Internal Controls - A Process to Help Ensure Internal Controls are Designed Consistently and Appropriately
Still time to join us on February 23-25! Baker Tilly’s 1st Annual Virtual Fraud and Compliance Summit
We are introducing our first annual virtual Baker Tilly Fraud and Compliance Summit, hosted by Jonathan T. Marks, who leads Baker Tilly’s Global Forensic, Compliance, and Integrity Services Practice.
2020 Top 10 Articles on Fraud, Compliance, and Risk Management
Happy New Year, and thank you to the more than 100,000 people that visited Board and Fraud in 2020! With everything that happened last year, fraud, compliance, and risk management have arguably become more important than ever.
SEC and its New Silent Whistleblower: Risk Based Data Analytics
The SEC just announced its first actions arising from investigations generated by the Enforcement Division's EPS (Earnings Per Share) Initiative, which utilizes risk-based data analytics to uncover potential accounting and disclosure violations caused by, among other things, earnings management practices.
DOJ Unravels a Decade-Old Scheme that involved Kickbacks, Money Laundering, Sham Shell Companies, and Fake Invoices
According to evidence presented at trial, Aleksandr Pikus, 45, of Brooklyn, New York, and his co-conspirators perpetrated a scheme through a series of medical clinics in Brooklyn and Queens over nearly a decade. The clinics employed doctors, physical and occupational therapists, and other medical professionals who were enrolled in the Medicare and Medicaid programs. In return for illegal kickbacks, Pikus referred beneficiaries to these health care providers, who submitted claims to the Medicare and Medicaid programs.Pikus and his co-conspirators then laundered a substantial portion of the proceeds of these claims through companies he controlled, including by cashing checks at several New York City check-cashing businesses. Pikus then failed to report that cash income to the IRS. Instead, Pikus used the cash to enrich himself and others and to pay kickbacks to patient recruiters, who, in turn, paid beneficiaries to receive treatment at the medical clinics. The evidence further established that Pikus and his co-conspirators used sham shell companies and fake invoices to conceal their illegal activities.
Compliance snubbed? Three Lines Model or Enterprise Resiliency Model?
In July 2020, The Institute of Internal Auditors ("IIA") updated its Three Lines of Defense Model ("Model") to emphasize more active forms of risk management and governance that appear to go beyond merely defensive maneuvers made by the internal audit function. Some believed the old model sent a message that we should fear risk. I never saw it that way. I understood the subliminal message was the model was about achieving objectives, which requires both the creation and the protection of value. The new model does a much better job of confirming that risk management contributes "to achieving objectives and creating value, as well as to matters of "defense" and protecting value."Learn why the Enterprise Risk Resilient Model might be a better choice.
Internal Control Defined and Some Guidance
Compliance officers talk about controls constantly. Effective controls are the lifeblood of what makes a compliance program work. Most of us can rattle off examples of controls, or recognize a control when we see one. So my fellow speaker asked the audience: What is a control? Nobody dared answer. We all, me included, were suddenly uncertain that we could define a control correctly. The speaker who posed this question is Jonathan T. Marks, partner at Baker Tilly and a prolific thinker on all things forensics, audit, and internal control. Lately Marks has been asking audit and compliance audiences to define a control — and to his dismay, most people can’t.Read Marks’ definition of internal control.