Post on 12-Jan-2016
transcript
www.naplia.comCopyright 2013
Risk ManagementRisk ManagementStephen Vono, Principal
NAPLIA
Copyright 2013www.naplia.com
The Risk EnvironmentThe Risk Environment• Culture• Risk Assessment: Employee & Client• Engagement Letters• Fraud• Cyber Risk
Copyright 2013www.naplia.com
Culture
Copyright 2013www.naplia.com
Risk Assessment: Employee & Client
• First line of defense• New client acceptance forms• Predecessor accountants• Background checks
Copyright 2013www.naplia.com
Engagement Letters• Second line of defense• Comprehensive contract: not a fee agreement• Purposes:
– Define scope of engagement– Mutual responsibilities– Provide for contingencies– Prevent differing expectations
Copyright 2013www.naplia.com
Percentage of Audit Claims(By Source of Claim)
Copyright 2013www.naplia.com
Who Commits Fraud?
0
10
20
30
40
50
60Percent
Employees Management Owners
Position in the Organization
Copyright 2013www.naplia.com
Who Commits Fraud?
0
100
200
300
400
500
600
700
800
900
Employees Management Owners
Median Loss by Position
Copyright 2013www.naplia.com
Employee Fraud(Opportunity)
• Experienced employee• Lack of segregation of duties• Uninterrupted service–Annual vacations not required
• Weak management oversight
Copyright 2013www.naplia.com
Client Risk Assessment(Centralizing the Process)
• Risk assessment committee• Must be willing to reject prospects and
terminate existing clients
Copyright 2013www.naplia.com
Cyber Liability
Copyright 2013www.naplia.com
First Party vs. Third Party
Employees
Accountant/Owner
ClientNon-client
First Party Third Party
Copyright 2013www.naplia.com
Professional Liability vs. Legal Liability
Copyright 2013www.naplia.com
Notification Letter• WISP• Notification laws• Best practices policies– Portal usage
Copyright 2013www.naplia.com
Thank you!
www.naplia.com
Stephen VonoSteveV@naplia.com linkedin.com/in/stevevono @naplia