CFE Fraud Prevention and Deterrence

Question 1

According to the 2018 Report to the Nations, more frauds are uncovered by?

Answer 1

tips, internal audit, and management review

Question 2

Under the restrictions imposed by the Sarbanes-Oxley Act, all audit committee members must?

Answer 2

be members of the board of directors and must be “independent,” meaning they receive compensation only for their service on the board.

Question 3

Cressey’s Fraud Triangle teaches that there are three interrelated elements that enable someone to commit fraud:

Answer 3

the motive or pressure that drives a person to want to commit the fraud, the opportunity that enables him to commit the fraud, and the ability to rationalize the fraudulent behavior.

Question 4

According to the requirements of the Sarbanes-Oxley Act, which of the following parties is responsible for establishing procedures to handle complaints regarding irregularities in a publicly traded company’s accounting methods, internal controls, or auditing matters?

Answer 4

The Audit Committee.

Question 5

All occupational frauds fall into one of three major categories:

Answer 5

asset misappropriation, corruption, or financial statement fraud.

Question 6

According to the 2018 Report to the Nations, which of the three major categories of occupational fraud has the highest median loss?

Answer 6

Financial Statement Fraud

Question 7

The COSO/ACFE Fraud Risk Management Guide describes five broad principles of fraud risk management, one for each of the five interrelated components of internal control listed in COSO’s Internal Controls—Integrated Framework:

Answer 7

• fraud risk governance
• fraud risk assessment
• fraud control activities
• fraud investigation and corrective action-
• fraud risk management monitoring activities.

Question 8

The two primary strategies to control corporate criminal behavior are:

Answer 8

Compliance and deterrence

Question 9

PCAOB AS 2201 provides guidance for auditors on:

Answer 9

Performing an audit of an entity’s internal controls over financial reporting

Question 10

AU Section 240 delineates two types of frauds that are relevant for audit purposes: those that involve intentional fraudulent financial reporting and those that involve the misappropriation of company assets.

Answer 10

True

Question 11

The theory of differential association was developed by criminologist Edwin Sutherland. It states that:

Answer 11

(1) criminal behavior is learned;
(2) it is learned from other people in a process of communication;
(3) criminal behavior is acquired through participation with intimate personal groups;
(4) the learning process includes the shaping of motives, drives, rationalizations, and attitudes;
(5) the directions of motives are learned from the favorable or unfavorable interpretations of applicable laws;
(6) a person becomes a criminal because of an excess of conclusions favorable to violation of the law over conclusions unfavorable to violation of the law;
(7) differential association may vary in frequency, duration, priority, and intensity;
(8) learning criminal behavior involves all the mechanisms of other learning;
(9) learning differs from pure imitation; and
(10) while criminal behavior is an expression of general needs and values, it is not explained by these needs and values.

Question 12

Organizational crime is that which is?

Answer 12

committed by businesses, particularly corporations, and the government. In contrast, occupational crime involves legal offenses committed by individuals in the course of their occupation. An antitrust offense, such as bid rigging or price fixing, would be an organizational crime; accepting or offering bribes is an occupational offense.

Organizational crime occurs in the context of complex relationships and expectations among boards of directors, executives, and managers on one hand, and among parent corporations, corporate divisions, and subsidiaries on the other.

Question 13

Compliance is designed to

Answer 13

achieve conformity to the law without having to detect, process, or penalize violators. Compliance systems provide economic incentives for voluntary compliance to the laws and use administrative efforts to control violations before they occur.

Question 14

deterrence is designed to

Answer 14

detect law violations, determine who is responsible, and penalize offenders to deter future violations. Deterrence systems try to control the immediate behavior of individuals, not the long-term behaviors targeted by compliance systems.

Question 15

“The corporate governance structure specifies the ?

Answer 15

distribution of rights and responsibilities among the different participants in the organisation—such as the board, managers, shareholders and other stakeholders—and lays down the rules and procedures for decision-making.”

Question 16

Information is material if

Answer 16

having knowledge of such information might reasonably be expected to influence a client’s or employer’s decisions based on a fraud examiner’s report.

Question 17

An entity’s corporate culture is most effectively assessed using a checklist of initiatives to make sure all the elements of a strong tone at the top are in place? T/F

Answer 17

False.

A strong corporate culture can most often be observed by its outcome, rather than by any individual component. Fostering a culture of ethics and compliance runs deeper than simply implementing a checklist of initiatives; similarly, a culture of corruption can exist even in companies with seemingly sound policies in place.

Question 18

The objective of anti-fraud controls is to

Answer 18

make the residual fraud risk significantly smaller than the inherent fraud risk.

Question 19

Government Auditing Standards, also known as the Yellow Book, apply to which of the following types of engagements?

Answer 19

Government Review Engagements, Government Performance Audits and Government Financial Audits.

Question 20

The Sarbanes-Oxley Act contains two provisions that establish broad protections for corporate whistleblowers:

Answer 20

• Section 806 of the Act creates a civil liability for an employer who, out of retaliation, fires, demotes, suspends, threatens, harasses, or discriminates against an employee who provided information or otherwise assisted in an investigation of fraudulent activity. Employees are also protected against retaliation for filing, testifying, participating, or otherwise assisting in a proceeding filed or about to be filed relating to an alleged violation of securities laws and regulations. It should be noted, however, that this provision only covers employees of publicly traded companies and therefore does not provide protection to all whistleblowers.
• Section 1107 establishes criminal sanctions for anyone who intentionally retaliates against another party for providing information regarding an alleged federal offense to a law enforcement officer. Unlike the civil liability, the protection provided under Section 1107 applies to all individuals, regardless of where they work.

Question 21

As a strategy to control crime, compliance is designed to

Answer 21

achieve conformity to the law without having to detect, process, or penalize violators. Compliance systems provide economic incentives for voluntary compliance to the laws and use administrative efforts to control violations before they occur.

Question 22

In its Internal Control—Integrated Framework, the Committee on Sponsoring Organizations (COSO) defines internal control as

Answer 22

“a process, effected by an entity’s board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives relating to operations, reporting, and compliance.”

Question 23

The risk of the auditor not detecting a material misstatement resulting from employee fraud is greater than the risk of the auditor not detecting a material misstatement resulting from management fraud.

T/F

Answer 23

False

The risk of the auditor not detecting a material misstatement resulting from management fraud is greater than for employee fraud because management is frequently in a position to directly or indirectly manipulate accounting records, present fraudulent financial information, or override control procedures designed to prevent similar frauds by other employees.

Question 24

According to PCAOB AS 2201, auditors should implement a?

Answer 24

a top-down approach in performing an audit of internal controls over financial reporting.

As stated in Paragraph 21, a top-down approach “begins at the financial statement level and with the auditor’s understanding of the overall risks to internal control over financial reporting. The auditor then focuses on entity-level controls and works down to significant accounts and disclosures and their relevant assertions.”

Question 25

Under Section 404 of the Sarbanes-Oxley Act, public U.S. companies must issue an internal control report within their annual report containing:

Answer 25

• A statement of management’s responsibility for establishing and maintaining adequate ICOFR
• A statement identifying the framework used by management in performing the assessment of the effectiveness of ICOFR
• Management’s assessment of the effectiveness of the company’s ICOFR
• A statement that the independent auditor has issued an attestation report on the effectiveness of the company’s ICOFR

Question 26

COSO’s Internal Control—Integrated Framework identified five interrelated components of internal control:

Answer 26

• control environment,
• risk assessment
• control activities,
• information and communication, and
• monitoring.

Question 27

The National Commission on Fraudulent Financial Reporting (commonly known as the Treadway Commission) was established in 1985 with the purpose of?

Answer 27

defining the responsibility of the auditor in preventing and detecting fraud.

Question 28

Most systems of corporate governance are focused on several core principles or values, which include:

Answer 28

• Accountability
• Transparency
• Fairness
• Responsibility

Question 29

The following are the five principles provided in the Fraud Risk Management Guide:

Answer 29

• Fraud risk governance
• Fraud risk assessment
• Fraud control activities
• Fraud investigation and corrective action
• Fraud risk management monitoring activities

Question 30

Most experts agree that it is much easier to prevent fraud than to detect it. t/f

Answer 30

True

Question 31

In Cressey’s view, there were two components of the perceived opportunity to commit a trust violation:

Answer 31

general information and technical skill.

Question 32

According to PCAOB AS 2201, the auditor should test?

Answer 32

both the design and operating effectiveness of the company’s internal controls over financial reporting (ICOFR)

Additionally, the auditor must specifically evaluate (1) the controls enacted to address the risk of management override of other controls and (2) whether the company’s internal controls adequately address the risk of material misstatement due to fraud.

Question 33

According to PCAOB AS 2201, the controls evaluated should include?

Answer 33

• Controls over significant unusual transactions
• Controls over journal entries and adjustments made during the end of the period financial reporting process
• Controls over related-party transactions
• Controls related to significant management estimates
• Controls that mitigate the motivations for, and pressures on, management to engage in inappropriate earnings management and financial statement fraud

Question 34

The following 12 components are necessary to develop, implement, and manage a comprehensive ethics program

Answer 34

• Focus on ethical leadership
• Vision statement
• Values statement
• Code of ethics
• Designated ethics official
• Ethics task force or committee
• Ethics communication strategy
• Ethics training
• Ethics help and fraud report telephone line
• Ethical behavior rewards and sanctions
• Comprehensive system to monitor and track ethics data
• Periodic evaluation of ethics efforts and data

Question 35

In response to a risk identified during a fraud risk assessment, management decides to purchase a bond to help protect the company against the associated risk of loss. This response is known as:

Answer 35

Transferring the risk.

Question 36

The Sarbanes-Oxley Act requires all public U.S. companies to adopt a code of ethics for senior financial officers.

Answer 36

False - they suggest the adoption of a code of ethics.

Question 37

In white-collar crime cases, the higher an offender’s status, the more likely that person is to be imprisoned.

Answer 37

True

Question 38

Monitoring is the process that assesses the?

Answer 38

effectiveness of a control system over time.

This component of COSO’s Internal Control—Integrated Framework should include both ongoing evaluations and periodic, separate evaluations, the findings of which should be evaluated against predefined criteria. The following are the Framework principles supporting this component:

Question 39

COSO’s Enterprise Risk Management—Integrating with Strategy and Performance is composed of a set of principles organized into five interrelated components and twenty supporting principles that are based on a holistic view of an organization’s risk portfolio. The five components of the ERM Framework are:

Answer 39

• Governance and culture
• Strategy and objective setting
• Performance
• Review and revision
• Information, communication, and reporting

Question 40

Risk management involves?

Answer 40

the identification, prioritization, treatment, and monitoring of risks that threaten an organization’s ability to provide value to its stakeholders, whether increasing profitability and shareholder value for a for-profit entity or achieving program-specific goals for a nonprofit or governmental agency

Question 41

The U.S. Corporate Sentencing Guidelines require that

Answer 41

a compliance and ethics program be reasonably designed, implemented, and enforced so that it is generally effective in preventing and detecting criminal conduct.

However, they also provide that the failure to prevent or detect the offense in question does not necessarily mean that the program is ineffective.

Question 42

According to a study conducted by Dr. Steve Albrecht, occupational crime perpetrators who were interested primarily in “beating the system” committed larger frauds than those who believed their pay was not adequate.

Answer 42

True

Question 43

What is the most effective method of preventing fraud?

Answer 43

Perception of detection

Question 44

Research shows that ____ is the determinant aspect of white-collar crime.

Answer 44

organizational opportunity

Question 45

According to PCAOB AS 2201, the external auditor should integrate the audit of the company’s internal controls over financial reporting (ICOFR) with the audit of the company’s financial statements.

Answer 45

True

Question 46

The purpose of corporate governance is to:

Answer 46

Encourage the efficient use of resources and require accountability for the stewardship of those resources.