Fraud Balance Sheet Manipulation Opportunistic infection bursts forth when greed meets possibility of deception. Overstating inventory: Fraudulently overstating inventory, companies overstate assets, Forensic Accounting which understate expenses. Overstate physical counts of inventory on hand. Mgt may Utilises accounting, auditing & investigative skills to conduct examination into double-count inventory on hand or include scrap, obsolete, damaged, or even sold goods finances of an individual/business. Used in fraud/embezzlement to explain that are not yet shipped. nature of financial crime in court. Analyse, interpret & summarise complex Failure to Record Asset Impairment: Companies are required to test their long-lived financial/biz matters. Compile financial evidence, develop computer assets, investments, or asset group for impairment & recognize impairment loss when the applications to manage the info collected & communicate their findings. FS carrying value of those assets or asset groups exceeds FV and is not recoverable. Types of Assignments Asset impairments can be problematic in weakening market conditions when asset 1. Asset tracing: Legal process of locating smth of value to indiv/cmpny that’s impairments are particularly challenging. misappropriated. Related to fraud or theft where victims lost assets due to Misstating Accounts Receivable: Fraudsters book bogus accounts receivable because unfortunate events such as scam, embezzlement or theft, and want to use this the fictitious sales do not generate real cash or real receivables. tool called asset tracing to initiate the asset recovery process. Restructurings and Big Baths: Incurred in connection with a business combination or a 2. Damage calculations: Loss of profits, earning capacity, damage to real and change in a company’s strategic plan or in response to declines in demand, increasing personal property & loss of value. Quantification is measurement of damages costs, or other factors. When times are very bad or a company has little or no chance of which result from harmful act. FA can quantify economic losses including meeting current-period stakeholder expectations, management may be tempted to clean insurance claims, fraud & embezzlement, personal injury, business disputes/ up additional items on the balance sheet. May include writing off many items as part of interruption, divorce & marital disputes, construction defects, environmental restructuring charges. Reduces future expenses & improves reported future earnings and damages, cyber-crime, product liability, patent, copyright infringement etc is known as a “Big Bath.” 3. Dispute resolution: Detailed analysis of accounting records to quantify Management Estimates: Vulnerable to manipulation as uncertainties exist in the issues in dispute. Mediation & arbitration are designed to resolve disputes underlying assumptions, and there exists an inherent information asymmetry between the with minimal disruption & in a timely fashion. FA could alert/guide in finding preparers of estimates and stakeholders. Management, who may be intent upon undisclosed liabilities & fraudulent transactions. deception, could take advantage of uncertainties to mislead investors. 4. Expert witness: Give Court or tribunal an impartial opinion on particular Improper Disclosures: Misrepresentations, intentional inaccuracies; or deliberate aspects of matters within his expertise which are in dispute, referred to as an omissions of information concerning changes in estimates, accounting policy changes, "expert opinion". Expert witnesses may deliver "expert evidence" within area and related-party transactions. of their expertise. Testimony may be rebutted by other experts/evidence/facts. Prevention of Corruption Act Forensic Accounting vs Fraud Examination - 2 core elements: the transaction was corrupt; and gratification was given/received. FA(how do we value): Broad discipline applying acct skills to legal matters, - a corrupt element in the transaction according to the ordinary and objective standard, past event, use financial info, produce info abt finance, use in judicial followed by the accused’s guilty knowledge that what he was doing was, by that proceedings (hsewife divorced,how much can claim even tho husb earn $) standard, corrupt. FE(breakdown of controls,prevent fraud): Focused on fraud, past/present/ - Both limbs must be fulfilled beyond reasonable doubt. future events, financial/non-fin info(cues during investigations), info abt - There is a presumption of corruption where it is proved that gratification has been given finance,ppl & actions, for use in biz/govt internal/private,judicial proceedings to Singapore public officials. IA vs FA vs FE (evidence gathering, acct skills, professional judgement) - The definition of “gratification” under the PCA is very broad and includes monies, gifts, IA(control deficiency)/EA(detect misstatements): Planning, risk assessment, loans, fees, rewards, commissions, valuable security and properties, and can also cover internal control, audit evidence, reporting “any other service, favour or advantage of any description whatsoever.” FE(detect fraud): Prevention/deterrence, detection, investigation, remediation Consequences of Bribery FA(quantify amt due to fraud/dispute): Accounting/legal matters (same as FE) - A person guilty of bribery of a public official under the key provisions of the PCA Types of Fraud in Accounting Cycles (Section 5 or Section 6) shall be liable on conviction to a fine not exceeding SGD 1. Sales and Collections/Receipts 100,000, or to imprisonment for a term not exceeding five years, or both. Theft of cash/other customer payments: - Certain offenses relating to government contracts or bribery of a member of a public - Unrecorded sales (provided service but didn’t record sales) body under certain circumstances, may result in a fine not exceeding SGD 100,000, or - Under-ringing of sales (collected $800 sales,recorded $500 in register) to imprisonment for a term not exceeding seven years, or both. - Lapping (diverting payment from one customer, and hiding theft by diverting - If a person is convicted for accepting any gratification in contravention of the PCA, the cash from another customer to offset the receivable from the first customer - court may also order him to pay a penalty equivalent to the amount of bribes he received usually crediting one a/c with receipts intended for a different a/c) as a fine. - Over-billing - The term “person” includes any company or association or body of persons, and as - Voiding sales (reverse the sales after customer paid) such, a company could accordingly face the consequences of bribery. - Issuing credit memos - Although the prosecutions for bribery offenses in Singapore to date have been at an - Adjusting (writing off) unpaid balances individual level, there is no legal impediment barring companies from being prosecuted - Skimming (divert payment or part of the payment to themselves while for a bribery offense. providing a product or service at no charge) Fraud Red Flags - Larceny (cash stolen after being recorded) Prevention & early detection of internal fraud always preferable to intervention after Theft of other assets: event. Once fraud become firmly established or entrenched within organisation, financial, - Inventory stolen by adding fictitious customers, orders, shipping add legal, reputational or regulatory ramifications will be considerably more severe. Effective Kickbacks to customers: method of prevention is pro-active identification of fraud red flags. - Under-bill customer for merchandise and split the difference (colluding) Inventory Shrinkage: Excessive inventory shrinkage may be an indicator of ongoing - Write off customer’s receivables as uncollectible for fees already paid by fraud. An auditor detect inventory shrinkage by looking at balance sheet, number of customer products in stock & those sold and comparing them with previous records and Front-end frauds: projections. Auditor may do unplanned stock-taking on random days to detect any - Breaches fiduciary duty to employer by directing customer to take their unusual characteristics. business elsewhere to competitors (indiv gain payment made by other biz) Red Flags in Cash/Accounts Receivable: Excessive number of voids, discounts & 2. Purchases and Payments (Disbursements) returns. Unauthorized bank accounts. Sudden activity in dormant banking accounts. - Set up shell companies (registered but no real activities) to receive goods Discrepancies between bank deposits & posting. Abnormal no. of expense items, through false invoices supplies, or reimbursement to employee. Presence of employee checks in petty cash for - Pay personal bills using company’s bank account employee in charge of petty cash. Excessive or unjustified cash transactions. Large - Procurement fraud (collusive employee-vendor scheme; bid-rigging number of write-offs of accounts. Bank accounts not reconciled on timely basis. suppliers/bidders agree among themselves to eliminate competition in the Red Flags in Purchasing/Inventory: Increasing number of complaints about products procurement process, thus deny the public a fair price) or service. Increase in purchasing inventory but no increase in sales. Abnormal inventory - Process unauthorised disbursement for purchases benefitting the individual shrinkage. Lack of physical security over assets/inventory. Charges without shipping - Overpay a legitimate vendor invoice and request check for overpayment documents. Payments to vendors who aren’t on an approved vendor list. High volume of amount for himself purchases from new vendors. Purchases that bypass normal procedures. Vendors 3. Personnel and Payroll without physical addresses. Vendor addresses matching employee addresses. Excess - Pay ghost employees (fictitious in system, doesn’t exist) inventory & inventory that is slow to turnover. Purchasing agents that pick up vendor - Pay terminated employees beyond termination date, divert pay-checks payments rather than have it mailed. - Overstate hours worked or expenses incurred for reimbursement Red Flags in Payroll: Inconsistent overtime hours for cost center. Overtime charged - False medical claim, improper vetting of job applicant (hiring fraudster by during slack period. Overtime charged for employees who normally would not have another fraudster) overtime wages. Budget variations for payroll by cost center. Employees with duplicate 4. Inventory and Warehousing CPF no., names, & addresses. Employees with few or no payroll deductions. - Order unnecessary/excess inventory and then steal for personal use Employee Red Flags - Outright theft of inventory Employee lifestyle changes: Expensive cars, jewelry, homes, clothes - Embezzlements (inventory not physically received at business but diverted Significant personal debt and credit problems on truck or shipped to an individual’s address) Behavioral changes: Indication of drugs, alcohol, gambling, or fear of losing job 5. Monthly Reconciliations and Reporting High employee turnover - To detect potential unauthorised/fraudulent transactions asap Refusal to take vacation or sick leave - Month end procedures start with bank recon and recording of standard Lack of segregation of duties in the vulnerable area monthly entries Management Red Flags - A/Cs are reconciled, activity posted, draft FR generated/reviewed Reluctance to provide info to auditors. Managers engage in frequent disputes with - Important to have segregation of duties auditors. Mgt decisions dominated by individual or small group. Managers display Financial Reporting Fraud significant disrespect for regulatory bodies. Weak IC environment. Accounting personnel 1. Fictitious sales: Straightforward and involve recording illegitimate or bogus are lax or inexperienced. Decentralization w/o adequate monitoring. Excessive no. of sales transactions. Fraudster create a ghost customer or use a legitimate checking accounts. Frequent changes in banking a/cs. Frequent changes in ext auditors. customer and falsify invoices without actually processing such invoices for Company assets sold under market value. Significant downsizing in healthy market. product or service delivery. Continuous rollover of loans. Excessive no. of year end transactions. High employee 2. Channel Stuffing: Deceptive practice of inflating sales through channel turnover rate. Unexpected overdrafts or declines in cash balances. Refusal by company distribution by supplying more products to distributors or retailers dealing with or division to use serial no. documents. Compensation program out of proportion. than they are able to send. (Trade loading) Financial transaction that doesn’t make sense. Photocopied or missing documents. 3. Bill-and-hold transactions: Artificially inflated company’s revenue by Behavior Red Flags inappropriately recording revenue from the sale to a wholesaler. Wholesaler Borrowing money from co-workers. Creditors or collectors appearing at the workplace. could return any unsold product back, thus assume all costs related to Gambling beyond ability to stand loss. Excessive drinking or other personal habits. Easily shipments both to and from the wholesaler. annoyed at reasonable questioning. Providing unreasonable responses to questions. 4. Round-tripping: Transactions involve simultaneous prearranged sales Refusing vacations or promotions for fear of detection. Bragging about significant new transactions, often of the same product, in order to create a false impression purchases. Carrying unusually large sums of money. Rewriting records under the guise of business activity and revenue. Company sells goods to another company of neatness in presentation. with an agreement (typically undisclosed) to buy back the goods at a future Procedural Red Flags time. Provides appearance of legitimate business activity. Employees making procedural or computer-system enquiries inconsistent or unrelated to 5. Manipulation of vendor rebates and allowances: Fees paid by vendors in normal duties. New employees with knowledge of industry procedures but no such exchange for marketing, promotions, and volume. Treated as income of the experience disclosed on CV. Prospective employees reluctant to provide full background receiving company and are recorded as earned when final products are sold. information or provide inaccurate or inconsistent information. Key managers with too 6. Manipulation of consignment sales: Manufacturer may sell product to much hands-on control. Insufficient oversight/audit applied. Unusual number of customer retailer who can return the product if it is unable to sell it. Revenue for the complaints. Customers or suppliers insisting on dealing with just 1 individual. Managers manufacturer would only be recognized if the item is actually sold by the avoid using purchasing department. Tendering to one supplier only or same suppliers. retailer. Selling arrangements are legitimate, but ripe for abuse since Lack of transparency. Poor engagement with corporate governance philosophy. Too susceptible to undisclosed sales conditions. The manufacturer and retailer much delegation by senior managers w/o proper review procedures. could negotiate the consignment sales with a side agreement that goes undocumented so that all deliveries to retailer could be considered sales, but because of the side agreement, retailer can return any unsold items. This would disallow manufacturer from recognizing revenue. 7. Delayed revenue recognition: Company delay revenue recognition, when earnings expectations & bonus targets have been met. May close the books early or not record current-period sales until next period to make it easier to meet future targets, to protect against negative future earnings, or provide illusion of consistent, positive, revenue streams (“income smoothing”). Expense Manipulation 1. Capitalisation of expenses: When assets or costs are held on the balance sheet, they are known as capitalized costs. When an expense is not moved to the income statement but is held on the balance sheet, it gives the appearance of a stronger bottom line. 2. Depreciation and Amortization: Should be allocated by systematic & rational procedures. Mgt judgment is required for determining the appropriate period of depreciation. By extending depreciation time frames, inflating salvage values, or aggressively capitalizing current-period expenses, mgt can increase current-period earnings. Effective GRC Framework Ethical, effective oversight & operations of business by BOD and mgt (governance) with an organization’s systematic approach in risk mgt, and ensure organization and its employees adhere to compliance. Strategic & holistic approach to rationalising risk mgt, controls, assurance structures, and processes with data management structures, supported by a strong corporate culture to deliver both high performance and compliance with relevant laws and regulations. Protect & enhance business value by fostering a risk-aware culture, support informed decision making, and address multiple compliance and assurance layers. Enhance operational efficiency by rationalizing risk management, controls, and assurance structures and processes, & intelligent use of IT and data management structures. Provide proactive & dynamic approach by enabling the organization to more quickly, consistently, and efficiently respond to challenges arising from evolving risk profiles and rapidly changing regulatory requirements. Support linkage to strategy by enabling organization to meet compliance objectives while improving performance through use of an integrated framework in support of strategic objectives. BOD Oversight of mgt and ensuring an ethical culture. Shapes the environment to deter fraud through the oversight of a company’s compensation, accounting, and ethics policies. Sets the “tone at the top” regarding what is acceptable conduct and what gets valued & rewarded at the company. Sets tone of compliance from BOD through senior management down through the ranks. Ensures that the pressure to achieve ambitious corporate goals is counter-balanced by an effective set of controls that remove opportunity to manipulate scorecard to get there. Be informed about major risk factors for fraud & bring appropriate level of independent thinking to all of its interactions with management. Asks probing questions of management & make sure company has robust set of systems designed to prevent fraud from occurring. Audit Committee Manage agency problem arising from the conflict of interests between shareholders and management. Addresses moral hazard faced by the board and shareholders arising from management having more information than them with regards to the financial performance and health of the company. Effective AC can help to ensure that FS of listed companies have integrity and are presented in a true and fair manner. Compliance, Legal and Internal Audit Functions Creating and maintaining a culture of ethics and integrity is also the responsibility of a variety of other individuals serving in various support functions. It is necessary for organizations to design and implement a compliance function infrastructure that includes staffing at both the headquarters level and at various field locations, because a compliance program should reach all employees. Organization’s legal function can help support the program by ensuring the availability of adequate legal advice and by assessing legal risks. The internal audit function can serve the compliance program’s aims by evaluating and providing feedback with respect to the design and operational effectiveness of programmatic elements. Key Attributes of an Effective Compliance Function Authority: Having in place the right level of authority for ethics & compliance program necessitates designating a high- level individual within the org to serve as a CCO, with overall responsibilities for ensuring employee compliance with laws, regulations, and company standards. Responsibility: CCO drive the overall design and implementation of the compliance function’s strategy, while working in tandem with others who have subject matter expertise in specific compliance risk areas. Competency: CCO & other compliance personnel should have adequate credentials, experience, and training, have a certain level of education, experience, professional training, and certification in a relevant compliance area. E.g. background in law, acc, finance, law enforcement, or HR. Understand vulnerabilities that give rise to fraud and misconduct and to “demonstrate knowledge of business operations enough to be able to speak the language of management” and “relate the standards of the organization in terms that will be meaningful to workers at all levels.” Objectivity: Maintain a level of objectivity & independence from others within the organization. Compliance personnel should report directly through compliance function and up to board. Avoids having their performance determined by those individuals the compliance staff is assigned to monitor. Legal Function An organization’s in-house attorneys, and the general counsel (GC), are indispensible participants in the process to prevent, detect, and respond to potential fraud and misconduct. In many org, such professionals are chiefly charged with ensuring availability of adequate legal advice to mgt & assessing and responding to legal risks. Similarities of Compliance and Internal Audit Functions Both operate with a degree of independence from mgt, which is designed to enable effective evaluation of operations. Both typically report to governing authority of organization, usually the BOD & AC. Both play a role in conducting and responding to risk assessments & helping the organization adapt to emerging risks. Many of the skills & competencies inherent within an internal audit are well suited for aspects of compliance administration, particularly in evaluative capacities. Some org have integrated compliance functions into their internal audit departments. Fraud Risk Management Assessing risk: Assess the needs of the organization based upon both the nature of fraud and misconduct risks and the adequacy of existing controls intended to mitigate that risk. Design: Develop controls to help prevent, detect, and respond to identified risks in a manner consistent with legal and regulatory criteria and other leading practices. Implementation: Deploy a process for implementing the new controls and assigning responsibility to individuals with the requisite level of authority, objectivity, and resources to support the process. Evaluation: Evaluate the design and operating effectiveness of controls through control self- assessment, substantive testing, routine monitoring, and separate evaluations Prevention: Risk Assessment Step-by-step process for identifying the quantitative and qualitative nature of potential integrity breakdowns. - Help organisations identify the pressure points and incentives that give rise to some of the most salient integrity-related risks for organizations and their stakeholders. - Provide a foundation upon which an appropriate response can be constructed to mitigate fraud and misconduct risk and help management avoid losses due to fraud and misconduct. Fraud Triangle Opportunity The opportunity for fraud is also affected by a company’s internal environment, which is largely influenced by the entity’s culture and the effectiveness of its internal controls. Strong controls can significantly limit possibilities for the manipulation of results or for fraudulent transactions. It is important to maintain a sharp focus on controls in both good and bad economic times. When results are strong and markets are up, there can be a tendency toward complacency, with diminished focus on internal controls and reduced scrutiny of results. Rationalisation in an environment of extreme pressure to meet corporate financial goals, members of management or other employees may conclude that they have no choice but to resort to fraud to save their own jobs or the jobs of others, or simply to keep the company alive “until the turnaround comes.” Pressure When pressure is transformed into an obsessive determination to achieve goals no matter what the cost, it becomes unbalanced and potentially destruc- tive. That is when individuals are most likely to resort to questionable activities that may lead to fraud. Case: Pressure: Perceived pressure by management to meet earnings target, management expectations to not hinder growth (as mentioned by CEO to acc and legal department) Opportunity: Complex business model leaves room for earnings manipulation or fraud, bribery opportunity in asia (need pay gov official to be able to expand business) Rationalisation: Management rationalises business circumstances is appropriate (CFO rationalise "leading companies have leading expectations" indicates acceptance of sales department pushing accounting department to meet sales target) and rationalising of bribery due to different regions customs in business (business in asia is conducted differently in US) Communication Important to foster a culture of inquiry so that board and audit committee members are not intimidated or discouraged from asking questions or challenging management or other board or committee members. Based on the case, AC doesn’t question or challenge the management pertaining to various issues such as business model, accounting treatment, lack of resources, bribes, effectiveness of internal controls. For Boards and Audit Committees (Board Meetings) 1. Confirm that all board and audit committee members have a strong understanding of the company’s business and its industry. Leverage outside training and consultants as necessary, with the objective of enabling all members of the board and audit committee to ask probing questions about strategy and operations. Audit committee members should also have a working understanding of financial reporting, even if they are not financial experts. 2. Ask questions of management, internal auditors, and external auditors to elicit potential concerns related to opportunities or incentives for financial reporting fraud. 3. Encourage open discussion, and assess non-verbal communications such as body language. 4. Actively oversee those aspects of the company’s strategy and risk management program that affect financial reporting, with a specific focus on risks that could potentially create incentives for financial reporting fraud. 5. Question management in depth about its program for managing fraud risk, focusing on areas where management has identified the greatest vulnerabilities, including the risk of management override of controls. Ask management to explain how those vulnerabilities are being addressed and consider utilizing internal audit to evaluate the effectiveness of management’s activities. 6. Routinely ask questions of management, internal auditors, and external auditors to elicit indications of potential concerns related to incentives or opportunities for financial reporting fraud. 7. Work to connect with the organization outside the boardroom. Seek opportunities to interact with managers, employees, vendors and customers to enhance knowledge of the company and possible risks of financial reporting fraud. For Internal Auditors 1. Suggest to the board and audit committee specific ways in which internal audit can provide support, with a particular focus on the risk of financial reporting fraud. 2. Take the lead role in assessing the company’s program to mitigate the risk of financial reporting fraud, and report annually to the audit committee on that assessment. 3. Establish a regular schedule of face-to-face meetings with senior management, the audit committee, and the external auditor to exchange insights and perspectives. Explore opportunities for the external auditor to leverage the work of internal audit. For External Auditors 1. Proactively promote opportunities for robust conversations between the external auditors and the audit committee on relevant matters, including the factors considered in the auditor’s assessment of fraud risk and the company’s approach to developing significant accounting estimates. Seek an executive session with the audit committee at all meetings to encourage candid conver- sation, even when there are no special concerns or significant issues to discuss. 2. Work with boards and audit committees to vary the nature and focus of their questions to management, internal auditors, and others such as key employees in order to extend the breadth and depth of the discussion and obtain an enhanced understanding of the business and the potential risks of financial reporting fraud. 3. Should follow up through emails.