Consumer Fraud

1. A Ponzi scheme can be characterized as an ostensibly legitimate, yet ultimately fraudulent,

investment opportunity wherein the promoter pays previous investors with money gained from
new victims.

 A. True

 B. False

A Ponzi scheme is generally defined as an illegal business practice in which new investors’ money is
used to make payments to earlier investors. The investment opportunity is typically presented with the
promise of uncommonly high returns. While the scam is presented as a legitimate investment, there is
little or no actual commerce involved. When an enterprise promotes an investment opportunity that
invests little or none of the participants’ money and uses new investments to make dividend payments,
the enterprise is running a Ponzi scheme.

2. Advance-fee schemes, debt consolidation schemes, and diploma mills are all examples of
consumer fraud schemes.

 A. True

 B. False
Consumer fraud schemes involve a range of fraudulent conduct, usually committed by professional
scammers, against unsuspecting victims. Scammers are skilled fraudsters who develop strategies, select
targets, and use an appropriate method of delivery to lure their victims. Scammers usually act alone, but
they might group together for a particularly complex endeavor.
Some examples of consumer fraud schemes include advance-fee schemes, debt consolidation schemes,
and diploma mills.

3. A financial fund operator who insists that investors continually reinvest their profits, rather than
take payouts, is a red flag of a Ponzi scheme.

 A. True

 B. False
The following are red flags of Ponzi schemes:

 Sounds too good to be true: If an investment sounds too good to be true, it probably is.
 Promises of low risk or high rewards: Promoters of Ponzi schemes typically promise implausibly
high or quick returns with little risk. As all legitimate investments include some degree of risk, any
guarantee that an investment will perform in a certain way is a clear signal that it might be part of
a Ponzi scheme.
 History of consistent returns: Any firm that generates remarkably consistent returns regardless of
market conditions should raise suspicions.
  High-pressure sales tactics: Reputable investment firms and agents do not push potential
investors to act immediately, and legitimate investment opportunities are rarely that time
sensitive.
 Pressure to reinvest: Often, fraudsters keep Ponzi schemes alive by convincing investors to
reinvest their profits rather than take a payout.
 Complex trading strategies: Legitimate agents should be able to provide clear explanations about
their investment strategies. For obvious reasons, Ponzi-scheme boosters purposefully employ
complicated strategies that confound unsophisticated investors.
 Lack of transparency or access: Secrecy surrounding the operations of a financial company
should be an immediate warning sign. Ponzi operators are often unlicensed, and their supposed
investments are typically unregistered. Additionally, a lack of access to regular statements or an
online account should trigger alarm.
 Lack of separation of duties: Investors should be wary of any financial manager who manages,
administers, and retains custody of the fund in question.

4. All of the following are examples of schemes that specifically target older individuals EXCEPT:

 A. A fraudster convinces a victim that their computer has a virus and offers unnecessary repair services
in exchange for a fee.

 B. A fraudster informs an individual that they won a prize but must pay a sum of money before they can receive it.

 C. A fraudster pretends to be the victim’s grandchild and requests money to help with a difficult financial situation.

 D. A fraudster offers to eliminate an individual’s credit card debt after the individual pays for the service
with their card.

Elder fraud, also known as  elder financial abuse, includes different types of consumer fraud schemes
perpetrated against older individuals.
In a tech-support scheme, a fraudster attempts to convince victims to pay for unnecessary computer
services to repair nonexistent viruses or other problems. The scheme usually begins with a fraudster
calling a victim and claiming to be a computer technician working for a well-known tech company (e.g.,
Microsoft or Apple). Alternatively, the victim might be tricked into calling the fraudster directly via pop-up
messages warning about nonexistent computer problems. Once the victim is on the phone, the fraudster
generally instructs the victim to download and run software that gives the fraudster remote access to the
victim’s computer. The fraudster proceeds to perform phony diagnostic tests on the victim’s computer,
and then falsely claims to have detected viruses or other problems and offers to fix the victim’s computer
for a fee. In addition to collecting a fee for unnecessary services, the fraudster might install spyware onto
the victim’s computer.
In a grandparent scheme, a scammer calls an older individual and asks if the individual knows who is
calling. When the grandparent guesses the name of a grandchild, the scammer pretends to be that
grandchild. The scammer claims to be in a financial bind and asks if the grandparent can send money via
the internet or a money transfer service. The scammer urges the grandparent to avoid telling anyone
about the situation. Once scammers receive the money, they continue to contact the grandparent for
more money.
In a sweepstake and prize scheme, fraudsters inform older individuals they won a prize but must pay a
fee to receive it. The fraudsters then convince their victims that they can eventually win the grand prize if
they send in another fee. This cycle continues until the victims catch onto the scheme or are no longer
able to send fees because they have depleted their savings.
A scheme in which a fraudster offers to eliminate an individual’s credit card debt after the individual pays
for the service with their card is an example of a credit card debt elimination scheme. Although anyone
could be a target of this kind of fraud, such schemes generally do not specifically target older individuals.
 5. A favored device of phony charities is to send school-age children door to door to say that they
are raising money for antidrug programs or for a group that takes underprivileged kids on trips.

 A. True

 B. False
A favored device of phony charities is to send school-age children door to door to say that they are raising
money for antidrug programs or for a group that takes underprivileged kids on trips. Some of the children
repeat what they are told in exchange for a few dollars. Others believe they will receive rewards and free
trips when in fact they, too, are being scammed.

6. Real estate scams are easily recognized, as there is almost always an element of time pressure
or "now-or-never" pitch from the perpetrator.

 A. True

 B. False

Real estate scams are easily recognized. There is almost always an element of time pressure, with the
victims being convinced they are participating in a “once-in-a-lifetime, now-or-never” deal.  Perpetrators
mislead victims into thinking they will miss the opportunity to make a fortune if they do not act fast.

7. In a/an _____________ scheme, the company that initially conned a consumer contacts that
consumer and offers to help retrieve the lost money. However, the investigation requires an up-
front fee and the consumer is swindled again.

 A. Scavenger

 B. Advance-fee

 C. Double-hustle

 D. Retrieval
 8. Telemarketing schemes target individuals, not businesses.

 A. True

 B. False

Telemarketing offenses are classified as consumer fraud, yet many businesses are affected by office
supply and marketing services scams. The nature of phone rooms, the geographical distances between
the perpetrators and their victims, and the resources and priorities of law enforcement agencies all make
enforcement efforts difficult.

9. A pyramid scheme is designed to pay off its earliest investors.

 A. True

 B. False
Pyramid schemes are designed to pay off their earliest investors but not later investors. Probability
studies have shown that 93–95% of the participants in a pyramid scheme (all but those who join at the
earliest stage) will lose most of their money. Half can expect to lose all the money they invest.

10. Which of the following types of elder fraud schemes often involves property that does not exist or
is significantly different than promised?

 A. Vacation scheme

 B. Grandparent scheme

 C. Home improvement scheme

 D. Tech-support scheme

Elder fraud, also known as elder financial abuse, includes different types of consumer fraud schemes
perpetrated against older individuals. In travel, vacation, and timeshare schemes, fraudsters post
advertisements for vacation properties that are nonexistent, significantly different than promised, or not
actually available for rent. Telemarketers sometimes target older individuals directly, promising
inexpensive vacation packages or timeshares that can be easily resold.
In a tech-support scheme, a fraudster attempts to convince victims to pay for unnecessary computer
services to repair nonexistent viruses or other problems. The scheme usually begins with a fraudster
calling a victim and claiming to be a computer technician working for a well-known tech company (e.g.,
Microsoft or Apple). Alternatively, the victim might be tricked into calling the fraudster directly via pop-up
messages warning about nonexistent computer problems. Once the victim is on the phone, the fraudster
generally instructs the victim to download and run software that gives the fraudster remote access to the
victim’s computer. The fraudster proceeds to perform phony diagnostic tests on the victim’s computer,
and then falsely claims to have detected viruses or other problems and offers to fix the victim’s computer
for a fee. In addition to collecting a fee for unnecessary services, the fraudster might install spyware onto
the victim’s computer.
In a grandparent scheme, a scammer calls an older individual and asks if the individual knows who is
calling. When the grandparent guesses the name of a grandchild, the scammer pretends to be that
grandchild. The scammer claims to be in a financial bind and asks if the grandparent can send money via
the internet or a money transfer service. The scammer urges the grandparent to avoid telling anyone
about the situation. Once scammers receive the money, they continue to contact the grandparent for
more money.
In a home improvement scheme, the fraudster recommends a friend who can perform needed home
repairs for an older individual at a reasonable price. This friend might require the homeowner to sign a
document upon completion, confirming repairs were made. In some cases, the victims later learn they
signed over the title of their house to the repairperson. In other cases, not only is the victim overcharged,
but the work is also performed improperly. 

11. Maria, a successful restaurateur, has been informed of an unusually attractive investment
opportunity by a recent acquaintance and decides to invest in it. Several months and a couple of
underwhelming payments later, Maria grows frustrated with the diminishing disbursements and
attempts to withdraw her money. After several weeks of delay, she realizes that the promoter
seems to have vanished, along with her investment. Maria is the victim of which of the following
fraudulent ploys?

 A. A dog and pony scam

 B. A fly and buy scheme

 C. A Ponzi scheme

 D. An illegal pyramid

 12. Which of the following is a common red flag of elder fraud schemes?

 A. New friends who appear suddenly and without prior mention

 B. Large bank account withdrawals with no explanation

 C. The discovery of signed or forged legal documents

 D. All of the above

The following are some common red flags for elder fraud schemes. While the presence of any one of
these circumstances does not necessarily indicate that elder fraud is occurring, individuals close to the
older individuals should take note of multiple occurrences of or patterns in these warning signs.

 Outstanding bills
 Disconnection notices for unpaid utilities
 Large bank account withdrawals with no explanation
 New friends who appear suddenly and without prior mention
 The discovery of signed or forged legal documents (e.g., power of attorney [POA]) that the older
individual is not aware of
 Another caregiver asking probing or unexpected questions about the older individual’s spending
habits
 The older individual missing property or belongings
 The discovery of financial decisions or arrangements made that the older individual is unaware of
(e.g., the opening of a new account in the person’s name)

13. A pyramid scheme is promoted by encouraging victim investors to recruit new members. The
more members recruited, the higher the investor rises in the ranks of the enterprise, and the more
money the investor is supposed to make.

 A. True

 B. False

In an illegal pyramid scheme, the more members that are recruited, the higher the investor is purported to
rise in the ranks of the enterprise, and the more money the investor is supposed to make.
The difference between a Ponzi scheme and an illegal pyramid lies in how the operation is promoted.
Illegal pyramids are promoted as pyramids, whereas Ponzi schemes are promoted as investment
opportunities. In an illegal pyramid, the pyramidal structure helps draw new players, each believing that
they will rise through the ranks of the pyramid. A Ponzi scheme, on the other hand, masquerades as
some type of investment.
 14. Automatic debit program schemes occur when fraudsters obtain a consumer’s bank account
information and then use this information to draft money from the consumer’s bank account
without that person’s consent.

 A. True

 B. False

Automatic debit programs are a convenient way to pay bills, such as recurring charges for mortgages and
car loans. Fraudsters exploit these programs by obtaining consumers’ bank account information through
telemarketing schemes. Fraudsters then use this information to draft money from consumers’ bank
accounts without their consent.

15. Not every company that runs its business using a pyramid structure is operating an illegal
pyramid scheme.

 A. True

 B. False
Not all organizations with a pyramid structure are engaging in illegal activity. Some legitimate
merchandising companies use a pyramid structure to rank their employee-owners and to determine those
people’s compensation. A pyramid structure becomes an illegal pyramid scheme when the recruitment of
new members takes precedence over the product or service that the company is ostensibly promoting.
The more members that are recruited, the higher the investor is purported to rise in the ranks of the
enterprise, and the more money the investor is supposed to make.

16. A Ponzi scheme can best be described as an illegal business structure that might offer
merchandise or services but generates almost all of its revenues from the relentless recruitment
of new members.

 A. True

 B. False

A Ponzi scheme is generally defined as an illegal business practice in which new investors’ money is
used to make payments to earlier investors. The investment opportunity is typically presented with the
promise of uncommonly high returns. While the scam is presented as a legitimate investment, there is
little or no actual commerce involved.
In contrast, an illegal pyramid scheme is unique in that the more members that are recruited, the higher
the investor is purported to rise in the ranks of the enterprise, and the more money the investor is
supposed to make.

17. Victims of consumer fraud are more likely to be organizations or businesses rather than
individuals.

 A. True
  B. False

Consumer fraud schemes involve a range of fraudulent conduct, usually committed by professional
scammers, against unsuspecting victims. Scammers are skilled fraudsters who develop strategies, select
targets, and use an appropriate method of delivery to lure their victims. Scammers usually act alone, but
they might group together for a particularly complex endeavor. 
The victims can be organizations but more commonly are individuals. Victims can be old or young, male
or female, or wealthy or poor, and they are usually dispersed geographically. Many victims who become
the targets of consumer fraud are considered to be in the naïve segments of the population, such as older
individuals. It is important to note, however, that even the savviest consumers can become targets if they
are not aware of the schemes involving consumer fraud.

18. A confidence scheme designed to part victims from their money by falsely promising the future
delivery of a product or service in exchange for an up-front payment is called a(n): 

 A. Bait and switch scheme

 B. Scavenger scheme

 C. Advance-fee scheme

 D. Home-based business scheme

Advance-fee schemes are structured to obtain an illegal gain by falsely promising the delivery of a
product or service. In some schemes, the product is marketed to a large number of customers, and then
the operation is shut down prior to the delivery stage. Common scenarios used to commit advance-fee
scams include the following:

 A home improvement contractor requires pre-payment for materials.

 Notice of a supposed inheritance from an unknown relative is received.
 Various exorbitant fees are required prior to securing financial assistance or advice.

19. Which of the following is NOT a type of scheme that is commonly used by fraudsters to take
advantage of older individuals?

 A. Home improvement schemes

 B. Fill-and-split games schemes

 C. Sweepstake and prize schemes

 D. Tech-support schemes

The following are common types of elder fraud schemes: 

 Home improvement schemes

  Sweepstakes and prize schemes
 Travel, vacation, and timeshare schemes
 Tech-support schemes
 Romance schemes
 Work-at-home schemes
 Grandparent schemes

Fill-and-split games are a type of pyramid scheme that uses gaming elements to keep the victims’
attention and distract them from the absurdity of the scheme. Fill-and-split games are not a type of fraud
scheme commonly used to take advantage of older individuals.

20. What is the primary difference between a Ponzi scheme and a pyramid scheme?

 A. In a pyramid scheme, old investors are paid with money from new investors.

 B. A pyramid scheme promotes itself as a pyramid, whereas a Ponzi scheme promotes itself as an investment
opportunity.

 C. All pyramid schemes are legal, whereas all Ponzi schemes are illegal.

 D. A Ponzi scheme is promoted by encouraging victim members to recruit new members.

The difference between a Ponzi scheme and an illegal pyramid lies in how the operation is promoted.
Illegal pyramids are promoted as pyramids, whereas Ponzi schemes are promoted as investment
opportunities. In an illegal pyramid, the pyramidal structure helps draw new players, each believing that
they will rise through the ranks of the pyramid. A Ponzi scheme, on the other hand, masquerades as
some type of investment. 

21. Which of the following is NOT considered to be a red flag of a Ponzi scheme?

 A. An investment that has a history of inconsistent returns coinciding with fluctuations in financial markets

 B. An investment that promises extremely high or short-term returns with little risk involved

 C. A financial manager who puts an unusual amount of pressure on investors to act immediately

 D. A financial manager who manages, administers, and retains custody of the investment funds

The following are red flags of Ponzi schemes:

 Sounds too good to be true: If an investment sounds too good to be true, it probably is.
 Promises of low risk or high rewards: Promoters of Ponzi schemes typically promise implausibly
high or quick returns with little risk. As all legitimate investments include some degree of risk, any
 guarantee that an investment will perform in a certain way is a clear signal that it might be part of
a Ponzi scheme.
 History of consistent returns: Any firm that generates remarkably consistent returns regardless of
market conditions should raise suspicions.
 High-pressure sales tactics: Reputable investment firms and agents do not push potential
investors to act immediately, and legitimate investment opportunities are rarely that time
sensitive.
 Pressure to reinvest: Often, fraudsters keep Ponzi schemes alive by convincing investors to
reinvest their profits rather than take a payout.
 Complex trading strategies: Legitimate agents should be able to provide clear explanations about
their investment strategies. For obvious reasons, Ponzi-scheme boosters purposefully employ
complicated strategies that confound unsophisticated investors.
 Lack of transparency or access: Secrecy surrounding the operations of a financial company
should be an immediate warning sign. Ponzi operators are often unlicensed, and their supposed
investments are typically unregistered. Additionally, a lack of access to regular statements or an
online account should trigger alarm.
 Lack of separation of duties: Investors should be wary of any financial manager who manages,
administers, and retains custody of the fund in question.

22. In credit repair scams, the fraudster promises to “erase” or “doctor” an applicant’s credit history,
but in reality there is no way to erase bad credit.

 A. True

 B. False

Similar to loan scams are those that promise to repair credit. Fraudsters who pitch credit repair services
like to say that they can “wipe away,” “doctor,” or “cosmeticize” negative items on credit, insinuating they
have ways of changing or disguising a person’s credit history. Despite the fact that there is really no way
to erase bad credit, many people fall for this scam, paying large sums of money to expunge their records.

Glenn has just inherited a large amount of money from a deceased relative. Several weeks later, a
colleague of Glenn’s suggests an investment in a security that is sure to generate returns of 20% every
six months. Glenn is intrigued, but he is also worried that it might be a Ponzi scheme. Which of the
following actions should Glenn take before investing?

 A. Find out if the financial manager is licensed and if the security is registered

 B. Ensure that he can comprehend the details and strategy of the investment

 C. Determine if the investment’s returns have been abnormally consistent

 D. All of the above

 23. Unscrupulous debt consolidation schemes include each of the following EXCEPT:

 A. The debt consolidation company collects payments but does not appropriately forward them.

 B. The debt consolidation company guarantees the debtor will receive a loan or credit card regardless of the debtor's c

 C. The debt consolidation company writes a letter to the debtor's creditors and arranges a payment plan.

 D. The debt consolidation company charges an up-front processing fee and then disappears.

Unscrupulous debt consolidation schemes often involve the agency collecting the money from the debtor
but not forwarding it to the creditors. In some instances, considerable time can pass before the debtor
finds out that their money has been misappropriated. Another variation of the debt consolidation scheme
occurs when customers are guaranteed that they will receive a loan or a credit card regardless of their
credit rating. Typically, the victims have been rejected by legitimate financial institutions because their
credit ratings are poor. The victim must pay a processing fee for the application to be accepted. After the
victim pays the fee, the con artist disappears.

24. All organizations with a pyramid structure are illegal.

 A. True

 B. False

Not all organizations with a pyramid structure are engaging in illegal activity. Some legitimate
merchandising companies use a pyramid structure to rank their employee-owners and to determine those
people’s compensation. A pyramid structure becomes an illegal pyramid scheme when the recruitment of
new members takes precedence over the product or service that the company is ostensibly promoting.
The more members that are recruited, the higher the investor is purported to rise in the ranks of the
enterprise, and the more money the investor is supposed to make.

25. Which of the following would be the LEAST LIKELY target of an affinity fraud scheme?

 A. Large corporations

 B. Religious communities

 C. Immigrant groups

 D. Professional associations

Affinity fraud targets groups of people who have some social connection. Neighborhoods chiefly
populated by racial minorities, especially immigrant groups, are often the site of affinity frauds, and older
individuals and language minorities are frequent targets as well. In addition, religious and professional ties
are often exploited.

26. The most common giveaway scheme, in which a postcard arrives in the mail telling the recipient
they have already won a prize such as a luxurious vacation or cash, is known as:

 A. The "Bait and Switch"

 B. The "1-in-5"

 C. The "Fly and Buy"

 D. None of the above

The most common giveaway scheme is known as the 1-in-5. In this scheme, a consumer receives a letter
or postcard in the mail informing that individual that they have already won a prize. The prizes usually
include luxurious vacations, new cars, or cash. Unfortunately, the odds of winning any of the prizes are
extremely low. Victims might receive items of minimal or no value or coupons redeemable only for the
company’s substandard merchandise.

Contract and Procurement Fraud

1. Rowena, a Certified Fraud Examiner (CFE), is an auditor for the government’s Office of Audit
and Evaluation. While conducting a routine audit of ten construction contracts from the Public
Works Department, Rowena notices some unusual characteristics in the contracts’ bidding
documents. The contracts were all awarded to the same contractor, and the specifications in all ten
contracts had unreasonably narrow specifications for the types of goods being procured. Which of
the following types of procurement fraud schemes is MOST LIKELY at issue here?

 A. A procurement employee has drafted bid specifications in a way that gives an unfair advantage to a certain
contractor.

 B. A procurement employee has intentionally included unallowable costs in the projects’ contracts and budgets.

 C. A procurement employee convinced their employer that it needs excessive or unnecessary products or services.

 D. A procurement employee broke up a large project into several small projects that fall below the mandatory
bidding level.

2. All of the following activities are included in the pre-solicitation phase of procurements
involving open and free competition EXCEPT:

 A. The procuring entity develops the bid specifications.

 B. The procuring entity identifies its needs.

 C. The procuring entity determines the method for acquiring the goods or services.
  D. The procuring entity issues the solicitation document.

In the presolicitation phase, the procuring entity identifies its needs, develops the bid specifications (what,
how much, and how good), determines the method to use for acquiring the goods or services, and
develops the criteria used to award the contract.
Bid specifications are a list of elements, measurements, materials, characteristics, required functions, and
other specific information detailing the goods and services that a procuring entity needs from a contractor.
The procuring entity issues the solicitation document in the solicitation phase of the procurement process.

3. High percentages of returns, missing compliance certificates, and evidence of falsified

test inspection results are red flags of which of the following procurement fraud
scenarios?

 A. A contractor charging the procuring entity for labor costs that are not allowable

 B. Two or more competing contractors agreeing to refrain from bidding

 C. A contractor delivering goods or services that do not conform to the contract specifications

 D. A procuring employee manipulating the bidding process to benefit a favored contractor

Nonconforming goods or services fraud, also known as product substitution or failure to meet contract
specifications, refers to attempts by contractors to deliver goods or services to the procuring entity that do
not conform to the underlying contract specifications. Once contractors deliver goods that do not conform
to the contract, they bill and receive payment for conforming goods or services without informing the
purchaser of the deficiency.
The following is a list of potential red flags for nonconforming schemes:

 High percentage of returns for noncompliance with specifications

 Missing, altered, or modified product compliance certificate
 Compliance certificates signed by employees with no quality assurance responsibilities
 Materials testing done by supplier, using the supplier’s own personnel and facilities
 Evidence that test or inspection results were falsified (e.g., documents appear altered or modified,
test documents are illegible, signatures on documents are illegible, documents were signed by
unqualified or inappropriate personnel, or test reports are similar or identical to sample
descriptions and test results)
 Highest profit product lines have the highest number of material return authorizations or
reshipments
 Discrepancy between product’s description or normal appearance and actual appearance (e.g., a
new product appears to be used)
 Used, surplus, or reworked parts are delivered
 Delivery of products that appear counterfeit (e.g., product packaging, appearance, and
description do not appear genuine; items that are consistently defaced in the same area; items
that appear different from each other)
 Offers by contractors to select the sample and prepare it for testing
 Delivery of look-alike goods
 Unusually high number of early replacements
 Contractor restricts or avoids inspections of goods or services upon delivery
 4. Which of the following activities is included in the bid evaluation and award phase of
procurements involving open and free competition?

 A. The procuring employees perform their contractual obligations.

 B. The procuring employees issue the solicitation document.

 C. The procuring employees assess the bids or proposals.

 D. The procuring employees develop the bid specifications.

In the bid evaluation and award phase, the procuring employees evaluate the bids or proposals, conduct
discussions and negotiations, and give the bidders an opportunity to revise their proposals. Procuring
employees then select the winning bid or proposal.

5. A contractor who delivers materials of lesser quality than specified in the contract or uses
a lower quality staff than specified in the contract might be involved in which of the
following types of procurement fraud schemes?

 A. Labor mischarging fraud

 B. Nonconforming goods or services fraud

 C. Product division fraud

 D. Material mischarging fraud

6. An inaccurate vendor master file can result in greater risks of duplicate payments,
unfavorable payment terms, and noncompliance with regulations.

 A. True

 B. False
Procurement entities must maintain an accurate and up-to-date vendor master file. An inaccurate or
incomplete vendor master file can result in greater risks of duplicate payments, unfavorable payment
terms, and noncompliance with regulations. Thus, the vendor master file should be updated continuously
and reviewed on a regular basis for inaccurate or incomplete records.

7. The solicitation phase of procurements involving open and free competition includes
which of the following activities?

 A. The procuring entity performs its contractual obligations.

 B. The procuring entity identifies its needs and develops the criteria used to award the contract.

 C. The procuring entity determines the method for acquiring the goods or services.

 D. The prospective contractors prepare and submit their bids.

The solicitation phase involves the bid solicitation, bid preparation, and bid submission. During this phase,
the procuring entity prepares the solicitation document, provides notices of solicitation, and issues the
solicitation document. After the procuring entity issues the solicitation document, the bidders prepare and
submit their bids or proposals.

8. Which of the following types of procurement fraud schemes involves procurement

employees who convince their employer, the procuring entity, that it needs excessive or
unnecessary products or services?

 A. Bid manipulation schemes

 B. Nonconforming goods schemes

 C. Need recognition schemes

 D. Bid tailoring schemes

 9. AD&N Railway solicits bids to lay several miles of new railroad track. Bob, who works for
AD&N, writes the specifications for the project to provide that AD&N will only contract
with companies that have more than 25 years of experience. Bob knows that only B&P
Track Co., one of the prospective bidders, has more than 25 years of experience. What
type of procurement fraud scheme has taken place? 

 A. Bid alteration

 B. Bid tailoring

 C. Bid division

 D. Bid suppression

10. ABC Paving and XYZ Asphalt are the only two companies in Greenwood County that lay
asphalt. An audit reveals that the government is paying more for asphalt work in
Greenwood County than in other counties in the region. A review of the records reveals
that of the last ten asphalt contracts awarded in Greenwood County, five have gone to
ABC and five have gone to XYZ. Which of the following procurement fraud schemes is
most likely occurring?

 A. Defective pricing

 B. Product substitution

 C. Bid rotation

 D. Need recognition

 11. Which of the following is a way that dishonest contractors collude to circumvent the
competitive bidding process?

 A. Agree to stay out of each other’s designated markets

 B. Alternate business among themselves on a rotating basis

 C. Refrain from submitting bids on certain contracts

 D. All of the above

Schemes involving collusion among contractors seek to circumvent the competitive bidding process. In
these schemes, competitors in the same market collude to defeat competition or to inflate the prices of
goods and services artificially.
The following schemes are common forms of collusion between competitors:

 Bid rotation: Bid rotation, also known as bid pooling, occurs when two or more contractors
conspire to alternate the business among themselves on a rotating basis.
 Bid suppression: Bid suppression occurs when two or more contractors enter into an illegal
agreement whereby at least one of the conspirators refrains from bidding or withdraws a
previously submitted bid.
 Market division: Market division (or market allocation) schemes involve agreements among
competitors to divide and allocate markets and to refrain from competing in each other’s
designated portion of the market. 

12. Which of the following is NOT a common red flag of procurement fraud schemes
involving collusion among contractors?

 A. More competitors than usual submit bids on a project or product.

 B. The same contractors bid on each project or product.

 C. All contractors submit consistently high bids.

 D. Bid prices fall when a new competitor enters the competition.

Common red flags of procurement fraud schemes involving collusion among contractors include:

 The industry has limited competition.

 The same contractors bid on each project or product.
 The winning bid appears too high.
 All contractors submit consistently high bids.
  Qualified contractors do not submit bids.
 The winning bidder subcontracts work to one or more losing bidders or to non-bidders.
 Bids appear to be complementary bids by companies unqualified to perform the work.
 Some bids fail to conform to the essential requirements of the solicitation documents (i.e., some
bids do not comply with bid specifications).
 Some losing bids were poorly prepared.
 Fewer competitors than usual submit bids on a project or product.
 When a new contractor enters the competition, the bid prices begin to fall.
 There is a rotational pattern to winning bidders (e.g., geographical, customer, job, or type of
work).
 There is evidence of collusion in the bids (e.g., bidders make the same mathematical or spelling
errors; bids are prepared using the same typeface, handwriting, stationery, or envelope; or
competitors submit identical bids).
 There is a pattern where the last party to bid wins the contract.
 There are patterns of conduct by bidders or their employees that suggest the possibility of
collusion (e.g., competitors regularly socialize, hold meetings, visit each other’s offices, or
subcontract with each other). 

13. Which of the following is a common way a procuring employee might engage in a bid
manipulation scheme?

 A. Opening bids prematurely

 B. Altering bids

 C. Extending bid opening dates without justification

 D. All of the above

In bid manipulation schemes, a procuring employee manipulates the bidding process to benefit a favored
contractor or supplier. Some common ways to commit these schemes include:

 Opening bids prematurely

 Altering bids
 Extending bid opening dates without justification

14. Which of the following is NOT one of the key phases of procurement processes that
employ competitive bidding mechanisms?

 A. The purchase and procurement phase

 B. The post-award and administration phase

 C. The solicitation phase

  D. The presolicitation phase

For the purpose of fraud detection, procurement processes that employ competitive bidding mechanisms
can be reduced to four basic stages:

 The presolicitation phase

 The solicitation phase
 The bid evaluation and award phase
 The post-award and administration phase

15. Which of the following statements about vendor management best practices is INCORRECT?

 A. Vendor master files should be kept current to reduce the risk of duplicate payments.

 B. The procedures used to monitor vendors should be based on the red flags of vendor schemes that pose the
greatest risk.

 C. Vendors should be subject to a background check before they are added to the vendor master file.

 D. The person who maintains the vendor master file should have the authority to approve invoices for payment.

The person responsible for the vendor master file should not be authorized to approve invoices for
payment or to sign checks.
Procurement entities must maintain an accurate and up-to-date vendor master file. An inaccurate or
incomplete vendor master file can result in greater risks of duplicate payments, unfavorable payment
terms, and noncompliance with regulations. Thus, the vendor master file should be updated continuously
and reviewed on a regular basis for inaccurate or incomplete records.
To manage vendors, a procuring entity must establish clear procedures for setting up new vendors and
changing vendor master file records. For example, procuring entities should require accounts payable
personnel to verify new vendors (i.e., ensure that the vendors are qualified) by conducting a vendor
background check before entering them into the vendor master file. 
Procuring entities must also use monitoring and auditing systems reasonably designed to detect criminal
conduct by their vendors. The procedures to monitor vendors are similar to those used to evaluate
vendors, and they should be based on red flags of vendor schemes that pose the greatest risk.

16. Which of the following is NOT an appropriate technique for detecting a nonconforming
goods or services scheme?

 A. Segregating and identifying the source of the suspect goods or materials

 B. Reviewing correspondence and contract files for indications of noncompliance with specifications

 C. Reviewing the contractor’s statements, claims, invoices, and supporting documents
  D. Reviewing the number of qualified bidders who submitted proposals

Nonconforming goods or services fraud, also known as product substitution or failure to meet contract
specifications, refers to attempts by contractors to deliver goods or services to the procuring entity that do
not conform to the underlying contract specifications. Once contractors deliver goods that do not conform
to the contract, they bill and receive payment for conforming goods or services without informing the
purchaser of the deficiency.
To detect nonconforming schemes, the fraud examiner should, at a minimum, examine the following for
red flags:

 Contract or purchase order (PO) specifications

 Contractor’s statements, claims, invoices, and supporting documents
 Received product
 Test and inspection results for the relevant period, searching for discrepancies between tests and
inspection results and contract specifications

To detect nonconforming schemes through more extensive methods, the fraud examiner should:

 Review correspondence and contract files for indications of noncompliance with specifications.
 Request assistance from outside technical personnel to conduct after-the-fact tests.
 Inspect or test questioned goods or materials by examining packaging, appearance, and
description to determine if the items are appropriate.
 Segregate and identify the source of the suspect goods or materials.
 Review inspection reports to determine whether the work performed and materials used in a
project were inspected and considered acceptable.
 Review the contractor’s books, payroll, and expense records to see if they incurred necessary
costs to comply with contract specifications.
 Review the inspection and testing reports of questioned goods or materials.
 Conduct routine and unannounced inspections and tests of questioned goods or materials.
 Examine the contractor’s books and manufacturing or purchase records for additional evidence,
looking for discrepancies between claimed and actual costs, contractors, etc.
 Interview procurement personnel about the presence of any red flags or other indications of
noncompliance.
 Search and review external records (e.g., court records, prior complaints, audit reports,
investigative reports, media sources) to determine if there is any history of misconduct.

17. To prevent contract and procurement fraud, companies should implement a continuous
monitoring program to monitor their procurement activities.

 A. True

 B. False

It is important for companies to implement a continuous, self-auditing program to monitor the performance
of their procurement activities. Continuous monitoring uses data analytics on a perpetual basis, thereby
allowing management to identify and report fraudulent activity more rapidly.
 18. Which of the following is a red flag of a procurement fraud scheme in which vendors are
colluding to circumvent the competitive bidding process?

 A. Qualified contractors do not submit bids

 B. The winning bidder subcontracts work to losing bidders

 C. There is a pattern where the last party to bid wins the contract

 D. All of the above

Common red flags of procurement fraud schemes involving collusion among contractors include:

 The industry has limited competition.

 The same contractors bid on each project or product.
 The winning bid appears too high.
 All contractors submit consistently high bids.
 Qualified contractors do not submit bids.
 The winning bidder subcontracts work to one or more losing bidders or to non-bidders.
 Bids appear to be complementary bids by companies unqualified to perform the work.
 Some bids fail to conform to the essential requirements of the solicitation documents (i.e., some
bids do not comply with bid specifications).
 Some losing bids were poorly prepared.
 Fewer competitors than usual submit bids on a project or product.
 When a new contractor enters the competition, the bid prices begin to fall.
 There is a rotational pattern to winning bidders (e.g., geographical, customer, job, or type of
work).
 There is evidence of collusion in the bids (e.g., bidders make the same mathematical or spelling
errors; bids are prepared using the same typeface, handwriting, stationery, or envelope; or
competitors submit identical bids).
 There is a pattern where the last party to bid wins the contract.
 There are patterns of conduct by bidders or their employees that suggest the possibility of
collusion (e.g., competitors regularly socialize, hold meetings, visit each other’s offices, or
subcontract with each other). 

19. Which of the following is an appropriate technique for detecting change order abuse?

 A. Interviewing complaining contractors and unsuccessful bidders about the presence of red flags

 B. Examining contract change orders that increase the scope or price of the existing contract

 C. Reviewing any change orders submitted by the contractor that add new items

 D. All of the above

A change order is a written agreement between the procuring entity and the contractor to make changes
in a signed contract. Change order abuse is a performance scheme that involves collusion between the
contractor and personnel from the procuring entity. In change order abuses, a corrupt contractor submits
a low bid to ensure that it wins the contract award, but, after the procuring entity awards the contract, the
corrupt contractor increases their price with subsequent change orders. 
Fraud examiners can detect change order abuse by engaging in the following activities:

 Examining contract change orders that add new items

 Examining contract change orders that increase the scope, quantity, or price of the existing
contract
 Analyzing contract change orders for red flags
 Interviewing complaining contractors, unsuccessful bidders, and procurement personnel about
the presence of any red flags
 Searching and reviewing external records (e.g., court records, prior complaints, audit reports,
investigative reports, media sources) to determine if there is any history of misconduct

20. Which of the following is NOT a common red flag of a bid tailoring scheme? 

 A. There are unusually broad specifications for the type of goods or services being procured.

 B. A contract is not rebid even though fewer than the minimum number of bids are received.

 C. Competitive awards vary among several suppliers.

 D. Only a few bidders respond to bid requests.

Bid tailoring schemes (also known as specifications schemes) occur during the presolicitation phase. In
these schemes, an employee with procurement responsibilities, often in collusion with a contractor, drafts
bid specifications in a way that gives an unfair advantage to a certain contractor.
Some common red flags of bid tailoring include:

 Weak controls over the bidding process

 Only one or a few bidders respond to bid requests
 Contract is not rebid even though fewer than the minimum number of bids are received
 Similarity between specifications and the winning contractor’s product or services
 Bid specifications and statements of work are tailored to fit the products or capabilities of a single
contractor
 Unusual or unreasonably narrow or broad specifications for the type of goods or services being
procured
 Requests for bid submissions do not provide clear bid submission information (e.g., no clear time,
place, or manner of submitting bids)
 Unexplained changes in contract specifications from previous proposals or similar items
 High number of competitive awards to one supplier
 Socialization or personal contacts among contracting personnel and bidders
 Specifications developed by or in consultation with a contractor who is permitted to compete in
the procurement
 High number of change orders for one supplier
 21. Which of the following is NOT an appropriate technique for detecting a cost
mischarging scheme involving labor?  

 A. Reviewing the standard and actual labor rates to determine if there are any significant differences

 B. Inspecting questioned goods or materials by examining packaging, appearance, and description

 C. Examining the total hours expended on the contract and comparing them to hours billed

 D. Comparing the direct and indirect labor account totals from the prior year to the current year

Inspecting questioned goods or materials by examining packaging, appearance, and description is a

technique for detecting a nonconforming goods or services scheme, not a cost mischarging scheme
involving labor.
Labor cost mischarges can be detected by engaging in the following activities:

 Examining labor cost records for the presence of red flags

 Reviewing audit reports, reimbursement requests, construction reports, engineering reports, and
so on
 Conducting site visits to verify that selected employees’ labor costs are being properly charged to
the work actually being performed
 Examining time cards, totaling the hours expended on the contract, and comparing them to the
hours billed
 Noting, in particular, repeated instances or a pattern of labor charges that increase the cost of
cost-plus contracts
 Reviewing journal entries used to transfer labor costs
 Comparing labor costs over a specific period to identify any unusual changes and determining the
reason for the changes
 Reviewing the standard and actual labor rates to determine if there are any significant differences
between the two
 Calculating the percentage of total direct labor charged to each contract to determine which had
the highest percentage of direct labor charges
 Reviewing and comparing the labor distribution summaries with payroll records to determine
whether the total labor distributions agree with the total labor charges
 Comparing the direct and indirect labor account totals from the prior year to the current year and
noting the percentage change
 Determining the percentage of total direct labor charged to each contract or work order to reveal
which charge numbers had the highest percentage of direct labor charges
 Analyzing the labor charges to determine if there were any shifts in charging pattern
 Preparing a schedule of salary or wage changes and comparing it to contract award dates and
labor rates
 Looking for terminated employees who are charged to contracts
 Comparing employee personnel records to contract position qualification requirements
 Interviewing individuals who changed their charging patterns during the year
 Searching and reviewing external records (e.g., court records, prior complaints, audit reports,
investigative reports, media sources) to find any history of misconduct
 22. Which of the following is a way that dishonest contractors collude to circumvent the
competitive bidding process?

 A. Use obscure publications to publish bid solicitations.

 B. Submit bids that are competitive in price.

 C. Submit invoices for work that was not performed or materials that were not delivered.

 D. Submit token bids that are not serious attempts to win the contract.

Schemes involving collusion among contractors seek to circumvent the competitive bidding process. In
these schemes, competitors in the same market collude to defeat competition or to inflate the prices of
goods and services artificially.
Complementary bidding (also known as protective, shadow, or cover bidding) is a common form of
collusion between competitors, and it occurs when competitors submit token bids that are not serious
attempts to win the contract. Token bids give the appearance of genuine bidding, but, by submitting token
bids, the conspirators can influence the contract price and who is awarded the contract.

23. Which of the following practices is a potential indicator of a bid splitting scheme?

 A. Frequent use of sole-source procurement contracts

 B. Low employee turnover in an organization's procurement department

 C. Two or more purchases from the same supplier in amounts just above competitive bidding limits

 D. Sequential purchases under the competitive bidding limits that are followed by change orders

In general, procuring entities must use competitive methods for projects over a certain amount. To avoid
this requirement, a dishonest employee might break up a large project into several small projects that fall
below the mandatory bidding level and award some or all of the component jobs to a contractor with
whom the employee is conspiring.
Some common red flags of bid splitting schemes include:

 Two or more similar or identical procurements from the same supplier in amounts just under
upper-level review or competitive-bidding limits
 Two or more consecutive related procurements from the same contractor that fall just below the
competitive-bidding or upper-level review limits
 Unjustified split purchases that fall under the competitive-bidding or upper-level review limits
 Sequential purchases just under the upper-level review or competitive-bidding limits
 Sequential purchases under the upper-level review or competitive-bidding limits that are followed
by change orders
 24. Which of the following is NOT an appropriate technique for detecting a nonconforming
goods or services scheme?

 A. Determining if contract costs have exceeded or are expected to exceed the contract value

 B. Interviewing procurement personnel about the presence of any red flags

 C. Conducting unannounced inspections of questioned goods or materials

 D. Reviewing the inspection and test reports of questioned goods or materials

Determining if contract costs have exceeded or are expected to exceed the contract value is a technique
for detecting a cost mischarging scheme involving materials, not a nonconforming goods or services
scheme.
Nonconforming goods or services fraud, also known as product substitution or failure to meet contract
specifications, refers to attempts by contractors to deliver goods or services to the procuring entity that do
not conform to the underlying contract specifications. Once contractors deliver goods that do not conform
to the contract, they bill and receive payment for conforming goods or services without informing the
purchaser of the deficiency.
To detect nonconforming schemes, the fraud examiner should, at a minimum, examine the following for
red flags:

 Contract or purchase order (PO) specifications

 Contractor’s statements, claims, invoices, and supporting documents
 Received product
 Test and inspection results for the relevant period, searching for discrepancies between tests and
inspection results and contract specifications

To detect nonconforming schemes through more extensive methods, the fraud examiner should:

 Review correspondence and contract files for indications of noncompliance with specifications.
 Request assistance from outside technical personnel to conduct after-the-fact tests.
 Inspect or test questioned goods or materials by examining packaging, appearance, and
description to determine if the items are appropriate.
 Segregate and identify the source of the suspect goods or materials.
 Review inspection reports to determine whether the work performed and materials used in a
project were inspected and considered acceptable.
 Review the contractor’s books, payroll, and expense records to see if they incurred necessary
costs to comply with contract specifications.
 Review the inspection and testing reports of questioned goods or materials.
 Conduct routine and unannounced inspections and tests of questioned goods or materials.
 Examine the contractor’s books and manufacturing or purchase records for additional evidence,
looking for discrepancies between claimed and actual costs, contractors, etc.
 Interview procurement personnel about the presence of any red flags or other indications of
noncompliance.
 Search and review external records (e.g., court records, prior complaints, audit reports,
investigative reports, media sources) to determine if there is any history of misconduct.
 25. Which of the following is NOT a red flag that might indicate the existence of a need
recognition scheme?

 A. The purchasing entity's materials are being ordered at the optimal reorder point.

 B. The purchasing entity does not have a satisfactory list of backup suppliers.

 C. The purchasing entity has unusually high requirements for stock and inventory levels.

 D. The purchasing entity has large numbers of surplus items written off as scrap.

Generally, procurement actions begin with the procuring entity making a determination of its general
needs. These initial determinations include assessments of the types and amounts of goods or services
required to meet the entity’s needs. In need recognition schemes, procurement employees convince their
employer that it needs excessive or unnecessary products or services.
There are several red flags that might indicate a need recognition scheme. An organization with unusually
high requirements for stock and inventory levels might reveal a situation in which a corrupt employee is
seeking to justify unnecessary purchases from a certain supplier. Likewise, if an organization’s materials
are not being ordered at the optimal reorder point, this should raise a red flag. An employee might also
justify unnecessary purchases of inventory by writing off large numbers of surplus items as scrap. As
these items leave the inventory, they open up spaces to justify additional purchases. Another indicator of
a need recognition scheme is a need that is defined in a way that can only be met by a certain supplier or
contractor. In addition, the failure to develop a satisfactory list of backup suppliers might reveal an
unusually strong attachment to a primary supplier—an attachment that is explainable by the acceptance
of bribes from that supplier.

26. Which of the following activities is included in the post-award and administration phase of
procurements involving open and free competition?

 A. The procuring entity develops the bid specifications.

 B. The procuring entity evaluates the bids or proposals.

 C. The procuring entity issues the solicitation document.

 D. The procuring entity performs its contractual obligations.

During the post-award and administration phase, the contracting parties fulfill their respective duties
through the performance of their contractual obligations. Activities that occur during this phase include
contract modifications (i.e., change orders); review of completed portions and release of monies; and
assessment of deliverables for compliance with the contract terms, including quality control.
Payment Fraud
1. Credit and debit card counterfeiting operations might include the use of which of the following?

 A. Desktop computers, embossers, tipping foil, and laminators

 B. Embossed blank plastic cards

 C. High-speed printing facilities

 D. All of the above

One common method of producing counterfeit credit and debit cards includes the use of blank plastic
cards. This scheme uses credit-card-sized plastic with embossed account numbers and names. This
scheme often works in conjunction with a corrupt and collusive merchant or a merchant’s employee.
Other counterfeit cards are wholly manufactured using high-speed printing facilities. Additional tools that
are common in the reproduction process include desktop computers, embossers, tipping foil, and
laminators.

2. In which of the following scenarios might a card skimming or shimming scheme be

conducted?

 A. A customer is pumping gasoline and notices a strange device attached to the self-payment apparatus

 B. A server walks away from a customer’s table to process a card payment

 C. An employee processes a payment outside of the customer’s view

 D. All of the above

A card skimming or shimming scheme requires a device, often referred to as a skimmer, wedge,

or shimmer, that scans and stores a large amount of credit and debit card numbers; skimmers scan
magnetic strips, while shimmers read microchips in smart cards. Card skimming or shimming is more
frequent in businesses where an employee is able to remove the card from the customer’s view to
process the transaction before returning it to the customer. 
Skimming or shimming can also be performed via the attachment of covert devices to automated teller
machines (ATMs), automated fuel dispensers, vending machines, point-of-sale (POS) terminals, or self-
service checkout kiosks. These devices are sometimes paired with a tiny hidden camera meant to record
the input of a user’s personal identification number (PIN).
 3. Which of the following is an example of a way in which an electronic funds transfer (EFT)
fraud scheme can be committed?

 A. A person who has stolen information about another person’s bank account instructs a biller to obtain payment from

 B. An employee of a person-to-person (P2P) provider misappropriates a customer’s account and password information

 C. A hacker obtains consumer account and password information to direct funds from consumers’ accounts

 D. All of the above

There are several ways in which fraud can be perpetrated through the electronic transfer of funds.
Potential sources of fraud include the following:

 A biller might send a bill for services not rendered or for goods never sent.
 A person who has obtained information about another person’s bank account might instruct a
biller to obtain payment from the other person’s account.
 A hacker might obtain passwords and usernames from an aggregator and use that information to
direct transfers from a consumer’s bank account.
 An employee at the site providing electronic bill presentment and payment (EBPP) services who
knows consumers’ usernames and passwords for screen-scraping purposes might use that
information to direct transfers from consumers’ bank accounts.
 A bank employee might use customer information to direct transfers from a customer’s account.

4. Which of the following is NOT a red flag of a fraudulent credit or debit card
transaction?

 A. A customer charges many expensive items to a newly valid card.

 B. A customer buys a small number of expensive items at one time.

 C. A customer cannot provide a photo identification when requested.

 D. A customer insists on taking a large item home even when delivery is included.

While any of the following can occur in a perfectly legitimate transaction, these characteristics
are frequently present during fraudulent transactions. Tellers and merchants should be advised to be alert
for customers who:
  Purchase an unusually large number of expensive items. 
 Make random purchases, selecting items with little regard to size, quality, or value.
 Do not ask questions on major purchases.
 Sign the sales draft slowly or awkwardly.
 Charge expensive items on a newly valid card.
 Cannot provide a photo identification when asked.
 Rush the merchant or teller.
 Purchase a large item, such as a television, and insist on taking it at the time, even when delivery
is included in the price.
 Make purchases and leave the store but then return to make more purchases.
 Become argumentative with the teller or merchant while waiting for the transaction to be
completed.
 Make large purchases just as the store is closing.

5. Due to the paper trail involved and the emphasis placed on the problem by law
enforcement, the vast majority of check fraud offenders are pursued and prosecuted.

 A. True

 B. False

Many merchants overburden police and prosecutors with reports of check fraud rather than implementing
effective training and controls to help prevent such schemes from the outset; therefore, law enforcement
and prosecutors do not have the time or manpower to pursue all such cases and are often uneager to do
so. Furthermore, check fraud perpetrators frequently migrate from one location to another, making their
apprehension and prosecution difficult.

6. How do smart cards differ from ordinary credit cards?

 A. Smart cards are embedded with a microchip that is not easily replicated.

 B. Smart cards are designed to prevent fraudulent online card-not-present (CNP) transactions.

 C. Smart cards are immune from physical, side-channel, and environmental attacks.

 D. Smart cards contain special holograms that identify the cardholder.

A smart card is a plastic card, the size of a credit or debit card, embedded with a microchip. A key
advantage of smart cards is that, unlike regular magnetic stripe credit and debit cards, they cannot be
easily replicated. Similarly, smart cards cannot be easily counterfeited, which greatly reduces the potential
for fraud with in-person transactions. Smart cards include a wide variety of hardware and software
features capable of detecting and reacting to tampering attempts and countering possible attacks. If
someone tries to tamper with a chip on a smart card, the card detects the intrusion and shuts itself down,
rendering the card useless.
Although smart cards are designed to withstand different kinds of potential attacks on security, they are
not immune from attacks. There are four main classes of attacks on smart cards: physical, side-channel,
software, and environmental.
While the adoption of smart cards has significantly reduced fraud for card-present (CP) transactions,
much of the fraud has been displaced to card-not-present (CNP) transactions on the internet. Significant
increases in CNP fraud have occurred globally in the years following the transition to smart cards. Large-
scale data breaches and the continued increase in online spending have also contributed to the rising
volume of CNP fraud.

7. Which of the following is a reason why prepaid debit and gift card fraud schemes are
attractive to fraudsters?

 A. Prepaid cards are relatively anonymous payment methods

 B. Prepaid cards can be purchased at countless retailers

 C. Prepaid cards are difficult to track after they have been purchased and activated

 D. All of the above

In recent years, prepaid cards have gained popularity. Prepaid gift and debit cards are commonly used by
those who do not have a bank account or who prefer relatively anonymous payment methods.
Unfortunately, these consumers are often targeted with prepaid card fraud schemes that can manifest in
many ways. Prepaid cards can be purchased at countless retailers and are difficult to track after they
have been purchased and activated.

8. Liam is the manager of a small bank that has recently experienced an increase in the
amount of fraud related to electronic funds transfers (EFTs). Which of the following
methods can Liam implement to reduce his bank’s exposure to EFT fraud?

 A. Separate the duties of bank employees so that responsibilities for the issuance of access devices are
separate from the issuance of PINs

 B. Ensure that PINs are mailed to the customer separately from other associated account information

 C. Send a welcome letter to new customers to determine if the address submitted on the account application
is valid

 D. All of the above

 9. Which of the following does NOT constitute an electronic funds transfer (EFT)?

 A. The computer-initiated deposit of an employee’s paycheck directly into the employee’s bank account

 B. A transfer of funds from a checking account to a savings account performed on a personal computer

 C. A customer’s use of a debit card to purchase dinner at a restaurant

 D. An airline ticket purchased through the internet with the use of a credit card

An electronic funds transfer (EFT) is any transfer of funds, other than one originated by a check or similar
paper instrument, that is initiated through an electronic terminal, telephonic instrument, or computer or
magnetic tape that orders or purports to authorize a financial institution to debit or credit an account.
Because it does not result in a transfer of funds, the use of a credit card to make a payment does not
constitute an EFT. Although jurisdiction-specific regulations and terminology might differ, each of the
following could generally be considered an EFT:
  A customer’s withdrawal of funds from the customer’s own account by use of an automated teller
machine (ATM)
 A customer’s transfer of funds from the customer’s checking account to the customer’s savings
account at the same financial institution initiated by the customer through a personal computer
 A customer’s transfer of funds from the customer’s checking account to the customer’s savings
account at the same financial institution initiated by the customer through the bank’s automated
telephone service
 A customer’s use of a debit card to purchase goods from a merchant who swipes the card
through a point-of-sale (POS) device to authorize the deduction of the amount of the sale from
the customer’s checking account
 A customer’s transfer of funds from the customer’s bank account to a third party initiated by the
customer through a personal computer
 An employer’s instruction, initiated by computer or through a magnetic tape, to a financial
institution to deposit funds representing an employee’s pay into the employee’s account
 A noncustomer’s instruction, initiated by computer or through a magnetic tape, to a financial
institution to withdraw funds from a customer’s checking account and transfer the funds to a
noncustomer’s bank account

10. Shimming devices differ from skimming devices in that shimmers are designed to

read a smart card’s _________.

 A. Expiration date

 B. Magnetic strip

 C. Microchip

 D. Signature panel

A card skimming scheme requires a device, often referred to as a skimmer, wedge, or shimmer, that
scans and stores a large amount of credit and debit card numbers; skimmers scan magnetic strips, while
shimmers read microchips in smart cards.

11. If a customer reports the loss or theft of an access device, the financial institution should
attempt to prevent fraud related to electronic funds transfers (EFTs) by canceling the
existing card, personal identification number (PIN), or other form of access and issuing a
new one.

 A. True

 B. False

The following are safeguards that banks can perform to reduce the risk that they or their customers
become victimized by unauthorized electronic funds transfers (EFTs):

 Confirm phone and mailing addresses on the application to ensure that they are consistent with
information about the applicant that is available from other sources and, with respect to existing
 customers, consistent with current records about these customers. This might involve obtaining
credit reports about the applicant or obtaining copies of utility bills that show the applicant’s
address.
 Make sure that the area or city code in the applicant’s telephone number matches the
geographical area for the applicant’s address.
 Send a welcome letter to the address on the application with the bank’s return address so that the
letter is returned if the applicant does not live there.
 Verify by telephone or additional mailings any change of address requests in the same way that
new account applications are verified.
 If a customer reports the loss or theft of an access device, cancel the existing card, personal
identification number (PIN), or other form of access and issue a new one.
 If a customer reports that a person previously authorized to use an access device no longer has
that authority, cancel all cards, PINs, or other access devices and issue new ones to the
customer.
 Always mail PINs separately from other information, such as usernames, with which they are
associated.
 Separate the responsibility of bank employees who have custody of information relating to access
devices from those who have responsibility for issuance, verification, or reissuance of PINs.
 Ensure that any communication concerning usernames or passwords is sent in a secure,
encrypted format.
 Require customers who register for electronic bill presentment and payment (EBPP) or person-to-
person (P2P) systems to provide information indicating that they are authorized to use the bank
account or credit card from which payments will be made.
 Employ multifactor authentication to verify transfers via EBPP or P2P systems. 

12. When fabricating a counterfeit credit or debit card, which of the following is the most
difficult facet to reproduce?

 A. The embossed numbers

 B. The hologram

 C. The magnetic strip

 D. The card thickness

The hologram is the most difficult aspect of a credit or debit card to reproduce. True holograms use a
lenticular refraction process; counterfeits are generally only reflected materials, usually foil with an image
stamped on it. These decals are attached to the card's surface rather than fixed into the plastic, as is the
case with legitimate cards. Some fraudulent holograms do not change colors—as legitimate ones do—
when viewed from various angles.

13. Smart cards include a wide variety of hardware and software features capable of
detecting and reacting to tampering attempts and countering possible attacks.

 A. True

 B. False
A smart card is a plastic card, the size of a credit or debit card, embedded with a microchip. A key
advantage of smart cards is that, unlike regular magnetic stripe credit and debit cards, they cannot be
easily replicated. Similarly, smart cards cannot be easily counterfeited, which greatly reduces the potential
for fraud with in-person transactions. Smart cards include a wide variety of hardware and software
features capable of detecting and reacting to tampering attempts and countering possible attacks. If
someone tries to tamper with a chip on a smart card, the card detects the intrusion and shuts itself down,
rendering the card useless.

14. Fraudsters often use stolen credit or debit cards to purchase prepaid gift or debit cards to
quickly convert illicit card funds into a legitimate cash equivalent.

 A. True

 B. False

Among the schemes that prepaid cards are used to facilitate are credit and debit card theft schemes.
Thieves use stolen credit and debit cards to purchase prepaid debit or gift cards, thus quickly converting
the illicit credit or debit card funds into a legitimate cash equivalent.

15. Which of the following factors enables or enhances fraudsters’ abilities to conduct
account takeover schemes?

 A. Customers regularly checking their online accounts for changes

 B. Consumers using the same log-in and password information on multiple accounts

 C. The increased use of multifactor authentication

 D. Payment accounts offering the ability to be notified when they are accessed or changed

16. To conduct an electronic payment using a person-to-person (P2P) system, the two
individuals must meet in person at a financial institution to sign an order requesting the
transfer of money from one person’s account to the other.

 A. True

 B. False

Account takeover fraud occurs when a fraudster surreptitiously takes control of a payment account.
Targeted accounts can include credit cards, banking, brokerage, or any type of online retail account (e.g.,
Amazon).
Because consumers often use the same username and password for multiple accounts, hackers
commonly create code that can run credentials obtained from a data breach at one company to see if
they are valid at another.
Account takeover fraud has increased significantly in recent years. Consumers should opt for multifactor
authentication when available, request notification of account access or changes when offered, and
regularly check any online accounts that hold payment information.

17. Which of the following steps is/are often taken during an account takeover scheme?

 A. Change customer contact information on the overtaken account

 B. Steal account log-in information using phishing emails

 C. Place orders using funds from the overtaken account

 D. All of the above

Account takeover fraud occurs when a fraudster surreptitiously takes control of a payment account.
Targeted accounts can include credit cards, banking, brokerage, or any type of online retail account (e.g.,
Amazon).
To take over an account, thieves obtain email addresses or other log-in information and use various
means to obtain passwords, such as phishing emails or password-cracking botnet attacks.
Once the thief overtakes an account, communication methods and contact information are altered to keep
the account holder unaware of the fraudulent activity. The thief is then free—depending on the type of
account—to place orders using stored payment information, transfer funds, or request duplicate credit or
debit cards.

18. Which of the following types of transactions is LEAST LIKELY to use a person-to-person
(P2P) payment system?

 A. A person making an online donation to a charity

 B. A person paying for an item on an online auction site

 C. A person transferring money to a friend abroad

 D. A person buying groceries at a supermarket

Person-to-person (P2P)  payment systems are an increasingly popular method for making payments

between individuals or between an individual and a business. P2P payments are commonly used to make
online payments but are not as common for in-person payments, such as paying for clothes at a
department store or buying groceries at a supermarket. These services are also used to move money
internationally and between various currencies at exchange rates that rival traditional methods of currency
exchange. TransferWise and PayPal are examples of popular P2P payment systems. Mobile payment
applications or digital wallets, such as Venmo or Apple Pay, might also have P2P payment features.

19. The equipment needed to run a check fraud ring is very expensive and difficult to obtain.
  A. True

 B. False

Check fraud rings thrive because the items needed to commit check fraud are easily obtainable and the
cost is minimal. Often, the only necessary equipment for a check fraud ring is a scanner, printer, and
personal computer.

20. Mario, an employee of a person-to-person (P2P) payment company, has been writing
down the account numbers and passwords of customer accounts with the intent of
fraudulently using them to pay for items he purchases online. Mario is engaging in:

 A. Credit card transfer fraud

 B. Check fraud

 C. Electronic funds transfer fraud

 D. None of the above

21. Frequent check deposits in round numbers or for the same amount and checks written to
individuals for large, even amounts might be indicators of check fraud.
  A. True

 B. False

Frequent deposits in round numbers or for the same amount and checks issued to individuals for large,
even amounts are both indicators of check fraud.

22. Which of the following is NOT a common type of credit or debit card fraud?

 A. Card counterfeiting

 B. Advance payments

 C. Skimming

 D. Profiling

Advance payments, card counterfeiting, and skimming are all forms of credit and debit card fraud;
profiling is not a type of credit or debit card fraud.

23. Jason, a server at a popular restaurant, takes a customer’s credit card to process a
payment. While he is on the other side of the dining area with his back facing the
customer, Jason swipes the card through a small device that he regularly uses to steal
his customers’ card information. Jason is engaging in a scheme known as card
________.

 A. Scanning

 B. Skimming or shimming

 C. Probing

 D. Counterfeiting or duplicating

 24. The chances of being arrested and prosecuted for check fraud are high, and the
penalties are relatively severe in most jurisdictions.

 A. True

 B. False

Check fraud is considered a relatively low-risk crime; the chances of being arrested and prosecuted are
low, and the penalties are relatively mild in most jurisdictions.

25. Mobile payments that require biometric authentication, such as a partial fingerprint or
three-dimensional facial scan, are usually less vulnerable to cyberattacks.

 A. True

 B. False

The ubiquitous presence of mobile devices has fostered a demand for mobile payments. These payments
are typically made through contactless technology, such as digital wallets or applications—also known
as in-app payments. Most mobile payments require users to authenticate themselves, and the technology
available in many mobile devices allows for biometric authentication, such as a partial fingerprint or three-
dimensional facial scan, which is difficult for fraudsters to bypass.
Mobile payments that do not require or offer biometric authentication can be more vulnerable to
cyberattacks due to the common practice of using the same log-in credentials for multiple applications. If
one application is hacked, criminals might attempt to access various platforms with the same credentials.