business ethics, fraud and fraud detection
TRANSCRIPT
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
1/44
BUSINESS ETHICS,FRAUD AND FRAUD
DETECTIONCHAPTER 12
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
2/44
ETHICAL ISSUES INBUSINESS
Ethical standards are derived fromsocietal mores and deep-rootedpersonal beliefs about issues of rightand wrong that are not universallyagreed upon
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
3/44
Ethics pertains to the principles of conductthat individuals use in maing choices andguiding their behavior in situations that
involve the concepts of right and wrong! business ethics involves "nding the
answers to two #uestions$ %1& How domanagers decide what is right in
conducting their business' and %2& (ncemanagers have recogni)ed what is right*how do the+ achieve it'
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
4/44
Ethical issues in business can bedivided into four areas$ %table 12!1& e#uit+*
rights*
Honest+*
the e,ercise of corporate power
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
5/44
Ethical guidance
Proportionality. The beneft rom a decision mustoutweigh the risks. Furthermore, there must be noalternative decision that provides the same orgreater bene"t with less ris!
Justice. The benefts o the decision should bedistributed airly to those who share the riss!
Those who do not bene"t should not carr+ theburden of ris!
Minimize risk. Even i judged acceptable by theprinciples, the decision should be implemented soas to minimi)e all of the riss and avoid an+unnecessar+ riss
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
6/44
Computer ethics is the anal+sis ofthe nature and social impact ofcomputer technolog+ and the
corresponding formulation and.usti"cation of policies for the ethicaluse of such technolog+/! 0This
includes concerns about software aswell as hardware and concerns aboutnetwors connecting computers as
well as computers themselves
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
7/44
three levels of computer ethics$ pop* para* andtheoretical! Pop computer ethics is simpl+ the e,posure to stories
and reports found in the popular media regarding the
good or bad rami"cations of computer technolog+ Para computer ethics involves taing a real interest in
computer ethics cases and ac#uiring some level of silland nowledge in the "eld
theoretical computer ethics* is of interest tomultidisciplinar+ researchers who appl+ the theories ofphilosoph+* sociolog+* and ps+cholog+ to computerscience with the goal of bringing some newunderstanding to the "eld
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
8/44
A ew Problem or 3ust a ew Twiston an (ld Problem'
Privac+
4ecurit+ %Accurac+ and Con"dentialit+&
(wnership of Propert+
E#uit+ in Access
Environmental 5ssues
Arti"cial 5ntelligence 6nemplo+ment and 7isplacement
8isuse of Computers
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
9/44
4ection 9:;cers
4ection 9:; of 4(? re#uires publiccompanies to disclose to the 4ECwhether the+ have adopted a code of
ethics that applies to theorgani)ation@s CE(* C=(* controller*or persons performing similar
functions
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
10/44
Conficts o Interest. The companys code oethics should outline procedures or dealingwith actual or apparent conicts of interestbetween personal and professionalrelationships
Full and Fair Disclosures. This provisionstates that the organiation should provide full*
fair* accurate* timel+* and understandabledisclosures in the documents* reports* and"nancial statements that it submits to the 4ECand to the public
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
11/44
Legal Compliance. !odes o ethicsshould re"uire employees to ollowapplicable governmental laws* rules*
and regulations
Internal Reporting o Codeiolations. The code o ethics must
provide a mechanism to permitprompt internal reporting of ethicsviolations to encourage and
protect whistleblowers
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
12/44
!ccounta"ility.#n e$ective ethicsprogram must take appropriateaction when code violations occur
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
13/44
FRAUD ANDACCOUNTANTS
The passage of 4(? has had atremendous impact on the e,ternalauditor@s responsibilities for fraud
detection during a "nancial audit! 5tre#uires the auditor to test controlsspeci"call+ intended to prevent or
detect fraud liel+ to result in amaterial misstatement of the"nancial statements
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
14/44
Frau denotes a false representationof a material fact made b+ one part+to another part+ with the intent to
deceive and induce the other part+to .usti"abl+ rel+ on the fact to his orher detriment
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
15/44
!" Fa#se representation"There must be a falsestatement or a nondisclosure!
$" %ateria# &act"A fact must be a substantialfactor in inducing someone to act!
'" Intent"There must be the intent to deceive orthe nowledge that one@s statement isfalse!
(" )usti*ab#e re#iance"The misrepresentationmust have been a substantial factor on which thein.ured part+ relied!
+" Inur- or #oss"The deception must havecaused in.ur+ or loss to the victim of the fraud
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
16/44
Emp#o-ee &rau, or &rau b- nonmana.ement emp#o-ees, is generall+designed to directl+ convert cash or other
assets to the emplo+ee@s personal bene"t Emplo+ee fraud usuall+ involves three
steps$ %1& stealing something of value %anasset&*
%2& converting the asset to a usable form%cash&* and
%B& concealing the crime to avoid detection
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
17/44
%ana.ement &rau is more insidious than emplo+eefraud because it often escapes detection until theorgani)ation has suered irreparable damage or loss
The fraud is perpetrated at levels of management
above the one to which internal control structuresgenerall+ relate!
The fraud fre#uentl+ involves using the "nancialstatements to create an illusion that an entit+ ishealthier and more prosperous than* in fact* it is!
5f the fraud involves misappropriation of assets* itfre#uentl+ is shrouded in a ma)e of comple, businesstransactions* often involving related third parties
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
18/44
The Frau Trian.#e
%&' situational pressure, which includespersonal or job(related stresses that couldcoerce an individual to act dishonestl+D
%2& opportunity, which involves directaccess to assets and)or access toinormation that controls assets* andD
%B& ethics, which pertains to onescharacter and degree o moral oppositionto acts o dishonest+
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
19/44
Financia# Losses &romFrau
Association o& Certi*e Frau E/aminers 0ACFE1 in2:: estimates losses from fraud and abuse to be Fpercent of annual revenues
The actual cost of fraud is* however* di>cult to #uantif+ for
a number of reasons$ %1& not all fraud is detectedD
%2& of that detected* not all is reportedD
%B& in man+ fraud cases* incomplete information isgatheredD
%9& information is not properl+ distributed to managementor law enforcement authoritiesD and
%G& too often* business organi)ations decide to tae no civilor criminal action against the perpetrator%s& of fraud!
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
20/44
The 2erpetrators o&Fraus
=raud osses b+ Position within the(rgani)ation
=raud osses and the Collusion Eect
=raud osses b+ Iender
=raud osses b+ Age
=raud osses b+ Education
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
21/44
Frau Schemes
=raudulent 4tatements
Corruption
Asset misappropriation
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
22/44
#$e %nderlying Pro"lems oFraudulent &tatement' *ack o auditor independence
*ack o director independence
+uestionable eecutive compensationschemes
-nappropriate accounting practices
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
23/44
&ar"anes()*ley !ct andFraud
%1& the creation of an accountingoversight board*
%2& auditor independence*
%B& corporate governance andresponsibilit+*
%9& disclosure re#uirements* and
%G& penalties for fraud and otherviolations
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
24/44
Corruption
Briber- in3o#3es giving* oering*soliciting* or receiving things of valueto inuence an o>cial in the
performance of his or her lawfulduties
i##e.a# .ratuit- involves giving*
receiving* oering* or solicitingsomething of value because of ano>cial act that has been taen
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
25/44
con4ict o& interest occurs when anemplo+ee acts on behalf of a thirdpart+ during the discharge of his or
her duties or has self-interest in theactivit+ being performed
Economic e/tortion is the use %or
threat& of force %including economicsanctions& b+ an individual ororgani)ation to obtain something of
value!
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
26/44
Asset 8isappropriation
S5immin. involves stealing cash from anorgani)ation before it is recorded on theorgani)ation@s boos and records
mai#room &rau,where an emplo+ee openingthe mail steals a customer@s chec anddestro+s the associated remittance advice
Cash #arcen- involves schemes where
cash receipts are stolen from anorgani)ation after the+ have been recordedin the organi)ation@s boos and records
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
27/44
Bi##in. schemes, a#so 5no6n as3enor &rau, are perpetrated b+emplo+ees who cause their emplo+er
to issue a pa+ment to a false supplieror vendor b+ submitting invoices for"ctitious goods or services* inated
invoices* or invoices for personalpurchases
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
28/44
Chec5 tamperin. involves forging orchanging in some material wa+ a chec thatthe organi)ation has written to a legitimatepa+ee
2a-ro## &rau is the distribution of fraudulentpa+checs to e,istent andJor none,istentemplo+ees
E/pense reimbursement &raus areschemes in which an emplo+ee maes a claimfor reimbursement of "ctitious or inatedbusiness e,penses
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
29/44
The&ts o& cash are schemes thatinvolve the direct theft of cash onhand in the organi)ation
Non cash &rau schemesinvolvethe theft or misuse of the victimorgani)ation@s non cash assets
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
30/44
Computer =raud
The theft* misuse* or misappropriation of assetsb+ altering computer-readable records and "les!
The theft* misuse* or misappropriation of assetsb+ altering the logic of computer software!
The theft or illegal use of computer-readableinformation!
The theft* corruption* illegal cop+ing* or
intentional destruction of computer software! The theft* misuse* or misappropriation of
computer hardware!
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
31/44
=raud techni#ues
%as7uerain. involves a perpetrator gaining access tothe s+stem from a remote site b+ pretending to be an
authori)ed user! This usuall+ re#uires "rst gainingauthori)ed access to a password!
2i..-bac5in. is a techni#ue in which the perpetrator ata remote site tapsinto the telecommunications lines andlatches onto an authori)ed user who is logging into thes+stem! (nce in the s+stem* the perpetrator can
mas#uerade as the authori)ed user! Hacing ma+ involve
pigg+bacing or mas#uerading techni#ues! Hac5ers are distinguished from other computer
criminals because their motives are not usuall+ todefraud for "nancial gain
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
32/44
2ro.ram &rau inc#ues the&o##o6in. techni7ues8
%1& creating illegal programs that can
access data "les to alter* delete* orinsert values into accounting recordsD
%2& destro+ing or corrupting a program@s
logic using a computer virusD or%B& altering program logic to cause theapplication to process data incorrectl+
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
33/44
Operations &rau is the misuse ortheft of the "rm@s computerresources! This often involves using
the computer to conduct personalbusiness
Database mana.ement &rau
includes altering* deleting*corrupting* destro+ing* or stealing anorgani)ation@s data
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
34/44
Regardless of ph+sical form* usefulinformation has the followingcharacteristics$ re#e3ance,
time#iness,
accurac-,
comp#eteness, an summari9ation"
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
35/44
sca3en.in. involves searchingthrough the trash cans of thecomputer center for discarded output
ea3esroppin. involves listening tooutput transmissions overtelecommunications lines
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
36/44
4A4 o! KK* !onsideration o Fraud in a Financial tatement#udit, which pertains to the ollowing areas of a "nancialaudit$
!" Description an characteristics o& &rau
$" 2ro&essiona# s5epticism
'" En.a.ement personne# iscussion
(" Obtainin. auit e3ience an in&ormation
+" Ienti&-in. ris5s
:" Assessin. the ienti*e ris5s
;" Responin. to the assessment" Documentin. consieration o& &rau
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
37/44
Frauu#ent Financia#Reportin.
/anagements characteristics andin0uence over the controlenvironment
-ndustry conditions
1perating characteristics andfnancial stability.
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
38/44
5n the case of "nancial fraud %managementfraud&* e,ternal auditors should loo forthe following inds of common schemes$
L 5mproper revenue recognitionL 5mproper treatment of sales
L 5mproper asset valuation
L 5mproper deferral of costs and e,pensesL 5mproper recording of liabilities
L 5nade#uate disclosures
i i i &
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
39/44
%isappropriation o&Assets
usceptibility o assets to misappropriation.
!ontrols
E,amples of common schemes related to emplo+eetheft %asset misappropriation& include the following$
L Personal purchases
L Ihost emplo+ees
L =ictitious e,penses
L Altered pa+ee
L Theft of cash %or inventor+&
L apping
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
40/44
Auitor?s Response to Ris5Assessment
Engagement sta2ng and etent o supervision.Thenowledge* sill* and abilit+ of personnel assigned tothe engagement should be commensurate with theassessment of the level of ris of the engagement!
3roessional skepticism.E,ercising professionalsepticism involves maintaining an attitude thatincludes a #uestioning mind and critical assessmentof audit evidence!
4ature, timing, and etent o procedures perormed.=raud ris factors that have control implications ma+limit the auditor@s abilit+ to assess control ris belowthe ma,imum and thus reduce substantive testing
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
41/44
Response to Detecte%isstatements Due to Frau
Mhen the auditor has determined thatfraud e,ists but has had no materialeect on the "nancial statements* the
auditor should Refer the matter to an appropriate level of
management at least one level abovethose involved!
Ne satis"ed that implications for otheraspects of the audit have been ade#uatel+considered!
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
42/44
Mhen the fraud has had a material eect onthe "nancial statements or the auditor isunable to evaluate its degree of materialit+*the auditor should
Consider the implications for other aspects of theaudit!
7iscuss the matter with senior management andwith a board of director@s audit committee!
Attempt to determine whether the fraud is material! 4uggest that the client consult with legal counsel* if
appropriate
D t ti
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
43/44
DocumentationRe7uirements
Mhere ris factors are identi"ed* thedocumentation should include
%1& those ris factors identi"ed and
%2& the auditor@s response to them
FRAUD DETECTION
-
7/25/2019 Business Ethics, Fraud and Fraud Detection
44/44
FRAUD DETECTIONTECHNI@UES
To "nd the trail in the masses of data* theauditor "rst develops a fraud pro"leO thatidenti"es the data characteristics that onewould e,pect to "nd in a speci"c t+pe offraud scheme! This identi"cation re#uires anunderstanding of the enterprise@s processes
and internal controls %and their weanesses&!(nce the fraud pro"le is developed* AC canbe used to manipulate the organi)ation@sdata to search for transactions that "t thepro"le