Applications

Expand all | Collapse all

ERP Cloud: One of the Most Significant Fraud Risks for Organizations Using ERP Cloud

  • 1.  ERP Cloud: One of the Most Significant Fraud Risks for Organizations Using ERP Cloud

    Posted 05-07-2020 13:24

    ERP Cloud: One of the Most Significant Fraud Risks for Organizations Using ERP Cloud

    Organizations running ERP Cloud are all concerned about fraud. The ACFE's 2018 Report to the Nation identifies that 89% of fraud is misappropriation of assets such as fraudulent disbursements. Check and payment tampering represent 12% of all fraud and averages $150,000 per incident. Lack of internal controls, override of existing controls, or lack of management review represents 69% of asset misappropriate fraud cases and is committed by Managers and Staff Employees in 78% of cases.

    The ability to import supplier data through conversion/interface processes is one of the most significant fraud risks organizations face. In this video, we provide highlights of how such fraud can be committed. We were careful to disclose too much information about how this scheme can be executed. Our assessment is most IT users and external resources have the knowledge or can easily develop the knowledge how to execute this scheme.

    The ability to execute this type of fraud can be found in 29 seeded roles including the seeded Employee role and the seeded Contingent Worker role. Additionally, it can be found in 29 seeded roles in ERP Cloud - 20A patch level.
    #erpcloud #oracleerpcloud #erpriskadvisors #erparmor

     

    https://www.linkedin.com/posts/erp-risk-advisors_erpcloud-oracleerpcloud-erpriskadvisors-activity-6658415885956505601-wc8y



    ------------------------------
    Jeff Hare CPA CIA CISA
    CEO
    ERP Risk Advisors
    Greeley CO
    (970) 324-1450
    ------------------------------


  • 2.  RE: ERP Cloud: One of the Most Significant Fraud Risks for Organizations Using ERP Cloud

    GEO Leader
    Posted 05-08-2020 16:31
    Hi Jeff, you make a good point. This is not my area of expertise, but a business partner who works in this space and I were discussing your post, and he made the argument that most organizations should be engaged rigorously with security and controls during role setups to avoid such described weakness in the design. He also suggested continuous monitoring mechanisms to detect weaknesses in role designs and assignments.  My colleague works globally with clients, Big4, and other audit firms, Governments, and Regulators, and believes that continuously innovating solutions in Risk Management and GRC is critical to avoid the pitfalls you mentioned.  It seems like sound advice. I am happy to share his contact information if there is interest.

    ------------------------------
    Beth Skerrett
    National Sales Director
    Enginatics
    Kemah TX
    (832) 285-2694
    ------------------------------



  • 3.  RE: ERP Cloud: One of the Most Significant Fraud Risks for Organizations Using ERP Cloud

    Posted 05-08-2020 16:54

    Beth,

     

    Sounds good.  Anyone is free to contact me related to this post or anything else GRC, Security, and Controls related – email is jhare@erpra.net.

     

    Regards,

    Jeff Hare, CPA CIA CISA

    Cell: 970-324-1450

    LI: linkedin.com/in/jeffreythare/

    Follow us on LI: linkedin.com/company/33236064