FRAUD
Extravagant Lifestyles
"Perceived financial pressure"-pursue for luxury life style by committing fraud Lifestyle change can be detect early. Circumstance evidence, which is easy to corroborate by property records, UCC filings..bank record hard to access It is helpful in detecting the fraud against organization (but not for fraud on behalf of that ).
Ignorance, Apathy, or Incapacity
"vulnerable' people are often fraud victims (perpetrators know they don't have capacity and knowledge to detect) Eg. Nurses found patients who use sedating drugs are easy theft target.
Cost of Fraud
$1 fraud reduced Net income by $1 When fraud loss is 10000 with 10% Profit Margin, The company has to generate 10000/0.1=100000 additional revenue to cover the fraud loss Meaning that per dollar of fraud loss can be cover by the additional 10 dollar of revenue.
Types of fraud symptoms
-Accounting errors -Internal control weaknesses -Analytical errors -Extravagant lifestyles -Unusual behaviors -Tips and complaints
Hosting a Data Warehouse
-Many investigators simply import data directly into their analysis application, effectively creating a simplified data warehouse. -While most programs are capable of storing millions of records in multiple tables, most analysis applications are relatively poor data repositories. -Databases are the optimal method of storing data. -Accounting applications like ACL and IDEA provide options for server-based storage of data.
Data Analysis Technique
-Once data are retrieved and stored in a data warehouse, analysis application, or text file, they need to be analyzed to identify transactions that match the indicators identified earlier in the process.
Elements of Opportunity
1. Lack of internal controls that prevent and detect fraud 2. Inability to judge quality of performance 3. Failure to discipline fraud perpetrators 4. Lack access to info or asymmetrical info 5. Ignorance, apathy, or incapacity 6. lack of audit trail
Analyzing Financial Statements
-To detect fraud through financial statements, investigators focus on unexplained changes. ex: in most companies, very few customers pay cash at the time of purchase, therefore, revenue do not increase without increase in accounts receivable. -Balance sheets and income statements are converted from position and period statements to change statements in four ways: 1. comparing account balances in the income statements from one period to the next 2. calculating key ratios and comparing them from period to period- quick ratio and current ratio assess a company's liquidity. A/R turnover and inventory turnover ratios assess a company's operational efficiency. Debt to equity and times-interest-earned ratios assess a company's solvency. Profit margin return on assets, return on equity, and earnings per share ratios assess profitability. 3. perform vertical analysis - ex:when we spend $1 or part of $1, we know what it means. If we spend it all, we know we have spent 100 percent. Financial statement balances can be readily assessed by converting the numbers to percentages. Understanding that cost of sales increased from 48% to 62% of sales is much easier than understanding the implications of a change in cost of sales from $862,000 to $1034400. when we use vertical analysis, gross sales are set at 100%, and all other amounts are converted to a percentage of sales. 4. perform horizontal analysis- most direct method of focusing on changes. (compare period one to period two)
2)Internal control weakness
1) Allowing employees to forfeit its vacations (add independent checks) " many frauds are discovered when employees are in vacation and cannot cover their tracks" 2) Not confirming payments made to employees 3) Analytical anomalies: relationships, procedures, and. events that don't make sense—either common or. business—or that appear to be unreasonable (unreasonable change in price, volume..) 4) Life style symptoms: lifestyles that do not fit income level eg. "taking the employees to lunch in a limousine" 5) Behavioral symptoms: sudden behavior change (Unusual Irritability)
Corruption
1) Bribery schemes Bribery refers to the offering, giving, soliciting, or receiving of any item of value as a means of influencing the actions of officials. Commercial bribery Sth value is offered to the business officials rather than public ones Two Categories -Kickbacks (can be cash, reduced price, hiring of relative) -Vendors make illegal payment to purchasing companies in exchange of preferential treatment (extra business) -Once kickbacks is paid by vendors, the control of purchasing transactions is transfer to vendors, more sales with higher price -bid-rigging schemes -employee fraudulently assists a vendor in winning a contract through the competitive bidding process (any advantage is extremely valuable) -Vendor Gain "insider influence" to ensure the Win of contract -The amount of payment depends on the scope of Influence 2)Conflict of interest schemes Employee, managers, or executives have undisclosed economic or personal interest in a transaction has adverse effect on the entities. Companies unaware the employees has divided loyalties. Two categories -purchase schemes: employees have personal ownership or employment interest in the vendors that submit invoice -sales schemes 3)illegal gratuity schemes Similar to bribery except there is not necessary a intent to influence certain business decision But reward someone for making favorable decisions Illegal gratuity make after deal approved 4) Economic extortion schemes Flip side of a bribery scheme: employee demand payments from vendors by promising company's decision in favor of the vendors Bribery situation can be reversed to the point where employees extort money from potential vendors Extortion A criminal offense in which a party acquire money or service from another party through coercion or intimidation (physical or reputation harm) similar to IGS but it always involves the use of actual threatened force, fear, or economic duress. "Pay up or else" are sufficient to constitute the crime the offense
Accounting Anomalies
1) Problems with source documents 2) faulty journal entries 3) inaccuracies in ledgers
Fraud Triangle
1) a perceived pressure Every fraud perpetrator face some types of perceived pressure or real pressure financial and non financial 2)a perceived opportunity A belief that one can conceal fraud 3)Rationalization to justify the fraud based on certain reasons eg. pay money back later, retaliate against unfair treatment
Asset Misappropriation (Theft of Inventory and other Assets)
1)Misuse or "borrow" firms' asset (less conspicuous) Computer, vehicles, supplies.. Also used by some employees to conduct personal work 2)steal (much more severe) can be millions of dollars Inventory Fraud: schemes involve in theft or misappropriation of physical, non-cash asset (Inventory, equipment, supplies) 1) Larceny of Inventory Stealing companies' asset from the company premises, without conceal it in the books and records 2) The use of asset requisitions and other form that allow assets to be moved from one locations in a company to another location. Employees requisition materials for work projects (or fabricate projects and then steal materials. 3) The use of purchasing and receiving functions of a company the misappropriation of assets that are purchased by the company Victim company is deprived from both cash and merchandise Mis-estimate of inventory, resulting in unhappy customers and stock holders. Information fraud: Employees steal confidential info and trade secret and sell them to the 3rd parties. Securities: theft or misappropriation of stocks, bonds, or others assets.
Elements of Fraud
1. A representation 2. About a material point 3. Which is false 4. And intentionally or recklessly so 5. which is believed 6. And act upon by the victim 7. To the victim's damages Fraud, different than errors, is always done by Intention
Source of Fraud Statistics
1. Government Agencies: FBI, FDIC, IRS, only publish the info within their jurisdictions. Data limited by jurisdictions 2. Researchers who conduct studies about certain types of within an industry. However, data is hard to obtain. 3. Insurance companies which provide coverages again fraud. they will investigate and collect statistics once fraud occurred. Data limited by insurance coverage 4. Victims of fraud: sometimes companies choose to not to make fraud No within-industry officials to report fraud.
Creating a Culture of Honesty and High ethics
1. Making sure that Top management models appropriate for employees: -"Tone at the top (Proper Modeling)" -employees are likely acting in ways as management do 2.Hiring the right kind of employees -"effective hiring policies that discriminate btw -marginal and highly ethical individuals" -Background investigations, testing honesty, interpreting responses. -Ethical Maturity Model level1 personal ethical understanding level2 Application of Ethics to Business Situations level3 Ethic Courage level4 Ethical Leadership 3. communicating the right expectations throughout the organizations and requiring periodic confirmation of acceptance of those expectations -identifying and codifying appropriate values and ethics -fraud awareness training that helps employees understand potential fraud problems they may encounter and how to resolve or report them -communicating consistent expectations about the violation punishment (through code of conduct) "effective code of conduct" must be written and communicated to employees, vendors, and customers. must be developed in a manner that will encourage management and employees to take ownership of them. 4.creating a positive work environment damage factors -Top management does not care about or pay attention to the behavior of employees -Negative feedback of job performance -perceived inequalities in an organization -autocratic rather than participative management -Low organizational l loyalty -Unreasonable low pay -Poor training and promotion opportunities -High turnover and absenteeism -Lack of clear organizational responsibilities -Poor communication within the organization -short-term focus on gains 5. developing and maintain an effective policy for handling fraud when it does occur An effective policy should ensure that: Investigating facts thoroughly Firm and consistent actions are taken against perpetrators Risk and controls that allowed the fraud to occur are assessed and improved Communication and training to prevent similar occurrences are ongoing
Data Preparation
1. One of the most important—and often most difficult— tasks in data analysis is the proper preparation of data. 2. Areas of concern: Type conversion and consistency of values-ex: the text "1" added to the text '1" yields the text "11" because the two values are concatenated. Descriptives about columns of data; includes statistical summaries like control totals, mean, maximum, minimum, standard deviation, number of zero values, ...etc. Time standardization- one of the most common errors investigators make when analyzing time trends. to correctly prepare data for time trend analysis, the time scale must be standardized to some value of time, such as sales per day, hours per week, etc.
Control activities (procedures)
1. Segregation of duties Two persons responsible for the different parts of a work (no one has complete control) eg. separate duties of writing checks, making deposits, and reconciling bank statements Dual custody: two persons do the same work 2. System of authorizations password for computer, signature cards for deposits, spending limits 3. Independent checks Knowing work is being monitored reduce perceived opportunities Periodic job rotations, cash counts, supervisor reviews, hotlines 4. Physical Safeguard Protect asset from theft: vaults, safes, fences, locks, keys often used to protect inventory 5. Documents and records Using documents and records to create transaction records and audit trail. Rarely serve as good controls, but important for detecting fraud
Internal controls that prevent and detect fraud
1. The control environment 2. Information and Communication 3. Control activities (procedures)
Asset Misappropriation(Cash)
1. Theft of cash through larceny: Employee steel cash or other assets after the cash is recorded in the company's accounting system. Most successful in small amount because business often writes them off as "shorts" or "miscounts". 2. Theft of Cash through Skimming: schemes in which cash is stolen from an organization before it is recorded on the organization's books and records. eg. Easy: Taking sales revenue without making records. (cost of inventory rise, sales and receivables decline or remain constant) Complicated 1)employees understate sales by recording false or larger sales discounts, misappropriate customer payments, and write off the receivable as uncollectible... 2) Lapping: Stealing first customer payment and then credit that customer's account when the second customer pays (like Ponzi Scheme)
Fraud Classification #1
1. fraud committed against organizations: employers being victims 2. fraud committed on behalf of organizations: employers benefit eg. financial statement fraud, occurs in company suffer net loss or failed to meet earning expectations
Chapter1: Difficulty of detecting fraud
1. impossible to know what % of fraud perpetrators are caught 2. many detected frauds are quietly handled by victims and never made public. Companies more concern about the embarrassment of making fraud public and the cost of investigations. So, in cases of employee fraud, companies quietly terminate or transfer perpetrators
Fraud professional skills
Analytical Skills: significant amounts of diagnostic work to discover what is really happening Communication skills: know how to push for evidence and confession during interview Technological skills: Technology allows fraud examiners to analyze huge databases efficiently Other skills -Some understanding of accounting and business -Knowledge of civil and criminal laws, criminology, privacy issues, employee rights, fraud statues, and other fraud related issues -The ability to write and speak in a foreign language -Knowledge of human behavior-psychology knowledge
Difference btw criminal law and civil law
1. purpose criminal: to right a "wrong". Dealing with offenses against society as a whole. prosecuted by state or federal for violating statutes. Civil: provide remedies for violations for private rights One party (plaintiff) fills suits against another (decedent) 2. Consequence Criminal: Jail and/or fines Civil: Restitution and damage payments 3. Burden of proof Criminal: "beyond a reasonable doubt" ("to a moral certainty") "there is no other reasonable explanation that can come from the evidence presented at trial" Civil: "preponderance of evidence" >50 percent chance that a claim is true 4.Jury Criminal: must have 12 people Civil: many fewer than 12 people 5. Initiation Criminal: determination by a grand jury that sufficient evidence to indict Civil: Filing of a claim by a plaintiff 6. Verdict Criminal: unanimous verdict Civil: Less than unanimous verdict 7. Claims Criminal: only on claim at time Civil: various claims can be joined in one action
4 ways organizations fight fraud
1.Fraud Prevention 2.early fraud detection 3.fraud investigation 4.follow-up legal action
Fraud impact on economy
1930s Great Depression: resulted from fraudulent specculation on Wall Street and a subsequent run on banks. Mortgage crisis of 2008: rating agencies fraudulently offer AAA rating on MBS and CDO (paid by Wall Street) that are backed by sub-prime mortgages.
Chapter 5 Fraud symptoms
1)Accounting anomalies 2)Internal control weakness 3)analytical anomalies 4)extravagant lifestyle 5)unusual behavior 6) tips and complaints
Asset Misappropriation (Cash)
3. Cash theft through Fraudulent Disbursements (hight % of asset misappropriations) -Check tampering: employee either 1) prepares a fraudulent check for his or her own benefit or 2) intercepts a check intended for another person or entity and converts the check to his or her benefit perpetrator physically prepares the fraudulent check -Register disbursement schemes (least costly): False refunds: 1) No return: Perpetrators fake return transactions and then take money from that return Debit Inventory for showing returns (overstated) Inventory count reveals "missing" 2) Overstating refunds: perpetrators overstate the return amount eg. Customer Return 10, record 5, take 5 3)Fictitious voids: void sales and take the money Keep customer's receipts and use it for approval - Billing Schemes: No physical exposure risk the perpetrator submits or alters an invoice to induce his employers to use check or make other type of payments. Three types 1) Setting up shell companies to submit invoices to the victim entities shell companies: fictitious company (can be no more than a name, post office box for collecting payments) 2) altering or double-paying a non-accomplice vendor's statements eg. overpay venders and ask returns 3) making personal purchases with company's fund -Expense Schemes produce false documentation to induce victim company to make fraudulent disbursement. Four types 1)Mischaracterizing expense Making personal expense look like business ones (personal launch-business launch) 2) Overstating expenses Using some techniques (ballpoint pen)to change the price reflected on the receipts. 3) submitting the fake expenses Creating bogus documents (false receipts) by using blank receipts and computers 4) submitting same expense multiple times (least common expense scheme) -Payroll Disbursement Schemes 1)Ghost employees (Largest loss of payroll) Including someone who are not employee (or former) on the payroll. Fake payroll records to trigger paychecks distribution. Four elements -the ghost must be added to the payroll -timekeeping and wage rate info must be collected -a paycheck must be issued to the ghost -The check must be delivered to the perpetrator or. an accomplice 2)falsified hours and salary(most common) Waged employees: increase work hours, or increase the rate of pay Salaried employees: increase rate of pay 3)commission schemes Falsify the amount of sales: creating fake sales, increase sales by altering item price, or overstating sales from another period or others Increasing the rate of commission 4) false worker compensation claims Employee benefit: Insurance, entitled employee injury to job compensation Most common: Fake injuries to collect payment from Insurance companies (Sts colludes with a doctor who provide unnecessary treatment) -Executive Cash Frauds Corporate looting: Tyco
Lack of Access to Information or Asymmetrical Information
Asymmetrical information: The perpetrators have opportunity because they can access to the info which victims cannot. eg. ESM fraud cases, same securities are sold to investors for several times because they don't have access to investment records. Many Invest scams and management fraud are dependent on the ability to hold info against victims. (investors can ask full disclosure)
Lack of an Audit trail
Audit trail allows Transaction to be recorded and understood Some fraud involve in cash hard to be followed Smart Perpetrators will almost always manipulate the income statement because they realize that the audit trail will be quickly erased.
Fraud related careers
Government and low enforcement: FBI, IRS U.S. marshals.. CPA firms: Conduct investigations, support firms in litigation... Corporations: prevent, detect, and investigate fraud within corporations. Internal audits and corporate security officers Consulting: Independent consultant in litigation fraud work Law firms: lawyers provide litigation and defense service for parties involved in fraud
Data Access
The most important (and often most difficult) step in data analysis is gathering the right data in the right format during the right time period. -Methods include Open Database Connectivity (ODBC) Text Import Hosting a Data Warehouse
Information and Communication
A good accounting system: 1) Valid, properly authorized, 2)complete, 3)properly classified, 4)reported in the proper period, 5)properly valued, and 6)summarized correctly. A good accounting system provide audit trail that makes fraud concealment difficult Without good accounting system, distinguishing between fraud and errors is difficult.
Certified Fraud Examiners
CFE automatically become ACEF members Professional requirements At least two years professional experience in a filed either directly or indirectly related to the detection or deterrence of fraud Accounting and auditing: has experience of account and auditor Criminology and Sociology: edu or research experience in fraud or white-collar crime Fraud Investigation: Experience in the investigation of civil or criminal fraud, or white-collar crime for law enforcement agencies (FBI, IRS...), or in the private sector qualifies an individual to become CFE Loss Prevention: Security directors for corporations or other organizations who deal directly with issues of loss prevention Law: Experience in legal field
Unusual Behaviors
Guilt-->fear-->stress-->Behavior changes-->Unusual Behaviors: Drinking, taking drugs, Insomnia, increasing smoking, over-fear of being caught, Inability to look people's eyes, lack of pleasure in things usually enjoyed. "No particular behavior is sign of fraud ,but only behavioral change" eg. Eddie Anta in Crazy Eddie case, became very intimidating and finally vanished Exception-psychopaths, who can commit fraud or another crime without feeling stressful
Inability to judge the Quality of Performance
Without clear evaluation on Job performance, it is easier for fraud to occur. Eg. California dermatologist was accused for skin samples from patients with skin cancer and use them to diagnose healthy patients with skin cancer. (50$ pay to 150$)
Data-driven fraud detection
Data-driven fraud detection is proactive in nature,. The investigation no longer has to wait for a tip to be received; instead, they brainstorm the schemes and symptoms and look for them. 1. step 1: understand the business - The same fraud detection procedures cannot be applied generically to all businesses or even to different units of the same organization. Several potential methods to gather information about a business are as follows: - Tour the business, department, or plant - Become familiar with competitor processes - Interview key personnel (ask them where fraud might be found) - Analyze financial statements and other accounting information - Review process documentation - Work with auditors and security personnel Observe employees performing their duties Step 2: Identify Possible Frauds That Could Exist -This risk assessment step requires an understanding of the nature of different frauds, how they occur, and what symptoms they exhibit. -This risk assessment step requires an understanding of the nature of different frauds, how they occur, and what symptoms they exhibit. - During this stage, the fraud detection team should brainstorm potential frauds by type and player. - Fraud examiners should ask questions such as: who are the key players in the business? what types of employees, vendors, or contractors are involved in business transactions? how do insiders and outsiders interact? what types of fraud have occurred or been suspected in the past? Step 3: Catalog Possible Fraud Symptoms In Step 3, the fraud examiner should carefully consider what symptoms could be present in the potential frauds identified in Step 2. Step 4: Use Technology to Gather Data about Symptoms -searching and analysis are normally done with data analysis application or custom structured query language (SQL) -The deliverable of this step is a set of data that matches the symptoms identified in the previous step. Step 5: Analyze Results -Once errors are refined and determined by the examiners to be likely indications of fraud, they are analyzed using either traditional or technology-based methods: 1. Screening results using computer algorithms 2. Real-time analysis and detection of fraud - One advantage of the data-driven approach is its potential reuse. Step 6: Investigate Symptoms The final step of the data-driven approach is investigation into the most promising indicators. - The primary advantage of the data-driven approach is the investigator takes charge of the fraud investigation process. - Instead of waiting for tips or other indicators to become egregious enough to show on their own, the data-driven approach can highlight frauds while they are small. - drawback: more expensive and time extensive
Chapter 6: Data driven Fraud Detection
Difference between errors and fraud: 1. Errors: accounting errors are primarily caused by control weaknesses. Errors are also not intentional, and normally do not result in legal action. Errors are usually spread evenly throughout a data set. 2. fraud: intentional and control by intelligent human beings.
Digital Analysis
Digital analysis is the art of analyzing the digits that makeup number sets like invoice amounts, reported hours, and costs. - Benford's Law accurately predicts for many kinds of financial data that the first digits of each group of numbers in a set of random numbers will conform to the predicted distribution pattern. Using Benford's Law to detect fraud has the major advantage of being a very inexpensive method to implement and use. The disadvantage of using Benford's Law is that it is tantamount to hunting fraud with a shotgun.( It cannot be applied to data sets with non-natural numbers, such as check or invoice numbers, It is only indeed an observation, not a law) -Outlier Investigation Another common analysis that fraud investigators perform is identification of outliers. By focusing on outliers, investigators can easily identify cases that do not match the norm. -Stratification (分层 )Stratification is the splitting of complex data sets into groupings. The data set must be stratified into a number of "subtables" before analysis can be done. For many data sets, stratification can result in thousands of subtables. While basic programs like spreadsheets make working with this many tables difficult and time-consuming, analysis applications like ACL and IDEA make working with lists of tables much easier. -Time Trend Analysis Time trend analysis is a summarization technique that produces a single number that summarizes each graph. By sorting the results table appropriately, the investigator quickly knows which graphs need further manual investigation. -Fuzzy Matching This technique allows for searches to be performed that will find matches between some text and entries in a database that are less than 100 percent identical. The first and most common method of fuzzy matching is use of the Soundex algorithm. A more powerful technique for fuzzy matching uses n-grams. This technique compares runs of letters in two values to get a match score from 0 to 100 percent -Real-Time Analysis It is usually performed during investigations or periodic audits, but it can be integrated directly into existing systems to perform real-time analysis on transactions. Although real-time analysis is similar to traditional accounting controls because it works at transaction time, it is a distinct technique because it specifically analyzes each transaction for fraud (rather than for accuracy or some other attribute). -Matosas Matrix - The Matosas Matrix is a high-level chart listing possible fraud indicators related to a group of items (i.e., contracts) for a specific period of time.one way to view the results of multiple indicators. It allows the investigator to mentally combine different indicators to different schemes. -An example of a Matosas matrix appears in Figure 6.6. (p.177) This matrix lists one record per contract for which vendors bid. Each column in the table represents an indicator run by the system.
New Laws protect Whistle-Blowers (to make tips more effective)
Dodd-Frank Act of 2010 authorized the payment of financial rewards to Whistle-blowers. They can receive 10%-30% of the fund collected by the government when the sanction (result from SEC's law enforcement action) exceeding 1 million. Organizations found that giving employees revenue for whistle blowing encourage fraud reports. Many organizations have adopted Whistle blowing systems that are managed by third parties. Hotline and reward together the most effective Three frauds detected by tip and complaints GE fraud, Revere Armored Car company fraud, Enron
Employee Embezzlement
Employee deceive employers by taking company's assets Most common type of occupational fraud Direct: company's assets go directly to perpetrator's pocket without the involvement of third parties. eg. steals company's cash, inventory, tools, etc establish dummy companies and have employees pay for the goods that are actually not delivered. Case: CVC Indirect: employees bribes or kickbacks from third party (vendors, customers, other outsiders) to allow for lower selling price, higher purchase price, nondelivery of goods, or the delivery of inferior goods, payment being made by third party. Case: Mark's "Big D" advertising
Internal control Weakness
Examples of internal control fraud symptoms Lack of Segregation of duties lack of physical safeguards lack of independent checks lack of proper authorization lack of proper documents and records Overriding existing controls Inadequate accounting system Solution: add them
2)Faulty Journal entries
Faulty Journal Entires Accounting language can be manipulated to tell a lie "5000 legal expense" can be 5000 employee embezzlement Manipulation Steal asset (cash & inventory) by correspondingly Smart embezzlers decrease equities Decrease liability easy discovered ! Venders will find when no payment sent Smart embezzlers rarely conceal frauds by manipulating dividends or common stock because 1)these accounts are usually with few transactions. So it will be easily noticed. 2) these transactions need Board's approval Also, X revenue account, which is sensitive to attentions So, increase expense Another adv of play expense is that IS will be closed soon Commonly journal entry fraud symptoms See graph
Elements of pressure
Financial pressures: 95% fraud either involve financial or vice-related pressures. Real of perceived financial pressure: 1.Greed 2.Living beyond one's means 3.Inability to pay bills or debt 4.Poor credit 5.Personal financial loses 6.Unexpected financial needs "the fact that someone is being a honest for long time does not make different when they bear high financial pressures." (30% of employees 'fraud made by employee in 1-3 years, 70 percent made by 4-35 years employees) For companies: pressure can be poor cash position, obsolete inventory, a declining market, meet earning expectations.. Vice pressures: Closely related to financial pressures gambling, drugs, alcohol, expensive extramarital relationships.. Work-related pressures: little recognition on job performance dissatisfied with job fear of losing job no promotion.. Other pressures: need to be successful challenge to beat the system (eg. S&P 500) commit perfect crime
Chapter 2 Who commit fraud
Fraud perpetrators cannot usually cannot be distinguished from other people in terms of demographic or psychological traits. Fraud perpetrators are very different than prisoners for property offenses, less likely to be caught, turned in, arrested, convicted, and incarcerated. Order, better educated, more religious, less likely to have criminal records, more optimism, self-esteem.. They are slightly different than college students suffered more psychic pain, more dishonest, more independent, more sexually mature, more socially deviant
Failure to discipline fraud perpetrators
Fraud perpetrators who are not being punished often resumes the fraudulent behavior in anther setting Suffering humiliation and legal consequence, more than other factors, deters future fraud behaviors by fraud perpetrators When organizations merely fire fraudulent employees, they will send a strong sign to other organizations that doing such behavior doesn't have significant negative consequence. (perceived opportunity increased)
Fraud Recruitment
How a fraud perpetrator influence others to commit fraud ? Power: a person's capacity or ability to direct or influence the behavior of others or the course of events. A's power over B is determined by: 1) A's ability to provide benefits to B 2)A's ability to punish B if B doesn't comply with A's wishes 3) A's possession of specific knowledge or expertise 4) A's legitimate right to prescribe behavior for B 5) The extent to which B identifies with A 1) Reward Power: the ability of a fraud perpetrator to convince potential perpetrator the benefit he/ she will get by committing fraud. (eg. job promotions, bonus, stock options) 2)Coercive Power: the ability of a fraud perpetrator to make an individual perceive punishment if he/she choose not to do. (eg.Do or lose your job) 3) Expert power: the ability of a fraud perpetrator to influence another person by using expertise or knowledge. Individual assume that experts know more sth about themselves. (eg. Enron, Management claim to employees that they have experts knowledge on complex business models) 4) Legitimate Power: the ability of a fraud perpetrator to convince potential perpetrator that he truly has power (authority) over her. (eg. Management to employees) 5) Referent Power: the ability of the perpetrator to relate the potential co-conspirator. "gaining confidence" Increase rationalization through persuade
Investment scams and other consumer frauds
Investment Scams: Selling worthless investment to unsuspecting investors closely related to management fraud Types of consumer fraud 1. Ponzi Schemes: attract investment fund from victims by paying returns (interest or premium) using the money from subsequent investors. 2. Pyramid Schemes: Similar to Ponzi Schemes except the participants believe they are earning money by recruiting other participants. 3. Telemarketing fraud: Victims sending personal financial info to unknown callers. Measures includes offering free gift, prize. "Act now because offer won't last" 4. Nigerian letter or money scams: occurs when a potential victim receives an email or other form of communication promoting that victim the large financial payout in exchange for help in transporting large sums of money from a country to another. (by stating that the up-front payment is needed to pay taxes) 5. Identity theft: using the identity of another person to purchase goods, engage in criminal activity, or perpetrate fraud.(gaining personal info from victim's mailbox or trash can) 6.Advance fee scams: occurs when a victim pay an up front cost for a good or service that is never delivered. The payment is aimed at secure a payment loan, contract, investment, or gift. Perpetrators will cut the contract once they receive money. 7.Redemption/straw-man/bond fraud: perpetrators claim that the U.S government controls certain bank accounts that can be accessed by submitting paper work with government officials. To do so, perpetrators must buy expensive training to do so. 8. Letter of credit fraud: Letter of credit is a legitimate document that is issued by bank to guarantee payment for goods that are shipped in international trade. Perpetrators created bogus letter of credit in order to scam victims. Victims are told that they can use these letters as investment that will pay unrealistic returns. 9. Internet fraud: Becoming a booming business in recent years more than 125000 with estimated losses of more than 100 million and made 125 arrests.
Management fraud (often called financial statement fraud)
Involves Top managers's deceptive manipulation of financial statements. eg. Worldcom, Enron, Waste Management
3)Inaccuracies in Ledgers
Ledger (book of accounts)-all transactions related to specific accounts the accuracy of ledgers is generally ensured by 1)TA=TL+TE 2) balance of Master account=sum of balances of individual accounts (some companies) Two common fraud relating to ledgers: 1) A ledger does not balance: total debit ≠ total credit This indicates that the fraudulent cover-up in the accounting record is incomplete eg. the perpetrator may embezzle inventory while not reduce inventory account (actually lower) 2) Master (control) accounts balances ≠ the sum of individual customer or vendor balances This indicate that manipulation of individual customer or vendor's balance without changing master receivable and payable in the ledger
Criminal and Civil Prosecution of fraud
Must prove that the perpetrator act with INTENT best accomplished by gathering evidence matter (consists of underlying date and all corroborating info available)
Accounting anomalies
Result from unusual processes or procedures in the accounting system "the checks being paid to 22 doctors were sent to the same two address" ASK Are the payments reasonable? Do the endorsement make sense? Why are the checks going to and the bills coming from the same address? ... Auditors: only match financial statements with documents Fraud examiners: Determine the authenticity of document and whether payment make sense
Fraud Classification #2
Occupational fraud (Definition from ACEF): the use of one's occupation for personal enrichment through organization's resources or assets Resulted from the misconduct of employees, managers, or executives. Key the activity is always done in secret to gain direct and indirect benefits to the perpetrators in the cost of victim's (organizations's) assets, time, and reputations. Types of occupational fraud 1. asset misappropriations: involve the theft or misuse an organizations' assets. 2. corruption: fraudsters wrongfully use their influence in business transactions in order to procure some benefits for themselves or another person, contrary to their occupational duty and violate others right 3. fraudulent financial statement: falsification of an organ's financial statement
What is Fraud
One's behavior of gaining unauthorized benefits, either for oneself or for the institution through unethical conducts (deception, theft, suppression of truth.....)
CEE exam
Online exam: 500 objective questions 10 hours four sections: 2.6 hours maximum each section. (Must complete in 30 days)
Open Database Connectivity (ODBC)
Open Database Connectivity (ODBC) is a standard method of querying data from corporate relational databases. -It is a connector between the front-end analysis and the back-end corporate database. -It is usually the best way to retrieve data for analysis. 1. It can retrieve data in real time. 2. It allows use of the powerful SQL language for searching and filtering. 3. It allows repeated pulls for iterative analysis. 4. It retrieves metadata like column types and relationships directly.
Ponzi Scheme (Pyramid Scheme)
Ponzi scheme is an investment fraud that pays existing investors with funds collected from new investors Deception: Ponz's false statement of its business model and investment returns Greed: Investor's want unreasonable high returns Confidence: Investors trusts Ponzi's promise on the return and legal business based on the early return he offered
Analytical fraud symptoms
Procedures and relationship that are unusual and unbelievable. eg. Transactions odd in time and space /performed by the people who would not normally participate/ including odd policy and procedures.. The story behind the changes of Financial Statements' numbers must be consistent. Auditors often use analytical procedures to check fraud symptoms, but is are not always effective Reason-sometimes analytical relationship stay the same even with fraud exist.
Text Import
Several text formats exist for copying data from one application (i.e., a database) to another (i.e., an analysis application). 1. Delimited text- Comma separated values (CSV); tab separated values (TSV) 2. Fixed-width format 3. Extensible markup language (XML)-Used in many new applications 4. EBCDIC- Used primarily on IBM mainframes
Data Analysis Software
Software used by auditors and investigators for data analysis includes: - ACL Audit Analytics Powerful program for data analysis Most widely used by auditors worldwide -CaseWare's IDEA Recent versions include an increasing number of fraud techniques ACL's primary competitor -Microsoft Office + ActiveData A plug-in for Microsoft Office Provides data analysis procedures Based in Excel and Access Less expensive alternative to ACL and IDEA -Other software packages include SAS and SPSS (statistical analysis programs with available fraud modules) Traditional programming languages like Perl, Python, Ruby, Visual Basic, and other specialized data mining platforms
Tips and Complaints
Symptoms, but not evidence (many turn out to be unjustified) Hard to know real motivations of complaints eg. employees might be motivated by personal problem and jealousy. Vendors might be motivated by the lost of contract The reasons why people are hesitant to come forward with the fraud and report. 1. usually impossible to know fraud for sure 2. fear reprisal for being a whistle-blower 3. intimidated by the perpetrator 4.think that squealing on someone is wrong 5.not easy to come come forward with organizations
The control environment
The Control environment: work atmosphere an organization build to its employees 1)Management role and example: "The tone at the top" , employee is likely to imitate managements' bahviors 2) management communication: communicating what behavior is unacceptable by clearly stating and labeling To be effective, communication must be consistent (no change based on situations) proper modeling (management being example) proper labeling (communicating unacceptable behaviors) must be consistent 3) Appropriate hiring: When dishonest employees are hired, even the best controls will not prevent fraud 4) Clear organization structure: clearly stated responsibility reduce perceived opportunities 5) Effective internal audit department: Internal auditors provide independent checks and cause perpetrators to question whether opportunity exist (reduce perceived opportunities)
The importance of understanding traits of fraud perpetrators
They are very much like people who have traits that the organizations look for their employees, clients, and vendors. This knowledge can help us understand 1)most employees and business partners are capable of committing fraud 2)It is impossible to predict in advance who will be the Fraud perpetrators.
1)Irregularities in Source Documents
Three document symptoms can signal the embezzlement 1. photocopied document 2. the recognition of increased past-due accounts receivable 3. excessive voids or credits Common fraud symptoms involving documents See Graph
Tips and Complaints
Three elements of fraud 1) Theft act 2)Concealment: hide fraud to the others 3) Conversion: converting stolen asset to cash Detecting fraud: employees vs auditors Employees are always in better position to recognize fraud, but they are the least trained to do so. (even so the detection on many fraud are detect by employee complaints and tips. Theft Auditors in the worst position of detecting fraud because they involved when the period end. (theft usually stop during this period) Concealment If the audit sample altered documents, miscounts, they may can detect fraud. Employees are in much better position: They are exposed to the concealment on regular basis, but auditors only see samples involving the concealment. Conversion there is no way for auditors to discover life style change and unusual activities. Such as employee who use to drive ford now drive a new BMW and wearing designer suits. Employees are in better position to recognize these changes.
Chapter 14: Fraud Against Organizations
Three types (ACEP report) 1 Asset misappropriation: schemes that involve the theft or misuse of an organization's asset 2 Corruption: schemes in which a person uses personal influence in a business transaction to obtain an unauthorized benefit to that person's duty to his or her employer. 3 Fraudulent statements: fabrication of an organization's financial statements to make the company appear more or less profitable.
Vendor Fraud
Two forms 1. Fraud perpetrated by vendors acting along 2. Fraud perpetrated though the collusion between vendors and buyers. Consequences: overcharge of purchase goods, the shipment of inferior goods, or the non-shipment of goods though the payment is made. eg. the significant overcharge of defense vendors to national defense department
Fraud Prevention
Two steps 1. create and maintain a culture of honesty and high ethics. 2. assisting the risks for fraud and developing a concrete response to mitigate the risks and eliminate the opportunities for fraud. -The most cost-effective way to reduce fraud loss -Sometimes perceived opportunities are so high, making fraud prevention impossible
The element of Rationalization
When rationalization is strong enough, no need for high perceived opportunity and pressure to commit Fraud. "the organizations owes me". " I am only borrowing money and will repay" " No body will get hurt" " I deserve more" ...
Fraud Classification #3
categorize fraud based on victim 1. A organization or company being fraud victims a. employee embezzlement-perpetrator is employee b. vendor fraud-perpetrator is a vendor c. Customers fraud-perpetrator is a customer 2. Management fraud: shareholders or creditors being victims 3. Investment scams and other customers frauds: unwary individuals being victims 4. Miscellaneous frauds: fraud doesn't fall into above three categories and may have committed for reason other than financial gain
Customer Fraud
customers don't pay, pay too little, or get too much from the organization through deception eg. a well suited bank customer walked into bank and deceive 525000 cashier's check from the branch manager although she only has 13000 in the bank account. Manager believe in her because her " wealthy" appearance.
