Financial Transactions and Fraud Schemes 2
Julia runs a printing company and has an antique printing press that she uses in her business. She purchased the press ten years ago for $5,000. Similar presses are selling on the market today for about $8,000. Julia mentioned she's thinking about retiring and her friend offered to give Julia $9,000 for the press. According to U.S. GAAP, how much should the printing press be listed for on Julia's books? A. $8,000 B. $5,000 C. $3,000 D. $9,000
$5,000 Although some exceptions exist, under U.S. GAAP, historical cost is generally the proper basis for the recording of assets, expenses, equities, etc. For example, a piece of operational machinery should be shown on the balance sheet at initial acquisition cost (historical cost) and not at current market value or an estimated replacement value. Some companies might try to fraudulently inflate their assets by marking them up to market value. While some might argue market value offers a more fair presentation, historical cost remains the generally accepted accounting principle. In this example, Julia should list the printing press on her balance sheet for the amount she originally purchased it for—$5,000. See pages 1.116 in the Fraud Examiner's Manual
Brittany, a cash register teller, signed onto her register, rang a "no sale" transaction to open the drawer, and then removed a large sum of money. Which of the following schemes has taken place? A. A skimming scheme B. A register disbursement scheme C. A cash larceny scheme D. None of the above
A cash larceny scheme The most straightforward cash larceny scheme is one in which the perpetrator just opens the register and removes currency. This might be done as a sale is being conducted to make the theft appear to be part of the transaction, or perhaps when no one is around to notice the perpetrator digging into the cash drawer. For instance, a teller could simply sign onto a register, ring a "no sale," and take currency from the drawer. This scheme is not a register disbursement scheme because register disbursement schemes involve a fraudulent transaction that justifies the removal of cash from the register, such as a false return or a voided sale. Brittany did not make any entry that would account for the missing money. In addition, the scheme is not a skimming scheme because the money in the register was already a part of the company's accounting system. There was no indication that the cash was part of an unrecorded or understated sale. See pages 1.321, 1.323, 1.401 in the Fraud Examiner's Manual
Which of the following situations is often present in real estate fraud schemes? A. The services of an arms-length legal representative B. A false appraisal report C. No expert assistance at closing D. All of the above
A false appraisal report Real estate transactions assume a willing buyer and a willing seller. Fraud can occur when the transaction breaks down or the expert assistance is not at arm's length. Many real estate fraud schemes have a false appraisal report as a condition precedent. See pages 1.817 in the Fraud Examiner's Manual
Which of the following best illustrates the use of technical surveillance for purposes of corporate espionage? A. A spy impersonates a help desk representative to obtain an employee's network password. B. A spy creates a deceptive website to trick employees into entering confidential information. C. A spy uses a phony employee badge to enter an office and take a sensitive document. D. A spy hacks into a target computer and monitors an employee's communications.
A spy hacks into a target computer and monitors an employee's communications. Technical surveillance is the practice of covertly acquiring audio, visual, or other types of data from targets through the use of technical devices, procedures, and techniques. When corporate spies resort to the use of technical surveillance, it is usually to gather nondocumentary evidence, or information that cannot be found through open sources. Corporate spies might employ various forms of technological surveillance, such as aerial photography, bugging and wiretapping, video surveillance, photographic cameras, mobile phones, monitoring computer emanations, and computer system penetrations. See pages 1.729-1.735 in the Fraud Examiner's Manual
The type of fraud that targets groups of people who have some social connection, such as neighborhoods of racial minorities or immigrant groups, is known as: A. Reloading B. Consolation C. Affinity fraud D. None of the above
Affinity fraud Affinity fraud targets groups of individuals who have some social connection. Neighborhoods chiefly populated by racial minorities, especially immigrant groups, are often the site of affinity frauds. Religious and professional ties are often exploited. See pages 1.1211 in the Fraud Examiner's Manual
Which of the following statements is TRUE with regard to detecting a cash larceny scheme? A. Someone other than the accounts receivable clerk should prepare the bank deposit B. If an employee who handles cash goes on vacation, another employee should take over his duties INCORRECT C. Reconciling the cash register total to the amount of cash in the drawer is helpful in detecting a cash larceny scheme D. All of the above
All of the above Mandatory vacations are an excellent method of detecting cash fraud. If mandatory vacations are within the company's policies, it is important that during the employee's absence, that employee's normal workload be performed by another individual. The purpose of mandatory vacations is lost if the work is allowed to remain undone during the employee's time off. In contrast to skimming schemes, the register records should NOT match up with the cash in the drawer when a cash larceny scheme has occurred. For this reason, cash larceny schemes are much easier to detect than skimming schemes—they leave an audit trail. To detect a cash larceny scheme, one recommended practice is to perform independent reconciliations of the register totals to the amount of cash in the drawer. The bank deposit should be made by someone other than the cashier or the accounts receivable clerk. A person independent of the cash receipts and accounts receivable functions should compare entries to the cash receipts journal with: Authenticated bank deposit slips Deposit per the bank statements See pages 1.329-1.330, 1.332-1.333 in the Fraud Examiner's Manual
Which of the following scenarios is an example of a conflict of interest? A. An employee is related to a party that works for one of his company's vendors and informs his employer of the relationship. B. An employee for a phone installation company works as a fishing guide on weekends, but he does not tell the phone company about his other job. C. An employee has an undisclosed personal relationship with a company that does business with his employer. D. An employee for a pharmaceutical company has an economic interest in a company that does business with his employer and discloses it to his employer.
An employee has an undisclosed personal relationship with a company that does business with his employer. A conflict of interest occurs when an employee or agent—someone who is authorized to act on behalf of a principal—has an undisclosed personal or economic interest in a matter that could influence his professional role. Thus, an employee with an undisclosed personal relationship with a company that does business with his employer is engaged in a conflict of interest. An employee who has an undisclosed side job would not be engaged in a conflict of interest provided that the job is in a different industry, does not create a time conflict, and does not create any personal or economic interest that could influence his ability to act in his primary employer's best interest. Most conflicts of interest occur because the fraudster has an undisclosed economic interest in a transaction, but a conflict can exist when the fraudster's hidden interest is not economic. In some scenarios, an employee acts in a manner detrimental to his company to provide a benefit to a friend or relative, even though the fraudster receives no financial benefit. Conflicts of interest do not necessarily constitute legal violations, as long as they are properly disclosed. Thus, to be classified as a conflict of interest scheme, the employee's interest in the transaction must be undisclosed. The crux of a conflict case is that the fraudster takes advantage of his employer; the victim organization is unaware that its employee has divided loyalties. If an employer knows of the employee's interest in a business deal or negotiation, there can be no conflict of interest, no matter how favorable the arrangement is for the employee. See pages 1.627-1.629 in the Fraud Examiner's Manual
If an employee intercepts a company check intended for a third party and converts that check for his own benefit, he has committed: A. Check tampering B. Billing fraud C. Skimming D. Economic extortion
Check tampering Check tampering is a type of fraudulent disbursement scheme in which an employee either (1) prepares a fraudulent check for his own benefit or (2) intercepts a check intended for a third party and converts the check for his own benefit. See pages 1.410 in the Fraud Examiner's Manual
All of the following are common methods that fraud examiners can use to uncover an employee who has an undisclosed financial interest with an outside vendor EXCEPT: A. Review tips and complaints from employees or vendors. B. Compare customer account balances to billing files. C. Compare vendor addresses with employee addresses. D. Review exit interviews.
Compare customer account balances to billing files. Conflicts of interest are probably one of the most difficult schemes to uncover. Therefore, there are no fast and easy detection methods for this type of fraud. Some of the more common methods by which conflicts are identified include tips and complaints, comparisons of vendor addresses with employee addresses, review of vendor ownership files, review of exit interviews, comparisons of vendor addresses to addresses of subsequent employers, policies requiring certain employees to provide the names and employers of immediate family members, and interviews with purchasing personnel regarding favorable treatment of one or more vendors. See pages 1.636 in the Fraud Examiner's Manual
Generally, if the dollar amount of an embezzlement scheme at a financial institution is small enough such that the targeted entity's financial statements will not be materially affected, the scheme can be most effectively detected through which of the following methods? A. Reviewing all disbursements below the approval limit B. Conducting a financial statement analysis C. Educating employees who are responsible for handling currency D. Conducting a review of source documents
Conducting a review of source documents There are several methods by which embezzlement can be detected. Generally, if the dollar amount of an embezzlement scheme is small enough such that the targeted entity's financial statements will not be materially affected, embezzlement fraud can be most effectively detected through the review of source documents (e.g., receipts, deposit slips). There can be many types of clues in the source documents, and the particular situation will often determine what the fraud examiner needs to look for. The following are common red flags in source documents that might indicate that embezzlement has occurred: Missing source documents Payees on source documents (e.g., checks) do not match entries in the general ledger Receipts or invoices lack professional quality Duplicate payment documents for different transactions Payee identification information that matches an employee's information or that of his relatives Apparent signs of alteration to source documents Lack of original source documents (photocopies only) If the scheme is so large that the financial statements of the institution are affected, then a review of the source documents will serve to confirm or refute an allegation that an embezzlement scheme has occurred or is occurring. Generally, for large embezzlements, the most efficient method of detection is an analysis of the financial statements. See pages 1.804 in the Fraud Examiner's Manual
Which of the following statements is TRUE with regard to factoring companies? A. Factoring groups buy credit card receipts from telemarketing operations at a discount. B. Factoring companies approach banks on a telemarketer's behalf in order to secure credit card processing services. C. Factoring is illegal in all jurisdictions. D. Factoring companies in Asian and European countries tend to charge more for their services than factoring companies in other countries.
Factoring groups buy credit card receipts from telemarketing operations at a discount. Telemarketing operations commonly engage factoring companies. These groups buy credit card receipts from telemarketing operations at a discount, and then use their merchant bank accounts to convert the receipts into cash. Some factors charge as much as 30 percent of the receipts' gross value to launder the slips. Factoring is illegal in some jurisdictions, though perpetrators find loopholes or ways to disguise their alliances. Factoring through Asian and European merchants is becoming increasingly common. Factoring companies in these countries tend to charge a lower price for their services than some other countries—between nine and ten percent of the gross. See pages 1.1209 in the Fraud Examiner's Manual
To conduct an electronic payment using a person-to-person (P2P) system, the two individuals must meet in person at a financial institution to sign an order requesting the transfer of money from one person's account to the other. A. True B. False
False False CORRECT Individuals can pay each other for goods or services electronically, which is known as the person-to-person, or P2P, system. Many credit cards and banks have started offering the service to their customers. P2P payments are made using a computer, smartphone application, or email address. See pages 1.934 in the Fraud Examiner's Manual
Password cracking is a method attackers use to gain unauthorized access to a computer system by bypassing password security through the use of undocumented system functions. A. True B. False
False Password cracking is an automated process by which an attacker attempts to guess a system user's most likely passwords. See pages 1.1306 in the Fraud Examiner's Manual
One method competitive intelligence professionals commonly use to gather data about a competitor involves posing as a job applicant and interviewing with key employees at the competing company. This practice is best described as conducting surveillance. A. True B. False
False Intelligence professionals might gather data through human intelligence (i.e., through direct contact with people). Generally, human intelligence is gathered from subject matter experts and informed individuals. Such efforts typically target individuals who can provide the most valuable information. For example, an intelligence professional might gather intelligence by posing as a customer of the target entity. This approach exploits two weaknesses of corporate culture: (1) all salespeople want to make a sale and (2) many salespeople will do almost anything to make a sale. Other approaches include: Employment interviews (real and fake) False licensing negotiations False acquisition or merger negotiations Hiring an employee away from a target entity Planting an agent in a target organization Social engineering See pages 1.707-1.708 in the Fraud Examiner's Manual
Which of the following is most indicative that the winning bid on an original construction project was not feasible? A. Missing documentation B. Increasing trend in the number of change orders C. High turnover in developer's personnel D. Draw requests
Increasing trend in the number of change orders An increasing trend in the number of change orders or amounts on change orders might be an indication that construction changes have taken place that would alter the originally planned project to such an extent as to render the underwriting inappropriate. Alternatively, some projects—especially large projects—tend to have many change orders. It might be more abnormal in situations like these to have few change orders or none at all than to have many. For instance, a lack of change orders for a large project might suggest that progress is not actually being made. Ultimately, the key characteristic that the fraud examiner should look for in change orders is abnormality, which can come in many forms. Fraud examiners should discover what the normal trend for change orders is in terms of both quantity and content with the particular type of industry and project, and then they can look for deviations from those trends. See pages 1.812 in the Fraud Examiner's Manual
The majority of check fraud is committed by which of the following? A. Large corporations B. Organized crime rings C. Individuals D. Financial institutions
Organized crime rings Most major financial institutions attribute more than 50 percent of all check fraud to organized crime rings. While organized crime syndicates are most commonly associated with drug trafficking and violent crimes, they are also significant purveyors of check and credit card fraud. Check fraud is considered a relatively low-risk crime; the chances of being arrested and prosecuted are low, and the penalties are relatively mild. See pages 1.907 in the Fraud Examiner's Manual
Which of the following statements about the methods used to make corrupt payments in bribery and corruption schemes is INCORRECT? A. Payers often make corrupt payments by buying assets from recipients and allowing the recipients to retain title or use of the items. B. Payers often make corrupt payments by making outright payments falsely described as innocent loans. C. Payers often make corrupt payments by using their credit cards to pay recipients' transportation, vacation, and entertainment expenses. D. Payers often make corrupt payments by selling property to recipients at prices higher than the property's market value.
Payers often make corrupt payments by selling property to recipients at prices higher than the property's market value. Corrupt payments often take the form of loans. Three types of loans often turn up in fraud cases: An outright payment that is falsely described as an innocent loan A legitimate loan in which a third party—the corrupt payer—makes or guarantees the loan's payments A legitimate loan made on favorable terms (e.g., an interest-free loan) A corrupt payment can be in the form of credit card use or payments toward a party's credit card debt. The payer might use a credit card to pay a recipient's transportation, vacation, or entertainment expenses, or the payer might pay off a recipient's credit card debt. In some instances, the recipient might carry and use the corrupt payer's credit card. Corrupt payments also might come in the form of promises of favorable treatment. In addition, corrupt payments might occur in the form of transfers for a value other than fair market. In such transfers, the corrupt payer might sell or lease property to the recipient at a price that is less than its market value, or the payer might agree to buy or rent property from the recipient at inflated prices. The recipient might also "sell" an asset to the payer but retain the title or use of the property. See pages 1.610 in the Fraud Examiner's Manual
There are two methods for recognizing revenue on long-term construction contracts. Which of the following is one of those methods? A. Partial-contract method B. Cost-to-completion method C. Percentage-of-completion method D. Contract-valuation method
Percentage-of-completion method Long-term contracts can cause special problems for revenue recognition. In many countries, for example, revenues and expenses from long-term construction contracts can be recorded using either the completed-contract method or the percentage-of-completion method, depending on the circumstances. The completed contract method does not record revenue until the project is 100 percent complete. The percentage-of-completion method, on the other hand, recognizes revenues and expenses as measurable progress on a project is made. This method is particularly vulnerable to manipulation because managers can falsify the percentage of completion and the estimated costs to complete a construction project in order to recognize revenues prematurely and conceal contract overruns See pages 1.220 in the Fraud Examiner's Manual
Why is the health care industry concerned about the potential effect of the Electronic Data Interchange (EDI) on fraudulent activity? A. The efficiency of EDI allows for more vendors and thus more claims to process B. Only a few types of health care transactions can be processed by EDI C. The tools required to detect EDI fraud are difficult to use D. All of the above
The efficiency of EDI allows for more vendors and thus more claims to process The reasons the health care industry is concerned about EDI's potential to stimulate fraudulent activity include: There is a lack of tools to detect EDI fraud. The variety of health care services increases the potential for dissimilar frauds. The efficiency of EDI allows for more vendors and thus more claims to account for. The swiftness in which transactions take place allows less time to uncover fraud. See pages 1.1162 in the Fraud Examiner's Manual
Which of the following is the most accurate description of logical access control? A. The process by which computer systems' contents are encrypted B. The process by which users can bypass application security over the software and libraries C. The process by which users are allowed to access and use physical objects D. The process by which users are allowed to use computer systems and networks
The process by which users are allowed to use computer systems and networks Logical access refers to the process by which users are allowed to use computer systems and networks, and logical access control refers to a process by which users are identified and granted certain privileges to information, systems, or resources. These controls are designed to protect the confidentiality, integrity, and availability of informational resources. Logical access controls can be used to verify a person's identity and privileges before granting the person logical access to information or other online resources. See pages 1.1349 in the Fraud Examiner's Manual
To help promote employee awareness of sensitive information, company data should be classified into different security levels based on value and sensitivity. A. True B. False
True According to the CERT Insider Threat Center, organizations should implement a data classification policy that establishes what protections must be afforded to data of different value and sensitivity levels. Data classification allows organizations to follow a structured approach for establishing appropriate controls for different data categories. Moreover, establishing a data classification policy will help employee awareness. In short, classifying an organization's data involves: (1) organizing the entity's data into different security levels based on the data's value and sensitivity and (2) assigning each level of classification different rules for viewing, editing, and sharing the data. See pages 1.739, 1.751 in the Fraud Examiner's Manual
Solicitations for pre-approved credit cards should be shredded before being discarded in the trash. A. True B. False
True Most people do not destroy their personal financial data; they simply throw it away with the rest of their trash. Solicitations for pre-approved credit cards are some of the most valuable pieces of trash that an identity thief can steal. Additionally, dumpster diving, as it is more popularly known as, can yield checks, credit card and bank statements, or other records that bear a person's name, address, and telephone number. In addition to targeting an individual's trash, dumpster divers target the trash at banks, insurance companies, hospitals, and other businesses—locations that an individual has no control over. See pages 1.1254-1.1255 in the Fraud Examiner's Manual
Not every company that runs its business using a pyramid structure is operating an illegal pyramid scheme. A. True B. False
True Not all organizations with a pyramid structure are engaging in illegal activity. Some legitimate merchandising companies use a pyramid structure to rank their employee-owners and to determine those people's compensation. A pyramid structure becomes an illegal pyramid scheme when the recruitment of new members takes precedence over the product or service that the company is ostensibly promoting. The more members that are recruited, the higher the investor is purported to rise in the ranks of the enterprise, and the more money the investor is supposed to make. See pages 1.1238 in the Fraud Examiner's Manual