In a paper titled, “Improving Experienced Auditors’ Detection of Deception in CEO Narratives” (published in the Journal of Accounting Research), researchers, Mark Peecher and Jessen L. Hobson, found that experienced auditors’ judgments about deception are less accurate for companies later linked to fraud, regulator investigation, or class-action litigation, unless they are first instructed to look for signs of guilt in the CEO’s voice. According to a University of Illinois press release, “most people have trouble figuring out when someone is deceiving them,” said Peecher, the Deloitte Professor of Accountancy and associate dean of faculty at the College of Business. “The good news here is that very experienced auditors, who are hired because they’re supposed to be watchdogs for society, actually have the capacity to discern when upper management is being deceptive.”1
Further the article noted:
The researchers compiled 124 judgments from 31 very experienced auditors from multiple accounting firms. Each participant provided deception judgments for four publicly traded companies, using excerpted CEO responses to analyst questions during quarterly conference calls. Software randomly drew excerpts from a population of five fraud and five non fraud companies, with the expectation that participating auditors would spot fraud accurately 50 percent of the time by chance alone. For each company, auditors also received background information and financial statements.
While reviewing CEO answers to analyst questions, auditors decided whether they thought the financial results being discussed were fraudulent. Peecher and Hobson found that accuracy levels for spotting fraud improved from 43 percent to 70 percent when veteran auditors were given instructions to look for signs of “negative affect” during CEO narratives from conference calls.
If you make it easier for auditors by saying ‘One of the symptoms of fraud is cognitive dissonance, so keep that in mind as you listen to this real-world recording of an earnings call with an executive and when you assess if there’s deception,’ that’s where they’re able to perform substantially better than chance at predicting fraud,” Peecher said. “And that’s encouraging and something that audit firms may want to take a look at when they try to assess fraud risk of potential and current clients.
In this chapter and the following modules, we examine various tools and techniques for fraud detection and risk assessment. Those modules, along with the learning objectives include:
In January 2009, nearly a decade after a wave of financial reporting frauds in the United States, Ramalingam Raju, the chairman of an Indian IT outsourcing company, Satyam Computer Services (SAY), with more than 50,000 employees, sent a letter to the Company’s Board of Directors and the Securities & Exchange Board of India. In this letter, Raju addressed the following:
In the text of Raju’s letter, he asked, “When riding a tiger, how does one get off without getting eaten?” According to SCRIBD.com, Satyam was a “failure of corporate governance.” As a result, the Indian government replaced all of the Satyam Board members.
According to Jonathan Marks, CPA, CFE, CFF, in addition to establishing an ethical environment, corporate governance players, including board members and management must take the lead in establishing, implementing, and maintaining a formal fraud risk management program.
In his Blog, BoardandFraud.com, Marks identifies the fraud risk universe in Figure 8-1:
In the following section, the authors examine the critical role of the corporate governance stakeholders.
Management’s primary responsibility is to ensure that the organization meets its strategic, operational, and performance objectives. To accomplish this, the leadership must develop and implement strategies and procedures to manage the company’s long-term economic stewardship rather than acting simply as agents of the owners—the shareholders—and responsible merely to maximize shareholder wealth.
Inherently, such responsibilities require that management establish some methodology for measuring performance and communicating the results of their efforts. Furthermore, management must protect the organization’s assets, the various resources controlled by the organization to meets its objectives. Statement on Auditing Standards (SAS) No. 1 states, “Management is responsible for adopting sound accounting policies and for establishing and maintaining internal control that will, among other things, initiate, authorize, record, process, and report transactions (as well as events and conditions) consistent with management’s assertions embodied in the financial statements.”2 More specifically, these latter obligations require management to design and implement a system of internal controls, processes, and procedures necessary to safeguard the resources of the entity and ensure relevant and reliable financial reporting. In many cases, the company falls under the purview of various regulatory and taxing authorities that also require compliance with their informational and reporting needs.
Overall, management must design, implement, and maintain internal controls and financial reporting processes to produce timely financial and nonfinancial information that reflects the underlying economics of the business. Accounting information and reporting must comply with generally accepted accounting principles as well as other necessary regulatory requirements. Because management is responsible for the fair presentation of the financial statements and to safeguard the assets of the business, they must also mitigate fraud within the organization by preventing, deterring, and detecting asset misappropriation, corruption, and fraudulent financial statements. Consistent with those objectives, management should design, maintain, and monitor a system of internal controls over assets, financial information, and the financial reporting process. Management is also responsible for providing information to the independent auditors so that they may complete the work necessary to render an opinion on the financial statements.
Depending on the individuals involved, internal controls cannot prevent management override or collusive behavior by, and among, senior management. Because prevention through segregation of duties, approvals, and authorizations is not possible in a collusive environment, the principal internal control procedures will be centered on detection. The fear of detection may serve as a deterrent, but that does not eliminate the concern that traditionally designed internal controls are ineffective when management override or collusion is present. Thus, internal and external auditors, fraud examiners, and forensic accounting professionals must design procedures to detect such activity. Because management is in a unique position to override internal controls and collude with other top managers or outside third parties, auditors and antifraud professionals must design specific procedures to determine whether the internal control system could potentially be circumvented by a senior manager through override, or by a group of managers through collusion.
Generally, three procedures are effective in identifying breakdowns in internal controls due to override and collusion.
First, journal entries recorded in the books and records, as well as other adjustments to financial information, should be examined for proper backup documentation. The auditor should obtain an understanding of the internal control processes regarding journal entries and other adjustments (such as consolidating entries that may appear only on an Excel spreadsheet) and determine whether the journal entries carry the proper authority, approvals, documentation, and sign-offs as required by organizational policies and procedures. Further, auditors should discuss journal entries with employees who are not senior managers and inquire about inappropriate or unusual activity regarding journal entries. Often, when intentionally inappropriate journal entries are recorded, they are approved by the individual who directed and authorized it. Auditors should consider examining the timing of journal entry activity, looking for journal entries that are recorded at odd hours, such as late at night and on weekends or holidays when such journal entries may not be expected. Also, they should consider investigating journal entries that are typically used to perpetrate fraud schemes, such as reductions in liabilities and increases in revenues, or reductions in period costs and increases in capital assets, especially those made near year-end. SAS No. 99 requires testing of journal entries and other adjustments, and further details additional procedures the auditor should consider.
Second, significant accounting estimates need to be reviewed. Fraudulent financial reporting can be accomplished through manipulation of estimates that require judgment. Fabricated estimates can also be a source of concealment of other fraudulent activities. In some ways, accounting estimates may be a more effective source of fraud concealment than journal entries that involve professional judgment to determine the reasonableness of account balances. In many instances, underlying assumptions are not documented carefully or are documented with falsified or fictitious documents; these practices allow year-to-year modifications that could go unnoticed. SAS No. 99 requires auditors to consider the potential for bias when testing estimates. Included in the testing procedure should be a review of prior years’ amounts to see if the methodology or underlying assumptions have changed, and if so, a determination of the business rationale for the change in approach is in order.
Third, unusual “one-time” transactions should be scrutinized to ensure that they have an appropriate underlying business rationale. Understanding the business rationale is a requirement under SAS No. 99, and is done to ensure that the financial statements are not subject to manipulation through the use of one-time, fraudulent transactions. The auditor has the responsibility to ensure that the accounting treatment is appropriate and that the transaction is properly supported, documented, and disclosed in the financial statements. Other procedures that may help to identify breakdowns in internal controls include analytical reviews in which anomalies are identified. One example is when gross margin is stable or increasing at a time when it should be decreasing, such as in a competitive environment or during an economic downturn.
As noted by Bishop et al., “many parties have pointed to the difficulty of preventing collusive fraud, as well as the large losses caused by collusion. However, relatively little is known about how collusive fraud differs from solo-offender fraud.”3 Recently, researchers have started to examine the profile of collusion and management override. First, Free and Murphy investigated cooffending and the nature of the fraud team.4 The authors interviewed 37 convicted collusive (referred to as cooffending in research literature) fraudsters and conclude that the reasons cooffenders instigate and commit frauds vary, based on two primary considerations: the nature of the relationship among the cooffenders and the nature of how the participants benefit from the fraud.
In contrast to interviews used by Free and Murphy and Bishop et al.5,6 conducted an analysis of the ACFE’s dataset of fraud cases developed through surveys and made available to academic researchers by the Institute for Fraud Prevention. This work compares solo fraud with that of collusive fraudsters and focuses on the collusive fraud leader. The authors find a number of key differences between collusive fraud and solo fraud.
As stated by Bishop et al.,7 the results highlight the importance of considering a potential fraudster’s ability to build a fraud team to commit large, intense frauds.8 The profile of the collusive team leader—younger male, close ties to customers or vendors, and wheeler-dealer attitude—contrasts with the typical notion of the white-collar criminal as older and possibly facing personal problems, such as addiction, or demonstrating control issues. Given the high cost of collusive fraud, we encourage forensic accountants, auditors, and managers to pay close attention to the profile of the collusive fraud leader and to respond accordingly when this profile is present. DiGabriele finds general agreement among academics, auditors, and forensic accountants that “forensic accounting has a place in the audit process,” and the present study’s findings reflect insights that should be useful to both forensic accountants and financial statement auditors as they seek to detect fraud.9 Further, managers can consider the profile of the collusive fraud leader as they determine the deployment of antifraud resources in their organizations.
Turning to management override, SAS No. 99/113, AU 316.08 state that “Management has a unique ability to perpetrate fraud because it frequently is in a position to directly or indirectly manipulate accounting records and present fraudulent financial information … By its nature, management override of controls can occur in unpredictable ways.” Consistent with this notion, the 2016 ACFE Report to the Nations found that override of existing controls is the second most frequently observed internal control weakness that contributed to fraud; the lack of internal controls was the only weakness more frequently cited by the ACFE’s survey respondents.
In recently completed research, Bishop et al.10 compared ACFE management override fraud cases to cases involving a lack of internal controls, focusing on the nature of the principal perpetrator, fraud incident, and organizational setting. The authors found a number of key attributes that differ between management override frauds and those involving a lack of control.
The perception of the public—particularly with regard to asset misappropriation, corruption, and misstated financial statements—is that independent auditors are responsible for fraud detection. However, an auditor’s responsibility, according to generally accepted auditing standards (GAAS), is to provide reasonable assurance that the financial statements are free from material misstatement whether caused by error or fraud. Auditors do not examine 100% of the recorded transactions; instead, they rely on a sample portion to determine the probability that the transactions were recorded properly. Further, auditors also rely on high-level analytical procedures, as well as interviews, inquiries, external confirmations, inspections, physical inventories, and other audit procedures, to determine whether the financial statements are free from material misstatement. The difference between the public’s perception of the role of the auditor and the role that audit professionals actually serve has led to an “expectations gap.”
Management is responsible for the financial reporting process and its output: financial statements, disclosures, and related notes. Consequently, many might question what role the auditor plays. The auditor’s role is to attest to the fairness of management’s presentation of the financial information as well as the assertions inherent in the financial statements. When auditors have completed their work, they report their findings in an audit report. Auditors have several choices concerning the types of opinions that they may render. First, auditors may conclude that the financial statements present fairly, in all material respects, the financial position—balance sheet (assets, liabilities, and stockholders equity), results of operations/income statement (income and expenses), and cash flows. This opinion is referred to as an unqualified opinion. The auditor may also publish a modified, unqualified opinion. This report is referred to as the “unqualified opinion with explanatory paragraph or modified wording.” This type of opinion is issued when auditors feel that it is necessary to provide additional information that they believe needs to be understood by the financial statement users. Some examples of when an auditor may provide explanatory information include when substantial doubt exists about an entity’s ability to continue as a going concern and when generally accepted accounting principles have not been consistently applied. Other opinions that an auditor may issue include a qualified opinion, when the auditor believes that some material aspects of the financial information are not presented fairly; a disclaimer, when they cannot issue an opinion because of limitations on the scope of their work or when there is a lack of audit evidence that would provide a reasonable basis on which the auditors may draw conclusions; and an adverse opinion, when the auditor has concluded that the financial statements are essentially misleading.
Fraud, primarily financial statement fraud, has been a significant concern of the auditing profession, the Public Company Accounting Oversight Board (PCAOB), and the Securities Exchange Commission (SEC). The scandals of the late 1990s and the early 2000s, such as Enron, Adelphia, WorldCom, and Tyco, have increased the pressure on auditors to detect fraudulent financial reporting. The accounting profession responded in 2002 with Statement on Auditing Standard (SAS) No. 99: Consideration of Fraud in a Financial Statement Audit that was supplemented by SAS No. 113 in 2006. The primary points of emphasis include enhanced professional skepticism, preaudit fraud brainstorming, interviews with management concerning the risk and existence of fraud, and how to design audit tests to address the risk of management override of internal controls.
SAS Nos. 99 and 113 emphasize that a material misstatement of financial information can result from fraud or error; intent will be the determining factor. Intent can be discerned by looking for evidence of concealment such as missing documents, altered documents, nonreconcilable items, misinformation obtained during management inquiries, and other indicators of concealment. Fraud—an intentional misstatement—can be achieved by (1) manipulation, falsification, or alteration of the underlying accounting data, records, and documentation; (2) misrepresentation or omission of events, transactions, or other significant information in the financial statements and/or related notes; or (3) intentional misapplication of accounting principles that guide the amounts, classification, presentation, or disclosure of financial information. Auditors need to be concerned about management override and also about the possibility of collusion, because both attributes are often observed as part of financial statement fraud. The auditing standard recognizes the fraud triangle and its elements of pressure, opportunity, and rationalization.
From there, SAS Nos. 99 and 113 can be summarized as involving eight steps in considering the risk of fraud:
In the context of an audit, the auditor invokes a materiality threshold. FASB 2 defines materiality as the “magnitude of an omission or misstatement of accounting information that, in light of the surrounding circumstances, makes it probable that the judgment of a reasonable person relying on the information would have been changed or influenced by the omission or misstatement.”12 Thus, the auditor must apply judgment related to materiality, and that judgment has an impact on the information presented in the financial statements.
Materiality is a relative concept. A misstated amount that would be immaterial to a large company such as General Electric could be large enough to wipe out the net worth of most small companies. An amount material to a small company would likely be ignored at a larger company, other than obtaining an understanding of the nature of the misstatement. Some of the key financial statement attributes used by auditors to determine materiality, include net income before taxes, revenues, gross profit, and assets. Further, the types of accounts (e.g., revenue, expense, asset, liability, and stockholder’s equity) can have an impact on the auditor’s judgment, as well as the dollar impact on a particular financial statement line item.
When establishing materiality, auditors also consider profitability trends over time, situations where companies are experiencing a loss, financial performance that places the company in proximity of violating loan covenants or regulatory requirements, and financial performance that is relatively close to management compensation appraisal and bonus hurdles. For example, if an auditee’s financial performance is such that management qualifies, but just barely, for annual bonuses and other short-term compensation, auditors are more likely to reduce their materiality threshold.
Similarly, company financial performance that just barely meets analysts’ expectations may give rise to changes in materiality levels for audit purposes. Further, auditors rely not only on financial assessments but also consider various qualitative factors, such as whether they have discovered fraud in prior audits or there are allegations of illegal acts or fraud.
Generally, illegal acts have no materiality threshold and require that auditors pay close attention to their nature and corresponding consequences to the company. For example, any violation of the Foreign Corrupt Practices Act (FCPA) may expose the client company to fines and penalties that may be material. The FCPA has far-reaching implications for a company because it’s not just management that can get a company into trouble. An FCPA violation may also cover employees at any level or in any position in the organization, as well as agents, consultants, distributors, related parties, and other third parties associated with the company. Also, there could be significant legal exposure in the foreign country where a bribe has occurred because the country could revoke licenses and, therefore, the ability of the company to operate within their jurisdiction. This may require the auditor to assure that there is adequate disclosure as to possible material outcomes.
The materiality amount—once established—is not set in stone for the duration of the audit engagement. Auditors may become aware of new facts or circumstances that may cause them to reassess and adjust materiality. After a preliminary judgment about materiality has been made, auditors will then allocate that amount to various balance sheets and income statement account balances. The process of allocation determines tolerable risk of material misstatement for that account balance. SAS No. 111 limits the tolerable misstatement for any particular account balance to less than 100% of total materiality.
“Earnings management” involves deliberate actions by management to meet specific earnings objectives, generally for private gain.13 An example of such an objective might be to enhance reported earnings to meet analysts’ expectations. Earnings management may also involve building reserves during “good times” so that those reserves can be reversed during more difficult financial times. Some companies may even take a one-time “bath” to capture as much negative financial impact in one year to protect future earnings. Income smoothing is a specific type of earnings management whereby revenues or expenses are shifted between periods to minimize naturally occurring year-to-year fluctuations in net income. By enhancing the predictability of the organization’s earnings stream, management believes that they can achieve higher market prices for the company’s stock.
Auditors have many challenges with regard to earnings management. First, auditors have a materiality threshold, and as long as a transaction or group of transactions do not cross the materiality threshold, generally, most earnings management would be judged immaterial (at least when considered within the context of the year under evaluation), and thus would not have a significant impact on the judgment of users of the financial statements.
Second, accounting principles and policies were designed to provide some degree of choice. Management is given this flexibility to avoid a one-size-fits-all mentality for financial reporting and to ensure that the financial statements reasonably reflect the underlying economics and performance of the business. Nevertheless, management can use this latitude to manage earnings, and as long as the choices are considered “GAAP-compliant,” the auditor has little basis for recourse. Similarly, accounting procedures often require the development of underlying estimates to support the numbers in the financial statements.
There is no perfect advice for auditors and forensic accountants in this regard, except that management may find itself on a slippery slope—an earnings management in one period may lead to fraud in the next. Any sign of deliberate efforts to manage earnings should be considered a red flag, and those performing the work should use their heightened sense of professional skepticism to be aware of other choices made by management, signs of management override (by carefully examining journal entries, estimates, and unusual transactions), and signs of collusion among the executive ranks. Managing earnings can be fraud, whether or not material. The primary issue is whether the independent auditor or forensic accountant has clear and convincing evidence that demonstrates that earnings have, in fact, been managed.
The board of directors and/or an audit committee, if one exists, has a primary responsibility to oversee management and direct the internal audit and the external auditor with regard to the organization’s internal controls over financial reporting and the company’s internal control processes. One of the central duties of the audit committee with regard to fraud and fraudulent financial reporting is to carefully assure—with the assistance of the organization’s internal audit structure—that management has adequately assessed the risk of internal control override or collusion among top-level managers and executives that may lead to asset misappropriation, corruption, or fraudulent financial statements.
The audit committee is an integral internal control mechanism with regard to management override and high-level management collusion. It is only by carrying out their responsibilities in concert with the internal and external auditors that management override and collusion can be detected and deterrence levels set high enough so that management’s likelihood of attempting either override or collusion is sufficiently reduced. Audit committees can signal their interest is this area by paying particular attention to the “tone at the top,” “mood in the middle,” “buzz at the bottom,” antifraud programs, and ethics training, as well as by instituting a zero-tolerance policy toward fraud.
Diligence by the audit committee with regard to their fraud-related duties serves as a significant deterrent to senior-level management fraud. An open line of communication between the audit committee, internal auditors, external auditors, C-suite management, and other levels of management sends a powerful signal about their interest and diligence in fulfilling their responsibilities concerning fraud. Audit committees also need to take steps to proactively investigate whistleblower tips and protect whistleblowers from retaliation by members of management.
Most audit committees have the authority to investigate any matters within the scope of their responsibility, including internal control deficiencies, concerns about the financial reporting process, suspected corruption, and alleged illegal acts. Audit committees generally have the right to retain legal counsel, investigators, forensic accountants, nonauditor accountants, and other professional advisors, as necessary, to carry out their duties. Fraud awareness and fraud risk assessment training are critical elements at the audit committee and board levels that aid audit committees in carrying out their antifraud responsibilities.
Properly organized, structured, and supervised, the internal audit group is in a unique position to detect and deter fraud. Their primary deterrent effect is related to the increased perception that fraud perpetrators will be detected. The main deterrent for fraud continues to be the fear of getting caught and the consequences that go along with it. An effective and empowered internal audit group can serve as a significant deterrent.
Whether internal audit can be effective with regard to financial statement fraud is somewhat determined by the role internal auditors play in an organization and to whom they report. Traditionally, internal auditors have supported both operations and the financial-reporting processes. Related to operations, internal auditors evaluate segment, product line, and division profitability, look for ways to improve internal productivity, and seek solutions to a myriad of other operational problems. In such roles, auditors often report directly to senior management with authority over a particular operation. Such reporting authority allows the internal auditor to be a mechanism for operational change.
On the other hand, in the financial reporting process, including the evaluation of internal controls, such a reporting structure reduces the ability of the internal auditors to offer criticism or make recommendations due to the established reporting lines. Thus, for internal auditors to be objective and unbiased in assessing the financial reporting process and evaluating the design and implementation of internal controls, they need to have a direct reporting line to the organization’s audit committee. In fact, internal auditors are no longer allowed to complete any work for the external auditor unless their reporting structure is such that they report to the audit committee. In such circumstances, internal audit has the authority and independence necessary to carry out their assigned duties. The NYSE requires that all listed companies have an audit committee, and that the internal audit function report directly to them. NASDAQ also has a similar requirement.
The Institute of Internal Auditors (IIA) has few standards on fraud and those are vague concerning the specific responsibilities that internal auditors may have. Statement on Internal Auditing Standards (SIAS) No. 3 indicates that internal auditors have responsibility for fraud deterrence and should examine and evaluate the adequacy and effectiveness of the system of internal controls, commensurate with the extent of potential exposure or risk in the various segments of the organization’s operations. During the detection phase of their work, internal auditors should identify conditions, red flags, and other symptoms that may be indicative of fraud. In addition, internal auditors need to be cognizant of the opportunities to perpetrate fraud, such as a lack of internal controls or the failure to observe them.
Upon discovering fraud, internal auditors have an obligation to notify management or the board of directors when the incidence of significant fraud has been established to a reasonable degree of certainty. If the results of a fraud investigation indicate that previously undiscovered fraud materially and adversely affected previous financial statements for one or more periods, the internal auditor should inform management and the audit committee of the board of directors. A written report should include all findings, conclusions, recommendations, and corrective actions taken. Finally, a draft of the written report should be submitted to legal counsel for review, especially where the internal auditor chooses to invoke client privilege. On November 12, 2007, the IIA in conjunction with the AICPA and the ACFE issued an exposure draft titled “Managing the Business Risk of Fraud: A Practical Guide.” The guide recommends ways in which organizational stakeholders—boards, managers, internal auditors—can fight fraud within their entities.
A major difference between auditors and fraud examiners is that most auditors merely match documents to numbers to see whether support exists and is adequate. Fraud examiners and forensic accountants who detect fraud go beyond ascertaining the mere existence of documents. They determine whether the documents are real or fraudulent, whether the expenditures make sense and whether all aspects of the documentation are in order.14
Matti et al.15 suggest that detecting financial fraud is a daunting challenge for banks and credit card companies due to massive amount of transaction data and a wide diversity of user behaviors. In their research note, the authors explore the benefits of social media crowdsourcing, in particular, the tweets, retweets and comments from the Twitter online social network for effectively detecting financial fraud events. The goal of their work is to develop a real-time system to explore social media crowdsourcing to detect financial fraud events. The system has four modules:
While the article ends by indicating that the authors are working to validate and improve the accuracy of financial fraud detection of their system, the author’s findings suggest that big data analysis using text sources, such as social media, shows promise for improving fraud detection efforts.16
Fraud detection is challenging to say the least. At a minimum, the perpetrator has attempted to conceal the activity (the act) from those around him or her. Further, financial statement fraud is often perpetrated through management override and collusion, which makes it even harder to detect. In most cases, asset misappropriation, corruption, and financial statement fraud last about twenty-four months from inception to conclusion. At some level, this observation reflects the nature of the average fraud and the average fraudster. Fraud perpetrators tend to be people who rarely ever stop.
In short, it may be difficult to be dishonest the first time; but once the fraudster crosses that line, he or she may never stop until caught. In addition, fraud perpetrators almost never save their stolen goods. This creates a necessity to continue perpetrating the fraud. Furthermore, fraudsters tend to get greedier and sloppier over time. Often, it is the sheer size of the fraud that ultimately takes the fraudster’s proverbial “house of cards” down.
By the very title of this topic, “fraud detection,” a fraud has already been perpetrated and is possibly ongoing. Thus, the internal control environment has either been ineffective or circumvented, possibly through collusion or management override. The important issue to note is that no matter how a fraud is perpetrated, the internal control fabric of the organization has been compromised, either because a necessary control does not exist, or a properly designed control has not been implemented effectively. Effective fraud detection is an attempt to identify the fraud as early as possible, in contrast to the optimal situation in which the fraud is prevented or deterred.
The key to detecting fraud is to know where to look and how to proceed. A targeted approach is necessary to improve the probability of discovering that a fraud has occurred or is occurring at the earliest possible moment. This makes sense since the average audit generates a large number of red flags, where the vast majority are explainable and not of concern. Anomalies are part of the day-to-day operations of most organizations and are often observed by auditors. As such, anomalous transactions and activities generate red flags in the underlying financial records and possibly the financial statements if the amount rises to the level of materiality. Sorting through the pool of red flags efficiently and effectively is the key to fraud detection.
The starting point for the antifraud professional or forensic accountant is an attitude of professional skepticism. Although outlined in auditing standards related to the traditional audit, such an approach applies to fraud and forensic accounting engagements as well. SAS Nos. 99 and 113 suggest that auditors approach audit engagements with an enhanced sense of professional skepticism.
Generally, enhanced skepticism has three defining elements. First, it includes recognition that fraud may be present. Second, professional skepticism is exemplified by a professionals’ attitude, an attitude that includes a questioning mind and a critical assessment of evidence. Thus, auditors need to be alert for red flags and other symptoms of fraud and “pull on all loose threads” to see if fraud may, in fact, be ongoing within an organization. Third, professional skepticism asks professionals to make a commitment to persuasive evidence to determine whether or not fraud is present. Professionals are expected to “go that extra mile” using evidence-based decision-making.
In addition, fraud detection techniques require that fraud and forensic accounting professionals pay particular attention to the possibility of concealment because concealment suggests deception. Concealment could entail: falsified, counterfeit, or altered documents; inappropriate general ledger activity; unauthorized journal entries (possibly without documentation and backup) or reconciling items that do not have backup and supporting documentation or the backup and support is fraudulent; or tax returns that do not reconcile to the GAAP-based books and records.
Notwithstanding the above, there are two major approaches to fraud detection. The first is to detect fraud through the identification of red flags, anomalies that ultimately point to problems underlying the foundations upon which transactions have been recorded or a financial statement has been based. The second is to detect fraud through a targeted risk assessment. Both of these approaches are interrelated and both rely on a thorough understanding of the types of schemes (fraud schemes and financial crimes) that might be perpetrated.
In fact, throughout the major scheme-based chapters of this text, not only are the schemes outlined, but also the red flags are presented. Further, the steps necessary to prevent and detect the schemes are also identified. All of this information is necessary to give antifraud professionals and forensic accountants the knowledge, skills, and abilities necessary to successfully detect fraud early in the process. Because red flags are so prevalent, and many times represent “false positives,” it is only a targeted approach that considers the risk of fraud, likely fraud schemes, and the expected symptoms that will prove to be successful for antifraud professionals.
Fraud detection is the first sign or symptom that a fraud has occurred. It is the process of discovering the presence or existence of fraud. Fraud detection can be accomplished through the use of well-designed internal controls, supervision, and monitoring, as well as the active search for evidence of potential fraud (fraud auditing and related follow-through). However, the results of fraud detection are only symptoms and are not conclusive proof of fraud. Furthermore, the first signs of fraud often do not meet the threshold necessary for predication (the totality of circumstances that would lead a reasonable, professionally trained, and prudent individual to believe a fraud has occurred or is occurring).
Thus, more work needs to be done to ensure that other explanations—non-nefarious explanations, such as human error—are not at the root of this particular symptom. With fraud detection, we continue to examine until the antifraud professional believes that the predication threshold has been met or that no fraud has occurred. Fraud detection may include proactive fraud auditing, results of data interrogation based on predetermined parameters, or it may be a reaction to an anomaly found by the internal control system that requires additional explanation. In short, initial fraud detection steps are the first of several steps toward concluding that predication has been met but are far from providing the evidence that will be needed to convince a jury that an actual fraud has occurred. That said, it is important to use a targeted approach when attempting to detect fraud to minimize the effort associated with false (fraud detection) positives.
The first step to detecting fraud is to build an understanding of the organization and the environment in which it operates. As a starting point, the performance of the overall economy and its effect on the industry and organization should be undertaken. Is the economy growing, stagnant, or shrinking, and what effect, if any, does the economy have on the particular industry and organization? For example, during the recession of the early 1980s, the overall economy had little noticeable effect on the fast-growing technology industry because the productivity gains being realized outweighed any problems in the underlying economy. In fact, those productivity gains necessitated faster investment in technology to avoid being left behind in a difficult economic climate.
With this in mind, an assessment of the industry should be completed. The overall performance of the industry can be a key indicator of expectations of the organization. If the organization under study is not following the trends posted in the industry, an explanation of why this is occurring needs to be developed. Within any economy and in any industry, there are always high-flyers and overachievers and there are also the laggards and underachievers. Some organization has to be first, and another has to be last. At the same time, there must be good business reasons for exemplary or inferior performance in an industry. Developing an understanding of the industry and how the organization under study compares is part of the fraud risk assessment that serves as a necessary basis for detecting fraud.
Similar to the overall industry, most organizations have one or two key competitors, similar organizations that compete in the same markets, for the same customers with comparable products and services. A comparison of those competitors to the organization under study serves as a basis for looking for environments where fraud may be occurring. This analysis considers geographic and other demographics. For example, the first decade in the 2000s was particularly difficult for Midwestern states such as Ohio and Michigan. Such a difficult climate may serve as the basis for a company to cook its books. At the same time, it may also serve as the backdrop for an employee or group of employees to commit fraud to maintain their lifestyles.
Finally, an evaluation of trends within an organization is required. Trends over time and across several different metrics including revenues, gross profits, and operating expenses, as well as assets, liabilities, and stockholders’ equity are important points. The analysis of these trends needs to be both horizontal across time and vertical within a particular year.
Each of these techniques may be applied to an organization as a whole, and also to specific units, divisions, and product lines within the organization. In fact, if an antifraud professional suspects an employee payroll scheme in a particular warehouse, the symptoms and the actual fraud scheme may only come to light through comparison of this warehouse’s operations to that of others in the same organization.
The purpose of this preliminary work is to develop a backdrop for evaluating the possibility of fraud. For example, consider the case in which a company claimed to be “put out of business by the actions of another.” The actions of the other company had supposedly started in July, two years prior, and carried on for approximately eighteen months.
This claim suggested at least two expectations: (1) the performance of the failed company should have deteriorated over the eighteen-month period and (2) the failed company should have appeared reasonably healthy prior to July of two years prior. The first expectation held—the company’s performance, in fact, deteriorated over the eighteen-month period, starting in July. The second expectation did not—the failed company was in terrible financial condition at the beginning of the eighteen-month period. This necessitated additional work to understand how the company came to be in such a poor financial condition eighteen months prior to the alleged act, and how this precarious starting point may have contributed to the failure.
To develop an effective approach to fraud detection, the second step is to develop an understanding of the control environment—the environment as opposed to the controls themselves. The control environment consists of the policies, procedures, actions, and other activities that reflect the overall attitudes and actions of the board of directors, the audit committee, and senior management concerning internal controls. Some of the attributes that should be considered include17:
The antifraud professional or forensic accountant is hoping to see a clear and unwavering commitment to a culture of honesty, openness, and assistance. Optimally, the company is
The company should also create a positive work environment with open door policies and a commitment to employee success. The company should have an up-to-date code of ethics or code of conduct that employees review and sign regularly to clarify expectations concerning honesty and other important attributes for employee and organization success.
To deal with perceived pressure, employee assistance programs offer personnel a place to go during difficult times. The company should not only expect its employees to be aware of its commitment to honest and ethical behavior, but it should also communicate its expectations to vendors, suppliers, customers, contractors, and others who do business with the organization. These communications, along with tip hotlines, create an environment in which whistleblowers feel free to call concerning matters of questionable behavior.
While the control environment is about openness and expectations, it also assumes that employees will be monitored, and fraud perpetrators will be caught and suffer appropriate consequences. Those consequences should be meted out regardless of the pressure or rationale behind such behavior. The primary goal of a good internal control environment is to minimize the opportunity to commit fraud, given sensible cost-benefit constraints.
While the above discussion suggests that the key to successful fraud prevention, deterrence, and detection is a solid control environment, missing or inadequate elements in an internal control system may increase the risk for fraud to occur. While it is impossible to prevent all frauds, a good control environment can mitigate the opportunities for fraud.
Red flags—symptoms of fraud—often go unnoticed or are not vigorously pursued. As noted in the Preecher and Hobson research discussed earlier in the chapter, even trained auditors benefit from a prompt to raise their awareness of the possibility of fraud. This is not surprising given the number of red flags observed and the fact that most are not indicators of fraud but are a function of the dynamic environment in which organizations operate. Nevertheless, red flags need examination until the evidence suggests that the anomaly is innocuous.
The red flags that can lead to a formal fraud investigation come from many sources and include tips and complaints, behavioral red flags, analytical anomalies, accounting anomalies, and internal control irregularities and weaknesses. Each of these, when observed, needs to be evaluated with additional evidence to make a determination concerning fraud. Some of the questions that need to be answered include:
Asking follow-up questions and resolving those questions with backup evidence is one of the keys to professional skepticism and a key to successfully uncovering fraudulent activity, whether asset misappropriation, corruption, or financial statement fraud.
The 2016 ACFE Report to the Nations survey results suggested that while “tips” are the most common detection methods, the fraud discovery method varied substantially between small organizations (i.e., those with fewer than 100 employees) and larger organizations. The starkest variation occurred with tips; small and larger organizations detected fraud via tip in 29.6% and 43.5% of cases, respectively. A flip observation occurred with regard to internal audit where the detection method was 12% for cases at small organizations, but 18.6% at larger organizations. Over time, when combined, tips and accidental discovery typically account for greater than 50% of all frauds detected. This supports the contention that organizations have an opportunity to improve efforts to actively seek out fraud acts and perpetrators. It also suggests that, like-it-or-not, employees, managers, co-workers, and colleagues outside the company—those closest to the day-to-day operations—are in the best position to detect and report fraud.
This also reinforces why the control environment is so critical to fraud detection. Without an obvious commitment to fraud detection, prevention, deterrence, and remediation, some frauds are likely to go unreported and undetected. These frauds would be far more costly than if they were discovered and resolved earlier in the process.
These findings are logical. If fraud occurs, and the control environment and specific prevention controls fail, employees, co-workers, managers, and others who interact with the fraudster daily, weekly, or monthly, are more likely to observe suspicious behavior. If they don’t report it, we are left with other fraud detection methods that are more time-consuming, often less timely, and sometimes more invasive, to discover the fraud. It should be noted that many times tips and complaints are false. At least one highly recognizable organization was noted as closing down their fraud hotline because most calls were bogus and the tips were often made for purely vindictive reasons—to try to get an innocent person in trouble.
Another concern is that employees, who suspect someone of doing something wrong or observe suspicious activity, may not report it for fear of getting someone in trouble. Knowing for certain is almost an impossible standard, and in some cases, the suspicious employee is fearful of being labeled a tattletale. The person may even be afraid of retaliation by the suspected perpetrator. For these reasons, some employees, who know of wrongdoing, do not come forward. The main lesson for companies is to make reporting suspected fraud easy and anonymous.
The whistleblower needs to be able to feel safe and secure while providing the organization with the needed information. One alternative is to leave a tip on a fraud hotline. This approach is much more likely to be successful if an employee feels that the overall environment is one in which a report of fraud and unethical behavior will be acted upon. The employee should always feel that going to a supervisor or manager is an option, but sometimes hotlines are a better alternative. The key to successful tip hotlines is to ensure that the tipster provides sufficient detail so that the situation can be examined. In this regard, some hotlines are often managed by third parties who have the expertise to collect enough facts to initiate an examination. This helps employees feel secure in their anonymity and allows the third party, through an interview-style inquiry, to ensure that all the necessary details have been gathered.
Behavioral anomalies are exhibited in lifestyles and unusual behaviors. As suggested by the fraud triangle, many people who commit fraud do so, initially, as a result of pressure. Beyond pressure, they then evaluate the perceived opportunity for success, followed by a necessity to rationalize their actions. For many, pressure comes in the form of money or greed. They live a lifestyle beyond what their resources could obtain or achieve through legal methods, or have found themselves in a precarious financial condition due to previously living beyond their means.
Lifestyle symptoms can be observed as expensive cars, homes, boats, jewelry, clothing, and other material possessions an employee could not, or should not, be able to afford. As noted above, few perpetrators save what they steal; most spend their ill-gotten gains almost immediately. This psychological observation makes sense: those who can delay the gratification associated with their purchases need not steal because they can wait. Assuming that managers, employees, and coworkers pay attention, lifestyle red flags are relatively easy to spot. Just as easily, fraudsters often have a quick explanation: a recent inheritance, winning the lottery, a promotion by a spouse, and so forth. Once identified, these explanations are easily examined for accuracy, veracity, and completeness.
A second nonaccounting red flag revolves around unusual behaviors. Fear of getting caught and the ramifications associated with that fear cause anxiety and the person tends to act differently. The underlying cause may be guilt or fear, but either way, stress is created. That stress then causes changes in the person’s behavior. Such changes may include insomnia, alcohol abuse, drug abuse, irritability, paranoia, inability to relax, inability to look people in the eye, signs of embarrassment, defensiveness, argumentativeness, belligerence, confession to a trusted confidant, attributing failure to others (scapegoats), excessive smoking or starting smoking, and other anxiety-based symptoms.18 These symptoms are similar to those associated with when a person or loved one suffers from a health or job-related crisis. Unless the person is willing to talk, it can be difficult to discover a fraud from these clues alone. Still, when combined with other financially based red flags, this can be one more piece of evidence to track down what is going on and who might be associated with the fraudulent activity.
Analytical anomalies are transaction or financial statement relationships that do not make sense. For example, one may notice transactions that are too small or too large when compared to normal activity; it’s often about patterns and breaks in patterns. Some analytical anomalies include:
Anomalies may also include strange relationships. Some examples include
Revenues increasing | But inventory decreasing But accounts receivable decreasing But accounts receivable increasing at a greater percentage But decreasing cash flows from operations |
Inventory increasing | But accounts payable decreasing But decreasing warehouse costs |
Increased volume | But increased cost per unit But decreased scrap19 |
Analytical anomalies are common in many organizations, including those in which fraud is not present. Nevertheless, these preliminary symptoms of fraud should not be ignored and should be diligently pursued until fraud is discovered or a conclusion of no fraud is warranted based on the totality of the evidence.
Accounting anomalies are unusual activities that seem to violate normal expectations for the accounting system. For example, a fraud examiner may notice transactions being recorded in odd ways or at odd times during the day or month. In some cases, a transaction may be recorded by a person not expected to record such a transaction. For instance, the Chief Financial Officer may be logged as posting routine journal entries to Property, Plant, and Equipment accounts on a Sunday evening when these transactions are normally recorded by a clerical employee during regular business hours.
In some cases, irregularities in documentation may be observed. Some of these include:
Irregular or undocumented journal entries are another accounting anomaly that may be observed. Also, unusual entries that reduce a liability while simultaneously increasing a revenue account are red flags that should be investigated. Journal entries may be a method fraudsters use to effect management override; unusual or problematic journal entries should be closely scrutinized. This includes journal entries with little, incomplete, or missing backup. Journal entries of concern are those created by members of senior management, journal entries recorded by a person who does not have the required authority, or entries for which requisite approvals are missing. The following are some basic journal entry techniques for “cooking the books.”
Fixed Asset | $350,000 | |
Cash | $350,000 |
This journal entry, although completely bogus, appears to be a normal acquisition of property, plant, and equipment.
Accounts Receivable | $350,000 | |
Sales | $350,000 |
The second journal entry, also bogus, looks like a normal sales transaction on credit.
Cash | $350,000 | |
Accounts Receivable | $350,000 |
This third bogus journal entry looks like a normal cash collection of accounts receivable.
Because all three journal entries are completely fictitious, let’s see what’s left:
The bottom line here is that through a series of seemingly reasonable, yet bogus, journal entries, fictitious sales have been recorded through the fictitious acquisition of property, plant, and equipment. The problem is that sales are not normally recorded through journal entry, unless it is a typical month-end accrual entry. Further, none of the journal entries would have proper documentation or backup or would require fictitious support. In addition, the bogus journal entries are likely to be recorded by someone who normally does not post journal entries to the general ledger.
Cash | $500,000 | |
Sales | $500,000 |
In year 1, a company is paid $500,000 for work completed on a contract near year end. The journal entry to record the sale is consistent with generally accepted accounting principles; however, also in year 1, the company incurred expenses of $350,000 to fulfill the contract. Those expenses were paid in cash (via check) in year 2, and no accrual was recorded in year 1.
Year 2—Recognize expenses related to Year 1 contract | ||
Operating Expense | $350,000 | |
Cash | $350,000 |
Year 2—Awarded new contract | ||
Cash | $750,000 | |
Sales | $750,000 |
In year 2, the year 1 expenses are recorded. In addition, the company obtains and completes a new contract in year 2 but does not accrue any of the $450,000 of related expenses. The overall result of these three transactions is that year 1 income has been overstated by $350,000 and year 2 income has been understated by the same amount. Further, year 2 income has been overstated by the failure to accrue year 2 expenses of $450,000. Thus, the net effect on year 2 is an overstatement of income in the amount of $100,000. In this case, all of the transactions have proper documentation, but the expense transactions have been recorded in the wrong period, resulting in overstated income in years 1 and 2.
Year 1—The proper accounting is to accrue normal period-end expenses | ||
Operating Expense | $500,000 | |
Accounts Payable | $500,000 | |
Year 1—However, no journal entry was made to accrue year 1 expenses |
The net effect here is an overstatement of year 1 income of $500,000 and an understatement of income in year 2 by the same amount.
Year 1—The proper accounting is to accrue period-end expenses | ||
Operating Expense | $500,000 | |
Accounts Payable | $500,000 |
Year 1—Instead of accruing the amount to expense, the amount was capitalized as a fixed asset | ||
Fixed Assets | $500,000 | |
Accounts Payable | $500,000 |
The net effect in Example 4 is an overstatement of year 1 income of $500,000, and an understatement of income in future years as the fixed asset is depreciated.
In years gone by, it was possible for the general ledger not to balance, meaning that debits did not equal credits, and assets did not equal liabilities plus stockholders equity. In this day and age, most computerized accounting packages prevent one-sided and unbalanced journal entries from being recorded; however, professional skepticism requires the fraud examiner to test this assumption for veracity. Further, unbalanced entries are a real possibility in manual accounting systems and those maintained in spreadsheet software, such as Excel. In electronic accounting software packages, it is far more likely that the general ledger subsidiary ledgers and other supporting documentation do not agree with, or reconcile to, the total reflected on the general ledger (and in the financial statements).
This is because many assume that most of a company’s information systems (e.g., distribution, store operations, purchasing, inventory management, marketing, etc.) feed directly into the general ledger and other aspects of the accounting system, but that is often not the case. It is common that payroll systems, marketing systems, inventory records, and accounts receivable details are independent of the main accounting system. As such, it is important to examine the underlying supporting details to ensure that the amounts agree with, or reconcile to, the general ledger totals. In addition, tests of the details need to be performed. This may include observation of physical inventory counts; confirmations with banks, customers, suppliers, and vendors; and other methods to verify that the supporting detailed records are accurate and supported. Third-party independent verification is the best evidence unless persons in the third-party company are colluding with individuals in the organization under review.
The internal controls necessary to safeguard assets and maintain the integrity of the financial reporting processes are beyond the scope of this text. Most companies of reasonable size often have several accounting information modules (possibly, independent systems), including the following:
Additional controls are also required for prepaid assets; intellectual property; the acquisition, maintenance, and payment of short-term and long-term debt obligations; as well as others. Each of these processes, from the inception of any transaction through transaction completion, and its proper reflection in the audited financial statements, has many steps. Each step has controls in place to ensure that the transaction (underlying activity) exists, is complete (detailed supporting documentation), accurate (properly valued), classified properly, recorded in the proper period, and posted and summarized properly in the financial statements (these are otherwise known as management’s assertions concerning the attributes of amounts presented in the financial statements).
These controls not only safeguard the assets and facilitate accurate financial reporting but are also integral to running an effective and efficient operation. They ensure that (1) customers receive high-quality goods and services and (2) vendors, suppliers, and employees are paid accurately and on time. The Sarbanes-Oxley Act of 2002, particularly section 404, puts considerable emphasis on the system of internal controls. Management is responsible for the system of internal controls, including their design, implementation, and maintenance. Auditors must test management’s assertions concerning the existence and operational effectiveness of that system of internal controls.
The normal internal control environment is expected to have several control activities, including:
While these characteristics are commonly presented in auditing texts and the auditing literature, from a fraud perspective, internal controls have at least three different objectives. The first line of defense related to internal controls is to prevent fraud. Fraud prevention refers to creating and maintaining an environment in which fraudulent activities are improbable or reduced to an acceptable level of risk of fraud and/or illegal activity.
Along a similar vein, fraud deterrence involves creating an environment in which fraud is less likely to occur (e.g., by encouraging whistle blowing through hotlines). Fraud deterrence creates an environment in which organizational stakeholders are discouraged from committing fraud. This is usually accomplished through a variety of efforts associated with internal controls and ethics programs that create a workplace of integrity, as well as by encouraging employees to report potential wrongdoing and promoting any actions that increase the perceived likelihood that an act of fraud will be detected and reported. Fraud deterrence can also be achieved through the use of continuous monitoring and auditing software tools. It is enhanced when potential perpetrators recognize that they will be punished when caught.
Fraud detection is the process of discovering the presence or existence of fraud. Most often, this can be accomplished through the use of well-designed internal controls, supervision, monitoring, and the active search for evidence of potential fraud (e.g., fraud auditing).
Some internal controls are meant to prevent fraud, and this aspect is often the main focus that accountants place on internal controls. Nevertheless, the second goal of internal controls—fraud deterrence—creates the perception of detection, whether real or perceived, and is critical, given that the number of controls required to prevent every type of fraud would cost far more than the potential benefits achieved.
Finally, internal controls also need to be focused on fraud detection. This is the central goal of internal control area five—independent checks on performance. These independent checks, even if on a periodic or somewhat random basis, are designed, not to prevent fraud, but to deter and detect fraud. Therefore, the fraud audit professional needs to consider and document those controls related to the prevention of fraud, and also those controls that increase the “perception of detection” and thus act as deterrents. Because independent checks are often periodic or random, it is precisely those checks that may not be operational, even though they have been designed and documented.
Let’s consider the example of the fraudster who cooked the accounts receivables, not to steal the money for himself, but to keep his job. Because this individual wanted to keep his job within the organization, he “adjusted” the accounts receivables using credit memos in advance of meetings with the CEO, sales manager, and controller to enhance the perception of his effectiveness in the collection of those receivables. After the meeting, he restored the accounts receivable amounts by reversing the credit memos with debit memos. Eventually, he hoped to find the time to make collection calls and get the customers to pay their accounts. The pattern of his fraud was clear and distinct in the credit and debit memo records.
The shortcoming in the company’s internal control structure was not in the design—all accounts receivable debit and credit memos required supervisory approval—but rather in the implementation. Case evidence showed that legitimate credit memos had been written up for management approval and had the appropriate sign-offs; however, the weekly credit meeting “adjustments” were not approved or signed-off. The internal control procedure that was intended to act as an independent check was properly designed. The controller or CFO was supposed to review the accounts receivable system to ensure that all debit and credit memos were approved. Although this was part of the internal controls design for 3 1/2 years, the procedure had not been operationalized. This lack of independent check cost the company approximately $1 million in accounts receivable write-offs. The moral of the story: Fraud examiners need to pay as much attention to the implementation of internal controls that act as independent checks as they do to the design of those controls to prevent fraud.
Fraud examiners must document the system of internal controls to the level of detail necessary to complete their work. Assuming that the fraud examiner is using a targeted, red flag, scheme-oriented approach or a targeted, risk assessment, scheme-oriented approach, the documentation of the system of internal controls in and around the area of investigation is an integral step in fraud detection. The fraud examiner is looking for weaknesses in the design, or deficiencies in the implementation, of the internal control system. Further, the antifraud professional will also need to be aware of the possibilities of management override and/or collusion. Internal controls cannot prevent management override or collusion, but a properly designed system of internal controls with independent checks includes detection controls that alert the proper individuals when anomalous situations occur.
Some typical internal control weaknesses include:
Fraud examiners need to use not only data generated from the financial accounting systems but also data from surrounding operational systems. The Internal Revenue Service’s Fuels Excise Specialists will tell you that they spend as much time auditing the inventory, chemical processing, and distribution data as they do investigating the data generated from the subject organization’s accounting system because fuels involve precise chemistry.
Thus, the managers working with the fuels cannot afford to have their nonaccounting systems corrupted with fraudulent data because of the effect on the quality of the product and the impact on end users (i.e., customers). The power of using nonfinancial data to corroborate financial information cannot be understated. Nonfinancial numerical performance data (numbers) may also prove valuable and include:
The foundation behind the use of nonfinancial numerical information is that the world revolves around quantities and prices. By breaking down the sum totals for a series of accounting transactions into prices and quantities, a fraud examiner now has two additional pieces of data to evaluate. First, he or she can analyze the quantity. Does the total quantity make sense? How does it compare to other periods, divisions, nonfinancial system’s data, and so forth? How does it compare to prior periods? How does it compare to budgets or other data that serve as reasonable expectations? How does it compare to total capacity for the company under study? Similarly, the price per unit can be examined for reasonableness. Does the average price per unit make sense? How does the price compare to the average market price for the period and to other companies in the industry? How does the price compare to prior periods? How does the average price compare to published price lists for the company under study?
The nonaccounting systems information and nonfinancial numerical data are then used to correlate with, or reconcile to, the numbers represented in financial statements, and tax returns. Generally, any data generated outside of the financial accounting system will serve as a starting point for analysis and reconciliation. This does not mean that nonaccounting and nonfinancial numerical data are never tainted, but if it is also impacted by the fraud, then the number of perpetrators involved expands to include persons beyond accounting. The theory is that, in general, the nonaccounting and nonfinancial data are generally not corrupted because companies always want to maximize operational performance. As such, operational managers need accurate and timely data to manage their portion of the business. If nonaccounting and nonfinancial numerical data cannot be reconciled to the related data in the financial systems, or the data are not correlated, additional examination is warranted.
It is impossible to provide a complete list of all the red flags that may be observed when trying to detect fraud. Each fraud will have some unique attributes, and thus the related red flags will also be somewhat unique. Therefore, when considering red flags, it is important to think about the red flag in the context of the circumstances.
It is critical to use evidence-based decision making to draw a conclusion that fraud is likely, or that this anomaly has another reasonable explanation. It is important to use evidence to see if you can develop other reasons for the suspicious activity.
In relation to observed red flags, the fraud examiner should consider possible motivations of specific individuals who might be involved. Each of the following should be documented:
While interviewing for information gathering purposes is examined in a separate chapter, interviewing is also a critical tool in the risk assessment process. In a 2007, Journal of Accountancy article, Dr. Joseph Wells and John Gill, J.D., CFE and ACFE Vice President—Education, suggest 15 questions to obtain a preliminary sense of an organizations vulnerability to fraud as follows:
While these questions are not stated explicitly below, data collected during interviews are an integral part of developing a risk assessment using a targeted approach.
Targeted fraud risk assessment starts with a foundation of solid knowledge, skills, and abilities in the areas of fraud detection and investigation. Further, the antifraud professional or forensic accountant must have a thorough knowledge of the various types of schemes used to perpetrate asset misappropriation, financial statement fraud, corruption activities, and financial crimes, such as money laundering. They should be able to answer some basic questions, such as:
By understanding the attributes of different fraud schemes, the fraud examiner is armed with a foundation upon which he or she can develop a targeted fraud risk assessment. When evaluating an organization, its industry, its key competition, its management structure, and its control environment for certain schemes, some will be more likely to show up than others. As noted in the red flag discussion, a typical audit of a large company may generate hundreds of red flags. What should an auditor do to address them? Using a targeted fraud risk assessment approach, some red flags (symptoms of fraud) are much more significant than others and, as such, should be given more attention.
Likewise, clusters of red flags become valuable in the sense that where there is smoke, there is (usually) fire; therefore, where there is a lot of smoke, the likelihood of fire increases dramatically. Similarly, if there is a cluster of red flags, it increases the likelihood of a particular scheme’s existence.
Also integral to the targeted fraud risk assessment methodology are a few overarching questions:
Table 8-1 lists examples of recent fraud schemes. The fraud examiner categorizes schemes in three ways:
TABLE 8-1 Examples of Recent Fraud Schemes
|
|
Thus, the fraud examiner has a specific assessment of which accounts are most susceptible to manipulation, the likelihood of manipulation (remote, reasonably possible, or probable), and the magnitude of the likely scheme (inconsequential, more than inconsequential, or material), paying particular attention to accounts with high inherent risk (e.g., reserves, allowances, permanent impairments, etc.) and high control risk accounts. For example, in the area of revenues some of the preliminary questions might include the following:
Targeted fraud risk assessment is consistent with the PCAOB’s Auditing Standards Nos. 5 (AS5) and 12 (AS12) and requires a top-down approach. First, the fraud examiner assesses fraud risk factors such as industry, competition, historical performance, management philosophy, and possible pressure concerns, as well as geographic considerations. Then, the fraud examiner determines the fraud risks: which accounts would likely be utilized (revenue, expenses, liabilities, assets)? And further, which schemes could be used to perpetrate a fraud, including those who might be involved in the scheme?
The targeted fraud risk assessment approach assumes that there should be a direct relationship between the level of risk associated with a material weakness in a company’s controls and the amount of attention devoted to that area during an audit. Further, an account can be significant, based on the assessment of the risk that the account could contain misstatements that individually, or when aggregated with others, could have a material impact on the financial statements.
An overview of the fraud risk assessment process includes the following components:
The following ten-step approach implements the targeted fraud risk assessment:
Step 1 evaluates the economic, operating, and competitive environment, as well as the overall control environment. Step 2 includes the identification of key business processes including sales, accounts receivable collections, personnel, payroll, procurement (acquisition), accounts payable, cash disbursements, inventory, warehousing, distribution, capital asset acquisition (including maintenance and depreciation), cash accounting and control, licensing, intellectual property, investing, information and technology, marketing, and research and development. Step 2 also requires the fraud examiner to consider differences in the processes identified between local and foreign operations, as well as among subsidiaries or decentralized divisions. Some of the considerations include legal requirements across the various jurisdictions, cultural differences, staffing (expertise, experience, training, duration with the organization, etc.), processes for the approval of independent agents and contractors, the competency of management and supervisors, and the function of the operation within the organization.
To complete Step 3, the fraud examiner must identify the “process owner” for each of the identified processes within each major jurisdiction and/or operation. The process owner may be a senior level executive, subsidiary president, regional president, vice president, manager, or supervisor. The process owner is that individual who has the day-to-day authority and ability to alter standard operating procedures (management override) to accomplish the goals and objectives of the organization. Of course, being in a position to override normal operating procedures also places that person in a position in which he or she can alter those same procedures for personal benefit.
Step 4 requires an assessment of the organization’s history with respect to fraud, as well as experiences at lower levels of the organization and by process, geographic locale, and within specific jurisdictions. The fraud examiner needs to ask the following questions:
Step 5 investigates potential responses to the question, what could go wrong? This step requires process owners and their sub-process owners, in conjunction with the fraud examiner, to identify how fraud may occur in the respective process at each location using brainstorming techniques. The brainstorming process should focus on fraud risk factors by process, locale, and jurisdiction. Also, consideration should be given to fraud risks and fraud schemes that could be perpetrated and would be likely (probable) and significant (of large financial magnitude). Participants in the brainstorming process should identify control activities that would mitigate the identified fraud schemes, but only after the schemes have been identified and their likelihood and significance have been determined.
Only those schemes that are significant and likely should be evaluated to determine whether they are mitigated by control activities. Fraud risk assessment, after considering mitigating controls to prevent, deter, and detect fraud, leaves a remainder: residual fraud risk. Residual fraud risk includes those fraud schemes that are not adequately mitigated by control activities and, as such, requires a fraud audit response. In that context, management override and collusion are only subject to fraud detection; in general, they cannot be prevented. Thus, the risk of management override and collusion are always residual fraud risks and require a specific audit response, if detection control activities do not exist.
In Step 6, the identified parties who have the ability to commit the potential fraud need to be examined more closely. At this point, the fraud examiner needs to consider the elements of the fraud triangle: pressure, opportunity, and rationalization. Further, the fraud examiner needs to specifically consider the three categories of fraud discussed above. Individuals who are in a position to commit asset misappropriation, corruption, and financial statement fraud may include process owners, employees, agents (particularly in foreign countries), independent contractors, competitors, customers, vendors, and licensees.
During Step 7, process owners and the fraud examiner use the following descriptions to evaluate the likelihood that each of the identified frauds could occur: remote, reasonably possible, and probable. For each potential fraud, the following questions should be considered:
Management should address those fraud risks that have more than a remote likelihood of having more than an inconsequential effect on the company’s financial statements. The auditor should evaluate all controls specifically intended to address the risks of fraud that have at least a reasonably possible likelihood of having a material effect on the company’s financial statements. The fraud examiner needs to make an assessment based on the scope of the engagement.
Step 8 requires the determination of the level of mitigation to prevent, detect, and deter each fraud scheme deemed significant and likely.
Note that these areas are consistent with COSO’s five elements of internal controls: control environment, risk assessment, control activities, information and communication, and monitoring.
Step 9 requires the fraud examiner to investigate the characteristics of potential fraud manifestations within each process identified in which “residual fraud risk” exists:
In Step 10, the fraud examiner needs to reassess and quantify fraud risk given the findings from Steps 1–9. The fraud examiner needs to evaluate the results of the investigation and extrapolate each fraud manifestation over the entire population of possibilities, because the frauds that have been detected may be just the tip of the iceberg.
Table 8-2 includes two examples of targeted fraud risk assessment in actions: revenue “round-trip” transactions and revenue “bill and hold” schemes.
TABLE 8-2 Targeted Fraud Risk Assessment in Action
Fraud Risk | Revenue—“Roundtrip” Transactions—Inflating revenues |
Revenue—Bill and Holds |
Step 1. Identify, understand, and evaluate the company’s operating environment and pressures that may exist. | ||
Operating Environment | The economy has been relatively weak with virtually no growth. The industry has been soft and generally follows the overall economy. The organization’s primary competitors have reflected generally poor performance in the prior eight quarters of reported earnings. Despite the recent weak performance, the industry is considered healthy, and the balance sheets of most competing organizations do not suggest a high risk of bankruptcy. | |
Possible Pressures | Despite some negative financial press concerning operational issues, particularly with regard to the organization’s ability to tap into the Chinese market, the stock market has evaluated this company as positioned to outperform in the next four quarters. Most of the organizations’ main competitors have been evaluated as below average expected performance. | |
Step 2. Identify the business processes | ||
Process | Sales and Collection Cycle | Sales, Inventory, and Collection Cycle |
Jurisdictions and Level of Control | The company sells product in the United States and China. Each jurisdiction has a regional vice president that reports to the Chief Operating Officer (COO). The COO reports to the CEO. The regional vice presidents have operational autonomy with respect to day-to-day operations (decentralized). The COO and CEO mainly concentrate on strategies for growth over the next two to five years. Operations in both the United States and China have regional accounting controllers. The organization has a corporate controller and a Chief Financial Officer (CFO). | |
Step 3. Identify the “process owner” for each of the identified significant processes | ||
Process Owner | Regional Vice Presidents | |
Process Subowner | Regional Director of Sales and Marketing | |
Related Accounting Areas | Sales audit, inventory control, accounts receivables | |
Journal Entry Control and Authority | Journal entries are initiated at the regional level. The corporate controller must approve the journal entry. The CFO has the ultimate approval, responsibility, and authority | |
Step 4. Review past fraud experience within the company for the process being evaluated | ||
Past Fraud Experience | None noted | None noted |
Step 5. Identify how fraud may occur in each process at each location using fraud brainstorming techniques (Note: the risk of management override is evaluated separately and is not considered in this targeted fraud risk assessment) | ||
Cause of Fraud | Recording transactions that occur between two or more companies for which there is no business purpose or economic benefit to the companies involved in order to inflate revenues | When products have been booked as a sale but delivery and transfer of ownership has not occurred as of the date the sale recorded. The customer is not ready, willing, or able to accept delivery of the product at the time the sale is recorded. The customer may or may not have requested a bill and hold arrangement |
Step 6. Identify the parties who have the ability to commit the potential fraud | ||
May Involve | CEO, COO, regional vice president, and sales personnel. May or may not involve accounting personnel. | CEO, COO, CFO, regional vice president, other executives, customer, credit manager, sales personnel, inventory manager/personnel. Most likely must involve accounting personnel. |
Step 7. Evaluate the likelihood that each of the identified frauds could occur and be significant as well as the persuasiveness of the potential fraud, without consideration of controls | ||
Significance | More than inconsequential, particularly in the Chinese operating environment because of a recent history of product defects. | Inconsequential due to the fact that demand currently outstrips supply. |
Likelihood | Probable in China; reasonably possible in the United States | Remote in both China and the United States |
Pervasiveness | Risk is related to revenue, sales returns and allowances, and A/R accounts | Risk is related to revenue, sales returns and allowances, and A/R accounts |
Step 8. Consider the likely methodology to commit and conceal the fraud to determine the level of mitigation so as to prevent, detect, and deter the fraud. The result is a determination of the existence of “Residual Fraud Risk.” | ||
Mitigating Control Activities |
|
|
Mitigating Control Environment |
|
|
Determine Level of “Residual Fraud Risk” | The residual fraud risk was evaluated as potentially material. This is considered a collusive fraud and thus prevention controls would be expected to have minimal impact. Since the likelihood, significance, and pervasiveness were considered high, additional audit work was performed. | Due to the likelihood, significance, and pervasiveness being evaluated as low, combined with the mitigating controls and environment, the residual fraud risk was considered minimal. |
Step 9. Determine the appropriate audit response and investigate the characteristics of potential fraud manifestations within each process identified, where “Residual Fraud Risk” exists | ||
Additional Audit/Investigational Procedures | In response to the high residual fraud risk, internal audit confirmed in writing directly with customers the amounts, dates, and shipping terms for all sales transactions, as well as the current A/R balance and items such as the payment due date, the details of any right of returns, unrecorded terms and conditions, and any outside agreements not contained in the original written agreements. No exceptions were noted during these expanded procedures. | None required, and the normal audit procedures in the area of revenues, inventories, and A/R did not reveal any changes to the above assessment. |
Step 10. Remediate fraud risk schemes by designing control activities to mitigate the unmitigated fraud scheme risk | ||
Remediation | Recommending that internal audit regularly confirm with customers, not only account balances and transactions but also payment due date, the details of any right of returns, unrecorded terms and conditions, and any outside agreements not contained in the original written agreements | None required |
Ben Dickson in an article titled, “3 Ways Artificial Intelligence is Changing the Finance Industry,” states that that machine learning algorithms, software that self-improves as it is fed more and more data, is at the heart of the Artificial Intelligence (AI) revolution. The author finds that in the area of finance, AI is influencing fraud detection, banking chatbots, and algorithmic trading. With regard to fraud detection, as e-commerce has risen in popularity, so has online fraud. At one end of the antifraud spectrum is aggressively declining suspected transactions; yet, the author highlights the findings of Javelin Strategy whose research suggests that as much as $118 billion is lost by retailers due to legitimate transactions that were wrongly rejected. In one example of AI’s fraud detection efforts, Dickson highlights efforts by Mastercard to move away from declines based on companywide, predefined rules, toward a system that considers historical shopping and spending habits of individual cardholders, to develop a behavioral baseline against which the systems compares each new transaction. As such, rather than evaluating each transaction against company or industry “one-size-fits-all” norms to identify anomalies, each cardholder’s transactions are uniquely evaluated based on the characteristics of the cardholder. With billions of transactions each year, Mastercard has lots of historical data from which the AI system can learn. While AI is still in its infancy as a technological tool for fraud detection, and faces numerous challenges including legal, ethical, economic and social, preliminary work suggests that AI has potential to contribute to antifraud efforts.24
We have all heard horror stories by fraud examiners of computer tests that result in the identification of hundreds, thousands, and possibly even millions of anomalous transactions that require further review. At these times, fraud examiners and investigators feel like throwing up their hands in frustration due to the sheer volume of exceptions. The main problem is that a targeted approach for the assessment of red flags or a targeted fraud risk assessment was not made in advance. As such, the digital assessment was also not targeted.
In an electronic environment that captures a huge amount of transactions annually, many transactions and data relationship anomalies appear to be a potential fraud or error. To utilize the computer environment effectively, the targeted fraud risk assessment process must be completed. This process will yield the highest probability of frauds that might manifest themselves and have a large enough magnitude to make a significant impact. Red flags and anomalous relationships require evidence to determine whether a fraud is ongoing, has occurred, or is not, and never happened. It is only by using a laser or rifle-shot approach that digital tools and techniques can be effective in preventing, deterring, and detecting fraud.
Early in the millennium, an acronym related to fraud and forensic accounting in a digital environment was created—CAATTs, computer-aided auditing tools and techniques. CAATTs are used for data extraction and analysis. Recently, the terminology has morphed to use terms such as big data and data analytics. No matter the moniker, auditors, and other antifraud and forensic professionals often make use of these massive datasets for testing the information systems control environment, as well as performing detail tests of transactions, totals and subtotals. Information systems and related technology, including the financial accounting system, are integral to an organization’s success; they provide timely and essential information to facilitate achieving strategic objectives. These systems provide the information necessary to execute strategy and to achieve operational goals and objectives.
Because information is a key to the successful operation and execution of strategy for any organization, information systems technology is central to many organizational transactions, beginning at a transaction’s inception. If we use an electronic purchase order for inventory, as an example, this transaction flows through the information system to digitally capture the receipt of the merchandise at a warehouse facility, payment via the cash disbursement system, and tracking through the inventory and merchandising systems. Some of these systems are part of, or modules within, the accounting information systems, while others are periphery or separate and distinct information systems outside the normal accounting systems. In either case, this information is integral to producing fairly stated financial statements and strong systems of internal control.
A major challenge for the fraudster is to conceal their nefarious activities, given that so much information is captured electronically and is available to monitor their activities during and after the perpetration of a fraud act. Electronic storage is relatively inexpensive, and information systems store and manage this data. This means that the fraudster risks detection during the fraud act and as long as the data are stored. Stored data can be used to trace transactions, document approvals, and exceptions, as well as provide evidence of system override. This stored data can also be used with data mining software such as Access, ACL, or IDEA, SAS, and other statistical and analytical packages, which allow a large amount of data to be evaluated quickly for symptoms of fraud, and provide evidence of the fraud act or concealment of the fraud.
The importance of information systems as a mechanism for fraud prevention, deterrence, and detection cannot be overstated. The value of these information systems to generate red flags for further investigation, to reconstruct actual data flow, and to provide a strong evidence trail is also of considerable value to the fraud and forensic specialist. That said, the most challenging issue regarding fraud detection is the potential for an overwhelming number of fraud symptoms (i.e., red flags). Once preliminary symptoms are observed and documented and the predication threshold has been met, the information systems serve as an important tool in the examination process.
Additional discussion of fraud and forensic tools and techniques in a digital environment is presented in a separate chapter. The key to successful fraud detection and investigation using digital tools and techniques requires a targeted approach. The fraud examiner or investigator must have a sense of what could go wrong, what did go wrong, and how it might manifest itself in the information systems. This requires an understanding of the schemes, the industry, the organization, its IT control environments, its history of fraud, and other items outlined in the previously listed steps to develop a targeted risk assessment. With this foundation, the antifraud professional has a place to begin the fraud examination or financial forensic engagement.
We have eight types of assignments for instructors to choose from:
Read the following articles or other related articles regarding the Satyam case and then answer the questions below:
Kahn, Jeremy, New York Times, “Founder of Indian Company Interrogated,” January 11, 2009.
Raju, B. Ramalinga, “Text of Ramalinga Raju’s Letter to Satyam Board.” Msn.com, January 7, 2009.
Cunningham, Lawrence (blogger), “Satyam Fraud’s Systemic Regulatory Implications, January 8, 2009
1. In January 2009, approximately how many employees did Satyam Computer Services employ?
2. What is the primary business of Satyam Computer Services Ltd?
3. When the fraud was revealed who took control of the company?
4. How much money did the Raju’s earn from sales of Satyam stock in the eight years preceding the fraud revelation?
5. How many board members did Ramalinga Raju implicate in the fraud?
6. What was the cash balance sheet amount and how much cash actually existed in the Satyam’s bank accounts?
1. Opinion: Do you believe that fraud in the United States is more or less prevalent than fraud in countries outside the United States? Why?
2 In the case of Satyam, the company reported almost $1 billion in cash balances, yet close to $900 million was missing. Two questions:
2. How would a fraudster conceal missing cash, especially amounts of this magnitude?
3. How would an audit not catch missing cash amounts of this magnitude?
1 Red Flags. Assume that Aardvark and Zebra compete in the same four-digit SIC code industry and offer comparable products and services. The following table contains their reported financial performance and condition for the last two years, calculated ratios and key nonfinancial metrics. Assume that industry ratios were derived from a reputable source. Further, assume that nonfinancial metrics were derived from reliable public and internal sources. Identification of Red Flags
Identification of Red Flags | |||||||||||||
Aardvark Company | Zebra, Inc. | ||||||||||||
Balance Sheet | Year 1 | Year 2 | Analysis | Year 1 | Year 2 | Analysis | |||||||
Assets—Cash | 375 | 720 | 92% | 375 | 720 | 92% | |||||||
Assets—Accounts Receivable | 375 | 795 | 112% | 375 | 495 | 32% | |||||||
Assets—Long-term | 750 | 1350 | 80% | 750 | 1,350 | 80% | |||||||
Assets | 1,500 | 2,865 | 91% | 1,500 | 2,565 | 71% | |||||||
Liabilities—Current | 600 | 1125 | 88% | 600 | 1125 | 88% | |||||||
Liabilities—Long-term | 300 | 562.5 | 88% | 300 | 562.5 | 88% | |||||||
Liabilities | 900 | 1,687.5 | 88% | 900 | 1,687.5 | 88% | |||||||
Stockholders Equity | 600 | 1,177.5 | 96% | 600 | 877.5 | 46% | |||||||
Liabilities and Stockholders Equity | 1,500 | 2,865 | 91% | 1,500 | 2565 | 71% | |||||||
Income Statement | |||||||||||||
Revenues | 1,800 | 3,600 | 100% | 1,800 | 3,300 | 83% | |||||||
Costs of Good Sold | 750 | 1,387.5 | 85% | 750 | 1,387.5 | 85% | |||||||
Gross Profit | 1,050 | 2,212.5 | 111% | 1,050 | 1,912.5 | 82% | |||||||
Operating Expenses | 900 | 1,635 | 82% | 900 | 1,635 | 82% | |||||||
Operating Income | 150 | 577.5 | 285% | 150 | 277.5 | 85% | |||||||
Analysis of Statement of Cash Flows | |||||||||||||
Operating Income | 150 | 577.5 | 285% | 150 | 277.5 | 85% | |||||||
Depreciation * Operating Cash | 37.5 | −232.5 | −720% | 37.5 | 67.5 | 80% | |||||||
Operating Cash Flows | 187.5 | 345 | 84% | 187.5 | 345 | 84% | |||||||
Aardvark Company | Zebra, Inc. | ||||||||||||
Ratios | Year 1 | Year 2 | Industry | Year 1 | Year 2 | Industry | |||||||
Current Ratio | 0.63 | 0.64 | 1.15 | 0.63 | 0.64 | 1.15 | |||||||
Debt-to-Assets Ratio | 0.600 | 0.589 | 0.625 | 0.600 | 0.658 | 0.625 | |||||||
Return on Assets | 10% | 20% | 10% | 10% | 11% | 10% | |||||||
Gross Margin | 58% | 61% | 58% | 58% | 58% | 58% | |||||||
Operating Cash Flow/Income | 125% | 60% | 125% | 125% | 124% | 125% | |||||||
DuPont Expression Ratios | |||||||||||||
Risk—Assets-to-Equity | 2.50 | 2.43 | 2.75 | 2.50 | 2.92 | 2.75 | |||||||
Revenue Generation—Asset Turn | 1.20 | 1.26 | 1.25 | 1.20 | 1.29 | 1.25 | |||||||
Profits—Profit Margin | 8% | 16% | 8% | 8% | 8% | 8% | |||||||
Return on Equity | 25% | 49% | 27% | 25% | 32% | 27% | |||||||
Aardvark Company | Zebra, Inc. | ||||||||||||
Analysis of Nonfinancial Metrics | Year 1 | Year 2 | Analysis | Year 1 | Year 2 | Analysis | |||||||
Retail Square footage | 85,500 | 157,500 | 84% | 85,500 | 157,500 | 84% | |||||||
# Employees | 1710 | 3112.5 | 82% | 1710 | 3112.5 | 82% | |||||||
# Store locations | 142.5 | 255 | 79% | 142.5 | 255 | 79% |
1. Use the Aardvark and Zebra data provided to complete the following assignments:
2. Targeted Risk Assessment. Consider the following scenario.
Leonard, LLC’s operates in the US northeast and is headquartered in Pittsburgh, PA. The company’s main competitor is Malcolm, LLC. The overall economy is exiting a mild recession, and the industry is considered by the financial press and analysts to be reasonably healthy.
Related to Leonard, LLC, stock market participants have projected that Leonard will outperform the industry and key competitors during the upcoming fiscal year. At the same time, industry trade journals and the financial press have hinted at operational issues and Leonard, LLC has met analysts’ expectations for the past 1.5 years.
The company has three operational processes that interface manually with the accounting records: Revenue and accounts receivable, operating expenses and accounts payable, personnel and payroll. In addition, in the latest fiscal year, Leonard opened foreign operations in China, created five subsidiaries and located two divisions in Alaska and Hawaii.
The CEO is heavily involved in revenue activities, revenue accounting and financial reporting. The accounts receivable clerk is shy, has one year of experience, and is responsible for collections and financial reporting of revenues and A/R. During past three audits, based on elevated risk concerns, the auditor has completed extra uncompensated work. Preliminary engagement brainstorming identified concerns regarding:
All revenues are accounts receivable-based, and revenue is the single largest line item in the financial statements. Accounting reconciliations are manually completed at year-end in preparation for the audit and release of the audited financial statements. In the past, auditors have been troubled by missing records, lack of support for transactions, and the CEO’s involvement with final adjustments to the financial statements.
Assignment:
The following is the “inventory” of items received to continue the examination at Johnson Real Estate. The goal is to focus on the missing deposits: who, what, when, where, and how.
These items will be provided by the course instructor.
Assignment:
Continuing to focus on evidence associated with the act, concealment and conversion, use the evidentiary material to continue the investigation. In addition, as the examiner also start to think of terms of who, what (did the person(s) do), when (during what period?), where (physical place, location in books and records), and how (perpetrated, hidden and did the perpetrator benefit).
Case background: See Chapter 1.
Question: Does Fairmont have any contactor personnel whose have terminated but are being paid through payroll after termination (e.g., ghost employees)?
Student task: Students should (a) present a listing of any payroll disbursements for Theresa Angelina after January 4, 2019, and (b) discuss the finding and recommend investigative next steps.
Student Material for step-by-step screenshots for completing the assignment are available from your instructor.
Case tableau background: See Chapter 1.
The forensic audit has revealed a possible “ghost” employee, Theresa Angelina, who was terminated on January 4, 2019.
Question: Can you present a graphic that presents the payroll disbursement amounts by date for the contact employee who has been terminated but has been paid after termination (i.e., ghost employees)?
Student task: Students should (a) present a graphic that presents the payroll disbursement amounts by date for the Theresa Angelina who has been terminated but has been paid after January 4, 2019 (i.e., ghost employees) and (b) discuss the finding and recommend investigative next steps.
Student Material for step-by-step screenshots for completing the assignment are available from your instructor.
3.138.116.228