Chapter 6

¡Supera tus tareas y exámenes ahora con Quizwiz!

4. Which of the following best describes relative the likely incidence of fraud discovery by accident in small companies? a. Higher. b. Lower. c. Unknown. d. Similar.

A. Small companies tend to have relatively few controls and lack the sophisticated accounting and technical resources of larger companies.

10. Which of the following statements is typically correct? a. Corrective controls are more expensive than detective controls. b. Detective controls cost about the same as preventive controls. c. Corrective controls cost more than preventive controls. d. None of the above.

A. This is the best answer, although some student may make a reasonable argument for answer c also being correct.

2. Which of these is the most common way that frauds, especially in large companies, are discovered? a. Through hotlines. b. Through financial statement audits. c. Through internal audits. d. By accident.

A. Hotlines can be very effective tools.

36. What factors are relevant in creating a composite indicator of financial statement fraud?

Almost any type of information can be useful in building composite indicators. The standard approach is to build a model using the SEMMA process: sampling, exploration, modification, modeling, and assessment.

31. Is it ethical for a manager to permit an employee to continue working after finding the employee embezzling a significant amount of funds? Is it ethical for a manager not to report a subordinate caught in fraud to others in the organization?

Ethics in this case should best guided by a comprehensive company ethics code. Of course, it could be ethical to pardon or ignore an employee fraud. But not reporting a subordinate could easily be unethical, as most would agree that employees have a general ethical duty to protect their employer from fraud. This is a good question to open up for class debate.

27. Explain false positives versus false negatives in fraud detection. What trade-offs are involved in their application? For example, what is the trade-off between false nega¬tives and fraud correction costs?

False negatives suggest the absence of early detection, which in turn leads to higher fraud correction costs.

42. How might social networking analysis be applied to preventing loan fraud?

For example, it might be helpful in detecting an organized crime ring by connecting together the different participants in the criminal organization.

15. Which of the following types of data would not be useful for social networking? Analysis? a. Phone records. b. Membership records for boards of directors for various companies. c. Employment records containing lists of past employers. d. None of the above.

D.

6. SAS No. 99, Consideration of Fraud in a Financial Statement Audit, requires that audi¬tors report any evidence found that fraud may exist to which of these? a. Inventory accounts b. Cash accounts c. Financial reports d. All of the above

D. Auditors must report any evidence of fraud to management.

5. SAS No. 99, Consideration of Fraud in a Financial Statement Audit, requires that audi¬tors design financial audits in such a way to have a reasonable chance of which of these? a. Detecting misappropriation. b. Detecting embezzlement. c. Both a and b. d. None of the above.

D. SAS No. 99, Consideration of Fraud in a Financial Statement Audit, requires that auditors design financial statement audits in such a way as to have a reasonable chance of detecting misstatements in the financial reports and not misappropriation in general.

30. How important is the effect of deterrence in a fraud management system? What factors besides prosecutions deter fraud?

Deterrence is of some effect, but many fraudsters don't plan on getting caught. Further, many rationalize their frauds by thinking they are only borrowing the money.

22. How can an ethics code contribute to fraud detection?

Ethics codes don't necessarily turn dishonest employees into honest ones. But they can reinforce things like hotlines and good business practices.

25. How does fraud detection relate to the internal control process?

Fraud detection is an integral part of the internal control process. Internal controls can be preventive, detective, or corrective.

28. Explain how fraud investigations can detect fraud.

Fraud investigations are detective of fraud to the extent that they follow up on fraud signals in order to confirm or disconfirm the presence of fraud. But once fraud is confirmed to exist, fraud examinations shift toward gathering evidence and become corrective by assisting in recovery from the perpetrator and other sources such as insurance.

29. Explain how fraud investigations can prevent fraud.

Fraud investigations can lead management to a better understanding of control weaknesses. Management can in turn repair the weaknesses to prevent future fraud.

19. Why are many frauds discovered by accident, not through systematic means?

Fraudsters often attack places in the system where controls and systematic means of detection, including audits, are weak. Such weaknesses leave catching the fraud to chance or to a tipster.

23. Why is fraud detection not always relevant to applying SAS No. 99?

Not all frauds are significant enough to affect the financial statements. The focus of SAS No. 99 is on things that have a material effect on the financial statements. That said, this auditing standard does require auditors to report any evidence of fraud to management.

40. Give an example of how pattern data might be used to identify fraudulent loan applications.

Pattern analysis is very commonly applied to situation that involves granting credit. One example: a loan application from a small business owner might be suspicious if the applicant lives too far away from the business she owns.

37. What are some indicators that might signal a hacker attack on a company's Web-based accounting system?

Possibilities could include unusual traffic in the web server log or suspicious entries in the accounting system.

38. Consider the fraud triangle. What does it suggest regarding fraud indicators in the case of a cashier who may be skimming sales receipts?

The three sides of the triangle are pressure/incentive, opportunity, and rationalization/attitude. As a minimum the fraud triangle suggest that the cashier has the opportunity, probably due to weak controls.

32. Describe two different measures of acceptable risk in fraud detection.

This question applies to fraud indicators. One such measure might be, say, a .1% chance of fraud in a loan application. Another measure might be a .5% chance of a shoplifting loss in a department store.

34. Give two examples of an incidence that could be caused by either fraud or error.

1. And incorrect bank deposit slip 2. Incorrect change being made by a cashier working at a cash register

11. Which of these must apply to fraud indicators? a. Be defined in terms of one factor. b. Be defined in terms of at least one factor. c. Be defined in risk terms rather in terms of factors. d. None of the above.

B.

8. In fraud detection, a false positive is said to occur when which of these occurs? a. A fraud indicator fails to indicate an ongoing or past fraud. b. A fraud indicator incorrectly indicates an ongoing or past fraud. c. A fraud indicator correctly indicates the absence of fraud. d. None of the above.

B.

12. Discovery sampling is a statistical technique that does which of these? a. Always detects fraud. b. Sometimes detects errors. c. Always detects errors or fraud. d. None of the above.

B. Discovery sampling can't always detect errors or fraud, but it can sometimes detect one or the other or both.

16. Which of the following techniques/approaches would likely be most useful in determining whether a particular invoice is fraudulent? a. Benford's law. b. Text analysis. c. Social networking. d. None of the above.

B. Bedford's law would apply to groups of invoices and not individual ones. Text analysis could spot a problem with an individual invoice.

14. Which of the following statements is true with respect to data mining? a. Exploration comes before sampling. b. Sampling comes before modeling. c. Assessment comes before exploration. d. None of the above.

B. The order is SEMMA: Sampling, Exploration, Modification, Modeling, and Assessment.

3. Which of the following provides the most protection for a tipster's privacy? a. Confidentiality. b. Anonymity. c. Both of the above provide equal protection. d. None of the above.

B. With anonymity, the tipster does not reveal her identity.

1. Which of the following does fraud detection involve? a. Pinpointing the sources of the fraud. b. Detecting all frauds. c. Identifying fraud indicators. d. None of the above.

C. Fraud indicators are at the heart of fraud detection.

7. The title inspector general applies mostly to a. Internal auditors. b. The head of the internal information security department. c. Government agents. d. All of the above.

C. The title applies mainly to government agencies and agents.

9. The best way to optimize a loss management system is to first do which of the following? a. Minimize total fraud costs and then minimize fraud risk. b. Budget total fraud costs and then maximize utility. c. Budget fraud risk and then maximize prevention effectiveness. d. Budget total fraud costs and then minimize risk.

C. This answer closely resembles the two-step approach discussed in the text.

13. What general source of data does not apply to data-driven fraud detection? a. Reconciliation figures. b. Batch control totals. c. Missing invoices. d. All of the above apply.

D.

18. Explain how the use of fraud indicators may be helpful in fraud investigations as opposed to only fraud detection.

In fraud investigations, fraud indicators can be helpful in making decisions regarding what evidence to gather.

33. Describe a situation in which an intuitive, nonquantitative measure of risk would work better than a formal quantitative measure.

It can be nearly impossible to use quantitative risk metrics for events that seldom occur. For example, it would be difficult to calculate the likelihood that the company Treasurer would use company-owned bearer bonds as collateral for a personal loan.

39. Are random tests needed in all fraud detection systems? Explain your answer.

It's difficult to say that anything is needed in all detection systems. But random tests are generally a good idea, since they are typically difficult to predict and plan for by fraudsters.

35. Why must the total cost of fraud, as discussed in the text, include not only losses but also costs of prevention, detection, and correction?

The answer is because the costs of losses versus prevention, detection, and correction are interchangeable. Changing any one of these costs affects losses.

26. Preventive controls seek to stop fraud before it happens. What is the relative impor¬tance of preventive controls (versus detective and corrective controls) in the industry in which a business operates? For example, are detective controls relatively more important in the financial services industry versus the media services industry? Explain.

The industry can be of great importance in this regard. For example, weak detective controls in a wire transfer department could lead to millions of dollars in losses over a very short period of time. So prevention and detection would be paramount in a wire transfer department. But in a media services company, the main risk of fraud might be with, say, bid rigging, which though very serious, might not justify the focus on detection that would be expected in a wire transfer department.

24. How does an internal auditor maintain independence?

The internal auditor should report directly to the board of directors, typically to the audit committee.

20. What types of frauds are least likely to be detected through a hotline?

Those least likely to be detected would be those committed by vendors or customers.

21. Explain the difference between anonymity and confidentiality.

With anonymity, the tipster does not reveal his identity. With confidentiality, a promise is made to protect the tipster's identity.

17. Fraud indicators can indicate both errors and frauds. Would it be possible to develop indicators for fraud only?

Yes, it might be possible to develop indicators for fraud only in certain very limited circumstance, but such is not true in general.

41. Is it practical for small businesses to build fraud detection systems?

Yes, small business owners should generally review and approve risky transactions. Owner involvement can lead to the owner spotting (i.e., detecting) fraudulent activity.


Conjuntos de estudio relacionados

KIN 2500: Chapter 17: Spinal Cord and Spinal Nerves

View Set

Molecular final just questions and fill in the blank and Molecular Biology last materials

View Set

Which of the following is not an ethical issue commonly faced by staffing professionals? Being asked not to lower hiring standards to meet a demand hiring goal An organization's staffing strategy should be derived from and clearly support its ______. Bu

View Set

EMT quiz compilation chapters 1-20

View Set

Chapter 14: The Revenue Cycle: Sales to Cash Collections

View Set