BP Exam 3

Fixed assets

Long-term assets such as property, plant, and equipment - stuff that you yourself are using - if something is taken out of service and you are going to ditch it for some cash on creg's list thats not PPE

Purchase order

formalization of the purchase requisition - a written order by a buyer for merchandise from the purchase requisition - 1 PO for all 7 PRs - sent to vendor and then stuff shows up

Non-accomplice vendor schemes

fraudulent disbursement billing scheme that uses a legit vendor's invoice somehow but they're not in on it - "accidentally" pay for the bill twice and ask for a refund then intercept refund - remittance advice sent in envelope, someone goes home and makes an identical copy with a diff mailing address nobody will notice - prob won't get caught if not too greedy and account doesn't have a lot going on * controls aren't equipped to handle non-routine transactions *

Process of doing regression on a Text Editor File (thru Excel)

- Text editor file - move to excel - do some cleaning - put delimiters in - get rid of Nulls/clean it up - do analysis with regression tool (under data analysis) to see if theres a correlation - ex: SAT avg and completion rate

Things auditors should look out for

- budget to actual and year to year get out of wack when you have a scheme going on - turnaround time on invoice→ faster payment is likely a scam bc they want to get it in and out and not sitting around for a while - old school = follow the money - crappy looking documents - search for unrecorded liabilities (companies do this to make their income seem higher)

Purchase system

- inventory control department determines if we need something - prepare purchase requisition (one for each item) - formalize in one PO - valid vendor file as a control (sep of duties- people who add to file can't approve purchases) - receiving/inspection- physical supervision, receiving report - A/P (3 way match) - cash disbursements

Goals of the Expenditure Cycle

- pay for stuff ordered and showing up - get the best price on what we are buying - high quality goods - manage discounts and take advantage of 2/10 or net/30 discounts (then hold onto money until as late as you can)

Expenditure cycle

- physical phase: realize you need something (whether its human with clipboard, technology, or someone on computer), then go ahead and order it - financial phase cycle that includes buying the material and inventory; TIME LAGS create exposure areas to manage! - auditors always look for unrecorded liabilities

Visualization biases

- pointing the user to look at a certain thing - graphs must be an accurate representation- if it looks like its 3x bigger when the number diff isn't that big its misleading - use color properly (don't use red for a positive outcome)

Tasks computer performs automatically

- simultaneously updating the journals, ledgers, unadjusted trial balance, and subs - manage open order file - scan vouchers with upcoming due dates (VLookup) - print checks and have them manually signed

Visualization packages (2)

1. Tableau- easier to use, cheaper, diff packages, 80-85% 2. Microsoft BI (business intelligence)- trickier to use, costs more, able to do more, 10-20%

2 big questions when not wanting to get caught in schemes

1. are the books going to balance- don't want it to be noticed in a check reconciliation 2. is someone waiting for payment- if they don't get it they are going to call and ask for money

5 main controls

1. authorization 2. segregation of functions 3. supervision 4. access controls 5. verification

Levels of automation (4)

1. computer pops out tentative requisitions/PR (program identifies current level, pre-determined desired level, and anything that drops below it is popped out in a list & a person examines it) 2. computer generates PO automatically then someone reviews (no PR needed) 3. computer generated PO sent without manual review 4. EDI (electronic data interchange- computer to computer communication with no PO)

3 versions of Tableau

1. enterprise version (expensive for huge projects) 2. desktop version (for individuals, costs money but you get all the functions) 3. public version (little watered down, can't save locally- online repository)

Difference between fixed assets & expenditures

1. fixed assets are non-routine transactions (easier to get messed up bc not dealt with a lot) 2. wider group of users (adds riskiness bc departments that don't usually order things are involved) 3. more robust authorization (bc big ticket items) 4. unique bc judgements that need to be made about PPE (depreciation, useful life, expense, disposal)

Best schemes (least likely to be caught)

1. keep books in balance 2. don't mess with a check of someone waiting for their money

Expenditure cycle risks

1. unauthorized inventory purchase 2. receiving incorrect items, quantities or damaged goods 3. inaccurately recording transactions 4. misappropriation of cash and inventory 5. unauthorized access

Expenditure cycle risks & controls

1. unauthorized inventory purchases→ transaction authorization, automated purchase approval 2. receiving incorrect items, quantities or damaged goods→ independent verification, supervision, scanner tech 3. inaccurately recording transactions→ authorization, verification, input data edits, error messages, automated postings 4. misappropriation of cash/inv→ supervision, verification, sep of duties, automated 3 way match 5. unauthorized access→ access controls, seg of duties

When you buy something, you need to decide for GAAP:

1. whether you want to capitalize it or expense it 2. think about the periods it is going to benefit

2 differences that make the public version of tableau

1. you can't save locally- online repository 2. can only import from Excel and Access (hack: turn other programs like quickbooks into Excel then use)

Journal entry for selling goods (perpetual)

2 entries!! → debit Cash/A/R, credit sales rev (account for sale) → Debit COGS, credit inventory (adjust inventory bc continuous)

Dashboard

2 or more visualizations on the screen

Multi-copied PO order

4-6 copies of PO go to every place in a manual system - one copy is a blind copy that goes to receiving (leaves off quantity)

IMPACT Model

6 step framework that is how all problems in the book are addressed 1. identify questions 2. master the data 3. perform the test plan 4. address and refine results (first test does not normally answer question) 5. communicate insights to people who can make changes 6. track outcomes

Journal entry for buying goods (perpetual)

Debit inventory, credit A/P or cash

What is the role of the auditor in the capital markets?*

Give an opinion on the fair presentation of the financial statements for external users

inventory subsidiary ledger

ledger with inventory records updated from the stock release copy by the inventory control system

Forged maker scheme

a check tampering scheme where someone signs a check to make it legit even though they aren't the authorized check signer - one person makes the check and records but as checks print out theres not a signature on it bc waiting for authorized signature but → fraudster uses stamp or fraudulently makes signature

Purchase requisition

a document that communicates needs between the user and supply management - okay I think we kinda need this - one for each item (if we need 7 things, 7 PRs)

Perpetual inventory system

a system that maintains a continuous record of inventory so that it always shows the current amount of stock on hand - constant running totals - buy stuff→ debit inventory - sell stuff→ 2 journal entries: one for the sale (debit cash/AR, credit sales rev) and one to adjust inventory (debit COGS, credit inv)

Details of a convincing (fake) invoice

address, phone number, website, email, possibly social media sites - pre-numbering - services that can't be recreated are good- receiving report with something physical to evaluate is not good - consecutive invoice numbers from the same vendor looks fake - repeatedly being billed the same amount for diff items is weird (okay if repeated charge) - payroll does NOT have an invoice number

Search for unrecorded liabilities

auditor should always look at this because companies have an incentive to not record liabilities at the end of the period bc it makes income higher - "forgetting" to debit expense and credit A/P

Internal auditors

auditors employed by a company to audit for the company's board of directors and management - technically not independent but still objective (they cannot do any journal entries so have external audit come in)- they do monitoring - design and document actual processes within the company— if there is a problem, something not working, a bunch of errors, investigating fraud, it is them— internal consulting firm → know the processes, monitoring and doing COSO framework - ppl work here after the big 4 because steady office enviro, can move up in the ranks

Test data

based on the classes you have built, you put a few people into the classes, and test it out (input to test the program) - keep revising until its correct

External auditors

big 4, gather evidence and check for accuracy - best experience and training to start

Forged endorsement scheme

check tampering scheme that works with a check that is properly prepared in recording but is faking that you are the person it is made out to - not as hard as one would think - banks are lazy and don't id or accept a crappy one - use stencil to copy signature with light source and convert the check

Concealed check scheme

check tampering scheme where the person makes a check they shouldn't, sticks it in the middle of the batch of checks to be signed, and hopes the signer doesn't notice and just signs it - crude and old school yet it works so well - bring checks late on a Friday when person wants to go home so they rush

Altered payee scheme

check tampering scheme where you erase or "wash" the payee and put in whoever you want - or make shell company with same beginning name and a couple letters added on and just add them - cheap ink is harder to alter

Integrated system

computer network operation going on - lightening bolt= real-time connections - benefit= speeds up transaction- not waiting on someone to print of pieces of paper and walk them over there- happens automatically; get thing over there faster, can bill faster; speeds up cash flow cycle- get your money quicker

Supervision

control - physical supervision in open areas- cameras, monitoring - computers- electronic monitoring (analytics and management reports show patterns and what employees were in on it- how quickly something was paid, fast is sketch bc they don't want it seen)

Verification

control that checks things balance - 3 way match (order agrees with payment agrees with what was received) - physical verification is lost a little with automation but shifts to computer programs and reports

Access controls

control that restricts unauthorized individuals - passwords - physical access controls- don't have people walking around warehouse if its a small, expensive item

Segregation of functions

control- separates ARC (authorization, recording, custody) - sep A/P (recording) and cash disbursements (custody) - who can add vendors to valid vendor file - warehouse does not do official inventory document, its inventory control

Story

cool thing on Tableau where you can turn it into a powerpoint- looks just like a slideshow except you can embed your stuff into it

Pruning

cutting off a branch of a decision tree if it gets too big and outrageous

Training data

data you are picking out to manually put in groups to build the classes - used to train a predictive model

Repairing fixed assets

does NOT add any additional benefit so it is expensed because its a period cost - ex: delivery van gets an oil change, van doesn't do anything different

Expense reimbursement scheme

employee out on the road personally occurring business expenses- submit documentation for reimbursement - either made up or asking for things that aren't business (mischaracterized expenses) - sadly expected, tough to catch

Unsupervised approch

exploratory exercises looking for potential patterns- might not even be one there - may turn into supervised by finding the promising variables and then you run regression - clustering, co-occurence grouping, profiling, data reduction - ex: find things that influence performance in this class, exploring all kinds of variables (front or back, left or right side, shoes or flip flops, in or out of state)

Tableau

fast and easy way to create data visualizations and publish them to the web for free 1. makes visualizations and cool pictures 2. business intelligence software to drill down into data

Shell company scheme

fraudulent disbursement billing scheme where a fake company is created and bills a real company for goods or services it does not receive - sometimes done for tax purposes, to launder money - you only need a bank account to make a shell company - need invoices to look real - crappy looking documents will get you busted - subcategory= pass thru scheme

Personal purchase scheme

fraudulent disbursement billing scheme where personal items are paid for with company money * theft is in the purchasing, not the taking * 1. company buys things they think they need when they really don't 2. sticking a personal bill in the stack of things to be paid - avoid by not letting employees pick up orders & by authorizing purchases (look at receipts, what was bought- sit and reconcile account and approve purchases) - company cc is biggest offender→ unique card for each person, spending limit, authorize and check receipts

Check tampering

fraudulent disbursement scheme that has to do with messing with a check 1. from scratch- fraudulently prepare a check for your own benefit 2. intercept a legit check and alter it - not the most occurrences but highest median loss bc do it once for a large amount of money

Dependent variable

function of the independent variable

Decision tree

graph that documents the process that puts people into classes - are they old or young? then take young and say if they seem highschools, young broke and fab, or like the young working type? then go one further

Managing inventory in real life vs. on the books

how you manage inventory day-to-day does NOT dictate what you have to do for financial accounting - Walmart uses periodic for statements, but for day-to-day they use technology updating automatically (perpetual)

Capitalizing an asset

if a fixed asset is going to provide benefit and help generate revenue and current and future years, then you capitalize it - if useful life is added or increased productivity - exception: immaterial (irrelevant bc so cheap)

Expensing an asset

if an item is only going to provide benefit in the current period, it is expensed - also expensed if it is

3 way match

key control in A/P - compare PO, receiving report, and invoice to make sure they all agree before recording the liability → debit inventory control/purchases, credit A/P

Cash disbursements

last step in purchasing - A/P tells them to pay the bill with a voucher - controls before check is cut - sometimes its already pre-signed but an extra layer of control is printing an unsigned check and sending to someone else to verify and sign - record in cash disbursement journal and return paid voucher to A/P, mail check to supplier, and send voucher to GL - debit A/P, credit cash

Voucher

little half piece of paper like a post-it note from person who updated the A/R sub to tell the person in charge of control account to update that to make it agree - when theres a sep A/P and cash disbursement dept - heavy thinking done in A/P and then they just tell cash disbursements when to cut the check (pay the bill) - sometimes sent with 3 way match - obsolete with computerized system bc updates automatically

TXT editor

many data files are in this format - code writing also, can be turned into Excel→ use delimiters to separate into columns

Decision boundaries

marks the split between one class and another on a decision tree

Receiving report

multi-copied form we make used by the receiving personnel to indicate that materials have been received and inspected - receiving control - one copy goes to A/P, one filed locally, one goes with the goods to actual stores, and inventory controls logs the shipment with this

Creating a shell company

need a bank account (easy- get tax id number from IRS website and bank open account for you) - hardcore: the fraudster creates a real entity LLC so it shows as a registered company- all you need is to pay few hundred bucks and a physical address (UPS boxes so it doesn't tie back to you) - registered agent for the entity uses spouse name with maiden name or married name if its an ex - just need real looking documents and invoices

Inventory control

official record of the inventory kept by inventory control dept due to separation of duties - determines if we need something- beginning of purchasing system - warehouse keeps track of records separately bc they cannot keep official records because they have custody - uses receiving report to log the shipment

Underfitting

one crude, straight line that does not break up the plotted points well enough

Blind copy

one of the PO copies leaves off the quantity so the people in receiving aren't lazy and actually count the goods

Visualization

one stand alone picture

Authorization

permission control - authorization over purchasing department since we don't want purchasing agent to go crazy- agent does not have final selection of order and vendor selection bc it would lead to kickbacks and bribes - authorization before cash disbursement cuts the check - inputting a vendor that is on the valid vendor file is technically authorization (built into automation) - automating inventory in EDI and JIT

Endorser

person that signs the back of a check (also the payee) - schemes are much easier when you control who the payee is (accomplice or shell company) - the signature (called an endorsement) indicates that the payee has received the check

Converting a check

person who signs the back and actually makes the deposit

Most important control for expense reimbursement*

policy manual outlining exactly what is and what is not reimbursable and the exact documentation required to be reimbursed - original copies (numbers can't be changed) - detailed receipts (saying who got what at a dinner, Uber corporate account showing every detail of the ride) - turned in in a timely manner - authorization - don't accept credit card receipt bc it can be bought then returned - copy of check isn't good either bc you don't know if it was actually cashed by the payee

Valid vendor file

provides an important control by listing only approved vendors - person who adds vendors to this file only does this bc separation of duties!!! people who approve purchases cannot add people to this file bc then they can add their shell companies and it would be a problem - authorization control

Time lag

really big deal in the expenditure cycle!! - exposure area that must be managed - short time lag between ordering and item being delivered - large time lag before we pay stuff

Automation re-engineering

rethinking/restructuring the process to make it a little better

Support vector machine

statistical computer program that does the math and takes all the dots and plots the distance between the hypothetical lines to make the perfect line - fits the line

Pass through scheme

subcategory of a shell company scheme where you sell a good to another company for more & scrape off extra money - buy for 2, sell for 3, keep the 1 - competitive bidding prices and price comparisons are done to avoid these

Link prediction

supervised approach (uses a model to predict an outcome) - data analytic technique that is used to predict connections between data items, usually by suggesting a link and possibly estimating the strength of the link - ex: Facebook suggested friends, you have 7 mutual friends

Similarity matching

supervised approach (uses a model to predict an outcome) - data analytic technique that looks at previous patterns of behavior to compare to current ones and sees similar patterns to see if they are being scammed - ex: laptop guy

Regression

supervised approach (uses a model to predict an outcome) - independent variable → dependent variable, telling if line/model is good based off of correlation

Classification

supervised approach (uses a model to predict an outcome) - uses objective target marketing and tries to take a population/group and put them into smaller groups called classes - Macy's social media posts project- try to put people into groups and target diff items they think they would buy

Periodic inventory system

system that only updates the accounting records for merchandise transactions at the end of a period - one entry at end of the period - put stuff into purchases when you buy stuff (document in purchases journal) - at the end of the period: do a count on inventory on hand, close out purchases, and chop it into EI and COGS

Maker of a check

the person who signs a check

Fraudulent disbursements

tricking the company into paying something they think is legitimate; goes thru all normal procedures - number one scheme 1. billing schemes (shell company, non-accomplice vendor, personal purchase scheme) 2. check tampering 3. expense reimbursement scheme

Data reduction

unsupervised approach (looks for potential patterns) - chops down a large data set into a smaller one because it is more focused on what you need - think payments look weird, so you limit it down and only look at ones that have even dollar amounts- looking for pattern

Co-occurence grouping

unsupervised approach (looks for potential patterns) - if you like this, you might like this - exploring

Profiling

unsupervised approach (looks for potential patterns) - plot, identify outliers, many standard deviations away- something is out of wack - ex: profile of store sales doesn't match what it needs to be, job order costing- profile the materials that should be requisitioned, if there is someone taking more - benford's law

Clustering

unsupervised approach (looks for potential patterns) - similar to classification but uses math to organize groups/classes that may indicate a pattern - can turn into a supervised approach by predicting which current customers would fall into which class

Visualizations

used for steps 5-6 of IMPACT model - need to communicate insights to the people who can make changes (people who run analysis likely aren't ones making the change) & track outcomes - consider the audience for effective communication - stacked bar chart - tree maps and heat maps (look similar but not interchangeable) - word clouds (size words based on # times it appears)

Supervised approach

using a model to predict an outcome - regression, classification, similarity matching, link prediction

Target

variable you are looking at - ex: if you had the whole population of sales transactions and were looking at the ones that are possibly fraudulent, those are the target

Open order file

when a transaction has started but it's not done yet, copy of open documents go into this file - because of the time lag - Helps company keep track of in process transactions - open when you purchase, close when you actually pay for the thing

Depreciating an asset

when an asset is in service over multiple years, you depreciate it - depreciation has nothing to do with the condition or fair value of an asset, its to allocate the expense since it provides benefit over years

Controls under receiving

when the goods show up, after the purchase order → controls= physical supervision, blind copy so they have to count all the stuff that came in

Overfitting

when you go crazy drawing the line of the plotted points

Class

when you manually put things into groups

Payee

who the check is made out to

Validating the data

write down a check figure to make sure your data is still accurate after cleansing