Investigations

Question 1

What Characteristics and common techniques are used to hide assests?

Answer 1

Must be
Liquid
Untraceable
Secure and accessable

Put in someone elses name
Pay down debt
Transfer to tax haven
Buy insurance products

Question 2

What is a blockchain?

Answer 2

Contains users cryptographic address. Can be used to ID patterns of criminal activities. Does NOT have ID info

Digital wallet: companies do have personal ID information.

Question 3

Reports.

Follow up/ recommendations. What should i put in the report?

Answer 3

ID aspects that remain outstanding
What action is necessary or recommended.

Might include recommendations related to the organizational procedures and controls.

Question 4

What is a fraud examination?

Answer 4

A process of resolving allegations of fraud from begining to end.

Obtain evidence
Reporting
Testifying to findings
Assisting in fraud detection and prevention

Question 5

Fraud Examination methodology.

Answer 5

Assume litigation will follow

ACT ONLY ON PREDICATION.

Question 6

Fraud theory approach for analysing data

Answer 6

Analyse available data
Create hypothesis
Test hypothesis
Redefine and amend the hypothesis.

Question 7

What should a fraud plan include?

Answer 7

GOALS of the investigation
Determine the SCOPE
TIME FRAME of investigation.

Question 8

Meta data definition.

Answer 8

Data about data

Question 9

Challenges of cloud forensics?

Answer 9

Lack of information accessibility

Lack of data control.

Question 10

Conclusions in report writing should be?

Answer 10

Self-evident- if not onvious clerify in report

Question 11

GDPR meaning and what it does.

Answer 11

General Data Protection Regulation:

Protects personal info/data of banks doing buisness in the European Unions

Question 12

Boolean operators

Answer 12

Advanced search operators
Put in quotes
Example “ money laundering”.
To get better results

Question 13

Online public database: Where should a CFE start?

Answer 13

With a past address

Use internet archives/past page look ups

Question 14

Electronic payments can help ID?

Answer 14

Assests suspect purchased
Locations of the suspects assets
Location of suspects residence and buisnesses.
Cities and countries suspect does buisness

Question 15

Correspondent banking

Answer 15

Big bank does buisness with little bank in another country ans vise versa.

Can handle eachothers transactions.

Must have ownwrship details, known agents, must be licensed and have anti money laundering policies.

Question 16

Direct method in tracing

Answer 16

Direct from books and records to analyze transactions.

Ie: credit cards, loans, bank records.

Question 17

What is the single most important resource available for tracing?

Answer 17

Bank records are the single most inportant financial source available for tracing

Question 18

What is Tracing?

Answer 18

Search for evidence regarding the ID and disposition of property.

Fraud vic who wants tracing for recovery of criminal proceeds
Trace to see if suspect can pay back funds
Judgement creditor- to ID suspects assets.

Question 19

Types of evidence

Answer 19

Testimonial: statements.
Digital: anything digital, pictures, videos
Documentary: records that prove or disprove. Records.
Fraud facts: consent in writing, court order, bank records

Question 20

What to do to prepare for an interview

Answer 20

Consider legal or admin issues specific to all jurisdictions involved.

Question 21

What are the five type of interview questions?

Answer 21

Introductory: get the suspect to commit to assist
Informational: questions should be closed or leading
Assesment: observe verbal and non verbal responses.
Admission: get a confession
Closing: confirm facts.

Question 22

Dealing with difficult situations. Im too busy. I dont remember

Answer 22

Too busy: interview will be short, already here, not hard, I need your help.

I don’t remember: remain silent while person deliberating or pose narrower questions.

Question 23

Rules on volital interviews

Answer 23

Always have two detectives and make the interview a surprise.

Hypothetical questions best bc leas threatening

Question 24

Calibrating/ norming

Assessment questions

Answer 24

The process of observing behavior before asking critical questions

Assessment: ask suspect to agree w/ matters that go against the principals of most honest people. Truthful answer one way, untruthful answer differently

Question 25

Verbal clues. Also known as?

Answer 25

Change is speech
Cough clear throat 
Repeat question
Complain about environment 
I swear to God 
Feeble attempts at humor
CLUSTERS

Question 26

Non verbal clues

Answer 26

Change in posture
Hand gestures increase or decrease 
Hands over mouth
Play with pencil or clothing 
Fleeing position

Question 27

Admission seeking objective and purpose

Answer 27

Designed to obtain a legal admission of wrong doing.

Purpose to distinguish innocent from potential guilty
Obtain valid confession
Get suspect to sign a written statement of acknowledging the facts.

Question 28

General rules for conducting admission seeking interviews. When to conduct

Answer 28

Only conduct when there is sufficient PRIVACY and when time is NOT a factor.

Do not express disgust or outrage

Project compassion, understanding and sympothy.

OFFER MORALLY ACCEPTABLE REASONS FOR BEHAVIOR.

Question 29

Steps in admission seeking interview…what to avoid. What to do when stating a denial.

Answer 29

Make direct accusation in form of a statement. Repeat the accusation. INTERUPT DENIALS

AVOID EMOTIVE WORDS SUCH AS STEAL, FRAUD OR CRIME

can show some evidence. Observe suspects reaction.

Question 30

Altruism?

Answer 30

The action was for the benefit of others.

For the kids? Help my family

Question 31

Diffuse alibis by?

Answer 31

Display physical evidence
Discuss witness statements
Prior deceptions
MAKE SUSPECT CHOOSE BETWEEN ONE OF TWO CHOICES, both imply guilt.
Get verbal confession. Confirm general details before pressing for specifics.

Question 32

What info to obtain during verbal confession

Answer 32

Intent
Motive
When/if crime was terminated
Others involved 
Physical evidence/ get suspect to provide it 
Is ANYTHING LEFT

Question 33

Natural vs non natural numbers.

Answer 33

Natural: not ordered in a particular numbering scheme. NOT HUMAN GENERATED.

NON-natural designed systematically: IE phone numbers. Bendords law cannot be applied.

Natural present some digits more than others.
1: 30.1%
2: 17.6%
3: 12.5 % and contines to lower.
ZERO: is most likely the second digit 18%

Question 34

Structured data va unstructured data

Answer 34

Structured: found in data bases, columns consisting of recognizable or predictable structers.

UNstructured: data not found in traditional spreadsheets IE: email or social media activity. Key words.

Question 35

What is textual analytics.

Answer 35

Extractinv usable info from unstructured data from social media text messages.

KEY WORDS FROM FRAUD TRIANGLE.

Question 36

Fraud Triangle

Answer 36

Pressure: deadline, quota, problem, concern

Opportunity: over ride, write off

Rationalization: reasonable, deserve

Question 37

Visual analytics

Answer 37

LINK analysis: charts with lines showing data from multi sources to track movement of Money.

Discover patterns, trends, relationships, communications. Direct or indirect relationships.

Effective when investigations are of money laundering ir ficticious vendors.

Question 38

Robotic process automation?

Answer 38

Technology that emulates a humen to execute buisness processes.

TAKES THE PLACE OF THE HUMAN

Question 39

Predictive analytics

Answer 39

Used to build a mathematical model to predict future events or outcomea.

Question 40

Artificial intelligence

Answer 40

Computer systems that can perform human like tasks.

Examine large amount of data using sophisticated tecniques go beyond traditional data analysis.

Question 41

Advanced data analytics. Surpervised vs non supervised. Deep learning

Answer 41

Supervised: humans identify patterns

Unsupervised: a program ID’s patterns on its own. Also Machine learning.

Deep learning: multi step learning in real time with multi programs at the same time.

Question 42

Benfords law

Answer 42

Numbers that follow a predictable pattern.

Question 43

Indirect approch to tracing: two methods.

Answer 43

Assest method: net worth, buy houses, toys, boats

Expenditures: sources of income: vacations, clothes.

CIRCUMSTANTIAL.

Question 44

Data analysis queries regarding accounts payables. What quieries can i run to verify $?

Answer 44

Summerize large invoices by amount, vender,

Review recurring monthly expenses and compare to posted/paid invoices.

Reconcile check registers
Verify vedor tax forms
Audit paid invoices for manual comparison.

Question 45

Planning phase. Build a profile of potential frauds… why? When?

Answer 45

When: no known suspects
Why: find where fraud could occur.
To maximize the potential success of detexting fraud through data analysis.
Understand existing fraud risks.

Build profile of potential frauds by ID’ing the risk areas, type of fraud.

Resulting in exposure to those frauds

Question 46

Data/ core analysis software capabilities.

Answer 46

Sorting: how want to view data. IE: receipt number, check number, etc.
Joining files: to see if same shows on all files
Correlation: one goes up, other goes up
Duplicate search:
Gap test: see if missing items in sequences.

Question 47

What to do in preparation phase at the beginning of an investigation.

Answer 47

ID relevant data
Obtain data
Verify data
Cleanse ans normalize data

Question 48

Data analysis process: three phases. For unknown suspects

Answer 48

Planning: build a profile of potential frauds
PREPERATION: cleanse and normalize data/ convert data IE: time zones, currency,
Correct known errors/ special characteristics
TESTING: run test. Address faulse positives.
LAST: Post analysis

Question 49

Internal vs external sources.

Answer 49

Internal may be all thats available (accounting and buisness records, copies of cancelled checks, employee personel files)

External sorcea: locating assets
Licating people
Ownership of assets
Lifestyle

Question 50

What is available in Regulatory Securities Records. As an investor what would i want to know about the company.

Answer 50

Corporate financial statements 
ID of officers or directors 
ID of significant owners
Registrant of properties and businesses
Descriptions of securities for sale 
Interest to investors 
History of the buisness

Question 51

What is pretexting

Answer 51

Impersonating someone else or making misleading statments to obtain info.