2014 Professional Ethics & Conduct - PowerPoint Presentation

Slide1

2014 Professional Ethics & ConductSlide2

Are you a robot?

Are you a robot?Slide3

Levels of Ethical MaturitySlide4

Ethical Issues

Will we agree??Slide5

Ethical TheoriesUtilitarianism: Promotion of the best long-term interest of everyone should be the moral standard

Maximize good over harmConsequences of acts are moral justificationRights and duties have no independent standingBenefits can be defined and measured and addedSlide6

Ethical Theories

Deontology: Consequences are not the only criteria for determining the morality of the action. Act is what mattersEmphasizes maxims, rules, principlesMorals are based on fundamental principles not upon mere results

Kant’s imperative - one should take that action that he/she would wish everyone to take in all circumstances, irrespective of the consequences of the single actionSlide7

Example of ConflictEight hostages are about to be executed for no significant crime. You are given the opportunity to shoot

and kill one of the hostages and the rest will be freed. If you do not take this action all will be killed.What will you do?What would a utilitarian do?

What would a deontologist do?Slide8
Slide9

ETHICAL DILEMMASINDIVIDUAL

CORPORATESOCIETALSlide10

Ethical Driftorganizations suffer from ethical drift – a gradual, unconscious lowering of moral standards. While businesses compete for profit, the boundaries between right and wrong become blurred and people’s ethical frame of reference shifts. Human biases like being unrealistically optimistic about an outcome, believing ourselves to be all-powerful, all-knowing and invincible, and the tendency to justify our own behavior  no matter how morally

hollowSternbergSlide11

Silent SaboteursSpectacular scandals account for only about 10% of the business losses attributable to poor ethical behavior.The other 90% accounts for billions of dollars annually across the U.S. and appear in the

way we treat each other when we try to protect our own turf, or get ahead at the expense of others, or

do

the wrong thing because we believe that is what our company wants us to doSlide12

Silent SaboteursScapegoatingAbdicatingBudget GamesOverpromising

Turf-guardingEndless meetings and memosUnder deliveringRisk aversionSharp penciling

Frank

Navran

, Training and Development MagazineSlide13

More “Silent Saboteurs”I’ve Got a SecretCredit TakingLack of RecognitionAttention to DetailLet People Know

Nursing a GrievanceSmoke, but No FireEmergency, or Just Poor PlanningRobin HoodPushing the Limits

Frank

Navran

, Training and Development MagazineSlide14

Sweat the Small StuffA recent company shared from their ethics compliance office that the most complaints result from an employee observing another employee’s improper use of the company’s assets. The thoughts are:

It’s only a penNobody will careEverybody does

it

It doesn’t belong to

anybodyNobody will find outEthical issues that should concern us the most are the ones we face everyday.Slide15

Wall Street Ethics52% felt it likely their competitors had engaged in unethical acts.24% felt it likely their company co-workers had engaged in unethical acts.24% said they would engage in insider trading to make $10 million if they could get away with it.

28% felt the financial services industry does not put the interests of clients first.29% believe financial services professionals may need to engage in unethical or illegal activity in order to be successful.

Online

survey of 250 financial professionals conducted by

Labaton Sucharow, a New York City law firm in USA Today July 16, 2013Slide16
Slide17

The Ultimatum GameSlide18

Is it ever OK to lie?If you were interviewing someone for a job and it was brought up that he lied to his current employer about where he was, would it affect your views on his trustworthiness?Slide19

“When all else fails, tell the truth.'' 

— Donald T. ReganSlide20

What time is it?Slide21

To contact:

N.C. State Board of Certified Public Accountant Examinerswww.nccpaboard.gov

North Carolina

Accountancy Rules

North Carolina State LawSlide22

Legal Regulation

Professional Regulation/

Accounting Standards

Character and Courage –Doing the Right Thing

Moral Right and Wrong Personal IntegrityN.C. Code ofProfessionalEthics andConductHierarchy of Ethical BehaviorSlide23

I Will Support the Laws And Regulations of the State of North Carolina and the United States.

I Will Perform my Professional Duties to the Best of my Ability and Abide by The Rules Of

Professional Conduct

; and

I Will Uphold the Honor And Dignity of the Accounting Profession by Serving with Integrity, Objectivity, and Competence. The Oath of a CPASlide24

Registered North Carolina CPA’s(approx. 19,500)

NC CPAs Residing in NC – approx. 16,000

NC CPAs Residing in other States – approx. 3,500

CPAs

Nationwide – Approx. 600,000Numbers taken from October Activity ReviewSlide25

2013 State Board ActivitySlide26

Disciplinary OrdersSlide27

2014 ChangesNC Rules and Regulations

Active and Inactive status only – there is no longer a retired statusCertificate applicants are required to disclose any arrests, charges, convictions, PFJs, continuations, or

nolo

contendere

pleas to any criminal offense. Previously, this was only done at the Exam Application.Reporting to the Board – notify the Board within 30 days of any settlements, investigations or liens; Notification required regardless of any confidentiality clause in the settlementSlide28

CPE – Professional EthicsAnnual ethics course – 2 hour group study or self study;

NEW: The ethics course must be presented by an approved NASBA sponsorThe course must provide you with a certificate of completion.

Any ethics hours in excess of 2 hours can be carried over, but

cannot be used for the annual ethics requirement in succeeding years.Slide29

So this happened…Slide30
Slide31

NEW: Qualifications of CPE SponsorsThe Board does not register sponsors of CPE courses.The Board does not register CPE courses.CPE sponsors in good standing with NASBA shall be in compliance with CPE requirements.Slide32

Qualifications of CPE SponsorsCPE that is not a NASBA sponsor must:Have

an individual that did not prepare the course review the course;Provide documentation that states:The general content of the course and skill level taught,Any prerequisites or preparation required,

The level of the course (basic, intermediate, etc.),

The teaching methods used,

The amount of recommended CPE credit, andThe date the course is offered.Slide33

Time for an obvious questionIs CPE important? Slide34

Is CPE Important? Frequent AnswersAn integral part of professional

developmentDoes little to improve professional competencyToo expensive

Doesn’t apply to my job

Not enough time to

meet the requirement each yearThe requirements are too confusingSlide35

CPE Requirements40 hours each calendar yearUp to 20 hours of CPE can be carried over

Up to 10 hours for publications and 20 hours for teaching;Prorated based on date of approval of application (30, 20, or 10 hours)A course must increase your professional competency

You must maintain records substantiating CPE credits for five years (includes current year)

No CPE requirement for inactive

You must have a certificate of completion for each courseSlide36

Do you take CPE seriously?Reading the paperTextingChecking emailFacebook

Shopping onlinePlaying gamesPreparing a tax returnReviewing workpapersKnittingTaking online CPE during live classSlide37

CPEasy?184 licensees admitted they completed some of their 2012 calendar year CPE between 1/1/13 and 6/30/13.What’s the fate of these 184?

In accordance with 21 NCAC 08G .0406, each was issued a Letter of Warning from the Board. Slide38

CPEasy?3-5% of the 1,000-1,200 licensees audited are unable to provide certificates of completion.

How long are CPA’s required to maintain their CPE records for purposes of a CPE audit? In accordance with 21 NCAC 08G .0401(i), it is the CPA’s responsibility to maintain records substantiating the CPE credits claimed for the current year and for each of the four calendar years prior to the current year.Slide39

08N - Professional Ethics & ConductSlide40

Rules for All CPAs (Section 200)Integrity

Deceptive Conduct ProhibitedDiscreditable Conduct ProhibitedDiscipline by Federal/State Authorities-30 days

Cooperation with Board Inquiry - 21 days to respond

Confidentiality

Violation of tax lawsReporting Convictions and JudgmentsAccounting PrinciplesResponsibilities in Tax PracticeCompetenceOutsourcing to third partiesIFRSSlide41

The reliance of the public and the business community on sound financial reporting and advice on business affairs imposes on the accounting profession an obligation to maintain high standards of technical competence, morality, and integrity.

To this end, a CPA shall at all times maintain independence of thought and action, hold the affairs of clients in strict confidence, strive continuously to improve professional skills, observe generally accepted accounting principles and standards, promote sound and informative financial reporting, uphold the dignity and honor of the accounting profession, and

maintain high standards of personal conduct.

North Carolina Code - IntegritySlide42

Discreditable Conduct ProhibitedA CPA shall not engage in conduct discreditable to the accounting profession:Acts that reflect adversely on the CPA’s honesty, integrity, trustworthiness, or good moral character

Stating or implying an ability to improperly influence a governmental agency or officialFailing to comply with any order issued by the Board; orFailing to fulfill the terms of a peer review engagement

contractSlide43

Deceptive Conduct ProhibitedA CPA shall not engage in deceptive conduct. Deception includes fraud or misrepresentation and representations or omissions which a CPA either knows or should know have a capacity or tendency to deceive. Deceptive conduct is prohibited whether or not anyone has been actually deceived. Slide44

Reporting Convictions, Judgments & Disciplinary ActionsCriminal Actions -

A CPA shall notify the Board within 30 days of any conviction or finding of guilt of, pleading of nolo contendere, or receiving a prayer for judgment continued to any criminal offense. Civil Actions - A CPA shall notify the Board within 30 days of any judgment or settlement in a civil suit, bankruptcy action, administrative proceeding, or binding arbitration, the basis of which is grounded upon an allegation of professional negligence, gross negligence, dishonesty, fraud, misrepresentation, incompetence, or violation of any federal or state tax law and which was brought against either the CPA or a North Carolina office of a CPA firm of which the CPA was a managing partner

.Slide45

Reporting Convictions, Judgments & Disciplinary ActionsSettlements - Notify within

30 days of any settlement in lieu of a civil suit or criminal charge grounded upon an allegation of professional negligence; gross negligence; dishonesty; fraud; misrepresentation; incompetence; or violation of any federal, state, or local law.

Notification is required regardless of any confidentiality clause in the settlement.

Investigations

- Notify within 30 days of any inquiry or investigation by the IRS or any state DOR criminal investigation divisions pertaining to any personal or business tax matters.Liens - Notify within 30 days of the filing of any liens by the IRS or any state DOR regarding the failure to pay or apparent failure to pay for any amounts due any tax matters.Slide46

Advertising vs. NetworkingSlide47

Volunteer OpportunitiesDavid is a CPA and the Controller for a retail company.

He and his family are very involved in local church activities and he was recently asked to be chair of the finance committee. He thought this would be a good way to serve the church and agreed to take the position. The minister had been at the church for 12 years and was highly respected member of the community. The finance committee worked closely with the church

bookkeeper

, a part-time position held by a long-time member of the congregation and a close friend of the minister.

She prepared a monthly report of collections and expenses for the finance committee and everything seemed to run smoothly. Three months after accepting the chair position Anne, the church secretary asked for a private meeting with David. She reluctantly began her story of how she believed the minister was embezzling church funds with the assistance of the church bookkeeper. Slide48

Anne’s husband was head usher and although not required, he often

counted the collections before locking them in the church safe On Monday the book-keeper would count the collections, report totals to the minister and one of them would take the deposit to the bank. The past two Monday’s the bookkeeper was ill so the minister asked Mary to take the deposit to the bank. She noticed the amount was less than her husband told her was collected. She initially thought her husband made a mistake, but then got curious and looked at past deposits. Most were less than what her husband counted.Slide49

Serving on a Board of DirectorsWhat are the duties?

Are the Duties Heightened for CPAs?Typical Claims Brought against Board MembersWhat are the Risks?How Can the Risks be Mitigated?

What are the Key Steps to Consider before Accepting

?Slide50

ETHICS TODAY

2013 National Business Ethics Survey

KPMG

Integrity

Survey 2013Slide51

Observed Misconduct is in Decline

Ethics Resource Center 2013Slide52

Ethics Culture Has Strengthened

Ethics Resource Center 2013Slide53

Misconduct Declines as Ethics Culture Improves

Ethics Resource Center 2013Slide54

Who Commits Misconduct?

Ethics Resource Center 2013

In Strong Ethics Cultures, Vast Majority of Misconduct Done by Individual Employees Slide55

Tone at the Top is Bottoming Out – Who Commits Misconduct

Ethics Resource Center 2013Slide56

Moving Up the Ranks

You are a CPA and have been with a mid-size company for 7 years and moved up the ranks now supervising 12 employees. Your company has just announced a merger with a larger company. Some layoffs in your department are inevitable. Your supervisor Mary, asks you to rank your 12 employees and turn in the list in a week.

Mary and her husband are close family friends and her husband is your regular Saturday golf partner. After wrestling with the list all week by using performance metrics, former evaluations, observation and input from peers and clients, you turn the list in to Mary. After looking at the list, Mary says it looks good, but to switch #3 (Corey) and #12 (John). Mary hired John, 2 years ago. He works closely with both you and Mary. In your department his work is sub-standard and he struggles with the responsibilities and has an attitude problem with other employees. You are perplexed by Mary’s suggestion. As you are leaving Mary’s office her administrative assistant follows you out and says, “I overheard your conversation with Mary and I want you to know the reason for her suggestion. Mary and John have been having an affair since he was hired. I overhear their conversations and he travels with her to business meetings that he has no reason to attend. I know, I do the expense reports for both of them.”

What do you do?Slide57

The Most Common Company-wide MisconductOffering something of value (e.g., cash, gifts, entertainment) to

customers/clients 24%Health/safety violations 22%Offering something of value to public officials 20%

Violating

employee benefits, wage, or overtime

rules 20%Violating Internet policies 20%Slide58

KPMG Integrity Survey 2013 73% of employees reported that they had observed misconduct within their organizations

in the previous 12 monthsMore than half of employees reported that what they observed could potentially cause a significant loss of public trust if discoveredSlide59

KPMG Integrity Survey 2013Nearly half of employees were uncertain that they would be protected from retaliation if they reported concerns to managementmore

than half suggested a lack of confidence that they would be satisfied with the outcomeEthics and compliance programs continue to have a favorable impact on employee perceptions and behaviorsSlide60

Root Causes of Misconduct 64% Feel pressure to do “whatever it takes” to meet business targets

60% Believe the code of conduct is not taken seriously59% Believe they will be rewarded for results, not the means used to achieve them

59% Fear

losing their jobs if they do not meet targets otherwise

59% Lack understanding of the standards hat apply to their jobs 57% Lack resources to get the job done without cutting corners 57% Believe polices or procedures are easy to bypass or override 49% Are seeking to bend the rules or steal for their own personal gain Slide61

Prevalence of Misconduct KPMG

% Employees

2013

2009

20052000Observed Misconduct in prior 12 months73%74%74%76%Believed observations could cause “a significant loss of public trust if discovered”56%46%50%49%Slide62

Misconduct in Accounting and Finance

Observations2013

2009

Breaching computer, networks or database

controls34%22%Entering customer contracts without proper terms, contracts, or approvals35%18%Stealing or misappropriating assets30%17%Falsifying or manipulating financial reporting information29%13%Slide63

Prevalence of Misconduct -Could cause Significant loss of Public Trust – Significant Industry Increases

Industry

% Indicating Significant Misconduct

% Increase from 2009

Electronics, Software & Services63%26%Aerospace & Defense59%19%Consumer Markets56%20%Chemicals & Diversified Industrials54%20%Real Estate & Construction54%15%Slide64

Misconduct in Sales and Marketing

Observations2013

2009

Engaging in false or deceptive sales practice

47%27%Improperly gathering competitor confidential information34%20%Violating contract terms with customers29%14%Engaging in anti-competitive practices32%12%Submitting false or misleading invoices to customers30%9%Slide65

Propensity to Report Misconduct KPMG

% Employees

2013

2009

20052000Notify Supervisor or another manager78%81%81%63%Try resolving directly54%52%53%40%Call hotline53%44%38%21%Notify someone outside the organization26%10%10%4%Look the other way or do nothing23%6%6%5%Slide66

Reporting & Retaliation

Ethics Resource Center 2013Slide67

Making the Whistle Louder

Ethics Resource Center 2013Slide68

Is it Unethical of Fraud?The Shades of Gray

Ethical

Unethical

Illegal

Legal

Corporate DecisionsFinancial Reporting RulesProfessional andFinancialDecisionsQuadrant IIEthical and IllegalQuadrant IEthical and Legal

Quadrant IVUnethical and IllegalQuadrant IIIUnethical and LegalSlide69

Unethical + Illegal = JailSlide70

Accounts Payable?Steve is in the accounting department at a regional branch of the bank. He opens and books bills from suppliers and sends them accounts payable for payment. Everything under $500 is paid directly with no further authorization needed. Steve’s wife died from cancer last year after an extended illness and he is raising their three children on his own. He is still trying to pay off huge medical bills from his wife’s illness. The bill collectors are getting very aggressive and he doesn’t know how he will make the payments, pay the day care bills and buy groceries. This week he has to pay $400 in past due day care or the children will be expelled. He goes home and decides to print a fake invoice for office supplies under a reasonable sounding supply company name using his PO Box as an address for the $400 and mails it to the bank. He opens it and sends it through for payment as usual and within a week receives $400 payment. He vows to himself that he will never do this again and will pay it back, but next month the same issues happen so he repeats his billing.

Will Steve get caught?

 Slide71

AccountingFormer KPMG Partner Scott London Sentenced to 14

Months for Insider Trading (April, 2014)Provided inside information to Mr. Shaw, jewelry store ownerLondon said, he had been driven by wanting to help out Mr. Shaw, whose jewelry business was struggling. 

After

receiving payments from Mr. Shaw, he said in that interview, “I’d feel like I just robbed somebody and I’d feel totally guilty.” But “unfortunately those feelings weren’t enough to keep me from doing it.” He called it a “slippery slope

.”Pleaded guilty“it wasn’t inadvertent,” the judge saidSlide72

Remember MadoffMadoff is serving a 150-year prison sentence after pleading guilty in 2009$65 billion Ponzi schemeSlide73

March, 2014 Verdict on 5 ex-Madoff employees: Guilty of fraud"These defendants each played an important role in carrying out the charade, propping it up and concealing it from regulators, auditors, taxing authorities, lenders and investors. The scheme these defendants helped perpetrate cost innumerable investors their life savings. Now it likely will cost the defendants their freedom," said Manhattan U.S. Attorney

Preet Bharara in a statement.

G

uilty on charges they aided and profited from the decades-long fraud Slide74

Not Just the Executives! GUILTYDaniel Bonventre

, 67, Madoff's ex-director of operations; Annette Bongiorno, 65, a former executive assistant who managed the firm's longest-standing clients; JoAnn

Crupi

, 52, who oversaw the company's bank account;

Former Madoff computer programmers Jerome O'Hara, 50, and George Perez, 48.Slide75

Brothers Sentenced for Health Care FraudMarch 19,

2014 Charleston, S.C., Truman Lewis, of Charlotte, and his brother Norman Lewis, of Georgetown, were sentenced for participating in a conspiracy to commit health care fraud and money laundering. Truman Lewis was sentenced to 120 months in prison and Norman Lewis was sentenced to 90 months in prison. Both were ordered to pay $3,307,967 in restitution to Medicaid. Truman and Norman Lewis billed Medicaid for almost $9 million in a 22-month period, with much of the billing being fraudulent. The defendants ran a for-profit youth mentoring service called Helping Hands Youth and Family Services, which had offices in Georgetown, Conway, Rock Hill, and Columbia. The defendants billed for weekends when children were not seen, for periods of time before children were in the program, for periods of time after the children had left the program, and for children who had no diagnosis to justify billing.    Slide76

Georgia Man Sentenced for Filing False ClaimsJanuary 10, 2014, in Augusta, Ga., Jeffrey

Sponseller was sentenced to 33 months in prison, three years of supervised release and ordered to pay $441,729 in restitution. Sponseller previously pleaded guilty to one count of false claims. According to court documents,

Sponseller

was an optometrist and owner of Eye Care One, a medical company which purportedly specialized in comprehensive vision care at nursing home facilities. On July 27, 2009

Sponseller visited a nursing facility and later submitted claims to Medicare for over $30,000 for 177 patients. From January 1, 2008 through February 24, 2011, Sponseller billed Medicare for more than $800,000. Many of these claims were false and fraudulent in that the specific health care services were not provided.Slide77

Owner of Tax Return Preparation Franchise and Health Provider Business Sentenced To Prison

Sept. 11, 2014, in Greensboro, North Carolina, Claude Arthur Verbal II, was sentenced to 135 months in prison for tax fraud, healthcare fraud and money laundering crimes in two separate cases. Verbal was also ordered to serve three years of supervised release and to pay restitution of $4,078,584 to the Internal Revenue Service (IRS) and $2,382,378 to the North Carolina Department of Health and Human Services.

Verbal

was the owner of Nothing But Taxes (NBT), that operated from 2005 to at least 2012. Verbal personally prepared false tax returns for clients and taught and encouraged his employees to do so as well. Verbal and employees frequently offered clients a dramatically larger tax refund if the client agreed to make a cash payment to their tax preparer over and above the flat return preparation fee that NBT charged every client, whether or not their return was falsified.

In a separate case, Verbal was the owner and operator of Infinite Wellness Concepts (IWC), a Medicaid behavioral health provider with several locations in North Carolina. IWC was contracted to provide group therapy, intensive in-home services, and enhanced mental health and substance abuse services. Verbal acquired at least $1 million in fraudulently obtained funds from the Medicaid program. The money laundering charge to which Verbal pleaded guilty relates to the purchase of a $52,000 diamond ring with the proceeds of healthcare fraud.Slide78

Cost of Medicare Fraud2012 report, FBI report said, “The United States spends more than $2.5 trillion on health care annually, and rough estimates indicate that anywhere from 3 (percent) to 10 percent of all health care expenditures are attributed to fraud

.“Annual cost of fraud ranges from $75 billion to $250 billion.

Government

Accounting Office doesn't think this estimate is far wrong. It reported that in 2011, Medicare and Medicaid paid an annual $65 billion in "improper payments." It defines "improper" to include payments that are made in error -- not fraud, but wrong just the same.Slide79

Dodd Frank & Consumer Protection ActSEC law providing whistleblowers with “monetary rewards”.

Information must lead to recovery of $1 million or more.Reward is between 10-30% of monetary sanction.Must be securities fraud against a public companySlide80

False Claims Act & The Qui Tam Whistleblower RewardFalse Claims Act is intended to encourage people to come forward with information and assist the government in stopping Medicare fraud, defense contractor fraud and other kinds of federal fraud.

The qui tam reward for the whistleblower ranges from 15% to 30%, depending on the extent to which the whistleblower and his counsel contribute to the prosecution of the case.

In addition, the False Claims Act provides for the recovery of attorney fees and expenses.

These two provisions combine to encourage whistleblowers to come

forwardSlide81

Generational Differences in the Workplace

ETHICS, VALUES

AND AGE

Ethics Resource CenterSlide82

Which one are you?Slide83
Slide84

2013 NBESSlide85

How Do the Generations Compare on Misconduct?

Overall

Traditionalists

Boomers

Gen XMillennials13%Felt Pressure22%9%13%15%45%Observed Misconduct36%44%45%49%65%Reported Misconduct39%64%69%67%22%Perceived Retaliation16%18%21%29%Slide86

Ends and Means% of workers who agree to look the other way if the company did something questionable

2013 NBESSlide87

RecommendationsBest way to address challenges of a workplace spanning multiple generations is…

Implement effective ethics and compliance programBuild strong ethics culture that encourages employees to do right thingDo this in a way that reaches and influences each generationSlide88

Case StudyJohn Green is a fourth year CPA in a large firm on an IT consulting engagement at a major power company’s nuclear facility. His assignment was expected to end in one week, but he just received word they would like him to stay an additional two

weeks due to a serious unplanned outage at the facility which slowed down the consulting engagement. He is disappointed because he will not be able to attend a class reunion. He posts on Facebook and the Class Reunion website that delays in the outage will prevent him from being back in town to attend the reunion.Is there a problem?Slide89

Social Networks - CPA’s are doing it, though they probably don’t know why

SocialCPAs

2012 Social Media SurveySlide90

It’s Not Just Facebook & YouTube

Significant missteps are happening in HR and recruiting: Profiling

Third party recruitment practices

LinkedIn

New connections = leak of confidential information Endorsements = job search Endorsements destroy your reference policy Email notices continue long after you have left your company Resume fraud and material misrepresentations 2012 NBES-SNSlide91

Frequency of Social Networking at Work

2012 NBES-SNSlide92

Training Best PracticesSelect the right method (Live, eLearning, blended)

Make it continuous Refresher training Burst Training (periodic 5-7 minute reminders)

Compliance communication materials

Company intranets

Redistribute key policies via training program Make it engaging Scenario-based Realistic (contemporary) issues and stories Focus on behaviors not the law Not overly legalistic – make the content accessible2012 NBES-SNSlide93

How Can We Use Social Media to Our Advantage?Companies can learn from social networking employees to get a better picture of what employees do and how they communicate. Engaging social networkers will ultimately help:

Enhance the company’s reputation Strengthen employees’ ethical performance Create a closer relationship between company and employees

2012 NBES-SNSlide94

The Future Ethical/Fraud Issues: What’s Coming

IT Security

CybercrimeSlide95

Fraud in CyberspaceSlide96

JPMorgan Chase Hacking Affects 76 Million A cyberattack this summer on JPMorgan Chase

compromised the accounts of 76 million households and seven million small businessesBegan in June but was not discovered until JulyOperating overseas, the hackers gained access to the names, addresses, phone numbers and emails of JPMorgan account holders. In its regulatory filing on Thursday, JPMorgan said that there was no evidence that account information, including passwords or

Social Security

numbers, had been takenSlide97

Home Depot – 56 million card numbers stolenHome Depot, Sept. 18, says that to evade detection, the criminals involved in the cyber-attack against it used custom-built

malware, which has not been used in other attacks. Home Depot estimates it will spend $62 million in 2014 for breach-related costsSlide98

Home Depot FraudHome Depot fraud has started to trigger fraudulent transactions across

financial institutions and, in some cases, draining cash from customer bank accounts, The fraudulent transactions are showing up across the U.S. as criminals use stolen card information to buy prepaid cards, electronics and even groceries, these people said. In some cases, the fraudulent transactions have been tracked to batches of cardholder accounts that are tied to specific ZIP Codes

98Slide99

Methods of Attack – Verizon 2012 Study of Data TheftsSlide100

Time from initial compromising to discovery – Verizon 2012Slide101

PWC 2013 State of Cybercrime SurveyLeaders do not know

who is responsible for their organization’s cybersecurity, nor are security experts effectively communicating on

cyberthreats

,

cyberattacks, and defensive technologies. Leaders underestimate their cyber-adversaries’ capabilities and the strategic financial, reputational, and regulatory risks they pose. Slide102

PWC 2013 State of Cybercrime SurveyLeaders are

unknowingly increasing their digital attack vulnerabilities by adopting social collaboration, expanding the use of mobile devices, moving the storage of information to the cloud, digitizing sensitive information, moving to smart grid technologies, and embracing workforce mobility alternatives—without first considering the impact these technological innovations have on their cybersecurity profiles.Slide103

Medical Records Are a Gold Mine for CybercrimeReport security firms Norse and SANS found nearly 50,000 instances of malicious attacks on health care institutions, including 375 cases where the network was

breached. Last year the health care industry suffered more cyberattacks

than any other industry in the US, including, for the first time, the business

sector.

"The report is a snapshot of what’s happening throughout the industry," researchers wrote. “No health care organization is immune. Reports of breaches against health care organizations, large and small, continue to rise.”Slide104

HP & Ponemon Institute 2013 Cost of Cyber Crime Study Slide105

HP & Ponemon Institute 2013 Cost of Cyber Crime Study

Average annualized cost of cybercrime incurred per organization was $11.56 million, with a range of $1.3 million to $58 million. an increase of 26%, or $2.6 million, over the average cost reported in 2012.(3)

Organizations experienced an average of 122 successful attacks per week, up from 102 attacks per week in 2012.

(4)

The average time to resolve a cyberattack was 32 days, with an average cost incurred during this period of $1,035,769, or $32,469 per day 55% increase over 2012’s estimated average cost of $591,780 for a 24-day period.(1)Slide106

HP & Ponemon Institute 2013 Cost of Cyber Crime Study

Most costly cybercrimes are caused by denial-of-service, malicious-insider and web-based attacks, together accounting for more than 55% of all cybercrime costs per organization on an annual basis.(5)Information theft continues to represent the highest external costs, with business disruption a close second.

(6)

On an annual basis, information loss accounts for 43% of total external costs, down 2 percent from 2012. Business disruption or lost productivity accounts for 36% of external costs, an increase of 18% from 2012. (1)Slide107

HP & Ponemon Institute 2013 Cost of Cyber Crime Study

Recovery and detection are the most costly internal activities. For the past year, recovery and detection combined accounted for 49% of the total internal activity cost, with cash outlays and labor representing the majority of these costs.Cybercrime cost varies by company size, but smaller organizations incur a significantly higher per-capita cost than larger organizations. Organizations in financial services, defense, and energy and utilities experience substantially higher cybercrime costs than those in retail, hospitality and consumer products.Slide108

@Rockness Education Services 2005Decision Model for Resolving Ethical Issues

DETERMINE THE FACTSIDENTIFY ALL STAKEHOLDERSDEFINE ETHICAL ISSUES AND MAJOR PRINCIPLES, RULES, VALUES

SPECIFY ALTERNATIVE COURSES OF ACTION

COMPARE ETHICAL PRINCIPLES WITH ALTERNATIVES TO SEE IF CLEAR DECISION

ASSESS CONSEQUENCES OF EACH ALTERNATIVEDISCUSS THE ISSUE WITH SOMEONEMAKE YOUR DECISIONSlide109

I-Tunes APPhttp://www.scu.edu/ethics/ethical-decision/Slide110

Three Questions

Ask yourself when you are faced with an ethical dilemma:Is it legal?

Will you be violating any criminal laws, civil laws, or company policies by engaging in this activity?

Is it balanced? Is it fair to all parties concerned both in the short-term as well as the long-term? Is it right? You know the difference between right and wrong…how does this decision make you feel about yourself? Are you proud of yourself for making this decision? Would you like others to know you made the decision you did? Kenneth Blanchard and Norman Vincent Peale, authors of The Power of Ethical ManagementSlide111

“When you come close to selling out, reconsider”

From I Hope you Dance, Lee Ann WomackSlide112

“Ethical errors end careers more quickly and more definitively than any other mistake in judgment or accounting”

Solomon, 1994Slide113

@Rockness Education Services 2005

People often over-estimate the cost of doing the right thing and under-estimate the cost of not doing the right thing!Slide114

“To see what is right and not to do it is want of courage.” (Confucius)Slide115

Cal Christian

christianj@ecu.edu

Melissa

Critchermcritcher@carolina.rr.com Jonathan Kraftchickjkraftchick@cbh.com Joanne Rocknessjrockness@nc.rr.com