Fraud P&D Flashcards
The primary purpose of AU Section 240 is to:
A. Establish standards for auditors in fulfilling their responsibilities related to fraud during a financial statement audit
B. Emphasize that the primary responsibility for establishing internal controls rests with auditors
C. Establish auditors as being primarily responsible for the prevention and detection of fraud within an organization
D. All of the above
Establish standards for auditors in fulfilling their responsibilities related to fraud during a financial statement audit
Auditors have the responsibility to plan and perform an audit to obtain reasonable assurance about whether the financial statements are free of material misstatement, whether caused by error or fraud. The auditing standard codified in AU Section 240, Consideration of Fraud in a Financial Statement Audit, establishes standards and provides guidance to auditors in fulfilling that responsibility, as it relates to fraud, in conducting a financial statement audit. While this standard focuses on the auditor’s consideration of fraud in an audit of financial statements, management is primarily responsible for the prevention and detection of fraud.
Edward Gross and other criminologists have asserted that organizations are inherently: A. Criminogenic B. Exploitative C. Averse to misconduct D. None of the above
Criminogenic
Sociologist Edward Gross has asserted that all organizations are inherently “criminogenic” (prone to committing crime), but not necessarily criminal. Without necessarily meaning to, organizations can invite fraud as a means of obtaining goals. Gross makes this assertion because of the reliance on the “bottom line.”
AU Section 240 requires auditors to brainstorm how management could perpetrate and conceal fraudulent financial reporting.
A. True
B. False
True
AU Section 240 requires auditors to hold a “brainstorming” session to discuss the potential for material misstatements due to fraud. This discussion should cover:
•How and where the entity’s financial statements might be susceptible to fraud
•How management could perpetrate and conceal fraudulent financial reporting
•How the entity’s assets could be misappropriated
In the area of criminological theory, \_\_\_\_\_\_\_\_\_\_\_\_ is the theory that tries to prevent crime by using the threat of criminal sanctions. A. Deterrence B. Adherence C. Punishment D. None of the above
Deterrence
As a strategy to control crime, deterrence is designed to detect law violations, determine who is responsible, and penalize offenders to deter future violations. Deterrence systems try to control the immediate behavior of individuals, not the long-term behaviors targeted by compliance systems. Deterrence theory assumes that humans are rational in their behavior patterns. Humans seek profit and pleasure while they try to avoid pain. Deterrence assumes that an individual’s propensity toward lawbreaking is in inverse proportion to the perceived probability of negative consequences.
A corporation cannot be held criminally liable for its employees’ actions if there were specific policies in place that prohibited the activity undertaken by the employees.
A. True
B. False
False
A corporation can generally be held criminally responsible for criminal acts committed by its employees even if those in management had no knowledge of or participation in the underlying criminal events and even if there were specific policies or instructions prohibiting the activity undertaken by the employees. The acts of any employee, from the lowest clerk to the CEO, can impute liability upon a corporation. In fact, in many jurisdictions, a corporation can be criminally responsible for the collective knowledge of several of its employees even if no single employee intended to commit an offense.
As part of a fraud risk assessment, the assessment team should identify the individuals most likely to commit fraud and the methods they are likely to use.
A. True
B. False
True
In identifying potential fraud risks, the risk assessment team should evaluate the incentives and pressures on individuals and departments to commit fraud. The team should then use the information gained in that process to identify the individuals and departments most likely to commit fraud and the methods they are likely to use. This knowledge will assist the organization in tailoring its fraud risk response, including establishing appropriate segregation of duties, proper review and approval chains of authority, and proactive fraud auditing procedures.
Which of the following is NOT one of the core principles of sound corporate governance? A. Transparency B. Fairness C. Independence D. Responsibility
Independence Most systems of corporate governance are focused on several core principles or values, which include: •Accountability •Transparency •Fairness •Responsibility
The Treadway Commission was established with the purpose of defining the responsibility of the auditor in preventing and detecting fraud.
A. True
B. False
True
The National Commission on Fraudulent Financial Reporting (commonly known as the Treadway Commission) was established in 1985 with the purpose of defining the responsibility of the auditor in preventing and detecting fraud. The commission was formed and sponsored by five predominant professional auditing organizations at the time—the American Institute of Certified Public Accountants, The Institute of Internal Auditors, the American Accounting Association, Financial Executives International, and the Institute of Management Accountants.
What is the objective of a fraud risk assessment?
A. To help an organization identify what makes it most vulnerable to fraud
B. To provide an estimate of an organization’s fraud losses
C. To assess the design and effectiveness of an organization’s internal controls over financial reporting
D. To establish the guilt or innocence of an employee suspected of committing fraud
To help an organization identify what makes it most vulnerable to fraud
In the simplest terms, the objective of a fraud risk assessment is to help an organization identify what makes it most vulnerable to fraud. Through a fraud risk assessment, the organization is able to identify where fraud is most likely to occur, enabling proactive measures to be considered and implemented to reduce the chance that it could happen.
According to the joint COSO and ACFE publication Fraud Risk Management Guide, who has responsibility for managing fraud risk?
A. The board of directors
B. Personnel at all levels of the organization
C. Internal audit
D. Executive management
Personnel at all levels of the organization
According to the joint COSO/ACFE Fraud Risk Management Guide, “personnel at all levels of the organization—including every level of management, staff, and internal auditors—have responsibility for managing fraud risk.”
Of the following parties, who is responsible for the oversight of the organization’s financial, accounting, and audit matters? A. The internal auditors B. The CFO C. The external auditors D. The audit committee
The audit committee
As a sub-group of the board of directors, the audit committee is often delegated oversight of the organization’s financial, accounting, and audit matters and reports to the full board. As part of this responsibility, the committee must take an active role in overseeing the assessment and monitoring of the organization’s fraud risks. This involves:
•Receiving regular reports on the status of reported or alleged fraud
•Being aware of fraud risks that are common in the organization’s industry
•Meeting regularly with key internal parties (such as the chief audit executive or other senior financial persons) to discuss identified fraud risks and the steps being taken to prevent and detect fraud
•Understanding how internal and external audit strategies address fraud risk
•Providing external auditors with evidence that the audit committee is dedicated to effective fraud risk management
•Engaging in open conversations with external auditors about any known or suspected fraud
•Seeking advice of legal counsel whenever it deals with allegations of fraud
According to criminologist Donald Cressey, which of the following is NOT essential to the commission of fraud?
A. General information about how the company might be defrauded
B. Absence of controls
C. Technical skill
D. All of the above are essential
Absence of controls
In Cressey’s view, there were two components of the perceived opportunity to commit a trust violation: general information and technical skill. General information is simply the knowledge that the employee’s position of trust could be violated. This knowledge might come from hearing of other embezzlements, from seeing dishonest behavior by other employees, or just from generally being aware of the fact that the employee is in a position where he could take advantage of his employer’s faith in him. Technical skill refers to the abilities needed to commit the violation. These are usually the same abilities that the employee needs to obtain and keep his position in the first place.
The Sarbanes-Oxley Act provides both civil and criminal penalties for retaliating against corporate whistleblowers.
A. True
B. False
True
The Sarbanes-Oxley Act contains two provisions that establish broad protections for corporate whistleblowers. Section 806 creates a civil liability for an employer who retaliates against an employee who provided information or assisted in an investigation of fraudulent activity or violation of securities laws and regulations. This provision only covers employees of publicly traded companies. Section 1107 establishes criminal sanctions for anyone who intentionally retaliates against another party for providing information regarding an alleged federal offense to a law enforcement officer.
During an admission-seeking interview of a fraud suspect, Gary, a Certified Fraud Examiner, accuses the suspect of having committed a fraud. Gary’s accusation violates the ACFE Code of Professional Ethics.
A. True
B. False
False
Article V of the ACFE Code of Professional Ethics states: “An ACFE member, in conducting an examination, will obtain evidence or other documentation to establish a reasonable basis for any opinion rendered. No opinion shall be expressed regarding the guilt or innocence of any person or party.” Although it does not specifically state such, Article V really applies to statements of opinion made to third parties. If the fraud examiner was interviewing a suspect whose guilt was highly probable, the Code would not prohibit the fraud examiner from making accusations. The admission-seeking process, used extensively by fraud examiners, requires that accusations be made of the probable guilty party. As long as these accusations are not communicated to third parties, the fraud examiner would not be in violation of the Code.
All of the following are advantages to using data analysis software EXCEPT:
A. Fraud examiners can use data analysis software to ensure that an investigation is accurate and complete.
B. Fraud examiners can use data analysis software to centralize fraud investigations.
C. Fraud examiners can use data analysis software to produce accurate results from bad data.
D. Fraud examiners can use data analysis software to search for red flags of possible fraud.
Fraud examiners can use data analysis software to produce accurate results from bad data.
There are five significant advantages to using data analysis software. First, data analysis software allows the fraud examiner to centralize an investigation, relying less on others to gather data. Second, data analysis software allows the fraud examiner to ensure that an investigation is accurate and complete. Third, data analysis allows the fraud examiner to base predictions about the probability of a fraudulent situation on reliable statistical information. Fourth, data analysis allows the fraud examiner to search entire data files for red flags of possible fraud. Finally, data analysis can assist the fraud examiner in developing reference files for ongoing fraud detection and investigation work.
