Financial Transactions and Fraud Schemes Flashcards
(102 cards)
1
Q
Occupational Fraud
A
those in which and employee, manager, officer or owner of an organization commits fraud to the organizations detriment
2
Q
three major types of occupational fraud
A
- corruption
- asset misappropriation
- financial statement fraud
3
Q
What are the three red flags that increase the risk of fraudulent financial reporting (eg Fraud Triangle)
A
- Situational Pressures, related to company performance/targets
- Opportunities to commit fraud with the perception of a small chance for detection
- Potential Rationalizations, to justify that the fraud was ok
4
Q
Channel Stuffing
A
selling an unusually large quantity of a product to distributors who are encouraged to overbuy via deep discounts or extended payment terms
5
Q
What are the five classifications of financial statement schemes?
A
Revenues Fictitious Timing Differences (smoothing) Asset Valuations Improper Expense/ liabilities concealed Disclosures Improper
6
Q
What is “backdating stock options”?
A
when a company alters the date of the option grant to a time when the stock was trading at a lower price so the option is instantly valuable to the recipient
7
Q
The 3 types of comparative financial statement analysis
A
1- Vertical Analysis (IS items as % of revenue/ BS items as % of assets)
2- Horizontal Analysis (period over period comparisons)
3- Ratio analysis (quick ratio/ turnover/ debt to equity/ margins/ etc)
8
Q
Cash Larceny
A
the theft of money that has already appeared on the victim orgs books
9
Q
Skimming
A
the theft of cash/assets that have not yet been recorded in the accounting system
aka “off-book frauds”
10
Q
What is “Lapping” customer payments?
A
-a way to conceal skimming receivables/sales where the thief credits one account by taking money from another account due later and then continues doing that
11
Q
Misappropriation
A
Using funds meant for another purpose for personal gain (eg, embezzlement)
12
Q
Fraudulent Disbursement
A
Tricking a company into paying for an invalid payment (ex: false invoices, altered timecards, forged company checks, fake voids/refunds)
13
Q
Authorized Maker Scheme
A
When an employee with signaure authority on a company account writes fraudulnt checks for thieown benefit and signs their own name as the maker
14
Q
A shell company
A
a business with a mailing address but no physical presence or employees that generates little, if any, economic value
15
Q
Collusion
A
when two or more individulas agree to engage in a deceitful act in order to gain an unfair advantage
16
Q
A turnaround sale
A
- A conflict of interest scheme
- when an employee knows their employer is looking to purchase a certain assets to they but it themselves and sell it to the company at an inflated price
17
Q
open-source information
A
information available in the public domain
18
Q
In the US, what laws govern commercial filings? Where are they?
A
- the uniform commercial code
- maintained and searchable at the state level by each secretary of state
19
Q
What are “commercial filings”?
A
records that banks, finance companies and other lenders generate when they provide loans or leases to borrowers who use property as collateral for loans
20
Q
What is the difference between a sleeper and a mole??
A
A sleeper is deliberately planted to extract info and a mole is usually an existing, compromised employee
21
Q
Pretexting
A
impersonating someone else of making false/misleading statements to persuade a target to release information of perform some action
22
Q
Elicitation
A
the process of extracting information that can be used and exploited to achieve particular goals
23
Q
Social Engineering
A
using deceptive techniques to manipulate people into taking certain actions or disclosing information
24
Q
Define “Identity Theft”
A
Using fraud or deception to obtain and uses another person’s personal data, typically for economic gain
25
A Suspense Account
The section of an organizations books where unclassified debits and credits are temporarily recorded until a final destination is determined
26
Embezzlement
When a person that has been lawfully entrusted with someones property takes it
27
A Daisy Chain
When a bank buys, sells and swaps its bad loans for the bad loans of another.
-creates new documentation and masks bad loans by making them look recent and good
28
Retainage
- a construction holdback
| - the amount withheld from draw requests until construction is complete
29
An Air Loan
A loan for nonexistent property
30
An Advance-fee fraud
A scheme where the fraudster persuades the target to advance sums of money by falsely promising the delivery of a product or service
31
What is an SAR?
- A Suspicious Activity Report filed in the Financial Crimes Enforcement Network (FinCen)
- Requires US banks to file a report within 30 days of detection if is there is a known or suspected criminal violation
32
An Access Device
an object that allows access to account funds (debit card, PIN, etc)
33
pecuniary
of or relating to money (eg, pecuniary damages)
34
Fidelity Insurance
indemnifies against loss caused by employee dishonesty
35
Capitation
A healthcare reimbursement method in which providers receive one lump sum for each patient that they treat, regardless of how many services the provider renders to each patient
36
The Stark Law
limits ability of physicians to profit from their referrals by not allowing them to refer patients to physicians to which they have a financial relationship
37
Medicare Part A covers....
facilities (hospice care, home health, SNFs, etc)
38
Medicare Part B covers...
outpatient care and doctors services
39
Medicare Part C covers...
Medicare Advantage Plans (part A and B but provided by a private insurance company)
40
Medicare Part D covers...
Prescription Drugs
41
EDI
- Electronic Data Interchange
| - the exchange of data between computers with no human interaction
42
Fill-and-split games
A pyramid scheme that includes elements to make it feel like a game to keep players attention focused on their riches
43
Malware
any kind of malicious software
includes viruses, worms, trojan horses, spyware, etc
44
Logistical Access Control
The process by which users are identified and granted access to certain systems, info or resources
45
A Vendor Master file
a database containing all vendors a company does business with, including contact detail, terms, etc
46
a register disbursement scheme
Involves a fraudulent transaction that justifies the removal of cash from a register, such as a false return or a voided sale
47
The crux of a conflict of interest case is....
that the victim organization is unaware that its employee has divided loyalties.
If an employer knows of the employee’s interest in a business deal or negotiation, there can be no conflict of interest, no matter how favorable the arrangement is for the employee.
48
A sham loan scheme
When loan officers will make loans to accomplices who then share all or part of the proceeds with the lending officer.
49
Extortion
Using actual or threatened force/fear to obtain property from another
50
The register records should NOT match up with the cash in the drawer when a ____ scheme has occurred.
cash larceny
51
The purpose of developer overhead in a construction loans is....
to supply the developer with operating capital while the project is under construction.
This overhead allocation should not include a profit percentage, as the developer realizes profit upon completion
52
physical padding of inventory
Making it appear as though there are more assets present in the warehouse or stockroom than there actually are.
E.G. Empty boxes or boxes filled with bricks or other inexpensive materials, for example, might be stacked on shelves to create the illusion of extra inventory.
53
Perpetual Inventory
The official record of inventory
A method of accounting for inventory that records the sale or purchase of inventory immediately through the use of computerized point-of-sale systems
54
Property Flopping
A rapid transfer of property with an unjustified, significant change in value, but instead of inflating the value on the second transaction, the value on the first transaction (a short sale) is deflated
55
What is a "positive pay system"?
- a way for the company and its bank to detect fraudulent items presented for payment
- The company provides the bank with a list of checks and amounts that are written each day. The bank verifies items presented for payment against the company’s list and rejects items that are not on the list. Investigations are conducted as to the origin of the unlisted items.
56
Synthetic Identity Theft
The use of entirely fabricated personal information or a combination of real and fabricated information to create a new identity
57
Traditional Identity Theft
Stealing an individual’s personal information and pretending to be that individual
58
True Name Fraud
Using an individual’s personal information to open a new account in the individual’s name. Unlike an account takeover, which involves an existing account, true name fraud involves a new account.
59
A purchasing and receiving scheme
When a person responsible with receiving goods on the victim company’s behalf—such as a warehouse supervisor or receiving clerk—falsifies the records of incoming shipments
60
Durable Medical Equipment
-reusable medical equipment
61
Data Manipulation
using or manipulating a computer to commit a crime
62
Data Destruction
the unauthorized modification, suppression, or erasure of computer data or computer functions, to alter or hinder the normal functions of the targeted system.
63
Technical Security (in computer networks)
Safeguards incorporated in computer hardware
64
A Land Flip Scheme resulting in an NPL
When a loan is made for a property that has an artificially inflated value
The seller is financed out of the property and the bank holds a NPL
65
__________ is the term used for including additional coverages in an insurance policy without the insured's knowledge
Sliding
-extra charges are hidden in the total premium
66
Why is Billing for experiments with new medical devices that have not yet been approved by a jurisdiction's health care authority a form of medical fraud?
- Allows hospitals to deliberately mislead third-party payers by getting them to pay for the manufacturer’s research
- Many of the doctors involved are alleged to have stock in the manufacturing companies.
67
Definition of Financial Statement Fraud
the deliberate misrepresentation of the financial condition through the intentional misstatement to deceive financial statement users
68
Phishing + Example
a scheme that involves electronically impersonating a trusted individual or entity
Generally, phishers manipulate victims into providing sensitive information by falsely claiming to be from an actual business, bank, Internet service provider (ISP), or other entity with which the target does business.
69
Credit Card Skimming
Using a device to scan and store a large amount of credit card numbers that the scammer can sell to a a counterfeiter or use to produce fake cards
70
Unbundling (in Health Care Fraud)
-When providers attempt to increase profits by billing separately for procedures that are actually part of a single procedure
AKA - coding fragmentation
71
Crimeware
A type of malware used to simplify or automate online criminal activities
(Eg, programs to fraudulently obtain financial gain from the affected user or other third parties)
72
Credit card fraud is successful because....
the chances of being caught are low and, even if law contacted law enforcement is contacted, there’s often little or no response regarding the crime
73
A Bid Tailoring Scheme
When an employee with procurement responsibilities, often in collusion with a contractor, drafts bid specifications in a way that gives an unfair advantage to a certain contractor
74
A Rolling Lab Scheme
When a mobile laboratory that solicits individuals to participate in health screening tests at no cost to the patient. After conducting the tests, however, the lab bills the individual’s insurance provider or health care program
75
An easy way to recognize a real estate scam is if it has an element of _________
of time pressure, with the victims being convinced they are participating in a “once-in-a-lifetime, now-or-never” deal.
76
DRG Creep
- Diagnostic-related groupings (DRG) is a reimbursement methodology for the payment of institutional services that categorizes patients by diagnosis/age/gender/etc.
- occurs when medical staff members manipulate diagnostic and procedural codes to increase reimbursement amounts or other forms of funding (eg, coding minor cuts as major lacerations)
77
Pharming
an attack in which users are fooled into entering sensitive data into a malicious website that imitates a legitimate website
-user does not have to click on a link in an email or message to direct them to the website
78
A baiting scheme
tricking victims into inserting malware-infected data storage devices into their computers
79
non-repudiation
Assurance that the sender of information is provided with proof of delivery and the recipient is provided with proof of the sender's identity, so neither can later deny having processed the information.
80
The five information security goals that should be achieved to ensure the security of information systems for users and account holders
- Confidentiality of data
- Integrity of data
- Availability of data
- Authentication
- Non-repudiation
81
What is the primary purpose of an automated clearing house (ACH) filter?
Lets account holders to provide their banks with a list of defined criteria to ensure only designated individuals get paid
82
Past posting
When a person is involved in an automobile accident but does not have insurance. After the accident, the person gets insurance, waits a short time, and then reports the vehicle as having been damaged in some manner, thus collecting for the earlier loss
83
A direct action virus
A virus that loads onto the target system's memory, infect other files, and then unload itself
84
Buffer overflows
A way to attack a computer by overloading the storage capacity of the memory buffer
85
Privilege escalation
Using an info system flaw to gain privileges other than what was originally intended for the user
86
The three main types of payroll schemes
- ghost employees
- falsified hours and salary
- commission schemes
87
Pharming differs from phishing in that in a pharming scheme...
the attacker doesn't have to rely on having users click on a link in an email or other message to direct them to the malicious website that is imitating a legitimate website
88
A person ____ should be responsible for preparing the bank statement.
Independent of the cash receipts and AR functions
89
Rock Phishing
Using botnets to send massive amounts of phishing emails to huge volumes of Internet users.
The emails contain a message from a financial institution, enticing users to click on a fraudulent URL.
90
When an employee skims money by making off-book sales of merchandise, it is impossible to detect theft by....
comparing the register to the cash drawer because the sale was not recorded on the register.
91
SMiShing
A hybrid of phising and text messaging where the attacker uses text messages to dupe an individual or business into providing sensitive data by falsely claiming to be from an actual business, bank, Internet service provider (ISP), or other entity with which the target does business.
92
____ occurs when contractors intentionally use inaccurate cost or pricing data to inflate costs in negotiated contracts
Defective pricing
93
a pass-through scheme
When Instead of buying merchandise directly from a vendor, the employee sets up a shell company and purchases the merchandise through that fictitious entity. They then resell the merchandise to their employer from the shell company at an inflated price, thereby making an unauthorized profit on the transaction.
94
If the cost of goods sold increases by a disproportionate amount relative to sales, and no changes occur in the purchase prices, quantities purchased, or quality of products purchased, the cause of the disproportionate increase in cost of goods sold might be one of three things:
(1) ending inventory has been depleted by theft
(2) someone has been embezzling money through a false billing scheme
(3) someone has been skimming sales revenue
95
A scavenger scheme
when a company that initially conned a consumer contacts that consumer and offers to help retrieve the lost money. However, the investigation requires an upfront fee and the consumer is swindled again
96
The most common giveaway scheme, in which a postcard arrives in the mail telling the recipient they have already won a prize such as a luxurious vacation or cash, is known as _____.
the "1-in-5"
97
The purpose of a draw request in construction lending is to provide....
documentation that costs have been incurred and reimbursement is sought
98
The four major categories of check tampering schemes
1- forged maker
2- forged endorser
3- altered payee
4- authorized maker
99
An exception or manual override reports lists...
all exceptions to normal electronic payment processing
Would point out when a computer is being used outside the normal processing time
100
Unbundling
When a health care provider charges a comprehensive code, as well as one or more component codes for the same procedure
AKA coding fragmentation
101
Some companies present a _____ rather than a statement of changes in owners’ equity
statement of retained earnings
102
The five security goals of an e-commerce system
Availability of data
Confidentiality of data
Authentication
Integrity of data
Non-repudiation
