CFE Exam
Markey Division
(or market allocation) schemes involve agreements among competitors to divide and allocate markets and to refrain from competing in each other's designated portion of the market.
Elements of fraud based on the failure to disclose material facts
- The defendant had knowledge of a material fact. - The defendant had a duty to disclose the material fact. - The defendant failed to disclose the material fact. - The defendant acted with intent to mislead or deceive the victim(s).
The World Bank Principles for Effective Insolvency and Creditor/Debtor Regimes (World Bank Principles) recommends that the administrator have broad powers, including:
- The right to cancel fraudulent contracts or transactions entered into by the debtor - The power to collect, preserve, and dispose of the debtor's property - The ability to interfere with contracts to meet the objectives of the insolvency process - The power to examine the debtor, the debtor's agents, or other people with knowledge of the debtor's affairs and compel them to provide relevant information
Smurfing
a scheme to launder funds through financial institutions.
expert testimony
a person who, by reason of education, training, skill, or experience, is qualified to render an expert opinion regarding certain pertinent issues.
Understates sales scheme
an employee enters or submits a sales total that is lower than the amount paid by the customer and skims the difference between the actual purchase price of the item and the sales figure recorded.
Domestic Concern
any citizen, national, or resident of the United States or any business entity that has its principal place of business in the United States or that is organized under the laws of a state, territory, possession, or commonwealth of the United States.
three general approaches to obtaining the verbal confession:
chronologically, by transaction, or by event
Consumption tax
collected from the proceeds of the sale of goods or services.
Data Minimization
collecting and storing the minimal amount of information necessary to perform a given task. Data minimization is important to data security because thieves cannot steal what an entity does not have.
double-pledging collateral schemes,
borrowers pledge the same collateral (i.e., an item of value used to secure or guarantee a loan) with different lenders before liens are recorded and without telling the lenders.
Compliance
designed to achieve conformity to the law without having to detect, process, or penalize violators. These systems provide economic incentives for voluntary compliance to the laws and use administrative efforts to control violations before they occur.
Predication
he totality of circumstances that would lead a reasonable, professionally trained, and prudent individual to believe that a fraud has occurred, is occurring, or will occur. In other words, the basis upon which a fraud examination, and each step taken during the examination, is commenced.
The goal of a Benford's Law analysis
identify fictitious numbers. This provides that the distribution of the digits in multi-digit natural numbers is not random; instead, it follows a predictable pattern. That is, when natural numbers are present, Benford's Law maintains that certain digits show up more than others do
Records of a Wire Transfer
identify who sent the wire, where it was sent, the date it was sent, and its amount.
Controlled Answer Techniques
may be used to stimulate a desired answer or impression. These techniques direct the interview toward a specific point.
prejudgment attachments
plaintiffs in fraud cases can seek a court order to prevent the defendant or a third party from disposing of, spending, damaging, transferring, or concealing assets or property while the lawsuit is pending. Depending on the jurisdiction, however, the order may be called a freezing order, a precautionary attachment, a preventative injunction, or a similar term. In some jurisdictions, courts also have the authority to seize assets or property temporarily while the lawsuit is pending.
bustout scheme
planned and fraudulent bankruptcy. an apparently legitimate business orders large quantities of inventory or other goods on credit, and then disposes of those goods through legitimate or illegitimate channels. Because the point is to quickly resell the goods for cash, the fraudster is likely to purchase more liquid items like inventory than real estate, insurance policies, or services. The perpetrator then closes shop, absconding with the proceeds and leaving the suppliers unpaid. The debtor might then go into bankruptcy. Often, by this point the debtor has already made false accounting entries or taken other steps to conceal the assets or make the sales look legitimate. Other times, debtors simply flee the jurisdiction or do not show up at the proceedings.
Contingent Liabilities
potential obligations that will materialize only if certain events occur in the future. A corporate guarantee of personal loans received by a company officer and potential losses from ongoing litigation are examples of contingent liabilities that must be disclosed. Current accounting standards require entities to disclose contingent liabilities in the notes to the financial statements if it is possible that an outflow of cash will be required to settle a present obligation in the future.
need recognition scheme
procurement employees convince their employer that it needs excessive or unnecessary products or services; occur in the presolicitation phase
Mail Fraud
prohibit the use of the country's mail system to perpetrate fraud. In the United States, the mail fraud statute also applies to the use of private interstate commercial carriers (e.g., FedEx, UPS, and DHL) in connection with a fraud scheme. Mail fraud laws generally give the government broad authority to prosecute fraud schemes, even if parts of the scheme occur in another country
Liability Omissions
include the failure to disclose loan covenants or contingent liabilities. Loan covenants are agreements, in addition to or as part of a financing arrangement, that a borrower has promised to keep as long as the financing is in place. The agreements can contain various types of covenants, including certain financial ratio limits and restrictions on other major financing arrangements.
Regulatory and legal misconduct
includes a wide range of risks, such as conflicts of interest, insider trading, theft of competitor trade secrets, anti-competitive practices, environmental violations, and trade and customs regulations in areas of import and export. Depending on the particular organization and the nature of its business, some or all of these risks might be applicable and should be considered in the fraud risk assessment process.
If an asset is stolen, the accounting equation can be balanced by:
increasing another asset, reducing a liability, reducing an owners' equity account, reducing revenues (and thus retained earnings), or creating an expense (and thus reducing retained earnings).
Open Source Information
information in the public domain; it can be defined as publicly available data "that anyone can lawfully obtain by request, purchase, or observation."
reciprocal loan arrangements scheme
insiders in different banks cause their banks to lend funds or sell loans to other banks with agreements to buy their loans—all for the purpose of concealing loans and sales.
The anti-bribery provisions of the U.S. Foreign Corrupt Practices Act (FCPA)
make it unlawful to bribe a foreign official for business purposes. Only regulated parties, such as issuers, domestic concerns, and foreign nationals or businesses, are subject to FCPA jurisdiction. An issuer is a corporation that has issued securities that have been registered in the United States or that is required to file periodic reports with the U.S. Securities and Exchange Commission (SEC). A domestic concern is any citizen, national, or resident of the United States or any business entity that has its principal place of business in the United States or that is organized under the laws of a state, territory, possession, or commonwealth of the United States. Moreover, the FCPA applies extraterritorially to U.S. citizens working for foreign subsidiaries of domestic companies. A foreign national or business is subject to the FCPA if it takes any act in furtherance of a corrupt payment within U.S. territory. Additionally, the agents, subsidiaries, or other third-party representatives who act on behalf of an issuer, a domestic concern, or a foreign national or business are liable under the same conditions as the issuer, domestic concern, or foreign national or business. The FCPA's anti-bribery provisions extend only to corrupt payments made to foreign officials.
The U.S. wire fraud statute
makes it a crime to defraud a victim of money or property by means of wire or other electronic communications (e.g., computer, telephone, radio, or television) in foreign or interstate commerce.
doctor shopping scheme
patients "shop" (i.e., search) for multiple doctors who will provide controlled substances
Rent-A-Patient Schemes
paying individuals to undergo unnecessary medical procedures that are then billed to the patient's insurer or health care program. These schemes occur in countries using a third-party-payer system or single-payer system that allows private providers to bill health care programs.
Duty of Care
people in a fiduciary relationship must act with such care as an ordinarily prudent person would employ in similar positions.
Anti-bribery Provision of FCPA
makes it unlawful to bribe a foreign official for business purposes. Only regulated parties, such as issuers, domestic concerns, and foreign nationals or businesses, are subject to FCPA jurisdiction. The FCPA applies extraterritorially to U.S. citizens working for foreign subsidiaries of domestic companies. A foreign national or business is subject to the FCPA if it takes any act in furtherance of a corrupt payment within U.S. territory. Additionally, the agents, subsidiaries, or other third-party reps who act on behalf of an issuer, a domestic concern, or a foreign national or business are liable under the same conditions as the issuer, domestic concern, or foreign national or business. extends only to corrupt payments made to foreign officials.
Commercial Bribery
the corruption of a private individual to gain a commercial or business advantage. That is, in commercial bribery schemes, something of value is offered to influence a business decision rather than an official act. The elements of commercial bribery vary by jurisdiction, but they typically include: - defendant gave/received a thing of value. - The defendant acted with corrupt intent. - defendant's scheme designed to influence recipient's action in a business decision. - The defendant acted without the victim's knowledge or consent.
Declaratory remedies
the court states or declares the rights of the parties.
Enterprise Risk Management
the culture, capabilities, and practices, integrated with strategy-setting and its performance, that organizations rely on to manage risk in creating, preserving, and realizing value.
Ineffective defenses for tax crimes
the death of the taxpayer often cannot be used as a defense because taxes owed due to tax evasion typically survive the taxpayer's death, meaning the deceased taxpayer's estate will be held liable. Also, liabilities owed as a result of tax evasion may not be discharged in bankruptcy proceedings. If a person commits a tax fraud offense, amending fraudulent information held by the government will not generally relieve the taxpayer of criminal liability.
Financial Statement Fraud
the deliberate misrepresentation of the financial condition of an enterprise accomplished through the intentional misstatement or omission of amounts or disclosures in the financial statements to deceive financial statement users.
Draw Request
the documentation substantiating that a developer has incurred the appropriate construction expenses and is now seeking reimbursement or direct payment. Generally, draw requests on construction loans are made on a periodic schedule (e.g., once a month) and are verified by a quantity surveyor (QS) or other authorized entity as agreed to by the financial institution. The request should be accompanied by the following documents: - Paid invoices for raw materials - Lien releases from each subcontractor - Inspection reports - Canceled checks from previous draw requests - Bank reconciliation for construction draw account for previous month - Loan balancing form demonstrating that the loan remains in balance - Change orders, if applicable - Wiring instructions, if applicable - Proof of developer contribution, if applicable
Churning
the excessive trading of a customer account to generate commissions while disregarding the customer's interests. Specifically, this occurs when an investment professional excessively trades an account for the purpose of increasing their commissions instead of furthering the customer's investment goals.
over-invoicing scheme
the exporter invoices goods or services to the importer at a price above their market value. This scheme transfers value to the exporter because the exporter collects the amount of the higher price that was invoiced, which is more than the goods or services can be sold for on the open market.
under-invoicing scheme
the exporter invoices goods or services to the importer at a price below their market value. This scheme transfers value to the importer because the amount the importer pays for the goods or services is less than the amount they can be sold for on the open market.
duplicate invoicing scheme
the exporter issues more than one invoice for the same trade transaction. By issuing duplicate invoices, a money launderer can justify multiple payments for the same goods or services.
Notice Pleading
the facts in the pleading must merely put the defendant on notice of the alleged claims; do not need to include the specific facts underlying the case.
Integration
the final stage in the laundering process. In this stage, the money is integrated back into the economy in a way that makes it appear to be part of a legitimate business transaction.
Placement
the first stage of the money laundering process. In this stage, the launderer introduces their illegal profits into the financial system. It is at this stage that legislation has been developed to prevent launderers from depositing or converting large amounts of cash at financial institutions or taking cash out of the country. Money laundering schemes are most often detected at this stage
credit data blocking scheme
the perpetrator first applies for and obtains loans for property, vehicles, etc. but intentionally defaults on them. Rather than allowing their credit report to reflect the defaulted loans, the perpetrator asserts that the initial loans were instances of identity theft. While the validity of the fraud claims is being checked, the perpetrator's negative credit history is temporarily removed from their credit report. This allows the perpetrator to take out more loans, which they will also intentionally default on.
Technical Surveillance
the practice of covertly acquiring audio, visual, or other types of data from targets through the use of technical devices, procedures, and techniques. When corporate spies resort to the use of technical surveillance, it is usually to gather nondocumentary evidence or information that cannot be found through open sources. Corporate spies might employ various forms of technological surveillance, such as aerial photography, bugging and wiretapping, video surveillance, photographic cameras, mobile phones, monitoring computer emanations, and computer system penetrations.
Technical Surveillance
the practice of covertly acquiring audio, visual, or other types of data from targets through the use of technical devices, procedures, and techniques. When corporate spies resort to this, it is usually to gather nondocumentary evidence or information that cannot be found through open sources.
Arbitration
the process whereby a dispute is submitted to an impartial third person who then decides the outcome of the case (i.e., which party should win). The arbitrator acts as a judge or jury, deciding the case on its merits.
Natural numbers
those numbers that are not ordered in a particular numbering scheme and are not human-generated or generated from a random number system
Security logs
track security-related events like log-on and log-off times and changes to access rights.
Pharming
type of attack in which users are fooled into entering sensitive data (such as a password or credit card number) into a malicious website that imitates a legitimate website. It is different from phishing in that in pharming schemes, the attacker does not have to rely on having users click on a link in an email or other message to direct them to the imitation website.
Obstruction of Justice
ccurs when an individual engages in an act designed to impede or obstruct the investigation or trial of other substantive offenses
Bid Tailoring Schemes
occur during the pre-solicitation phase. In these schemes, an employee with procurement responsibilities, often in collusion with a contractor, drafts bid specifications in a way that gives an unfair advantage to a certain contractor. Some common red flags of bid tailoring include: - Weak controls over the bidding process - Only one or a few bidders respond to bid requests - Contract is not rebid even though fewer than the minimum number of bids are received - Similarity between specifications and the winning contractor's product or services - Bid specifications and statements of work are tailored to fit the products or capabilities of a single contractor - Unusual or unreasonably narrow or broad specifications for the type of goods or services being procured - Requests for bid submissions do not provide clear bid submission information (e.g., no clear time, place, or manner of submitting bids) - Unexplained changes in contract specifications from previous proposals or similar items - High number of competitive awards to one supplier - Socialization or personal contacts among contracting personnel and bidders - Specifications developed by or in consultation with a contractor who is permitted to compete in the procurement - High number of change orders for one supplier
Clinical Lab Schemes
occur when a provider advises a patient that additional medical testing is needed to diagnose a problem when the testing is not actually required or advisable. The fee for the unnecessary work often is split with physicians. In some cases, physicians own the medical testing service. Additional medical testing, which is later viewed as excessive, is not always fraud. Many doctors have a genuine fear of retaliation from their patients; they are afraid of malpractice lawsuits that might result from a delayed or erroneous diagnosis.
Clinical lab schemes
occur when a provider advises a patient that additional medical testing is needed to diagnose a problem when the testing is not actually required or advisable. The fee for the unnecessary work often is split with physicians. In some cases, physicians own the medical testing service. Additional medical testing, which is later viewed as excessive, is not always fraud. Many doctors have a genuine fear of retaliation from their patients; they are afraid of malpractice lawsuits that might result from a delayed or erroneous diagnosis.
Business Identity Theft
occurs when a fraudster impersonates a business to commit financial fraud.
Account takeover fraud
occurs when a fraudster surreptitiously takes control of a payment account. Targeted accounts can include credit cards, banking, brokerage, or any type of online retail account (e.g., Amazon). Because consumers often use the same username and password for multiple accounts, hackers commonly create code that can run credentials obtained from a data breach at one company to see if they are valid at another. Consumers should opt for multifactor authentication when available, request notification of account access or changes when offered, and regularly check any online accounts that hold payment information.
DRG creep
occurs when a hospital or other medical institution deliberately and systematically manipulates diagnostic and procedural codes to increase reimbursement amounts or other forms of funding. In other words, DRG creep is an intentional pattern of upcoding by a hospital or other medical institution.
Unrecorded sales scheme
occurs when an employee sells goods or services to a customer and collects the customer's payment but makes no record of the sale. Independent salespersons are in a good position to perform sales skimming schemes. A prime example is a person who sells goods door-to-door but does not turn in the orders to their employer
Insider Trading
occurs when an insider—someone who possesses inside information about a security—buys or sells securities on the basis of material information about the security that is not available to the public. Inside information is any material, nonpublic information about a security that is not generally available to the public and that could affect the security's price
Overstating Revenues
occurs when the money launderer records more income on a business's books than the business actually generates. The fictitious revenue accounts for the illegal funds that are secretly inserted into the company.
Bid Suppression
occurs when two or more contractors enter into an illegal agreement whereby at least one of the conspirators refrains from bidding or withdraws a previously submitted bid.
Repeating the Question
a means for a deceptive respondent to gain more time to think of what to say. The respondent might repeat the question verbatim or might frame the answer with a request to repeat the question (e.g., "What was that again?" or similar language). Conversely, a truthful subject usually does not have to contemplate an answer.
Authentication Requirement
serves to ensure that evidence is what it purports to be and is genuine, not a forgery.
To determine materiality, ask:
"Would a reasonable investor wish to know this information to make an informed decision?" If the answer is "yes," then this information, or the lack thereof, has a high likelihood of being deemed material.
As a general rule, to determine materiality, the fraud examiner needs to answer the following question:
"Would a reasonable investor wish to know this information to make an informed decision?" If the answer is "yes," then this information, or the lack thereof, has a high likelihood of being material.
The Committee of Sponsoring Organizations of the Treadway Commission's (COSO) Internal Control—Integrated Framework (the Framework) identified five interrelated components of internal control:
(1) control environment, (2) risk assessment, (3) control activities, (4) information and communication, and (5) monitoring. The effectiveness of internal controls can be determined from an assessment of whether (1) each of these five components is in place and functioning effectively and (2) the five components are operating together in an integrated manner.
Two principal components of the FCPA
(1) the anti-bribery provisions and (2) the accounting provisions. In short, the anti-bribery provisions make it unlawful to bribe foreign government officials to obtain or retain business, and the accounting provisions require publicly traded companies subject to the FCPA's jurisdiction to keep accurate books and records and adopt internal controls to prevent improper use of corporate funds.
Quick Ratio
(Cash + marketable securities + receivables) / current liabilities; this is used to assess a company's ability to meet sudden cash requirements; commonly referred to as the acid test ratio, compares quick assets (i.e., those that can be immediately liquidated) to current liabilities. It is calculated by dividing the total of cash, securities, and receivables by current liabilities. This offers a more conservative view of a company's liquidity because it excludes inventory and other current assets that are more difficult to rapidly turn into cash.
The Expenditures Method
(also known as the sources and application of funds method) compares the suspect's known expenditures and known sources of funds during a given period of time. That is, this analysis seeks to quantify the cost of the subject's lifestyle and determine whether the subject's reported income is sufficient to support their lifestyle; best used when the subject spends illicit income on consumables (e.g., travel and entertainment) that would not cause an increase in net worth.
Calibrating
(or norming) is the process of observing behavior before critical questions are asked. should be a routine part of all interviews. People with truthful attitudes will answer questions one way; those with untruthful attitudes will generally answer them differently. The best way to do this is through the use of noncritical questions on background information, place of employment, and the like. If the witness displays general nervousness or other verbal and nonverbal clues during this phase of questioning, subsequent indicators might not be reliable. The key is to observe changes in behavior.
Lay Testimony
(sometimes called factual testimony), where witnesses testify about what they have experienced firsthand & factual observations.
Steps individuals can take to protect their personal information and prevent identity theft
* Do not give out government identification numbers unless absolutely necessary. * Do not carry government identification cards (or numbers) in purses or wallets. * Create complex passwords or passphrases that are at least eight characters in length and contain upper- and lowercase letters, numbers, and symbols. * Do not reuse passwords. Use a different password for every website, account, or device. * Never send personal information, such as a password or government identification number, via email. Reputable organizations will not request personal information by email. * When available, use biometric authentication (e.g., fingerprints, voice recognition). * Create unique answers for security questions. Do not choose answers containing personal information that is publicly available (e.g., name of high school, mother's maiden name). * Protect computers with strong and regularly updated firewall and antivirus software, and promptly install all security updates and patches. * Avoid suspicious websites. * Delete messages from unknown senders without opening them. * Only download software from trusted websites. * Avoid using unsecured, public Wi-Fi networks. * Limit the amount of personal information shared on social media. * Use software to permanently erase all data from hard drives before disposing of computers, smartphones, copiers, printers, and other electronic devices. * Secure physical mailboxes with a lock, check physical mail regularly, and instruct the post office to suspend mail during vacations. * Shred all sensitive documents. * Opt out of unsolicited offers for pre-approved credit cards or other lines of credit. * Pay attention to billing cycles and review all bills and statements. * Check credit reports regularly.
Systems for safeguarding sensitive and proprietary information should include:
* Task force * Security risk assessments * Security policies and procedures * Awareness training * Nondisclosure agreements * Noncompetition agreements * Data classification * Data retention and destruction policies * Data minimization * Security controls * Measures to guard manual file systems * Monitoring of visitor access * Quiet room * Incident response plan The failure to include any of these measures is a poor information security practice that can contribute to the loss of proprietary information.
data analysis queries that can be performed by data analysis software on accounts payable:
- Audit paid invoices for manual comparison w/ actual invoices. - Summarize large invoices by amt, vendor, etc. - Identify debits to expense accounts outside of set default accounts. - Reconcile check registers to disbursements by vendor invoice. - Verify vendor tax forms (e.g., U.S. Form 1099 or Value - Added Tax [VAT] forms). - Create vendor detail & summary analysis reports. - Review recurring monthly expenses and compare to posted/paid invoices. - Generate a report on specified vouchers for manual audit or investigation.
Businesses commonly used to front money laundering operations
- Bars - Restaurants - Nightclubs - Vending Machines - Wholesale Distribution
common information security goals that should be achieved to ensure the security of information systems for users and account holders
- Confidentiality of data - Integrity of data - Availability of data - Authentication - Non-repudiation
Income and wealth tax evasion (Common Forms)
- Failing to submit a report of one's taxable income, if required - Intentionally misrep. one's income/wealth - Pretending to transfer assets to another person or entity to lower tax liability - Intentionally failing to withhold the taxable portion of an employee's income, if so required - Failing to report foreign bank accounts or other taxable assets, if required - Falsely claiming income was earned in another jurisdiction to lower tax liability
customer due diligence (CDD) procedures for financial institutions under the Financial Action Task Force (FATF) Recommendations
- Identifying the customer and verifying the customer's identity through reliable, independent source documents or data - Identifying the beneficial owner of the account or service, including the ownership and control structure of organizations - Obtaining information and understanding the purpose and intended nature of the business relationships involved in the account or service - Conducting ongoing due diligence on the business relationship and transactions of the customer to ensure that they are consistent with the customer's profile
Common Tyles of Obstruction of Justice
- Influencing or injuring any officer of the court or juror by force, threats of force, intimidating communications, or corrupt influence - Influencing a juror through a writing - Stealing or altering records or processes by parties that are not privy to the records - Using force or threats of force to obstruct or interfere with a court order - Destroying documents related to a future proceeding - Tampering with a witness, victim, or an informant (e.g., killing or attempting to kill, using force or threats of force, intimidating, influencing with bribes or other corrupt means, misleading, or harassing the protected parties) - Influencing, obstructing, or impeding a government auditor in the performance of their official duties - Obstructing the examination of a financial institution
Common defenses to Tax Evastion
- No Tax Deficiency: The defendant can establish that there is no tax deficiency. In most jurisdictions, if there is no deficiency, there is no tax liability. This is generally the best defense, if available, because several other defenses might negate willfulness but do not necessarily eliminate a tax liability with interest and penalties. - Lack of Willfulness: good faith belief that one is not violating the tax law, based on a misunderstanding caused by the law's complexity, negates willfulness. - Avoidance, not Evasion - Reliance on an Attorney or Accountant - Mental Illness
indicators of a bid splitting scheme
- Two or more similar or identical procurements from the same supplier in amounts just under upper-level review or competitive-bidding limits - Two or more consecutive related procurements from the same contractor that fall just below the competitive-bidding or upper-level review limits - Unjustified split purchases that fall under the competitive-bidding or upper-level review limits - Sequential purchases just under the upper-level review or competitive-bidding limits - Sequential purchases under the upper-level review or competitive-bidding limits that are followed by change orders
common carriers for malware
- Unknown or unchecked application software - Infected websites - Banner ads - Software or media that employees bring to work - Files downloaded from the internet - Infected software from vendors and suppliers - Uncontrolled and shared program applications - Files uploaded from storage devices, such as USB flash drives - Demonstration software - Freeware and shareware files - Email attachments
key measures in the Recommendations provide that countries should:
- Use a risk-based approach when setting AML policies. - Create policies that increase cooperation and coordination with other countries. - Specifically criminalize money laundering and terrorist financing. - Enable authorities to trace, freeze, and confiscate assets suspected in laundering and terrorist financing. - Require financial institutions to keep certain records and establish AML policies, avoid correspondent banking with shell banks, and continuously monitor wire transfers.
order in which one should conduct the steps involved in the data analysis process
1) Build a profile of potential frauds 2) Obtain the data 3) Cleanse and normalize the data 4) Analyze the data 5) Monitor the data
Rules for FEs Taking notes
1) First, the interview notes for each interview should be recorded on a separate document. This can be especially helpful if documents from a particular interview are subpoenaed. 2) Second, take accurate, but not necessarily verbatim, notes during the interview. Do not try to write down all the information provided during an interview; only write down the pertinent facts. Taking too many notes will make the interview process cumbersome, and it might inhibit the respondent. If, however, a quote is particularly relevant, try to write it down verbatim. Enclose all direct quotes in quotation marks. 3)Third, do not slow down the interview process for note-taking. Instead, write down key words or phrases, and then go back over the details at the end of the interview. In general, it is better to err on the side of taking too few notes rather than too many.
Common ways to commit a falsified hours and salary scheme
1) Inflating the number of hours worked 2) Inflating the rate of pay 3) Forging a supervisor's signature 4) Collusion with a supervisor 5) Implementing poor custody procedures 6) Altering a timesheet after it has been approved
3 Principal Types of billing Schemes
1) Invoicing via shell companies 2) Invoicing via nonaccomplice vendors 3) Personal purchases with company funds
3 determinations to allow an expert to testify
1) Is the person qualified as an expert witness? 2) Will the expertise of the witness assist the jury in understanding the evidence or determining a fact at issue? 3) Is the testimony reliable?
false statements to government agencies
1) Knowingly and willfully (or with reckless disregard for truth or falsity) 2) Made a false claim or statement (or used a false document) 3) That was material (i.e., sufficiently important or relevant to influence decision-making) 4) Regarding a matter within the jurisdiction of a government agency 5) With knowledge of its falsity
3 common methods for concealing liabilities and expenses on a company's financial statements
1) Omitting liabilities and/or expenses 2) Improperly capitalizing costs rather than expensing them 3) Failing to disclose warranty costs and product-return liabilities
The recommended methodology for responding to cybersecurity incidents
1) Preparation 2) Detection and analysis 3) Containment and eradication 4) Breach notification 5) Recovery and follow-up
The essential elements of fraud based on the failure to disclose material facts
1) The defendant had knowledge of a material fact. 2) The defendant had a duty to disclose the material fact. 3) The defendant failed to disclose the material fact. 4) The defendant acted with intent to mislead or deceive the victim(s).
elements of fraudulent misrepresentation of material facts
1) The defendant made a false statement (i.e., a misrepresentation of fact). 2) The false statement was material (i.e., the statement was sufficiently important or relevant to influence decision-making). 3) The defendant knew the representation was false. 4) The victim relied on the misrepresentation. 5) The victim suffered damages as a result of the misrepresentation.
Elements of Perjury
1) The defendant made a false statement. 2) The defendant made the false statement while under oath. 3) The false statement was material or relevant to the proceeding. 4) The defendant made the statement with knowledge of its falsity.
The International Organization of Securities Commissions Objectives and Principles of Securities Regulation (IOSCO Principles) is based on the following three objectives
1) The protection of investors 2) Ensuring that markets are fair, efficient, and transparent 3) The reduction of systemic risk
3 basic ways to prove corrupt payments
1) Turn an inside witness. 2) Secretly infiltrate or record ongoing transactions. 3) Identify and trace the corrupt payments through audit steps.
planning phase (4 steps)
1) Understanding the data 2) Defining examination objectives 3) Building a profile of potential frauds 4) Determining whether predication exists
Steps of Money Laundering Process
1. Placement 2. Layering 3. Integration
Initial Pleading Requirements
A civil action begins when the plaintiff files a pleading with the appropriate court, usually in the jurisdiction in which the defendant resides or where the claim arose. The pleading sets out the complaint against the defendant and the remedy that the plaintiff is seeking. The required contents of the plaintiff's pleadings will vary somewhat between jurisdictions, but most jurisdictions require fact pleadings, meaning the plaintiff must identify: - The grounds for legal relief - A summary of the evidence - The specific facts on which the party's claim relies - Key items of expected evidence
Off-book fraud
A fraud that occurs outside the financial system and therefore has no direct audit trail. There are several kinds of off-book frauds that will be discussed in this book. Skimming is the most common off-book fraud.
Prosecutorial Bargaining
A method of disposing of cases in a growing number of countries is through bargaining agreements, which occur when a defendant makes an agreement with prosecutors to plead guilty or submit a recorded confession in exchange for lesser charges or a reduced sentence. Most civil law countries do not have pleas, per se, but there can still be bargaining agreements. A defendant can enter a confession, but the confession is submitted as evidence in an otherwise standard proceeding. However, a confession in evidence clearly reduces the difficulty of prosecuting the case, so an agreement between the prosecution, the defendant, and the court can be made to reduce the sentence in exchange for a voluntary confession.
Redemption Scheme
A person can redeem some insurance policies, such as life insurance, before the event that triggers the insurance occurs. In other words, the insurer agrees to pay the beneficiary of the policy an amount less than what the payout on a claim occurrence (in the case of life insurance, the death of the insured) would be. Using illicit assets, launderers can purchase life insurance or other redeemable contracts for themselves or their associates. If the investigator did not know that the launderer bought the insurance policy with illicit assets, the redemption payout would appear legitimate.
software keylogger
A type of program that monitors and logs the keys pressed on a system's keyboard
core principles of sound corporate governance
Accountability Transparency Fairness Responsibility
According to the 2020 Report to the Nations, which of the three major categories of occupational fraud is the most common
Asset misappropriation
bankruptcy using forged documents
Bankruptcy petitions are sometimes filed using forged documents, and often, the filings are made using stolen identities, usually as part of a larger scheme using an assumed identity. If someone files for bankruptcy using a stolen identity, it can take years to correct the credit records of the person whose identity was stolen. Alternatively, a debtor might file for bankruptcy using a name obtained from obituary notices.
Fictitious Provider Scheme
Corrupt providers or other criminals fraudulently obtain and use another provider's identification information and steal or purchase lists of patients' identifying information. Thereafter, the perpetrator submits bills using the fictitious provider's information to the insurance provider or government health care program for medical services, although no services are performed.
Preservation of Relevant Evidence
Common law jurisdictions, in which litigants are usually obligated to disclose relevant information to the opposing side, impose a duty on litigants to take affirmative steps to preserve relevant evidence, and this duty might arise prior to the commencement of litigation. in common law courts, this typically arises when litigation is reasonably anticipated or contemplated. When an organization is involved in litigation, this duty applies to the organization's management, and it extends to employees likely to have relevant information. A violation occurs when information that is relevant to anticipated or existing litigation is lost, destroyed, or otherwise made unavailable.Violating this can result in several adverse sanctions for the offending party, and such sanctions can arise from both intentional acts and accidental acts through negligence. The adverse consequences can include, but are not limited to, monetary penalties, the drawing of adverse inferences of fact, and criminal penalties. The theory behind such consequences is that the individual who makes evidence unavailable following the probable initiation of a lawsuit is aware of its detrimental effect upon a case.
Information Security Goals
Confidentiality, integrity, availability, authentication, and non-repudiation
Entries on the right side of the account are:
Credits
Entries to the left side of an account are referred to as:
Debits
fraudulent conveyance bankruptcy scheme
Debtors often attempt to conceal their assets by transferring the assets to another person or a company. A transfer is a fraudulent conveyance if the purpose of the transfer is to hinder, delay, or defraud a creditor.
Abnormal Traffic
Either higher or lower than usual, could be an indication that an attacker has gained access to an organization's network and is manipulating traffic by sending malicious software to the network or exfiltrating data from it, among other things. A common sign of unusual network traffic includes geographical irregularities related to network access and traffic.
Purpose of corporate governance
Encourage the efficient use of resources and require accountability for the stewardship of those resources.
Shell Companies
Fictitious entities created for the sole purpose of committing fraud; usually involve an employee making fraudulent payments to the dummy company. Most shell company schemes involve the purchase of services rather than goods. The primary reason for this is that services are not tangible. If an employee sets up a shell company to make fictitious sales of goods to their employer, these goods will obviously never arrive. By comparing its purchases to its inventory levels, the victim organization might detect the fraud. It is much more difficult for the victim organization to verify that the services were never rendered. For this reason, many employees involved in shell company schemes bill their employers for things like "consulting services."
key phases of procurement processes that employ competitive bidding mechanisms
For the purpose of fraud detection, procurement processes that employ competitive bidding mechanisms can be reduced to four basic stages: - The presolicitation phase - The solicitation phase - The bid evaluation and award phase - The post-award and administration phase
common types of administrative penalties
Imprisonment and other criminal penalties are not generally imposed in administrative proceedings. some common types include monetary fines and penalties, license suspension or revocation, and debarment. Administrative proceedings can result in the suspension or revocation of a professional license.
Expert Report
Fraud examiners who serve as expert witnesses in litigation are tasked with providing an expert report, which requires them to provide particular information about their qualifications, their opinions, the bases of those opinions, and various other pieces of information. The purpose of an expert report is to inform the parties, the judge, and the jury (if applicable) about the expert's opinion of the case, as well as the expert's credibility for commenting on such issues.
New account fraud
Fraud that occurs on an account within the first ninety days that it is open; often, perpetrators open these accounts with the sole intent of committing fraud. Prompt, decisive action is necessary to manage and/or close apparent problem accounts. Some of the more common red flags of potential new account schemes are: * Customer residence outside the bank's trade area * Dress and/or actions inconsistent or inappropriate for the customer's stated age, occupation, or income level * New account holder requesting immediate cash withdrawal upon deposit * Request for large quantity of temporary checks * Services included with the account that do not match the customer's purpose * Missing or inaccurate customer application information * Invalid phone numbers or addresses in customer account information * Use of a mail drop address (a service where a non-affiliated party collects and distributes mail for individuals or entities) * Large check or automated teller machine (ATM) deposits followed by rapid withdrawal or transfer of funds (a pass-through account) * Business accounts without standard business transactions, such as payroll or transactions that would be expected in that business * Transactions without a clear purpose in jurisdictions known for high levels of corruption * Opening deposit that is a nominal cash amount * Rare customer ID type * Applicants over the age of 25 with no credit history * Customers who cannot remember basic application information (i.e., phone number, address)
indicators of check fraud
Frequent deposits in round numbers or for the same amount and checks issued to individuals for large, even amount
Appealing a civil case
Generally, both sides in a civil case may appeal from an adverse judgment, either as to liability or damages. In common law systems, the appellate court is largely limited to reviewing the legal decision of the trial court, rather than the factual determination of the judge or jury. The appeals court may reverse & remand for a new trial on some or all of the issues, order that a certain portion of the awarded damages be remitted, or enter final judgment, if legal grounds are clear, in favor of either party. In most civil law systems, the civil appellate court may review issues of both law and fact, meaning it may obtain additional witness testimony, gather new documentary evidence, obtain new expert opinions, and so forth. The appellate court may reverse, affirm, remand for additional proceedings, and (in some jurisdictions) modify the trial court's decision.
The statement of changes in owners' equity acts as the connecting link between which two financial statements?
Income statement and balance sheet
Fictitious Expense Reimbursement Scheme
Instead of overstating a real business expense or seeking reimbursement for a personal expense, an employee invents a purchase to request reimbursement. One way to generate a reimbursement for a fictitious expense is to create fraudulent support documents, such as false receipts. Using basic computer software, it is easy for employees to create realistic-looking counterfeit receipts at home. These counterfeits are often very sophisticated, even including logos of the stores in which the goods or services were allegedly purchased.
Laws Restricting the Interview Process
Interviews, and especially interviews of suspects, can expose the organizational powers administering the interview and the individual conducting the interview to certain legal risks. Thus, before engaging in an interview, the fraud examiner must understand the ramifications of their actions, which requires an understanding of certain legal issues and how they limit or affect the ways in which an interview may be conducted. t most jurisdictions have restrictions concerning the ways in which employers can conduct interviews. Such restrictions might originate from employment contracts, collective labor laws, laws protecting labor rights, the common law, laws protecting fundamental rights, other applicable statutes, and so on.
primary purpose of an automated clearing house (ACH) filter
It enables account holders to provide their banks with a list of criteria to ensure only designated individuals get paid.
making a false statement to the government
Laws prohibiting false claims and statements to government agencies make it illegal for a person to lie to, or conceal material information from, a government agency. A false claim is an assertion of a right to government money, property, or services that contains a misrepresentation. A false statement is an oral or written communication, declaration, or assertion that is factually untrue. Generally, to prove a violation, the government must show that the defendant: - Knowingly & willfully (or with reckless disregard for truth or falsity) - Made a false claim/statement (or used a false document) - That was material (i.e., sufficiently important or relevant to influence decision-making) - Regarding a matter within the jurisdiction of a government agency - With knowledge of its falsity
Who is ultimately responsible for the prevention and detection of fraud within an organization
Management
Bad Debt Expense
Managers can overstate their company's accounts receivable balance by failing to record bad debt expense. Bad debt expense is recorded to account for any uncollectible accounts receivable. The debit side of the entry increases bad debt expense, and the credit side of the entry increases the allowance (or provision) for doubtful accounts, which is a contra account that is recorded against accounts receivable. Therefore, if the controller fails to record bad debt expense, the allowance (or provision) for doubtful accounts will be understated.
Unusual Performance Issues
Many different types of computer and network intrusion or compromise can result in performance issues for the computers or networks that are presumed to be affected, whether the issues relate to malware infection, external unauthorized access, or insider actions. Some unusual performance issues that could indicate that a computer or network is compromised might include unexpected patching of systems or the installation of unwanted or unknown software.
Asset Turnover Ratio
Measures how efficiently a business uses its average total assets to generate sales. It is used to determine the efficiency with which asset resources are used by the entity. This is one of the more reliable indicators of financial statement fraud. A sudden or continuing decrease in this ratio is often associated with improper capitalization of expenses, which increases the denominator without a corresponding increase in the numerator. The asset turnover ratio is typically calculated by dividing net sales by average total assets (net sales / average total assets)
Abnormal Access Patterns
Most organizations employ a system that restricts access to sensitive files or information on their network to only those who require that access as part of their organizational role, and user patterns typically reflect access that aligns with the normal course of business. Any abnormalities or outliers to the usual access patterns could indicate that the network has been compromised by an insider or external actor and might include passwords that are not working or bundles of data being in the incorrect place.
Overstated refund scheme
Rather than creating an entirely fictitious refund, a fraudster might overstate the value of a real customer's refund, pay the customer the actual amount owed for the returned merchandise, and then keep the excess portion of the return.
Inherent Risks
Risks that are present before the effect of internal controls (including targeted anti-fraud controls)
Indicators of Compromise (IOCs) or Indicators of Attack (IOAs)
Signs that attackers accessed or are currently attempting to access a system; can include unusual inbound or outbound network traffic, anomalies in user access to network files, or unusual network or computer performance.
establishing the interview theme
Stating the purpose of the interview
UK Bribery Act
The United Kingdom's analogue of the FCPA, although with several distinctions; contains a specific offense for the bribery of foreign public officials; it contains a general commercial bribery offense; and it creates a corporate offense of failure to prevent bribery. Exercises broad jurisdiction over all individuals and corporate entities for such acts when any part of the offense occurs in the United Kingdom. Furthermore, liability exists for acts committed outside the United Kingdom by individuals and entities with a close connection to the United Kingdom, including: - British citizens, overseas citizens, overseas territories' citizens, and any person declared a British subject under the 1981 British Nationality Act - Individuals who normally reside in the UK - An entity incorporated under the law of any part of the UK
Falsified Hours & Salary Schemes
The most common method of misappropriating funds from the payroll is the overpayment of wages. For hourly employees, the size of a paycheck is based on two factors: the number of hours worked and the rate of pay. Therefore, for hourly employees to fraudulently increase the size of their paycheck, they must either falsify the number of hours they have worked or change their wage rate.
examining phase
The judge completes a written record of the evidence and may also collect testimony and additional evidence. If the judge certifies that there is a valid case against the accused, the matter moves forward to trial.
Lapping
The method of concealing a receivables skimming scheme whereby one customer account is credited for a payment that was intended for another account
Cash Larceny
The most straightforward cash larceny scheme is one in which the perpetrator just opens the register and removes currency. This might be done while a sale is being conducted to make the theft appear to be part of the transaction or when no one is around to notice the perpetrator reaching into the cash drawer. For instance, a teller could simply sign onto a register, ring a "no sale," and take currency from the drawer.
Employment Identity Theft
a fraudster impersonates another person to secure a job.
Separation of Duties
The primary means of preventing cash fraud; Whenever one individual has control over the entire accounting transaction (e.g., authorization, recording, and custody), the opportunity is present for cash fraud. Each of the following duties/responsibilities should be separated: - Cash receipts - Bank deposits - Bank reconciliation - Cash disbursements If one person has the authority to collect the cash, deposit the receipts, record that collection, and disburse company funds, the risk of fraud is high.
Qualifying an expert witness
The process of evaluating whether an expert is qualified mainly centers on the candidate's formal education and work experience—whether that includes thirty years in law enforcement or ten years in a large accounting firm. But there is no standard educational requirement for expert testimony; a witness with no formal education may be qualified based on either special training or experience (CFE cert. is not enough). Some other factors that may be considered include the candidate's: - Awards and honors - Licensing or certification - Technical training - Published books and journal articles - Positions in professional associations, societies, & orgs.
Skimming
The removal of cash from a victim entity prior to its entry in an accounting system. Employees who skim from their companies steal sales or receivables before they are recorded in the company books. Because of this aspect of their nature, skimming schemes are known as off-book frauds; they leave no direct audit trail
Preparation Phase
The second phase of the data analysis process; The results of a data analysis test will only be as good as the data used for the analysis. Thus, before running tests on the data, the fraud examiner must make certain the data being analyzed are relevant and reliable for the objective of the engagement. During the preparation phase of the data analysis process, the fraud examiner must complete several important steps, including: - Identifying the relevant data - Obtaining the requested data - Verifying the data - Cleansing and normalizing the data
traditional identity theft
a fraudster steals an individual's personal information and pretends to be that individual. For example, a fraudster might use an individual's name, government identification number, and date of birth to impersonate the individual and gain access to the individual's bank account. This is called an account takeover
Jury Trials
While jury trials are typically used in criminal proceedings in common law jurisdictions, this is not always the case. For some cases, usually minor criminal offenses, a jury trial might not be available. In serious cases, however, jury trials are typically available. Additionally, many common law jurisdictions allow the defendant to waive the right to trial by jury. When no jury is present, the judge serves as the fact finder.
Willful
To establish criminal liability for tax evasion, most jurisdictions require a willful attempt to evade or defeat taxes in an unlawful manner. In the context of tax evasion, a good faith or legitimate misunderstanding of the applicable law typically negates willfulness (the voluntary, intentional violation of a known legal duty). That is, honest mistakes, in contrast to willful evasion, do not constitute tax evasion. However, a court might find that a defendant's claimed misunderstanding of the law is implausible given the evidence presented.
Although most fraudsters commit their crimes without the aid of an accomplice, the interviewer should determine whether others were involved.
To obtain this information, the interviewer shouldn't ask if anyone else assisted; instead, they should phrase the question similar to this: "Who else knew about this besides you?" By asking who else "knew," the interviewer is not only asking for the names of possible conspirators, they are also asking about others who might have known what was going on & failed to report
Signature Card
To open a personal account, the individual opening the account must provide a signature card, or similar document, evidencing a contract between the customer and bank. The signature card is a source of valuable information. Although its form varies, the card usually contains the person's name, address, telephone number, identification number, amount of the opening deposit (and possibly the source of the opening deposit), and security data (e.g., mother's maiden name). The person's identification information might be significant, especially if the depositor used an alias. Also, a fraud examiner might be able to trace the opening deposit through the bank's records to disclose a source of income.
Debarment
Under some laws, individuals and businesses can be excluded from participating in government programs; can be temporary or permanent, and debarred parties are often added to a list that is maintained by the government agency and viewable by the public.
reporting requirement regarding large cash transactions with customers for financial institutions and designated nonfinancial businesses and professions (DNFBPs) under the Financial Action Task Force (FATF) Recommendations
Under the best practices provided in the Financial Action Task Force (FATF) Recommendations, countries should implement a reporting requirement for financial institutions and designated nonfinancial businesses and professions (DNFBPs) that engage in cash transactions above the jurisdiction's designated threshold. The reports should cover domestic and international cash transactions. Many jurisdictions implement this reporting requirement. Note that the recommended reporting requirement does not apply to everyone; it only applies to financial institutions and DNFBPs. DNFBPs include: - Casinos (including internet- and ship-based casinos) - Real estate agents - Dealers in precious metals and stones - Legal professionals at professional firms (not internal legal professionals) -Trust and company service providers
two methods of percentage analysis of financial statements
Vertical Analysis and Horizontal Analysis
Dark Web
Websites that are only accessible through specialized web browsers meant to anonymize the origins of user traffic
Intrusion into an individual's private matters (often referred to as intrusion upon seclusion)
a common law invasion of privacy civil wrong that occurs when an individual intentionally encroaches into an area where another individual has a reasonable expectation of privacy and the encroachment would be highly offensive or objectionable to a reasonable person
True name fraud
a fraudster uses an individual's personal information to open a new account in the individual's name. Unlike an account takeover, which involves an existing account, true name fraud involves a new account.
Issuer
a corporation that has issued securities that have been registered in the United States or that is required to file periodic reports with the U.S. Securities and Exchange Commission (SEC). an issuer is a regulated party under the FCPA
Search Warrant
a court order that grants government authorities the right to search a premises or property for information pertinent to a case. The requirements for search warrants or other similar authorization, however, do not apply to private parties acting on their own accord because the right to be free from unreasonable searches and seizures does not protect against actions by such parties. Instead, it protects individuals from actions by government authorities. Thus, to determine whether a search warrant or similar authorization is required for a search to be conducted in an investigation, it is necessary to first determine whether government authorities are involved in the search.
Multi-file processing
a data analysis software function that allows users to relate several files by defining relationships in collected data, without the use of the Join command.
blockchain
a digital ledger, or database, of transactions that allows data to be distributed and stored on multiple computer systems at once. Although these entries don't include direct identifying information, they do contain users' cryptographic addresses for each transaction made. Therefore, by carefully examining blockchain data, fraud examiners can ID patterns linking certain users to criminal activity.
Ransomware
a form of malware that locks a user's operating system and restricts access to data files until a ransom is paid. To intimidate internet users into compliance, ransomware often employs a convincing professional interface, commonly emblazoned with police insignia or an official government logo. Messages sometimes consist of threatening accusations that the user has been caught viewing illegal videos, downloading pirated media, or otherwise accessing forbidden internet content, with the only remedy being to pay a fine. Other forms are far more direct and make no effort to conceal their obvious attempts at extortion.
Ratio Analysis
a means of measuring the relationship between any two different financial statement amounts. The relationship and comparison are the keys to the analysis, which allows for internal evaluations using financial statement data. Traditionally, financial statement ratios are used in comparisons to an entity's industry average. They can be very useful in detecting red flags for a fraud examination.
Social Engineering
a method for gaining unauthorized access to a computer system in which the attacker deceives victims into disclosing personal information, such as their password, or convinces them to commit acts that facilitate the attacker's intended scheme.
Textual analytics
a method of using software to extract usable information from unstructured text data. Through the application of linguistic technologies and statistical techniques—including weighted fraud indicators (e.g., fraud key words) and scoring algorithms—textual analytics software can categorize data to reveal patterns, sentiments, and relationships indicative of fraud.
Fraudulent Second Liens
a person assumes a homeowner's identity and takes out an additional loan or a second mortgage in the homeowner's name. If there is not enough equity in the home to warrant a second loan, an inflated appraisal is obtained. This scheme often involves a high level of collusion between a loan officer, an appraiser, and a title agent (or other real estate document service provider).
smartcard
a plastic card, the size of a credit or debit card, embedded with a microchip. A key advantage of smart cards is that, unlike regular magnetic stripe credit and debit cards, they cannot be easily replicated. Similarly, smart cards cannot be easily counterfeited, which greatly reduces the potential for fraud with in-person transactions. Smart cards include a wide variety of hardware and software features capable of detecting and reacting to tampering attempts and countering possible attacks. If someone tries to tamper with a chip on a smart card, the card detects the intrusion and shuts itself down, rendering the card useless.
Mutual legal assistance (MLA)
a process by which countries request and provide assistance in law enforcement matters, such as gathering information, obtaining provisional remedies, and enforcing foreign orders and judgments. To obtain assistance from a foreign government, the government seeking assistance makes an MLA request. An MLA request is a written request to the government of a foreign country that is used to obtain assistance in law enforcement matters. Generally, MLA can be used to obtain assistance in matters such as conducting searches, gathering evidence, compelling sworn testimony and the production of documents, issuing search warrants, issuing subpoenas, serving process, exchanging affidavits, obtaining provisional remedies, and providing assistance in forfeiture proceedings.
logical access control
a process by which users are identified and granted certain privileges to information, systems, or resources. These controls are designed to protect the confidentiality, integrity, and availability of informational resources.
Internal Control
a process, effected by an entity's board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives relating to operations, reporting, and compliance.
Trojan Horse
a program or command procedure that gives the appearance of being useful but actually contains hidden malicious code that causes damage. When the hidden code in a Trojan horse is activated, it performs some unwanted or harmful function. Often, viruses and worms attach themselves to other legitimate programs, becoming Trojan horses and spreading to other systems.
Consent
a recognized exception to the requirement that government agents must obtain a warrant before they search a person, location, or vehicle for evidence of a crime. Individuals are always free to consent to searches. If a suspect consents to a search or seizure by police or a government agent, it eliminates the need for a search warrant. That is, the consent to search waives the person's right to be free from government searches. To be valid, it must be voluntary. if obtained by force, duress, or bribery it will generally be held to be involuntary and invalid; therefore, it will not constitute a valid waiver of the person's right to be free from unreasonable searches. Jurisdictions are mixed, however, as to whether consents obtained by deceit constitute valid waiver. Also, there is generally no requirement that government agents warn suspects that they have a right to refuse consent.
Conspiracy
a situation in which two or more people agree to commit an illegal act. The essential elements that must be shown to prove a conspiracy are as follows: 1) The defendant entered into an agreement with at least one other person to commit an illegal act. 2) The defendant knew the purpose of the agreement and intentionally joined in the agreement. 3) At least one of the conspirators knowingly committed at least one overt act in furtherance of the conspiracy.
Deep Learning
a subset of artificial intelligence that uses artificial neural networks—systems that simulate the processes and functions of a brain—with many layers to accommodate more data and more sophisticated algorithms to identify complex patterns; capable of learning from unstructured and unlabeled data.
Value-added Tax (VAT)
a system that imposes a tax on an item that is assessed incrementally based on its increase in value at each point along a supply chain, from manufacture, to wholesale, to retailer, to consumer; the tax is collected by the seller in each transaction, and only the difference between the price paid by the initial purchaser and the price paid by the subsequent purchaser is taxed
Excise Tax
a tax on a narrow class of goods or services (e.g., tobacco or gasoline), usually assessed one time (per jurisdiction) at the manufacturer or wholesaler level
Sales Tax
a tax on goods or services, usually assessed at the consumer level and collected by the retailer or seller at the point of sale
Horizontal Analysis
a technique for analyzing the percentage change in individual financial statement line items from one accounting period to the next. The first period in the analysis is considered the base period, and the changes to subsequent periods are computed as a percentage of the base period. (Trend Analysis)
Vertical Analysis
a technique for analyzing the relationships among the items on an income statement, balance sheet, or statement of cash flows during a specific accounting period by expressing components as percentages of a specified base value within the statement being analyzed.
Robotic process automation (RPA)
a technology that allows for the configuration of a business program to emulate and integrate the actions of a human to execute certain business processes. RPA is useful for organizations that wish to increase efficiency and automate repetitive manual tasks. One of the benefits that RPA provides in fighting fraud is the lessening of human interaction in day-to-day tasks. When employees are responsible for inputting data into systems, there is an opportunity for them to manipulate the data for personal gain. By fully automating certain tasks, employees are turned into reviewers rather than inputters. Also, by limiting human interaction, RPA mitigates the risk caused by human error.
cryptocurrency
a type of digital currency that uses public or private key encryption in the currency's creation & transfer. While cryptocurrency transactions can be difficult & complicated to trace, most cryptocurrencies rely on public blockchains that provide visibility into every transaction that takes place
Fidelity Insurance
a type of insurance under which the insured entity is covered against losses caused by the dishonest or fraudulent acts of its employees.
Spyware
a type of software that collects and reports information about a computer user without the user's knowledge or consent.
Positive pay
allows a company and its bank to work together to detect fraudulent items presented for payment. The company provides the bank with a list of checks and amounts that are written each day. The bank verifies items presented for payment against the company's list and rejects items that are not on the list. Investigations are conducted as to the origin of the unlisted items.
reorganization
allows the debtor respite from creditors so that the debtor can reorganize its financial affairs and continue as a going concern. Some reorganization proceedings involve putting the debtor's business under receivership for a certain period to ensure as much debt is paid back as possible.
Asset Method
allows the fraud examiner to prove income circumstantially by showing that the subject's assets for a given period exceed those that can be accounted for from known or admitted sources of income. Fraud examiners should use this method when it's suspected that the subject has accumulated wealth & acquired assets with illicit proceeds, which causes the subject's net worth—the difference between a person's assets and liabilities at a particular point in time—to increase. this process involves Identifying assets previously acquired, identifying current liabilities, and taking the difference between the two
Bid Rotation
also known as bid pooling, occurs when two or more contractors conspire to alternate the business among themselves on a rotating basis.
Nonconforming goods or services fraud
also known as product substitution or failure to meet contract specifications, refers to attempts by contractors to deliver goods or services to the procuring entity that do not conform to the underlying contract specifications. Once contractors deliver goods that do not conform to the contract, they bill and receive payment for conforming goods or services without informing the purchaser of the deficiency.
correspondent banking relationship
an arrangement in which one bank maintains a correspondent account at another bank for the purpose of settling transactions for itself or its customers. In other words, one financial institution has the authority to provide certain financial services on another institution's behalf. A foreign correspondent relationship involves a correspondent banking relationship between foreign and domestic institutions.
Pay-and-return scheme
an employee intentionally mishandles payments that are owed to legitimate vendors. One way to do this is to purposely double pay an invoice. For instance, a clerk might intentionally pay an invoice twice and then call the vendor to request that one of the checks be returned. The clerk then intercepts the returned check.
Fictitious Refund Scheme
an employee processes a transaction as if a customer were returning merchandise, even though no actual return takes place. Two things result from this fraudulent transaction. First, the employee takes cash from the register in the amount of the false return. Since the register log shows that a merchandise return has been made, the disbursement appears legitimate. The register log balances with the amount of money in the register because the money that was taken by the employee is supposed to have been removed and given to a customer as a refund. The second thing that happens in a fictitious refund scheme is that a debit is made to the inventory system showing that the merchandise has been returned to the inventory. Because the transaction is fictitious, no merchandise is actually returned. As a result, the company's inventory is overstated.
Fictitious refund scheme
an employee processes a transaction as if a customer were returning merchandise, even though there is no actual return. Then the employee takes cash from the register in the amount of the false return. The customer might or might not be aware of the scheme taking place.
mischaracterized expense scheme
an employee requests reimbursement for a personal expense, claiming that it is business related
multiple reimbursement scheme
an employee submits several types of support for the same expense in order to get reimbursed multiple times
Ponzi Scheme
an illegal business practice in which new investors' money is used to make payments to earlier investors. The investment opportunity is typically presented with the promise of uncommonly high returns. While the scam is presented as a legitimate investment, there is little or no actual commerce involved. When an enterprise promotes an investment opportunity that invests little or none of the participants' money and uses new investments to make dividend payments, the enterprise is running this.
Mediation
an impartial third person assists the parties in reaching a resolution to the dispute. The mediator does not decide who should win but instead works with the parties to reach a mutually agreeable settlement
Person-to-person (P2P) payment system
an increasingly popular method for making payments between individuals or between an individual and a business. Commonly used to make online payments but are not as common for in-person payments, such as paying for clothes at a department store or buying groceries at a supermarket. These services are also used to move money internationally and between various currencies at exchange rates that rival traditional methods of currency exchange. TransferWise and PayPal are examples. Mobile payment applications or digital wallets, such as Venmo or Apple Pay, might also have these features.
Person-to-person (P2P) payment systems
an increasingly popular method for making payments between individuals or between an individual and a business. P2P payments are commonly used to make online payments but are not as common for in-person payments, such as paying for clothes at a department store or buying groceries at a supermarket. These services are also used to move money internationally and between various currencies at exchange rates that rival traditional methods of currency exchange.
Non-Repudiation
an information security goal that an e-commerce system should strive to provide its users and asset holders. It refers to a method used to guarantee that the parties involved in an e-commerce transaction cannot repudiate (deny) participation in that transaction. Non-repudiation is obtained through the use of digital signatures, confirmation services, and timestamps. Additional information security goals that should be achieved to ensure the security of information systems for users and account holders include: - Confidentiality of data - Integrity of data - Availability of data - Authentication
Non-repudiation
an information security goal that an e-commerce system should strive to provide its users and asset holders. It refers to a method used to guarantee that the parties involved in an e-commerce transaction cannot repudiate (deny) participation in that transaction; obtained through the use of digital signatures, confirmation services, and timestamps.
The Financial Action Task Force (FATF)
an intergovernmental body that was established at the G-7 Summit in 1989. Its purpose is to develop and promote standards and policies to combat money laundering and terrorist financing at both the national and international levels. The Recommendations, revised in 2012, created the most comprehensive standard with which to measure a country's anti-money laundering (AML), counterterrorism, & nuclear proliferation laws and policies. serve as a basic framework of laws that its members should have. While the FATF Recommendations are not req by the FATF's members, and the FATF acknowledges that following each rule might not be possible, members often adopt them.
The International Organization of Securities Commissions (IOSCO)
an international organization comprised of securities commissioners and administrators responsible for securities regulation and the administration of securities laws in their respective countries. IOSCO is recognized as the international standard-setter for securities markets, and the organization's members regulate more than 95% of the world's securities markets.
International Organization of Securities Commissions (IOSCO)
an international organization comprised of securities commissioners and administrators responsible for securities regulation and the administration of securities laws in their respective countries. recognized as the international standard-setter for securities markets, and the organization's members regulate more than 95% of the world's securities markets. main objectives are to assist its members to: - Cooperate to promote high standards of regulation in order to maintain just, efficient, and sound markets. - Exchange info on their respective experiences to promote the development of domestic markets. - Unite their efforts to establish standards & an effective surveillance of international securities transactions. - Provide mutual assistance to promote the integrity of the markets through a rigorous application of the standards and effective enforcement against offenses.
Covert Operation
an investigation technique designed to obtain evidence by use of agents whose true intentions are not communicated to the target. Covert operations must be undertaken carefully. With proper planning and precautions, such operations can prove very beneficial to an investigation. However, mistakes made during a covert operation can cause irreparable damage to an investigation and result in physical harm to the investigator. Moreover, the investigator might incur reputational, financial, and legal consequences.
Tax Evasion
any fraudulent actions that a taxpayer commits to avoid reporting/paying taxes. To est. criminal liability for tax evasion, most jurisdictions require a willful attempt to evade or defeat taxes in an unlawful manner. a good faith/legitimate misunderstanding of applicable law typically negates willfulness.honest mistakes, in contrast to willful evasion, don't count. a court might find that a defendant's claimed misunderstanding of the law is implausible given the evidence presented.
Civil Law Systems
apply laws from an accepted set of codified principles or compiled statutes. Individual cases are then decided in accordance w/ these basic tenets. Under this system, judges/judicial administrators are bound only by the civil code, not by the previous decisions of other courts. In deciding legal issues, a civil law judge applies the various codified principles to each case.
Internet Archives
archived versions of web pages that have since been updated or are no longer available online. The most popular tool for searching the internet archives is the Wayback Machine, located at https://archive.org. The Wayback Machine allows users to see archived versions of web pages throughout time. Fraud examiners can use the Wayback Machine to find historical information
Judges in Civil Law Jurisdictions . . .
are not bound by previous court decisions, but, in practice, many do use previous decisions to guide their interpretations of codes and statutes.
Responsibility
as it pertains to corporate governance, applies both to the duty of internal parties (e.g., employees, managers, directors, and owners) to act in the best interest of the organization and to the duty of the organization as a whole to act in society's best interest. Both of these considerations include acting within legal, regulatory, and ethical bounds.
double-pledging collateral schemes
borrowers pledge the same collateral (i.e., an item of value used to secure or guarantee a loan) with different lenders before liens are recorded and without telling the lenders.
Double-Pledging Collateral Scheme
borrowers pledge the same collateral (i.e., an item of value used to secure or guarantee a loan) with different lenders before liens are recorded and without telling the lenders.
The right to be free from unreasonable search and seizure by government authorities
can apply to searches in the workplace. However, in this case, the law against unreasonable search and seizure by government authorities will not apply if the search was conducted by a private party without any involvement by government authorities.
United Nations' (UN) International Covenant on Civil and Political Rights (ICCPR)
commits signing countries to recognizing various rights of citizens. Part III of the ICCPR includes the rights of those accused of crimes. As one of these rights, the ICCPR states that all people accused of crimes are entitled to a fair hearing before a court or other tribunal and that the results of the trial should be made public to protect the criminal justice system's transparency. This right includes: - Adequate time to prepare a defense - The ability to be represented by legal counsel of the defendant's choosing and to freely communicate with counsel - The right to have accusations and the procedures explained through a translator for free, if necessary - The right to be tried for charges without undue delay - The right to examine or have examined the witnesses against the accused - Freedom from testifying against oneself or compelled confessions
Organizational Crime
committed by businesses, particularly corporations, and the government. In contrast, occupational crime involves legal offenses committed by individuals in the course of their occupation. An antitrust offense, such as bid rigging or price fixing, would be an organizational crime; accepting or offering bribes is an occupational offense.
two methods for recognizing revenue on long-term construction contracts
completed-contract method or the percentage-of-completion method
Debt to Equity Ratio
computed by dividing total liabilities by total equity. This financial leverage ratio is one that is heavily considered by lending institutions. It provides a better understanding of the comparison between the long-term and short-term debt of the company and the owner's financial injection plus earnings to date
Layering
conceals the source of the money through a series of transactions and bookkeeping tricks. In the final step, integration, the now-laundered money is withdrawn from the legitimate account to be used for whatever purposes the criminals have in mind for it.
Agent Fraud
consist primarily of pilfering premiums and conspiring to reduce premiums. Underhanded agents sometimes issue certificates of coverage to the ostensibly insured customer while misappropriating the premium rather than forwarding it to the insurance carrier. Agents might also conspire to alter or improperly influence insurance applications to offer lower premiums to their clients.
Administrative security (or personnel security)
consists of management constraints, operational procedures, accountability procedures, and supplemental administrative controls established to provide an acceptable level of protection for computing resources. In addition, administrative controls include procedures established to ensure that all personnel who have access to computing resources have the required authorizations and appropriate security clearances. Examples of effective administrative controls for cybersecurity include: - Security policies and awareness training - Separation of duties - Data classification - Computer security risk assessments - Security audits and tests - Incident response plans
government's burden of proof in criminal cases in civil law jurisdictions using inquisitorial court process
conviction intime or inner conviction of the judge
Depersonalizing the Victim
convince the respondent that confessing is the most advantageous option available. To do this, the interviewer must offer a morally acceptable reason that allows the accused to confess to a misdeed without feeling ashamed. In cases involving employee theft, an effective rationalization technique is to depersonalize the victim. The accused is better able to cope with the moral dilemma of their actions if the victim is a faceless corporation or agency.
non-natural numbers
designed systematically to convey information that restricts the natural nature of the number. Any number that is arbitrarily determined, such as the price of inventory held for sale
overstated expense reimbursement scheme.
employees overstate the cost of actual business expenses.
Admission Seeking Interviews
designed to obtain a legal admission of wrongdoing. also serves various other purposes. A culpable individual usually confesses during this phase of an interview, while an innocent person doesn't do so unless threats/coercion are used. Also, the interviewer will seek to obtain a valid confession. finally, these interviews are designed to convince the person to sign a written statement acknowledging the facts.
Compliance verification
determines whether company policies are met by employee transactions. If a company limits the amount of its reimbursements, the software can check to see that this limit is being observed. Many times; sometimes find early indications of fraud by testing detail data for values above or below specified amounts. With the information returned from a simple query, there is a starting point for suspecting fraud.
To prevent the loss or misuse of sensitive data or proprietary information, organizations should . . .
develop and implement risk-based information-security systems designed to detect and prevent unauthorized access to sensitive information. An information security system requires controls that are designed to ensure that data are used as intended, and such controls will depend on the combination and coordination of people, processes, technologies, and other resources.
asset turnover ratio is calculated by
dividing net sales by average total assets
unauthorized withdrawal scheme
employees simply make unauthorized withdrawals from customer accounts; they do not attempt to cover up the theft by adjusting the financial institution's general ledger.
fraud examination report
documents the results of a fraud examination and is generally created by one or more critical members of the fraud examination team. Documenting results is a particularly important function in fraud examinations. The fraud examination report conveys all evidence necessary to evaluate the case, and it can be used to corroborate previously known facts. An accurate report will add credibility to the fraud examination and to the fraud examiner's work.
Real Estate Schemes
easily recognized. There is almost always an element of time pressure, with the victims being convinced they are participating in a "once-in-a-lifetime, now-or-never" deal. Perpetrators mislead victims into thinking they will miss the opportunity to make a fortune if they do not act fast.
Documentary Evidence
ecords that help prove or disprove the existence of fraud or another relevant fact of a case. These records might be created or maintained by the individuals or organizations to whom they pertain or by a third party, such as a vendor or financial institution. Among the most common types in fraud examinations are canceled checks, memoranda, invoices, ledgers, letters, minutes of meetings, receipts, and financial records, such as bank statements.
Address Similarity Reports
electronically compare multiple payments going to the same address. These reports are extremely useful because they might show a payment defalcation or funds going to another insurance company, broker, or fictitious payee.
Official Bribery
elements of official bribery vary by jurisdiction, but they generally include: - The defendant gave or received (offered or solicited) a thing of value. - The recipient was (or was selected to be) a public official. - The defendant acted with corrupt intent. - The defendant's scheme was designed to influence an official act or duty of the recipient.
False accounting entry schemes
employees debit the general ledger to credit their own accounts or cover up a theft from a customer account. In other words, employees adjust the general ledger to cover the stolen amount.
favorite targets of intelligence gatherers
employees in the following departments: research and development (R&D), marketing, manufacturing and production, human resources (HR), sales, and purchasing.
Accrual-Basis Accounting
equires revenues to be recorded when they are earned (generally, when goods are delivered or services are rendered to a customer), without regard to when cash exchanges hands. Expenses are recorded in the same period as the revenues to which they relate. For example, employee wages are expensed in the period during which the employees provided services, which might not necessarily be the same period in which they are paid.
multiple claims health care fraud scheme
filing multiple claims for reimbursement for the same medical service. Patients commit fraud when they make a claim for a covered expense without revealing that they have already received reimbursement for that expense. I.e. patients might seek reimbursement for the same medical service from both the government and a private insurer, two different private insurers, or two different government health care programs.
Baiting Scheme
fraudsters leave malware-infected USB flash drives, CD-ROMs, or similar items in places where people will find them, such as parking lots. The items often have a label designed to elicit curiosity or greed in the victims (e.g., "FREE PRIZE"). Alternatively, the item could be left in a workplace break room with a label that seems relevant (e.g., "Year-End Report"). When the item is inserted into the victim's computer, the computer or network is infected, giving the identity thief access to information.
Human Intelligence
gathered from subject-matter experts and informed individuals. Such efforts typically target individuals who can provide the most valuable information. This approach exploits two weaknesses of corporate culture: (1) all salespeople want to make a sale and (2) many salespeople will do almost anything to make a sale. Other approaches include: - Employment interviews (real and fake) - False licensing negotiations - False acquisition or merger negotiations - Hiring an employee away from a target entity - Planting an agent in a target organization - Social engineering
The Join Function
gathers the specified parts of different data files. Joining files combines fields from two sorted input files into a third file. Join is used to match data in a transaction file with records in a master file, such as matching invoice data in an accounts receivable file to a master cluster.
reimbursement for ineligible claimant
if a primary beneficiary dies, any secondary beneficiary named in the policy is generally ineligible for benefits. However, the secondary beneficiary might fail to notify the insurer of the death and continue to submit claims. Divorced parties can also commit ineligible claimant fraud. For example, suppose that a primary beneficiary and a covered spouse file for divorce, but neither party notifies the health care program. The ex-spouse might continue to submit claims even though they are no longer eligible for benefits.
Kickbacks
improper, undisclosed payments made to obtain favorable treatment.
Tax Shelters
investments that are designed to yield a tax benefit to the investor. Such investments are made to produce tax write-offs, generate deductions, or convert ordinary income into capital gains taxed at a lower rate. Tax shelters might be legal or illegal; they are generally aimed at avoidance, although they might, on occasion, cross the line into evasion if they take abusive forms. An illegal, abusive shelter is one that involves artificial transactions with little or no economic reality. For example, abusive tax shelters might artificially inflate the value of donations to charity; falsely identify an asset for business use that is mainly intended for pleasure; claim excess depreciation or depletion; or engage in the cross-leasing of luxury items such as automobiles, boats, vacation homes, and aircrafts.
Consumer Fraud Schemes
involve a range of fraudulent conduct, usually committed by professional scammers, against unsuspecting victims. Scammers are skilled fraudsters who develop strategies, select targets, and use an appropriate method of delivery to lure their victims. Scammers usually act alone, but they might group together for a particularly complex endeavor. Some examples of consumer fraud schemes include advance-fee schemes, debt consolidation schemes, and diploma mills.
Fictitious or fabricated revenues
involve the recording of sales of goods or services that did not occur. Fictitious sales most often involve fake customers but can also involve legitimate customers. Recording the sales revenue is easy, but the challenge for the fraudster is how to balance the other side of the entry. A credit to revenue increases the revenue account, but the corresponding debit in a legitimate sales transaction typically either goes to cash or accounts receivable. Since no cash is received in a fictitious revenue scheme, increasing accounts receivable is the easiest way to get away with completing the entry. However, accounts receivable stay on the books as an asset until they are collected. If the outstanding accounts never get collected, they will eventually need to be written off as bad debt expense. Mysterious accounts receivable on the books that are long overdue are a common sign of a fictitious revenue scheme.
Scavenging
involves collecting information left around computer systems (e.g., on desks or workstations).
Ditching
involves disposing of a vehicle to collect on an insurance policy or settle an outstanding loan. The vehicle is normally expensive and purchased with a small down payment. The owner falsely reports the vehicle as stolen while orchestrating its destruction or disappearance in some way, such as by having it stripped for parts, burned, or submerged in a large body of water. In some cases, the owner just abandons the vehicle, hoping that it actually will be stolen. Sometimes the scheme involves a homeowner's insurance claim for the property that was supposedly in the vehicle when it was "stolen."
Claimant Fraud
involves misrepresenting the circumstances of any injury or fabricating that an injury occurred. Such schemes are perpetrated by employees who stage accidents or exaggerate minor injuries, sometimes in collusion with unethical doctors, to fraudulently receive compensation benefits.
Shoulder Surfing
involves observing an unsuspecting target from a nearby location while the target enters a username and password into a system, talks on the phone, fills out financial forms, or performs some other task from which valuable information can be obtained.
Dumpster Diving
involves obtaining sensitive information by looking through someone else's trash (e.g., via dumpsters and other trash receptacles).
Cash Basis Accounting
involves recording revenues and expenses based on when a company receives or pays out cash. For example, sales are recorded when a company receives cash payment for goods, regardless of when the goods are delivered. If a customer purchases goods on credit, the company does not record the sale until the cash is received for the sale. Likewise, if a customer prepays for a sale, the company records the sales revenue immediately, rather than when the goods are given to the customer. The process is the same with expenses: The expenses are recorded when paid, without consideration to the accounting period in which they were incurred. The key advantage of cash-basis accounting is its simplicity—the only thing its accounting system must track is cash being received or paid. Using this method makes it easier for companies to track their cash flow.
The solicitation phase of procurements
involves the bid solicitation, bid preparation, and bid submission. During this phase, the procuring entity prepares the solicitation document, provides notices of solicitation, and issues the solicitation document. After the procuring entity issues the solicitation document, the bidders prepare and submit their bids or proposals.
Corruption Scheme
involves the wrongful use of influence to procure a benefit for the actor or another person, contrary to the duty or the rights of others; include bribery, kickbacks, illegal gratuities, economic extortion, and collusion.
air loan
is a loan for a nonexistent property—with air symbolizing the loan's fraudulent absence of collateral. Most or all of the documentation is fabricated, including the borrower, the property ownership documents, and the appraisal. This type of scheme involves a high level of collusion, and perpetrators might even set up a fictitious office with people pretending to be participants in the transaction, such as the borrower's employer, the appraiser, and the credit agency. Usually, air loans go into early payment default. Since there are no actual properties on which to foreclose, the losses on these loans can be enormous.
Missing or Altered documentation
is a red flag for any type of fraud scheme, and it is a particular concern for loan fraud. While it is true that many loan files have missing documents, it is important to determine if the documents have been misplaced or were never received. A waiver of certain documents is one common way for lenders to conceal fraud schemes.
Lay Witness
is anyone who provides nonexpert testimony. Note, however, that an expert witness might also provide lay testimony. Typically, a fraud examiner who worked on a case will be capable of providing lay testimony based on observations made during the investigation. When a trial involves issues that are complex or unfamiliar to most people, as is common in incidents of fraud, expert testimony is appropriate to help the fact finder understand these issues.
Economic Extortion
is present when an employee or official, through the wrongful use of actual or threatened force or fear, demands money or some other consideration to make a particular business decision.
Espionage
is subdivided into both traditional espionage and corporate or industrial espionage categories, is the term used to describe the use of illegal, clandestine means to acquire information; therefore, it does not cover legitimate intelligence collection and analysis using legal means.
An act is done knowingly and willfully if:
it is done voluntarily and intentionally and not by mistake or another innocent reason.
Illegal Gratuities
items of value given to reward a decision, often after the recipient has made the decision. Illegal gratuities are similar to bribery schemes except that, unlike bribery schemes, illegal gratuity schemes do not necessarily involve an intent to influence a particular decision before the fact.
linked financing scheme
large deposits (usually brokered deposits) are offered to a bank on the condition that loans are made to particular individuals affiliated with the deposit broker.
Insurance Prepayment Scheme
launderer makes advance payments on insurance premiums.
Fictitious Services Scheme
legitimate health care providers charge or bill a health care program for services that were not rendered at all. Often, the providers submit bills for patients they have never seen but whose private patient information they purchased from someone involved in identity theft or someone who otherwise improperly obtained it.
Alternative remittance systems
methods of transferring funds from a party at one location to another party (whether domestic or foreign) without the use of formal banking institutions. These systems are characterized by the lack of direct physical or digital transfer of currency from the sender to the receiver. Instead, in the typical alternative remittance system, the payer transfers funds to a local broker who has a connection to another broker in the region where the payee is located. The latter broker then distributes the funds to the payee.
Increasing trend in the number of change orders
might be an indication that construction changes have taken place that would alter the originally planned project to such an extent as to render the underwriting inappropriate.
over-shipment scheme
money launderers understate the quantity of goods that are shipped. More goods are shipped than the company invoices for.
Manipulators
motions like picking lint from clothing, playing with objects such as pencils, or holding one's hands while talking; displacement activities that reduce nervousness.
Illustrators
motions made primarily with the hands that demonstrate points when talking. During nonthreatening questions, the respondent's illustrators might occur at one rate, and during threatening questions, the respondent's use of illustrators might increase or decrease.
transitional theme
necessary when proceeding from assessment questions to admission-seeking questions. In part, the theme should be designed to make the subject believe that they have been caught. Under the ideal circumstance, the interviewer should leave the room for a few minutes before proceeding to admission-seeking questions, saying that they have to "check on something."
Gross Profit
net sales less cost of goods sold
Self-regulatory organizations (SROs)
nongovernmental entities that exercise some level of regulatory authority over the operations, standards of practice, and business conduct of an industry or profession.
Crimeware
not a type of malware but rather a classification of malware denoted by its intent to facilitate criminal behavior. Crimeware can be described as malware designed to simplify or automate online criminal activities, such as programs to fraudulently obtain financial gain from the affected user or other third parties.
Both the UK Bribery Act and the U.S. Foreign Corrupt Practices Act (FCPA) make it a crime to:
offer foreign public officials bribes or to accept bribes from them in connection with international business transactions, and their prohibitions on bribing foreign government officials are broadly comparable. Thus, like the FCPA, the UK Bribery Act seeks to punish corruption on a global level, but the UK Bribery Act has an even broader application than the FCPA.
Bribery
offering, giving, receiving, or soliciting of corrupt payments (i.e., items of value paid to procure a benefit contrary to the rights of others) to influence an official act or business decision. Bribes do not necessarily involve direct payments of cash or goods. Promises of favorable treatment can constitute corrupt payments.
Fiduciary Relationships
officers, directors, high-level employees of a corporation or business, & agents and brokers—owe certain duties to their principals/employers, & any action that runs afoul of such fiduciary duties constitutes a breach. The principal duties are loyalty and care.
concealed assets scheme
often includes trying to hide books and records
Unscrupulous Debt Consolidation Schemes
often involve the agency collecting the money from the debtor but not forwarding it to the creditors. In some instances, considerable time can pass before the debtor finds out that their money has been misappropriated. Another variation of the debt consolidation scheme occurs when customers are guaranteed that they will receive a loan or a credit card regardless of their credit rating. Typically, the victims have been rejected by legitimate financial institutions because their credit ratings are poor. The victim must pay a processing fee for the application to be accepted. After the victim pays the fee, the con artist disappears.
Undercover Operation
often use deception and disguise to obtain evidence directly from those involved in the illicit activity. Agents engaged in undercover operations actively attempt to elicit the desired information.
Understating liabilities & expenses
one of the ways financial statements can be manipulated to make a company appear more profitable. Because pre-tax income will increase by the full amount of the expense or liability not recorded, this financial statement fraud method can significantly affect reported earnings with relatively little effort by the fraudster. There are three common methods for concealing liabilities and expenses: 1) Omitting liabilities and/or expenses 2) Improperly capitalizing costs rather than expensing them 3) Failing to disclose warranty costs and product-return liabilities
volatile interview
one that has the potential to bring about strong emotional reactions in the respondent. Typical volatile interviews involve close friends and relatives of a subject, co-conspirators, and similar individuals. The personality characteristics of those involved in the volatile interview vary. Some individuals are resentful of authority figures, such as fraud examiners and law enforcement officers, by nature. A target's friends, relatives, and romantic interests often make for a difficult interview. They perceive that the fraud examiner is deliberately targeting someone close to them.
Scavenger Scheme
or revenge scheme involves the company that initially conned the consumer. Using a different company's name, the outfit contacts the consumer again and asks if they would like to help put the unethical company out of business and get their money back. Naturally, an up-front fee is required to finance the investigation.
U.S. Foreign Corrupt Practices Act's (FCPA)
prohibits the payment or offer of anything of value to a foreign official for the purpose of obtaining or retaining business. Promises to pay are considered items of value. Furthermore, foreign companies are within the reach if they have registered securities or are otherwise required to file under the U.S. Securities Exchange Act of 1934 (the Exchange Act).
Litigation privilege
protects materials prepared in anticipation of litigation. Thus, the litigation privilege applies only to documents and things prepared in anticipation of litigation. This protection prevents the disclosure of communications made, and documents prepared, for the purpose of litigation. Consequently, the protection may extend to communications of, and documents created by, third-party agents (e.g., consultants or fraud examiners) in preparation for litigation.
Disparate Price Scheme
providers charge some patients (e.g., those in direct payment situations) a lower rate than they charge the government. This disparate bill rate causes the government to pay a higher rate in violation of regulations mandating that the government receive the lowest rate. In addition, some government health programs require that wholesale pharmacies provide the program at the average wholesale price. However, providers might manipulate their data and provide false information to the government program.
Recommendation on Combating Bribery in International Business (Recommendation)
published by the Organisation for Economic Co-operation and Development (OECD) in 1994, urges member states to deter and penalize the bribery of foreign public officials by taking "concrete and meaningful steps" to improve the following areas within their respective infrastructures: - Criminal, civil, commercial, and administrative laws - Tax systems and regulations - Banking and accounting requirements and practices - Laws and regulations related to public subsidies, licenses, and contract procurement
Double-negative questions
questions that have two forms of negation within a single clause; are confusing and often suggest an answer opposite to the correct one.
Bank Deposit Analysis
recommended as a primary method of proof when most of the subject's income is deposited and the accounting and business records of their company or employer are unavailable, withheld, incomplete, or maintained on a cash basis.
System logs
record events executed on an operating system, including miscellaneous events and those generated during system startup, like hardware and controller failures.
Application logs
record the events regarding access to application data. Such events would include data files being opened or closed; specific actions such as reading, editing, deleting, or printing of application files; or the modification of records in an application file
Commercial filings
records that can help fraud examiners identify personal property that an individual or business has financed. These filings and supporting documents can help fraud examiners uncover hidden ownership or relationships between parties by viewing the names of all listed debtors and their addresses. might find information linking individuals to the companies they own or discover information about a company's subsidiaries, branch offices, or parent company. discovering financed assets can reveal information about a person or organization's financial condition.
Nonverbal Cues
refer to clues that are illustrated by an individual's body language. When asked sensitive or emotive questions, the dishonest person will sometimes change their posture completely, as if moving away from the interviewer. They also might manipulate objects, use excessive illustrators, and adopt a fleeing position. Nonverbal indications of deception include: - Full-body motions away from the interviewer - Physical responses such as sweating or labored breathing - Changes in the use of illustrators - Interruptions to the flow of speech - Hands over the mouth - Manipulation of objects such as a pencil - Body positioned in a fleeing position - Crossing of the arms - Unnatural or casual reaction to evidence
Spoofing
refers to the process whereby an individual impersonates a legitimate user to obtain access to the target's network.
Damages
remedies for the victim's recovery of money from the defendant because of, and as compensation, reimbursement, or reparation for, the defendant's legal offense; the remedy most commonly available to the successful plaintiff, and the main purpose of damages is to compensate the plaintiff for the loss caused by the defendant.
Statement of Cash Flows
reports a company's sources and uses of cash during the accounting period. This statement is often used by potential investors and other interested parties in tandem with the income statement to determine a company's true financial performance during the period being reported.; often used in tandem with the income statement to determine a company's true financial performance. It is broken down into three sections: 1) Cash flows from operating activities 2) Cash flows from investing activities 3) Cash flows from financing activities
Card Skimming or Shimming
requires a device, often referred to as a skimmer, wedge, or shimmer, that scans and stores a large amount of credit and debit card numbers; skimmers scan magnetic strips, while shimmers read microchips in smart cards. Card skimming or shimming is more frequent in businesses where an employee is able to remove the card from the customer's view to process the transaction before returning it to the customer.
Duty of Loyalty
requires that the employee/agent act solely in the best interest of the employer/ principal, free of any self-dealing, conflicts of int., or other abuse of the principal for personal advantage.
Residual Risks
risks that remain after the effect of internal controls
Contractor Collusion
seek to circumvent the competitive bidding process. In these schemes, competitors in the same market collude to defeat competition or to inflate the prices of goods and services artificially. The following schemes are common forms of collusion between competitors: Bid rotation, Bid suppression, Market division
balance sheet, or statement of financial position
shows a snapshot of a company's financial situation at a specific point in time, generally the last day of the accounting period. It is an expansion of the accounting equation, Assets = Liabilities + Owners' Equity. That is, it lists a company's assets on one side and its liabilities and owners' equity on the other side. Assets are the resources owned by a company. Generally, assets are presented in order of liquidity (i.e., how soon they are expected to be converted to cash). Generally, in a financial statement fraud scheme, this is manipulated to appear stronger by overstating assets and/or understating liabilities.
Advance Fee Scheme
structured to obtain an illegal gain by falsely promising the delivery of a product or service. In some schemes, the product is marketed to a large number of customers, and then the operation is shut down prior to the delivery stage. Common scenarios used to commit advance-fee scams include the following: - A home improvement contractor requires pre-payment for materials. - Notice of a supposed inheritance from an unknown relative is received. - Various exorbitant fees are required prior to securing financial assistance or advice.
Legal professional privileges
subject to waiver. Because these privileges only protect confidential communications, the protection they provide will be waived for communications disclosed to 3rd parties who have little/nothing to do w/ the client's pursuit of legal rep. because such disclosures demonstrate a lack of confidentiality.Generally, waiver occurs when the client, who holds the privilege, voluntarily discloses (or consents to/ encourages someone else disclosing) any significant part of the privileged communications. Although the client holds the privilege, can be waived by the client's attorney or a 3rd party—someone who is neither the attorney nor the client.
Oral Examination or Deposition
sworn testimony given by a party or witness upon questioning by counsel for one of the parties before trial and outside of court, usually in a lawyer's office. Opposing counsel and a stenographer, who administers the oath and transcribes the testimony, are also present. may be used to obtain evidence about the party's own case or the opponent's, or it may be used to preserve testimony for trial. Some common law jurisdictions do not allow this pretrial, but written examinations are still available pretrial.
Fraud in financial statements
takes the form of overstated assets or revenue and understated liabilities and expenses. Overstating assets or revenue falsely reflects a financially stronger company by inclusion of fictitious asset costs or artificial revenues. Understated liabilities and expenses are shown through exclusion of costs or financial obligations. Both methods result in increased equity and net worth for the company. This overstatement and/or understatement results in increased earnings per share or partnership profit interests or a more stable representation of the company's financial situation.
Affinity Fraud
targets groups of people who have some social connection. Neighborhoods chiefly populated by racial minorities, especially immigrant groups, are often the site of affinity frauds, and older individuals and language minorities are frequent targets as well. In addition, religious and professional ties are often exploited.
Money Services Business (MSB)
term used w/ growing frequency to define a regulatory class of non-depository financial service providers that transmit/convert money. Although has particular meanings in diff. jurisdictions, it gen. includes any business that operates in 1 or more of the following capacities: - Currency exchangers - Check cashers - Issuers, sellers, or redeemers of traveler's checks, money orders, or stored value - Money transmitters - Prepaid access providers or sellers offer an alternative to depository institutions for both financial services & money laundering. For this reason, an individual unable to transfer illegal funds into the traditional depository banking system might turn to these. In addition, most operate under less strict regs. than traditional financial institutions. These overall less stringent requirements tend to raise the money laundering risk in certain transactions involving users. However, there is a regulatory trend to expand certain requirements, such as customer due diligence (CDD) programs, to these
pretexting
the act of impersonating someone else or making false or misleading statements to obtain, sell, or buy information about a person or organization; not always illegal, but it should be used with caution
2 Components of the FCPA
the anti-bribery provisions and the accounting provisions. The anti-bribery provisions make it unlawful to bribe foreign government officials to obtain or retain business, and the accounting provisions require publicly traded companies subject to the FCPA's jurisdiction to keep accurate books and records and adopt internal controls to prevent improper use of corporate funds. While the FCPA prohibits bribes to foreign officials for business purposes, it does not prohibit all payments to foreign officials. It contains an explicit exception for certain types of payments, known as facilitating payments, or grease payments, made to expedite or secure performance of a routine governmental action by a foreign official, political party, or party official that relates to the performance of that party's ordinary and routine functions.
False void scheme
the first thing the perpetrator needs is the customer's copy of the sales receipt. Typically, when an employee sets about processing a fictitious void, the employee simply withholds the customer's receipt at the time of the sale. In many cases, customers do not notice that they are not given a receipt.
confidential informant
the fraud examiner is not in a position to offer unqualified confidentiality. Therefore, any promises made to the informant should be qualified with the caveat that no absolute assurances of confidentiality can be given. The fraud examiner should explain to the informant that all possible steps will be taken to ensure complete confidentiality.
standard of proof for civil trials in civil law jurisdictions
the inner conviction of the judge, sometimes called the conviction intime standard. This standard requires stronger evidence than the common law preponderance of the evidence standard used in civil trials but not as much as the common law beyond a reasonable doubt standard used in criminal trials.
Premium Fraud
the misrepresentation of information to the insurer by employers to lower the cost of workers' compensation premiums. For example, an employer might understate the amount of the payroll for higher-risk classifications, thus receiving lower-cost premiums.
Illegal Pyramid Scheme
the more members that are recruited, the higher the investor is purported to rise in the ranks of the enterprise, and the more money the investor is supposed to make.
Liquidation
the most basic type of bankruptcy proceeding and involves accounting for all dischargeable debts the subject owes, identifying all of the subject's assets, and liquidating nonexempt assets to pay off creditors. This process allows the debtor to get a court or administrative order under which some or all debts may be eliminated.
To open a business account for a corporation
the opening party must provide a signature card, or similar document, and copies of corporate resolutions of the board of directors authorizing the opening of the bank account and naming the person who may authorize payments on the account. Also, the bank might require a copy of the company's organizational or business filings (such as articles of incorporation). These documents should indicate who the company's corporate officers are and its date of incorporation.
Experts in inquisitorial systems
the primary experts are obtained by the court. subject to various examinations and might have to conduct their own examinations of witnesses. Usually, all of the expert's activities related to the case are controlled by the judge, who determines the scope of the expert's analysis, the expert's authority to access certain items of evidence, whom the expert can interview, and several other functions. Because some jurisdictions allow parties to submit testimony or evidence from their own experts in addition to the court-appointed expert, the latter might need to interview the parties' experts. The expert should carefully follow the judge's instructions, especially since the instructions are usually made available to the parties
Chain of Custody
the primary reason for maintaining this on an item of evidence is to establish that the evidence has not been altered/changed. If evidence is subject to change over time or susceptible to alteration, the offering party might need to establish that the evidence hasn't been altered or changed from the time it was collected through its production in court. Can be an important factor in establishing authenticity. this is both a process & a document that memorializes (1) who has had possession of an object & (2) what they have done w/ it.
Property Flipping
the process by which an investor purchases a home and then resells it at a higher price shortly thereafter; not intrinsically illegal or fraudulent, but it becomes so when a property is purchased and resold within a short period of time at an artificially or unjustly inflated value, often as the result of a fraudulent appraisal. In a flipping scheme, the property is sold twice in rapid succession at a significant increase in value (also known as an ABC transaction, where the property moves from party A to party B to party C very quickly).
competitive intelligence
the process by which competitor data are assembled into relevant, accurate, and usable knowledge about competitors' positions, performance, capabilities, and intentions. Competitive intelligence is a legitimate business function that aligns with marketing and research and development (R&D), as well as general business strategy and the newer discipline of knowledge management. It helps businesses to anticipate competitors' R&D strategies and to determine their operating costs, pricing policies, financial strength, and capacity.
Competitive intelligence
the process by which competitor data are assembled into relevant, accurate, and usable knowledge about competitors' positions, performance, capabilities, and intentions. It is a legitimate business function that aligns with marketing and research and development (R&D), as well as general business strategy and the newer discipline of knowledge management. It helps businesses to anticipate competitors' R&D strategies and to determine their operating costs, pricing policies, financial strength, and capacity.
Logical Access
the process by which users are allowed to use computer systems and networks
Trade-Based Money Laundering
the process of disguising the proceeds of crime and moving value through the use of trade transactions in an attempt to legitimize their illicit origins; generally involve importers and exporters who collude to misrepresent the price, quantity, or quality of imported or exported goods or services. These schemes can be used to create artificial profits for the purpose of laundering money between countries; to create a complex paper trail; and to avoid taxes, customs duties, and capital controls.
Monitoring
the process that assesses the effectiveness of a control system over time. This component of the Committee of Sponsoring Organizations of the Treadway Commission's (COSO) Internal Control—Integrated Framework (the Framework) should include both ongoing evaluations and periodic, separate evaluations, the findings of which should be evaluated against predefined criteria.
the investigative stage
the public prosecutor, judge, or both (depending on the jurisdiction's process) collect documentary and tangible evidence regarding the case. The investigating party then decides whether there is sufficient evidence to submit the case for prosecution.
Cross-Examination
the questioning of one side's witness by the opposing side, and it is truly the highlight of the adversarial court system. Cross-examination, however, is uncommon in inquisitorial systems, although some civil law jurisdictions allow counsel for the parties to question witnesses in limited circumstances. Cross-examination is geared to allow opposing counsel or another questioning party either to clarify or to make points at the witness's expense. Questions during cross-examination might concern anything that might refute or embarrass the witness. During adversarial cross-examination, the witness's credibility will constantly be scrutinized. First, opposing counsel will seek to diminish the importance of the testimony presented by the witness. Second, opposing counsel will seek to have the witness testify in support of the opposing position by providing a series of assumptions. Third, opposing counsel will attack the witness's report or expert opinion (as applicable) to show the inadequacies, thereby discrediting the opinion, the report, and the witness. The opposing counsel can attack or question anything that has been said or entered into court. This includes notes, working papers, affidavits, reports, and preliminary trial or discovery transcripts. Often, cross-examination creates an atmosphere of confrontation and contradiction. Opposing counsel will generally not ask a question to which it does not already know the answer.
Exhibits in Common Law Systems
the tangible objects presented as evidence—are inadmissible unless they are relevant and established as authentic. Thus, to be admissible at trial, evidence, other than testimonial evidence, must be properly authenticated; that is, the party offering the item must produce some evidence to show it is, in fact, what the party says it is and to show it is in the same condition as when it was seized. If an exhibit can't be authenticated, it won't be admitted even if it's plainly relevant.
3rd Party Fraud
the unauthorized use of an insured's identity to obtain insurance benefits. The insured usually discovers the fraud when they receive a benefit statement containing medical services they did not receive.
False Imprisonment
the unlawful restraint by one person of the physical liberty of another without consent or legal justification. There are no precise rules as to when a false imprisonment occurs, but factors such as the length, nature, and manner of the interview might determine whether liability arises.
Synthetic identity theft
the use of entirely fabricated personal information or a combination of real and fabricated information to create a new identity.
Corruption
the wrongful use of influence to procure a benefit for the actor or another person, contrary to the duty or the rights of others. Corruption schemes include bribery, kickbacks, illegal gratuities, economic extortion, and collusion
single-family housing loan fraud scheme
unqualified borrowers misrepresent personal creditworthiness, overstate their ability to pay, and misrepresent characteristics of the housing unit to qualify for a loan. Such acts might include reporting inflated income, moving debt into a dependent's name, reporting inflated square footage of the collateral, or even bribing an appraiser to value the home at a higher amount than the market value.
single-family housing loan fraud scheme
unqualified borrowers misrepresent personal creditworthiness, overstate their ability to pay, and misrepresent characteristics of the housing unit.
Surveillance Operations
use observation to gather information about individuals suspected of misconduct.
Link Analysis
used by fraud examiners to create visual representations (e.g., charts with lines showing connections) of data from multiple data sources to track the movement of money; demonstrate complex networks; and discover communications, patterns, trends, and relationships.
Gap Testing
used to identify missing items in a sequence or series, such as missing checks or invoice numbers. It can also be used to find sequences where none are expected to exist (e.g., employee government identification numbers). In reviewing journal entries, gaps might signal possible hidden entries.
Duplicate Testing
used to identify transactions with duplicate values in specified fields. This technique can quickly review the file, or several files joined together, to highlight duplicate values of key fields. In many systems, the key fields should contain only unique values (no duplicate records).
Predictive analytics
uses historical data, along with analyses, statistics, and machine learning components, to build a mathematical model that captures important trends. This model is then used to process current data to create a quantitative prediction about future events or outcomes.
Pass-through Scheme
usually undertaken by employees in charge of purchasing on the victim company's behalf. Instead of buying merchandise directly from a vendor, the employee sets up a shell company and purchases the merchandise through that fictitious entity. They then resell the merchandise to their employer from the shell company at an inflated price, thereby making an unauthorized profit on the transaction.
Pass-through Schemes
usually undertaken by employees in charge of purchasing on the victim company's behalf. Instead of buying merchandise directly from a vendor, the employee sets up a shell company and purchases the merchandise through that fictitious entity. They then resell the merchandise to their employer from the shell company at an inflated price, thereby making an unauthorized profit on the transaction.
Property Flopping
variation on property flipping, but it generally involves a property subject to a short sale (meaning the owner sells the property at a lower value than the unpaid mortgage amount on the property). This variation is typically conducted by industry insiders or unscrupulous entrepreneurs rather than the homeowner; involves a rapid transfer of property with an unjustified, significant change in value (like the ABC transaction in flipping schemes), but instead of inflating the value on the second transaction, the value on the first transaction is deflated.
The role that internal audit plays in fraud investigations
varies by organization--may have primary responsibility for fraud investigations, may serve as a resource for the investigations, or may have no involvement at all in the investigations. internal auditors must apply the care and skill expected of a reasonably prudent and competent internal auditor. however, due professional care does not imply infallibility.
Vishing
voice phishing, is the act of leveraging Voice over Internet Protocol (VoIP) in using the telephone system to falsely claim to be a legitimate enterprise in an attempt to scam users (both consumers and businesses) into disclosing personal information or executing an act that furthers a scheme. Government and financial institutions, as well as online auctions and their payment services, can be targets of voice phishing. generally transmitted as an incoming recorded telephone message that uses a spoofed (fraudulent) caller ID matching the identity of a misrepresented organization. The message uses an urgent pretext to direct unsuspecting users to another telephone number. The victim is invited to input their personal information using their telephone keypad. The criminals capture the key tones and convert them back to numerical format.
The Deep Web
web content that is not indexed by standard search engines. There are a number of reasons why the deep web exists. For instance, there are websites where web crawling programs cannot enter. Web crawlers are scripts that create copies of visited web pages that are indexed by a search engine to provide faster searches. These deep web resources include websites without any links pointing to them, certain file formats that search engines cannot handle, websites that have been blocked from web crawler access, password-protected websites, and information stored in databases. Also, search engines limit the depth of their crawl on a website. Moreover, web crawlers cannot crawl as quickly as pages are added or updated.
Structuring
when a deposit or other transfer is made using a method that is specifically designed to avoid regulatory reporting requirements or an institution's internal controls. The most common type of illegal structuring scheme in the money laundering context occurs when the launderer breaks up the illicit money into smaller amounts and deposits it into bank accounts or purchases cashier's checks, traveler's checks, or money orders. This type of scheme is sometimes known as smurfing, especially in cases where the launderer uses runners (i.e., smurfs) to perform multiple transactions. A red flag of a structuring scheme is a customer who attempts to make many deposits just under the reporting threshold.
Clinical Lab Scheme
when a provider advises a patient that additional medical testing is needed to diagnose a problem when the testing is not actually required or advisable. The fee for the unnecessary work often is split with physicians. In some cases, physicians own the medical testing service. Additional medical testing, which is later viewed as excessive, is not always fraud. Many doctors have a genuine fear of retaliation from their patients; they are afraid of malpractice lawsuits that might result from a delayed or erroneous diagnosis.
Public disclosure of private facts
when one party makes public statements about another party's private life that are not of public concern. For instance, disclosing information obtained in an interview conducted as part of a fraud investigation to individuals not involved in the investigation might constitute public disclosure of private facts.
Deferred Prosecution Agreement
when prosecutors file criminal charges against a company, but then they agree not to prosecute the claims as long as the company successfully complies with the deferral agreement's terms. These requirements typically focus on getting the business to reform its policies and reduce the risk of illegal practices. Essentially, deferred prosecution agreements help companies avoid indictment, trial, and conviction while providing a jurisdiction's justice system with another channel for resolving a corporate case that punishes malfeasance and effectuates changes in a company's culture.
The commencement of a civil action begins:
when the plaintiff files a pleading with the appropriate court, usually in the jurisdiction in which the defendant resides or where the claim arose. The pleading sets out the complaint against the defendant and the remedy that the plaintiff is seeking. Depending on the practice and procedure of the court in which the action is commenced, such a document may be called a writ of summons, a statement of claim, a complaint, a declaration, a petition, or an application.