost of doing business
globally, and up to 25% to the cost of procurement contracts in developing

countries.

Corruption
Dishonest activity in which a director, executive, manager, employee or contractor of

an entity acts contrary to the interests of the entity and abuses his/her position of trust
in order to achieve some personal gain or advantage for him or herself or for another
person or entity.
The concept of corruption also involves corrupt conduct by the entity, or a person
purporting to act on behalf of and in the interests of the entity, in order to secure some
form of improper advantage for the entity either directly or indirectly.
Fraud defined
Types of fraud
Definition of Fraud
A generally accepted definition is:
Dishonestly obtaining a benefit (causing harm) by deception or other means
This definition includes:
Theft.
Obtaining property, a financial advantage or any other benefit by deception.
Providing false or misleading information to the organisation.
Making, using or possessing forged or falsified documents.
Fraud defined
Types of fraud
Fraud Defined
There are also in general three types of fraud:
Type 1 Wrongdoing perpetrated by an individual acting
alone where the principal benefit goes to the individual
Type 2 Wrongdoing perpetrated by more than one
individual
acting collusively, where the principal benefit goes to the
individuals or the organization
Type 3 Wrongdoing perpetrated by an outsider against the

organization, where the principal benefit goes to the
third party.
Fraud Defined
The wrongdoing can take the form of:
Fraudulent
financial
reporting
Misappropriation of
assets
Corruption
Types of Fraud
Corruption and
illegal activities
Conflicts
of interest
Bribery
Asset
misappropriation
Illegal
Kickbacks
gratuities
Cash
Theft
Fraudulent
disbursements
Fraudulent
statements
Non
financial
Financial
Securities
Skimming
Types of Fraud
Misappropriation of assets
Misappropriation of assets involves the theft of an entitys assets and is often perpetrated by
employees in relatively small and immaterial amounts. However, it can also involve management
who are usually more able to disguise or conceal misappropriations in ways that are difficult to
detect.
Misappropriation of assets can be accomplished in a variety of ways including:
Stealing money
Stealing physical assets or intellectual property
Causing an entity to pay for goods and services not received
Using an entitys assets for personal use
Fraud defined
Types of contract and procurement fraud
Types of Contract and Procurement Fraud
Bid submission
scheme
Defective
Pricing
Scheme
Bid rotation
scheme
Bid
suppression
scheme
Leakage of
information
Bid-rigging
scheme
Accounting
Mischarges
Scheme
Complementary
bids scheme
Phantom bids
scheme
Contract and
Procurement Fraud
Conflict of
Interest
Fraud examples
Fraud Examples
Corruption and Illegal Activities
TYCO
The U.S. DOJ investigation determined that among others, bribes were
Bribes were paid by Tyco Valves & Controls Middle East Inc. to employees
of four different state owned customers located in three Gulf countries
between 2003 and 2006.
The total amount of bribes paid to employees of these four companies
was reported by the DOJ to total $488,479. The $26 million fine assessed
against Tyco was a penalty for the global pattern of corruption in which it
was engaged for over 10 years, and $2.1 million of the total fine related to
Tycos crimes in the Arabian Gulf.
An Aramco technical specialist employees employment was terminated in
2009 for violating Aramcos Conflict of Interest and Business Ethics
policies by receiving bribes and kickbacks from various companies.
Fraud Examples
Bribery (KSA example)
An employee collaborated with three contractors, all registered with the employees company, to
intentionally overestimate change orders and purchase orders relating to a project whereby
contractors would pay him the value of the overpriced change of the order. He received
approximately SAR 24,870,990 which was 'laundered' through companies which he owned via
bank accounts and associate companies.
Kickbacks/ Illegal Gratuities (KSA examples)
An employee sought USD 1 per ton kickback from two suppliers of raw material through their
agent in KSA for supply to his employers company. He also sought USD 7000 from a potential
vendor to assist with registration process.
An employee from an inspection team asked for and received a laptop computer from one
supplier and a Samsung tablet from another supplier in order to approve their products.
25
Fraud Examples
Collusion and substitution of materials (KSA example)
A number of European valve suppliers to a KSA company colluded together to obtain cheaper
Chinese valves and passed them off as their own manufactured valves. The fraud included
falsifying certificates of authenticity and stamping the companies logos on the fake valves. The
fake valves were inferior to those approved by the end user, causing significant production
problems.
Substitution of materials (UAE example)

A supplier of specialist pipes to an oil production company fraudulently replaced approved pipes
with inferior pipes and attempted to pass them off as genuine by organising to have its logo
stamped on the fake pipes. The fraud was discovered when the thickness of the pipe was found
to be half the required measurement.
26
Fraud Examples
Fraudulent behaviour by contractor (UAE example)
A contractor to an oil production company entered into a 10 year contract to supply oil
production labour. The contract included an amount payable for the supply of food to the
contract employees as the oil company had no meal facilities.

Two years into the contract, the oil company built a restaurant facility which was used by the
contractors workforce at no cost to them. Although the contractor was aware of the change in
contract conditions it failed to notify the oil company and continued to receive the additional food
allowance for the remainder of the contract period.
Fraudulent behaviour by contractor (Overseas example)

A contractor was paid an hourly rate by a mining company for his workforce. A subsequent
investigation identified that the contractor was falsely reporting increased numbers of hours
worked by his staff. On a number of occasions timesheets showed that the same employee was
working in different areas of the mine site at the same time.
27
Fraud Examples
Asset Misappropriation
Cash Theft (KSA example)
An employee falsely claimed travel & accommodation expenses from his employer, when they
were paid for by vendors. He kept the money without declaring that he had not incurred any
expense.
Company U sold approximately 500 pipes (2000 tons) for SAR 2 million to a scrap yard. The
pipes were left over from a project and had previously been paid for by the project owner.
Company T also sold approximately 200 pipes for SAR 300,000 to a scrap yard from another
Saudi project where the pipes had previously been paid for by the project owner.
Theft of Non-Cash Assets (KSA example)

An employee was provided with confidential information from a number of tenderers during a
tendering process. He passed on other companies' confidential information to a company with
which he had a relationship via a work email. He also passed on confidential company
information to the same company.
28
Fraud Examples
Internal Fraud
Multiple Frauds Over Two Years
The CEO had been previously advised by a staff member about the fraudster but he took no action.
A number of red flags were evident but were not followed up:
Manual manipulation of data
Unexplained expenses
Inappropriate relationships
Aggressive management
External complaints and concerns were ignored
Fraud Examples
Internal Fraud
$1.6 Million Stolen Over 10 Months
The suspect held the position of IT manager and had responsibility for the organisations $10
million IT budget. He was not required to justify costs. The co-signatory to the purchase orders
had no idea what equipment/service he was authorising. There were a number of duplicate
services and pieces of equipment/consumables ordered in a short time frame.
The IT manager was able to use his administrator access to go into the accounts payable
system and delete entries. He was able to create a vendor file for his own company and three
other related companies without anyone else having line of sight over the process.
His team initially refused to assist investigators because he had built an environment where no
one in the team ever challenged his actions.
Senior management was unaware of what systems and processes he controlled.
30
Fraud Examples
Internal Fraud
Overseas collusion with an external party
An overseas company decided to build a manufacturing plant in India. Its Indian CFO was
involved in the purchase of land for the plant.
Unknown to the company, the CFO colluded with the seller of the land and the company paid
double the market rate for the land.
The deal was that the seller of the land, who was also a property developer, gave the CFO an
apartment in a new block he was building.

The matter only came to the attention of the company leadership because of a whistleblower in
the Indian business who knew of the collusion and had a subsequent falling out with the CFO.
Fraud detection and

prevention
Fraud Risk Strategy
The most important objective in any fraud risk strategy is minimising opportunity.
This is achieved by the systematic application of internal controls which should be set out in a
Fraud Control Strategy.
Incentive/
Pressure
Fraud
Risk
Triangle
Opportunity
Rationalisation
Key Elements to an Effective Fraud Control Strategy

Planning
Prevention
Fraud Control
Plan
Senior
management
Fraud Control
commitment
Resources
Internal audit
activity in control
of fraud
Line management
Detection
awareness
Employment
screening
Supplier and
customer vetting
Investigation
Internal reporting
and escalation
Role of the
external auditor
Disciplinary
procedures
Avenues for
reporting
suspected fraud
External
reporting
Whistleblower
protection
program
Civil action for

recovery of
losses
Review of
internal controls
Insurance
Assessing fraud
risk
Communication &
accountability
Internal control
Implementing a
fraud detection
program
Response
Detection of Economic Crime
70%
of Economic Crime identified in a recent survey was detected by a

fraud risk management program which can also include:
Internal tip-off
External tip-off
Data analytics
/detection tools
Whistleblowing
Methods of Detection
Fraud Risk Analysis

The process is to identify how the fraudster/s could get these assets.
This will normally involve some brainstorming and workshops. It may also require mapping
the process to identify what and how controls would need to be circumvented.
History shows that is easier for insiders to commit fraud as they are already inside a number of
controls to prevent external fraud. But dont forget external fraud and collusion.
Also, most fraudsters tend to commit ongoing frauds. But dont forget the possibility of a
large one-off fraud which will be detected but will provide the fraudster with enough money
to leave immediately.
Entities should adopt a protocol for the systematic identification and management of potential fraud
and corruption risks having regard to the entitys characteristics and the jurisdiction and industry
sector in which it operates.
Fraud Control
The most important element in any anti-fraud strategy is minimising opportunity for fraud. This is
achieved by the systematic application of internal controls which should be set out in a Fraud
Control Policy. These controls can include:
Senior management commitment and risk management
Core values and Code of Conduct
Responsibility
Investigation policy and zero tolerance
Whistleblowers Protection Policy
Training and education
Employment screening
Segregation of duties
Management information systems
External and internal audit
Fraud Behavior Indicators
Lifestyle changes
Rumours and complaints
Hostile reaction to routine enquiries
Significant after hours work
Failure to take annual leave
Changes in social relationships
Document deficiencies
Covering up inefficiencies
Increasing number of adjusting journal entries
Lessons learned
Most fraud are committed by or in collusion with internal staff
Organisational culture is a critical issue in preventing fraud

Proactive fraud risk scenario training and process mapping is essential in
identifying potential loopholes in systems and procedures
Staff selection and training is essential thorough pre-employment checking
and staff fraud awareness

Contractors need to be checked as thoroughly as staff
Whistleblowing
Whistleblowing
A whistleblower program is an important element in detecting corrupt, illegal or other undesirable
conduct within an entity, and as such, is a necessary ingredient in achieving good corporate
governance.
Whistleblower Protection
Key principles of a typical policy
Recognition of whistleblowers.
Anonymity and confidentiality of disclosure.
Protection from reprisal.
Right of redress.
Confidentiality of information.
Protection of the subject of the disclosure
Whistleblower Protection
A typical whistleblower policy should:
Encourage and facilitate disclosures of improper conduct committed by staff, directors and
contractors.
Provide protection for:
Persons who make those disclosures

Persons who may suffer reprisals in relation to those disclosures
Provide for the proper investigation and disposition of the disclosures.
A final thought
The biggest barrier to

effective fraud &
corruption control is
probably the belief
that it wouldnt
happen here
DAVID CLEMENTS
DIRECTOR DELOITTE FORENSIC
davclements@deloitte.com

David Clements1.15201539

Загружено:

Сведения о документе

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

David Clements1.15201539

Загружено:

Авторское право:

Доступные форматы

Saudi Aramco Shell Refinery Company - SASREF

Contractor Ethics and Fraud Workshop

Financial Advisory Services

Setting the Scene

2013 Deloitte Corporate Finance Limited - Private and confidential

The Ethics and Fraud Booklet

2013 Deloitte Corporate Finance Limited - Private and confidential

Ethics & Fraud Handbook Structure

Information & Confidentiality

Fraud Control Plan

2013 Deloitte Corporate Finance Limited - Private and confidential

Code of Business Conduct

Ethics Training & Awareness

Ethical Business Principles

Reporting & Whistleblowing

Tone at the Top

Avoiding Conflict of Interest

Ethics Committee / Champion

Gifts & Hospitability

2013 Deloitte Corporate Finance Limited - Private and confidential

What is Business Ethics

What does it mean to

To act honestly and fairly

To put companys interests

To comply with letter and

Receiving gifts and

Avoiding corrupt practices

Internal and external

2013 Deloitte Corporate Finance Limited - Private and confidential

Is this illegal (local and country laws)?

Does this contradict your policies?

Does this conflict with your values and culture?

Could this adversely impact any company stakeholders?

Would you feel concerned if this appeared as a newspaper

Could this impact your company if all employees did this?

Decision appears appropriate

some may be acceptable

You need to develop judgment

2013 Deloitte Corporate Finance Limited - Private and confidential

Information and Confidentiality

Educate and communicate to employees

It is illegal to use another companys

that everyone has a duty to handle

intellectual property without the appropriate

information about the Company responsibly.

Confidential information should be kept secure at all times

Suspected loss of confidential information should be reported

2013 Deloitte Corporate Finance Limited - Private and confidential

Bribery and corruption

Bribery and Corruption

Offering, giving, soliciting or accepting of an inducement or

reward, which may influence the action of any person.

2013 Deloitte Corporate Finance Limited - Private and confidential

Bribery and Corruption

It is also the offering or promising of a bribe, or the requesting or agreeing to

intention that counts.

globally, and up to 25% to the cost of procurement contracts in developing

2013 Deloitte Corporate Finance Limited - Private and confidential

Bribery and Corruption

Dishonest activity in which a director, executive, manager, employee or contractor of

2013 Deloitte Corporate Finance Limited - Private and confidential

Dishonestly obtaining a benefit (causing harm) by deception or other means

This definition includes:

Obtaining property, a financial advantage or any other benefit by deception.