IIA Magazine Feb 2017 issue

IIA Feb 2017 Issue

Internal Auditors need to provide maximum return on investment and audit the right things. They need to understand the company’s strategic mission, objectives and KPIs. More auditors need to base their work on the International Standards for the Professional Practice of Internal Auditing.

The 5 emerging threats are (i) global economic uncertainty; (ii) increased regulatory burden; (iii) significant industry changes; (iv) business model disruption; (v) cybersecurity threats. Global economic uncertainty seems to a bigger risk in 2017 as compared to previous years. In the compliance space, with the new US administration, enforcement areas could see some change. Trump could change the legislative, regulatory and executive actions under Obama’s reign.

Although most companies feel that they could detect a sophisticated cyberattack, many of them do not have an adequate communication strategy in the event of a significant attack. Also, some of the BCP might be lacking. The continuous monitoring of cyberattacks is also a challenge.

Data Mining. By leveraging data, internal auditors can address issues beyond the reach of traditional analysis techniques. It involves making use of data which had previously no formulated relationships, patterns. Artificial intelligence, machine learning, statistics and database systems all come into play. Some of the techniques auditors can use are predictive modeling (IF), data segmentation (data clustering), neural networks (artificial intelligence), link analysis (links between records), deviation detection (red flags). The use of email mining can identify red flags in fraud etc. Social network analysis is also possible. IA should continue to look for ways to innovate their audit testing.

Intelligent Assessments. Use cognitive technology to help identify high-risk areas. These are intelligent computer systems that can aid in the performance of risk assessments. For instance, this tool can extract and analyze text from audit reports and analyze trends and high-risk areas. Natural language processing (NLP) has the power to tap into every sentence of every report to churn out more information. The machine will convert text to a certain structure and add meaning to the text and teach the computer to understand audit concepts. Words like ‘fraud’, ‘finding’, ‘auditee’ can be flagged out.

Turning Up the Heat on Fraud. A fraud risk assessment can help auditors take the organization’s ethical temperature. There are many ways to do it, example, through surveys, focus groups, workshops etc. The focus is mainly on fraud risk. It works best in small brainstorming sessions with operational management. Using the ACFE’s Fraud Risk Assessment Tool can be useful as it provides a structured approach. Risk assessment is about identifying where fraud might occur and the potential perpetrators. IA can do surveys to measure the ethical climate and voting can be anonymous. The results of the survey can be discussed with management. If there are high risk areas with fraud risks, IA can pay more attention to them.

The Accidental Discovery. Small or remote locations can be more susceptible to embezzlement, especially when they are not audited regularly. Confront someone after the facts have been reviewed. Look at the big picture. Controls that aren’t operating effectively are as good as them not being there.

Auditing what matters. Add value by selecting audits that contribute to achievement of strategic objectives. Auditors now should start looking at this area. Look at where the company spends the most money, what their main programmes are etc. Find out who is responsible for the strategy and make them IA’s stakeholders. Traditional audit activities can move towards strategy too. IA should use the COSO ERM framework in its entirety. The aim is for IA to a strategic partner to management. Don’t fear failure and find out more from the auditee by talking to them. The trick is to engage with processor owners easy and evaluate control design. IA should do the following: (i) Identify and define the risks; (ii) rate the risks; (iii) address risks in detail. Getting management buy-in is also important. The CAE must convince the AC to highlight the need for a strategic approach. Most IA wants to be a trusted advisor.

Core Principles and the QAIP. The new IPPF in 2015 can be incorporated into the QAIP to show that the IA is aligned with the mandatory IPPF elements. Learn to develop a concept and approach that is easy to understand. Core principles are a mandatory element of the IPPF. IA need to have general conformance with the Code of Ethics and Standards. The 5 steps are (i) establish a maturity framework (ineffective, partially effective, effective, sustainable, world class); (ii) map core principles with the standards and code of ethics; (iii) Define characteristics of maturity in 3 aspects of standards and QAIP characteristics, infrastructure and process characteristics, core principles and specific characteristics; (iv) perform internal and external assessment consistent with requirements of QAIP; (v) Evaluate and report maturity levels for core principles.

Champion of Trust. By modelling high standards of ethical behaviour, IA can help shore up faith in the organizations they serve. How can IA be a trusted advisor that is well respected? One way is via ethical commitment. IA needs to model ethical conduct in everything they do. IA must have the courage to sound off before things get in trouble. Ethical commitment is the key to a well-functioning IA. Ethics should come naturally to all. We also need to build ethical resilience (integrity, courage, honesty, accountability, trustworthiness).

Infusing IT Auditing into Engagements via a three-phase approach. The tech sector is growing at a rapid rate. Internal auditors also need to develop IT-related capabilities. IA needs to think about the future of integrated auditing. For a start, IA can incorporate IT perspectives into current audit engagements. This can involve documenting down what are the IT automated controls. One can also read IT policies or those on change management. One should also identify resources and pinpoint where they are stored (example: servers). Map core IT resources and data to key business objectives. Respond to IT risks and identify audit objectives that can add value. An integrated audit can help in this. In the middle term, IA can build an IT audit team, understand the IT framework like COBIT, perform IT audits and also foster relationships with IT and management. In the long term, IA can leverage on data analytics and obtain professional certifications (like IIA and CISA).

Breaking Down The Standards. With the right strategy, practitioners can divide conformance into bite-size, easily digested portions. The standards consist of attribute standards (series 1000 to 1322) and performance standards (series 2000 to 2600). Some IA may neglect the attribute standards and focus on the performance standards instead. However, both are very important. IA should perform an assessment of how well they are conforming to the Standards. An external assessment must be conducted once every 5 years. The audit work program needs to be reviewed and approved by the CAE before engagement commencement. Ultimately, conforming and understanding the principles behind the Standards are important.

Auditing Organizational Governance. IA has an integral role to play in improving the organization’s strategic performance. This area is becoming increasingly important in recent years. Governance reviews can help prevent governance failures. Less than 1 in 6 IAs conduct reviews for their organization’s strategy. Sometimes, it might be difficult to conduct a separate governance review. Rather, it might be easier to incorporate it as part of routine audits. One can focus on both the governance structures as well as the organizational culture. Some of the soft controls can include management competence/style; mutual trust and openness; strong leadership; high performance and quality expectations; shared values and understanding; high ethical standards. However, for some of these measures, there are no hard data to analyse. Hence, it is important for IA to read the signs. IA can also provide a more advisory role, which is educating board about developments and trends in the industry and governance best practices. In terms of strategic reviews, IA has much to work on. There is a tendency to focus on weaknesses in financial reporting etc.

Good Governance is All About Quality. The 5 quality rules are (i) customer focus; (ii) management leadership; (iii) Teamwork; (iv) Measurement; (v) Total commitment to continuous improvement.



IIA Magazine April 2017 issue

Business Resiliency is about the organization’s ability to quickly adapt to risk events such as these while maintaining continuous operations and safeguarding its employees, assets, and brand equity.

Malware, Ransomware and man-in-the-middle attacks are common security issues for organizations

Some organizations lack a clear risk management program and that is a problem. Lack of resources, complexity and inability to get started are some of the reasons cited.

  1. Communication errors/ misinformation over company performance through channels other than financial reports; 2. Environment, health and safety is an area which is high risk, but not many IA covers this.

Cyber risks are also a main area where IA needs to be concerned about.

Learn to work smart and not harder. Employers should 1) acknowledge the problem; 2) appreciate the employee; 3) identify the root cause; 4) define the roadblock; 5) Devise a solution (training, resource allocation, process improvements); 6) Circle back. Guiding an employee well will result in an increase in productivity and morale.

The Data Museum. IA can compile organizational data in structured exhibits. Auditors need to use data warehousing principles to clean the data and structure it once that it is ready for analysis. Before storing data, consider the following: relevance, reliability; reusability; rarity. For instance, SQL can be used to extract, transform and load the data. Learn to run SQL statements. As for audit tools, auditors can use data visualization and advanced reporting techniques. Use a relational database and start small. Ensure that there are audit trails and logs.

The Many Facets of Risk. Risk is always multi-faceted. Look at the product and market research life cycle. It is important to do the strategy and competitive analysis like via SWOT, Porters’ 5 forces etc. Financial Management like NPV calculations aid in project-making decisions. Operations Management is about maintaining the optimum amount of inventory, like the EOQ method. Forecasting sales and demand is also a risk. Human resource risks and quality management risks are also possible. IA can act to cross-pollinate risks via mathematical or management methods.

Life of Luxury (Embezzlement). When too much power, accounting and budgeting etc, resides with the head, too much risks exists and there is potential fraud risk. There were too many over budgeted accounts in this case. Also, a person spending excessively or leading a lavish lifestyle will arouse suspicion. There are many lessons that the IA can learn: include riskier businesses in the IA plan; question how beneficial is the whistle-blowing hotline; an audit on payroll can detect payment to ficitious persons/ other people; review the acceptable use policy for all corporate-issued credit cards.

Resilience Through Crisis. Organizations all need to overcome crises and emerge stronger. The BP oil-spill PR was handled badly. IA can audit the crisis management plan. A crisis team should be cross-functional and with each goal clearly defined. IA should also be part of the team to ensure that the team is addressing the appropriate issues. The team should identify potential crises and IA can chip in. Next, a comprehensive crisis plan should be developed. Effective communication is the key and there must be a plan to inform stakeholders quickly. It is also important to have a spokesperson to handle the media etc. General templates can be used for media statements. Experts can be used as well. Crisis simulations should be conducted, like table-top exercises etc. IA should be the observer in all simulations. After the crisis, the crisis management team should evaluate the effectiveness and the performance of the plan.

Hit the Ground Running. The trend is to convert interns in IA into the permanent establishment as they already understand some of the company’s operations. One option is to transfer existing staff to IA. Interns who perform well stand to be converted. Interns are also less costly and can be used during peal-periods. There needs to be a significant investment in developing a good internship programme. There needs to be a plan all along. When you plan, it is important to prepare a job description, program budget, hiring plan and schedule. Provide guidelines for the interns to do work and make the audit project interesting for them. Teach them soft skills in the audit. Give them real assignments. Stretch them and ensure that they can contribute and make their internship meaningful.

Climbing the Scale. Turn to maturity models. Maturity models can rank from 1 to 5. They can be expanded into many business areas nowadays. Maturity models can be more meaningful than a simple pass/fail. Using this can convey a more positive collaborative tone too. Acknowledge what the client is doing already to improve processes and controls. A maturity model also focuses more on processes than people and seems more non-threatening. The models you can use are CMMI, C2M2, COBIT, P3M3, RMM, TMMi etc. Develop a dynamic risk assessment approach. IA should provide both assurance and insight. One can use the ISO standardized frameworks to compare the organization’s maturity level against. At times, the highest level of maturity might not be required as a lot of resources will be required. Maturity models can be very judgemental indeed. To succeed, IA needs to choose the correct model and be flexible when applying it. Build the best model and find a project champion if possible.

From the Same Playbook. IA needs to align its work with the organization’s strategy. There are debates as to whether IA should provide assurance around risks affecting company strategy. It depends on the CAE. However, not all top executives will want to discuss strategy with the CAE. There can be a disconnect as IA usually does not audit the latest transformations and developments in the company. Some IA prefer to audit compliance, which they are more familiar with. Two big risks are not having effective strategy or not executing them properly. CAE should think like CEOs and think through different perspectives and figure out how to maximize shareholder value. IA can perform gross profit margin analysis etc. There needs to be a balance between strategic-level audits and compliance based audits. Have discussions with management and the audit committee on strategy. It is for IA to look into strategy risks and the risks of entering any particular strategy.

Three Lines in Harmony. A Centralized testing model will enable the 3 lines of defence to rely on each others’ work. Front-line management is the first line of defense, risk/compliance functions are the second line of defense, internal audit is the third line of defense. It is important to co-ordinate so as to ensure all areas are covered and there are no duplications. Relying on others can also provide an increase in efficiency. Ensure that there are proper service agreements if there is a centralized testing unit. Automatic testing preferred and desired. There is a need to document the risk framework.

Signature Audits. Auditors should try to identify and respond to emerging risks. Most IA confirm concerns already identified by management. IA can do a mystery shopper role, or perform simulations to test controls. IA now need to be more innovative and curious. Signature Audits refer to thinking out of the box to design appropriate test procedures (example: penetration testing or social engineering). IA can identify best practices or try to circumvent processes rather than test them.


How to Listen to Great Music by Robert Greenberg (Part 1)

A Guide to its History, Culture and Heart

Understanding and Listening to Music. Humans love music and the musical experience can be very intimate. Essentially, it is just vibrations. It is a universal language. Say it with music. It intensifies the human experience. The artist defines his work and gives voice to his time. There has to be a historical context. All music is contemporary music if you understand the history behind it. It is important to grasp the context. Try to google and listen to the pieces featured in the book. The focus of this book is on the best of Western music. Music notation was invented in the 10th and 11th century. The ‘classical music’ phase is from 1750 to 1800. The book focuses on the period between 1600 and 1900. Simple musical notation is easy to understand.

Music is a universal language; one need not speak Ashanti in order to groove to West African drumming; or German in order to be emotionally flayed by Beethoven; or English to totally freak when listening to Bruce Springsteen. – Robert Greenberg

A Mad Dash Through the Roots of Western Music. Music is reflective of the culture. If you know the culture, you will appreciate music better. There has been much change in Western music over the last 1000 years. This was because of composer’s work. The later composers had bigger egos and wanted their music to represent who they were. It was reflective of their experiences. Personal feelings were important for composers. Historical periods change over time. Art becomes different through time and it not necessarily become well. You cannot simply compare music from different eras and judge which is better. Great art is timeless. Music played a role in Ancient Greece. It was humanistic in spirit. They believed in the healing properties of music and thought it was connected with truth and beauty. Music and carnivals were played during their sports events. Ethos was associated with a moral quality. Music was governed by laws from the Cosmos. It heightened the power of words. The Church emerged after the Greek era. The Church became the central philosophic, spiritual issues for Western Europe. Music in church should be divine and it should teach Christian thoughts. They rejected classical music and large choirs. These were the Dark Ages.

There is a reason why we turn to the paintings of Vermeer, the sculptures of Michelangelo, and the music of Bach, Mozart, Beethoven, and Brahms, to name just a few, in search of truth and edification, and it has nothing to do with nostalgia for the past. Great art is timeless and it speaks to us, directly and relevantly, across time. – Robert Greenberg

The Music of the Medieval Church. We are now in year 600CE to 1000CE. Europe was in a horrid state and most things were badly destroyed. The Church provided a sense of redemption. Churches were known to preserve culture and be the centre of art and education. Music was used as a ritual and for ceremony. It was monophonic texture, meaning it was just your voice and no instruments. Search ‘plainchant’. There were no large intervals between one note and another. It was calming. No one took credit for producing music. It was meant for the community and for glorifying God. Church music had a huge influence on Western music. Polyphony happened between 900 to 1000 years. Trade was established and wealth was emerging. Architectural technology emerged. Cathedrals were being built. Notre Dame was built in 1163. Polyphony is where two or more melodic parts are heard. This is when a second voice comes in but you are not singing it together. In terms of composition, it is more complicated. Now, we enter the 14th century. This was the end of theocratic age. Secular and non-religious ideas emerged. A new era of Roman art, literature and philosophy emerged. The Notre Dame Cathedral produced composers. ‘Quant en Moy’ is two love poems sung by a soprano and a tenor. It uses isorhythm, where rhythm and pitch can be varied. This was incredible during that period. It was composed in mid 1300s. Now is the Renaissance period. It was the complete breakdown of the Church. It was about humanism and focused on human life and accomplishments. People were explorers. Martin Luther led the Protestant Reformation. Secular education was very prominent. Printed music appeared. Painting and sculpture were very famous and so was music. The words in the song had to be understood. Music should also reflect the meaning of the words. Mass was invented. Examples are the imitation Mass. A madrigal is a secular vocal work for 4 to 6 people. They had to apply ‘word painting’ too. It was like trying to express a poem in music. Listen to Weeleks ‘As Vesta was from Latmos Hill Descending’.

A Necessary and Invigorating Excursion into the Worlds of Music Theory and Terminology. Music is defined by sound. How are pitches arrayed into melodies? A pitch is of a single fundamental frequency. This is the first property. The second is timbre. This refers to ‘tone colour’. Partial vibrations also produce a certain sound, known as a harmonic. Note is a pitch with duration. They are the building blocks of melodies. A chord is three of more pitches played simultaneously. There are series of chords around. Along a string, the various vibrations at various positions produce different sounds. Pitches are an octave apart. An octave is a one-to-two ratio. Texture is the number of melodies and the interaction of each melody with one another. Monophony is like a plainchant. A polyphonic is one where there are two or more principal melodic parts. Imitative polyphonic is where the melody is similar, but played at different time intervals. A strict imitative polyphony is known as a kanon. Sometimes, they are not so strictly imitative. Non-imitative polyphony is a different set of notes entirely. A homophony is where one melody is predominant and all other melodies are accompaniments. Hence, the tonal harmonic system was formed.

Emotional Exuberance and Intellectual Control. The Paradox of Baroque Art. Opera was invented in 1600. Opera transformed Western music. It celebrated human emotion. The orchestra was formed. The Baroque era was between 1600 to 1750. Baroque means ‘a pearl of irregular shape/colour’. It had a negative connotation in the past. This was the era of Galilei, Descartes, Bach, Kepler, Newton. God was still in the picture, but not as much. Everything had logic and symmetry. The music was characterized with tempered and systematic harmony. Theatres were popular too. There was less word painting but the feelings behind the words play centre-stage. The French overture was invented in 1660 for Royals. George Frideric Handel wrote the ‘Overture to Messiah’ in 1741.

Play it, Don’t Say It. The Rise of Instrumental Music. Instrumental music is an art form which can rival vocal music. It is a very abstract concept. Motives are a group of notes from which melody is grown via repetition, sequencing and then transformation. A tune is unique sort of melody. A theme is the idea of a certain section of music. There are conjunct (close together) melodies and also disjunct. The harpsichord was commonly used in the Baroque era and so was the piano. The octave was divided into 12 pitches, with a major and minor scale. Timing of notes was also introduced, whether it is x number of beats. The bass line was developed into a basso continuo. Listen to Bach’s Brandenburg Concerto 2. The basso consists of a harpsichord and a cello. The bass line contains the melodic lines.

What is instrumental music? It is music that has no words, no literary information beyond its title to explain why it exists and why it sounds the way it does. It’s neither physically dimensional nor concrete. – Robert Greenberg

National Styles (Italy and Germany). Beethoven’s 5th symphony is very recognizable. However, the Italian language is more long winded. Vivaldi stretched one word to 74 notes. Music styles are certainly influenced by how languages are spoken. Opera was invented in Italy. French loved their wind instruments. Italian is more similar to Latin. The melodies are usually smooth in nature. Italy was the centre of the Renaissance. Italian is closest to Latin. Vivaldi’s the 4 seasons are among the most frequently heard Baroque works. He usually composed for opera. The music is usually homophonic in nature. Martin Luther was against the Church and thought that one could interpret the Bible differently. All music was a gift to God. German language is full of strong consonants than vowels. There is usually 1 pitch per syllable. The melodies are usually clearly articulated. German music became more popular during the Protestant Reformation. List to Bach’s Brandenburg Concerto 2.

Fugue It! It combines extravagance with systematic organization. Composing is a tedious process. A fugue is a polyphonic composition. Fugues are a highlight of the Baroque era. Bach was a master of the fugue. It contains exposition, episodes and subject restatements. Listen to the Bach’s Fugue in C Minor from the Book one of the Well-Tempered Clavier. Each one is a voice. They will sing different voices at the same time. Each voice that enters must be the highest or the lowest to create effect. There are various episodes and restatements in the centre.

Opera (The Baroque Expressive Revolution in Action). Opera combines everything and is good. The music captures the meaning of the words. The medieval liturgical dramas were popular too. Intermezzo was the precursor to opera. They were commentaries which were sung during plays. It was like a halftime show during a play. Jacopo Peri wrote Euridice, one of the first operas. He invented the partial recitation of words and partial singing. Claudio Monteverdi composed too. His famous work is ‘Orfeo’. Aria literally means air. It is where the information is transmitted via the music itself rather than the vocals. Aria became more popular and the recitative art took a backseat.

This is the basic premise of opera: that music has the power to interpret and intensify the feeling and spirit behind the word. – Robert Greenberg

Opera Goes to Church. The principal genres of music are oratorio, cantata (performed outside religious service), mass, magnificat, passion, motet. These works make use of the chorus. Baroque genres are influenced by opera. Basso continuo was used during the Baroque. Solo singing were used during Masses. Oratorios were initially sacred dialogues. The chorus disappeared from Baroque opera house. George Frideric Handel’s Messiah is widely performed even today. It is the most famous oratorio in history. He travelled a lot and performed all over the world. He knew how to handle singers. He wrote English language oratorios. There are commentators in the middle of the works. It was 2 hours long. Handel’s music was very inspirational indeed. The ‘Hallelujah Chorus’ is very iconic indeed.

A New Liturgy Comes of Age: Lutheran Baroque Scared Music. The Holy Roman Empire was founded to consolidate power. The English were at odds with the French. The Lutheran community emerged from about 1650 to 1680. It was marked by must congregational singing. There were hymns too and they were popular. The sermon was a big thing too. Bach was one of the greatest composers of all time. He composed over 350 cantata in his life. The productive years was between 1723 to 1728. Cantatas were meant to sound like operas. They are the masterworks of the Baroque era. However, there are only about 209 of them still in existence. Cantata 140 is very famous.

Instrumental Form in Baroque Era Music. What do the words like scherzo, trio, allegro mean? Musical forms are important. This is the way to structure time and give order. You must learn to understand the form of music. There are some compositions that do not ascribe to a certain form. These are fantasies, toccata etc. Variations of a theme are quite common. Passacaglia was common too. The bass line was common but the melody might change. Listen to Bach’s Passacaglia in C minor. It has a very firm bass line that keeps repeating.

Baroque Era Musical Genres. There are solo or chamber works. Orchestras back then were not that common. Chamber works were popular, consisting about 6 or 7 musicians. The Baroque concerto appeared around 1680. It is like a soloist battling the collective. Brandenburg Concertos 3 and 6 are orchestral concertos, where there is no soloist section. Solo concertos are where there is a soloist. A double or triple concerto is where there are more than 1 soloist. Tutti refers to everyone. Brandenburg Concerto No 5 has the first movement in ritornello form. The theme are only heard at the beginning and the end. His six Brandenburg Concertos are world-renowned.

Enlightened Is as Enlightened Does – An Introduction to the Classical Era. This is the period from 1750 to 1827. The Enlightenment period was from 1730 to 1780. There was a new middle class emerging. They wanted new education and read to societal injustice. Life was important, even without religion. The middle class could shine. Classical music was meant to be accepted by all countries. It was a combination of all the different nations. Music has to be accessible and please the greatest number. Hadyn was a popular figure in this era. Vienna is the centre of classical music. It was the adoptive home to Mozart, Beethoven etc. The Baroque music was deemed to be more elitist and exclusive. Mozart doesn’t write excessive notes for his music, just enough to create the melody. Mozart’s melody can be easily sung. Hence, it is a vocally conceived melody. Mozart wrote Eine kleine Nachtmusik. It is true that the cultural environment creates the music. Classical music was punctuated with cadence, or punctuation marks. The music gets to stop and breathe, this was rarely the case for Baroque music. In the key of C major, the G pitch is the dominant pitch. There are open, closed cadences. There are also tonic pitches.

Putting It All Together: Classical Era Musical Form, Part 1. Music is now accessible to every person. A music form is the key. Musical form is the most important thing in music. There are theme, variation, minuet and trio form. The theme is usually a tune. Some use a theme as a melody. Listen to Diabelli Variations, Handel Variations, Haydn Variations, Paganini Variations. A theme and variation form a movement structure which is discontinuous. Theme and variations are very disciplined. The coda is an expanded final cadence. Theme and variation is very popular in classical music. Listen to Mozart’s 12 variation on Ah vous dirai-je, Mamam (Twinkle Twinkle Little Star). The first is to make the thematic melody very prominent. Later, there are 12 variations. Minuet and trios are very popular too. The French loved their dances and opera. Dance are also performed in suites, or in sequence. The French perfected their dances. The minuet was very popular in the ballroom. The minuet is a very popular social dance. There is usually the A-B-A structure. Joseph Haydn’s Symphony 88 is a brilliant minuet and trio. A rondo theme is more ambiguous. There is the ritornello form too. Listen to Beethoven’s piano sonata in G major, op. 49 no. 2. Opus literally means work of art.

Classical Era Musical Form, Part 2 (Sonata Form). The word ‘sonata’ has been over-used. It means a ‘sounded piece’. Cantata is a sung piece. There is a single principal theme. There is the exposition, the first large section of a sonata. There is a modulating bridge. This is an aspect of harmony. The keys might change without us knowing. However, this is what makes music fluid in nature. Listen to Mozart’s Symphony in Gminor K 550. Sometimes, there will be thematic changes in sonata. The recapitulation is set in the home key. Mozart was a brilliant child prodigy. Mozart was incredibly prolific. Almost all of them were masterpieces in their own right.

Classical Era Orchestral Genres, Part 1. This is the symphony: music for every person. There are different types of opera and they can vary dramatically. The symphony and the concerto are one of the most iconic of the classical music era. They mean the same thing. The Romans invented the word. The sinfonia had evolved into a symphony. An orchestra is a performing ensemble. ‘Philharmonic’ means loving harmony in English. There are also 4 movement symphonies. The first movement challenges the intellect and the soul and is usually the most complex. It is usually in sonata form. The second will address the heart. The third will usually be a minuet and a trio. The fourth will usually be fast and playful and in rondo form, leaving the audience with a smile on their faces. Recitation is applied to create dramatic effects. The individual melody is very prominent in the Classical music era. Music should be tuneful and entertaining. Hadyn redefied what a symphony sounded like. He wrote 104 of them. These symphonies made him very famous indeed. The London symphonies are among his most famous works. There was a balance between head and heart. The Symphony no. 92 in G Major is one of the most popular. The overture was very popular indeed. From head, to heart, to pelvis, to the toes. Many found his music to be brilliant. Many of his pieces are still performed among modern orchestras today.


Anti-Money Laundering in a Nutshell by Kevin Sullivan

Awareness and Compliance for Financial Personnel and Business

Many AML personnel like to check and select a box without understanding why. You need to understand the nomenclature of AML. Understand what is causing alerts in the AML system. It is crucial to understand the Bank Secrecy Act. The major players are the financial institutions, the regulators and law enforcement. These players need to work together in a dynamic environment.

What is Money Laundering?

Laundering is a method of ‘cleaning’ the funds so that it would not appear to be suspicious. The gangsters created businesses like Laundromats so as to ‘gamble’ and to ‘wash clothes’. This was to avoid suspicion as to how the funds came about. This term has been around since the beginning of the 20th century. Why does a bad guy need to do it in the first place? If you have drivers who are paid to carry suitcases from one vehicle to another without knowing what is in the suitcase, chances are that it is hard to prosecute such people. These are known as mules. The trick is to employ the mules without them knowing what is going on. So when they get caught, they have little they know which they can reveal. AML is often very tactical and you may not know that it is happening. The industry is suspected to be about US $2 billion a year. In early stages, it is difficult to tell whether the source is for tax evasion, funding for terrorists etc. The aim is to ‘clean’ the source and make it appear legitimate. This could be done via ‘smoke screen’ transactions. Banks will perform due diligence on its customers, such as examining transaction timelines and transaction activity compared with similar businesses out there. There needs to be a predicate offense to initiate an AML case. The 3 stages are (1) placement; (2) layering; (3) integration. Placement is the act of talking bulk cash proceeds and bring it to a bank. This isn’t easy. Carrying a wheelbarrow of cash isn’t a good idea. The right way is to use a small denominations and use a business vehicle that is reliant on cash. However, law enforcement requires suspicious activity reports, currency transaction and cross-border declaration rules. Layering is where the launderer needs to make many small transactions. This is to avoid people from tracking him. One way is to use shell companies or move the money to other jurisdictions. Another way is to buy large value items and then sell them subsequently. Transactions above $10,000 must be reported to the Treasury Department. FATF has created an AML template to follow. If law enforcement wants information from a bank, they will need to send a subpoena. However, this requires time and the money might have been moved away already. Integration is where the funds are assimilated into the financial system. This is hooray for the launderer. Launderers often engage in transactions which are less than $10,000 at one go. Greed is a common cause of laundering. Terrorism is a possible cause as weapons cost money. Lastly, some criminals have an unbalanced mind. Every part of the AML team is important and plays a defined role.

Money laundering is the practice of integrating the proceeds of crime into the legitimate mainstream of the financial community by concealing its origin. – Kevin Sullivan

Methods of Money Laundering. There are only 3 ways: (1) through the legitimate financial system; (2) physically moving the money; (3) physically moving goods. For the first way, structuring deposits over a period of days, with each less than $10,000, is an example. One could hire other people to make deposits through different bank branches but to the same account. This is known as ‘smurfing’. Another way could be bringing the cash off shore into a country with strong secrecy laws. Cash can be hidden in funny places and then smuggled out. Domestic wire transfers are a type of means too. Gold is a method of laundering, and so are money service businesses (US Postal Service). Common money transfers are made through western union, Amex etc. For MSB, customer anonymity is usually maintained. However, MSBs are required to report suspicious transactions to the Treasury department recently. Records of wire transfers must be maintained for transactions above $3k. It is generally more difficult to track cash in a country with strong banking secrecy laws. SWIFT is the international message service that FIs use to send their messages for wire transfers. For SWIFT, you need to provide information like the International Bank Account Number (IBAN). SWIFT is the system that allows the transfer and transmits information signifying the transfer of funds. There are many fields of information required before a wire transfer can take place. Casinos are a way of laundering money. Casinos are required to file currency transaction reports. However, casinos have brushed up their AML programs in recent years. There are 3 methods of trade-based money laundering: 1) over and under-invoicing; 2) black market peso exchange (commonly used); 3) hawala (underground banking system). Hawala has no regulatory requirements and is ethnic in nature. In addition, there are no money trails available. Understand the red-flags of money laundering. Always ask for documentation, and use authentication when dealing with third parties. Cyber banking via the Internet is getting more common. Some cyber banks do exist. However, note that they do not have deposit protection and that once the bank folds, your funds are gone. A launderer can lease ATMs to other people and they will in-turn lease to others. This reduces the level of due diligence that is applied on them. Most pre-paid cards do not require identification and launderers can maintain anonymity. This is a viable way for launderers, although it is slow. Vehicles are often purchased in the integration phase of AML. It is difficult to launder money using credit cards. Laundering via purchase of real estates is getting more common. For LLC, it is difficult to determine who the beneficial owner is as an LLC can be owned by sub-LLCs, which in turn might be owned by sub-sub-LLCs. For a cash intense business, laundering can be easy as once the dirty money is comingled with clean money, it is difficult to trace. Life insurance products can be bought using dirty money and then cashed out prematurely. Digital currency is a big thing and can be manipulated by launderers. They are not regulated and depositors can maintain anonymity. There are a huge variety of ways in which money can be laundered. As long as there is crime, there is a need for AML personnel.

Federal Regulations – The Laws, Rules, and Guidelines to Fight the Good Fight. We need to stop bad guys from laundering money. The Bank Secrecy Act requires FIs to keep AML programs. There are many legal tools in the fight against AML nowadays. Any cash transaction via an FI exceeding $10,000 must be reported on a currency transaction report (CTR). This must be filed with the FinCEN. There is also a need to maintain a suspicious activity report. If the cash or bearer instruments are brought out of the US, a report needs to be filled as well. Wire transfers are not under the CTR scope. A CTR is important in the investigation. In some countries, their limit is $15,000. For non-FIs, cash transactions more than $10,000 need to be keyed into the 8300. It is a crime under the Money Laundering Control Act to further criminal activity, conceal ownership of property etc. The Financial Crimes Enforcement Network (FinCEN) was launched in 1990. The Annunzio-Wylie Act in 1992 requires banks to complete and report a suspicious activity report (SAR). Several high-risk geographical areas were identified as ‘high-intensity financial crime areas’. The Patriot Act in 2001 gives Treasure the power to deal with US FIs for foreign AM. Enhanced due diligence for correspondent accounts that are maintained for certain foreign banks must be instituted. Banks should share information on terrorism and money laundering with one another. For KYCs, comparisons must be made with known or suspected terrorist or terrorist organizations generated by government agencies. FATCA helps combat tax evasion by US taxpayers who have assets outside the US. The next chapter will discuss on how to build an AML program.

Build a Quality AML Program. Sometimes, AML falls under the Compliance Unit. FIs may hate regulators because of too much regulation. Regulators will say that there are not enough regulations and that FIs compliance unit must be beefed up. Regulators have power to sanction your organization if you are not performing well. Once something bad happens, heads will roll. Fines can be heavy and banks should never try to cut corners. Regulators can only conduct random inspections on the bank. Law enforcement can make recommendations. An AML systems need to achieve 1) prevent money laundering and terrorist financing; 2) to report suspicious activity; 3) to train all personnel on legal and internal procedures. Educate staff on the importance of AML. Compliance training is important and it should be on-going in nature. Internal procedures must document risk and the controls to mitigate risks. It should document due diligence checks. KYC guidelines must be established. Policies must be put in writing and cannot be documented in the head. Policies must also be approved by the board. Policies should be updated on a yearly basis and there should be documentation on what triggers alerts in transaction monitoring. An organization must have a designated compliance officer. There needs to be a process to update the regulations and the training programme must be addressed. An independent audit should be performed on the AML system. High-risk accounts must be reviewed thoroughly. All employees must be trained in AML. Training should be conducted annually. It should cover all pertinent regulations. Identify the risk, which can be customer related or issue-related risks. Risks analysis, management and risk review needs to be conducted. Risks can include product risk, legal entity, business type, country risk etc. For high risk clients, increased level of due diligence and monitoring needs to be instituted. High customer risks include foreign FIs, PEPs, foreign corporations, shell-companies etc. High product risks include trade finance, private banking, electronic funds transfer, lending etc. High geographic risks include any OFAC sanctioned country, jurisdictions of primary money-laundering concern, offshore financial centres etc.

AML is not an income-generating component of the institution. An AML unit can be quite expensive, and, in and of itself, there is no return on investment. Hence, that alone is reason for some FIs to be hesitant to invest and develop a compliance unit any more than the bare minimum. – Kevin Sullivan

KYC and Customer Identification Program. The terms can be used interchangeably. It means identifying your customer, monitor his transactions and update his files. These pieces of information must be reviewed too. Customer identification is the first step, followed by KYC. KYC must be done at the onset of the customer relationship. The officer needs to verify the identity of the person and maintain records of his identity. Documentation as to what type of records will suffice should be written too. Account Opening documentation must be kept and maintained. Be wary of shell companies. OFAC maintains a free list of names, entities that have been sanctioned. The transaction monitoring unit will clear the alert and see if the risk can be accepted. A due diligence actually means a background investigation. Basic due diligence is needed in order to satisfy the regulations. EDD is usually needed for high risk customers. A checklist should be used for Due Diligence. Evidence must be collated. Documentation is important when it comes to an investigation. KPIs should not be set on how cases per day etc. Do not put a time clock on investigation. Never put time limits on AML investigation. If you outsource your DD, you should have thorough oversight on the vendor. Some banks might outsource this to third world countries. Sometimes, when there is a material change in customer information, an EDD is required. The good guy may not be able to catch the bad guy because the good guy only studies problems which are already known. Trust your gut. Cultivate an investigative mind by learning to ask why. When you sense something is not right, please ask why. Keep abreast with the latest industry developments. Make use of new sources and technology. Justify, articulate and define everything. Learn to create risk-based due diligence. It is very important to ask ‘where is the source of funds?’ Risk ratings might vary over time. If the customer is too high risk, it is advisable not to deal with him/her. Learn to allocate a risk scoring methodology. Gather intelligence sources and check against that. Obtain public records. You can even pay for certain databases. It is important to purchase good transaction monitoring software. If you clear it in the system, there needs to be a reason for it. Ensure that the system is not generating too many false positives. Understand your correspondent bank’s AML processes. You have to trust that they have performed the DD work. PEPs can be a senior political figure, a member of his immediate family, or a close associate. Understand some of the KYC red flags.

If you think it stinks, it probably does. You do this job every day, and you work with people who do this job every day. If for some reason the hair on the back of your neck stands up, then go with the feeling. – Kevin Sullivan

A Suspicious Activity Report (SAR) is born. Some banks file more than necessary to avoid being questioned by regulators. The FFIEC prescribes standards for supervision of financial institutions. Writing a complete SAR is very important. How do you identify what is suspicious? When should you file an SAR? Sometimes, the system can help you flag out suspicious cases based on set criteria. The amount of the transaction doesn’t really matter. There are 30/60/90 filings. SAR must be reviewed before they are sent to FinCEN. There is also a narrative that must be written when the SAR is filed. Be short and brief. Don’t leave blank boxes. Use language that people can understand. The auditor will hammer you if you are supposed to file but failed to. Law enforcement will pick particular SARs of interest for further checking. Law enforcements usually need subpoenas before they can request for information. FinCEN will compile statistics of SARs. It is useful to understand trend analysis.

Tips for Law Enforcement and Financial Crimes Investigators. Profit is an essential aspect of most crimes. This chapter is dedicated to the law enforcement investigator and the FI investigation team. An individual does not need a CPA to perform an investigation. Law enforcement personnel need to have the right training to perform their role well. The compliance unit of the bank will be involved. The investigator should talk to the law enforcement agency. There are numerous regulators for the different types of FIs. FIs take regulators seriously. Law enforcement look out for criminal activity while regulators look at whether the guidelines and standards are being adhered to. Some of the regulators are the SEC, Securities Exchange Commission, Federal Reserve bank etc. Not all law enforcement agencies have access to the FinCEN portal to view SARs. SARs help provide leads for law enforcement agencies. SARs are confidential and information should not be simply shared around unnecessarily. You may be able to obtain KYC documents from the bank. Most of us do not think like bad guys. Once a bad guy using a fictitious ID, it can foil your plans dramatically. Explore the internet for possible sources of new information. Use your instincts. Always learn to be suspicious. Discover the facts as best as possible. If your hair at the back of your neck stands, it probably means something is wrong. Consider different type of hypotheses. Read the Association of Certified Fraud Examiners (ACFE). Learn to invest in your career and develop your career. Don’t be afraid to spend money and time on educating yourself. Financial crimes are growing.

The Importance of a Global Approach to Money Laundering. Many crimes are transnational nowadays. Money laundering is an issue that affects everyone. The FATF consists of many member countries. There is also the Basel Committee on Banking Supervision. Wolfsberg helps to develop and shape guidelines for banks and regulators. The IMF has also been incorporating AML concepts into its procedures.

The New Financial Crime Model. You can contact law enforcement immediately after you file an SAR. There is an increasing trend of fraud and AML units combining and joining forces. Fraud and AML personnel should be cross-trained. However, do take note of the confidentiality requirement of the cases. 95% of all criminal activity is committed because of greed. There are various ways in which a fraud can be conducted. Please understand the red flags for AML cases.

handcuffs money

Year 2015 in Review

Thanks for the support, readers! Hope that you find the blog enriching and useful in your daily life. 🙂 Have a great 2016 ahead!

Here’s an excerpt:

The concert hall at the Sydney Opera House holds 2,700 people. This blog was viewed about 28,000 times in 2015. If it were a concert at Sydney Opera House, it would take about 10 sold-out performances for that many people to see it.

Click here to see the complete report.

Audit Analytics by Sean Elrington

Data analytics is useful for good governance as it provides better assurance as compared to manual sampling. Is the need to hire consultants necessary for straight-forward audit tests? It can help recover unnecessary spending. There may be resistance from the other departments if audit wants to perform 100% checks. There are still auditors which do not use data analytics.

Common Objections to Using Audit Analytics. Some auditors are too busy to learn and to change. The data may not be readily available. In addition, the cost has to be justified. Some are too intimidated by change. You need an understanding of ERP, database structures, views, tables etc. The benefit is that you might save time for data analysis. How will analytics help audit productivity? As it requires less man-hours, analytics can be useful. Although in the short-run, probably more work will be required. If the error is systematic, testing 100% of the population might not be very useful. In such cases, it will be better just to test a few samples and fix the control first. Analytics is here to stay.

Questions that the IT manager will ask you. Why can’t the auditors use Excel? Excel has its limitations on data size. Random sampling is not a good way to detect fraud. Data can be amended easily in excel and it does not have much data security. Sorting can be slow and Excel lacks functions like Benford’s Analysis. Modern audit software have data logs too. It is good to host the data on a server especially when there are multiple users. If you rely on the IT department to generate data for you, there is a risk that the data could be manipulated before being provided to you. There is an issue of how much access that an audit should be given. Data should be obtained from production and not the data warehouse. In the data warehouse, bad data might have been removed already. Application controls rely on passwords and roles to work. Relying on the controls in the ERP system might not be useful when there is collusion. Data might be present from different systems and auditors can’t simply draw the data from one ERP system.

Considerations when choosing audit software. Some of the functions that are heavily used are extract, join, relate, summarize, stratify, classify and age. Continuous monitoring is a lot more expensive and complicated. Is training a big consideration? Do you need to write your own scripts? Or can you buy scripts? What is your required return on investment? Will learning the software help the auditors in their career development? How much technical support is needed? What are the server requirements?

Analytic Software Tools. Picalo is a free tool that can be downloaded online. Some of the other software besides Excel are TopCATTs, Arbutus Software, IDEA, Monarch, Picalo, ACL. ACL usually requires a lot of training before users will know how to use.

Testing for Duplicate Payments. One can test both exact and fuzzy matches. There are multiple reasons why this might occur. First, you have to ensure that there are no duplicate vendors by scrutinizing the vendor’s details. For exact match testing, you can use ‘Substring’; ‘Include’; ‘Exclude’; ‘Alltrim’ formulae to remove dashes, hyphens etc. Testing should be performed on fields like Invoice Number, Vendor Number, PO Number, Date, Amount etc. Deconstruction techniques are used for Fuzzy matches. They use techniques like Soundex, Soundslike, HEX etc. Some of the algorithms are Levenshtein distance, Metaphone etc.

P2P Vendor Analytics. Some of the objectives are 1) vendor master file is correct; 2) employees are not vendors; 3) no duplicate or unused vendors. Match vendor information with employee information. Check out vendor addresses to ensure that they are not mail drop addresses used by delivery services. Sort the number of vendors by payments per year. Use a vendor name fuzzy match. Find vendors with missing fields to check whether the vendor master is well-kept or not.

Purchase Card Analytics. Objectives are 1) only authorized employees are using cards; 2) card purchases are acceptable. Try and detect transactions by authorized card-holders. Find cardholders not in employee master file. List top spenders by department. Find transactions in excess of authorization limits. Identify weekend and holiday purchases.

FCPA analytics. Objectives are 1) test that there are no suspicious payments made to individuals or entities; 2) verify that gifts received are permitted. Identify payments made to high risk countries. Identify cash payments. Identify unusual gifts. Identify credit card spending with unusual Merchant Category Codes. Find unusual vendors, like PEPs etc. Flag out payments with the words ‘facilitate’. Match to watch-lists, world-check etc.

P2P Payment Analytics. Objectives: 1) POs are unique and properly filled; 2) SODs are working; 3) controls to match invoice and PO amounts are accurate. Detect split purchases. Find duplicate payments. Find POs that were raised late. Look out for people who can create and approve their own POs. Look out for unauthorized purchasers. Ensure that there is approval for all POs. Compare a list of payments to prohibited vendor lists.

GL Analytics. Objectives: 1) Only authorized employees are making GL entries; 2) GL entries are acceptable. Detect duplicate GL entries. Look for suspicious wordings like ‘park’; ‘temp’; ‘reverse’; ‘suspense’. Detect GLs made at odd timings. Detect payment voucher and look out for approvals etc. Look out for frequently changed or reversed accounts. Find temporary accounts.

Healthcare Analytics. Objectives: 1) procedures billed to the correct code; 2) appropriate charges are billed to correct account; 3) reasonable timeline of patient activities.

Fraud Facts. Whistle-blower hotlines are a great way to detect fraud. Some level of fraud might be acceptable. It depends on the organizational culture. It is not the auditor’s responsibility to detect fraud. Look out for transactions with fraud symptoms. In general, there are two types of fraud: 1) Fraudulent financial reporting and 2) misappropriation of assets. It is hard to distinguish whether it was an honest mistake or fraudulent. The top from the top must be correct.

Common Business Frauds. You might need the help of a skilful financial auditor to deconstruct fraudulent financial reporting. Financial fraud is a very serious matter. Misappropriation of assets often involve kickbacks. Multiple payees could be an issue. Duplicate payments are a potential source of fraud too. A shell company could be used to deliver fictitious services. Detect maintenance which has been performed too frequently. Physical inspection of works/goods can help. Look out for defective delivery of goods/services by having good IC over the receipting of goods and services. See how often different employees reject or accept goods based on their quality. Inaccurate pricing is one of the type of risks too. Contract rigging means awarding to the lowest bid, but later subsequently changing the product specs so that the contractor will have to deliver more and thus can earn more money. Check contracted projects over their original budgets. Contract rigging is difficult to detect if you are not familiar with the goods. Bid rigging is very difficult to detect. Ensure that there are no phantom employees or contractors. Look out for invalid employees’ wages.

Interesting Fraud Stories. The fraud triangle occurs when there is 1) opportunity; 2) motivation; 3) rationalization. Don’t let non-trained employees do the accounts. Do not let the salespeople collect the cash. Be wary of bribery to win contracts etc.


Soccer IQ by Dan Blank

This book is about you making key decisions in a game of soccer. These tips need to be applied consistently in order to wield effect. This book contains many soccer nuggets of wisdom.

The Holy Grail. Speed is everything. One touch is faster than two touches. Think even before the ball arrives at your feet. There is intrinsic value in fast play. You don’t have to provide a killer pass all the time. Even if you play possession football, you need to pass the ball quickly. The moving ball is fastest than a player running without the ball. Playing fast is a conscious decision. You can learn to develop one-touch passing.

If you can embrace the idea that fast is intrinsically better than slow, you’re halfway home. If you can get an entire team of players to embrace that idea, you’re going to win a lot of games. – Dan Blank

If you can get the job done with one touch, don’t take two. If you can get it done with two touches, don’t take three. – Dan Blank

Slow play is the enemy. Slow play allows your opponent to get organized. Slow play leads to turnovers. Slow play loses games. – Dan Blank

Play from a Spot. Kill the ball so that it close to you and you can do something else with it. This will cause the opponent to require to close you down. Do not take lengthy first touches. If you are not skilful, do not apply a first touch and immediately try to start running. If you are a defender, your first touch is crucial to avoid putting yourself under pressure. The key is to play passes from a spot.

The Impossible Pass. You do not offer help by shouting your teammate who has the ball. Instead, you could say ‘pass it to xxx’. Sometimes, your teammate might not be in a good position. Hence, shouting won’t do any good at all. Your teammate can’t make an impossible pass. If you get shouted at, learn to hold the ball instead.

Passing Angles and Empathy. You must learn to identify proper passing angles. This is difficult when there are players and boundaries. Your teammate must be in the seam so that he or she will be open for the pass. A good player will keep moving to get into the correct seam. Help your teammate by positioning yourself properly in the seam. There is no faster speed of play than one-touch passing. As a play, you should identify seams and empathize with the person with the ball.

Receiving with the proper foot. This should be the foot that is furthest from the defender who will be pressuring you. Ask questions like which foot will help you escape pressure, to play the ball forward. You should learn to play with one-touch or use the first touch to shield you from the defender. You need to demand perfection from your players.

Passing to the Proper Foot. Pass it to the foot where the player is more comfortable with. That can make all the difference in a competitive game. Do not pass behind someone running. Pass to the master foot of your teammate so that they can take a shot etc. If the angle is not good, do not make the pass. Until the ball reaches your teammates feet’, whatever happens is your responsibility. Passing the ball to the wrong foot is bad and must be corrected.

Soccer is full of little big things and this is one of them. It’s astonishing how many potentially great attacks are not stymied by the opponent, but rather by one of our players passing the ball to the wrong foot. – Dan Blank

If the angle she gives you isn’t good enough, don’t pass the ball to her. And if you must pass the ball to her, then don’t aim for where she is. Play the pass to where she is supposed to be. – Dan Blank

Lifting the Tight-Angle Pass. If there is a very tight angle for a ball, consider lifting it instead so that it will not be intercepted.

The 3-Step Rule. When you don’t have the ball, you must help your teammate that has by being in space and available to receive the pass. After your teammate pass the ball, take 3 steps away immediately so that you have a better angle to receive. Learn to play monkey for practise.

Better than Square. Try not to run past the target player as the ball arrives at the targets’ feet. This requires the target player to perform a flick on. Rather, what you should do is to hold your run and give the target a wider angle. Also, you need to read the target’s body language and see where he or she is leaning towards. Make it easier for the target to pass to you. It is always easier to play the way you are facing.

Three Questions. It is important to ask the following: What if? What next? What’s behind me? Your eyes are more important than your feet. For 96% of the game, you are running off the ball. Always be aware of what is behind you. You must make the decisions before the ball even reaches you. Swivel and check your shoulder. Soccer becomes easier if you know what is behind you.

The Unabomber Pass. This puts your teammate with little chance of getting the ball. This means that you take too long to play the pass and the free space that that player once had is no longer there. It is important to keep it simple. Hence, do not hesitate too long when accessing your options. By dwelling one or two seconds, the chance might be gone. Do not give your teammates an Unabomber pass at any cost. Keeping the ball can sometimes be good enough.

Get Proactive. A proactive forward chasing opponent’s defenders down. Running off the ball also communicates to your teammates where you want the ball to be played. Forwards need to learn how to make productive runs.

Your teammates may be wonderful and talented but they are not psychic. They can’t read your mind. If your running does not tell them where to pass the ball, they’ll never know. You need to be proactive in your running. Your proactive runs let your teammate know where she should play the ball. – Dan Blank

The Unwinnable Race. If the defender has a big head-start, you must understand that you might not be fast enough to get the ball if it is played in-between the defence. If that is the case, ask for the ball to be played to your feet instead. Do not waste the forward’s time for chasing after lost causes.

Two Runs. You must let your teammate where you want the ball. If you want it to be played behind, get on your horse. If you want it to your feet, pull back from defenders. The smart way is to perform a decoy. You can come to the ball first, and then spin away if you want it to be played behind you. Decoy runs are important but not many players do it because it is tiring.

Does she need me? See if the ball carrier is under pressure. If he is, then support him by going near so that he can play a ball to your feet. If the ball carrier is not under much pressure, then you might expect a ball in-behind the defender for you to chase.

The Splits. As a forward, do not simply run in a straight line. Rather, you can interchange positions or make mazy runs. The split pass, between two defenders, is the most tricky for the defence. It is very penetrative in nature. When the defence is flat, make diagonal runs across the defence. This is one of the most difficult passes in soccer. As a defender, you must also learn to counter the seam ball (split).

The Ball in Behind. To get past a fence, you must either squeeze through the gaps or go over it. For this, you must take a risk and be very certain that the ball must get behind them. Do not be too precise until the defenders will intercept it. If the ball can’t get beyond the defence, you have nothing. You must kick the ball hard enough. Not all clearances must be pinpoint.

When you decide to put the ball in behind the defensive line, make sure it gets there. Hit the darn thing! Hit it hard enough to clear the line of defenders because even if it’s not perfect, it puts the defenders in an uncomfortable position. – Dan Blank

The Shallow End. Do not embark on grenade dribbles, where you will get crowded out because there are too many defenders. Keep your composure and turn around instead. Go back to the shallow end. Help your team keep the ball.

No Half-Clearances. Do not try to pass your way out of every situation. Sometimes, hoofing the ball out as far as you can is better and is the best thing to do. It is better to lose the ball in the opponents’ side of the field rather than your own. It is damage control. Make it difficult for the opponent to score if you do that. A clearance over midfield is worth a point.

The World’s Dumbest Foul. If the opponent is facing the goal with the ball with you closing her down, do not swat her down. Do not be impatient and foul the person. She has to make a risky clearance. Do not foul the person.

Pick a Surface. Do not let the ball crash onto your shinpads. Learn to control it with your instep. You should always try to control the ball. Do not trap the ball using your shin pads.

The Toe Poke. American footballers do not like the toepoke. The South American players sometimes use it. However, there is a time and place for it. The advantage is that it is very fast and you can get a shot off even if you are under pressure. There is little prep time involved. Don’t be ashamed to use it if you are under immense pressure from defenders.

The Wall to Nowhere. If the freekick is too far from goal, do not establish a man-wall. If more people are in the wall, you will have less players to contest in the penalty box. Do not simply listen to your goalkeeper. The wall can sometimes obstruct a keeper’s view, rendering it to be highly ineffective.

Throw-Ins. Learn to keep possession during throw-ins. The trick is to cock the ball behind your head immediately. If you hold it in front of your stomach when assessing who to throw it too, that is way too slow. When your teammate is coming to receive the throw, give them a chance by ensuring the ball lands near to their feet and not bouncing upward at the point of contact. The quicker you execute it, the higher chance you can catch the opponent unaware and unprepared.

Don’t Turn into Pressure. In a one-on-one situation, you are not expected to lose the ball.

When you dribble, get your body between the ball and the opponent – immediately. And then, for heaven’s sake, please don’t turn back into her. If you want to cut the ball back, do it to the other side of your body. That will keep your body between the body and your opponent, allowing you to protect the ball. – Dan Blank

The Last Player in Possession Never Gets Tackled. Never! When you are the last defender, do not dribble and lose the ball. It is not worth the risk even if you are a good dribbler. You cannot afford to lose the ball. Make sure the ball is off you and do not let the opponent come to within three yards of you. Do not let the forward get close enough to threaten you.

Clearing the First Wave. Your pass must go beyond the first wave of pressure. It is crucial not to lose the ball to the first player.

When a defender gives a ball away to the opponent’s first wave, her team is almost always caught numbers down so it almost ends up with the opponent’s quick transition to offence. And it is always dangerous so you need to avoid it at all costs. – Dan Blank

Quick Restarts. Look for short breaks when the opponent switches off. Take your chance. Punish your opponents for the mistake. Use quick restarts for your advantage.

Judge Headers for Yourself. Judge it for yourself. This is an important skill. Get good at it. Do not be swayed by a forward who is jumping in front of you.

Read her Eyes. Most people telegraph and do not disguise their passes. The player where the person looks before he looks at the ball is the key giveaway. In this manner, you should be able to intercept passes. You might be able to ‘read’ the game better if you practise this. Spy on their eyes. Great players disguise everything. Master the no-look pass.

The Pre-Fake. Apply deception before the ball lands at your feet. Pre-fake means faking to go one direction before setting off in another. You can also employ a shoulder fake. Slower players usually have to rely on technique. Every player needs to use reception to get out of a 1 v 1 situation.

The (Non) Dangerous Play. When an opponent falls to the ground, poke the ball at them. This might cause the referee to think that they might be obstructing play.

Defending the Penalty Kick. As a defender, you must rush to the penalty taker and try to get the rebound if your goalkeeper saves the shot. Take a chance and it might pay off.

Common Sense Defending. Try to make your opponent play the ball with their weaker foot. It makes defending a lot easier. Most players are not adept at both feet.

My Ball, Your Ball, Their Ball. If a ball is equidistance between you or your teammate, no one might rush to get it. No one communicated. The opponent might have just snatched the ball and made the situation their own. One should take ownership of the situation and shout.

Turning the Corner. When you turn the corner as a winger, head straight towards the goal. Do not continue running straight ahead. Do not run to the byline and put in a cross. Often, the cross might get cut out. Take the daring, angled touch towards goal if you are a winger. Have the courage to do it. The defender might have to foul you.

Fix Your Radar. Run at the heart of the defence. Force the defenders to communicate. If you do that, either the wingback or centre back must confront you. Do not simply run down the flanks. Sometimes, it helps running to the middle. Doing so frees your wingbacks to charge into the empty space on the flanks.

Drawing Penalties. When you are in the box and someone touches you, just fall. However, do not fall if no one tackled you.

Keep the Ball Alive. Do not keep attempting to score from ridiculous distances. Do not donate the ball to your opponents. For crosses that are behind you and if you are leaning back, you don’t stand a chance of scoring. If so, do not take ridiculous shots at goal. Only shoot when you have a genuine chance of scoring.

Throw-Ins Aren’t as Great as you think they are. Play the ball with your feet rather than win a throw-in. A throw-in is a 50-50 ball. Unless you see an advantage in a throw-in, try not to let the ball go out.

Hunting Rebounds. Goals are mostly scored from rebounds. Rebounds will happen and smart people take advantage of those. You should anticipate them and not chase them when they appear. Learn to be a rebound hunter. Rebounds win games and they don’t require that much effort in total.

To be an effective hunter of rebounds, you have to negate the defender’s head start. That requires two things: You have to recognize when a teammate is about to shoot, and when you see that, you have to crash the goal. It’s that simple. – Dan Blank

Bait and Switch. Bait a defender who is controlling a long clearance from your team. Let her control it and quickly close her down to make her panic. Sprint right at her to make her panic. Do not close down too quickly at the start or the defender might hoof the ball. Bait and switch and put opposing defenders in uncomfortable positions.

Mismatches on punts, goal kicks and corner kicks. Stop aiming at people where you know they will get outjumped by a towering opposing defender. This is common sense. It should be applied to goal kicks etc. Pay attention to the end result of the punt, sometimes not just the distance of the punt.

Cut off the return pass. As a defender, you can pressure the ball and take away at least one passing option. Forwards are guilty of doing this.

When you are chasing a pass from one opponent to another, make sure that you cut off the player who initially passed the ball. If you don’t, the player who receives the pass is going to pass the ball straight back to the first player and you’re going to end up as the monkey in the middle. – Dan Blank

Playing against a killer wind. Change the way you play depending on whether you are facing or against the wind. If the wind is against you, try to keep the ball on the ground as much as possible. Punts the opponents make will end up deeper than usual. You have to make allowances. Swing your leg harder so that you can punt the ball further up the pitch if the wind is against you.

Playing with a tail wind. Do not play too long through-balls. Make sure your corners stay in the field. Execute sound technique. You must score when there is a tail wind.

Playing in the rain. You must wear screw-in cleats so that you won’t slip. Travel with extra socks and change into them during half-time. The ball will bounce differently on a wet surface and forwards might want to gamble. This is a good time to hunt rebounds. If there are too many puddles of water on the ground, play it in the air instead. For that, you just need to bang the ball in the air with your first touch. Ugly goals might be scored but who cares? Everybody wants to win.

The Red Card Conundrum. Good referees do not let their last call affect their next call. Referees want fairness. Therefore, if one team is awarded a red team, chances are that in the game, the other team might receive one too. If an opponent has been sent off, remember to play clean. Do not give the referee a chance to sent you off.

When Team A is awarded a penalty kick, chances are that Team B will be awarded one before the game is over. And if Team A is the benefactor of two penalty kicks, I’d bet my right arm that Team B will be awarded at least one. The same applies to red cards. – Dan Blank

Celebrate Good Times. If you are unsure the ball has crossed the line, ensure that it does hit the net so that the referee will not have a tough call to make. Or you could celebrate like you won the World Cup. This might convince the referee that the ball did cross the line.

Clock Management with the Lead. Run the clock down. Whack the ball towards the corners of the opponent’s field. Do not retrieve the ball for your opponents. Don’t run to take a corner kick or goal kick.

Clock Management for goalkeepers. Once the ball is in your hands, you only have 6 seconds to clear it. Use your feet to control non-threatening balls in your penalty box. Learn from the professional goalkeepers and understand how they do it.

Clock Management when trailing. Don’t foul unless unnecessary. Fouling takes up additional time. Be realistic about your shots and try not to let the goalkeeper earn goal kicks. Retrieve the ball for your opponent. Chase the goalkeeper so that they must pick up the ball. Set piece must be on target. Do not kick it over the goal as it will waste precious seconds.

When you get to the final 60 seconds of that must-win game and you’re down a goal, you’ve got to take risks. You’ve got to be willing to lose by two or you won’t give yourself the best chance to tie the score. If your team has a corner kick or free-kick, bring everyone including the goalkeeper into the opponent’s penalty box. If you’re going to lose, don’t leave any bullets in the chamber. – Dan Blank

Scoring Goals. Shoot with your first touch if necessary. Position your body even before you receive the ball. Align your hips with the goal. Make the keeper make a save. If you hit the shot off target, you have helped their goalkeeper. Don’t shoot hand-high as it is usually easy for keepers to save those shots. Shoot against the keeper’s momentum. Shoot back towards the direction of the cross. Create an own-goal by smacking a low cross between the opposing keeper and the crowd of players rushing in.

For most players, having composure means sacrificing a little power for accuracy. It doesn’t matter how hard you hit the ball if it sails over the bar. You don’t get points for height and distance. Make the goalie make a save. Ironically it will help you score more goals. It will also produce rebound chances that will turn into goals. – Dan Blank

Protect your Thinker. Heading the ball is risky and can result in brain injuries. Head using the right technique. Having a concussion can derail your football season. Therefore, one should avoid it as much as possible. It is possible to wear protective headgear.

Recruiting. Make sure scouts can read the number on the back of your jersey. Warm up wearing a t-shirt with your number. Put down your contact details in the email.