Principles of Fraud Examination, 3rd Edition Wells Solutions Manual by Ace Test Banks

Principles of Fraud Examination, 3rd Edition

BY WELLS

Instructor's Manual for PRINCIPLES OF FRAUD EXAMINATION CHAPTER ONE – INTRODUCTION LECTURE OUTLINE I.

Fraud Examination vs. Auditing A. Fraud Examination is the discipline of resolving allegations of fraud. B. An audit is a general examination of financial data for the purpose of expressing an opinion on the financial statements.

TEACHING TIP The table entitled "Auditing vs. Fraud Examination" may be used to provide an overview to summarize the differences between Fraud Examination and Auditing. C. Fraud Examination Methodology – logical steps are taken to narrow the focus from the general to the specific. Beginning with a hypothesis, additional evidence is used to amend and refine the hypothesis as the fraud examination progresses. TEACHING TIP The graphic entitled "Evidence-Gathering Order in Fraud Examinations" may be used to provide an understanding of the steps taken to focus a fraud examination. D. Predication – the totality of circumstances that would lead a reasonable, professionally-trained, and prudent individual to believe a fraud has occurred, is occurring, and/or will occur. There must be proper predication in order to initiate a fraud examination (e.g., a tip or complaint from a third party). II.

Fraud Theory Approach A. Analyze available data B. Create a hypothesis (using a "worst-case" scenario) C. Test the hypothesis (involves developing a "what if" scenario) D. Refine and amend the hypothesis

NOTE: The goal is not to "pin" the crime on a particular individual but to determine "if" a crime was committed and "how." Tools used in fraud examinations: 1. Skill in the examination of the financial statements, books and records, and supporting documents, as well as knowledge of the legal ramifications of evidence and how to maintain the chain of custody over documents 2. Skill in interviewing witnesses with the purpose of obtaining relevant information from those with knowledge of it 3. Observation (i.e., observe behavior, displays of wealth, or specific offenses)

Internal frauds – committed by the people who work for the organization (also known as occupational fraud and abuse) III.

IV.

Occupational Fraud and Abuse – "The use of one's occupation for personal enrichment through the deliberate misuse or misapplication of the employing organization's resources or assets." A.

Common elements of fraudulent activity: 1. it is clandestine, 2. it violates the employee's fiduciary duties to the organization, 3. it is committed for the purpose of direct or indirect financial benefit to the employee, and 4. it costs the employing organization assets, revenues, or reserves.

"Employee" – any person who receives regular and periodic compensation for his or her labor.

Fraud – any crime for gain that uses deception as its principal mode of operation A.

The four elements of fraud include: 1. a material false statement, 2. knowledge that the statement was false when it was spoken, 3. reliance on the false statement by the victim, and 4. damages resulting from the victim's reliance on the false statement.

The four elements of larceny (stealing) are: 1. there was a taking or carrying away; 2. of the money or property of another; 3. without the consent of the owner, and 4. with the intent to deprive the owner of its use or possession.

Conversion – is "an unauthorized assumption and exercise of the right of ownership over goods or personal chattels belonging to another, to the alteration of their condition or the exclusion of the owner's rights."

Embezzle – " willfully to take, or convert to one's own use, another's money or property of which the wrongdoer acquired possession lawfully, by reason of some office or employment or position of trust."

Breach of fiduciary duty entails: 1. the existence of a fiduciary relationship between the plaintiff and the defendant; 2. the defendant (fiduciary) breached his duty to the plaintiff; and 3. the breach resulted in either harm to the plaintiff or benefit to the fiduciary.

NOTE: Fraud always entails some form of deception.

(Occupational) Abuse – This category consists of a variety of petty crimes and other counterproductive behavior that have become common and even silently condoned in the workplace. It includes, for example, using company equipment for personal use, arriving at work late or leaving early, or using employee discounts to purchase goods for friends and relatives.

VI.

Research in Occupational Fraud and Abuse A.

Edwin H. Sutherland 1. coined the term "white collar crime" 2. developed the "theory of differential association" a. crime is learned i. techniques to commit the crime ii. attitudes, drives, rationalizations, and motives of the criminal mind b. this learning usually occurs within intimate personal groups

Donald R. Cressey 1. studied embezzlers ("trust violators") 2. developed the hypothesis known as the "fraud triangle" a. a perceived non-shareable financial need – Circumstances that might lead to embezzlement: i. violation of ascribed obligations ii. problems resulting from personal failure iii. business reversals iv. physical isolation v. status gaining vi. employer-employee relations b. perceived opportunity – Two components to commit a trust violation: i. general information – the knowledge that the employee's position of trust could be violated ii. technical skill – the abilities necessary to commit the violation c. rationalization – Embezzlers generally rationalize their crimes by viewing them as: i. non-criminal ii. justified iii. part of a general irresponsibility for which they were not completely accountable

Dr. W. Steve Albrecht – developed the "Fraud Scale" 1. situational pressures 2. perceived opportunities 3. personal integrity

Richard C. Hollinger 1. The Hollinger-Clark Study a. found that employees steal primarily as a result of workplace conditions, and b. concluded that the true costs of employee theft are vastly understated 2. Five Hypotheses of Employee Theft a. external economic pressures b. contemporary employees are not as honest and hardworking as those in past generations c. every employee could be tempted to steal from his employer d. job dissatisfaction e. broadly shared formal and informal structure of organizations 3. Employee Deviance – Hollinger and Clark identified two categories of employee deviant behavior: a. acts by employees against property, and b. violations of the norms affecting productivity 4. Income and Theft – There is a statistical relationship between employees' concern over their financial situation and the level of theft. 5. Age and Theft – There is a direct correlation between (younger) age and (higher) level of theft. 6. Position and Theft – The research of Hollinger and Clark indicated that thefts were highest for those with greater access to the things of value in the company. 7. Job Satisfaction and Deviance – Employees who are dissatisfied with their jobs are more likely to engage in counterproductive or illegal behavior in order to right the perceived "inequity." 8. Organizational Controls and Deviance – Formal organizational controls do not provide a strong deterrent effect on employee theft. 9. Employee Perception of Control – Increasing the perception of detection provides a significant deterrent to employee theft.

Uniform Occupational Fraud Classification System (also known as the Fraud Tree) – There are three categories of occupational fraud: 1. Asset misappropriations – involves the theft or misuse of an organization's assets. 2. Corruption – involves an act done with the intent to give some advantage inconsistent with official duty and the rights of others. 3. Fraudulent statements – involves the intentional misreporting of financial information about a company to mislead the users of the financial statements.

Instructor's Manual for PRINCIPLES OF FRAUD EXAMINATION CHAPTER TWO – SKIMMING LECTURE OUTLINE I.

Skimming – An "off-book" fraud scheme that is manifested by the theft of cash from a victim entity before it is entered into the accounting records. Various types of sales skimming schemes include: A.

Sales Skimming 1. This entails: a a sale of goods or services to a customer, b. an employee collects the customer's payment at the point of sale, and c. the employee makes no record of the transaction 2. Concealment issues – It is possible that the illegal conduct may be detected by: a. a customer, b. a manager, c. a fellow employee, or d. a surveillance camera Cash Register Manipulation 1. This might entail: a. ringing a "no sale" or other non-cash transaction, or b. rigging the cash register so that sales are not printed on the register tapes 2. Concealment issues – a. too many "no sale" or other non-cash transactions on the register tape might be a red flag b. if the transactions on a register are pre-numbered, a break in the sequence would raise questions After-Hours Sales 1. This would entail: a. conducting sales during non-business hours, and b. not ringing up the sale on the register, or c. removing the register tape and replacing it with a new one 2. Concealment issues – a. the same as A.2. b. some of the "newer technology" cash registers have a memory function for daily totals Skimming by Off-Site Employees 1. This involves employees not reporting sales: a. who work at remote locations, or b. who have a high level of autonomy in their jobs

Concealment issues – a. For the property rental industry: physical inspection of properties would detect unreported sales (i.e., rentals). b. Undercover surveillance or investigation could uncover this type of scheme. Poor Collection Procedures 1. This problem is characterized by failing to properly record the receipt of payments. 2. Concealment issue – This type of scheme tends to cause certain accounts receivable to be overstated. Understated Sales 1. This type of fraud entails recording the transaction, but for a lesser amount than was actually collected from the customer. 2. Concealment issue – If this type of scheme is perpetrated at the register, it may be detected by the customer. Check for Currency Substitutions 1. This scheme involves substituting unrecorded checks for cash received. 2. Concealment issue – Segregation of duties and effective oversight would severely diminish the opportunity for this type of fraud. Theft in the Mailroom – Incoming Checks 1. This form of skimming occurs when employees, who open the daily mail, take the incoming checks and do not record them. 2. Concealment issues – This type of fraud: a. would cause certain accounts receivable to be overstated, and b. might cause customer complaints regarding their account balances. Preventing and Detecting Sales Skimming – In order to decrease perceived opportunity and increase the perception of detection, methods to prevent and detect skimming include: 1. maintaining a visible management presence at cash entry points 2. installing video cameras where cash enters an organization 3. placing cash registers in one "cluster" area so other employees are in full view 4. investigating customer complaints and tips 5. recording the login and log-out time of each user 6. requiring off-site sales personnel to maintain activity logs for business-related activity 2.

II.

Receivables skimming – This type of fraud is more difficult to conceal than sales skimming. Generally, one of the following techniques is used to conceal receivables skimming: A. Lapping 1. This form of receivables skimming entails crediting one account with the money from another account.

Concealment issues – a. certain accounts receivable balances will be overstated, and b. the intricacy of these schemes may require the perpetrator to keep a written record of their crime. Force Balancing 1. This type of scheme is possible when the perpetrator has access to both the receiving and recording function of receivables. 2. Concealment issues – a. this keeps the receivables from aging but creates an imbalance in the cash account b. the perpetrator may hide the imbalance by forcing the total on the cash account (i.e., record an entry to fraudulently increase the cash account) Stolen Statements 1. This entails the theft or alteration of customer account statements 2. Concealment issues – a. late notices or statements showing delinquent balances must be intercepted by the perpetrator, and b. false statements showing up-to-date balances must be produced to prevent customer complaints Fraudulent Write-Offs or Discounts 1. Preventing the customer from discovering his or her stolen payment doesn't resolve the discrepancy in the company's accounting records. 2. Concealment issues – In order to keep customer accounts from falling into delinquency, the perpetrator may engage in: a. lapping, or b. fraudulently "writing-off" a customer's account to: i. bad debts, or ii. discounts and allowances Debiting the Wrong Account 1. This form of fraud entails posting a debit to an existing or fictitious accounts receivable. 2. Concealment issue – If a balance is posted to an account that will be written off as uncollectible, the skimmed funds will be written off with it. Destroying Records of the Transaction 1. As a last resort, a perpetrator may resort to destroying the company's accounting records. 2. Concealment issues – a. missing or destroyed documents may be a red flag that fraud has occurred, but b. without the records, it is difficult to prove that money has been stolen. 2.

Preventing and Detecting Receivables Skimming 1. Good internal controls are key to preventing receivables skimming schemes, especially: a. segregation of duties, b. mandated vacations for employees, c. regular job rotation, and d. proper authorization for account adjustments. 2. Some of the red flags for detecting the theft of receivables are: a. alteration of financial records b. an inordinately large number or size of: i. discounts ii. adjustments iii. returns iv. write-offs v. overdue accounts 3. Automated tests may be used to highlight the red flags associated with receivables fraud, such as: a. summary reports identifying certain types of activity by department or employee, and b. trend analysis on aging of customer accounts.

Instructor's Manual for PRINCIPLES OF FRAUD EXAMINATION CHAPTER THREE – CASH LARCENY LECTURE OUTLINE Cash larceny involves the theft of money after it has been recorded in the books of the victim company. Most larceny schemes entail the taking of cash: I.

At the point of sale – This is where many cash larceny schemes occur because it's where the money is and there is often much activity here that requires the handling of cash by employees. Methods used to conceal larceny at the point of sale include: A. Thefts from other registers 1. This is accomplished either by: a. taking money from someone else's cash register, or b. using someone else's access code. 2. Concealment issue – The cash shortage seems to be caused by another employee, thereby deflecting the blame for the crime. B. Death by a thousand cuts 1. This scheme entails stealing small amounts of money over an extended period of time, making it look more like errors than theft. 2. Concealment issue – Most companies track cash discrepancies by employee, thereby making this type of fraud difficult to cover up. C. Reversing transactions 1. In order to reconcile the register tape with the amount of cash on hand, this fraud may utilize false voids or refunds. 2. Concealment issue – If there are an inordinate number of voids or refunds, this may be a red flag that fraud has occurred. D. Altered cash counts or cash register tapes 1. Falsifying the cash count so that the cash on hand balances to the register tape is another way to conceal larceny. 2. Concealment issue – Separation of duties is essential to detecting this fraud. E. Destroying register tapes 1. Destroying the evidence that a crime has taken place is a last ditch effort by a fraudster. 2. Concealment issue – The destruction of records should raise immediate suspicions of fraud. F. Preventing and detecting cash larceny at the point of sale – A lack of internal controls accounts for the success of most cash larceny schemes. 1. Prevention a. Enforce segregation of duties, and b. Ensure independent checks over the receipting and recording of incoming cash (i.e., have an independent employee verify the cash count).

Detection a. Look for discrepancies between sales records and cash on hand. b. Run summary reports showing the number of: i. discounts, ii. returns, iii. adjustments, and iv. write-offs. c. Review all journal entries to cash accounts.

II.

From incoming receivables – The success of this cash larceny scheme depends on the perpetrator's ability to hide the imbalances in the cash account. Generally, one of the following methods is used to conceal the fraud. A. Force balancing – This entails making unsupported entries in the company's records to balance the accounts with the receipts. B. Reversing entries – Unauthorized adjustments, such as "courtesy discounts" may be used to reverse the payment entry. C. Destruction of records – Although destroying the records may not prevent the detection that a fraud has been committed, it may conceal the identity of the perpetrator. D. Preventing and detecting cash larceny from incoming receivables – Proper segregation of duties can be an effective tool in preventing and detecting this type of fraud.

III.

From the victim organization's bank deposits A. Deposit lapping – Lapping entails an employee stealing the deposit from the first day and replacing it with the deposit from the next day. B. Deposits in transit – Stolen deposits may also be recorded as "deposits in transit" to avoid detection of the theft. C. Preventing and detecting cash larceny from the deposit – Good internal control procedures and common sense are the best defense against fraud. Some procedures that may help to prevent the theft of funds from deposits are: 1. proper segregation of duties, 2. itemizing the deposit slip, 3. reconciling the bank copy of the deposit slip with the office copy, 4. regularly performing a bank reconciliation, 5. investigating any instance in which a deposit in transit takes longer than two days to clear, 6. having some knowledge of the character of the person to whom you are entrusting the deposit, and 7. keeping the deposit in a safe place until it is taken to the bank.

Instructor's Manual for PRINCIPLES OF FRAUD EXAMINATION CHAPTER FOUR – BILLING SCHEMES LECTURE OUTLINE Billing schemes are the most common of the five major categories of fraudulent disbursement. They are characterized by the perpetrator submitting false documentation with the intention of inducing the victim organization to issue a payment for some fraudulent purpose. The three categories of billing schemes are: I.

Shell Company Schemes A. Forming a Shell Company – A shell company is a fictitious entity that is formed for the sole purpose of committing fraud. 1. Naming the company – usually a fabricated name 2. Company address a. post office box b. perpetrator's home address, or c. address of a relative, friend, or accomplice. 3. Opening a bank account in the new company's name a. certificate of incorporation or assumed-name certificate is needed b. perpetrator is listed as an authorized signer on the account B. Submitting False Invoices – Invoices may be created using a: 1. professional printer 2. personal computer, or 3. typewriter C. Self-Approval of Fraudulent Invoices – Authorization for the fictitious purchase is essential. Therefore, individuals who have the authority to approve purchases are the most likely to engage in this type of scheme. D. "Rubber Stamp" Supervisors – If the perpetrator doesn't have the authority to approve purchases, then an inattentive or overly trusting boss is the next best thing for someone with fraudulent intentions. E. Reliance on False Documents – This scheme depends on the plausible, legitimate appearance of the fraudulent documents created. F. Collusion – Internal controls may be circumvented by corrupt employees who covertly conspire to defraud the company. G. Purchases of Services Rather Than Goods – A fraud that involves the purchase of services, such as consulting services, presents greater difficulty in verifying whether the services were actually rendered or not. This type of purchase causes no imbalance between the company's records and physical inventory on hand. H. Pass-Through Schemes – Rather than involving the sale of fictitious goods and services, pass-through schemes utilize a fictitious (shell) entity to serve as a middleman, in order to resell actual merchandise at an

inflated price. Usually, the perpetrator in this type of fraud is an employee in charge of purchasing. Preventing and Detecting Shell Company Schemes – Shell company schemes are the most costly of all forms of occupational fraud. 1. Prevention a. Enforce segregation of duties b. Maintain and regularly update an approved vendor list 2. Detection a. Identifying Shell Company Invoices i. lack of vendor detail on the fraudulent invoice ii. lack of detailed description of the items billed iii. mail drop or residential address for payment iv. consecutively numbered invoices v. bills for the same or similar amounts vi. invoices for amounts just below the company's approval limit b. Testing for Shell Company Schemes i. run summary reports to sort payments by vendor, amount, and invoice number ii. be alert to large budget overruns iii. look for an increase in the cost of goods sold relative to sales iv. watch for an increase in service-related expenses v. investigate any unexplained increases in the quantity of goods purchased vi. look into any physical inventory shortages vii. monitor trends in average unit price of goods purchased viii. confirm that vendors are legitimate ix. oversee the types of goods and services that are purchased x. run reports comparing vendor addresses and employee addresses xi. run reports showing the average turnaround time on invoices sorted by vendor c. Verifying Whether a Shell Company Exists i. look up the vendor in the phone book ii. contact others in your industry iii. visit the address given d. Identifying the Employee behind a Shell Company i. investigate who was involved in selecting the vendor or approving the purchase ii. search the company's registration for who formed the company

iii.

iv. v. vi.

be alert for related names, addresses, phone numbers and social security numbers that may match an employee's personnel information examine endorsements, account numbers, and handwriting of suspected employees conduct surveillance of the mail drop search the office or workspace of the suspected employee (NOTE: Workplace searches should only be conducted after consulting with an attorney)

II.

Non-accomplice Vendor Schemes A. Pay-and-Return Schemes 1. intentionally pay an invoice twice, then request the return of one of the checks 2. deliberately mail the check to the wrong vendor, then request the return of the check, while processing a second check to mail to the vendor 3. intentionally overpay the invoice, then request that the vendor return the excess 4. purchase excess merchandise, then return the excess and pocket the refund B. Overbilling with a Non-accomplice Vendor's Invoices – In this type of scheme, a perpetrator either manufactures a fraudulent invoice of a known vendor, who is unaware of the crime, or re-processes a previously paid invoice. The victim organization then pays for goods or services that it does not receive. C. Preventing and Detecting Fraudulent Invoices from a Nonaccomplice Vendor – 1. Prevention – depends on effective purchasing function controls. 2. Detection – look for the common red flags of non-accomplice vendor invoicing, such as: a. different mailing address or electronic payment information from that of the real vendor b. out of sequence invoice numbers c. duplicate invoice numbers

III.

Personal Purchases Schemes – The heart of these schemes is not the taking of the company's assets but the purchasing of them.

Personal Purchases through False Invoicing – In this scheme, since the invoice is not legitimate, the perpetrator's biggest obstacle, to obtaining authorization for payment, is close inspection of the fake invoice. 1. The Fraudster as Authorizer of Invoices – Proper internal controls should prevent anyone from being able to approve their own purchases. However, generally those with this level of authority have significant control over their subordinates. 2. Falsifying Documents to Obtain Authorization – Because the primary control document is the purchase order, some perpetrators generate false purchase orders in order to make their purchases seem legitimate. 3. Altering Existing Purchase Orders – Purchase orders may also be altered to increase the amount of materials being requisitioned. The excess materials are then diverted for personal use. 4. False Purchase Requisitions – This form of fraud entails misrepresenting the nature of the purchase. Upon delivery of the merchandise, concealment may occur as a result of: a. poor segregation of duties b. enlisting the aid of employees in the receiving department c. changing the delivery address for the purchase Personal Purchases on Credit Cards or Other Company Accounts – Once an employee manages to obtain a company card, by whatever means, their only consideration is avoiding detection, since unlike invoicing schemes, prior approval for purchases is not required. Methods of concealment might include destroying the credit card or purchasing card statements or creating fraudulent copies on which the personal purchases are excluded. 1. Charge Accounts – may be used for purchases from vendors with whom business is conducted on a regular basis. Opportunities for fraud include: a. the designated company representative authorized to sign on the account b. other employees who forge the signature of an authorized person c. instances where purchases may be verified by a phone call 2. Returning Merchandise for Cash – In this type of scheme, the perpetrator makes a purchase and then returns the item for cash. Poor segregation of duties is key to the success of this fraud. 3. Preventing and Detecting Personal Purchases on Company Credit Cards or Purchasing Cards– Procedures to prevent and detect credit or purchasing card fraud include: a. conducting thorough reviews of each card statement b. verifying the business purpose for each expenditure c. requiring original document support for each expense d. establishing spending limits for credit card users

e. f.

comparing statements with employee expense vouchers for duplications monitoring expenses for unexplained increases in spending

Instructor's Manual for PRINCIPLES OF FRAUD EXAMINATION

Lecture Outline Chapter 5 – Check Tampering I. Check Tampering Schemes – a form of fraudulent disbursement in which the perpetrator physically prepares the fraudulent check. A. Forged maker schemes – check tampering schemes in which an employee misappropriates a check and signs another person’s name with fraudulent intent. The “maker” is the signer of the check. 1. Obtaining the check a. Employees with access to company check stock b. Employees lacking access to company check stock c. Producing counterfeit checks d. Safeguarding company check stock 2. Check payable to a. The perpetrator b. An accomplice c. “Cash” d. A vendor 3. Forging the signature a. Free-hand forgery b. Photocopied forgeries c. Automatic check-signing mechanisms 4. Miscoding fraudulent checks - typically used as a concealment method by those employees with access to the cash disbursements journal. 5. Converting the check 6. Preventing and detecting forged maker schemes a. maintain a strict set of procedures for the handling of outgoing checks b. rotate authorized check signers and keep track of who is approved to sign checks during a given period c. on a periodic basis, an organization should have authorized check signers verify their signatures on returned checks d. access to signature stamps should be strictly limited B. Forged endorsement schemes – (also known as intercepted check schemes) check tampering schemes in which an employee intercepts a company check intended for a third party and converts the check by signing the third party’s name on the endorsement line of the check. 1. Intercepting checks before delivery a. Employees involved in delivery of checks b. Poor control over signed checks c. Theft of returned checks d. Rerouting the delivery of checks

2. Converting the stolen check 3. Preventing and detecting the theft of outgoing company checks C. Altered payee schemes 1. Altering checks prepared by others a. Inserting a new payee b. “Tacking on” 2. Altering checks prepared by the fraudster a. Erasable ink b. Blank checks 3. Converting altered checks 4. Preventing and detecting the alteration of company checks a. segregation of duties b. matching bank statement items to canceled checks D. Concealed check schemes – check tampering frauds in which an employee prepares a fraudulent check and submits it along with legitimate checks to an authorized maker who signs it without a proper review. E.D. Authorized maker schemes – check tampering fraud in which an employee with signature authority on a company account writes fraudulent checks for his own benefit and signs his own name as the maker. 1. Overriding controls through intimidation 2. Poor controls 3. Preventing and detecting check tampering by authorized makers II. Concealing Check Tampering – concealment of the fraud is the most important part of the scheme. The following are ways in which this may be accomplished: A. The fraudster reconciling the bank statement B. Re-alteration of checks C. Falsifying the disbursements journal D. Reissuing intercepted checks E. Bogus supporting documents III. Electronic Payment Tampering – an alternative to paper checks that enables a payer to transmit funds electronically over the Internet or other medium. It includes ACH payments, online bill payments, and wire transfers. A. Methods used to manipulate electronic payments 1. Abusing legitimate access to employer’s payment system 2. Gaining access through social engineering or password theft 3. Exploiting weaknesses in internal control or payment system B. Prevention and detection of electronic payment tampering 1. Internal controls a. Separation of duties; e.g., segregate duties for creating, approving, and releasing wires b. Segregating bank accounts; e.g., separate accounts for paper and electronic transactions c. Daily account monitoring and reconciliation d. Management and protection of user access and account information

2. Bank security services a. Set up ACH blocks/ACH filters b. Use positive pay for ACH c. Restrict banking software access to specific banking activities to enhance separation of duties; e.g., viewing bank statements or initiating electronic payments d. Customize banking software to incorporate dual authorization and daily or individual transaction limits e. Use bank’s multi-factor authentication tools; e.g., tokens, digital certificates, smart cards, and voice print recognition software

Instructor's Manual for PRINCIPLES OF FRAUD EXAMINATION

Lecture Outline Chapter 6 – Payroll Schemes Payroll Schemes – are occupational frauds in which a person, who works for an organization, causes the organization to issue a payment by making a false claim for compensation. A. Ghost employee – refers to someone on the payroll who does not actually work for the victim company. 1. Adding the ghost to the payroll – opportunities exist in: a. personnel department – those with hiring and supervisory authority b. payroll accounting i. creating a fictitious employee with a name very similar to that of a real employee ii. failing to remove the names of terminated employees 2. Collecting timekeeping information – the key to this stage of the fraud is obtaining approval of the timekeeping document. a. supervisor is the fraudster b. non-supervisor is the fraudster 3. Issuing the ghost’s paycheck – the perpetrator does not generally take an active roll in the issuance of the check. 4. Delivery of the paycheck a. hand delivered to employee at work b. mailed to employee's home address c. direct deposited to employee's bank account 5. Preventing and detecting ghost employee schemes a. separation of duties b. personnel department should verify any changes to payroll c. personnel department should also conduct background checks and reference checks on all prospective employees in advance of hire d. run a report looking for employees who lack: i. social security numbers ii. deductions on their paychecks for withholding taxes or insurance iii. physical address or phone number in their personnel records e. run a report looking for multiple employees who have the same: i. social security number ii. bank account number iii. physical address B. Falsified hours and salary – For hourly employees, both the number of hours worked and rate of pay are susceptible to fraud. For salaried employees, fraudulent wages may be generated by increasing their rates of pay. 1. manually prepared timecards

a. forging a supervisor’s signature b. collusion with a supervisor c. rubber stamp supervisors d. poor custody procedures 2. Time clocks and other automated timekeeping systems – collusion with another employee is usually required for this type of fraud. 3. Rates of pay – access to personnel or payroll records is essential to this fraud. 4. Preventing and detecting falsified hours and salary schemes a. enforce controls – segregation of duties is key: i. payroll preparation ii. authorization iii. distribution iv. reconciliation b. run tests that actively seek out fraudulent payroll activity c. test for overtime abuses d. utilize trend analysis e. exception reports testing f. verify payroll taxes with federal tax forms C. Commission schemes – may be committed by either: 1. Falsifying the amount of sales made a. fictitious sales b. altered sales 2. Increasing the rate of commission 3. Detecting commission schemes a. run reports to confirm a linear relationship between sales and commission expenses b. use comparative analysis tests for commissions earned by each salesperson c. track uncollected sales generated by each member of the sales department d. use random sampling to confirm sales to customers

Instructor's Manual for PRINCIPLES OF FRAUD EXAMINATION Lecture Outline Chapter 7 – Expense Reimbursement Schemes Expense Reimbursement Schemes – are occupational frauds in which employees make false claims for reimbursement of fictitious or inflated business expenses. A. Mischaracterized expense reimbursements – e.g., claiming that a personal expense is business-related 1. Preventing mischaracterized expense reimbursement schemes a. Require detailed information for expense reimbursement b. Require that a direct supervisor of the requestor review all travel and entertainment expenses c. Establish a policy that clearly states what types of expenses will and will not be reimbursed d. Require that employees sign a statement acknowledging that they understand the policy and will abide by it 2. Detecting mischaracterized expense reimbursement schemes a. Compare the employee’s expense reports to his work schedule b. Scrutinize any expense report that was approved by a supervisor outside the requestor’s department c. Compare expense reimbursement levels to prior years and to budgeted amounts d. Compare expense reimbursements per employee to identify any particular employee whose expenses are excessive B. Overstated expense reimbursements 1. Altered receipt – occurs when an employee doctors a receipt or other supporting documentation to reflect a higher cost than what he actually paid 2. Overpurchasing 3. Overstating another employee’s expenses – likely to occur in a system in which expenses are reimbursed in currency rather than by a check 4. Orders to overstate expenses – employees falsify their own reports at the direction of their supervisors 5. Preventing and detecting overstated expense reimbursement schemes a. Require original receipts for all expense reimbursements b. Generate comparison reports that show reimbursed expenses per employee c. Spot check expense reports with customers, confirming business dinners, meetings, etc. C. Fictitious expense reimbursement schemes 1. Fictitious receipt – occurs when an employee creates phony support documents 2. Obtaining blank receipts from vendors a. by requesting them b. by stealing them

3. Claiming the expenses of others – submitting expense reports for expenses that were paid by others 4. Preventing and detecting fictitious expense reimbursement schemes – Red flags include: a. Consecutively numbered receipts b. Cash payments for high dollar expenses c. Expenses that are consistently rounded off d. Expenses that are consistently for the same amount e. Reimbursement requests that consistently fall at or just below the organization's reimbursement limit f. Receipts that do not look professional or that lack certain vendor information D. Multiple reimbursement scheme – involves the submission of a single expense several times to receive multiple reimbursements. In order to prevent and detect multiple reimbursement schemes, organizations should: 1. Enforce a policy against accepting photocopies as support for business expenses 2. Check the expense against previous requests before issuing a reimbursement 3. Require that expense reports be reviewed and approved by a direct supervisor 4. Establish a policy that expenses must be submitted within a certain time frame

Instructor's Manual for PRINCIPLES OF FRAUD EXAMINATION Lecture Outline Chapter 8 – Register Disbursement Schemes Register Disbursement Schemes – Money is removed from the register, and a false transaction is recorded on the register as though it were a legitimate disbursement to justify the removal of the money. I. False refund – a disbursement of money from the register to the customer for, presumably, returning an item of merchandise purchased from that store A. Fictitious refund – 1. Cash is removed from the register in the amount of the false return 2. No merchandise is actually returned, therefore, inventory is overstated B. Overstated refund – overstating the amount of a legitimate refund and stealing the excess money C. Credit card refund – processing false refunds on credit cards instead of physically taking cash from the register. This may be achieved in a number of ways: 1. The fraudster inserts his own credit card number on the refund instead of the customer’s 2. The fraudster processes merchandise refunds to the accounts of other people, and in return receives a portion of the refunds as a kickback II. False voids – the essential components for the success of this type of scheme are: A. "Rubber stamp" manager, B. Fraudster forging supervisor's signature, or C. Manager collusion with register employee III. Concealing register disbursements A. Overstating inventory during the physical count (to conceal shrinkage) B. Small disbursements (below the required management review limit) C. Destroying records (to prevent identification of the thief) IV. Preventing and detecting register disbursement schemes A. Maintain appropriate separation of duties B. Require distinct login codes for work at the register C. Place signs or institute store policies encouraging customers to ask for and examine their receipts D. Conduct a physical inventory count regularly for excessive shrinkage E. Review records for the processing of an excessive number of voided sales

Instructor's Manual for PRINCIPLES OF FRAUD EXAMINATION

Lecture Outline Chapter 9 – Non-Cash Assets I. Non-cash misappropriation schemes – Occupational frauds in which employees misuse or steal inventory, supplies, equipment, and other non-cash company assets. A. Misuse of non-cash assets – unauthorized use of company assets 1. Non-cash assets that are typically misused include: a. company vehicles b. company supplies c. computers d. other office equipment 2. The costs of inventory misuse – difficult to quantify a. loss of productivity b. additional employee wages (for more hires) c. lost business (from competition of employee) d. additional wear and tear on equipment e. possible non-return (theft) of asset B. Unconcealed larceny schemes – occur when an employee takes property from the company premises without attempting to conceal it in the books and records 1. Misappropriation of assets in front of coworkers a. coworkers do not suspect fraud b. coworkers are aware of the fraudulent activity but ignore the illegal conduct because of: i. sense of loyalty to their friends ii. "management vs. labor" mentality iii. intimidation iv. poor channels of communication v. collusion vi. lack of proper whistleblowing procedures 2. Misappropriation of company assets from an off-site location – mailing to a location where they can be picked up, prevents the fraudster from risking being caught physically taking the assets 3. The fake sale – uses an accomplice to achieve the fraudulent goal a. employee does not ring up the sale b. accomplice takes the merchandise without paying c. accomplice may also "return" merchandise for cash 4. Preventing and detecting larceny of non-cash assets a. separation of duties (e.g., purchasing, payables, and receiving) b. physical control of non-cash assets c. conduct physical inventory counts on a periodic basis

monitor and follow up on customer complaints regarding "short" shipments C. Asset requisitions and transfers – internal documents that facilitate the transfer of non-cash assets from one location in the company to another, may also be used to misappropriate those assets by: 1. overstating the amount of supplies or equipment needed for a project 2. fabricating a project 3. falsifying property transfer forms D. Purchasing and receiving schemes – involve the theft of non-cash assets that were intentionally and legitimately purchased by the company 1. Falsifying incoming shipments – marking the shipments as "short" and taking the excess 2. Concealment issue – if the receiving report does not match the vendor’s invoice, there will be a problem with payment E. False shipments of inventory – involves creating false shipping and sales documents 1. A false packing slip causes the merchandise to be delivered to the fraudster or his or her accomplice 2. The fraudulent "sales" are made to: a. a fictitious person b. a fictitious company, or c. an accomplice 3. Concealment issue - a fake receivable account is created on the books for the price of the misappropriated inventory II. Other schemes A. Assets are written off in order to make them available for theft B. New equipment is taken instead of the old (scrap) asset that was to be replaced III. Concealing inventory shrinkage – Hiding significant differences between the perpetual inventory amount (what should be on hand) and the physical inventory count (what is actually on hand) is essential for the fraud to remain undetected. This may be accomplished by: A. Altered inventory records - changing the perpetual inventory record so that it will match the physical inventory count (i.e., forced reconciliation) B. Fictitious sales and accounts receivable TEACHING TIP In order to conceal inventory shrinkage, the perpetrator would need to make it appear as though the missing inventory had been sold by recording the following entry: DR Accounts Receivable xxx CR Sales xxx Concealment issue – payment on the fictitious sales 1. charge the “sales” to an existing (large) account 2. charge the “sales” to accounts that are already aging and will soon be written off

3. write-off to discounts and allowances or bad debt expense C. Write off inventory and other assets – writing-off inventory as "obsolete" eliminates the inherent problem of shrinkage in asset misappropriation schemes D. Physical padding – involves creating the illusion of more inventory than is actually on hand (e.g., empty boxes) IV. Preventing and detecting non-cash thefts that are concealed by fraudulent support A. Segregation of duties 1. ordering goods 2. receiving goods 3. maintaining perpetual inventory records 4. issuing payment B. Match invoices to receiving reports before payments are issued C. Match packing slip (sales order) to an approved purchase order D. Match every outgoing shipment to the sales order before the merchandise is shipped E. Monitor any significant increase in bad debt expense F. Review any unexplained entries in perpetual inventory records G. Reconcile materials ordered for projects to the actual work done H. Periodically perform trend analysis on the amount of inventory that is being designated as scrap I. Control should be maintained over assets during disposal V. Misappropriation of intangible assets A. Misappropriation of information – theft of proprietary information 1. Can undermine value, reputation, and competitive advantage, and can result in legal liabilities 2. Biggest threats are often internal 3. Includes theft of competitively sensitive information (e.g., customer lists, marketing strategies, trade secrets) 4. Companies must identify their most valuable information and take steps to protect it B. Misappropriation of securities 1. Companies must maintain proper internal controls over their investment portfolio, including separation of duties, restricted access, and account reconciliations

Instructor's Manual for PRINCIPLES OF FRAUD EXAMINATION Lecture Outline Chapter 10 – Corruption Corruption – an act in which a person uses his or her position to gain a personal advantage at the expense of the organization he or she represents. I. Bribery – “offering, giving, receiving, or soliciting anything of value to influence an official act or business decision.” A. Kickback schemes – consist of undisclosed payments made by vendors to employees of purchasing companies. • involve collusion between employees and vendors • almost always attack the purchasing function of the victim company 1. Diverting business to vendors – Most bribery schemes end up as overbilling schemes even if they do not start that way, because once a vendor knows it has an exclusive purchasing arrangement, it ultimately will raise prices to cover the cost of the kickback. 2. Overbilling schemes a. Employees with approval authority – the ability to authorize purchases is key to a kickback scheme b. Fraudsters lacking approval authority – need to be able to circumvent accounts payable controls i. filing a false purchase requisition ii. preparing false vouchers iii. creating a purchase order that corresponds to the vendor’s fraudulent invoice 3. Other kickback schemes – Bribes may be paid: a. to accept substandard merchandise b. to receive a lower price from the victim company 4. Slush funds – are created by diverting company money into a noncompany account for the purpose of making illegal (bribe) payments NOTE: The diversion of company funds is usually accomplished by charging an account such as "consulting fees." 5. Preventing and detecting kickback schemes a. In an effort to prevent kickback schemes, the following may be helpful: i. segregation of duties ii. maintenance of an updated vendor list iii. proper review and matching of all support for disbursement vouchers iv. all contracts with suppliers should contain a “right to audit” clause v. written policies should be established prohibiting employees from soliciting or accepting any gift or favor from a customer or supplier

b. In addition, look for the specific red flags and characteristics of kickback schemes: i. price inflation ii. the purchase of excessive quantities of goods or services from a corrupt supplier iii. inventory shortages iv. the purchase of inferior quality inventory or merchandise v. budget overruns B. Bid-rigging schemes – occur when an employee fraudulently assists a vendor in winning a contract through the competitive bidding process. The level of influence of the corrupt employee determines how the bidding process is rigged. 1. The pre-solicitation phase a. Need recognition schemes – In return for something of value, the fraudster recognizes a "need" for a good or service. Indications of this type of scheme might include: i. high requirements for stock and inventory levels ii. writing off large numbers of surplus items to scrap iii. defining a “need” in a way that can only be met by a certain supplier or contractor iv. failure to develop a satisfactory list of backup suppliers b. Specifications schemes – the fraudulent tailoring of the elements, materials, dimensions, or other relevant requirements of the project to a particular vendor. Ways to restrict competition or give an unfair advantage at this stage include: i. the use of “pre-qualification” procedures ii. sole-source or noncompetitive procurement justifications iii. writing vague specifications, which will require amendments at a later date iv. bid splitting – separating the project into several component contracts so that each sectional project falls below the mandatory bidding level v. showing the specifications to a vendor earlier than to its competitors 2. The solicitation phase – At this stage, an attempt is made to restrict the pool of competitors. This may be accomplished by: a. “Requiring” bidders to be represented by certain sales or manufacturing representatives b. Bid pooling – a process by which several bidders conspire to split contracts up and ensure that each gets a certain amount of work c. Fictitious suppliers – fictitious price quotes are used to validate the reasonableness of the conspirator's actual prices d. Other methods i. severely restricting the time for submitting bids ii. soliciting bids in obscure publications

3. The submission phase – At this stage, an attempt is made to win the contract for a particular supplier by: a. abuse of the sealed-bid process b. providing information on how to prepare the bid c. ensuring receipt of a late bid d. falsifying the bid log e. extending the bid opening date f. controlling bid openings 4. Preventing and detecting bid-rigging schemes - specifically applicable to the competitive bidding process: a. unusual bidding patterns i. unusually high contract price ii. low bid awards are frequently followed by change orders or amendments that significantly increase payments to the contractor iii. very large, unexplained price differences among bidders b. if the last contractor to submit a bid repeatedly wins the contract c. predictable rotation of bid winners d. losing bidders frequently appear as subcontractors on the project e. qualified bidders fail to submit contract proposals f. avoidance of competitive bidding altogether, by splitting a large project into several smaller jobs that fall below a bidding threshold C. Something of value 1. money a. currency b. checks 2. promises of future employment 3. percent of ownership in the supplier’s business 4. gifts a. free liquor and meals b. free travel and accommodations c. cars d. other merchandise e. sexual favors 5. paying off of a corrupt employee’s loans or credit card bills 6. the offering of loans on very favorable terms 7. transfers of property at substantially below market value II. Illegal gratuities – "something of value is given to an employee to reward a decision rather than influence it." III.II. Economic extortion – when one person demands payment from another. IV.II. Conflicts of interest – occurs when an employee, manager, or executive has an undisclosed economic or personal interest in a transaction that adversely affects the organization. A. Purchasing schemes – The fraudster (or accomplice) must have some kind of ownership or employment interest in the vendor that submits the invoice in order for the scheme to be categorized as a conflict of interest.

1. Overbilling – the most common type of purchasing scheme 2. Bid-rigging – Because the fraudster has access to the bids of his competitors, he can easily tailor his company's bid to win the contract. 3. Turnaround sales (also known as flip sales) – occur when an employee knows that his employer is looking to purchase a certain type of asset and uses the information to purchase it himself with the intention of reselling it to the employer at an inflated price B. Sales schemes 1. Underbillings – a scheme in which an employee induces her employer to sell goods or services at below market value to a company in which the employee maintains a hidden interest 2. Writing off sales - tampering with the books of the victim company to decrease or write off the amount owed by an employee’s business TEACHING TIP Writing off sales might include decreasing the amount owed by an employee's business: e.g, DR Sales Discount xxx CR Accounts Receivable xxx OR Completely voiding the amount owed by an employee's business: e.g., DR Allowance for Uncollectible Accounts (Bad Debt Expense) CR Accounts Receivable

xxx xxx

C. Other conflict of interest schemes 1. Business diversions – when an employee steers customers from his employer's business to his own 2. Resource diversions – when an employee diverts funds and other resources of his employer to the development of his own business 3. Financial disclosures a. significant fraud committed by officers, executives, and others in positions of trust b. criminal indictment of officers, executives, or other persons in trusted positions c. conflicts of interests d. related-party transactions D. Preventing and detecting conflicts of interest 1. Institute a company ethics policy regarding conflicts of interest 2. Require that employees complete an annual disclosure statement 3. Establish an anonymous reporting mechanism to receive tips and complaints 4. Periodically run comparison reports between vendor and employee addresses and phone numbers

Instructor's Manual for PRINCIPLES OF FRAUD EXAMINATION Lecture Outline Chapter 11 – Accounting Principles and Fraud I. Fraud in Financial Statements A. Who commits financial statement fraud? 1. Senior management 2. Mid- and lower-level employees 3. Organized criminals B. Why do people commit financial statement fraud? 1. To conceal true business performance a. Overstate performance i. To meet or exceed earnings or revenue growth expectations of stock market analysts ii. To comply with loan covenants iii. To increase the amount of financing available from asset-based loans iv. To meet a lender’s criteria for granting/extending loan facilities v. To meet corporate performance criteria set by the parent company vi. To meet personal performance criteria vii. To trigger performance-related compensation or earn-out payments viii. To support the stock price in anticipation of a merger, acquisition, or sale of personal stockholding ix. To show a pattern of growth to support a planned securities offering or sale of the business b. Understate performance i. To defer “surplus” earnings to the next accounting period ii. To take all possible write-offs in one “big bath” now so future earnings will be consistently higher iii. To reduce expectations now so future growth will be better perceived and rewarded iv. To preserve a trend of consistent growth v. To reduce the value of an owner-managed business for purposes of a divorce settlement vi. To reduce the value of a corporate unit whose management is planning a buyout 2. To preserve personal status/control 3. To maintain personal income/wealth C. How do people commit financial statement fraud? 1. Playing the accounting system – the accounting system is manipulated (e.g., change in depreciation methods or accounting estimates) to generate specific desired results (e.g., increase or decrease net income) 2. Beating the accounting system – false and fictitious information is input into the accounting system to manipulate reported results

3. Going outside the accounting system – the fraudster fabricates financial statements using equipment such as a personal computer II. Conceptual Framework for Financial Reporting A. Recognition and measurement concepts 1. Assumptions a. Economic entity b. Going concern c. Monetary unit d. Periodicity 2. Principles a. Historical cost b. Revenue recognition c. Matching d. Full disclosure 3. Constraints a. Cost-benefit b. Materiality c. Industry practice d. Conservatism B. Qualitative Characteristics 1. Relevance and reliability 2. Comparability and consistency II. Responsibility for financial statements – Financial statements are the responsibility of the company's management. III. Users of financial statements A. Company ownership and management B. Lending organizations C. Investors IV. Types of financial statements A. Balance sheet B. Statement of income or statement of operations C. Statement of retained earnings D. Statement of cash flows E. Statement of changes in owners’ equity F. Statement of assets and liabilities that does not include owners’ equity accounts G. Statement of revenue and expenses H. Summary of operations I. Statement of operations by product lines J. Statement of cash receipts and disbursements K. Other financial data presentations (e.g., pro forma, interim, or personal)

V. The Sarbanes-Oxley Act of 2002 (signed into law on July 30, 2002) A. Certification obligations for CEOs and CFOs 1. Criminal certifications 2. Civil certifications 3. Management assessment of internal controls B. New standards for audit committee independence 1. Audit committee responsibilities 2. Composition of the audit committee – must include a "financial expert" 3. Establishing a whistleblowing structure C. New standards for auditor independence 1. Restrictions on non-audit activity 2. Mandatory audit partner rotation 3. Conflict of interest provisions 4. Auditor reports to audit committees 5. Auditors’ attestation to internal controls 6. Improper influence on audits D. Enhanced Financial Disclosure Requirements 1. Off-balance sheet transactions 2. Pro forma financial information 3. Prohibitions on personal loans to executives 4. Restrictions on insider trading 5. Codes of ethics for senior financial officers 6. Enhanced review of periodic filings 7. Real-time disclosures E. Protections for corporate whistleblowers under Sarbanes-Oxley 1. Civil liability whistleblower protection 2. Criminal sanction whistleblower protection F. Enhanced penalties for white-collar crime 1. Attempt and conspiracy 2. Mail fraud and wire fraud 3. Securities fraud 4. Document destruction 5. Freezing of assets 6. Bankruptcy loopholes 7. Disgorgement of bonuses VI. Public Company Accounting Oversight Board – Established under Title I of the Sarbanes-Oxley Act, the Board is appointed and overseen by the SEC. A. Registration with the Board – Public accounting firms that audit publicly traded companies must register with the PCAOB. B. Auditing, quality control, and independence standards and rules – The PCAOB is responsible for establishing standards for auditing, quality control, ethics, independence, and other issues related to audits of publicly traded companies.

C. Inspections of registered public accounting firms – Regular inspections are to be conducted by the Board to test for compliance with standards and rules. D. Investigations and disciplinary proceedings – The Board has the authority to investigate registered public accounting firms and issue sanctions for violations or non-cooperation.

Instructor's Manual for PRINCIPLES OF FRAUD EXAMINATION

Lecture Outline Chapter 12 – Fraudulent Financial Statement Schemes I. Defining Financial Statement Fraud – deliberate misstatements or omissions of amounts or disclosures of financial statements to deceive financial statement users, particularly investors and creditors A. Costs of financial statement fraud 1. Undermines the reliability, quality, transparency, and integrity of the financial reporting process; 2. Jeopardizes the integrity and objectivity of the auditing profession; 3. Diminishes the confidence of the capital markets in the reliability of financial information; 4. Makes the capital market less efficient; 5. Adversely affects the nation’s economic growth and prosperity; 6. Results in huge litigation costs; 7. Destroys careers of individuals involved in financial statement fraud; 8. Causes bankruptcy or substantial economic losses; 9. Encourages regulatory intervention; 10. Causes devastation in the normal operations and performance of alleged companies; 11. Raises serious doubt about the efficacy of financial statement audits; and 12. Erodes public confidence and trust in the accounting and auditing profession B. Fictitious revenues 1. Fictitious revenues – a scheme that involves the recording of sales or services that did not occur a. Sales with conditions – a sale is recorded even though some terms have not been fulfilled b. Pressures to boost revenues i. External pressures – bankers, stockholders, families, and communities ii. Internal pressures – departmental budget requirements c. Red flags associated with fictitious revenues i. Rapid growth or unusual profitability ii. Recurring negative cash flows from operations iii. Significant transactions with related parties iv. Significant, unusual, or highly complex transactions v. Unusual growth in the number of days' sales in receivables vi. Significant sales to entities with unknown ownership vii. Large number of sales by a small number of company units

2. Timing differences – recording revenues and/or expenses in improper accounting periods a. Matching revenues with expenses – according to generally accepted accounting principles (GAAP) b. Premature revenue recognition – recognizing revenue before the actual transfer of ownership occurs. SEC Staff Accounting Bulletin Topic 13, “Revenue Recognition,” establishes that the following criteria must be satisfied to recognize revenue: i. Persuasive evidence of an arrangement exists ii. Delivery has occurred or services have been rendered iii. The seller’s price to the buyer is fixed or determinable iv. Collectibility is reasonably assured c. Long-term contracts i. Completed contract method – records revenue when contract is complete ii. Percentage of completion method – recognizes revenue and expenses as project progresses. This method is subject to manipulation. d. Channel stuffing ("trade loading") – customers are encouraged to overbuy merchandise through offers of large discounts e.d. Recording expenses in the wrong period i. Due to pressures to meet budget projections ii. Lack of proper accounting controls f.e. Red flags associated with timing differences i. Rapid growth or unusual profitability ii. Recurring negative cash flows from operations iii. Significant, unusual, or highly complex transactions iv. Unusually high, or unusual increase in, gross margin v. Unusual growth in the number of days' sales in receivables vi. Unusual decline in the number of days' purchases in accounts payable 3. Concealed liabilities and expenses a. Liability/expense omissions – one of the most difficult schemes to detect because there is no audit trail b. Capitalized expenses – improper capitalization of expenses causes income to be overstated in the current period. Subsequently, as assets are depreciated, income will be understated. c. Expensing capital expenditures – improper expensing of capital assets causes income to be understated and, therefore, reduces tax liability d. Returns and allowances and warranties - failure to disclose and accrue appropriate expenses and liabilities for potential product returns or warranty repairs e. Red flags associated with concealed liabilities and expenses i. Recurring negative cash flows from operations ii. Significant estimates that involve subjective judgments or uncertainties that are difficult to corroborate

Nonfinancial management’s excessive participation in the selection of accounting principles or the determination of significant estimates iv. Unusually high, or unusual increase in, gross margin v. Allowances for accounting estimates that are out of line with industry peers vi. Unusual decline in the number of days' purchases in accounts payable vii. Unusual reduction in accounts payable 4. Improper disclosures a. Liability omissions – generally include the failure to disclose loan covenants or contingent liabilities b. Subsequent events – events occurring after the close of the period may have a significant impact on the financial statements and should be disclosed c. Management fraud – disclosure is required of significant fraud committed by officers, executives, and others in positions of trust d. Related-party transactions – a company doing business with entities that can be controlled or significantly influenced by that company must disclose the relationship e. Accounting changes – FASB ASC 250, “Accounting Changes and Error Corrections,” requires disclosure of changes in: i. Accounting principles ii. Accounting estimates iii. Reporting entities f. Red flags associated with improper disclosures i. Dominating manager ii. Ineffective board of directors or audit committee oversight iii. Ineffective communication or enforcement of ethical values and standards iv. Rapid growth or unusual profitability v. Significant, unusual, or highly complex transactions vi. Significant related-party transactions vii. Significant bank accounts or branch operations in tax-haven jurisdictions viii. Overly complex organizational structure ix. Known history of violations of securities laws or other regulations x. Inappropriate accounting policy justified on the basis of materiality xi. Limiting auditor access to information during an audit 5. Improper asset valuations – Generally, assets should be recorded at their historical (acquisition) cost. a. Inventory valuation i. Lower of cost or market ii. Overstating inventory through fictitious (phantom) inventory iii.

b. Accounts receivable i. Fictitious accounts receivable ii. Failure to write down c. Business combinations – Fraud-related issues include: i. Temptation to over-allocate the purchase price to in-process research and development assets, to write them off immediately ii. Establish excessive reserves with the intention to release them into earnings at a future date d. Fixed assets i. Booking fictitious assets – by creating false documents or recording equipment that is leased as owned ii. Misrepresenting asset value – fixed assets should be recorded at their historical (acquisition) cost iii. Improperly capitalizing inventory and start-up costs • Capitalizing non-asset costs – interest and finance charges should be excluded from the cost of an asset • Misclassifying assets – can skew financial ratios to comply with loan requirements e. Red flags associated with improper asset valuation i. Recurring negative cash flows from operations ii. Significant declines in customer demand iii. Significant estimates that involve subjective judgments or uncertainties that are difficult to corroborate iv. Nonfinancial management’s excessive participation in the selection of accounting principles or the determination of significant estimates v. Unusually high, or unusual increase in, gross margin vi. Unusual growth in the number of days' sales in receivables vii. Unusual growth in the number of days' purchases in inventory viii. Allowances for accounting estimates that are out of line with industry peers ix. Unusual change in the relationship between fixed assets and depreciation i. Unusual increase in assets II. Detection of Fraudulent Financial Statement Schemes A. SAS No. 99 (AU 316) – “Consideration of Fraud in a Financial Statement Audit” 1. Description and characteristics of fraud a. Misstatements arising from fraudulent financial reporting i. Manipulation or alteration of accounting records ii. Misrepresentations or intentional omissions iii. Intentional misapplication of accounting principles b. Misstatements arising from misappropriation of assets – theft or defalcation

2. Importance of exercising professional skepticism – SAS No. 1 (AU 110), “Responsibilities and Functions of the Independent Auditor,” includes exercising professional skepticism as part of due professional care. 3. Discussion among engagement personnel regarding risk of material misstatement due to fraud 4. Obtaining information needed to identify risks of material misstatement due to fraud a. Making inquiries of management and others within the entity b. Considering the results of analytical procedures c. Considering fraud risk factors d. Considering other information 5. Identifying risks that may result in material misstatement due to fraud a. Type b. Significance c. Likelihood d. Pervasiveness 6. Assessing the identified risks after taking into account an evaluation of the entity’s programs and controls 7. Responding to the results of the assessment a. Overall responses to the risk of material misstatement i. Assignment of personnel and supervision ii. Consider selection and application of accounting principles iii. Incorporate an element of unpredictability in auditing procedures b. Responses involving the nature, timing, and extent of procedures to be performed to address the identified risks i. Substantive tests ii. Tests of the operating effectiveness of the entity's programs and controls c. Responses to further address risk of management override of controls d. Examining journal entries and other adjustments for evidence of possible material misstatement due to fraud e. Reviewing accounting estimates for biases that could result in material misstatement due to fraud f. Evaluating the business rationale for significant, unusual transactions 8. Evaluating audit evidence a. Assessing risks of material misstatement due to fraud throughout the audit i. Discrepancies in the accounting records ii. Conflicting or missing evidential matter iii. Problems experienced by the auditors during the audit b. Evaluating whether analytical procedures indicate a previously unrecognized risk of fraud – unusual or unexpected relationships should be considered c. Evaluating risks of material misstatement at or near the completion of fieldwork – to assess whether further audit procedures are needed d. Responding to misstatements that may be the result of fraud

i. Attempt to obtain additional evidence ii. Consider the implications for other aspects of the audit iii. Discuss the matter with an appropriate level of management iv. If appropriate, recommend the client consult with legal counsel 9. Communicating about possible fraud to management, the audit committee, and others 10. Documenting the auditor’s consideration of fraud B. Percentage analysis – vertical and horizontal 1. Vertical analysis – analyzes the relationships between the items on each of the financial statements by expressing the components as percentages of a specific base item 2. Horizontal analysis – analyzes the percentage change in individual financial statement items from one year to the next 3. Financial ratios – measures the relationship between two different financial statement amounts a. Current ratio =

b. Quick ratio =

c. Receivable turnover =

d. Collection ratio =

e. Inventory turnover =

f. Average days inventory in stock =

g. Debt to equity =

h. Profit margin =

Asset turnover =

D. Deterrence of financial statement fraud incorporates the principles of the fraud triangle. 1. Reduce pressures to commit financial statement fraud 2. Reduce the opportunity to commit financial statement fraud 3. Reduce rationalization of financial statement fraud

Instructor's Manual for PRINCIPLES OF FRAUD EXAMINATION Lecture Outline Chapter 13—Fraud Risk Assessment I. Overview A. What is fraud risk? 1. The vulnerability an organization has to overcoming the interrelated elements that enable someone to commit fraud. a. Non-sharable financial need b. Opportunity c. Ability to rationalize 2. Sources of fraud risk a. Internal b. External B. Why should an organization be concerned about fraud risk? 1. No organization is immune to fraud risk. 2. One key to reducing vulnerability to fraud risk is being aware and realistic about the organization’s weaknesses. C. Factors that influence fraud risk 1. Nature of the business 2. Operating environment 3. Effectiveness of internal controls 4. Ethics and values of the company and the people within it II. What is a fraud risk assessment? A. Definition—A process aimed at proactively identifying and addressing an organization’s vulnerabilities to internal and external fraud B. Objective—To help an organization recognize what makes it most vulnerable to fraud so that it can take proactive measures to reduce its exposure III. Why should organizations conduct fraud risk assessments? A. Improve communication about and awareness of fraud B. Identify what activities are the most vulnerable to fraud C. Know who puts the organization at the greatest risk of fraud D. Develop plans to mitigate fraud risk E. Develop techniques to determine if fraud has occurred in high-risk areas F. Assess internal controls 1. Controls eliminated during restructuring 2. Controls eroded over time 3. Lack of controls in a vulnerable area 4. Nonperformance of control procedures 5. Inherent limitations of controls G. Comply with regulations and professional standards 1. PCAOB Auditing Standard No. 5, An Audit of Internal Control Over Financial Reporting That Is Integrated with An Audit of Financial Statements

IV. What makes a good fraud risk assessment? A. Collaborative effort of management and auditors 1. Expertise and influence of management a. Day-to-day business operations b. Assessing business risk and implementing organizational controls c. Culture and ethical atmosphere 2. Expertise and influence of auditors a. Risk identification and assessment b. Evaluating internal controls B. The right sponsor 1. Respected, senior-level person 2. Objective and open-minded C. Independence and objectivity of the people leading and conducting the work 1. Mindfulness of biases 2. Cultural neutrality D. A good working knowledge of the business E. Access to people at all levels of the organization F. Engendered trust G. The ability to think the unthinkable H. A plan to keep it alive and relevant V. Considerations for developing an effective fraud risk assessment A. Packaging it right 1. Tailor the communication approach to the organization. 2. Be mindful of terminology used. B. One size does not fit all 1. Adapt the framework to the business model, culture, and language of the organization. C. Keeping it simple 1. Focus on areas that are most at risk for fraud. VI. Preparing the company for the fraud risk assessment A. Assembling the right team to lead and conduct the fraud risk assessment 1. Accounting and finance personnel 2. Personnel who have knowledge of day-to-day operations 3. Risk management personnel 4. General counsel or other members of the legal department 5. Members of ethics or compliance functions 6. Internal auditors 7. External consultants with fraud and risk expertise 8. Business leaders charged with fraud risk management efforts B. Determining the best techniques to use in conducting the fraud risk assessment 1. Interviews 2. Focus groups 3. Surveys

4. Anonymous feedback mechanisms C. Obtaining the sponsor’s agreement on the work to be performed 1. Scope 2. Methods 3. Participants 4. Form of output D. Educating the organization and openly promoting the process VII. Executing the fraud risk assessment A. Identifying potential inherent fraud risks 1. Incentives, pressures, and opportunities to commit fraud a. Position b. Incentives c. Performance pressures d. Weak internal controls e. Highly complex business transactions f. Collusion opportunities 2. Risk of management’s override of controls a. Management knows the controls and standard operating procedures in place to prevent fraud. b. Knowledge of controls can be used to conceal fraud. 3. Population of fraud risks a. Fraudulent financial reporting b. Asset misappropriation c. Corruption 4. Regulatory and legal misconduct 5. Reputation risk 6. Risk to information technology B. Assessing the likelihood of occurrence of identified fraud risks 1. Past instances of a particular fraud 2. Prevalence of fraud in the industry 3. Internal control environment 4. Available resources 5. Support of management 6. Ethical standards 7. Transaction volume 8. Complexity of the fraud risk 9. Unexplained losses 10. Complaints by customers or vendors C. Assessing the significance to the organization of the fraud risks 1. Financial statement and monetary significance 2. Financial condition of the organization 3. Value of the threatened assets 4. Criticality of the threatened assets 5. Revenue generated by the threatened assets 6. Significance to the organization’s operations, brand value, and reputation 7. Criminal, civil, and regulatory liabilities

D. Evaluating which people and departments are most likely to commit fraud and identifying the methods they are likely to use E. Identifying and mapping existing preventive and detective controls to the relevant fraud risks 1. Preventive controls 2. Detective controls F. Evaluating whether the identified controls are operating effectively and efficiently 1. Review accounting policies and procedures. 2. Consider risk of management’s override of controls. 3. Interview management and employees. 4. Observe control activities. 5. Perform sample testing of controls compliance. 6. Review previous audit reports. 7. Review previous reports on fraud incidents, shrinkage, and unexplained shortages. G. Identifying and evaluating residual fraud risks resulting from ineffective or nonexistent controls 1. Lack of appropriate prevention and detection controls 2. Noncompliance with established prevention and control measures VIII. Addressing the identified fraud risks A. Establishing an acceptable level of risk B. Responding to residual fraud risks 1. Avoid the risk; for example, by eliminating an asset or exiting an activity. 2. Transfer the risk; for example, by purchasing fidelity insurance or a fidelity bond. 3. Mitigate the risk; for example, by implementing countermeasures such as prevention and detection controls. 4. Assume the risk. 5. Combine some of the above approaches. IX. Reporting the results of the fraud risk assessment A. Considerations when reporting the assessment results 1. Report objective—not subjective—results. 2. Keep it simple. 3. Focus on what really matters. 4. Identify actions that are clear and measurable. X. Making an impact with the fraud risk assessment A. Begin a dialog across the company to promote awareness, education, and action planning aimed at reducing the risk of fraud. B. Look for fraud in high-risk areas. C. Hold responsible parties accountable for progress. D. Keep the assessment alive and relevant. XI. The fraud risk assessment and the audit process A. Auditors should validate that the organization is managing the moderate-to-high fraud risks identified.

1. Design and perform tests to evaluate whether controls are operating effectively and efficiently. 2. Identify whether there is a moderate-to-high risk of management override of internal controls. 3. Develop and deliver reports that incorporate the results of validation and testing of controls.

Instructor’s Manual for PRINCIPLES OF FRAUD EXAMINATION Lecture Outline Chapter 14 – Conducting Investigations and Writing Reports

I. When Is an Investigation Necessary? – Internal investigations can arise from a number of circumstances, including determining the source of and losses from an alleged fraud, complying with federal statutes, and mitigating the company’s liability related to employee misconduct. 1. Officers and directors of companies are bound by duties of loyalty and reasonable care in overseeing the operations of their companies. 2. Companies may have to conduct internal investigations before they can dismiss an employee who has committed fraud or violated company rules and policies. 3. A company’s managers may find that the best way to fulfill legal duties and requirements is to conduct an internal investigation of known or suspected misconduct. II. Planning the Investigation – Once the decision has been made to pursue an investigation, it is important to consider how the company can carry out the investigation in the most efficient, effective manner. A. Selecting the Investigation Team – team should be limited to only those persons who are vital to the fraud examination process. 1. Typical investigation team may include certified fraud examiners, legal counsel, internal auditors, human resources personnel, and management representatives. B. Certified Fraud Examiners – CFEs are trained to conduct complex fraud examinations from inception to conclusion. C. Legal Counsel – crucial to have counsel involved in “directing” the investigation. D. Internal Auditors – internal auditors are often used to review internal documentary evidence. E. IT and Computer Forensics Experts – computer forensics professionals are used to capture and analyze digital data. F. Human Resources Personnel/Management Representative – advice from a human resources specialist or management representative might be needed. III. Developing Evidence – The investigation process gathers evidence to prove or disprove the allegations of fraud. Investigative techniques include: A. Covert Operations – the investigator assumes a fictitious identity to gather evidence. B. Pretexting – obtaining information through some sort of falsehood or deception. C. Using Informants – can be used successfully in private investigations if handled properly.

D. Subpoenas – call for the production of documents and records. E. Search Warrants – used when a law enforcement officer believes certain records have been used in the commission of a crime. F. Voluntary Consent – is often the simplest means to obtain documentation, and the preferred method in many fraud examinations. IV. Preserving Documentary Evidence – The investigator must take care to properly preserve the evidence to ensure its admissibility in a court of law. A. Chain of Custody – a record must be made when the evidence is received or when it leaves the care, custody, or control of the fraud examiner. 1. A memorandum of interview should state: a) What items were received b) When they were received c) From whom they were received d) Where they are maintained B. Preserving the Document – the examiner should never write or mark on the original document other than his unobtrusive initials for identification. 1. Photocopies and laser-printed documents should always be stored in paper folders or envelopes. 2. If fingerprint examinations are anticipated, gloves should be used to handle the documents. V. Organizing Documentary Evidence – Documents obtained must be properly organized early on in an investigation, and they should continuously be reorganized. Good organization includes: 1. Segregating documents by either witness or transaction 2. Making a “key document” file for easy access to the most relevant documents 3. Establishing a database of a large amount of information early on in the case A. Chronologies – a chronology of events should be commenced early in the case in order to establish the chain of events leading to the proof. B. To-Do Lists – the list should be kept in a manner which allows a cumulative record of investigation tasks. C. Using Computer Software to Organize Documents and other Data – investigators can establish a database in which to store pertinent information about the case and the documents that have been assembled. VI. Sources of Information – A variety of information sources is available to the fraud examiner to assist in locating individuals, researching assets, discovering creditor relationships, and uncovering litigation history. A. In-House Sources – investigators can learn a great deal about a subject by examining records of his employing organization, if they can gain access to those records.

B. Public Information – records that a governmental unit is required by law to keep to discharge its duties imposed by law. 1. Voter registration and marriage license records 2. Real property records – if an individual buys or sells a house or piece of property, or becomes subject to a state or federal lien, the transaction will be reflected in the county real property indexes. 3. Property tax records 4. Health and fire departments 5. Utility company records 6. Permits – will be on file with local building authority if a business/individual constructs a new building. C. State Records 1. Business filings – the law requires the filing of documents of business ownership to conduct business in a name other than one’s own 2. Articles of incorporation – corporations are formed by filing articles of incorporation with the Secretary of State in the state where the company does business. These records are public. 3. Fictitious names/DBA registrations – DBA information for proprietorships or partnerships is usually filed at the county level, but some states require filing at the state level also 4. Uniform Commercial Code filings – can disclose when/where a person obtained a personal loan and the type of property that he or she pledged to secure the loan 5. Workers’ compensation information – documents that show the date of the incident, the employer at the time, type of injury, and the job-related disability 6. State tax filings – Licenses and applications for permits may reveal hidden assets or investments 7. Professional associations and licensing boards – maintain records identifying individuals holding special licenses or memberships 8. Litigation history – files on all active and closed lawsuits are maintained by court clerks 9. Bankruptcy records – bankruptcy documents are usually located in the federal bankruptcy court for the district where the debtor resided 10. The Internet – provides access to a wealth of information; however, investigators should remember that much of the information on public websites is questionable VII. Report Writing – Fraud examinations usually conclude with a formal written report of the investigation results.

A. Purpose of the Report – A good investigation report must be accurate and understandable so that others may know what transpired without having to talk to the report’s author. It should: 1. Convey evidence 2. Add credibility 3. Accomplish objectives of case B. Know the Reader – the investigator must identify the expected reader to ensure the report appears professional and achieves its purpose. The report should: 1. State only the facts 2. Not contain errors 3. Have a follow-up section C. Format – Using a standard report format will reduce the amount of time spent writing a report, while ensuring that all significant information is included. A standard report should include the following sections: 1. Author/date 2. Summary – should set out the main points of the report in a few sentences and include the findings and outcome of the investigation 3. Introduction/purpose – should give more detail on what the report is about and prepare the reader for what is to come 4. Body – identifies the employee(s) and other individuals implicated/involved in the matter 5. Results – this section may include only a sentence or two, or be supplemented with spreadsheets or graphics 6. Follow-up/recommendation – identifies any investigation procedures that remain outstanding, and makes any recommendations related to procedures and controls D. Opinions or Conclusions in Report – no opinions of any kind should be included in the written report, other than on technical matters

Instructor's Manual for PRINCIPLES OF FRAUD EXAMINATION Lecture Outline Chapter 15 – Interviewing Witnesses Interviewing Witnesses – the process of asking questions of individuals who might have information to resolve allegations of wrongdoing. A. Introductory Questions 1. Provide the introduction a. avoid using titles b. create a comfortable atmosphere 2. Establish rapport – e.g., engage in small talk to break the ice 3. Establish the interview theme – the goal is to motivate the subject to assist in the interview 4. Observe reactions a. Establish a baseline by first posing nonsensitive questions b. Attempt to determine the cause of any changes in reactions when sensitive questions are asked 5. General rules for the introductory phase of the interview a. Don’t interview more than one person (at the same time) b. Privacy – conduct the interview out of the sight and sound of others c. Ask nonsensitive questions d. Get a commitment for assistance e. Make a transitional statement – to describe the purpose of the interview f. Seek continuous agreement g. Do not promise confidentiality h. Negotiations – listen to what the subject may want, but don't negotiate i. Discussing the source of allegations – do not discuss any allegations or from where the information originated B. Informational Questions – to gather unbiased factual information; these questions should be non-confrontational and non-threatening 1. Open questions – call for a monologue response 2. Closed questions – require a "yes" or "no" answer 3. Leading questions – ask the subject to confirm what is already known 4. Question sequences – proceed from the general to the specific 5. Informational question techniques TEACHING TIP "Informational Question Techniques" on page 347 provides a listing of suggested techniques to improve the interview process.

Commented [DT1]: Note to Editor: Please update this page number when correct page number is available.

6. Methodology a. Begin with background questions b. Observe verbal and nonverbal behavior c. Ask nonleading (open) questions d. Approach sensitive questions carefully 7. Dealing with difficult people a. Do not react b. Disarm the person c. Change tactics 8. Volatile interviews – have the potential to bring about strong emotional reactions in the interviewee. Suggested approaches include: a. Have two interviewers in the room b. Interview should be conducted on a surprise basis c. The order of questions should be out of sequence d. the questions should be phrased hypothetically D. Closing Questions 1. Reconfirming facts – generally, the use of leading questions is suggested 2. Gathering additional facts – the use of open questions provides the subject an opportunity to furnish other relevant facts or opinions 3. Concluding the interview a. Maintain goodwill b. Leave the door open to additional cooperation c. Invite the subject to contact you if he or she remembers other relevant information E. Assessment Questions – to establish the credibility of the respondent 1. Norming or calibrating – the process of observing behavior before asking critical questions 2. Physiology of deception – lying produces stress, and in order to relieve this stress, the body will exhibit certain behavioral quirks 3. Verbal clues to deception a. Changes in speech patterns i. speed ii. tone iii. pitch b. Repetition of the question – to gain more time to respond c. Comments regarding the interview – complaints about: i. physical environment ii. length of interview d. Selective memory e. Making excuses f. Oaths – to attempt to add credibility to their lies g. Character testimony – to add credibility to a false statement h. Answering with a question – rather than deny allegations outright i. Overuse of respect – when accused of wrongdoing, this reaction is unnatural j. Increasingly weaker denials – common reaction from a dishonest person

k. Failure to deny – qualifying the denial (e.g., to the best of my recollection or as far as I remember) l. Avoidance of emotive words – (e.g., “steal,” “lie,” “crime”) m. Refusal to implicate other suspects n. Tolerant attitudes – toward illegal or unethical conduct o. Reluctance to terminate interview p. Feigned unconcern 4. Nonverbal clues a. Full-body motions – change of posture, moving away from interviewer b. Anatomical physical responses i. increased heart rate ii. shallow or labored breathing iii. excessive perspiration c. Illustrators – motions made primarily with the hands d. Hands over the mouth e. Manipulators – displacement activities done to reduce nervousness f. Fleeing positions – lower portion of the body facing toward the door g. Crossing the arms – defensive reaction h. Reaction to evidence – feigned disinterest in the evidence i. Fake smiles – confined to the upper half of the mouth TEACHING TIP "Typical Attitudes Displayed by Respondents" on page presents a comparison of the demeanor of truthful versus untruthful interviewees. 5. Methodology – proceed from least to most sensitive questions F. Admission-Seeking Questions – designed to: • Clear an innocent person, or • Encourage the culpable person to confess 1. Presence of outsiders a. May present legal problems in “broadcasting” allegations to a third party b. May make it more difficult to obtain a confession 2. Miranda warnings – does not apply to private employers’ investigations 3. Theme development – offers a morally acceptable reason for the confessor’s behavior 4. Steps in the admission-seeking interview a. Direct accusation i. should be phrased as a statement, not a question ii. avoid emotive words, such as “steal,” “fraud,” and “crime” iii. should be phrased as though the guilt of the accused has already been established b. Observe reaction – a guilty person will react with silence or a weak denial c. Repeat accusation

d. Interrupt denials – It is difficult for the accused to change a denial because he or she would be admitting to lying. Therefore, by preventing an outright denial, it makes it easier for the accused to confess. This may be accomplished through: i. Delays ii. Interruptions iii. Reasoning e. Establish rationalization – This (morally acceptable) explanation allows the accused to justify the offense with his or her conscience. i. Unfair treatment ii. Inadequate recognition iii. Financial problems iv. Aberration of conduct v. Family problems vi. Accuser’s actions vii. Stress, drugs, alcohol viii. Revenge ix. Depersonalizing the victim x. Minor moral infraction xi. Altruism xii. Genuine need f. Diffuse alibis – Use of one of the following methods may be employed to convince the accused of the weight of the evidence against him or her. i. Display physical evidence ii. Discuss witnesses iii. Discuss deceptions iv. Present alternative – forces the accused to make a choice between a morally acceptable reason for the offense and one that offers no (good) excuse g. Benchmark admission i. A subconscious decision to confess ii. Reinforce rationalization h. Verbal confession – occurs when the accused furnishes detailed information about the misdeed. The following information should be obtained: i. The accused knew the conduct was wrong ii. Facts known only to perpetrator iii. Estimate of number of instances/amounts iv. Motive for offense v. When offense commenced vi. When/if offense was terminated vii. Others involved viii. Physical evidence ix. Disposition of proceeds x. Location of assets xi. Specifics of each offense

Taking a signed statement – has greater credibility than a verbal confession and should include a statement of: i. Voluntary confessions – no duress ii. Intent – intention to commit the act iii. Approximate dates of offense iv. Approximate amounts of losses v. Approximate number of instances vi. Willingness to cooperate vii. Excuse clause – confessor’s moral excuse should be mentioned viii. Have the confessor read the statement ix. Truthfulness of statement x. Preparing a signed statement • Should not be drafted by the confessor • A separate written statement for each offense • Instruct the confessor to read and sign the statement without delay

Instructor's Manual for PRINCIPLES OF FRAUD EXAMINATION Lecture Outline Chapter 16 – Occupational Fraud and Abuse: The Big Picture I.

Defining Abusive Conduct – any violation of the rules of an organization A. The problem of occupational fraud and abuse cannot be totally eliminated B. To reduce occupational fraud and abuse, standards should be clear and reasonable

II.

Measuring the Level of Occupational Fraud and Abuse – This is difficult because we only know about the frauds that are discovered and reported. A. The Human Factor – human failings that lead to a violation of trust 1. Greed – cannot be measured to predict fraudulent behavior 2. Wages in kind – the use of counterproductive behavior by employees to right what they perceive as workplace wrongs 3. Unreasonable expectations – e.g., to eliminate lying; rather than to attempt to prevent lies from escalating to fraud B. Minimizing occupational fraud and abuse 1. Establish adequate personnel screening procedures 2. Introduce anti-fraud training 3. Treat employees fairly

III.

Understanding Fraud Deterrence – the modification of behavior through the perception of negative consequences A. The impact of controls – only part of the answer to fraud deterrence B. The perception of detection – Increased perception of detection, whether real or imagined, will have a deterrent value. The following steps may help to increase the perception of detection: 1. Employee education – should be factual not accusatory 2. Proactive fraud policies 3. A higher stance – encourage open discussion about: a. possible control and administrative weaknesses b. suspicions of fraud c. "hidden" controls 4. Increased use of analytical review – smaller businesses benefit most from this technique 5. Surprise audits where feasible – more difficult to plan and execute but have a greater impact on the perception of detection 6. Adequate reporting programs – should emphasize these points: a. Fraud, waste, and abuse are common in most organizations b. The cost of fraud effects jobs, raises, and profits c. Employees are encouraged to report fraud

d. There are no penalties for providing good-faith information on fraudulent activity e. There is an exact number for reporting – such as a hotline i. Essential to a good reporting program ii. Some schemes would not be discovered by any other method iii. Tips are the most common way to detect fraud iv. Increases the perception of detection v. Helps comply, in part, with the federal Corporate Sentencing Guidelines for corporations f. A report does not have to be made by an employee to his or her immediate supervisor IV.

The Corporate Sentencing Guidelines A. Definition of corporate sentencing 1. Seeks to make punishments more uniform 2. Imposes stiff sanctions 3. Allows for a more lenient sentence if the company has actively tried to prevent fraud from occurring B. Vicarious or imputed liability – corporations may be held criminally liable for the acts of their employees if: 1. the acts are done in the course and scope of their employment, and 2. for the apparent purpose of benefiting the corporation C. Requirements – for "due diligence" NOTE: A "reasonableness" standard is used for setting, communicating and enforcing policies and procedures.

The Ethical Connection – ethics – “how you react to temptation when no one is looking" A. Moral philosophies 1. Imperative principle – advocates following the rules regardless of the consequences 2. Utilitarian principle – places the primary emphasis on the consequences of an action rather than on simply following the rules B. "Tone at the top" – management's example sends a stronger message to employees than any written ethics policy C. Written ethics policies – formal ethics policies are recommended for all organizations; may also be used as a mechanism for disciplinary action

VI.

Conclusion A. There are no new audit techniques to detect fraud B. Red flags of fraud may also be the result of incompetence C. Don't overreach your authority in an investigation of fraud D. Consider new approaches to fraud deterrence ( e.g., Model Organizational Fraud Deterrence Program)