Professional Documents
Culture Documents
Ethics, Fraud, and Internal Control
Ethics, Fraud, and Internal Control
ETHICS,
FRAUD, AND
INTERNAL CONTROL
Objectives for Chapter 3
Understand the broad issues pertaining to business ethics
• Understand what constitutes fraudulent behavior
• Be able to explain fraud-motivating forces
• Be familiar with typical fraud schemes perpetrated by managers
and employees
• Be familiar with the common anti-fraud techniques used in both
manual systems and computer-based systems
• Be familiar with the use of the ACL in the detection of fraud
Business Ethics
Ethics
- pertains to the principles of conduct that individuals use in ma
king choices and guiding their behavior in situations that involve t
he concept of right and wrong
Business ethics
1. How do managers decide what is right in conducting their busi
ness?
2. Once managers have recognized what is right, how do they ac
hieve it?
Ethical principles that provide some guidance in the
discharge of manager's ethical responsibility:
• Proportionality
-benefit must outweigh the risk
• Justice
-benefit should be distributed fairly to those who
share the risk
• Minimize risk
. -the decision should be implemented so as to
minimize the risk and avoid unneccesary risk
Four Main Areas of Business Ethics
COMPUTER ETHICS
concerns the social impact of computer technology (hardware, s
oftware, and telecommunications).
• Pop
-exposure to stories and reports found in the popular media regarding the
good or bad ramifications of computer technology
• Para
-involves taking a real interest in computer ethics cases and acquiring
some level of skill and knowledge in the field
• Theoretical
-is of interest to multidisciplinary researchers with the goal of bringing some
understanding in the field
COMPUTER ETHICS
Ownership of Property
Does software fit with the current categories and conventions
regarding ownership?
Equity in Access
How can hardware and software be designed with consideration
for differences in physical and cognitive skills?
COMPUTER ETHICS
Environmental Issues
Should organizations limit nonessential hard copies?
Should proper recycling be required?
How can it be enforced?
Artificial Intelligence
Who is responsible for the completeness and
appropriateness of the knowledge base?
Who owns the expertise once it is coded into a knowledge
base?
COMPUTER ETHICS
Misuse of computers
Does it matter if the computer is used during company time or
outside of work hours?
Is it okay to look through files that belongs to someone else?
SARBANES-OXLEY ACT and ETHICAL ISSUES
The SEC has ruled that compliance with the Section 406
necessitates a written code of ethics that addresses the following
ethical issues:
1. Conflict of interest
2. Full and Fair disclosures
3. Legal Compliance
4. Internal reporting of Code Violations
5. Accountability
"FRAUD & Accountants"
Where were Auditors?
Intentional deception...
▪ Misappropriation of company's assets.
▪ Manipulation of financial data to the
advantage of financial perpetrator.
In accounting literature fraud is commonly known as:
• White-collar Crime
• Defalcation
• Embezzlement
• Irregularities
Employee Fraud
Fire needs...
Oxygen Fuel
Spark
FRAUD TRIANGLE
Situational
Available
Pressures
Opportunitie
an employee is
s poor
experiencing
internal
financial difficulties
controls
Personal Characteristics
personal morals of individual employees
Red flag checklist questionnaires.
Fraudulent Asset
Corruption
Statements Misappropriation
Fraudulent Statement
150,0…
Fraudulent
Fraudulen Statement
t s
Statement Corruption
s, 10% , 27%,
21% Fraudulent Statements 2,000,000.
Corruption
Asset 00
Misappro Asset Misappropriation
priation,
89%
1. BRIBERY
- Involves giving, offering, soliciting, or receiving things of
value to influence an official in the performance of his or her lawful
duties.
2. ILLEGAL GRATUITIES
- Involves giving, receiving, offering or soliciting something of
value because of an official act that has been taken.
- This is similar to Bribe, but the transaction occurs after the
fact.
3. CONFLICT OF INTEREST
- Occurs when an employee acts on behalf of a
third party during this discharge of his or her duties or
has self-interest in the activity being performed.
4. ECONOMIC EXTORTION
- Is the use (or threat) of force by an individual or
organization to obtain something of value.
ASSET MISAPPROPRIATION
▪ SKIMMING
- involves stealing cash from an
organization before it is recorded on the
organization’s books and records.
▪ CASH LARCENY
- involves schemes where cash
receipts are stolen from an organization
Sarbanes-Oxley and Fraud
1. Bookkeeping
2. Financial information systems design and implementation
3. Appraisal or valuation services, fairness opinions, or contribution-
in-kind reports
4. Actuarial services
5. Internal audit outsourcing services
6. Management functions or human resources
7. Broker-dealer, investment adviser, or investment banking services
8. Legal services and expert services unrelated to the audit
9. Any other service that the PCAOB determines impermissible
Billing Schemes
▪ Vendor fraud
▪ Perpetrated by employees who cause their
employer to issue a payment to false supplier or
vendor.
○ HOW?
■ By submitting invoices for fictitious
goods or services.
■ By submitting inflated invoices.
■ By submitting invoices for personal
purchases.
3 examples of billing schemes:
Payroll Fraud
▪ Distribution of fraudulent paychecks
to existent and/or nonexistent
employees.
Expense
Reimbursements
Employee which makes a claim
for reimbursement of fictitious
or inflated business expenses.
Thefts of Cash
Direct theft of cash on
hand in the organization.
Non- cash
Misappropriations
Misuse of the victim
organizations non- cash
assets.
Computer Fraud
5.Identifying Risks
6. Assessing the
Identified Risks
7. Responding to the Assessment
extent
A response to identify risk that involves the nature, timing &
of the auditing procedures to be performed.
Risk Factors
▪ Management’s Characteristics and
influence over the Control Environment
▪ Industry Conditions
▪ Operating Characteristics and
Financial Stability
Examples
-Improper treatment of Sales
-Improper Asset Valuation
MISAPPROPRIATION OF ASSETS
Risk Factors
▪ Succeptibility of Assets to Misappropriation
▪ Controls
Examples:
- Ghost Employees
- Lapping
- Theft of cash (or inventory)
Auditor’s Response to Risk Assessment
No Material Effect on FS
1. Refer to the appropriate level of
management at least one-level
above of those involved
2. Be satisfied that Implications for
other aspects of audit have been
considered
Response to detected misstatements
due to fraud
Has a Material Effect on FS
1. Consider the Implications for other aspects
of the audit
2. Discuss the matter with senior management
and with the Audit Committee
3. Attempt to determine whether the fraud is
material
4. Suggest that the Client consult with legal
counsel, if appropriate
FRAUD DETECTION TECHNIQUES
FRAUD DETECTION TECHNIQUES
▪ Fraud Profile
To find the trail in the masses of data, the
auditor first develops a “fraud profile” that
identifies the data characteristics that one
would expect to find in a specific type of fraud
scheme.
THREE COMMON FRAUD SCHEMES:
Payments to fictitious vendors payroll fraud lapping accounts
receivable
PAYMENT TO FICTITIOUS VENDORS
• Same employee number, same name, same address, etc. (duplicate payments)
• Same name with different mailing addresses
• Same name with different checking accounts
• Same name with different Social Security numbers
• Same mailing address with different employee names
Test for Nonexistent Employees