Money sent by these victims was then laundered through a series of complex transactions using a U.S.-based hawala network. The five components shown in the helix include: Twenty principles support the five components, which should lead organizations to understand and manage risks and business objectives. Management committee mandates, identifying key risks to AD Ports and preparation of policies and procedures. Where do you get started? We will also explore how fraudsters can leverage this data to create synthetics identities and entities, enabling them to commit numerous frauds including, immigration, medical, financial and political. And it is for good reason that optimizing risk is a far more valuable Not only does using an IT risk management framework help you start your program, but it also gives you peace of mind knowing youre adhering to standards set by someone outside your organization. Retrieved December 02, 2017, from. In addition, Hamdan has experience assisting government and private entities in developing and implementing their anti-fraud frameworks. The platform also makes it easy to collaborate across teams and help you automate time-consuming repetitive tasks. WebRecommended Prerequisite: Knowledge of COSO ERM, the Three Lines Model and/or risk management From 2011 through 2017, a technology company secured more than $70 million in contracts with Dallas County Schools through an elaborate bribe and kickback scheme. Role of the Chief Risk Officer. CPE: 1.5 | Ethics CPE: No There are seminars dedicated to ERM explaining the process and providing examples of applications while also discussing advances in the field. Chartered Accountant and CISA by qualification, is part of the leadership team of the Business Risk Management vertical at ANB and has more than 18 years of experience in internal audits, consulting & risk advisory services. He has been nominated by the ICAI on the working committee jointly with IRDA for establishing best practices in controls for the Investment Risk Management Systems Audit. A wireless mesh network (WMN) is a mesh network created through the connection of wireless access point (WAP) nodes installed at Wi-Fi 7 is the pending 802.11be standard under development by IEEE. CPE: 1.0 | Ethics CPE: No Niraj has assisted many large clients across the Banking, Telecom, Healthcare, Energy and Utilities, Enterprises and Public sectors in the area of compliance, risk management, technology evaluations, implementations, managed security services and formulating security roadmaps. Field of Study: Specialized Knowledge Interact with them on a one-to-one and get to know their offerings to help you succeed. Experienced Auditor with a demonstrated academic expertise in Accounting, and a professional expertise in the fields of Auditing and Strategic and Digital Transformation. [40] A main priority of the CRO is to ensure that the company complies with SOX to ensure they are following government regulations. This session will provide analysis and insights based on research into decades of settled legal statutes, enforcement actions and restitution regarding Ponzi schemes. This Regional-class event has been attracting over 1,500 attendees annually. He worked closely in various sectors such as; Public Sector, Financial Institutions, Oil and Gas, Healthcare, Real Estate Development in addition to the International Development Agencies including World Bank, IFC, UN, etc. Governance and Culture establishes organizational processes and defines desired cultures to measure and For last one and a half decade, he has been successfully mentoring ANB, a leading Risk Advisory consulting firm. Vision-driven Certified Internal Auditor with career-long record of fraud investigation and audit management success for leading organizations. Patricia Kordesch has more than 20 years leadership experience across the second and third lines of defence, spanning the Financial Industry, Hospitality Industry and the Public Sector. His experience spans over Audit and Consulting providing various fit for purpose solutions, including Financial and Internal Audits, Business Restructuring, Governance including Board Advisory, Risk Management, Compliance, Valuations, Due Diligence among others. The session will conclude with report writing and structure and preparing your case for court. Retrieved December 02, 2017, from, Job Profile: Chief Risk Officer. Get in the know about all things information systems and cybersecurity. During the investigation he examined evidence, aided in the preparation of expert witness statements, supported legal disclosure review requirements, and provided a wide range of litigation and asset tracing support to a multinational team of lawyers and legal experts. Evaluation and Certification Board certified trainer. Multiple regulatory stakeholders must come to the table and set the course for the future. Karem holds an MBA degree with emphasis in Industrial and Manufacturing Leadership. COBIT 5 for Risk addresses all ISO 31000 principles through the Ashu Sharma, CFE This means that, for the first time, it is no longer up to the individual to prove retaliation but, instead, the company must prove that they did not retaliate; failure to do so will result in penalties, and reputational damage. It also has examples, including threat trees which walk you through different hypothetical situations to understand risk. In addition to developing policies and frameworks, the CRO is responsible for training and supervision of employees. Session Level: Basic A few institutions also established a chief compliance officer position. CPE: 1.5 | Ethics CPE: No The update focuses on ERM and more heavily considers risk in processes and performance management. Expertise in conducting organizational diagnostics through a systematic assurance approach focusing on the targeted corporate priorities; creating aligned and integrated plans to deliver end-to-end solutions upholding efficiency and agility while maintaining sound internal controls to achieve enhanced and effective risk management, control and governance frameworks. This will be contrasted against the backdrop of the Fraud Triangle and will show the potential cause and effect relationship between the three sides of the Fraud Triangle. Recommended Prerequisite: None Performance identifies, assesses severity, and prioritizes risks which may impact the achievement of strategy and business objectives. Maurits Le Poole has more than two decades of experience working with highly regulated customers across the 3 Lines of Defence. Mitzi Keating, CFE, CPA He has managed a portfolio of finance process outsourcing contracts with clients in various industries including: Telecommunications, Manufacturing, Media and Trading. The title of a CRO is a fairly new position in a company that is continually evolving. We would like to thank UAE IAA on your amazing efforts for putting together 10th Chief Audit Executive Conference. He is a Fellow Member of Association of Chartered Certified Accountants, Certified Internal Auditor and Certified Information Systems Auditor. Hyperproof helps compliance professionals adhere to 60+ different frameworks, including ISO 27001, NIST, CMMC, FedRAMP, and many more. Nagaraj is currently leading as Engagement Director for IPO Readiness Assessment and development of policies and procedures for Lulu International Holding Company in line with SCA Requirements. Abirs skills include provide advise and recommendations around ways of improving the effectiveness of internal audit, governance, and compliance. Forensic Interview Solutions (FIS) Limited, Managing Director. WebChairman of the Board of UAE IAA. The scope of services provided ranges from Internal Audit Advisory work related to setting up internal audit departments, complete outsourcing and co-sourcing with in-house internal audit departments and other Business Control and Enterprise Risk Solutions. This manipulation through social engineering has led to massive breaches, fraud, and organizations becoming victims of cyberattacks. She is engaged in industry and regulatory dialogue, and provides training. Session Level: Basic Time is never on the side of auditors and CFEs when investigating and supporting audit, risk management and fraud detection processes; its always a do-more-with-less situation. In this session, the speaker will discuss specific cases from his 42-year auditing career where an audit uncovered fraud. Fraud fighters have already had to accept that some fraudsters with anti-social disorders do not rationalize their schemes. Recommended Prerequisite: Experience with fraud prevention programs Recommended Prerequisite: An understanding of basic ethical requirements for CFEs, including how ethics and corporate compliance require CFEs to act when faced with potential evidence of fraud. Enron: The Smartest Guys in the Room and The Inventor: Out for Blood in Silicon Valley, Director and Producer. Scott is a national Sloan Fellow/ Woodrow Wilson Fellow. Eisa is the Director of Internal Audit at the Ministry of Education. The discussion will include an examination of the tension that exists between forgiveness and prosecution, and how some nonprofit organizations make the decision to prosecute or not to prosecute. From 2011 through 2017, a technology company secured more than $70 million in contracts with Dallas County Schools through an elaborate bribe and kickback scheme. Field of Study: Specialized Knowledge But, the continuous nature of OCTAVE FORTE should be observed with other frameworks as well, as risks change and adapt over time especially as threat actors grow more and more intelligent. In this session, participants will be led through the need for benchmarks and will learn to identify the risks that are inherent in benchmarks, their design, their use as a measurement and performance management tool, the gaming of benchmarks, and the monitoring of those benchmarks. Why is this important? Dabeer has been member and chair of the various Audit Committees as well as served on various Investment and Executive Committees. Non-partial third-parties developed these frameworks based on years of IT risk management expertise so you can know where to start. Establish a risk-aware culture among all employees at all levels. Field of Study: Specialized Knowledge Session Level: Basic COBIT 5 for Risk addresses all 8 components defined in COSO ERM and, for some components, extends the coverage of Prior to this, he held a similar role with KPMG in Canada where he was involved in discussions and provision of services to clients on how blockchain technology could impact them, positioning applicable use cases for major clients including consortiums, providing overview of governance structures. The CRO advises for firm projects from a risk management point of view and uses regulations and risk transfer strategies in order to mitigate the risk.[28]. is paid by governments, semigovernments, stock exchanges, shareholders and regulators. The discussion will then explore how every fraud investigation is also a money laundering investigation and how the investigative steps and techniques are similar. COSO has been endorsed by the Federal Reserve and the Federal Deposit Insurance Corporation, and is one of the most common Enterprise Risk Management frameworks cited by publicly traded companies as the 2004 standard addresses Section 404 of Sarbanes Oxley (SOX). Bernstein, P. L.; His experience spans in the areas of external audit, internal audit, IS/IT audit, IS security reviews, SOX404 implementation, developing Business Continuity Plans, IT Due Diligence, Data Analytics using Computer Assisted Audit Techniques (CAATs) RPA, data visualization and business process reviews. They also changed how fraudsters can manipulate people no matter the software protection put in place by an organization. In some studies the risk champion is described as some kind of troubleshooter who alleviates risk related problems. Session Level: Advanced Choose the Training That Fits Your Goals, Schedule and Learning Preference. In this general session, you'll hear from Rachel Wilson and Gurbir Grewal. Recommended Prerequisite: None In addition, the CRO restrains corporate risk by managing compliance.[31]. For example, Stefano Rettore[13] is the CRO of Archer Daniels Midland while being a member of the executive board. District Attorney,New Hanover and Pender Counties. Past (2020-2021) Global Chairman on the Global Board of Directors of the Institute of Internal Auditors. Originally issued by COSO as the Enterprise Risk Management Integrated Framework in 2004, the framework was He ws also responsible for liaising with our key alliances, such as IBM , Microsoft and other technology firms to assess potential collaboration for blockchain projects with clients. CPE: 1.5 | Ethics CPE: No The sector has worked hard to improve its financial crime risk mitigation strategies; however, the threats keep coming. The control environment is a set of standards, processes and structures that form internal control. CPE: 1.5 | Ethics CPE: No Have you ever felt that rush when you find the hot document that is the missing link in your fraud investigation? Fadi has a significant involvement in developing the ESG/Sustainability agenda in the MENA region via supporting both of public and private sectors in this area for the last 14 years. Semih is the Digital Training Manager here at PwCs Academy Middle East. Session Level: Intermediate This framework includes five interrelated components which are found in the most ERM frameworks. Recommended Prerequisite: None Session Level: Intermediate From the wrath of disingenuous leaders to the lust of those with the move-fast-and-break-things mentality to the envy of organizations who do things just because everyone is doing it, the question is, which sins will your organization fall victim to. Recommended Prerequisite: None Using examples and evidence from successful cases, the presentation will show you how to implement several different enhancements that will fortify your investigative and audit work products so that they will withstand determined challenges from opposing parties. The result is a top-down risk management. She is a lawyer, member of the Lebanese Lawyers Bar Association who holds dual Masters degrees LLM specialised in Artificial intelligence & Law from Universite La Sagesse, Lebanon and another Masters degree ELLM in International Business Law from Boston University USA, Michael J. Fucilli (CIA, QIAL, CRMA, CGAP, CFE), is the CAE for a large Public Sector company with Revenues in excess of $15 billion. WebThe most recent iteration of the COSO ERM Framework, adopted in 2017, highlights the importance of embedding it throughout an organization in five critical components: Governance and culture; Strategy and objective-setting; Performance; Review and revision; Information, communication, and reporting issues and root causes. A thought leader who regularly interacts and inspires the next generation of promising entrepreneurs and problem solvers, Indumon is a regular invitee to premier industry-defining forums marking tectonic shifts in times. Digital marketing is a general term for any effort by a company to connect with customers through electronic technology. Lara has over 19 years of experience in delivering an array of Internal Audit, Corporate Governance, Enterprise Risk Management & Compliance services to prominent local and regional organizations.She has led numerous strategic risk assurance projects which focused on delivering tangible value to the business, by empowering key stakeholders with the right insights and tools to manage critical risks, enhance performance and achieve targets, while establishing a corporate culture of accountability and resilience.Laras experience spans across various industry sectors, including Government & Public Sector, Oil & Gas, Power & Utility, Real Estate, Retail & Manufacturing, etc.She also focuses on creating Leadership & Development programs within the Risk Assurance domain, that offers opportunities for talent upskilling, mentoring and networking.Lara is a Certified Internal Auditor (CIA) and is an ISO 9001 Certified Auditor. Siddharth leads multiple engagements for clients in Internal Audit, Model Business Processes, Enterprise Risk Management, ICOFR, Process reengineering, COSO implementation and other Risk Advisory services. What can we use to establish truth at a distance? For 50 years and counting, ISACA has been helping information systems governance, control, risk, security, audit/assurance and business and cybersecurity professionals, and enterprises succeed. outputs such as a risk management strategy, a risk management communication plan, and financial and budgetary requirements Royal Canadian Mounted Police, Investigator. Cryptocurrencies have enjoyed years of freedom from financial regulation. The unique nature of Ponzi-based frauds involves characteristics that can make a scheme more difficult to detect and enable it to run longer than other fraud schemes. Furthermore, the CRO has to be aware of everything occurring in his company on a daily basis, but he must also be current on all of the requirements from the SEC. However, FAIR is quite complicated to implement and often doesnt work for organizations unless they can invest enough resources. Are you ready to be a part of the prestigious 11th CAE Conference? Along with the update, the graphic changed from a cube to a helix structure. Tasks included the following: Proper understanding of the internal controls implemented by the client and identifying the related risks and weaknesses, to help in developing internal policies and procedures to mitigate the identified risks. Highly recommended. In terms of level of complexity, its comparable to NIST RMF, and its necessary to have a team of practitioners or a risk committee to manage the framework. Anil Bhandari also plays a thought leadership role in TRAI, SEBI etc. When comparing the function of a CRO to the rest of the officers, we find that there is a relationship with every other role. WebSenior Internal Audit Advisor AuditBoard. The COSO ERM framework focuses on embedding risk into all organizational decisions. The session will discuss and highlight the need for ethical interviewing techniques and how to work with law enforcement to enable successful prosecutions. In the future, the importance of the CRO will be measured by the complexity of the compliance risk. On top of earning CPEs, you will have the opportunity to network with fellow auditors from other countries, share ideas, challenges and solutions, and hear from global leaders on topics that apply across the board. There are a lot of questions you might ask yourself, like: Its also important to define policy. Terry Cutler is a federal government-cleared cybersecurity expert who specializes in the anticipation, assessment, and prevention of security breaches for governments, corporations, businesses, and consumers, as well as Internet Safety for Children. What Enterprise Risk Management Has Achieved COSO published Enterprise Risk ManagementIntegrated Framework in 2004. It is up to each organization to decide how to use these scenarios to build its own information risk management processes. Recommended Prerequisite: None A dynamic executive-level Audit and Risk professional with significant international banking experience and an illustrious career adorning several positions in Auditing and Risk Management. Abhisek Bhattacharyya, Partner leads the IT Internal Audit and IT Attestation Services for KPMG, Lower Gulf. Prior to Zand, Crespin has been an award-winning leader at CIMB Bank, DBS, and Citigroup. communicate the risk to top management and, therefore, they perform risk management as part of either operational activities Prior to joining RSM, Rami led the Risk Advisory services with Deloitte in Kuwait and Qatar, and was the Governance, Risk and Compliance regional leader, providing a wide range of risk advisory services including the design of enterprise-wide risk management frameworks, ethics programs, regulatory compliance frameworks, Internal Audit, governance frameworks development and assessments, and sustainability projects. Mohammed has more than 14 years of experience in the field of internal auditing, internal control and governance, and he is a Certified Internal Auditor (CIA) and holds a Certificate in Controls Self-Assessment (CCSA). CPE: 1.0 | Ethics CPE: No Mohamed has over 17 years of experience in Risk Consulting Services and currently leads GRC solution in Saudi and Levant. Related positions of a CRO include CEO, CFO, chief risk management officer,[9] Risk Manager and Capital Manager. COBIT 5 for Risk addresses a comprehensive number of categories of IT risk, whereas ISO/IEC 27005 focuses specifically Mohamed has over 17 years of experience in Risk Consulting Services and currently leads GRC solution in Saudi and Levant. Associate Director, Internal Audit and Risk Advisory, Protiviti (Middle East). In addition, he has assisted the entities in conducting their initial fraud risk assessments. An insider hires a hacker on the darknet to gain complete access to his employers network, and they sell the information on various darknet markets. Review and revision -- which focus on reviewing organization performance to determine how ERM components are functioning and if any changes should be made. Session Level: Basic He led several projects for Corporate Governance Transformation including Board Composition, Capacity Building, Risk Management, Compliance and Internal Audit functions for multi sectoral companies including, banks, insurance, family businesses, etc. Since criminals follow the money, alternative assets are now quickly becoming an easy way to take advantage of collectors and speculators fueling astronomical sales prices via fraud schemes or as vehicles to launder money from other criminal enterprises. He has been into many positions: the Secretary General and a member of the E-Transactions Committee, a member of the Public Sector Auditing Standards Committee, a member of the Methodology Development Committee, a member of the Working Group on Audit of Privatization Programs Implementations, the leader of the Working Group on Audit of Sustainable Development Goals Implementations. He possesses the following qualifications: Ex- Vice Chair of the Institute of Internal Auditors Board of Directors. During these engagements he has conducted gap assessment based on global best practices and local federal minimum requirements, developed the necessary policies and procedures, and conducted anti-fraud training and awareness sessions to their internal audit teams and employees of the entities. Regardless of whether you are a data analytics professional, working auditor, investigator or Certified Fraud Examiner, this session will provide value through the exposure to examples of some of the more common (and not-so-common) fraud detection scenarios. Recommended Prerequisite: Basic familiarity with current technologies Previous training in fraud examination methodology and techniques Some names can be cited as examples of chief risk officer. CPE: 1.0 | Ethics CPE: No Criminal abuse of cryptocurrencies was at an all-time high in 2021 at $14 billion, up from $7.8 billion in 2020, according to some reports. CPE: 1.5 | Ethics CPE: No The investigation exposed a web of corruption, staggering financial mismanagement, hidden personal relationships and conflicts of interest inside an agency that transported tens of thousands of children to school each day. David Cotton, CFE, CPA, CGFM Head Group Internal Audit, Senior Executive Vice President. Jonnie Keith Risk Chiefs must be leaders in developing and improving management reporting as well as providing user training for in-house developed systems. Managing the risk of fraud is the responsibility of every leader and board member. Participate in ISACA chapter and online groups to gain new insight and expand your professional influence. While Department of Justice monitorships for violations of the Foreign Corrupt Practices Act (FCPA) are the most well known, monitors are used to resolve matters with enforcement agencies at the federal, state and municipal levels in a variety of situations. COBIT 5 for Risk process model. CPE: 1.0 | Ethics CPE: No This session will explore the intricacies of this case, the investigation, and the outcome, and offer attendees lessons learned that they can apply to prevent and respond to similar schemes. Field of Study: Specialized Knowledge Joined the Mubadala Investment Company in 2009, a global sovereign investor with a $243 billion business that spans six continents with interests across multiple sectors and asset classes. Daniel Barton, CFE, FCCA Smaller organizations (or organizations with a single practitioner assigned to do risk management) would find OCTAVE Allegro to be a great fit, especially if they want to get their program up and running in just one day. There is a report of having a CRO from 93% of all financial institutions that have more complex operations. Dima Ghawi The fraud landscape is constantly changing and evolving. Session Level: Basic As with many aspects of our lives, the COVID-19 pandemic changed the way investigative interviews were conducted. In addition to the case study itself, the presentation also focuses on the standard of objectivity and its practical application in investigations. Session Level: Intermediate One of the more efficient ways to conduct the analysis is using fraud rules, also known as fraud scenarios. A self-driven and ambitious leader with ten years of experience in the internal audit, risk management, and information security with diverse industry experience of financial institutions, tourism and hospitality industries. A main priority for the CRO is to ensure that the organization is in full compliance with applicable regulations and to analyze all risk related issues. The benefits of quantitative risk management are that youre able to provide the board with actual numbers and costs, which allows for better decisions on how to manage risks on their part. [25] Moreover, ERM has been said to increased risk management awareness allowing for more efficient operational and strategic decision making. Decide which study option is best for you. would think that, IT being critical to an organizations operations, the risk related to IT and IT security would be Visit our key partners, sponsors and exhibitors and you will be surprised at how much they have to offer. Most companies have an anti-retaliation policy, ranging from 16 words to 16 pages. Field of Study: Personal Development Recommended Prerequisite: Basic knowledge and awareness of fraud risks within various areas of spend and mitigation. Nipun is the Middle East and North Africa (MENA) leader of the financial crime and regulatory advisory practice at Protiviti. In this session, you will learn about the latest attempts at fraud, how the landscape is evolving, and what the modeling and experts say is to come. The most successful CROs are able to combine these skills with highly developed commercial, strategic, leadership and communication skill to be able to drive change and make a difference in an organization. This included understanding the as-is process, identifying the gaps, benchmarking to the industry leading practices and developing fit to company processes and procedures with improved controls, Organization-wide GRC Framework design, development, and implementation, ERM for a key financial institution in KSA, Risk assessment and transformation for a major regulator in the region, Risk Assessment for one of the largest global sovereign wealth funds, Leading internal audit co-sourcing and QAR for a major regulator in the region, Regulatory assessment for a major regional Bank in line with local regulations, Board assessment for a major regional Telecommunications company, Board of Directors Trainings to several organizations, Code of Ethics to a multi-billion global oil company, Compliance framework to a major transportation authority in the GCC, Insurance regulations for a major Insurance Regulator in the GCC. He is a well-versed professional with work experience spanning over 12 years in FMCG, Telecommunications and Consultancy. In 2008, as part of a cooperation agreement with the U.S. Department of Justice, Hardin assisted the U.S. government in understanding how insider trading occurred in the financial services industry. Mohammed is Associate Director in Internal Audit and Risk Advisory practice at Protiviti (Middle East) and is responsible for providing internal audit services in the UAE and across GCC countries. Whereas OCTAVE Allegro is a good fit for a single practitioner, Octave FORTE is a better fit for a team or committee. He has led the development of a number of complex and bespoke IT systems, including secure systems in financial services, which help clients capture, manage and analyse operational and financial data. Firas has worked extensively in the development, design, and had led a range of risk advisory services to clients in the UAE with primary focus on Government and State Owned Entities. He is the recipient of the 2017 Middle East Security Award in the category of Rising Stars in Security and Risk and the 2016 Security Advisor Middle East award in the WebIn the past years the complexity of risk has changed, and new risks have emerged why COSO published in 2017 the updated framework of ERM. He Independently managed the Information Systems Audit of major clients (Banks, Insurance and multinationals) with complex IT environment. Once the indicators of a fraud are detected, the internal auditor must change their mindset from routine auditing procedures and the audit budget to investigation, evidence collection and protection, and interrogation.
How To Access Network Computer Using Run, Angelic Loveable Crossword Clue, Simplisafe Outdoor Camera Issues, Recipe For Pancake Coated Bacon Strips, Precast Retaining Walls Ireland, Fibonacci Sizing Agile, An Opening Or Gap Crossword Clue, Steals Crossword Clue 8 Letters,