Pages

Monday, July 27, 2015

Prevention of Accounting Fraud, Nothing else but "Automatic Recording"

It is reminiscent of "the Lehman collapse" which is referred to as "Lehman Shock" in Japan. I would call it "Toshiba shock".

To the Japanese people, Toshiba is famous for the sponsor of Sazae-san which holds the Guinness World Record for the longest running animated television series. Its sponsorship is over forty five years.

In such Toshiba, a major Accounting scandal has been revealed.

Many people would feel watching the press conference of the other day (July 21) on TV that it is organizational and malicious Accounting fraud. Investors around the world may be wondering what the "Audit Committee" has been doing, or what the "Accounting auditor" (auditing firm) has been doing, even in a Company with Committee. They have learned nothing at all from the lesson of "Kanebo scandal" or "Olympus scandal". They should rather dismantle the entire group and end the history of 140 years. Thereby, reorganization of the consumer electronics industry and heavy industrial industry of Japan would be promoted.

There is nothing better than the visualization of Business data to prevent "circular trade" or "aggregation fraud".

Fraud occurs because the Business Process is invisible, because business data in it is invisible... You should give the authority to be able to view the real-time business data in the Business Division, to the General managers and their superiors for example. To the executive officers and directors, for example, you should give the authority to browse the real-time business data of entire company. Nobody would even think about expressly falsifying "the documentation of the board of directors", if it was a mechanism of automatic recording the fact of "who when did what".

[Basic insiders flow of Quotes / Orders / Billing, etc.]

Tuesday, July 21, 2015

Tributary in Each Subsidiary Merges to Form Mainstream

"Collect Individual Numbers by each subsidiary!"

Human resources system is different for each subsidiary. Even the scale of the number of employees is different. Yes... Some companies are hiring hundreds of Part-timers, while others are not at all. Some companies have regional branch offices across the country, whereas others have nothing.

"Shared Services" which is a mechanism of sharing the indirect departments in a Group of companies is not uncommon. In many cases, procedures of Social security and taxation are also delegated to the Shared Services Center. However, there is no choice other than the "collecting of Individual Numbers" to be done in each company, if the industry and business category were largely different from each subsidiary. For so-called the "Methods for identification", you should ask them to devise at each company.

About "Collecting of Individual Numbers ", I exemplified the five processes in this blog.
  1. Application-approval in a small organization
  2. Check Digit function added
  3. Identifications on site
  4. Identifications only in the head office
  5. Identification by complex application

In the following Workflow, Individual Numbers that have been collected through it will be eventually automatically aggregated in the Shared Services Center. It is assumed that "HTTP transmission", an automatic Event, is to be placed at the most downstream of the Collecting Process in each company.

[Acceptance of Updated Information Process]

Monday, July 13, 2015

National Identification Number in Workflow (5)

"Your Individual Number is required in your contract. Please complete the form.
(Or please send us.) XYZZY, Inc."

Countless "phishing sites" are existing on the Internet. For example, appearance of the victims who are ripped off their "Credit card number" or "PIN code" is unending. Sooner or later, phishing sites that try to gather "Individual Numbers" will come out.

"Suppose if a phishing site that spoofing my company have emerged..."

For those companies utilizing many external freelance must rely on "online application". However, the situation will be a serious trouble if a spoofing phishing site emerged. Basically, there are no measures to prevent the ripping off other than to ask for confirmation of "data transmission destination" and "addressee".
  • URL for the destination of verification file is "https://example.com"!
  • Address for mailing copies of identification documents is "Anyplace street, nakagyo-ward, Kyoto city"!

In the example which I have presented in the latest article,

It was available to apply for freelance in remote location, lawyers or accountants. Moreover, it was excellent workflow that is capable of reducing the number of "person responsible for collecting the Individual Number" to very limited. As a result, it was possible to reduce the "risk of information leakage by human" to almost zero.


However, in that sample, it was required to attach "Individual Numbers" and "Image files of certificates".
  • A). Image of "Driver's License"
  • B). Image of "Notification card"
A: Can be substituted with "Individual Number card (front side)" or Government-issued photo identification such as "Passport", etc.
B: Can be substituted with "Individual Number card (back side)" or certificate on which Individual Number is indicated such as "New Residential certificate", etc.

That is, in terms of the fishing site side, it can be said that it is a "structure of easy to Rip-off." Risk assessment by qualified personnel of information security may vary, but at least it cannot be said that "the risk is zero". In the first place, I wonder if there is a way without exchanging sensitive information online?


The following Workflow is an Individual Number Application flow from a remote location that is characterized in;
  • Not submitting neither "A; Image of Driver's License" nor "B; Image of Notification card" (!)
  • Not submitting even "12-digit individual Number" (?!)

"Division of the information" is the keyword. Explaining this business process roughly, it consists of the following two Steps.
  1. Transmission of first 8-digits
  2. Verbal report of last 4-digit

Caution: Regarding to "it is clear that it is the same person", there is a risk of occurrence of "difference of opinion" between the government institutions, etc.! For more information, please confirm the enforcement regulations Act Article 3 (5) and the enforcement regulations Act Article 9 (4). (Or go to the Government office to confirm, preparing for red tape runaround.)

[Individual Number Application flow-5]

Monday, July 6, 2015

National Identification Number in Workflow (4)

"It's just an application that let employees to make their own?"

That is right. But that is not all... Individual Numbers which an enterprise should collect are surprisingly numerous. That is, Individual Number of "Employees / Part-timers" and "their dependent family member" is not the all.

Especially, "outsourcee (Self-employment)" is troublesome.

Every Japanese companies are helping the "tax collection operations of the country." That is, income tax is withheld by the company upon payment of remuneration. Then the company pays the entrusted income tax to the government. (Moreover, the amount of withholding is aggregated and delivered as Certificate of Income and Withholding Tax to each person.)
  • Copywriting fee, composer's fee, designing fee, copyright royalty, lecture fee
  • Remuneration for lawyers, judicial scriveners, accountants, tax accountants, patent attorneys

You see. When you ask for the lecture or designing for individuals of external, you need to collect the Individual Numbers of these people. If you are taking advantage of "Crowdsourcing", as a fashion, you will need a special care.

Through the "Individual Number Application Processes" in previous articles;
We were focusing on applications from employees and part-timers. And in the latest article, we considered on a Workflow for conducting the "Measures of Identification" in apportioned among the managers.
  • X. Dispersion: Apportion the collation within the organization. (All store managers or all section chiefs confirm)
  • Y. Intensive: Ask them to attach documents sufficient to collate in online.


In this Business Process here, everything is done centrally online. (Intensive)

This is very convenient for;
  • companies that taking full advantage of external freelance such as designers or programmers
  • companies that making requests on a daily basis for the external personal such as lectures or writings

All the processing, including the "Measures of Identification", can be done online. Moreover, you can limit the personnel who touch (specific) personal information to the Accounting Department in the headquarter.

Incidentally, in this case, everyone makes their application in an "Application Form" (a secure web form), whoever a head office worker or a remote worker, a part-time or the president, a rookie or a veteran, a lawyer or an accountant...

[Individual Number Application flow-4]