top banner

Control Chatter                                                   August 2018
News that Control Professionals Need to Know

 Quick Links
 *All New* Internal Control online courses
ici logo
The ICI "Certification Series" has been completely updated and is available online to everyone around the world!  Course content prepares individuals to design and/or assess internal control and to assist management in installing internal control processes. In addition, the series prepares candidates for the Certified Internal Control Specialist (CICS) Examination.
To review the course catalog click here: ICI Course Catalog
To register for one or all of the online training programs click here:  

Online course pricing has been reduced by over 70%, so get started today! 
****Limited Time Only****
Test your Knowledge of Internal Control
*** Take the  Internal Control Knowledge Mini-Assessment ***
The Internal Control Institute has developed a CICS Common Body of Knowledge Mini-Assessment that helps an individual determine their knowledge as it relates to governance and control practices. Results point out areas of knowledge that may require additional training and experience. The assessment also provides a measurement to the individual's readiness for CICS certification. The assessment measures core knowledge in eight critical areas including: Internal Control - Principles, Terms and Concepts, Internal Control Environment, Risk Management, Assessing Application Controls, Business System Control Assessment, Risk Assessment, Internal Control Measurement and Reporting, and Governance Practices
In This Issue
All New Internal Control online courses
Fraud Awareness
ICI Announcements
Know these basic business fraud warning signs
Ransomware Losses Top $1.5M Each Minute
Can a whistleblower get an award for reporting books and record violations
Dodd-Frank and Sarbanes-Oxley Prohibitions Against Retaliation
Cyber-attack! Would your firm handle it better than this?
As SOX Costs Rise, Internal Audit Still Lags on Automation
5 Tips to Prevent Small Business Fraud
Banks need to strengthen internal control
Fraud Awareness
By Michael Pregmon, Jr., Ph.D., CICP
COO and Managing Director
Dr. Michael Pregmon, Jr.
COO and Managing Director 
The Internet has really changed many of the things we do daily. It has certainly improved the delivery of information and it has made life "easier" in many respects. But, at the same time, it has also complicated things for us. It has changed the way we do business and it has "shrunk" the world. But it has also provided significant opportunities for corrupt individuals to take advantage of the less vigilant.
At the Institute, we are in awe at the frequency that such unethical activities occur. These happen almost daily. And, in most instances the culprits "play" upon an individual's greed. Most often, significant sums of money are offered. In other cases, these sinister individuals tell people that their financial account information at their bank must be immediately updated. Thus, personal information is requested to fix the problem. Usually, the notice looks completely authentic and legitimate, such as the reproduction of a bank's logo, address, etc. However, in some cases, it may be a simple message such as the following received at the Institute just a few days ago:
"Dear (Name):

I am a banker in ADB BANK. I want to transfer an abandoned sum of
USD15.6 Million to your Bank account. 40/percent will be your share.

No risk involved but keeps it as secret. Contact me for more details.
Please reply me through my alternative email id only ( )
for confidential reasons.

Dr Salif Musa"

Admittedly, this example appears somewhat revealing. Most of these ploys are not as obviously phony. Nevertheless, at the Institute we often wonder how many people fall prey to such immoral practices?
There is yet another unethical tactic commonly occurring via E-mail and/or by phone call. This is the revelation that your computer is affected by a serious virus. And, if this is not immediately corrected, all information will be lost. Additionally, the caller will typically mention in some way that they represent "Microsoft" and can easily fix the problem. This is nothing more than a devious plot to get into your computer to extract personal and financial information such as bank account numbers, ID names, passwords, social security numbers, etc.
In conclusion, a cardinal principle to remember: NEVER provide any personal information unless it is under ID and password protection through your financial institution's platform. Certainly, NEVER provide your ID, name and/or password information to anyone!
The Internal Control Institute™ (ICI) improves organizational Internal Control worldwide by providing training, products and services and individual Professional Certifications recognized internationally. The Institute's Board of Advisors has determined it would like to further expand into areas where it is not directly represented. ICI provides world-class programs and its intellectual property to affiliates free of charge and shares all program revenue with them. If your organization is interested in partnering with ICI to earn revenue while you contribute to the development of the internal control profession worldwide please contact Dr. Michael Pregmon, Jr., Chief Operations Officer, by email at: or by phone at 727-538-4113   in the USA. 

ICI Affiliate News:

The Internal Control Institute is conducting certification training in a classroom format for the internationally recognized CICS (Certified Internal Control Specialist) certification in internal control. Information on these programs regarding dates and schedules can be found on the Events tab on our Website or directed to the affiliate named below.


Training Plans :

Belem - August 6-10
Belo Horizonte - August 27-31, 2018
São Paulo - September 17-21, 2018
Fortaleza - September 24-28, 2018
Rio de Janeiro - October 1-5, 2018
Brasília - November 5-9, 2018
Curitiba - November 19-23, 2018

For more details on planned training please check on the website below, or send a message to Mr. Eduardo Person Pardini


Training Plans:

Hangzhou - August 16-19, 2018
Shanghai - August 23-26, 2018
Beijing - September 12-15, 2018

CICS Training Class Shanghai August 2018

Individuals or companies interested in internal control training and Certification should contact:  
Mr. Qiu Jianting
Room 1039, Block A, Jinmao Building, No. 18, Xizhimenwai Street,
Xicheng District, Beijing, China
Zip Code: 100044
Mobile phone: 13810588109


Training Plans :

Brussels - September 28, 2018 (in Dutch)
Luxembourg - October 24, 2018 (in French)
Brussels - January 22, 2019 (in French)

For more information on scheduled training and exams please contact Mr.Yves Dupont of ICI Belgium at: 
For more information on upcoming activities in this area please contact Mr. Summit Goyal of  ICI India at :
Phone: +91 9810575613

Myanmar and Cambodia:
ICI is proud to announce it has entered into an agreement with Better Business Governance - APAC PTE LTD (BBG) as its representative for Products, Services and Internal Control Certifications (CICS/CICP) in Myanmar and Cambodia. 
Better Business Governance will be responsible for all development activities, including professional training and Certification.  For more information on upcoming activities in this area please contact:
Better Business Governance
Mr. Sanjeev Gathani
1 Claymore Drive
#08-14, Orchard Towers (Rear Block)
Singapore 229594
For more information on upcoming activities in this area please contact the following:
Antonio Salas Hernandez CICP,  Email: 
Joaquin Prendes Herrera, Email: 

Middle East:

The CICS exam is now being  provided in Arabic.  Osool Training and Consulting has courses and testing available in Jordan, Libya, Muscat, Sudan, Qatar, the United Arab Emirates, Kuwait and Palestine. 

Training Plan 2018
Certification Preparation Programs are scheduled as follows:

Certified Internal Control Specialist (CICS) Amman-Jordan October 7-16
Certified Internal Control Specialist (CICS) Amman-Jordan October 22-30
Certified Internal Control Specialist (CICS) Tunis-Tunisia    October 6-11
Certified Internal Control Specialist (CICS)  Riyadh-Saudi Arabia  November  18-22
Certified Internal Control Specialist (CICS)  Dubai-UAE  November  18-22
Certified Internal Control Specialist (CICS)  Kuwait-Kuwait  November  25-29
Certified Internal Control Specialist (CICS)  Doha-Qatar December 2-6
Certified Internal Control Specialist (CICS)  Dubai-UAE    December  23-27

Interested applicants in that region should contact Osool for scheduling for future programs.  For additional information on scheduled ICI Certification and program sessions, please contact:

Lina Salameh
Assistant General Manager
O SOOL for Training & Consulting
Mob Oman:  +968 95 98 98 20
Mob Jordan: +962 7 99589666
Tel:   +962 6 5927171 Ext. 107
Fax:  +962 6 5927172

Leadway Consulting conducts CICS training sessions and examinations in Nigeria. For more information on upcoming activities in Nigeria  please contact:
Mr.  Joel Aluko


For more information on activities in Pakistan individuals or companies should contact : Muhammad Farooq Hammodi

Singapore, Malaysia, Indonesia and Taiwan:
ICI has entered into an agreement with GRC Consultancy Pte Ltd. (ICI Singapore, Malaysia, Indonesia and Taiwan) as its representative for Products, Services and Internal Control Certifications (CICS/CICP) in those territories.  

Individuals or companies interested in internal control training or Certification should contact:
General enquiries for all 4 markets -
Singapore - Mr. Bob Seetoh -
MalaysiaMr. Melvin
IndonesiaMr. Barry Dingga -
Taiwan - Ms. Mickey Tai -


CICS Training course:  Istanbul - September 22-23, 2018
CICS Certification Exam: Istanbul/Ankara - 20 October 2018

For information on scheduled ICI Certification and program sessions, please contact ICI Turkey  below:

Ms. Ilknur Tunc,  VP -
Dr. Bertan Kaya -
GOP Mahallesi, İran Caddesi, Karum İs Merkezi
No:21, D Blok, 4. Kat, D:398-399

+90 (312) 4425015 T
+90 (533) 4474444 D
CICS Training course: 15, 16, 22, 23 September 2018

CICS examinations to be held in Vietnam: 

20 September 2018
20 December  2018
04 April 2019

For more information on upcoming activities in Vietnam please contact: NGUYEN THANH TUNG (MBA. M.Eng, PhD.) Director, FMIT Institute of Financial Management & Information Technology,  Level 5 , 126 Nguyen Thi Minh Khai Street, Ward 6, District 3, HCMC, Viet Nam
Office: 848 3803 5020 - 848 3512 9371 - 848 3512 7652

Internal Control Institute Zimbabwe has been conducting in house Certified Internal Control Specialist (CICS) training. One company has given three groups to be trained in house for a total of 35 individuals. 

For more information on activities being planned please contact:
Mr. Proctor Nyemba at:
2018 Internal Controls Training Calendar:  View the Training Calendar
Internal Control Chatter  
Each month the staff of The Internal Control Institute reviews hundreds of articles related to Internal Control and Corporate Governance. Here are brief summaries of some of the top articles (along with links to the original article) that may be of interest to you.
Know these basic business fraud warning signs
By Sarah Ovaska-Few
August 20, 2018
Accountants and business owners should watch for these common fraud red flags. From hourly employees skimming the cash register to top executives fudging their revenue numbers, fraud is an unfortunate fixture of the business landscape.But while fraud may be a constant concern, falling victim to it isn't inevitable. Here are some red flags that experienced forensic accountants look for, and advice for ways to ferret out and prevent wrongdoing.
See What Red Flags to Watch For
Ransomware Losses Top $1.5M Each Minute
August 21, 2018

A new report has found that 1.5 organizations fall victim to ransomware attacks every minute - and more than $1 million is lost each minute due to cybercrime.
RiskIQ's 2018 " The Evil Internet Minute" investigated the cyber threats that organizations and internet users face every minute.  "With businesses expanding their online presence to create more touchpoints with customers, employees and partners, the boundaries between what's inside the firewall and what's outside become less and less discernible, opening a whole new front in the battle between attackers and security teams," the company wrote in a  blog post . "These attackers target brands and consumers on the open web with tactics like phishing, spinning up malicious mobile apps, hacking third-party suppliers and directly compromising websites." The report found that cybercrime costs businesses $600 billion each year, with  ransomware  specifically costing corporations $8 billion per year, or more than $15,000 per minute.
SEC Whistleblower Awards: Can a whistleblower get an award for reporting books and record violations?
August 27, 2018

  Yes, under the  SEC's whistleblower reward program , a disclosure to the SEC about a books and records violation that leads to a successful enforcement action recovering more than $1 million in monetary sanctions is eligible for an award ranging from 10% to 30% of the collected proceeds. Click here to learn more about  how the SEC determines the amount of a whistleblower award .
Two recent enforcement action against Citigroup illustrate the type of books and records and internal control violation that can result in substantial penalties.
Read the Article to see why it is so important to keep adequate books and records
SEC Whistleblower Protections: Dodd-Frank and Sarbanes-Oxley Prohibitions Against Retaliation
August 21, 2018
Read the Article
Cyber-attack! Would your firm handle it better than this?
By Mark Ward
August 7, 2018
What's it like being the victim of a live cyber-attack? What should you do to protect your company from further damage? And should you pay that ransom demand? Technology of Business eavesdropped on a "war games" exercise hosted by cyber security firm Forcepoint that was based on lots of real-life experiences.
IT staff at fictional High Street optician Blink Wink's head office have been suckered by a phishing email. Someone clicked on a link to a spoof website because they thought the email looked legitimate. It wasn't. That was two months ago. Today, the proverbial hits the fan...
Read this very entertaining and enlightening case study
As SOX Costs Rise, Internal Audit Still Lags on Automation August 16, 2018 
I t's been 16 years since the Sarbanes-Oxley Act took effect in 2002, and companies are still wrestling with SOX compliance. Now, a  new study  shows they are paying more to meet the regulation's requirements and have generally not done a good job of using technology to automate controls and ease compliance efforts. The study of more than 1,000 public company finance and internal audit executives, conducted earlier this year by consulting firm Protiviti, finds that the cost of compliance with SOX and the number of hours that go into the effort are rising once again, particularly for larger companies.
Read the Article
5 Tips to Prevent Small Business Fraud
By Marvin Magusara
August 15, 2018
Consider our world, rampant with identity theft and RFID hackers that target individuals; where cyber crime is happening every moment of every day. Regardless of the size, why  wouldn't  you be concerned about the possibilities of business fraud? There are 28 million small businesses in America alone. From the small internet specialty shop to an independent dry-cleaner, there are multiple avenues through which scammers can employ their malicious intent, and cheat you out of your hard-earned money as well as your sense of well-being and security. Luckily, small business isn't synonymous with new business, so those of us that have been around the proverbial block a few times can pass  some wisdom  on to others.  The Association of Certified Fraud Examiners reported that US businesses will lose (for the 2018 year) an average of 5% of their gross revenues to fraud, and almost a third of business bankruptcy is filed as a result of embezzlement. While reports indicate that a severe lack of internal control is the primary contributor to small business fraud, this manifests in a variety of ways. 
Read the Article
Banks need to strengthen internal control
August 07, 2018 
It is a sad reality that banks in Bangladesh, by and large, lack good governance. As a result, irregularities - big and small - take place. Against this backdrop, there is an urgent need for bolstering the internal control and audit functions in banks. But disappointingly, a study conducted by the Bangladesh Institute of Bank Management (BIBM) has revealed recently that only 19 per cent of the country's bankers are interested to work in the internal audit department, and 40 per cent dislike working in such a department. They believe that they have to devote more time if they work in this department, and their family life would be hampered as a consequence. This negative attitude among the bankers has led to an acute shortage of manpower in the internal control and compliance departments (ICCD) of many banks. According to the BIBM, only 1.52 per cent of the banking manpower works in the ICDDs.  There is no alternative to good governance for taking forward the country's banking sector. Irregularities mainly take place due to weak governance.
Control Quotes
The only place success comes before work is in the dictionary.
Vince Lombardi
Help Keep Everyone Informed...
If you see a news story concerning internal control or corporate governance that you feel is important for other professionals to know please send it to us .
ici logo The Internal Control Institute™ (ICI) is a worldwide organization  devoted exclusively to internal control and corporate governance. The Institute is dedicated to the development of world-class educational programs and best practice guidelines on internal control and corporate governance, based on the Sarbanes-Oxley Act and the COSO internal control framework.  Visit us on the web at the Internal Control Institute
Control Chatter is a monthly news summary of the top stories concerning internal control and corporate governance.  Control Chatter is prepared by the staff of Internal Control Institute for the benefit of their members and associates. Please consider it for your personal use or pass it on to associates who may have an interest in one or more of the topics by clicking on the Forward email button below.