Scribd Logo
Upload

Welcome to Scribd!

  • Whodunit Case Study

    Uploaded by

    Anna Liu
    170 views1 page
    1) Debbie Jones, an office worker at a small company, embezzled $40,000 over two months by taking advantage of her cash handling duties and the company's informal culture with little oversight. 2) To prevent future fraud, the company needs to implement additional controls like segregating financial duties among employees, strengthening authorization procedures for transactions, and increasing supervision and accountability. 3) While the trusting culture remains important, growing the business requires formalizing stricter controls over cash flows, transactions, and financial reporting to adequately mitigate expanding risks as the company increases in size.

    Original Description:

    Whodunit case study analysis

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    1) Debbie Jones, an office worker at a small company, embezzled $40,000 over two months by taking advantage of her cash handling duties and the company's informal culture with little oversight. 2) To prevent future fraud, the company needs to implement additional controls like segregating financial duties among employees, strengthening authorization procedures for transactions, and increasing supervision and accountability. 3) While the trusting culture remains important, growing the business requires formalizing stricter controls over cash flows, transactions, and financial reporting to adequately mitigate expanding risks as the company increases in size.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    170 views1 page

    Whodunit Case Study

    Uploaded by

    Anna Liu
    1) Debbie Jones, an office worker at a small company, embezzled $40,000 over two months by taking advantage of her cash handling duties and the company's informal culture with little oversight. 2) To prevent future fraud, the company needs to implement additional controls like segregating financial duties among employees, strengthening authorization procedures for transactions, and increasing supervision and accountability. 3) While the trusting culture remains important, growing the business requires formalizing stricter controls over cash flows, transactions, and financial reporting to adequately mitigate expanding risks as the company increases in size.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 1

    Executive Summary.

    $40,000 was stolen from a small company by Debbie Jones, an office worker for the said firm. Because of her
    involvement in cash handling and recording tasks—combined with the relatively informal and overly trusting culture of the
    company—Debbie was able to commit a lapping scheme for two months. To mitigate the risk of and the possible damages from similar
    events occurring in the future, additional controls must be added.

    Present Issues Risks Recommendations

    Segregation Debbie has control over a Increased risk of fraud due • Custody of assets and record keeping should be
    of Duties majority of duties, including to no checks and balances segregated as much as possible.
    asset custody, customer billing, present under Debbie’s sole • Have a clearer demarcation of roles for billing and
    and record keeping. control and minimal similar tasks.
    supervision from Susan. • Hire/assign other workers if costs permit.

    Transaction There is a lacking authorization Checks that come in can • Listings of checks coming in should be made to
    Authorization procedure from owners when easily be cashed out by counter check with deposit tickets.
    checks are mailed and employees since there is no • The owners or the President should be the one in
    deposited to the bank. system to account for these. charge to stamp the checks to be sent out as final
    authorization.
    • Use only one stamp (e.g. "For Deposit Only").

    Supervision Because Debbie is a family Easier to carry out theft and • Closer & stricter supervision must be implemented to
    friend, John and Susan are fraud amongst employees properly guide and monitor the employees.
    more permissive and trusting. due to lack of supervision.

    Accounting • Sales invoices are not Increased risk of security • Have prenumbered sales invoices.
    Records prenumbered. challenges due to a lacking • Send extra copies of the sales invoice along with check
    • Checks received from audit trail. payments to account for sales.
    customers are not accounted • All customers should be sent monthly bills.
    for with corresponding invoices.
    • Monthly bills are only sent to
    unpaid customers.

    Access Too much access is given to With too much trust and • Restrict access of employees, especially with regards
    Control Debbie (i.e. custody of checks, access given to a single to valuable information. (limited only to the task they are
    accounting records and ability employee, theft and fraud handling)
    to make deposits). can be done with ease. • Complement the segregation of duties so that no single
    employee can access systems implemented to verify
    one another.
    • Require all employees to take their vacation time,
    without exception.

    Independent Debbie who is tasked to report High risk of fraud and • Assign verification to an employee independent of the
    Verification and record daily transactions is money laundering due to employee responsible for the tasks/information or to an
    also the one tasked to verify lack of independent internal auditor to avoid falsifying transactions.
    through making the reports. verification. • Regularly trace payments to outstanding receivables.
    • Track the trend of AR days; a gradual increase may
    indicate lapping.

    General • Microcomputers can easily • High risk of system error • Have a backup storage. For example, a software that
    Controls malfunction and have low due to outdated systems. could update the records from the microcomputer in real
    Application computational power compared • High risk of intentional time to another computer that is highly restricted to the
    Controls to mainframes. manipulation and owners may be implemented.
    (IT Controls) • Microcomputer did not provide destruction of evidence. • Procure technologies that can provide certain
    access controls to files and restrictions to sensitive information (e.g. an access
    information; some employees control matrix) in order to prevent file manipulation.
    had unrestricted access. • Have logs of user login/activity to provide a better audit
    • There is a lack of backup data trail.
    storage & transfer processes.

    Conclusion. As the company continues to grow beyond its roots as a small family business, stricter controls must be formalized and
    implemented to mitigate the similarly growing risks. While trust and a human touch remain important in hiring and managing the
    business—especially when considering the current company size and the persisting need for supervision in the short to medium-term—due
    diligence must still be exercised when dealing with transactions and cash flows of this magnitude. From a more formal segregation of duties
    to stricter check-handling, the additional controls minimize the risk of embezzlement in a cost-effective manner. Even if embezzlement does
    happen in the future, the greater abundance of data and a resultantly more robust audit trail makes analysis and detection far easier.

    You might also like