Exam 4 Flashcards by Collin Eads

Unauthorized activity, theft, or fraud carried out by a 3rd party outside the institution through fraudulent behavior.

External fraud

How well did you know this?

Not at all

Perfectly

Threatens any company for one reason: its impossible to conduct business without interacting with outsiders.

External fraud

How well did you know this?

Not at all

Perfectly

What are the 3 sources of external fraud?

customers
vendors
unrelated third parties

How well did you know this?

Not at all

Perfectly

What do external parties look for in companies to commit fraud?

Data and R&D

How well did you know this?

Not at all

Perfectly

Easy to produce, small business does not have time and resources to scrutinize, and may include an individual who is an expert (paperhanger).

Counterfeit checks (Check fraud)

How well did you know this?

Not at all

Perfectly

Victim offers something for sale on the internet, typically big ticket item, fraudster contracts victim to buy, sends counterfeit check, changes mind, then asks for refund (check was never real).

E-commerce check scams

How well did you know this?

Not at all

Perfectly

True or false.
Most of the world still uses a significant amount of personal checks.

False.
The United States is the only country.

How well did you know this?

Not at all

Perfectly

What are 3 ways to prevent and detect check fraud?

No check policy
Request ID
Educate employees

How well did you know this?

Not at all

Perfectly

The misuse of a credit card to make purchases without authorization or counterfeiting a credit card. May include stolen card numbers.

Credit card fraud

How well did you know this?

Not at all

Perfectly

Cards made using the appropriately sized plastic with embroised account numbers and names.

Counterfeit cards

How well did you know this?

Not at all

Perfectly

What are 3 ways to prevent and detect credit card fraud?

Educate employees
Check card signatures
Ask for ID

How well did you know this?

Not at all

Perfectly

What are 3 red flags of credit card fraud?

Card pulled out of pocket
Expensive items on new card
Rushed customer

How well did you know this?

Not at all

Perfectly

Competitors submit token bids that are too high to be accepted. Helps accomplice’s bid look good.

Complementary bids

How well did you know this?

Not at all

Perfectly

Two or more contractors conspire to alternate the business between them on a rotating basis.

Bid rotation (bid-pooling)

How well did you know this?

Not at all

Perfectly

Phony bids from shell companies to create the illusion of competition.

Phantom bids

How well did you know this?

Not at all

Perfectly

What are two contract performance schemes?

Product substitution
Cost mischarging

How well did you know this?

Not at all

Perfectly

Contractor charges the procuring entity for costs that are not allowable, unreasonable, or cannot be allocated directly to the contract.

Cost mischarging

How well did you know this?

Not at all

Perfectly

What are 3 ways to prevent and detect vendor fraud?

Vendor audit (right to audit clause)
Integral contractors
Look for red flags

How well did you know this?

Not at all

Perfectly

When companies choose to interact with customer and vendors, but an unknown chooses to target the companies.

Third party threat

How well did you know this?

Not at all

Perfectly

Requires an understanding of the technology used in the crime, lack paper trail, usually requires internet.

Computer fraud

How well did you know this?

Not at all

Perfectly

The use of technology to gain unauthorized access to sensitive information on a computer system.

Computer hacking

How well did you know this?

Not at all

Perfectly

What are 4 methods used to gain unauthorized access during computer hacking?

Password cracking
Social engineering
Phishing
Wiretapping

How well did you know this?

Not at all

Perfectly

Fraudsters hijack business names to execute attacks which dupe victims to providing sensitive information.

Phishing

How well did you know this?

Not at all

Perfectly

Data manipulation and data destruction is a ______.

Crime

How well did you know this?

Not at all

Perfectly

What are 3 ways to prevent and detect computer fraud?

1. Formal security 2. Firewalls 3. Encryption

What are 3 reasons corporations commit espionage?

1. Information and data 2. Intelligence that provides actionable decisions 3. Valuable structures/products

What are 4 targets of corporate spies?

1. R&D 2. Marketing 3. Manufacturing 4. HR

What are 3 ways to prevent and detect corporate espionage regarding documentation or ideas?

1. Use locked filing cabinets 2. Shred documents 3. Locked waste

The vulnerability an organization has to overcome regarding the interrelated elements that enable someone to commit fraud.

Fraud risk

Risks that are present before management action are described as _____ risk.

Inherent

Risks that are present after management action are described as ______ risk.

Residual

What are the 3 reasons to be concerned about fraud risk?

1. No immunity 2. Awareness is needed to fix 3. Can be internal or external

Right balance of preventive and detective controls, can greatly reduce an organizations vulnerability to fraud. (Factor that influences fraud risk)

Effectiveness of internal controls

It is impossible, to have a company made up of individuals whose ethics and values are fully aligned with those of the organization. (Factor that influences fraud risk)

Ethics and values of company

A process aimed at proactively identifying and addressing an organization vulnerabilities to internal and external fraud.

Fraud risk assessment.

The main proponent of the fraud risk assessment process that helps an organization recognize what makes it most vulnerable to fraud so that it can take proactive measures to reduce its exposure.

The Objective

What are 2 reasons organizations should conduct fraud risk assessments?

1. Assess internal controls (Improve) 2. Comply with regulations and standards (Compliance)

What are 4 things that makes a good fraud risk assessment?

1. Collaboration 2. Good knowledge 3. Access to all levels (Organization) 4. Right sponsor (hears good, bad, and ugly)

What are 3 considerations for developing an effective fraud risk assessment?

1. Packaging it right 2. One size does not fit all 3. Keeping it simple

What are 3 inquiry techniques to use for risk assessment?

1. Interviews 2. Surveys 3. Focus groups

What are 4 things a sponsor would agree to be worked on in a risk assessment?

1. Participants 2. Output 3. Methods 4. Scope

What are 4 inherent fraud risks?

1. Position 2. Incentives 3. Management override 4. Performance pressures

Identifying and mapping existing _____ and _____ controls to the relevant fraud is a portion of executing fraud risk assessment.

1. Preventive 2. Detective

Addressing the identified fraud risks involves 3 things...

1. Set acceptable risk level 2. Rank and prioritize risk 3. Respond to residual risks

What are the 5 responses to residual fraud risks?

1. Transfer (insurance) 2. Avoid (eliminate) 3. Mitigate (controls) 4. Assume (low occurrence) 5. Combination approach (transfer part and controls)

What are 4 important parts to reporting the results?

1. Simple 2. Objective, not subjective 3. Focus on importance 4. Actions are clear and measurable

What are the 4 parts to making an impact?

1. Dialog 2. Look-out 3. Responsibility 4. Assessment alive and well

Auditors should validate that the organization is managing the moderate-to-high fraud risks by..... 4 things.

1. Evaluate controls 2. Identify 3. Develop reports 4. Deliver reports

The strategic reasonings used in conducting a fraud risk assessment requires a _____ _______ and involves _______ _______.

1. Skeptical mindset 2. Asking questions

Why should organizations conduct fraud risk assessment? (4 things)

1. Improve communication 2. Identify vulnerability 3. Find greatest risk (employee) 4. Develop plans and techniques

What are 4 reasons to conduct an investigation?

1. Identify 2. Mitigate liability 3. Avoid discrimination 4. Comply (laws)

What are two things involved with planning the investigation?

1. Who is involved 2. What is the strategy

Includes those who assist in the investigation, have genuine interest in the investigation outcome, and has a primary goal to resolve fraud allegations.

The investigation team

What are 4 groups of people that are involved with the investigative team?

1. CFEs 2. Legal counsel 3. internal auditors 4. HR

Anything perceivable by the five senses. Any proof that is legally presented at trial to prove a contention and induce a belief in the minds of a jury.

Evidence

What are 3 ways to obtain evidence?

1. Surveillance 2. Informants 3. Search warrants or subpoenas

When an investigator assumes a fictitious identity, which requires a high degree of planning and skills. Legal if there is sufficient probable cause that a crime has been committed.

Covert operations

Obtaining information through falsehood or deception. Not always legal. It is illegal to obtain information through falsehood.

Pretexting

Secretive and continuous observance of a suspects activities.

Surveillance

Sifting through suspect's trash to obtain evidence.

Dumpster diving

If evidence is held by other parties or is in uncontrolled locations, specific legal action is required before attempting to obtain it.

Subpoenas

If there is probable cause to believe that certain records are being used or have been used in the commission of a crime, the law enforcement officer will prepare an affidavit for a ______ __________.

Search warrant

Often the simplest means to obtain documentation. Can be given via oral or written means, allowing an investigator to obtain information or items by the innocent or perpetrator person.

Voluntary consent

What is the primary goal for investigative teams?

To resolve fraud allegations as thoroughly and efficiently as possible

To be admissible in court, evidence must be preserved and handled correctly. Same state at which you found it.

Handling evidence

Record of when item is received or when it leaves the care, custody, or control of the fraud examiner.

Chain of custody

Documents should be marked for later identification; however, never mark on original documents other than unobtrusive initials or tick marks made for identification.

Preserving evidence

Segregate documents either by witness or by transaction. Make key document file.

Organizing evidence.

When fraud examiners may need to search for specific information to help the investigation.

Sources of information

Investigators can learn a great deal from internal documents and information at the suspect's organization.

In-house sources

Records that a governmental unit is required by law to keep or those which are necessary for a governmental unit to keep in order to discharge its duties imposed by law.

Public Information

Commercial online services provide convenient access to a wide range of data in a single place.

Online searches

What are the 5 steps of interviewing questions?

1. Introductory 2. Informational 3. Assessment 4. Cloning 5. Admission-seeking

Provides an introduction and establishes rapport.

Introductory

What are 3 general rules for introductory?

1. Interview 1 at a time 2. Interview in privacy 3. Ask non-sensitive questions

Sets a legitimate basis for the questioning and explains to the subject how he fits into the inquiry.

Make a transitional statement

You should attempt to phrase questions so that they can be answered "yes". it is easier for people to reply in the affirmative than the negative.

Seek continuous agreement

You do not have the right to limit the use of the information or to decide how the information will be used in the investigation.

Do not promise confidentiality

You should tell the subject that any information he provides will be conveyed to the appropriate individual.

Negotiations

It is not your role to provide information.

Not discussing the source of allegations

When you frame the next question as a logical continuation of the facts.

Question sequences

Begin by asking questions that are not likely to cause the respondent to become defensive or hostile. Also, ask one question at a time, be straightforward, and no interruptions.

Informational question techniques

What 4 things to do in the methodology information phase?

1. Background questions 2. Observe 3. Non-leading questions 4. Be careful for sensitive questions

An interview that has the potential to bring about strong emotional reactions in the respondent.

Volatile interviews

Go over key facts to make certain that they have been understood.

Reconfirming facts

Simply ask the subject whether there is anything else he would like to say.

Gathering additional facts

Ask respondents whether they believe they have been treated fairly.

Concluding the interview

Establishes the credibility of the respondent.

Assessment Questions

Process of observing behavior before critical questions are asked.

Norming or calibrating

People lie for one of two reasons....

1. Receive rewards 2. Avoid punishment

When you want to distinguish the innocent from the culpable, obtain a valid confession and written statement to confirm.

Admission-seeking questions

The accuser has reasonable suspicion or predication to believe the accused has committed an offence, and the accusation is made under conditions of privacy but ends up being wrong.

Accusing an innocent person

What are the 4 steps in the admission-seeking interview?

1. Accuse 2. Observe 3. Repeat 4. Interrupt denials

Fraud examinations conclude with a report of the investigation results. Usually in a formal writing.

Report writing

What are the 6 format parts of a fraud examination report?

1. Author/date 2. Summary 3. Introduction 4. Body 5. Results 6. Follow up/recommendations

Investigation reports should only ____ the _____.

1. State 2. Facts

If a rule makes no sense to employees, they will ____ ___ ___.

Make their own

In a Hollinger and Clark study, ___ out of 10 employees admitted to committing abusive conduct at some level.

What are 3 things involved in the human factor of occupational fraud and abuse?

1. Greed 2. Wages in kind 3. Unreasonable expectations

What removes the root cause of the problem in terms of controls?

Prevention

What modifies the behavior through perception of negative sanctions.

Deterrence

Employees who perceive that they will be caught engaging in occupational fraud and abuse are less likely to commit it.

Perception of Detection

What are 3 things that lead to high perceptions of detection?

1. Education 2. Surprise audit 3. Proactive policies

What are 3 things that lead to adequate reporting programs?

1. Exact method to report 2. No penalties for good-faith info 3. Understanding fraud/abuse is everywhere

What are 3 things involved with corporate sentencing guidelines?

1. Uniform punishment 2. Severe punishment 3. Effective compliance program

Corporations can be held criminally responsible for the acts of their employees.

Vicarious or imputed liability

True or false. The corporation will be held criminally responsible only when management had knowledge or participation in the underlying criminal events.

False. The corporation will be held criminally responsible even if management had no knowledge or participation.

What are the 3 requirements for corporate sentencing guidelines?

1. Defined S&P 2. High-level's ensure compliance 3. Due care

The branch of philosophy which is the systematic study of reflective choice, of the standard of right and wrong by which a person is to be guided, and of the goods toward which it may ultimately be directed.

The Ethical Connection

Concrete ethical principles that cannot be violated.

Imperative principle

Each situation must be evaluated on its own.

Situational ethics

Theft that is justified by the person as "Retribution inadequate pay"...

Wages in kind

Regarding the essence of people, humans are.... 3 things.

1. Good 2. Evil 3. Calculating

When creating ethics policy, provide 3 things...

1. Define bad conduct 2. State punishment 3. Provide reporting