Fraud Flashcards
What percentage of fraud cases resulted in some sort of internal punishment and what percentage were fired?
80% received punishment
66% were fired.
59% referred to LE
10% allowed or required to resign
9% were placed on suspension or probation.
Organizational crime vs occupational crime.
Origniazational crime the benefits go to the organization. Example: Price fixing
Occupational. The benefits go to the individual. Example: Accepting kickbacks
Rational choice theory
Suspect performs cost benefit analysis that evaluates possibility of getting caught.
Best way to reduce crime is reduce opportunities.
What are the three elements that influence crime in the routine activity theory.
The availability of suitable targets
The absence of capable guardians
The presence of motivated offenders
Theory of differential association.
Criminal behavior is learned
Learned from people you hang out with. IE GANGS
What is social control theory
Society keeps them in line. What would my mom think of me? Dad? If they found out.
Effects of white collar crime.
On going damages
Loss of competitive advantage
Loss of employee confidence in job security
Loss of employee productivity
What is the OECD definition? Corporate governance
Procedures and processes according to which an organization is directed and controlled
Distribution of rights and responsibilities
Lays down rules for decision making.
What is the Cadbury Report.
to encourage the efficient use of resources and require responsibility.
Solid Corporate governance practices are necessary when owners are not responsible for setting strategy or exciting business activities. IE. publicly
The treadway commission. What is the auditor’s responsibility in preventing fraud?
MandatoryINDEPENDANT audit committee
Written charter
Adequate resources and authority
Audit committee members should be informed, vigilant, and effective.
What are the four principles of corporate governance. RAFT
Accountability: hold management accountable.
Transparency: accurate, complete, timely financial statements and disclosure of all material matters
Fairness: all stakeholders treated equitably
Responsibility: act in the organization and society’s best interest.
What it is internal control? ROC
Designed to provide assurance regarding the achievement of objective.
Efficiency of OPERATIONS
Reliability of financial and non financial REPORTING
COMPLIANCE with applicable laws and regulations.
Identify the five interrelated components of internal control? CRIME
Control environment Risk assessment Control activities Information and communication Monitoring
What does the controlled environment provide?
Makes up the ethical and moral culture of the organization.
What does risk assessment do? OICA
Identify and assessment of risks relevant to achieving control goals. Set clear objectives ID risks Consider potential for fraud Assesses changes.
What does control activities mean?
Controls policies
INFO AND COMMUNICATION Exchanges information in a way that allows employees to carry out responsibilities.
MONITORING the effectiveness of the control system over time
What is a material misstatement. And materiality.
If omitting, misstating, or obscuring it could reasonably be expected to influence the decision of the primary financial statement users.
Materiality is often considered in quantified terms within the audit. Like a large amount for that company. Ie don’t review anything under $10k. (Quantitative)
But you find 30 transactions of $9,999. (Qualitative)
What is ISA 240
ISA 265
240: establish standards and provide guidance on the auditors responsibility to consider fraud in an audit of financial statements.
265: provide guidance regarding the auditors responsibility to communicate an organizations internal control deficiencies with management and those charges with governance.
What is the auditors requirements if they find a deficiency in the internal controls?
Communicate significant deficiencies in writing to those charged with governance in a timely manner. Unless it would be inappropriate
What is the international organization of supreme audit institution? And why are they different
Umbrella for external GOVERNMENT audit community.
They are broader
Consideration of the concept of abuse
Inability to withdrawal from the engagement
Additional communications about fraud related matters.
What are inherent risks
What are residual risks
INHERENT: Risks that are present before the effect of internal controls. Including anti fraud controls
RESIDUAL: risks that remain after the effect of these controls.
What is a fraud risk assessment.
An ongoing, continuous process aimed at proactively, identifying and addressing an organizations vulnerabilities to both internal and external fraud.
What are elements of a good fraud risk assessment.
Collaborative effort.
Independence and objectivity
Functional knowledge of the business
Thinking like a fraudster
Most effective techniques used to conduct fraud risk assessment
Interviews
Focus groups
Surveys
Anonymous feedback mechanisms
What to do when you find residual fraud risks?
Avoid the risk: eliminate the assets
Transfer the risk: purchase a insurance policy
Mitigate risk: implement prevention and detection controls
Assume the risk:
The audit process in the fraud risk assessment
Identify and map the existing preventative and detection controls
Perform tests to see if controls are operating effectively and efficiently
Identify risk management override controls
Develop reports with results of auditor validation and testing of fraud controls
What are the five COSO ENTERPRISE fraud risk management components. GSPRI
Governance and culture: who does what
Strategy and objective setting: business objective
Performance: identify and assess risks
Review and revision:
Information, communication and reporting:
What are the two principles of ISO 31,000?
Is customized and proportionate to operations and objectives
Is dynamic and responsive to change.
How to manage third party fraud risks
Customer due diligence
Simplified: ID
standard:
Enhanced: high profile, large value transactions.
Sources of income and overall net
worth.
Expected pattern of purchasing
Expected method of payment
Vender third party risks.
Ensure vendors have their own ethics and compliance program before engaging.
Include contract clauses requiring vendors to report and misconduct
What are the 5 fraud risk management principles GAAIM
Fraud risk governance
Fraud risk assessment
Fraud control activities
Fraud investigation and corrective actions
Fraud risk management monitoring activities.
What does punishment involve?
Applying a negative stimulus or WITHDRAWING A positive stimulus
What are three things we can do to demonstrate proactive audit procedures.
Use of analytical review procedures
Fraud assessment questions
Surprise audits when possible.
What is the most effective fraud prevention method.
Increasing Perception of detection.
What should you have when developing a good ethics program
Define organization organization values.
Designated ethics official.
Ethics task force or committee
What is an effective compliance program.
Management is responsible for establishing the program
Reasonably designed, implemented, and enforced to be effective in preventing and detecting criminal conduct.
What does Preventive controls and detective controls do.
Preventive: stops something bad from happening before it occurs.
Detective controls: designed to ID something bad that has already happened.
Who would be a good sponsor.
Senior in organization, ideally an independent board direct or audit committee member.
Fraud risks are classified into these four areas: CAFE
Fraudulent financial reporting: inappropriately reported revenue, expenses,assets, or liabilities
Assist misappropriation: theft of tangible or intangible assets
Corruption: bribes, kickbacks, aiding and an eating vendor fraud
External fraud: fraud committed by customers, vendors, or other third parties.
What are the 5 components of enterprise risk management
Government and culture Strategy and objective setting Performance Review and revision Information/communication/ and reporting
What does ISO 31000 do? Principals of effect risk management
Customized and proportionate to operations and objectives
Dynamic and responsive to change
Board of directors role
Setting the tone and expectations management to enforce an anti fraud culture
Develop a strategy to assess and manage fraud risks that aligns with the organizations risk appetite and steric plan.
Audit committee role.
Oversee financial and audit and accounting matters
Report to board of directors
Oversee how management is going to oversee the fraud risk management plan
Assets misappropriation is the most common?
Financial state fraud is most commonly?
Assets: most common occupational fraud and is the least costly.
Financial statement fraud causes the greatest median loss.
