CFE Fraud Prevention and Deterrence Flashcards by E R

According to the 2018 Report to the Nations, more frauds are uncovered by?

tips, internal audit, and management review

How well did you know this?

Not at all

Perfectly

Under the restrictions imposed by the Sarbanes-Oxley Act, all audit committee members must?

be members of the board of directors and must be “independent,” meaning they receive compensation only for their service on the board.

How well did you know this?

Not at all

Perfectly

Cressey’s Fraud Triangle teaches that there are three interrelated elements that enable someone to commit fraud:

the motive or pressure that drives a person to want to commit the fraud, the opportunity that enables him to commit the fraud, and the ability to rationalize the fraudulent behavior.

How well did you know this?

Not at all

Perfectly

According to the requirements of the Sarbanes-Oxley Act, which of the following parties is responsible for establishing procedures to handle complaints regarding irregularities in a publicly traded company’s accounting methods, internal controls, or auditing matters?

The Audit Committee.

How well did you know this?

Not at all

Perfectly

All occupational frauds fall into one of three major categories:

asset misappropriation, corruption, or financial statement fraud.

How well did you know this?

Not at all

Perfectly

According to the 2018 Report to the Nations, which of the three major categories of occupational fraud has the highest median loss?

Financial Statement Fraud

How well did you know this?

Not at all

Perfectly

The COSO/ACFE Fraud Risk Management Guide describes five broad principles of fraud risk management, one for each of the five interrelated components of internal control listed in COSO’s Internal Controls—Integrated Framework:

fraud risk governance
fraud risk assessment
fraud control activities
fraud investigation and corrective action-
fraud risk management monitoring activities.

How well did you know this?

Not at all

Perfectly

The two primary strategies to control corporate criminal behavior are:

Compliance and deterrence

How well did you know this?

Not at all

Perfectly

PCAOB AS 2201 provides guidance for auditors on:

Performing an audit of an entity’s internal controls over financial reporting

How well did you know this?

Not at all

Perfectly

AU Section 240 delineates two types of frauds that are relevant for audit purposes: those that involve intentional fraudulent financial reporting and those that involve the misappropriation of company assets.

True

How well did you know this?

Not at all

Perfectly

The theory of differential association was developed by criminologist Edwin Sutherland. It states that:

(1) criminal behavior is learned;
(2) it is learned from other people in a process of communication;
(3) criminal behavior is acquired through participation with intimate personal groups;
(4) the learning process includes the shaping of motives, drives, rationalizations, and attitudes;
(5) the directions of motives are learned from the favorable or unfavorable interpretations of applicable laws;
(6) a person becomes a criminal because of an excess of conclusions favorable to violation of the law over conclusions unfavorable to violation of the law;
(7) differential association may vary in frequency, duration, priority, and intensity;
(8) learning criminal behavior involves all the mechanisms of other learning;
(9) learning differs from pure imitation; and
(10) while criminal behavior is an expression of general needs and values, it is not explained by these needs and values.

How well did you know this?

Not at all

Perfectly

Organizational crime is that which is?

committed by businesses, particularly corporations, and the government. In contrast, occupational crime involves legal offenses committed by individuals in the course of their occupation. An antitrust offense, such as bid rigging or price fixing, would be an organizational crime; accepting or offering bribes is an occupational offense.

Organizational crime occurs in the context of complex relationships and expectations among boards of directors, executives, and managers on one hand, and among parent corporations, corporate divisions, and subsidiaries on the other.

How well did you know this?

Not at all

Perfectly

Compliance is designed to

achieve conformity to the law without having to detect, process, or penalize violators. Compliance systems provide economic incentives for voluntary compliance to the laws and use administrative efforts to control violations before they occur.

How well did you know this?

Not at all

Perfectly

deterrence is designed to

detect law violations, determine who is responsible, and penalize offenders to deter future violations. Deterrence systems try to control the immediate behavior of individuals, not the long-term behaviors targeted by compliance systems.

How well did you know this?

Not at all

Perfectly

“The corporate governance structure specifies the ?

distribution of rights and responsibilities among the different participants in the organisation—such as the board, managers, shareholders and other stakeholders—and lays down the rules and procedures for decision-making.”

How well did you know this?

Not at all

Perfectly

Information is material if

having knowledge of such information might reasonably be expected to influence a client’s or employer’s decisions based on a fraud examiner’s report.

How well did you know this?

Not at all

Perfectly

An entity’s corporate culture is most effectively assessed using a checklist of initiatives to make sure all the elements of a strong tone at the top are in place? T/F

False.

A strong corporate culture can most often be observed by its outcome, rather than by any individual component. Fostering a culture of ethics and compliance runs deeper than simply implementing a checklist of initiatives; similarly, a culture of corruption can exist even in companies with seemingly sound policies in place.

How well did you know this?

Not at all

Perfectly

The objective of anti-fraud controls is to

make the residual fraud risk significantly smaller than the inherent fraud risk.

How well did you know this?

Not at all

Perfectly

Government Auditing Standards, also known as the Yellow Book, apply to which of the following types of engagements?

Government Review Engagements, Government Performance Audits and Government Financial Audits.

The Sarbanes-Oxley Act contains two provisions that establish broad protections for corporate whistleblowers:

Section 806 of the Act creates a civil liability for an employer who, out of retaliation, fires, demotes, suspends, threatens, harasses, or discriminates against an employee who provided information or otherwise assisted in an investigation of fraudulent activity. Employees are also protected against retaliation for filing, testifying, participating, or otherwise assisting in a proceeding filed or about to be filed relating to an alleged violation of securities laws and regulations. It should be noted, however, that this provision only covers employees of publicly traded companies and therefore does not provide protection to all whistleblowers.
Section 1107 establishes criminal sanctions for anyone who intentionally retaliates against another party for providing information regarding an alleged federal offense to a law enforcement officer. Unlike the civil liability, the protection provided under Section 1107 applies to all individuals, regardless of where they work.

As a strategy to control crime, compliance is designed to

In its Internal Control—Integrated Framework, the Committee on Sponsoring Organizations (COSO) defines internal control as

“a process, effected by an entity’s board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives relating to operations, reporting, and compliance.”

The risk of the auditor not detecting a material misstatement resulting from employee fraud is greater than the risk of the auditor not detecting a material misstatement resulting from management fraud.

T/F

False

The risk of the auditor not detecting a material misstatement resulting from management fraud is greater than for employee fraud because management is frequently in a position to directly or indirectly manipulate accounting records, present fraudulent financial information, or override control procedures designed to prevent similar frauds by other employees.

According to PCAOB AS 2201, auditors should implement a?

a top-down approach in performing an audit of internal controls over financial reporting.

As stated in Paragraph 21, a top-down approach “begins at the financial statement level and with the auditor’s understanding of the overall risks to internal control over financial reporting. The auditor then focuses on entity-level controls and works down to significant accounts and disclosures and their relevant assertions.”

Under Section 404 of the Sarbanes-Oxley Act, public U.S. companies must issue an internal control report within their annual report containing:

- A statement of management's responsibility for establishing and maintaining adequate ICOFR - A statement identifying the framework used by management in performing the assessment of the effectiveness of ICOFR - Management's assessment of the effectiveness of the company's ICOFR - A statement that the independent auditor has issued an attestation report on the effectiveness of the company's ICOFR

COSO's Internal Control—Integrated Framework identified five interrelated components of internal control:

- control environment, - risk assessment - control activities, - information and communication, and - monitoring.

The National Commission on Fraudulent Financial Reporting (commonly known as the Treadway Commission) was established in 1985 with the purpose of?

defining the responsibility of the auditor in preventing and detecting fraud.

Most systems of corporate governance are focused on several core principles or values, which include:

- Accountability - Transparency - Fairness - Responsibility

The following are the five principles provided in the Fraud Risk Management Guide:

- Fraud risk governance - Fraud risk assessment - Fraud control activities - Fraud investigation and corrective action - Fraud risk management monitoring activities

Most experts agree that it is much easier to prevent fraud than to detect it. t/f

True

In Cressey’s view, there were two components of the perceived opportunity to commit a trust violation:

general information and technical skill.

According to PCAOB AS 2201, the auditor should test?

both the design and operating effectiveness of the company’s internal controls over financial reporting (ICOFR) Additionally, the auditor must specifically evaluate (1) the controls enacted to address the risk of management override of other controls and (2) whether the company’s internal controls adequately address the risk of material misstatement due to fraud.

According to PCAOB AS 2201, the controls evaluated should include?

* Controls over significant unusual transactions * Controls over journal entries and adjustments made during the end of the period financial reporting process * Controls over related-party transactions * Controls related to significant management estimates * Controls that mitigate the motivations for, and pressures on, management to engage in inappropriate earnings management and financial statement fraud

The following 12 components are necessary to develop, implement, and manage a comprehensive ethics program

* Focus on ethical leadership * Vision statement * Values statement * Code of ethics * Designated ethics official * Ethics task force or committee * Ethics communication strategy * Ethics training * Ethics help and fraud report telephone line * Ethical behavior rewards and sanctions * Comprehensive system to monitor and track ethics data * Periodic evaluation of ethics efforts and data

In response to a risk identified during a fraud risk assessment, management decides to purchase a bond to help protect the company against the associated risk of loss. This response is known as:

Transferring the risk.

The Sarbanes-Oxley Act requires all public U.S. companies to adopt a code of ethics for senior financial officers.

False - they suggest the adoption of a code of ethics.

In white-collar crime cases, the higher an offender's status, the more likely that person is to be imprisoned.

True

Monitoring is the process that assesses the?

effectiveness of a control system over time. This component of COSO’s Internal Control—Integrated Framework should include both ongoing evaluations and periodic, separate evaluations, the findings of which should be evaluated against predefined criteria. The following are the Framework principles supporting this component:

COSO’s Enterprise Risk Management—Integrating with Strategy and Performance is composed of a set of principles organized into five interrelated components and twenty supporting principles that are based on a holistic view of an organization's risk portfolio. The five components of the ERM Framework are:

- Governance and culture - Strategy and objective setting - Performance - Review and revision - Information, communication, and reporting

Risk management involves?

the identification, prioritization, treatment, and monitoring of risks that threaten an organization’s ability to provide value to its stakeholders, whether increasing profitability and shareholder value for a for-profit entity or achieving program-specific goals for a nonprofit or governmental agency

The U.S. Corporate Sentencing Guidelines require that

a compliance and ethics program be reasonably designed, implemented, and enforced so that it is generally effective in preventing and detecting criminal conduct. However, they also provide that the failure to prevent or detect the offense in question does not necessarily mean that the program is ineffective.

According to a study conducted by Dr. Steve Albrecht, occupational crime perpetrators who were interested primarily in "beating the system" committed larger frauds than those who believed their pay was not adequate.

True

What is the most effective method of preventing fraud?

Perception of detection

Research shows that ____ is the determinant aspect of white-collar crime.

organizational opportunity

According to PCAOB AS 2201, the external auditor should integrate the audit of the company's internal controls over financial reporting (ICOFR) with the audit of the company's financial statements.

True

The purpose of corporate governance is to:

Encourage the efficient use of resources and require accountability for the stewardship of those resources.