Some International
definitions
…Fraud is an intentional deception
made for personal/company gain or to damage another individual/company; Fraud
is a crime, and a civil law violation…
Definition ACFE
(Association of Certified Fraud Examiners):
The internal fraud is
the use of one’s own activity in order to enrich themselves while abusing or
deliberately diverting resources and assets of the company
Types of Risk:
A legal and operational risk that may cause the company to
lose on a financial, material, or brand. An origin often related to
identity. The confidential data is becoming a prime target and controls on operational risks is now a priority in corporate governance. Internal and external assets of the
company (70% internal 20% external links - collusion), the stakes are
potentially enormous, affecting all sectors, particularly because of:
•The industrialization of organized financed crime.
•Specialty groups and a structured market (RBN, ...)
•From a high level of sophistication, "cyber war", using new approaches (virtual worlds, social networks,…)
•Through a strategic approach as the destabilization of societies (Pay Pal vs CastleCops, antivirus)
•A presence at all levels of the company,
•An ongoing activity. 24 - 7 -365. Law and Regulations
•Sarbanes-Oxley Act of July 2002. Formalizing internal procedures and financial accounting.
•Section 404 (process approach)
•ELCA - Global Device Fraud - Risk Assessment (Unit Level)
•Financial Security Act 01 August 2003. It strengthened the role of Internal Audit, modernized the Supervisors and the regulation of insurance, credit institutions, investment firms, security of depositors and policyholders, the modernization of auditing and transparency accounts.
•ISA 240. International standard requiring auditors to conduct interviews on the topic of fraud.
•Recommendations of the CMAA rCBF 97-02 and BASEL 2 (Banks). Created by Act No. 2003-706 of 1 August 2003 Security Financil Supervisory Authority of Insurance and Mutual (CAMA) is an independent statutory authority with legal personality.
•Decree of 13 March 2006. Definition of section 336-1 of the Insurance Code on internal control requirements if using a public offering.
•SOLVENCY II. Including the three pillars frame the financial risks on insurance agencies (quantitative financial requirements, strengthened Internal Control Functions, procedures and information disclosure to the supervisory authorities).
•IFR standards
•Eighth European Directive on auditing. The Directive (No. 2006/43/EC) of 17 May 2006 on statutory audits of annual accounts and consolidated accounts. It aims to harmonize highly but not completely requirements for statutory audit.
In difficult economic times faced with increasing cases
against Senior Managers, starting the 11 June 2003, strengthened by the
decision of the 2nd Chamber of the Court of Appeal of Aix en Provence on March
13, 2006 Case ESCOTA / Lucent Technologies that establishes the principle of
responsibility that induced the General Manager for the actions of his
employees.
Judges have applied Article 1384 of the Civil Code
concerning persons liability "to whom employees report”, and more
specifically its paragraph 5, noting that "the site (the subject of crime)
has been disputed performed on the workplace through the facilities provided by
the company."
"The employers are liable as principal for their
employees and for any acts committed by them in their internet use during
working hours, on the basis of paragraph 5 of Article 1384 Civil Code."
The company and its manager were found jointly with the employee to heavy
fines.
These decisions of jurisprudence marking the conditions for
such liability are rare and difficult to enforce. Therefore it becomes
necessary for legislator to know the activation and best practices in use.
Definition of the French Penal Code (Criminal).
"Commission of an act, intentional fraudulent tactics
that gives undue or illegal advantage. Internal or external breach of an
obligation (whether in contract or tort) with the intent to harm and to benefit
directly or indirectly, may be the result of its author or a result of induced
chain of responsibility ".
The corporate fraud takes different forms. Internal and
external, it focuses mainly on the misappropriation of assets, handling of
information or picture and the hijacking of production of the company. It is
characterized by isolated acts or repeated by the fact of an individual and /
or group. It extends over short or extended periods.
"The fight against fraud is to control legal risk
materialized by facts that could be described as crimes of theft, embezzlement,
fraud, corruption, money laundering, false documents, fakery and forgery... and
that can generate for the company financial, material or image risk,... "
.../..." In cases of proven fraud, the penalty applies to the fraudster,
but can also apply to the company and its executives, including lack of vigilance in the
implementation of an anti-fraud adapted protection system...”
Notes on the materiality of the fraud:
The reality of fraud and its method of proof involves
several legal requirements and its realization is often complex. The
combination of the accounting, financial, current and fixed assets and
intentional fraudulent and beneficial elements are the all the gears required
of professional analysis procedures.
Internal Fraud, Penal Code definition:
The fraud includes all the malicious and dishonest acts
under the Criminal Code and that cause injury that is purely financial.
Besides, it is about false documents, fakery and forgery, theft uncharacterized
parts of extortion, embezzlement of wages, abuse in blank, abuse of confidence
and finally computer fraud.
Articles:
The articles of the French (Criminal) Penal Code 121-7,
311-1 to 6, 313-1 to 3 to 4 314-1, 321-1 to 7 to 11 define 441-1 theft,
concealment, fraud, the abuse of confidence, infringement of the automated
processing of data and forgery.
Some types of fraud
Presentation of inaccurate/false accounts. Art.
L246-6 al 2 al 3 L24-3 of the Commercial Law Code
Distribution of fictitious dividends. Art. 242-6 al 1
and L241-3 part 2 of the Commercial Law Code
False
documents, fakery and forgery. Art. 441-1 of the Penal
(Criminal) Code
Vol. Art 311-1 of the Penal Code
Abuse of social goods. Art. L242-6 al 3 and 4, Art.
L241-4 and 5 s. 2 of the Code of Commerce
Abuse of trust. Art. L341-1 of the Penal Code
Romance Fraud. Art. 313-1 of the Penal Code
Responsibilities induced.
The induced “de jure” and “de facto” responsibility of the
Manager can be hired for virtually all types of crimes or civil wrongs and
criminal. Some items pose a clear principle.
Employer's Liability, as principal of its employees for acts
committed by them in their use of resources of the company during working
hours. Art. 1384 s. 5 of the Civil Code.
Breach of security of persons and property of the company.
Art. 226-17 of the Penal Code (Law 06/01/1978 DATA CENTER OF FILES AND
FREEDOMS, Art. 42). Data confidentiality and professional secrecy. Art. 1384 al
9 and 1 of the Civil Code and 226-13 of the Penal Code.
Standards and regulations
Law and Regulations:
