END OF CHAPTER MATERIAL

CONCEPT CHECK

  1. 1. The careful and responsible oversight and use of the assets entrusted to Management is calledimages
    1. the control environment
    2. stewardship
    3. preventive controls
    4. security
  2. 2. Which of the following is not a condition in the fraud triangle?
    1. Rationalization
    2. Incentive
    3. Conversion
    4. Opportunity
  3. 3. There are many possible indirect benefits to management when management fraud occurs. Which of the following is not an indirect benefit of management fraud?
    1. Delayed exercise of stock options
    2. Delayed cash flow problems
    3. Enhanced promotion opportunities
    4. Increased incentive-based compensation
  4. 4. Which of the following is not an example of employee fraud?
    1. Skimming
    2. Larceny
    3. Kickbacks
    4. Earnings management
  5. 5. Which of the following is not a common form of employee fraud?
    1. Inventory theft
    2. Expense account fraud
    3. Payroll fraud
    4. Refund fraud
  6. 6. Segregation of duties is a fundamental concept in an effective system of internal controls. Nevertheless, the effectiveness of this control can be compromised through which situation?
    1. A lack of employee training
    2. Collusion among employees
    3. Irregular employee reviews
    4. The absence of an internal audit function
  7. 7. The most difficult type of misstatement to discover is fraud that is concealed by
    1. over-recording the transactions
    2. nonrecorded transactions
    3. recording the transactions in subsidiary records
    4. related parties
  8. 8. The review of amounts charged to the company from a seller that it purchased from is called a
    1. vendor audit
    2. seller review
    3. collusion
    4. customer review
  9. 9. Which of the following is generally an external computer fraud, rather than an internal computer fraud?
    1. Spoofing
    2. Input manipulation
    3. Program manipulation
    4. Output manipulation
  10. 10. Which control activity is intended to serve as a method to confirm the accuracy or completeness of data in the accounting system?
    1. Authorization
    2. Segregation of duties
    3. Security of assets
    4. Independent checks and reconciliations
  11. 11. COSO describes five components of internal control. Which of the following terms is best described as “policies and procedures that help ensure management directives are carried out and management objectives are achieved”?
    1. Risk assessment
    2. Information and communication
    3. Control activities
    4. Control environment
  12. 12. Proper segregation of duties calls for separation of the functions of
    1. authorization, execution, and payment
    2. authorization, recording, and custody
    3. custody, execution, and reporting
    4. authorization, payment, and recording
  13. 13. The AICPA Trust Services Principles identify five categories of risks and controls. Which category is best described by the statement, “Information processes could be inaccurate, incomplete, or not properly authorized”?
    1. Security
    2. Availability
    3. Processing integrity
    4. Confidentiality
  14. 14. A company's cash custody function should be separated from the related cash recordkeeping function in order to
    1. physically safeguard the cash
    2. establish accountability for the cash
    3. prevent the payment of cash disbursements from cash receipts
    4. minimize opportunities for misappropriations of cash

DISCUSSION QUESTIONS

  1. 15. (SO 1) Management is held accountable to various parties, both internal and external to the business organization. To whom does management have a stewardship obligation and to whom does it have reporting responsibilities?
  2. 16. (SO 2, SO 4) If an employee made a mistake that resulted in loss of company funds and misstated financial reports, would the employee be guilty of fraud? Discuss.
  3. 17. (SO 2, SO 3) Do you think it is possible that a business manager may perpetrate fraud and still have the company's best interest in mind? Discuss.
  4. 18. (SO 7) Distinguish between internal and external sources of computer fraud.
  5. 19. (SO 7) Identify and explain the three types of internal source computer fraud.
  6. 20. (SO 7) Describe three popular program manipulation techniques.
  7. (SO 7) Distinguish between Internet spoofing and e-mail spoofing.
  8. 22. (SO 10) What are the objectives of a system of internal control?
  9. 23. (SO 10) Name and distinguish among the three types of internal controls.
  10. 24. (SO 10) Identify the COSO report's five interrelated components of internal controls.
  11. 25. (SO 10) Name the COSO report's five internal control activities.
  12. 26. (SO 10) Distinguish between general and specific authorization.
  13. 27. (SO 10) Due to cost/benefit considerations, many business organizations are unable to achieve complete segregation of duties. What else could they do to minimize risks?
  14. 28. (SO 10) Why is a policies and procedures manual considered an element of internal control?
  15. 29. (SO 10) Why does a company need to be concerned with controlling access to its records?
  16. 30. (SO 10) Many companies have mandatory vacation and periodic job rotation policies. Discuss how these practices can be useful in strengthening internal controls.
  17. 31. (SO 10) Name the objectives of an effective accounting system.
  18. 32. (SO 10) What does it mean when information flows “down, across, and up the organization”?
  19. 33. (SO 10) Provide examples of continuous monitoring and periodic monitoring.
  20. 34. (SO 10) What are the factors that limit the effectiveness of internal controls?
  21. 35. (SO 11) Identify and describe the five categories of the AICPA Trust Services Principles.
  22. 36. (SO 11) Distinguish between the Trust Services Principles of privacy and confidentiality.
  23. 37. (Appendix B) Identify the four domains of high-level internal control.

BRIEF EXERCISES

  1. 38. (SO 2, SO 3) What possible motivation might a business manager have for perpetrating fraud?
  2. 39. (SO 5) Discuss whether any of the following can be examples of customer fraud:
    • An employee billed a customer twice for the same transaction.
    • A customer remitted payment in the wrong amount.
    • A customer received merchandise in error, but failed to return it or notify the sender.
  3. 40. (SO 7) Explain the relationship between computer hacking and industrial espionage. Give a few additional examples of how hacking could cause damage in a business.
  4. 41. (SO 9) What are some ways a business could promote its code of ethics?
  5. 42. (SO 10) Describe why the control environment is regarded as the foundation of a business's system of internal control.
  6. 43. (SO 10) Think of a job you have held, and consider whether the control environment was risky or conservative. Describe which you chose and why.
  7. 44. (SO 10) Identify the steps involved in risk assessment. Do you think it would be effective for an organization to hire external consultants to develop its risk assessment plan? Why, or why not?
  8. 45. (SO 10, SO 11) Discuss the accuracy of the following statements regarding internal control:
    • The more computerized applications exist within a company's accounting system, the lower the risk will be that fraud or errors will occur.
    • The more involved top management is in the day-to-day operations of the business, the lower the risk will be that fraud or errors will occur.

    PROBLEMS

    1. 46. (SO 10) Identify whether each of the following accounting positions or duties involves authorization, recording, or custody:
      • Cashier
      • Payroll processor
      • Credit manager
      • Mailroom clerk
      • Data entry clerk
      • Deliver paychecks
      • Deliver the bank deposit
      • Prepare the bank reconciliation
      • Check signer
      • Inventory warehouse supervisor
      • Staff accountant
    2. 47. (SO 10) Identify whether each of the following activities represents preventive controls, detective controls, or corrective controls:
      • Job rotation
      • Preparation of a bank reconciliation
      • Segregation of duties
      • Recalculating totals on computer reports
      • Use of passwords
      • Preparing batch totals for check processing
      • Establishing a code of ethics
      • Use of a security guard
      • Verifying source documents before recording transactions
      • Matching supporting documents before paying an invoice
      • Independent review of accounting reports
      • Performing comparisons of financial statement items
    3. 48. (SO 10) Shown are a list of selected sources of internal control guidelines, given in order of issuance, followed by a list of primary purposes. Match each guideline with its primary purpose.
      1. Foreign Corrupt Practices Act
      2. COSO
      3. SAS 99
      4. Sarbanes–Oxley Act
      5. Trust Services Principles
      1. Required auditors to focus on risks and controls and to conduct audits with skepticism
      2. Prevented bribery and established internal control guidelines
      3. Curbed fraud by requiring additional internal control reporting within annual reports
      4. Established internal control concepts based on comprehensive study
      5. Established essential criteria for evaluating reliability of business systems
    4. 49. (SO 1, 3, 10) Using a search engine on the Internet, find articles or descriptions of the collapse of Enron. The collapse began in November 2001, and many articles appeared over the next two to three years.

      Required:

      1. Briefly describe the fraud that occurred.
      2. Discuss what you see as weaknesses in the control environment.
    5. 50. (SO 3) Using a search engine on the Internet, search for articles on fraud that occurred in 2000 to 2002 in the following companies:

      Adelphia

      Enron

      Global Crossing

      WorldCom

      Xerox

      Try to locate articles or information about stock prices, how the fraud was conducted. You might wish to look at the following websites: edgar.sec.gov, www.hoovers.com, www.forbes.com.

      Required:

      1. Find information to help you complete the following table:

        images

      2. Discuss the common characteristics that you see in each of these examples.
    6. 51. (SO 3) Using a search engine, search for articles on the following two companies, which were paying bribes in foreign countries: Siemens and Johnson & Johnson. The settlements were in 2011. For each company, describe
      1. How it was discovered
      2. The end result of the investigation
      3. What you think the company might have done to prevent this, or lessen the impact
      4. What you learned about the Foreign Corrupt Practices Act

    CASES

    1. 52. At the old city hall, mail was sorted in a glorified closet—not the sort of place you'd expect to be frequented by a high-ranking city official with multiple degrees. But the city of Wooten's chief financial officer, Ed Peterman, had an unusual interest in the mail. He was often known to greet the postal carrier at the door to receive the day's delivery, take it to the mail closet, then immediately remove selected envelopes and parcels and take them to the privacy of his own office. Other times, he would request hand delivery of incoming payments, circumventing the mail closet altogether.

      These activities were part of an elaborate embezzlement scheme that resulted in the loss of millions of dollars for the city. Mr. Peterman was intercepting checks written to the city and endorsing them to his personal bank account.

      The procedural manual for Wooten's accounting department described mailroom policies, including the requirement for a clerk to log checks into a computer file and prepare a receipt. Another employee was responsible for preparing an independent verification of the amount of the receipts, and a third employee made the bank deposit. Despite these written guidelines, Mr. Peterman was often known to carry out some of these tasks himself, or to claim to be doing so.

      In response to the news of this fraud, the CFO of a neighboring community commented that many cities are unable to achieve strong internal controls because of the limitations of small staff size and tight operating budgets. Rather, small cities often have no choice but to rely on the integrity of their employees.

      Required:

      1. Which internal control activity was violated in order for Mr. Peterman to perpetrate this fraud?
      2. Do you consider this case to be an example of management fraud or employee fraud?
      3. Was the city's procedural manual adequate for prescribing internal controls to prevent this type of fraud? Why, or why not?
      4. Why do you think no one reported the unusual mailroom practices of Mr. Peterman? To whom would such a violation be reported?
      5. Do you think a business in Wooten could be guilty of customer fraud if it agreed to deliver its payments to Mr. Peterman personally rather than send them to the city's mailing address?
      6. The comments made by the neighbor CFO express which type of limitation of internal control systems discussed in this chapter?
    2. images 53. The following description is excerpted from “Coupon Accounting Abuse,” Management Accounting, January 1993, p. 47.

      It's November 15, and Larry, brand manager for a major consumer products firm, is contemplating his year-end bonus. It is becoming increasingly obvious that unless he takes action, he will not achieve his brand profitability target for the year. Larry's eyes fall to the expense estimate for the new coupon “drop” slated for later in the month. His hand trembles slightly as he erases the 4 percent anticipated redemption rate on his estimate sheet and replaces the figure with 2 percent. Larry knows from experience that 2 percent is an unrealistically low figure, but he also knows that neither the firm's independent nor internal auditors will seriously challenge the estimate. This way, Larry's product profitability report will reflect the increased revenue associated with the coupon “drop” this year, but the entire redemption cost will not be expressed until next year.

      “That should put me over,” he muses. A wry smile crosses his face. “If the auditors question the rate, I'll give them a story about seasonality and shifting consumer patterns. They won't know enough about marketing to question my story.” Eventually, of course, the real cost of the coupon drop will have to be expensed, and that will hurt next year's profit figure. “But, that's next year,” Larry reasons, “and I can always figure out a way to make it up. Besides, by the end of next quarter, I'll be handling a bigger brand—if I can show a good profit this year.”

      A brief description of coupons and proper accounting for coupons might help us to interpret the situation just presented. Coupons are “cents-off” privileges, such as $0.50 off when you buy a certain brand of yogurt. When a company offers coupons to consumers, it must estimate the redemption rate and record an expense and the corresponding liability. This is similar in concept to warranty expenses.

      Required:

      1. Discuss whether the situation described can happen to a company with a good control environment.
      2. Describe any steps a company could take to prevent such abuse.
      3. List those parties who might be harmed by this situation.
      4. Do you consider this example to be management fraud or employee fraud? Describe how it fits the definition of your choice.
    3. images 54. The CEO of Mega Motor Company, Leland Brocamp, resigned on November 1, 2002. His resignation had been negotiated with the Board of Directors of Mega Motor after it was revealed that Mr. Brocamp violated the company's corporate ethics policy by having an affair with a subordinate employee. The policy forbids intimate relationships with anyone who “works through his or her management chain.” This resignation essentially forced him into early retirement.

      During the next year, the College of Business at Bozeman State University hired Mr. Brocamp as a part-time instructor to teach business strategy courses. The dean of the college suggested that the relationship was a personal matter and that Mr. Brocamp's wealth of experience is beneficial to students. Some who supported the hiring pointed out that other faculty members are not questioned about their personal lives. Others suggested that since management ethics is so important, someone who violated a company ethics policy should not be teaching students about the proper management of organizations.

      Required:

      1. Discuss whether Mr. Brocamp's violation of corporate ethics policy affects or reflects the control environment of the company.
      2. Since the violation is personal in nature, should Mr. Brocamp have been forced to resign?
      3. Should Bozeman State have hired him to teach business strategy courses?
    4. 55. Janie Ray frequently makes purchases from mail-order catalogs. Recently, she ordered a dress she intended to wear to her cousin's wedding. Unfortunately, she did not receive the package on time, and on the evening before the wedding, Janie went shopping and purchased another outfit at a local dress shop.images

      Janie's neighbor, Steve, actually received the mail order package intended for Janie. Because Steve had been out of town last week, he had not had the chance to promptly bring the package to Janie's house. Even though the box correctly showed Janie's name and address, it appears that the carrier merely left the package on the doorstep of the wrong house.

      Disgusted with this chain of events, Janie decided to claim that she had never received the package. After all, she was not able to wear the dress for its intended purposes; she should not have to pay for it. Moreover, the carrier was not able to provide proof of delivery.

      Required:

      1. Discuss which type of fraud is involved in this case, from the perspective of the mail order company.
      2. Which of the AICPA Trust Services Principles most closely relates to this situation?
      3. Describe a preventive control that could be performed by the carrier to avoid the possible recurrence of this type of fraud.
    5. 56. Evan Charter agreed to help his fraternity obtain sponsors for its annual charitable event to be held during Homecoming week. He accepted this responsibility at the recommendation of last year's fund-raiser, who told Evan that the task would require approximately ten hours of time and would likely result in total sponsorships of $1000.images

      After spending approximately ten hours calling on previous sponsors, Evan felt that he had hit a brick wall. For many reasons, most of last year's sponsors were unwilling to continue their involvement with this annual fund-raiser. Evan needed to look for additional sources of funding. He spent several hours researching potential new contributors and finally located a database containing a list of businesses within the local zip code. Since the list included e-mail addresses, Evan developed a letter of request and e-mailed it to all these businesses.

      The response was overwhelming. Evan collected over $3000 from this new pool of business contacts. While compiling the checks received to turn over to the fraternity treasurer, Evan noticed that one business had made its $200 check payable to Evan personally.

      Rationalizing that the additional time he had spent on the project and the success he was able to achieve were worthy of compensation, Evan decided to keep this one check. He wrote a letter of acknowledgment to the donor and deposited the $200 in his personal account.

      Required:

      1. Do you think Evan's actions were justified? What would you have advised him to do in this situation?
      2. What internal control activities could the fraternity have implemented in order to prevent Evan's actions?
      3. Can you think of a detective control that could uncover the omission of the $200 check?

    CONTINUING CASE: ROBATELLI'S PIZZERIA

    Reread the Robatelli's case material at the end of Chapter 1, and then answer the following questions:

    Required:

    1. Considering the nature of the relationship between Robatelli's home office and its franchise owners, the company may be quite vulnerable to theft or fraudulent financial reporting committed by these franchise owners. Describe the three components of the fraud triangle and how each would relate to a franchise owner's likelihood to defraud Robatelli's.
    2. Identify three types of fraud to which Robatelli's may be susceptible. For each of your three responses, indicate whether the fraud is classified as management fraud, employee fraud, vendor fraud, customer fraud, or computer fraud. In addition, for each of your three responses, suggest an internal control that could be implemented to prevent or detect the potential fraud.
    3. Design a suggested code of ethics for Robatelli's. Your code need not be long; five or six bulleted items will suffice. You may find guidance by searching the Internet for examples.

    SOLUTIONS TO CONCEPT CHECK

    1. (SO 1) The careful and responsible oversight and use of the assets entrusted to management is called b. stewardship.
    2. (SO 2) c. Conversion is not a condition in the fraud triangle. Incentive, opportunity, and rationalization make up the fraud triangle.
    3. (SO 3) a. Delayed exercise of stock options is not an indirect benefit of management fraud. When managers conduct fraud, they are expecting indirect benefits such as delayed cash flow problems, enhanced promotion opportunities, and increased compensation. However, delaying stock option exercise is not a benefit.
    4. (SO 4) d. Earnings management is not an example of employee fraud. Earnings management is a type of management fraud. The other answers are examples of employee fraud.
    5. (SO 4) d. Refund fraud is not a common form of employee fraud. Refund fraud is a form of customer fraud, not employee fraud.
    6. (CMA Adapted) (SO 4) Segregation of duties is a fundamental concept in an effective system of internal controls. Nevertheless, the effectiveness of this control can be compromised through b. collusion among employees. When employees who perform segregated duties work together, they can circumvent controls and perpetrate fraud.
    7. (CPA Adapted) (SO 4) The most difficult type of misstatement to discover is fraud that is concealed by b. nonrecorded transactions. If there is no record of the fraud, it is especially difficult to detect.
    8. (SO 6) The review of amounts charged to the company from a seller that it purchased from is called a a. vendor audit. A vendor audit involves the examination of vendor records in support of amounts charged to the company. Since many vendor contracts involve reimbursement for labor hours and other expenses incurred, the company can review supporting documentation for these expenses incurred by its vendor.
    9. (SO 7) a. Spoofing is generally an external computer fraud, rather than an internal computer fraud. Spoofing occurs when a person, through a computer system, pretends to be someone else. Internet spoofing is the most dangerous to the accounting and control system.
    10. (SO 10) The control activity intended to serve as a method to confirm the accuracy or completeness of data in the accounting system is d. independent checks and reconciliations. Independent checks and reconciliations on performance are important aspects of control activities. They usually involve the reconciliation, or comparison, of two sets of records, such as a bank reconciliation's comparison of the bank statement with the company's cash records.
    11. (SO 10) COSO describes five components of internal control. c. “Control activities” is the term that is best described as “policies and procedures that help ensure management directives are carried out and management objectives are achieved.” Control activities involve authorization, segregation, security of assets and records, adequate documentation, and independent checks. Policies and procedures of the organization establish the appropriate authorizations, segregations, security of assets and records, adequate documentation, and independent checks.
    12. (CPA Adapted) (SO 10) Proper segregation of duties calls for separation of the functions of b. authorization, recording, and custody.
    13. (SO 11) AICPA Trust Services Principles identify five categories of risks and controls. c. Processing integrity is the category best described by the statement, “Information processes could be inaccurate, incomplete, or not properly authorized.”
    14. (CIA Adapted) (SO 2, 10) A company's cash custody function should be separated from the related cash recordkeeping function in order to d. minimize opportunities for misappropriations of cash. A lack of segregation of duties makes it possible for assets to be stolen, and the related records may be manipulated to conceal the theft.

1Stephen D. Williger, “Phar-Mor—A Lesson in Fraud,” The Wall Street Journal, March 28, 1994.

2The Committee of Sponsoring Organizations includes the following organizations: AICPA, AAA, FEI, IIA, and IMA. The purpose of COSO is to improve the quality of financial reporting through business ethics, effective internal controls, and corporate governance. The COSO website is www.coso.org.

3Committee of Sponsoring Organizations of the Treadway Commission (CSOTC), Internal Control-Integrated Framework (COSO Report), 1992 and 2012 drafted edition.

4Report to the Nation on Occupational Fraud and Abuse, Association of Certified Fraud Examiners, 2010, p. 4.

5Securities and Exchange Commission, Litigation Release No. 17465, April 11, 2002.

6Paul Zikmund, “Ferreting Out Fraud,” Strategic Finance, April 2003, pp. 3–4.

7Barbara Lamberton, Paul H. Mihalek, and Carl Smith, “The Tone at the Top and Ethical Conduct Connection,” Strategic Finance, March 2005, p. 38.

8Olen L. Greer and George D. Schmelzle, “Are You Being Bullied?” Strategic Finance, September 2009, p. 41.

9 COBIT 4.1, IT Governance Institute, Rolling Meadows, IL, 2007.

10 Trust Services, Principles, Criteria and Illustrations, American Institute of Certified Public Accountants, Inc. and Canadian Institute of Chartered Accountants, 2009 (www.aicpa.org).

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
52.14.211.70