Financial Transactions and Fraud Schemes

Question 1

Occupational Fraud

Answer 1

those in which and employee, manager, officer or owner of an organization commits fraud to the organizations detriment

Question 2

three major types of occupational fraud

Answer 2

• corruption
• asset misappropriation
• financial statement fraud

Question 3

What are the three red flags that increase the risk of fraudulent financial reporting (eg Fraud Triangle)

Answer 3

• Situational Pressures, related to company performance/targets
• Opportunities to commit fraud with the perception of a small chance for detection
• Potential Rationalizations, to justify that the fraud was ok

Question 4

Channel Stuffing

Answer 4

selling an unusually large quantity of a product to distributors who are encouraged to overbuy via deep discounts or extended payment terms

Question 5

What are the five classifications of financial statement schemes?

Answer 5

Revenues Fictitious
Timing Differences (smoothing)
Asset Valuations Improper
Expense/ liabilities concealed
Disclosures Improper

Question 6

What is “backdating stock options”?

Answer 6

when a company alters the date of the option grant to a time when the stock was trading at a lower price so the option is instantly valuable to the recipient

Question 7

The 3 types of comparative financial statement analysis

Answer 7

1- Vertical Analysis (IS items as % of revenue/ BS items as % of assets)
2- Horizontal Analysis (period over period comparisons)
3- Ratio analysis (quick ratio/ turnover/ debt to equity/ margins/ etc)

Question 8

Cash Larceny

Answer 8

the theft of money that has already appeared on the victim orgs books

Question 9

Skimming

Answer 9

the theft of cash/assets that have not yet been recorded in the accounting system

aka “off-book frauds”

Question 10

What is “Lapping” customer payments?

Answer 10

-a way to conceal skimming receivables/sales where the thief credits one account by taking money from another account due later and then continues doing that

Question 11

Misappropriation

Answer 11

Using funds meant for another purpose for personal gain (eg, embezzlement)

Question 12

Fraudulent Disbursement

Answer 12

Tricking a company into paying for an invalid payment (ex: false invoices, altered timecards, forged company checks, fake voids/refunds)

Question 13

Authorized Maker Scheme

Answer 13

When an employee with signaure authority on a company account writes fraudulnt checks for thieown benefit and signs their own name as the maker

Question 14

A shell company

Answer 14

a business with a mailing address but no physical presence or employees that generates little, if any, economic value

Question 15

Collusion

Answer 15

when two or more individulas agree to engage in a deceitful act in order to gain an unfair advantage

Question 16

A turnaround sale

Answer 16

• A conflict of interest scheme
• when an employee knows their employer is looking to purchase a certain assets to they but it themselves and sell it to the company at an inflated price

Question 17

open-source information

Answer 17

information available in the public domain

Question 18

In the US, what laws govern commercial filings? Where are they?

Answer 18

• the uniform commercial code

- maintained and searchable at the state level by each secretary of state

Question 19

What are “commercial filings”?

Answer 19

records that banks, finance companies and other lenders generate when they provide loans or leases to borrowers who use property as collateral for loans

Question 20

What is the difference between a sleeper and a mole??

Answer 20

A sleeper is deliberately planted to extract info and a mole is usually an existing, compromised employee

Question 21

Pretexting

Answer 21

impersonating someone else of making false/misleading statements to persuade a target to release information of perform some action

Question 22

Elicitation

Answer 22

the process of extracting information that can be used and exploited to achieve particular goals

Question 23

Social Engineering

Answer 23

using deceptive techniques to manipulate people into taking certain actions or disclosing information

Question 24

Define “Identity Theft”

Answer 24

Using fraud or deception to obtain and uses another person’s personal data, typically for economic gain

Question 25

A Suspense Account

Answer 25

The section of an organizations books where unclassified debits and credits are temporarily recorded until a final destination is determined

Question 26

Embezzlement

Answer 26

When a person that has been lawfully entrusted with someones property takes it

Question 27

A Daisy Chain

Answer 27

When a bank buys, sells and swaps its bad loans for the bad loans of another.
-creates new documentation and masks bad loans by making them look recent and good

Question 28

Retainage

Answer 28

• a construction holdback

- the amount withheld from draw requests until construction is complete

Question 29

An Air Loan

Answer 29

A loan for nonexistent property

Question 30

An Advance-fee fraud

Answer 30

A scheme where the fraudster persuades the target to advance sums of money by falsely promising the delivery of a product or service

Question 31

What is an SAR?

Answer 31

• A Suspicious Activity Report filed in the Financial Crimes Enforcement Network (FinCen)
• Requires US banks to file a report within 30 days of detection if is there is a known or suspected criminal violation

Question 32

An Access Device

Answer 32

an object that allows access to account funds (debit card, PIN, etc)

Question 33

pecuniary

Answer 33

of or relating to money (eg, pecuniary damages)

Question 34

Fidelity Insurance

Answer 34

indemnifies against loss caused by employee dishonesty

Question 35

Capitation

Answer 35

A healthcare reimbursement method in which providers receive one lump sum for each patient that they treat, regardless of how many services the provider renders to each patient

Question 36

The Stark Law

Answer 36

limits ability of physicians to profit from their referrals by not allowing them to refer patients to physicians to which they have a financial relationship

Question 37

Medicare Part A covers….

Answer 37

facilities (hospice care, home health, SNFs, etc)

Question 38

Medicare Part B covers…

Answer 38

outpatient care and doctors services

Question 39

Medicare Part C covers…

Answer 39

Medicare Advantage Plans (part A and B but provided by a private insurance company)

Question 40

Medicare Part D covers…

Answer 40

Prescription Drugs

Question 41

EDI

Answer 41

• Electronic Data Interchange

- the exchange of data between computers with no human interaction

Question 42

Fill-and-split games

Answer 42

A pyramid scheme that includes elements to make it feel like a game to keep players attention focused on their riches

Question 43

Malware

Answer 43

any kind of malicious software

includes viruses, worms, trojan horses, spyware, etc

Question 44

Logistical Access Control

Answer 44

The process by which users are identified and granted access to certain systems, info or resources

Question 45

A Vendor Master file

Answer 45

a database containing all vendors a company does business with, including contact detail, terms, etc

Question 46

a register disbursement scheme

Answer 46

Involves a fraudulent transaction that justifies the removal of cash from a register, such as a false return or a voided sale

Question 47

The crux of a conflict of interest case is….

Answer 47

that the victim organization is unaware that its employee has divided loyalties.

If an employer knows of the employee’s interest in a business deal or negotiation, there can be no conflict of interest, no matter how favorable the arrangement is for the employee.

Question 48

A sham loan scheme

Answer 48

When loan officers will make loans to accomplices who then share all or part of the proceeds with the lending officer.

Question 49

Extortion

Answer 49

Using actual or threatened force/fear to obtain property from another

Question 50

The register records should NOT match up with the cash in the drawer when a ____ scheme has occurred.

Answer 50

cash larceny

Question 51

The purpose of developer overhead in a construction loans is….

Answer 51

to supply the developer with operating capital while the project is under construction.

This overhead allocation should not include a profit percentage, as the developer realizes profit upon completion

Question 52

physical padding of inventory

Answer 52

Making it appear as though there are more assets present in the warehouse or stockroom than there actually are.

E.G. Empty boxes or boxes filled with bricks or other inexpensive materials, for example, might be stacked on shelves to create the illusion of extra inventory.

Question 53

Perpetual Inventory

Answer 53

The official record of inventory

A method of accounting for inventory that records the sale or purchase of inventory immediately through the use of computerized point-of-sale systems

Question 54

Property Flopping

Answer 54

A rapid transfer of property with an unjustified, significant change in value, but instead of inflating the value on the second transaction, the value on the first transaction (a short sale) is deflated

Question 55

What is a “positive pay system”?

Answer 55

• a way for the company and its bank to detect fraudulent items presented for payment
• The company provides the bank with a list of checks and amounts that are written each day. The bank verifies items presented for payment against the company’s list and rejects items that are not on the list. Investigations are conducted as to the origin of the unlisted items.

Question 56

Synthetic Identity Theft

Answer 56

The use of entirely fabricated personal information or a combination of real and fabricated information to create a new identity

Question 57

Traditional Identity Theft

Answer 57

Stealing an individual’s personal information and pretending to be that individual

Question 58

True Name Fraud

Answer 58

Using an individual’s personal information to open a new account in the individual’s name. Unlike an account takeover, which involves an existing account, true name fraud involves a new account.

Question 59

A purchasing and receiving scheme

Answer 59

When a person responsible with receiving goods on the victim company’s behalf—such as a warehouse supervisor or receiving clerk—falsifies the records of incoming shipments

Question 60

Durable Medical Equipment

Answer 60

-reusable medical equipment

Question 61

Data Manipulation

Answer 61

using or manipulating a computer to commit a crime

Question 62

Data Destruction

Answer 62

the unauthorized modification, suppression, or erasure of computer data or computer functions, to alter or hinder the normal functions of the targeted system.

Question 63

Technical Security (in computer networks)

Answer 63

Safeguards incorporated in computer hardware

Question 64

A Land Flip Scheme resulting in an NPL

Answer 64

When a loan is made for a property that has an artificially inflated value

The seller is financed out of the property and the bank holds a NPL

Question 65

__________ is the term used for including additional coverages in an insurance policy without the insured’s knowledge

Answer 65

Sliding

-extra charges are hidden in the total premium

Question 66

Why is Billing for experiments with new medical devices that have not yet been approved by a jurisdiction’s health care authority a form of medical fraud?

Answer 66

• Allows hospitals to deliberately mislead third-party payers by getting them to pay for the manufacturer’s research
• Many of the doctors involved are alleged to have stock in the manufacturing companies.

Question 67

Definition of Financial Statement Fraud

Answer 67

the deliberate misrepresentation of the financial condition through the intentional misstatement to deceive financial statement users

Question 68

Phishing + Example

Answer 68

a scheme that involves electronically impersonating a trusted individual or entity

Generally, phishers manipulate victims into providing sensitive information by falsely claiming to be from an actual business, bank, Internet service provider (ISP), or other entity with which the target does business.

Question 69

Credit Card Skimming

Answer 69

Using a device to scan and store a large amount of credit card numbers that the scammer can sell to a a counterfeiter or use to produce fake cards

Question 70

Unbundling (in Health Care Fraud)

Answer 70

-When providers attempt to increase profits by billing separately for procedures that are actually part of a single procedure

AKA - coding fragmentation

Question 71

Crimeware

Answer 71

A type of malware used to simplify or automate online criminal activities

(Eg, programs to fraudulently obtain financial gain from the affected user or other third parties)

Question 72

Credit card fraud is successful because….

Answer 72

the chances of being caught are low and, even if law contacted law enforcement is contacted, there’s often little or no response regarding the crime

Question 73

A Bid Tailoring Scheme

Answer 73

When an employee with procurement responsibilities, often in collusion with a contractor, drafts bid specifications in a way that gives an unfair advantage to a certain contractor

Question 74

A Rolling Lab Scheme

Answer 74

When a mobile laboratory that solicits individuals to participate in health screening tests at no cost to the patient. After conducting the tests, however, the lab bills the individual’s insurance provider or health care program

Question 75

An easy way to recognize a real estate scam is if it has an element of _________

Answer 75

of time pressure, with the victims being convinced they are participating in a “once-in-a-lifetime, now-or-never” deal.

Question 76

DRG Creep

Answer 76

• Diagnostic-related groupings (DRG) is a reimbursement methodology for the payment of institutional services that categorizes patients by diagnosis/age/gender/etc.
• occurs when medical staff members manipulate diagnostic and procedural codes to increase reimbursement amounts or other forms of funding (eg, coding minor cuts as major lacerations)

Question 77

Pharming

Answer 77

an attack in which users are fooled into entering sensitive data into a malicious website that imitates a legitimate website

-user does not have to click on a link in an email or message to direct them to the website

Question 78

A baiting scheme

Answer 78

tricking victims into inserting malware-infected data storage devices into their computers

Question 79

non-repudiation

Answer 79

Assurance that the sender of information is provided with proof of delivery and the recipient is provided with proof of the sender’s identity, so neither can later deny having processed the information.

Question 80

The five information security goals that should be achieved to ensure the security of information systems for users and account holders

Answer 80

• Confidentiality of data
• Integrity of data
• Availability of data
• Authentication
• Non-repudiation

Question 81

What is the primary purpose of an automated clearing house (ACH) filter?

Answer 81

Lets account holders to provide their banks with a list of defined criteria to ensure only designated individuals get paid

Question 82

Past posting

Answer 82

When a person is involved in an automobile accident but does not have insurance. After the accident, the person gets insurance, waits a short time, and then reports the vehicle as having been damaged in some manner, thus collecting for the earlier loss

Question 83

A direct action virus

Answer 83

A virus that loads onto the target system’s memory, infect other files, and then unload itself

Question 84

Buffer overflows

Answer 84

A way to attack a computer by overloading the storage capacity of the memory buffer

Question 85

Privilege escalation

Answer 85

Using an info system flaw to gain privileges other than what was originally intended for the user

Question 86

The three main types of payroll schemes

Answer 86

• ghost employees
• falsified hours and salary
• commission schemes

Question 87

Pharming differs from phishing in that in a pharming scheme…

Answer 87

the attacker doesn’t have to rely on having users click on a link in an email or other message to direct them to the malicious website that is imitating a legitimate website

Question 88

A person ____ should be responsible for preparing the bank statement.

Answer 88

Independent of the cash receipts and AR functions

Question 89

Rock Phishing

Answer 89

Using botnets to send massive amounts of phishing emails to huge volumes of Internet users.

The emails contain a message from a financial institution, enticing users to click on a fraudulent URL.

Question 90

When an employee skims money by making off-book sales of merchandise, it is impossible to detect theft by….

Answer 90

comparing the register to the cash drawer because the sale was not recorded on the register.

Question 91

SMiShing

Answer 91

A hybrid of phising and text messaging where the attacker uses text messages to dupe an individual or business into providing sensitive data by falsely claiming to be from an actual business, bank, Internet service provider (ISP), or other entity with which the target does business.

Question 92

____ occurs when contractors intentionally use inaccurate cost or pricing data to inflate costs in negotiated contracts

Answer 92

Defective pricing

Question 93

a pass-through scheme

Answer 93

When Instead of buying merchandise directly from a vendor, the employee sets up a shell company and purchases the merchandise through that fictitious entity. They then resell the merchandise to their employer from the shell company at an inflated price, thereby making an unauthorized profit on the transaction.

Question 94

If the cost of goods sold increases by a disproportionate amount relative to sales, and no changes occur in the purchase prices, quantities purchased, or quality of products purchased, the cause of the disproportionate increase in cost of goods sold might be one of three things:

Answer 94

(1) ending inventory has been depleted by theft
(2) someone has been embezzling money through a false billing scheme
(3) someone has been skimming sales revenue

Question 95

A scavenger scheme

Answer 95

when a company that initially conned a consumer contacts that consumer and offers to help retrieve the lost money. However, the investigation requires an upfront fee and the consumer is swindled again

Question 96

The most common giveaway scheme, in which a postcard arrives in the mail telling the recipient they have already won a prize such as a luxurious vacation or cash, is known as _____.

Answer 96

the “1-in-5”

Question 97

The purpose of a draw request in construction lending is to provide….

Answer 97

documentation that costs have been incurred and reimbursement is sought

Question 98

The four major categories of check tampering schemes

Answer 98

1- forged maker
2- forged endorser
3- altered payee
4- authorized maker

Question 99

An exception or manual override reports lists…

Answer 99

all exceptions to normal electronic payment processing

Would point out when a computer is being used outside the normal processing time

Question 100

Unbundling

Answer 100

When a health care provider charges a comprehensive code, as well as one or more component codes for the same procedure

AKA coding fragmentation

Question 101

Some companies present a _____ rather than a statement of changes in owners’ equity

Answer 101

statement of retained earnings

Question 102

The five security goals of an e-commerce system

Answer 102

Availability of data

Confidentiality of data
Authentication
Integrity of data
Non-repudiation