Professional Documents
Culture Documents
Fraud
Fraud
Fraud
1
ETHICS, FRAUD AND OVERVIEW OF INTERNAL CONTROLS
Module 003
Course Module
LO 1
Ethical Issues in Business
Ethics pertains to the principles of conduct that individuals use in making choices and guiding
their behavior in situations that involve the concepts of right and wrong.
1. equity,
2. rights,
3. honesty, and
4. the exercise of corporate power.
Presented beloware some of the business practices and decisions in each of these areas that have
ethical implications.
INTRODUCTION TO ACCOUNTING INFORMATION
3
ETHICS, FRAUD AND OVERVIEW OF INTERNAL CONTROLS
Course Module
Sarbanes Oxley Act
LO 2 (excerpted from European Association of Communications Agencies)
The Sarbanes-Oxley Act was passed in the US in 2002, having been drawn up followinga
number ofhigh profile accounting scandals, such as Enron, that seriously dentedinvestor
confidence.
The Act applies to US public companies and their global subsidiaries and from June 2005 it
will also apply to any foreign company whose shares are traded on the US stock exchange
and those who are contemplating such a listing.
The US Securities and Exchange Commission (SEC) have extended the deadline for non US
companies to comply with section 404 of the Sarbanes-Oxley Act to July 2006. The 12-
month extension will allow most UK companies a full financial year to deal with the
International Financial Reporting Standard (IFRS), the European Union's financial services
action plan and the new listing regime in the UK before full compliance with Sarbanes-
Oxley
The Sarbanes-Oxley legislation is wide ranging and establishes new or enhanced standards
for all US public company Boards, Management, and public accounting firms.
Under the terms of the act the CEO and CFO must certify that company accounts and other
financial statements fairly represent their firm's financial position. In addition the
company's management must state annually that they are responsible for financial control
within their company, have assessed the effectiveness of their internal systems and
processes for financial control and have confirmed their operation in practice.
Sarbanes-Oxley law contains 11 titles, or sections, ranging from additional Corporate Board
responsibilities to criminal penalties. The act requires Security and Exchange Commission
(SEC) to implement rulings on requirements to comply with the new law
Course Module
The Sarbanes-Oxley Act requires that these changes be made to safeguard against
possibility of fraud through contract compliance, written policies and stronger internal
controls to match the contract compliance in line with the policies.
Agencies will need to ensure that every process that impacts upon the financial processes
of the agency is fully documented. This is likely to impact a range of departments across the
agency not just those in the financial department. There is likely for example to a significant
impact upon IT departments in an era where much information is generated and stored
electronically.
Agencies will need to ensure that all key risks are identified and that the controls they have
in place match those risks.
Agencies will need to ensure that the key controls they have in place are tested and that
any gaps they have in those controls are reported upon and closed.
• an exercise in documentation
• an opportunity to identify operational improvements
For agencies with unknown control weaknesses Sarbanes-Oxley offers an opportunity to fix
them.
For agencies with known control weaknesses Sarbanes-Oxley offers the opportunity to set
the record straight.
INTRODUCTION TO ACCOUNTING INFORMATION
7
ETHICS, FRAUD AND OVERVIEW OF INTERNAL CONTROLS
What are the implications for supplying information that is knowingly false?
The act makes the chief executives and chief financial officers of companies personally
responsible for the information that is included in their financial accounts and systems of
internal financial control.
The penalties for supplying information that is knowingly false are severe:
1. 20 years imprisonment
2. $5m fine
Agencies may find that there are benefits of upgrading their financial management systems
such as:
Fraud
LO 3
Course Module
- It denotes a false representation of a material fact made by one party to another party
with the intent to deceive and induce the other party to justifiably rely on the fact to his
or her detriment.
- In a business setup, it is an intentional deception, misappropriation of a company’s
assets, or manipulation of its financial data to the advantage of the perpetrator.
- It is commonly known as white-collar crime, defalcation, embezzlement, and
irregularities.
- According to common law, a fraudulent act must meet the following five conditions:
1. False representation
- There must be a false statement or a nondisclosure.
2. Material fact
- A fact must be a substantial factor in inducing someone to act.
3. Intent
- There must be the intent to deceive or the knowledge that one’s
statement is false.
4. Justifiable reliance
- The misrepresentation must have been a substantial factor on which the
injured party relied.
5. Injury or loss
- The deception must have caused injury or loss to the victim of the fraud.
- Levels of Fraud:
• employee fraud
• management fraud
Employee Fraud
▪ This is a fraud committed by non-management employees where
employee circumvents the company’s internal control system for
personal gain
▪ Usually involves the following steps:
1. stealing something of value (an asset),
2. converting the asset to a usable form (cash), and
3. concealing the crime to avoid detection.
INTRODUCTION TO ACCOUNTING INFORMATION
9
ETHICS, FRAUD AND OVERVIEW OF INTERNAL CONTROLS
Management Fraud
Course Module
LO 4
Fraud Triangle
It consists of three factors that contribute to or are associated with management and employee
fraud.
• Situational Pressure
• Opportunity
• Ethics
Situational Pressure
▪ These are personal or job-related stresses that could coerce an individual
to act dishonestly
Opportunity
Ethics
Evaluation of fraud isenhanced when the fraud triangle factors are considered. In doing so,
auditors often use a red-flag checklist consisting of the following types of questions:
LO 5 Types of Fraud
1. FraudulentStatements
2. Corruption
3. Asset Misappropriation
Fraudulent Statements
- This involves some form of financial misstatement that has direct or indirect
financial benefit to the perpetrator
- Example:
Course Module
Understating liabilities to present a more favorable financial picture of the
organization to drive up stock prices.
Corruption
Bribery
Illegal Gratuities
• It involves giving, receiving, offering, or soliciting something of
value because of an official act that has been taken.
Conflicts of Interest
• It occurs when an employee acts on behalf of a third party during
the discharge of his or her duties or has self-interest in the activity
being performed.
Economic Extortion
Asset Misappropriation
- This is the most common fraud schemes where assets are either directly or
indirectly diverted to the perpetrator’s benefit
- Transactions involving cash, checking accounts, inventory, supplies, equipment,
and information are the most vulnerable to abuse.
- The following are the fraud schemes involving asset misappropriation:
▪ Skimming
▪ Cash Larceny
▪ Billing
▪ Check Tampering
▪ Payroll
▪ Expense Reimbursement
▪ Theft of Cash
▪ Non-Cash Misappropriations
Skimming
• It involves stealing cash from an organization before it is recorded
on the organization’s books and records.
Cash Larceny
• It involves schemes in which cash receipts are stolen from an
organization after they have been recorded in the organization’s
books and records.
Billing
• Also known as “vendor fraud”
• This is perpetrated by employees who causes their employer to
issue a payment to a false supplier or vendor by submitting
invoices for fictitious goods or services, inflated invoices, or
invoices for personal purchases
Check Tampering
Course Module
• This involves forging or changing in some material way a check
that the organization has written to a legitimate payee.
Example:
An employee steals an outgoing check to a vendor through
forging the payee’s signature, and then, cashes the check
Payroll
• This involves distribution of fraudulent paychecks to existent
and/or nonexistent employees.
Example:
A supervisor keeps an employee on the payroll who has left the
organization and still continues to submit time cards to the
payroll department as if the employee is still working in the
organization.
This scheme usually happens if the supervisor is responsible
for distributing paychecks to employees
Expense Reimbursement
• This involves a scheme wherein an employee makes a claim for
reimbursement offictitious or inflated business expenses
Example:
A salesperson files false expense reports, claiming meals,
lodging, and travel that never occurred
Theft of Cash
• This involves a direct theft of cash on hand in the organization.
Example:
An employee makes false entries on a cash register, such as
voiding a sale, to conceal the fraudulent removal of cash.
INTRODUCTION TO ACCOUNTING INFORMATION
15
ETHICS, FRAUD AND OVERVIEW OF INTERNAL CONTROLS
A properly designed system of internal controls should reduce the risk of errors and prevent
anindividual from perpetrating and concealing fraud.
The internal control system comprises policies, practices, and procedures employed by the
organization to achieve the following four broad objectives:
1. To safeguard assets of the firm.
2. To ensure the accuracy and reliability of accounting records and information.
3. To promote efficiency in the firm’s operations.
4. To measure compliance with management’s prescribed policies and procedures.
The structure of an organization and assignment of job duties should be designed to segregate
certain functions within this environment.Cost-benefit criteria must be considered.
Segregation of duties
For any given transaction, the following functions preferably should be performed by
separate individuals in different parts of the organization:
• Authorization of the transaction
• Recording of the transaction
• Custody of assets associated with the transaction
• Internal control system is designed to detect fraud by one person but not fraud by
collusion or management override.
Course Module
Organizational Hierarchy
1. In a medium-sized or larger organization, adequate segregation of duties can be
achieved by separating the responsibilities of the following corporate-level
executives:
LO 7
COSO Internal Framework
1. Control Environment,
2. Risk Assessment,
3. Information and Communication,
4. Monitoring, and
5. Control Activities.
Control Environment
The control environment is the foundation for the other four control components.
It sets the tone for the organization and influences the control awareness of its
management andemployees.
Risk Assessment
Course Module
Organizations must perform a risk assessment to identify, analyze, and manage
risksrelevant to financialreporting. Risks can arise or change from circumstances
such as:
• The classes of transactions that are material to the financial statements and
how those transactions are initiated.
• The accounting records and accounts that are used in the processing of
material transactions.
• The transaction processing steps involved from the initiation of a transaction
to its inclusion in the financial statements.
• The financial reporting process used to prepare financial statements,
disclosures, and accounting estimates.
Course Module
Monitoring
Monitoring is the process by which the quality of internal control design and
operation can be assessed. Monitoring process is needed since the management
must determine if internal controls are functioning as intended
Control Activities
These are the policies and procedures used to ensure that appropriate actions are
taken to dealwith the organization’s identified risks.
Transaction Authorization
- This ensures that allmaterial transactions
processed by the information system are valid and
in accordance with management’sobjectives.
- This may be a general or specific authorization.
INTRODUCTION TO ACCOUNTING INFORMATION
21
ETHICS, FRAUD AND OVERVIEW OF INTERNAL CONTROLS
▪ General Authorization
- This is granted to operations personnelto
perform day-to-day operations.
- Example:
Authorizing the purchase of inventories
from a designated vendor only when
inventory levels fall to their
predeterminedreorder points
▪ Specific Authorization
- This is granted in dealing with case-by-
case decisions associated with
nonroutinetransactions
- Example:
Decidingwhether to extend a particular
customer’s credit limit beyond thenormal
amount
Segregation of Duties
- Segregating employee duties to minimize
incompatible functions
Supervision
- A compensating control if an organization cannot
employ and achieve adequate segregation of duties
due to lack of manpower.
Accounting Records
Course Module
- Consist of source documents,journals, and ledgers
which captures the economic essence of
transactions and provide an audittrail of economic
events
Access Control
- This ensures that only authorized personnel
haveaccess to the firm’s assets.
Independent Verification
- These are verification procedures that are
independent checking of the accounting system to
identify errors and misrepresentations
- Example:
o Reconciling batch totals at points during
transaction processing.
o Comparing physical assets with accounting
records.
o Reconciling subsidiary accounts with control
accounts.
o Reviewing management reports (both
computer and manually generated) that
summarize businessactivity.
INTRODUCTION TO ACCOUNTING INFORMATION
23
ETHICS, FRAUD AND OVERVIEW OF INTERNAL CONTROLS
1. Hall, James A (2016). Accounting Information System (9th ed). Boston City: Cengage
Learning.
Course Module