A.

Explain fraud triangle in the context an identified fraud case in the Philippines
(choose any company with identified fraud). (10 points)
The fraud triangle explains why worker’s commit workplace fraud. There
are three stages in the triangle fraud namely the pressure on the individual, the
opportunity to commit fraud, rationalization of the crime. On the first stage,
pressure can come from different factors such as personal problems. These
personal problems can come financially. On the second stage, the individual
decides to take its course of action to defraud the organization. In this stage, the
individual who decides sees an opportunity the defraud the organization by
abusing its position. On the third stage, the individual who committed the fraud
should be able to defend his/herself. The individual must justify that his reason for
defrauding the organization is acceptable. Rationalization most of the time comes
from external factors such as personal responsibilities like family.
In the case of Kapa Investment, the organization leaders took off with the
investor’s money. The organization leader claimed that the organization had as
many as 5 million investors. In the first stage, we can say that with the amount of
money the organization leaders had, there is a possibility that they took off with the
money because they are experiencing financial problems which put pressure on
their shoulders. In the second stage, we can say that since the individuals who
committed the crime are organization leaders they saw a clear sight that they can
abuse their power and commit the crime. As of the moment, the last stage is still
not applicable because the enforcers are still looking for the criminals.

B. Assess the control risk of Philhealth using the 1992 COSO internal control
framework [five components]. (10 points)
The five components of COSO internal control framework are control
environment, risk assessment, control activities, information and communication,
and monitoring. Firstly, Philhealth demonstrates the commitment to integrity and
ethical values because the organization has a code of conduct that has the
declaration of their policies for Philhealth officials and employees. In this
certification, it consists of the norms of conduct of public officials and employees,
Philhealth core values, duties and obligations of Philhealth towards its
stakeholders, specific rules of conduct, prohibited acts and transactions, penalties,
and incorporation. With this certification, the organization is setting a tone that they
are trying to controlling the actions and decisions of their employees by setting
policies and procedures they should follow in order to establish responsibility,
accountability, and structure.

On the other hand, Philhealth assesses the risks that threaten the
achievement of its objectives by implementing a risk information management
system. In 2018, Philhealth implemented a risk information management system
that is in charge of the risk management process that allows the organization to be
able to quickly respond to new and evolving risks. The risk information
management system contains all the identified risks and risk-related information.
 Moreover, Philhealth has adopted Enterprise-wide risk management to manage
uncertainties and risks.

For information and communication, Philhealth communicates with the

internal and external users by having their contact information posted on the
website, as well as the officials and employees of Philhealth. Moreover, there are
board meetings that take place which is also seen on the website. These board
meetings make sure that the board knows what is expected of them. Furthermore,
the organization has different departments in order to communicate.

For control activities, Philhealth has set up policies and procedures that
their employees follow for integrity and effectiveness. These policies and
procedures also act as their control activities because the code of conduct includes
the penalties for the employees if prohibited acts and transactions have been done.

For monitoring activities, Philhealth has an organizational structure that

consists of different departments that oversee the different functions of the
organization. The organization has a code of conduct that states what should be
done and what should not be done. With this code of conduct, the organization is
able to identify the things that are not correct and how to correct them.

C. Identify and discuss the application of at least 2 relevant ISAs (except standard
on reporting reporting) in 2GO's restated financials statements in 2017. Limit your
readings tot the auditors report and the financial statements. (10 points)
ISA 530 is commonly used in assessing the company’s financial statement.
The firm uses audit sampling to gather data to have a reasonable basis for the
conclusions of the firm. In line with sampling, performing audit procedures to
applicable items to make sure that the data is valuable. Another standard we can
see that is being used here is the ISA 315 which is the Identifying and Assessing
the Risks of Material Misstatement. There was an issue with 2GO with how it
reinstated its financial statement twice for consecutive years. This made an alert
to its environment and its shareholders. SGV & Co handled the company applying
every ISA standard compatible to make sure that the company’s report is free of
misstatements, fraud, and error.

D. Discuss the appropriateness of the procedures identified and its relevance to

sampling in the attached case. (10 points)
There may be different procedures for every company depending on what
field the company is in. In this given case, the CPA of Carbald Supply Company,
Carole Wever, uses 4 audit procedures. One of this is foot and cross-foot, using
the balance sheet, data are totaled vertically and horizontally to get more available
samples. As explained in IAS 530, the more relevant data gather, the less sampling
risk. Furthermore, reviewing of all sales transaction is another procedure used by
the accountant to make sure no transaction has been skipped. Unrecorded
transactions will increase auditing risk and may lead to misstatements in the
Financial Statements. Moreover, selecting samples from the recorded transactions
and tracing it back is another procedure to lessen risks because in this way, we
can be assured that transactions are recorded right and this lessen the sampling
risk. Lastly, selecting a sample from shipping document numbers and perform
different and detailed tests is another safety precaution that could reduce sampling
risk to make sure that data used in auditing is free from any error.